TCPView lets you monitor open TCP and UDP endpoints

TCPView is a Windows program for network administrators or for those who want to know about various open TCP Connections on their PC, if they suspect that some malware or spyware software to be eating up their sensitive information.TCPView displays full details of all TCP and UDP endpoints on your system, including the remote address and state of TCP connections; users can determine which process has binded on to various ports on a PC and the remote network addresses suspicious applications are accessing

When you start TCPView it will enumerate all active TCP and UDP endpoints, resolving all IP addresses to their domain name versions. You can use a toolbar button or menu item to toggle the display of resolved names. On Windows XP systems, TCPView shows the name of the process that owns each endpoint.

TCPView works with all versions of Windows and as I said it is a useful tool when trying to know more about your TCP and UDP connections. New endpoints are shown in green color, closings are shown in red and yellow means endpoint is changing.

You can close established TCP/IP connections (those labeled with a state of established) by selecting File|Close Connections, or by right-clicking on a connection and choosing Close Connections from the resulting context menu.

If you want to see who owns the domain registered for a remote address, select the item containing the name and choose Whois from the context menu or the File menu. You can also end a process by right clicking on it. If you want you can save TCPView's output window to a file using the Save menu item for future analysis.