currports You probably know of the Windows command line tool netstats, which allows you to list all open TCP/IP ports. You can use it for troubleshooting or if you have the suspicion that a hacker or malware is trying to connect to the Internet. CurrPorts is for the same purpose, but it is a GUI tool, much more powerful than netstats, and more convenient to operate.

Latest posts by Michael Pietroforte (see all)

CurrPorts displays the following parameters for each connection: process name, process ID, protocol, local port, local port name, local address, remote address, remote port, remote host name, state (established, time wait, listening), process path (local file name), product name, file description (name of the program), file version, company, process created on, user name, process services, process attributes, and the time when the connection was added. It is also able to display the country name of the remote IP. For this, you have to download the country database file from here and copy it to the CurrPorts folder.

CurrPorts has several features that allow you to limit the items displayed. For example, you can restrict the output to listening connections or to connections that have no remote address. The advanced filter offers more options. It enables you to include a certain port range, IP range, or particular processes. It is also possible to exclude connections, which can be useful if you have to hunt down a hacker. In other words, you can filter out the regular connections and concentrate on the suspicious ones. Suspicious connections are those of programs with no version information or no icon. CurrPorts can mark them in pink.

If you’ve found a connection that definitely doesn’t belong, you can close it or terminate its process. It is also possible to mark multiple items and end their connections all at once.

CurrPorts is able to log all connection changes to a text file. The good thing is that the filter is not only applied to the display, but also to the log file. This enables you to log only those changes that interest you. You can also create HTML reports, but this works only for the screen output.

CurrPorts not only has more features than netstats, but it can also replace it because you can work with it on the command prompt, and can use it in scripts. This can be useful if you want to log open TCP/IP connections on multiple machines. Because CurrPorts is a stand-alone tool (i.e., it doesn’t have to be installed), you can easily deploy it to remote computers.

Subscribe to 4sysops newsletter!


  1. Keith 15 years ago

    Very slick tool! Looks like it will definitely come in handy when troubleshooting network connections on servers and clients.

  2. user 15 years ago

    How does it compare with Sysinternals TCPView for Windows?

Leave a reply

Your email address will not be published. Required fields are marked *


© 4sysops 2006 - 2023


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account