Ports->Process on Win NT/2k

From: R Pradeep Chandran (rpc@pobox.com)
Date: 09/25/02

Previous message: Sarbjit Singh Gill: "RE: IIS listens to port 80 on 0.0.0.0"
Next in thread: Arjen De Landgraaf: "RE: Ports->Process on Win NT/2k"
Reply: Arjen De Landgraaf: "RE: Ports->Process on Win NT/2k"
Reply: Francisco Bedolla: "Re: Ports->Process on Win NT/2k"
Reply: Chris Berry: "Re: Ports->Process on Win NT/2k"
Reply: Alexandros Papadopoulos: "Re: Ports->Process on Win NT/2k"
Reply: brossini@csc.com.au: "Re: Ports->Process on Win NT/2k"
Reply: Robert Sieber: "RE: Ports->Process on Win NT/2k"
Reply: Ivan Coric: "Re: Ports->Process on Win NT/2k"
Reply: baba ali: "Re: Ports->Process on Win NT/2k"
Reply: Nero, Nick: "RE: Ports->Process on Win NT/2k"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 25 Sep 2002 11:54:33 +0530
From: R Pradeep Chandran <rpc@pobox.com>
To: security-basics@securityfocus.com

Hi All,
Is there any utility which provides information on the owner(?)
of a socket on Win NT/2k? What I want, is to find out which process has
opened a socket on the machine. For example, if netstat shows that a
process is listening on port 80, I should be able to use this utility
and find out what that process is.
Hve a nice day,
Pradeep

-- 
Keep me away from the wisdom which does not cry, the philosophy which
does not laugh and the greatness which does not bow before children.
                  -Kahlil Gibran, mystic, poet and artist (1883-1931)
R Pradeep Chandran

Previous message: Sarbjit Singh Gill: "RE: IIS listens to port 80 on 0.0.0.0"
Next in thread: Arjen De Landgraaf: "RE: Ports->Process on Win NT/2k"
Reply: Arjen De Landgraaf: "RE: Ports->Process on Win NT/2k"
Reply: Francisco Bedolla: "Re: Ports->Process on Win NT/2k"
Reply: Chris Berry: "Re: Ports->Process on Win NT/2k"
Reply: Alexandros Papadopoulos: "Re: Ports->Process on Win NT/2k"
Reply: brossini@csc.com.au: "Re: Ports->Process on Win NT/2k"
Reply: Robert Sieber: "RE: Ports->Process on Win NT/2k"
Reply: Ivan Coric: "Re: Ports->Process on Win NT/2k"
Reply: baba ali: "Re: Ports->Process on Win NT/2k"
Reply: Nero, Nick: "RE: Ports->Process on Win NT/2k"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Program to display process information (especially sockets)
... > Probably the best you're going to get is the output of netstat -p. ... > This will tell you process names and numbers for each socket, ... Try lsof. ... Frank ...
(Debian-User)
Re: What triggers "No Buffer Space Available"?
... There are actually two "layers" associated with each socket -- the IPC object and the protocol control block. ... The behaviors of netstat and sockstat are quite different, even though the output is similar: netstat walks the protocol-layer connection lists and prints information about them. ...
(freebsd-stable)
Re: Socket connection issue
... It opens a socket connection to a process ... I copied the scripts over to another computer that's running IIS/PHP ... is not listening. ... Use netstat to see if your end point is listening on address 127.0.0.1, ...
(comp.lang.php)
Re: A connection that never closes
... That socket has been open for days. ... There is no traffic to and from that host, as far as I can tell. ... not yet managed to capture the packets used to establish the connection. ... netstat -ap ...
(comp.os.linux.networking)
Re: Correlating open sockets with processes
... I know I can use netstat to view open sockets on a machine and I know I can use ps to view processes running on a machine, but I'm not sure how to tie the two together. ... For example, if I see something running on socket 444, how do I find out what process opened/owns that socket? ... on Linux the -p option to netstat will include the process info in the list of each socket. ... I would mostly need this information for RH/CentOS Linux and Solaris 8/9/10. ...
(comp.unix.admin)