Tuesday 16 March 2004

Port Reporter

For Microsoft Junkies:

Port Reporter is a logging service for Windows that logs TCP/IP port usage data.

Port Reporter logs TCP and UDP port activity on a local Windows system. Port Reporter is a small application that runs as a service on Windows 2000, Windows XP, and Windows Server 2003.

On Windows XP and Windows Server 2003 this service is able to log which ports are used, which process is using the port, if the process is a service, which modules the process has loaded and which user account is running the process.

On Windows 2000 systems, this service is limited to logging which ports are used and when. In both cases the information that the service provides can be helpful for security purposes, troubleshooting scenarios, and profiling systems' port usage.

I didn't bother to download and play with this tool because, judging by the short synopsis offered by Microsoft, my Kerio Firewall already offers these functions (I am not really interested in the user account accessing my ports - I believe we are not talking about the System, Local Service Account etc here). In addition, I have a number of small utilities such as Process Explorer, TCP View and third-party logging tools which plug the reporting gaps left by Kerio and which I am quite happy with. Still, I suppose it's nice to have all these tools in one application.

Besides, I thought Microsoft were offering a beefier Firewall in Windows XP Service Pack 2? So wouldn't this Port Explorer be redundant? Or was it too late to include in Service Pack 2? I would think the functions offered by this Port Explorer are natural byproducts of a typical firewall? There isn't much information either on the Microsoft website of from the Microsoft bloggers to answer this question at the moment.