📄 tdimon.htm
字号:
<i>TDImon</i> gets its name from the fact that it
monitors activity at the <i>Transport Driver Interface
</i>(TDI) level of networking operations in the
operating system kernel. This is the interface to
protocol stacks such as TCP and UDP. Thus, the I/O
activity shown by TDImon corresponds to TDI-formatted
commands. Most TDI commands have direct correspondence
with <b>WinSock</b> (the Windows socket API) functions,
and thus are easy to interpret. For documentation
on TDI and the commands shown in <i>TDImon</i>,
please see the <a href="http://www.microsoft.com/ddk">Windows
2000 DDK</a>, available for free download from Microsoft's
web site.
<p><i>TDImon</i> works on NT 4.0, Windows 2000 (Win2K),
Windows 95 and Windows 98.<br>
<br>
<img src="../../images/screenshots/tdimshot.gif" width="549" height="254">
</td>
</tr>
<tr>
<td colspan="3" height="40" valign="middle"><span class='sectionheader'>Installation
and Use</span></td>
</tr>
<tr>
<td valign="TOP" colspan="3">
<p>On Windows NT and Windows 2000, simply execute
the <i>TDImon</i> program file (tdimon.exe) and
<i>TDImon</i> will immediately start capturing
TCP/IP activity. To run <i>TDImon</i> on Windows
95 you must get the <a
href="http://www.microsoft.com/windows95/downloads/contents/wuadmintools/s_wunetworkingtools/w95sockets2/default.asp?site=95">WinSock2
update</a> from Microsoft. Note that if you run
<i>TDImon</i> on Windows NT/2000 TDImon.exe must
be located on a non-network drive and you must
have administrative privilege. On Windows NT and
Windows 2000 <i>TDImon</i> will only show remote
addressed for endpoints opened after it has started.
However, if you purchase and install <i>TCPView
Pro</i> from <a href="http://www.winternals.com">Winternals
Software</a>, the <i>TDImon</i> driver, which
is shared between <i>TCPView Pro</i> and <i>TDImon</i>,
is installed at boot time so that you see all
remote addresses. </p>
<p>On Windows 95 and Windows 98 <i>TDImon</i> must
install its driver and requires a reboot to activate.
To uninstall the <i>TDImon</i> driver, use the
File|Uninstall menu entry. </p>
<p>As events are printed to the output, they are
tagged with a sequence number. If your system
generates TCP/IP activity faster than <i>TDImon</i>
is capable of collecting and displaying, gaps
in the sequence numbers may result. All TDI operations
are asynchronous in nature, and if an operation
finishes after other operations are initiated,
the sequence number of the completion is shown
in the Result column in the form "<i>Status
Code-Completion Sequence #</i>". For example,
if an operation begins at sequence number 1, and
another operation (tagged with sequence 2) initiates
and completes before the first operation's completion,
the first operation will show "SUCCESS-3"
in its Result column.</p>
<p> Menus, hot-keys, or toolbar buttons can be used
to clear the window, save the monitored data to
a file, search output, and change the window font.
Each time you exit TDImon it remembers the position
of the window, the widths of the output columns,
the font selection, configured filters, and the
time-stamp mode. </p>
<p><font color="#FF0000">Note: Filtering and highlighting
are enable only if you have the full (retail)
version of <i>TCPView Pro</i> installed on your
system. See below for information on ordering
<i>TCPView Pro</i>.</font><br><br>
</td>
</tr>
<tr>
<td height="40" colspan="3" valign="middle"><a href="http://www.winternals.com/products/monitoringtools/tcpviewpro.shtml"><img src="../../images/WinProd.gif" width="87" height="29" border="0"></a></td>
</tr>
<tr>
<td colspan="3" valign="TOP"> If you want a more user-friendly
view of TCP and UDP activity, including automatic
DNS name resolution, a static view showing existing
endpoints, and more, please see <i>TCPView Pro</i>.
<i>TCPView Pro</i> is only $69 and available for
purchas online with download through <a
href="http://www.winternals.com/products/monitoringtools/tcpviewpro.shtml">Winternals
Software</a>.<br>
<table width="100%" border="0" cellspacing="2">
<tr>
<td colspan="3" height="40" valign="middle"><span class='sectionheader'>Related
Utilities </span></td>
</tr>
<tr>
<td valign="TOP" colspan="3"> Here are some
other monitoring tools available at Sysinternals:
<ul>
<li><a href="../../ntw2k/source/regmon.shtml">Regmon</a>
- a Registry monitor</li>
<li><a
href="../../ntw2k/freeware/portmon.shtml">Portmon</a> - a serial and parallel port
monitor</li>
<li><a href="../../ntw2k/source/filemon.shtml">Filemon</a>
- a file system monitor</li>
<li><a href="../../ntw2k/freeware/pmon.shtml">PMon</a>
- a process and thread monitor (NT/Win2K)</li>
<li><a href="../../ntw2k/freeware/diskmon.shtml">Diskmon</a>
- a hard disk monitor (NT/Win2K)</li>
<li><a href="../../ntw2k/freeware/debugview.shtml">DebugView/EE</a>
- a debug output monitor</li>
</ul>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td colspan="3" height="40" valign="middle" align="center">
<p><br><br><br>
<b>In order to help us track its use, please download
through the link that represents<br> the operating
system on
which you will use or mostly use <i>TDImon</i>.
<br>
Note that the zip files are identical, and <i>TDImon</i>
runs on either platform.</b></p>
<p><a href="../../files/tdimon98.zip"><b>Download TDImon
(95KB) - you plan on using TDImon on Win9x</b></a></p>
<p><a href="../../files/tdimonnt.zip"><b>Download TDImon
(95KB) - you plan on using TDImon on WinNT</b><font
face="arial"><b></b></font></a></p>
<a href="#top"><b>Back to Top</b></a> </td>
</tr>
</table>
</td>
</tr>
</table>
</TD>
</TR>
</TABLE>
<!-- #EndEditable --></td>
</tr>
</table>
</td>
</tr>
</table>
</body>
<!-- #EndTemplate --></html>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -