DelphiFAQ Home Search:
Windows
    Apache (4)
    File Types (33)
    Internet Explorer (6)
    Network (12)
    Passwords (6)
    Printing
    Processes (13)
    Programming (318)

 
Exchange Links
 
About this site

Links to us


Website Monitoring

 

 

 General :: Linux :: Network
Network setup and administration. Both from Windows and Linux angles.

Articles:

This list is sorted by recent document popularity (not total page views).
New documents will first appear at the bottom.
Featured Article

Determine which ports a specific process on Windows is using

Question:

I suspect that a newly installed application may be listening on some ports and act as a backdoor. How can I determine which ports a specific process on Windows is using?

Answer:

Windows does have the means to show you this. The following steps assume that your application is running on your computer and that you have Windows XP. Older Windows versions do not have all those tools e.g. the commandline task list tool and NETSTAT has not all the same parameters, but the steps are basically the same e.g. for Windows 2000.

The example inspects Yahoo Messenger (YPager.exe).


  1. Find out the process ID (PID) associated with your running application. You can use the task manager for that or from the command line:
    [c:\] tasklist | findstr YPager*

    This will show you the PID in the second column. (Try tasklist /fi "IMAGENAME eq YPager.exe" as an alternative; it will include the column headers.

  2. Now use the PID (in our example, it was 7200) and the NETSTAT tool.
    [c:\] netstat -ano | findstr 7200 
       TCP    0.0.0.0:4161           0.0.0.0:0              LISTENING     7200
   TCP    0.0.0.0:5101           0.0.0.0:0              LISTENING     7200
   TCP    192.168.0.9:4161       216.155.193.165:5050   ESTABLISHED   7200
   UDP    127.0.0.1:4172         *:*                                  7200
  3. This means Yahoo Messenger is listening on ports 4161 and 5101 for all addresses of this machine. It has an established connection with 216.155.193.165. To find out who is behind this 216.155.193.165, use NSLOOKUP:
    nslookup 216.155.193.165
    Name:    cs38.msg.dcn.yahoo.com
 Address:  216.155.193.165
    I guess that is ok. You could also have tried netstat -a which shows you all connections, and with the IP numbers already resolved to names. Don't try this on a PC where Peer-to-Peer software (P2P) like edonkey, Kazaa or WinMX is running. You'll have to wait *very* long if your P2P system works as designed. :-)


If you need to do this kind of analysis a lot, you may want to check out a handy tool like TCPView - Freeware from Systernals. http://www.sysinternals.com/ntw2k/source/tcpview.shtml


Generated 20:00:38 on Jun 26, 2017		Most recent comments
2017-06-26 19:49:41:
by anonymous
in Dating Scams
on Dating scammer New Scammers - Accra:
Don't let this bitch any of you. She tried me, She even went so far as to have her so called uncle call me and try and get my bank info so he could deposit money in there for us. so don't even get tak ... read more
2017-06-26 16:05:36:
by anonymous
in Dating Scams
on Gold digger Valeria Novitskaya from Ukraine:
I was in Odessa 2 weeks ago. I looked for Valeria i checked with an agency i used - they have not heard from her in years.
Lots of pretty women in Odessa .. met a few on my own through friends
read more
2017-06-26 15:00:30:
by anonymous
in Male Dating Scammers
on Dating scammer James Edwards :
This idiot showed up again on POF website and sent me a message with 2 different pictures asked me my name and I gave it to him, but instead of him being Frank Edwards he was JAY. And he went on to te ... read more
2017-06-26 13:10:47:
by anonymous
in Male Dating Scammers
on Dating scammer Jose Montoya:
This man is on page dating. As ... With the same story ... and same photos To alert the pages of appointments be alert to investigate and not allow their entre...
2017-06-26 12:43:54:
by Deneen
in Dating Scams
on Dating scammer Rhoda Naa from Accra, Ghana:
For the reason that the admin of this web site is working, no
uncertainty very soon it will be renowned, due to its quality contents.
2017-06-26 09:26:10:
by anonymous
in Finances
on Well-respected bank offering Payday loans:
Good day:
Do you need an urgent loan to solve your financial needs, we offer
ranging from $ 5,000.00 to $ 10,000,000.00 loan Max, we are reliable,
efficient, fast and dynamic, with 100% G ... read more
2017-06-26 02:26:26:
by [hidden]
in Dating Scams
on Dating scammer Esther Ansomaa from Accra, Ghana:
Yep, this Jenny Milroy is a well known stripper in South Miami..
2017-06-25 17:30:35:
by [hidden]
in Dating Scams
on Dating scammer mina nelson:
This one certainly fits the “how low can they go category' for online romance scammers. Turn back to the previous page. The pornstar 'True Tere aka Tera Wray' committed suicide more than a year ago, ... read more
2017-06-25 07:46:50:
by [hidden]
in Male Dating Scammers
on Dating scammer Sergeant Dylan Daniel:
Next letter will be:
Dearest,

Thanks for your lovely message, i want you to know that love is always
here to make our life full of smiles and happiness, this moment i
cherish your ... read more
2017-06-25 06:03:36:
by anonymous
in Dating Scams
on Dating scammer Nancy Milman from Accra, Ghana:
I get that in iran. He intrduce me by sylvia from jersy usa