+ Post New Thread
Results 1 to 2 of 2
Windows Thread, Regmon / Filemon in Technical; is there somethign simmilar for ports and what connects to internet, i have also been shown filemon/regmon enterpirse edtion which ...
  1. #1
    chrisredfield93's Avatar
    Join Date
    Feb 2009
    Thank Post
    Thanked 4 Times in 4 Posts
    Rep Power

    Regmon / Filemon

    is there somethign simmilar for ports and what connects to internet, i have also been shown filemon/regmon enterpirse edtion which is quite neat, wonder why sysinterals stoped this since this allowed remote monitering of other computers within networks, the new one they created im not impressed by it i rather seperate tools, but i have manage to find a site providing the source code for filemon and i think regmon but im not sure what used to create it or what version

    hope this will intrest some people

  2. #2

    Join Date
    Feb 2007
    51.403651, -0.515458
    Thank Post
    Thanked 2,967 Times in 2,182 Posts
    Rep Power
    Quote Originally Posted by chrisredfield93 View Post
    is there something similar for ports and what connects to Internet
    You know you can view TCP connections in Process Monitor?

    If you are only interested in viewing network activity, simply disable the event types you aren't intersted in (file-system, registry, process and profiling) by clicking the relevant buttons on the toolbar. From Vista onwards, you can also view TCP connections in Resource Monitor (under the Network tab). Other programs you might want to look at include Microsoft's TCPView, CurrPorts or Network TrafficView (both from NirSoft), WireShark and various PowerShell scripts which do more-or-less the same thing on both local and remote system e.g. Get-NetworkStatistics.

    Quote Originally Posted by chrisredfield93 View Post
    the new one they created I'm not impressed by it I rather separate tools
    There is a very good reason why you can no longer download FileMon and RegMon...

    Procmon was first released in 2006 and replaces Filemon and Regmon, two of the original Sysinternals tools. Filemon captured information about file system activity; Regmon did the same for the registry. Both tools suffered from diminishing performance as they collected more data, and their filtering capabilities were limited. In addition, a filter in effect during data collection caused filtered data never to be captured; a filter applied to collected data permanently deleted those records. Procmon was written from the ground up and provides a unified view of all file, registry, and process/thread activity (and more), capturing far more detail and scaling much better than Filemon and Regmon did, with much lower performance impact. Procmon also offers boot-time logging, nondestructive filtering, a log file format that retains all captured data, an API for injecting debug output into the capture, and much more. If you are still using Filemon and Regmon out of habit, stop! Filemon and Regmon remained on the Sysinternals site to support legacy systems that did not meet the minimum requirements for Procmon, but as those versions of Windows have long been out of support, Filemon and Regmon have been retired and are no longer available. (Source, p102)
    Personally, having Process Monitor do everything makes far more sense. I don't miss the old programs at all.

+ Post New Thread

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts