netps v1.0 (command-line tool)

The execution of a command is known as a process. All multi-user operating systems have to run more than one process at the same time. netps is a unix-like process listing command ps, from Net-Square that provides you with detailed information about active processes. netps is part of the Net-Square suite of tools and will work on the Windows family of products.




netps uses include -


  • Retrieving a process' handle, thread and module information

  • Retrieving a process' md5 hashes

  • Retrieving the parent PID of a process

  • Saving the results in XML or HTML formats



  • Installation

    Just copy netps onto your executable path. Executing "netps" with no command line options displays usage syntax.




    Usage

    The syntax is straightforward and easy to learn.




    Usage : netps [options..]

    -f Dump a full listing for all processes

    -P < pid >Dump information for process ID pid

    -m Dump module information

    -H Dump handle information

    -t Dump thread information

    -p Show a process' parent PID

    -md5 < file > Show a process' calculated MD5 hash

    -sp < file > Sort results by PID

    -spp Sort results by oparent PID

    -sn < file > Sort results by process name

    -ox < file > Dump results in XML format

    -oh < file > Dump results in HTML format

    -?/-h Displays this message

    Arguments supplied to netps are case sensitive.







    Examples

    To obtain a complete listing of all processes, type


    netps -f


    To generate an md5 hash for each running process


    netps -md5


    This retrieves process information for a process with PID 195


    netps -P 195


    Operating Systems supported:

    netps has been tested on Windows NT 4.0 Server, Windows NT 4.0 workstation, Windows 2000, Windows XP and Windows 2003.


    netps is included in a command-line toolkit named NSTools from Net-Square, that aid in the administration and audit of remote Windows NT/2K/XP/2003 systems.