RE: Too to find what .exe has a port open

Thu, 09 Apr 2009 11:42:28 -0700 

NETSTAT...I shoulda known

Netstat -ano shows nothing in that range.

Hey, if you have TCPView running when you also run a Nessus scan on same 
system...now that's funny right there...

Nessus shows nothing, TCPView shows nothing, NETSTAT shows nothing...only 
Languard shows something at those ports...

Dave

From: Michael B. Smith [mailto:[email protected]]
Sent: Thursday, April 09, 2009 11:23 AM
To: NT System Admin Issues
Subject: RE: Too to find what .exe has a port open

KISS

"netstat -ano". The "o" gives you the process owning the port, which you can 
use TaskList or Task Manager to find.

If it isn't in the list - you've been pwned. (probably)

________________________________
From: David Lum [[email protected]]
Sent: Thursday, April 09, 2009 2:22 PM
To: NT System Admin Issues
Subject: RE: Too to find what .exe has a port open
Perfect thanks!

Now I have something, or not...GFI Languard scanned a machine that says I have 
two KiLo ports open (6666,6667). TCPView shows nothing in that 
range....comments?

Dave

From: Jake Gardner [mailto:[email protected]]
Sent: Thursday, April 09, 2009 11:12 AM
To: NT System Admin Issues
Subject: RE: Too to find what .exe has a port open

TCPView from SysInternals

Thanks,

Jake Gardner
TTC Network Administrator
Ext. 246


________________________________
From: David Lum [mailto:[email protected]]
Sent: Thursday, April 09, 2009 2:09 PM
To: NT System Admin Issues
Subject: Too to find what .exe has a port open
I have tools that tell me WHAT port is open, but nothing to tell me what app 
has the port open. What do you guys use? (yes probably discussed here before...)
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764






***Teletronics Technology Corporation***
This e-mail is confidential and may also be privileged.? If you are not the 
addressee or authorized by the addressee to receive this e-mail, you may not 
disclose, copy, distribute, or use this e-mail. If you have received this 
e-mail in error, please notify the sender immediately by reply e-mail or by 
telephone at 267-352-2020 and destroy this message and any copies.?

Thank you.

*******************************************************************













~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Reply via email to