Google Answers: Who is using a given IP port right now?

View Question

Q: Who is using a given IP port right now? ( Answered 4 out of 5 stars

, 0 Comments )

Question

Subject: Who is using a given IP port right now?
Category: Computers > Internet
Asked by: slayne-ga
List Price: $25.00

Posted: 09 Aug 2002 13:59 PDT
Expires: 08 Sep 2002 13:59 PDT
Question ID: 52753

How can I get the process ID, username, etc of who is using a particular TCP/IP port? Windows 2000 and Unix (AIX) Code fragments or examples would be nice. Or, if there are standard utilities for getting this, even better. netstat gives me the local port number, but not WHO specifically is using it.
Request for Question Clarification by secret901-ga on 09 Aug 2002 14:11 PDT Are you looking for a utility similar to Tiny Personal Firewall, http://download.com.com/3000-2092-6313778.html?tag=lst-0-1, which lets the user sees which application is using which port through a firewall status window?
Clarification of Question by slayne-ga on 09 Aug 2002 14:18 PDT While that utility might aid on the Win2K side, it does nothing for the Unix side. I'm looking for either source code, or a built-in command I can call from a script.
Clarification of Question by slayne-ga on 09 Aug 2002 14:27 PDT On Windows: c:\> netstat -an Protocol Local addr:port Remote addr:port Status TCP 166.122.7.32:1746 166.122.7.200:1234 ESTABLISHED From the windows system: I want to be able to see the ID, PID, Username of the process on the windows system which is directly responsible for the local port 1746. From the Unix system: # netstat -an Protocol Local addr:port Remote addr:port Status TCP 166.122.7.200:1234 166.122.7.32:1746 ESTABLISHED I want to see the PID associated with port 1234. (local to Unix)
Clarification of Question by slayne-ga on 09 Aug 2002 16:26 PDT I have found lsof for unix, and fport.exe for windows. This is sufficient for my needs. However, if you have source code to perform these tasks, I'd pay for it g
Clarification of Question by slayne-ga on 09 Aug 2002 16:44 PDT Well shoot... fport.exe works on my PC, but not on the Citrix server. Guess I'm still not out of the woods on this one.

Answer

Subject: Re: Who is using a given IP port right now?
Answered By: livioflores-ga on 09 Aug 2002 16:51 PDT
Rated: 4 out of 5 stars

Hello slayne!! It is easy to do that using the netstat command. Just use the command netstat with the parameters -ano netstat -ano The parameter -a is for display all active TCP connections and the TCP and UDP ports on which the computer is listening. The parameter -n displays active TCP connections, however, addresses and port numbers are expressed numerically and no attempt is made to determine names. The parameter -o displays active TCP connections and includes the process ID (PID) for each connection. When you use the command "netstat -ano" you obtain the following as example: Protocol Local addr:port Remote addr:port Status PID TCP 166.122.7.32:1746 166.122.7.200:1234 ESTABLISHED 6344 In the Windows system you can find the application based on the PID on the Processes tab in Windows Task Manager (open it with ctrl+alt+del ). If you can´t see the PID column at the Task Manager in the Processes tab do the following. With the Processes tab open click View in the menu bar, then select the Select Columns option, and mark the PID column to make it available, do the same with the User Name column if you cannot see it. Now checking the Task Manager I can see that the PID 6344 correspond to Net Captor.exe (my web browser) and the user is Livio (me). For more references you can see: Microsoft TechNet - Netstat http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/prodtechnol/winxppro/proddocs/netstat.asp UNIX netstat command help http://www.computerhope.com/unix/unetstat.htm I hope this helps you. Feel free to request any clarification that you need. Best Regards livioflores-ga
Request for Answer Clarification by slayne-ga on 09 Aug 2002 16:56 PDT Bummer that the -o option doesn't exist on Windows 2000 or AIX. :-( I saw somewhere that -o was available for Windows XP, but that's not an option. Any more ideas?
Clarification of Answer by livioflores-ga on 09 Aug 2002 19:27 PDT Here again slayne !!! I found a little freeware who can help you with windows: The program is named TCPView. "TCPView is a Windows program that will show you detailed listings of all TCP and UDP endpoints on your system, including the local and remote addresses and state of TCP connections. On Windows NT, 2000 and XP TCPView also reports the name of the process that owns the endpoint. TCPView works on Windows NT/2000/XP and Windows 98/Me. You can use TCPView on Windows 95 if you get the Windows 95 Winsock 2 Update from Microsoft." Systernals Freeware TCPView page http://www.sysinternals.com/ntw2k/source/tcpview.shtml Note: you can download the source code of the complete source for the command-line version of TCPView, netstatp, from the same page. Please, if you need more help, let me know. I have searched directly in the Systernals Freeware website: http://www.sysinternals.com/ Regards livioflores-ga
Clarification of Answer by livioflores-ga on 09 Aug 2002 21:44 PDT I am still workink for you !! According to lsof, I was searching with Google (using the keywords lsof and unix) and found a very interesting file. This is a Readme file that you can find following this link: (I can see this file in my Internet Explorer browser) ftp://ftp.cerias.purdue.edu/pub/tools/unix/sysutils/lsof/README You can also find binaries at: ftp://ftp.cerias.purdue.edu/pub/tools/unix/sysutils/lsof/binaries/ ---------------------------------------------------------- You can use an FTP client to conect to: ftp.tux.org/util/vic.cc.purdue.edu/tools/unix/lsof Here you can find latest versions and binaries too. ------------------------------------------------------------ A little bit of info can found at "freshmeat.net: Project details for lsof" (see the comments): http://freshmeat.net/projects/lsof ------------------------------------------------------------- The results page of my search with Google was: ://www.google.com/search?q=lsof+unix&hl=es&lr=&ie=UTF-8&start=0&sa=N See you soon with more for Windows. Regards livioflores-ga
Clarification of Answer by livioflores-ga on 09 Aug 2002 22:19 PDT Hi !! One more aplication to work in the Windows 2000 system: "Active Ports". It was found in Download.com searching for ports. http://download.com.com/3120-2001-0-1-0.html?qt=ports&ca=2001 This program is the most complete. Active Ports maps ports to the owning application so you can watch which process has opened which port. It also displays a local and remote IP address for each connection and allows you to terminate the owning process. You can download this freeware from "Smart Line" website, here there are more aplications related to Network control and security: http://www.protect-me.com/index.htm I really want that helps you, but if more clarifications please request it every time you need it. Regards livioflores-ga

slayne-ga rated this answer: 4 out of 5 stars

Comments

There are no comments at this time.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.

Search Google Answers for

Google Home - Answers FAQ - Terms of Service - Privacy Policy