I guess the diehard security guru's use these tools.
Do you really need them all?

http://www.microsoft.com/technet/sysinternals/utilities/sysinternalssuite.mspx

Of course you don't need the whole set. Currently I use Process Monitor most of all.

It's a pity TDIMON is no longer supported. I still use it from time to time.
From the help file:

TDImon is an application that lets you monitor TCP and UDP activity on your local system. It is the most powerful tool available for tracking down network-related configuration problems and analyzing application network usage.

TDImon gets its name from the fact that it monitors activity at the Transport Driver Interface (TDI) level of networking operations in the operating system kernel. This is the interface to protocol stacks such as TCP and UDP. Thus, the I/O activity shown by TDImon corresponds to TDI-formatted commands. Most TDI commands have direct correspondence with WinSock (the Windows socket API) functions, and thus are easy to interpret.
Paul

Thanx for the tip. Sounds like a great tool. Will try

I guess the diehard security guru's use these tools.
Do you really need them all?

http://www.microsoft.com/technet/sysinternals/utilities/sysinternalssuite.mspx



I like it & myself didnt know that it existed!:D. I download a lot from microsoft download center & never heard of it. It is a great tool for analysis.:)