Cpt.Whale

Asked: 2019-10-24 10:18:03 +0800 CST2019-10-24 10:18:03 +0800 CST 2019-10-24 10:18:03 +0800 CST

Monitoring unique clients connecting to windows server

I need to see what other applications or servers are connecting to my server, and log them over time.

I only want to grab source/destination IP and ports, and use them to build a list of hosts using this server over time. I've tried a couple different tools for this:

Netstat: If a client connection is short, netstat output doesn't catch it.
Procmon: More resource intensive, and doesn't seem to catch incoming SMB connections (maybe I'm doing something wrong here, it catches everything else)
Wireshark: I'm not sure what a good filter to use is. It collects so much data that it gets out of control quickly - I will need to monitor for a few weeks.

Any recommendations on a lightweight tool that will handle this?

Monitoring unique clients connecting to windows server

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

Monitoring unique clients connecting to windows server

0 Answers