Security Basics mailing list archives
Re: How to find a process
From: Alcides <alcides.hercules () gmail com>
Date: Thu, 14 Jun 2007 15:51:24 +0530
Yes. There are several possible ways to know that which process or application is responsible for respective ports used to establish communication through TCP/IP stack of your operating system.
Just to mention a few here:1. TCPView : A Windows based program that will show you detailed listings of all TCP and UDP endpoints on your system, including the local and remote addresses and respective
2. Active ports: enables you to monitor all open TCP/IP and UDP ports on the local computer. Active Ports maps ports to the owning application so you can watch which process has opened which port. It also displays a local and remote IP address for each connection and allows you to terminate the owning process. Active Ports can help you to detect trojans and other malicious programs, as you have mentioned about the suspicious port (but are you sure this port is open on your system), this can certainly help you detect if something is really wrong.
Hope this will help a little. Cheers! Francisco Rodrigo Cortinas Maseda wrote:
Hello, my name is Fran, im a network and system administrator, and i have a strange case, but sure somenone have had the same problem before me. My problem is that we have some strange traffic on the firewalls, going from a server on a DMZ to public client pools. 10:09:10.511978 00:0e:0c:71:7f:cd > 10:00:00:00:26:01, ethertype IPv4 (0x0800), length 61: IP XXXXX.44267 > XXXXXX.3072: UDP, length 19 The problem is: with netstat i only see the ports daemons are listening on. I want to know the process that is using the outgoing port, that is, 44267. Is there a way to know this? Thanks in advance. Regards.
Current thread:
- Re: How to find a process, (continued)
- Re: How to find a process Ansgar -59cobalt- Wiechers (Jun 14)
- Re: How to find a process Matthias Merk (Jun 14)
- Re: How to find a process Pingu (Jun 14)
- Re: How to find a process Pranay Kanwar (Jun 14)
- RE: How to find a process Nichol.Deaddis (Jun 14)
- Re: How to find a process Tsu (Jun 14)
- RE: How to find a process M. Waseem Sindhu (Jun 14)
- Re: How to find a process Roman Shirokov (Jun 14)
- Re: How to find a process Ansgar -59cobalt- Wiechers (Jun 14)
- Re: How to find a process Manuel GarcĂa (Jun 14)
- Re: How to find a process Alcides (Jun 14)
- Re: How to find a process Justin Lintz (Jun 14)
- Re: How to find a process Joshua M. Miller (Jun 14)
- Re: How to find a process rmyster (Jun 15)
- Re: How to find a process levinson_k (Jun 14)
- RE: How to find a process Gressick, Michael (Jun 14)
- RE: How to find a process Dan Denton (Jun 14)
- RE: How to find a process Dan Denton (Jun 14)
- Re: How to find a process Ansgar -59cobalt- Wiechers (Jun 14)
- Re: How to find a process Michael Painter (Jun 14)
- Re: How to find a process Ned Kratzer (Jun 14)