Leadership

Video: Identify what processes are using which ports in Windows Server 2008

Windows administrators often need to track down network traffic, or errant processes and then match that to network traffic. In this video, Bill Detwiler demonstrates tools that can help you find out what process is using a particular port on Windows Server.

Windows administrators sometimes need to track down network traffic or errant processes and then match that to network traffic. In this video, I'll show you some tools that can help you find out what process is using a particular port on Windows Server.

For those of you who prefer text to video, you can click the Transcript link that appears below the video player window or you can also read Rick Vanover's article, "Identify what processes are using which ports in Windows Server 2008," on which this video is based.

You can also sign up to receive the latest IT Dojo lessons through one or more of the following methods:

About

Bill Detwiler is Managing Editor of TechRepublic and Tech Pro Research and the host of Cracking Open, CNET and TechRepublic's popular online show. Prior to joining TechRepublic in 2000, Bill was an IT manager, database administrator, and desktop supp...

10 comments
weestro
weestro

Netstat with the -b switch will show you what program/ image is running on what port. So the command is netstat -anob No need to match PIDs to taskmgr or run thru tasklist...

BALTHOR
BALTHOR

Years ago I downloaded some small BIOS scan programs.These programs displayed many but not all of the functions in the BIOS while still in Windows.BIOS adjustments could be made while in the OS.Identifying ports is not like assigning ports.The BIOS is so deep but today it is inaccessible.Firmware,Chipset and CPU files are also unreachable.Not one logic or ownership argument will shake a manufacturer out of their FACTORY ADJUSTED BIOS stance.It's a computer,you tell it what to do and it does it!No anarchy should ever be tolerated in computers.I click a function and the page freezes or disappears is anarchy.

omoralesm
omoralesm

Good trick.. I will use for sure...

rlmink
rlmink

Another GUI utility is Active Ports @ www.ntutility.com

mark
mark

You can save yourself a step by using -n instead of -o and getting the process names inline on the command prompt. Mark

edmond
edmond

Without question the best apps are by sysinternals. the one that applies to this section is TCPView, awesome app.

Bill Detwiler
Bill Detwiler

In the video attached to this discussion thread, I demonstrate how you can identify which process is using a specific port with the netstat and tasklist commands. I also talk about several tools that TechRepublic members suggested for the same job, including: ? PortQry ? TCPView ? CurrPorts Original blog and video: http://blogs.techrepublic.com.com/itdojo/?p=504 Have you used the netstat/tasklist method or one of these tools? Did they work for you? Which method/tool has worked best for you at monitor the processes and ports on your Windows servers?

santeewelding
santeewelding

On those logic and ownership arguments. If you have to, go anarchic in your inimitable way, which I so enjoy.

marlb3
marlb3

What's Running by whatsrunning.net is a very awesome tool. Not only does it show process/port connection. But Services, Open Modules, Drivers, Processes, Startup and System Info. Plus gives you the ability to stop and start processes, Stop services and in the Startup able to enable or disable startup processes. Also under the Process tab you can see which actual services are starting under your svchost.

Editor's Picks