Solved

How can I determine which port a program is running on?

Posted on 2007-04-06
6
249 Views
Last Modified: 2010-04-18
How can I determine which port a program is running on?  I did a vulnerability scan on one of my servers and port 5250 is open.  This is a port used by various trojans.  I would like to see what program or service is using this port...........
0
Comment
Question by:gopher_49
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
6 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 125 total points
ID: 18863777
On a 2003 server, run the following command: netstat -ano.  This will give you the port# and the Process ID of the .exe or service that is using it.  You can then look in Task Manager to determine which process corresponds to that Process ID.
0
 
LVL 17

Assisted Solution

by:John Gates, CISSP
John Gates, CISSP earned 125 total points
ID: 18863778
You can use utilities here:

http://www.microsoft.com/technet/sysinternals/default.mspx

You will find all kinds of useful utilities here for troubleshooting.

-D-
0
 
LVL 17

Expert Comment

by:John Gates, CISSP
ID: 18863791
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 17

Expert Comment

by:John Gates, CISSP
ID: 18863808
netstat -ano will do that as well but the sysinternals utilities give you a graphical view if you are not a "Command Line" kind of person ;-)

-D-
0
 
LVL 17

Expert Comment

by:John Gates, CISSP
ID: 18863821
And i guess when you find a rouge process you could use:

TASKKILL /PID <program ID>
0
 

Author Comment

by:gopher_49
ID: 18863926
Thanks for both of your suggestions.  I used the 'netstat -ano' commmand some time ago, however, I forgot the syntax.  Also, I used the Sysinternals utilities in the past, however, it's been awhile.  This refreshed my memory and I'm now back on track.

Thanks!
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question