by ·Comments Off on How to check if your computer is being monitored (command line – No software)
Active Connections

 

Figuring out whether your machine is continuously observed can be a test, contingent upon the checking method’s level of refinement. Older machines used to run slowly while being observed, however present day machines have enough power to make observing unclear. Checking for observing fittings and programming is a methodology of end and not secure.

 

So we will resort to a more foolproof mechanism of determining if someone is connected to your system and you have not authorized that connection.

 

Open the Run Window by either pressing Windows + R or typing Run in the Start Menu of Windows and type cmd

Run

Run

 

Now type the command netstat -ano. 

netstat

netstat

 

netstat (network statistics) is a command-line tool that displays network connections (both incoming and outgoing), routing tables, and a number of network interface (network interface controller or software-defined network interface) and network protocol statistics.

-a –> Displays all the network connections along with all the TCP and UDP ports on which your computer is listening

-n –> Displays active TCP connections, however, addresses and port numbers are expressed numerically and no attempt is made to determine names.

-o –> Displays active TCP connections and includes the process ID (PID) for each connection. You can find the application based on the PID on the Processes tab in Windows Task Manager. This parameter can be combined with -a, -n, and -p.

(Source – Wikipedia)

 

When you hit enter you would end up seeing something like below.

03netstat

So the established connections are the ones which you should verify if those are the ones you made or were made automatically or are unauthorized. So to see who is connected you your system, open the task manger and move to the Details tab and look for the PID for that connection. In our case it is 5372 and we see that this is the Process ID fr google chrome.

Task Manager - Process Details

Task Manager – Process Details

But if it is not one of the processes that you expected you could simple right and end it or find more details about it like

  • End Task
  • End Process Tree
  • Opening the file location
  • Searching it online
  • Check its properties
  • Navigate to its services
PID Actions

PID Actions

This way you would able to exactly figure out the process the process or exe that is running on your system and figure out if that’s one of your intended connection or not.

Any questions, comments or feedback are most welcome.