?
Solved

How can I find out what is running on port 80?

Posted on 2000-05-15
6
Medium Priority
?
237 Views
Last Modified: 2013-12-19
I have a piece of software that is not working correctly because something is using port 80 on my system (NT 4).  How can I find out *exactly* what is using port 80?  This question has been asked and answered previously in this section;  I know I can search my host files for what processes are supposed to run on which port, and the port scanner software recommended in previous answers to this question don't help.  Maybe I should kill all running processes in my task manager?  Help!
0
Comment
Question by:posconsultant
6 Comments
 
LVL 6

Expert Comment

by:Zoplax
ID: 2810892
You can try using an app called @Guard (AT-guard).

When you activate its firewall component, the app will notify you when any app tries to access a network port.  It'll give you the name of the executable and the port number it's trying to access.
0
 
LVL 4

Expert Comment

by:wlaarhov
ID: 2812237
If you use Netstat -n on the machine that you at least see if it is used and what state the port has.
You are right, in c:\winnt\system32\drivers\etc there is a file called services but it is only an information file, no further use.

Installing jet another application to the system pure to see what port is used realy makes no sense.

net you use the Netstat -n command and indeed slowly stop services on the system you can figure out what is using the port without further installations of software.

I find the question however interesting, because if there is a tool (prefer commandline) that could tell right away the status and use of a port it would be easy to monitor e.g. web and ftp servers.
So I will look some further to see if I can find anything.

At least I hope this helps some.

greetings
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 2816656
Difficult..
Once a session is established on port 80 it's passed up to a higher level port.
You could certainly track down which machine these requests are coming from, but as the application layer is 'invisible' to routers, packet sniffers and the likes, you're not going to be able to find out which application is making these calls.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Expert Comment

by:WindSong
ID: 2817560
Emmm..
I think you can try this tool to find out which process use the port.
http://www.ntsecurity.nu/toolbox/inzider/

This is an example on my computer:

Checked C:\WINNT\System32\internat.exe (PID=1208)
Checked C:\Program Files\Internet Explorer\IEXPLORE.EXE (PID=1304)
  Found UDP port  1037 bound at 127.0.0.1 by C:\Program Files\Internet Explorer\IEXPLORE.EXE (PID=1304) [UDP client]
Checked C:\WINNT\Explorer.exe (PID=1056)
Checked C:\Program Files\Internet Explorer\iexplore.exe (PID=1380)
  Found UDP port  1191 bound at 127.0.0.1 by C:\Program Files\Internet Explorer\iexplore.exe (PID=1380) [UDP client]
0
 

Accepted Solution

by:
WindSong earned 500 total points
ID: 2817561
Emmm..
I think you can try this tool to find out which process use the port.
http://www.ntsecurity.nu/toolbox/inzider/

This is an example on my computer:

Checked C:\WINNT\System32\internat.exe (PID=1208)
Checked C:\Program Files\Internet Explorer\IEXPLORE.EXE (PID=1304)
  Found UDP port  1037 bound at 127.0.0.1 by C:\Program Files\Internet Explorer\IEXPLORE.EXE (PID=1304) [UDP client]
Checked C:\WINNT\Explorer.exe (PID=1056)
Checked C:\Program Files\Internet Explorer\iexplore.exe (PID=1380)
  Found UDP port  1191 bound at 127.0.0.1 by C:\Program Files\Internet Explorer\iexplore.exe (PID=1380) [UDP client]
0
 

Author Comment

by:posconsultant
ID: 2817988
Thanks to all who answered!
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nslookup is a command line driven utility supplied as part of most Windows operating systems that can reveal information related to domain names and the Internet Protocol (IP) addresses associated with them. In simple terms, it is a tool that can …
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question