Windows 10 Identifying which application is generating ICMP Traffic

A

amane

New Member
Joined
Apr 7, 2018
Messages
5
Hello All,

We are observing lots of ICMP traffic from a windows system. However, we are not able to identify which application is generating this traffic.

We tried to check by using "netstat -abn" however, it shows only TCP and UDP traffic, but not ICMP.

Is there any feature or utility in windows that can tell us which application is causing this?

Thanks in advance.
Ameer Mane

Sent from my Moto G (4) using Tapatalk
 
Solution
There's nothing I'm aware of that will give you this kind of information. I experimented with netsh trace and firewall audit logging. I think at best you will have to run procmon and look for calls to ping.exe and do a little research to ID dot net api calls to programmatically send out ICMP packets.
Sort by date Sort by votes
There's nothing I'm aware of that will give you this kind of information. I experimented with netsh trace and firewall audit logging. I think at best you will have to run procmon and look for calls to ping.exe and do a little research to ID dot net api calls to programmatically send out ICMP packets.
 
Upvote 1 Downvote
Solution
Hello Neemobeer,

Thanks for update. I will look for procmon as I have not explored it yet. I will try it and will let you know.

Regards,
Ameer Mane

Sent from my Moto G (4) using Tapatalk
 
Upvote 0 Downvote
You must log in or register to reply here.