Skip to content Skip to sidebar Skip to footer
Accueil / how to see what is using a port

how to see what is using a port

Enregistrer un commentaire

In some other commodity, we explained estimator ports and what they're used for. Other than that, what can we practice with port information? Since all traffic in and out of the computer goes through ports, nosotros can check on them to see what they're doing. Maybe the port isn't listening for traffic? Perchance something is using a port that shouldn't be?

We're going to employ the Windows command netstat to see our listening ports and PID (Process ID). Nosotros're also going to come across what we can do with that information.

What Is Netstat?

The netstat command is a combination of the words 'network' and 'statistics'. The netstat command works in all versions of Windows from Windows XP right up to Windows ten. Information technology's also used in other operating systems (Bone) like Unix and Linux, but we'll stick to Windows hither.

Netstat can provide us with:

  • The name of the protocol the port is using (TCP or UDP).
  • The local IP accost and proper name of the computer and the port number being used.
  • The IP address and port number to which nosotros're connecting.
  • The land of a TCP connexion. For details on what these states are, read the Event Processing section of RFC 793.

Using Netstat To See Listening Ports & PID

  • Apply the primal combination Win Key + X. In the menu that opens, select Control Prompt.
  • Enter the command <pre>netstat -a -n -o</pre>. The parameters for netstat are preceded with a hyphen, not a forward slash like many other commands. The -a tells it to bear witness us all active connections and the ports on which the figurer is listening.

    The -northward tells netstat to testify the IP addresses and ports every bit numbers only. We're telling it to non try to resolve the names. This makes for a quicker and neater brandish. The -o tells netstat to include the PID. We'll use the PID afterward to find out what process is using a specific port.

  • View the results and take note of the addresses, port numbers, state, and PID. Permit's say we want to know what's using port 63240. Annotation that its PID is 8552 and it's connecting to the IP address 172.217.12.138 on port 443.

What's Using That Port?

  • Open Task Manager. That'south about easily washed by using the central combination Ctrl + Shift + Esc.
  • Click on the Details tab. To brand this easier to find, click on the PID column header to sort the PIDs numerically.
  • Coil down to PID 8552 and see what process information technology is. In this case, it's googledrivesync.exe. But is it really? Sometimes viruses can make themselves look like legitimate processes.
  • In a spider web browser, go to ipinfo.io. Enter the IP address 172.217.12.138. Equally we tin can see, the IP accost is registered to Google. So this googledrivesync.exe is a legitimate one.

How To Get Port, PID, & Process Proper noun In PowerShell

PowerShell is Microsoft's newer way to utilize a command-line interface with Windows. Nosotros say newer, but information technology'south been around for several versions. You should acquire PowerShell fifty-fifty if y'all're a abode user.

Nigh Windows commands also work in PowerShell, plus we can combine them with PowerShell's cmdlets – pronounced command-lets. Joe at Winteltools.com provides the script for this method.

  • Open up Notepad and enter the following code:
$netstat = netstat -aon | Select-String -pattern "(TCP|UDP)" $processList = Go-Process  foreach ($result in $netstat) {    $splitArray = $event -split " "    $procID = $splitArray[$splitArray.length – one]    $processName = $processList | Where-Object {$_.id -eq $procID} |    select processname    $splitArray[$splitArray.length – 1] = $procID + " " +      $processName.processname    $splitArray -join " " }
  • Relieve the file as go-NetstatProcessName.ps1. Make certain to notation where it's being saved. It's important to change the Salve as type: to All Files (*.*) or information technology will get saved as get-NetstatProcessName.ps1.txt and it won't piece of work for us.
  • Open PowerShell and navigate to the location in which the script was saved. In this case, it's <pre>cd C:\Scripts</pre>. Hit Enter to run the command.
  • Run the script using dot-sourcing to make information technology piece of work. That means use ./ earlier the proper noun of the file. The command volition be <pre>./go-NetstatProcessName.ps1</pre>
  • At present we can come across all the traditional netstat info plus the process name. No need to open up Task Managing director anymore.

Become Get Them

Nosotros've covered two ways to use the netstat command to see listening ports. It tin can be used either in the old Control Prompt or within a PowerShell script. With the information it tin can give u.s.a., nosotros've looked at how information technology can help us effigy out what our computer is doing.

If you thought netstat is a keen utility, accept a expect at some other Windows TCP/IP utilities similar tracert, ipconfig, and nslookup. Or apply Resource Monitor to get a meliorate look into hidden website and Net connections. There is a lot you can practise to come across exactly what your computer is doing.

Have you used netstat to solve a problem? Please tell us what you did. Any questions about how to use netstat? Please ask us in the comments below.

Do not share my Personal Information.

carnellthalow.blogspot.com

Source: https://helpdeskgeek.com/how-to/use-netstat-to-see-listening-ports-and-pid-in-windows/

Enregistrer un commentaire for "how to see what is using a port"