Networking: 1. How Do I Look at The Open Ports On My Machine?
Networking: 1. How Do I Look at The Open Ports On My Machine?
Networking: 1. How Do I Look at The Open Ports On My Machine?
Note: The NETSTAT command will show you whatever ports are open or in use, but it is NOT a port scanning tool! If you want to have your computer scanned for open ports see this page instead (link will follow shortly). Open Command Prompt and type:
C:'WINDOWS>netstat -an |find /i "listening" TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING TCP 0.0.0.0:1084 0.0.0.0:0 LISTENING TCP 0.0.0.0:2094 0.0.0.0:0 LISTENING TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING TCP 0.0.0.0:5000 0.0.0.0:0 LISTENING
You can redirect it to a text file by adding >c:'openports.txt to the command, if you want to:
netstat -an |find /i "listening" > c:'openports.txt
netstat -an |find /i "listening" > c:'openports.txt You can also change "listening" to "established" to see what ports your computer actually communicates with:
C:'WINDOWS>netstat -an |find /i "established" TCP 192.168.0.100:1084 192.168.0.200:1026 ESTABLISHED TCP 192.168.0.100:2094 192.168.0.200:1166 ESTABLISHED TCP 192.168.0.100:2305 209.211.250.3:80 ESTABLISHED TCP 192.168.0.100:2316 212.179.112.230:80 ESTABLISHED TCP 192.168.0.100:2340 209.211.250.3:110 ESTABLISHED
Note: In Windows XP and Windows Server 2003, you can type NETSTAT -O to get a list of all the owning process ID associated with each connection:
C:'WINDOWS>netstat -ao |find /i "listening" TCP pro1:epmap pro1.dpetri.net:0 LISTENING 860 TCP pro1:microsoft-ds pro1.dpetri.net:0 LISTENING TCP pro1:1025 pro1.dpetri.net:0 LISTENING 908 TCP pro1:1084 pro1.dpetri.net:0 LISTENING 596 TCP pro1:2094 pro1.dpetri.net:0 LISTENING 596 TCP pro1:3389 pro1.dpetri.net:0 LISTENING 908 TCP pro1:5000 pro1.dpetri.net:0 LISTENING 1068
You can use PULIST from the W2K Resource Kit (Download Free Windows 2000 Resource Kit Tools) to find the PID and see what process uses it and who started it. For example, you found out that your computer had an open connection to a remote IP address on TCP port 80, and you
don't have any Internet Explorer or other browser windows open. You want to find out what process is using that session.
C:'WINDOWS>netstat -no Active Connections Proto Local Address Foreign Address State PID TCP 192.168.0.100:2496 212.179.4.7:80 ESTABLISHED 1536
In this case, LUCOMS~1.EXE is run by DANIELP (myself) and as it happens, it's the Symantec Live Update process. You can also look in Task Manager for the respective PID. 1. To set up Task Manager to show the PID column open Task Manager by using CTRL+SHIFT+ESC. 2. Go to the Processes tab, click View and then Select Columns.
1. In the Select Columns windows click to select PID and then click Ok.
1. You can sort the PID column to display the PIDs in descending or ascending order.
02 What can you do with NETSH? Configure TCP/IP from the Command Prompt
In order to configure TCP/IP settings such as the IP address, Subnet Mask, Default Gateway, DNS and WINS addresses and many other options you can use Netsh.exe. Netsh.exe is a command-line scripting utility that allows you to, either locally or remotely, display or modify the network configuration of a computer that is currently running. Netsh.exe also provides a scripting feature that allows you to run a group of commands in batch mode against a specified computer. Netsh.exe can also save a configuration script in a text file for archival purposes or to help you configure other servers. Netsh.exe is available on Windows 2000, Windows XP and Windows Server 2003. You can use the Netsh.exe tool to perform the following tasks:
Configure interfaces Configure routing protocols Configure filters Configure routes Configure remote access behavior for Windows-based remote access routers that are running the Routing and Remote Access Server (RRAS) Service Display the configuration of a currently running router on any computer Use the scripting feature to run a collection of commands in batch mode against a specified router.
With Netsh.exe, you can easily configure your computer's IP address and other TCP/IP related settings. For example:
The following command configures the interface named Local Area Connection with the static IP address 192.168.0.100, the subnet mask of 255.255.255.0, and a default gateway of 192.168.0.1:
netsh interface ip set address name="Local Area Connection" static 192.168.0.100 255.255.255.0 192.168.0.1 1
Netsh.exe can be also useful in certain scenarios such as when you have a portable computer that needs to be relocated between 2 or more office locations, while still maintaining a specific and static IP address configuration. With Netsh.exe, you can easily save and restore the appropriate network configuration
First, connect your portable computer to location #1, and then manually configure the required settings (such as the IP address, Subnet Mask, Default Gateway, DNS and WINS addresses). Now, you need to export your current IP settings to a text file. Use the following command:
netsh -c interface dump > c:'location1.txt
When you reach location #2, do the same thing, only keep the new settings to a different file:
netsh -c interface dump > c:'location2.txt
You can go on with any other location you may need, but we'll keep it simple and only use 2 examples. Now, whenever you need to quickly import your IP settings and change them between location #1 and location #2, just enter the following command in a Command Prompt window (CMD.EXE):
netsh -f c:'location1.txt
or
netsh -f c:'location2.txt
and so on. You can also use the global EXEC switch instead of -F:
netsh exec c:'location2.txt
Netsh.exe can also be used to configure your NIC to automatically obtain an IP address from a DHCP server:
netsh interface ip set address "Local Area Connection" dhcp
Would you like to configure DNS and WINS addresses from the Command Prompt? You can. See this example for DNS:
netsh interface ip set dns "Local Area Connection" static 192.168.0.200
Or, if you want, you can configure your NIC to dynamically obtain it's DNS settings:
netsh interface ip set dns "Local Area Connection" dhcp
BTW, if you want to set a primary and secondary DNS address, add index=1 and index=2 respectively to the lines of Netsh command. As you now see, Netsh.exe has many features you might find useful, and that goes beyond saying even without looking into the other valuable options that exist in the command