AATools Netmon Connections Table displays the list of your computer's outbound and inbound network connections, as well as the TCP or UDP ports in use (monitor TCP and UDP ports activity in real time), IP addresses of both parties (the local IP and the remote IP), and connection states.

Today there is no program, either anti virus nor anti trojan, that can detect unknown trojan horses. To secure your network, you may need to lock down applications that aren't required by any function you currently use. To do this effectively, you have to know what ports are available and what application is utilizing them. AATools Netmon Connections table displays the services that are active on all ports. Further, AATools Network Monitor maps the ports in use to their respective applications (this feature is available under Windows NT/2000/XP) providing a simple and easy solution to tracking application to port maps. This mapping is extremely useful while monitoring unwanted connections, investigating suspected trojans, viruses, and possible backdoors intrusions.

The results are shown as a table with the following columns - Protocol (TCP or UDP), Local IP (shows your address in the LAN if applicable), Local Port (which is used for the present connection), Remote IP ( IP address of the computer connected to you via LAN - if applicable), Remote Host Name (shows the resolved host name), Remote Port (which is used for the present connection), State. The following three columns will be shown on the Windows NT/2000/XP only: PID, Process, Path. You can have your information in the realtime. For this purpose you only need to specify the auto refresh period in ms or refresh connections list manually with the appropriate button.

The Protocol column shows the name of the protocol used by the connection, which can be either TCP (Transmission Control Protocol) or UDP (User Datagram Protocol). TCP connections are transient, they cease existing when (or soon after) the connection makes the transition to the closed state.

The Local IP column shows the local IP address and the Local Port column shows the local port for the TCP connection or UDP listener. The value 0.0.0.0 is used for the local IP address.

The Remote IP column shows the remote IP address and the Remote Port column shows the remote port associated with the TCP connection or UDP listener.

A connection progresses through a series of states during its lifetime. The states are: LISTEN, SYN-SENT, SYN-RECEIVED, ESTABLISHED, FIN-WAIT-1, FIN-WAIT-2, CLOSE-WAIT, CLOSING, LAST-ACK, TIME-WAIT, and the fictional state CLOSED. CLOSED is fictional because it represents the state when there is no TCB, and therefore, no connection.

The Status column shows the states of connection. Briefly the meanings of the states are:

Connections | Statistics | IP-Address | IP-Routing | Adapters/Interface | ARP