Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: How to find a process

From: "Gressick, Michael" <mgressick () cybersource com>
Date: Thu, 14 Jun 2007 09:39:58 -0700
I'm a huge fan of TCPView
(http://www.microsoft.com/technet/sysinternals/Networking/TcpView.mspx),
but even `netstat -ab` will work:


C:\WINDOWS>netstat --help

Displays protocol statistics and current TCP/IP network connections.

NETSTAT [-a] [-b] [-e] [-n] [-o] [-p proto] [-r] [-s] [-v] [interval]

  -a            Displays all connections and listening ports.
  -b            Displays the executable involved in creating each
connection or
                listening port. In some cases well-known executables
host
                multiple independent components, and in these cases the
                sequence of components involved in creating the
connection
                or listening port is displayed. In this case the
executable
                name is in [] at the bottom, on top is the component it
called,
                and so forth until TCP/IP was reached. Note that this
option
                can be time-consuming and will fail unless you have
sufficient
                permissions.
Previous By Date Next
Previous By Thread Next

Current thread: