Is there a way to return outgoing TCP connections?

Question

I have no idea where to start or what to work with so any advice helps. To be even more specific, is there anyway for python to read TCPView and return exactly what it sees?

Are you asking how to write a packet sniffer in Python? Use [scapy](https://scapy.net/) — Barmar, Oct 30 '20 at 18:42
I assume you are referring to tcpview.exe on windows. You can run it via `subprocess`. — tdelaney, Oct 30 '20 at 19:03

score 0 · Accepted Answer · answered Oct 30 '20 at 19:05

I think piggy-backing on Window's netstat would probably be the easiest solution:

from subprocess import run

def get_tcp_conns():
    result = run(["netstat", "-p", "TCP"], capture_output=True)
    return result.stdout

The major problem with this exact way though is netstat hangs for awhile, so it can take awhile to actually get output (like a minute +).

Taking inspiration from this answer, you could also do something like this to get live output:

from subprocess import Popen, PIPE
import sys

def get_tcp_conns():
    process = Popen(["netstat", "-p", "TCP"], stdout=PIPE)
    for line in iter(process.stdout.readline, b''):
        print(line)  # Do whatever here

Then after getting each line (connection), you'd need to do a little manual parsing to extract the data.

I'd show the example output, but that's potentially sensitive.

Is there a way to return outgoing TCP connections?

1 Answers1