Hi guys, it's just me lurking (always lurking, rarely posting). Anyway, one
can tell this forum is a lot of *nix and Cisco guys.
The built in WinXP utility netstat has had the -o and -b options for years
now. The former will show you the owning process id associated with a
connection and the latter will list the executable involved. Used to be you
had to use fport by sysinternals, but not any more.
Take care,
Mark
-----Original Message-----
From: firewall-wizards-bounces@listserv.icsalabs.com
[mailto:firewall-wizards-bounces@listserv.icsalabs.com] On Behalf Of Mattias
Ahnberg
Sent: Thursday, March 29, 2007 2:30 AM
To: Firewall Wizards Security Mailing List
Subject: Re: [fw-wiz] OT? New compromise.
J. Oquendo wrote:
>> program called openports which would run on the machine and relate any
>> LISTENING or ESTABLISHED ports to the actual file that has the port
>> open. This would then give you the service/process/program waiting for
>> traffic on that port.
> On Windows
> /c:\netstat -an |find /i "listening"/
>
> Why download when you can use existing tools...
Because that command does not let you know what application on
your local machine has the port bound?
There are tools like openports or the sysinternals set you may
use for that purpose, but to my knowledge there aren't any
built into Windows itself to do this.
--
/ahnberg.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
|