Security Basics mailing list archives
Re: How to find a process
From: "Jason Ross" <algorythm () gmail com>
Date: Wed, 13 Jun 2007 21:11:10 -0400
On 6/13/07, <francisco.cortinas () jazztel com> wrote:
The problem is: with netstat i only see the ports daemons are listening on. I want to know the process that is using the outgoing port, that is, 44267.
Netstat *should* be showing you any open ports, not just things that "daemons are listening on". Look for a line similar to this: udp 0 0 your.host.ip.addr:44267 their.host.ip.addr:19
Is there a way to know this?
You've not told us what OS you are using, which would be helpful in answering this question, but: If you are using Windows, you can use Process Explorer to attempt to get the information you are looking for. It can be found at http://www.microsoft.com/technet/sysinternals/utilities/ProcessExplorer.mspx and is free. If you are using Linux, you can use netstat itself to get this: # netstat -pan |grep udp |grep 19 Note that you will need to be root on the host for the -p option. The results are something like the following: udp 0 0 192.168.2.1:123 0.0.0.0:* 5047/ntpd The "5047/ntpd" is the PID and file name that has the port open. I'm not sure what your options are for Solaris and such these days, but it is likely there's something similar. -- jason
Current thread:
- How to find a process Francisco Rodrigo Cortinas Maseda (Jun 13)
- Re: How to find a process Jason Ross (Jun 14)
- Re: How to find a process Jason Ross (Jun 14)
- Re: How to find a process Shane Warner (Jun 14)
- RE: How to find a process Shortz, Alan (Jun 14)
- Re: How to find a process Nikhil Wagholikar (Jun 14)
- Re: How to find a process Ansgar -59cobalt- Wiechers (Jun 14)
- Re: How to find a process Matthias Merk (Jun 14)
- Re: How to find a process Pingu (Jun 14)
- Re: How to find a process Pranay Kanwar (Jun 14)
- RE: How to find a process Nichol.Deaddis (Jun 14)
- Re: How to find a process Tsu (Jun 14)
(Thread continues...)
- Re: How to find a process Jason Ross (Jun 14)