RE: How to find a process

[<Nichol.Deaddis () TelecityRedbus com>]

This tool will do:

http://www.microsoft.com/technet/sysinternals/Networking/TcpView.mspx 



--  
Nichol Deaddis
Microsoft Systems Engineer

TelecityRedbus UK Limited
10th Floor
6&7 Harbour Exchange Square
London E14 9GE
United Kingdom

Tel: +44 207 005 6017
Fax: +44 207 005 6060
Mob: 
Email: Nichol.Deaddis () TelecityRedbus com

www.telecityredbus.com

Europe's leading independent provider of colocation, data centre, hosting and connectivity services.
Winner Best Pan European Data Centre Operator Award 2007, Data Centres Europe Awards.
TelecityRedbus UK Limited. Registered in England 3607764  Registered Office: Masters House, 107 Hammersmith Road, 
London W14 0QH UK.-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Francisco Rodrigo Cortinas Maseda
Sent: 13 June 2007 10:32
To: security-basics () securityfocus com
Subject: How to find a process

Hello,

my name is Fran, im a network and system administrator, and i have a
strange case, but sure somenone have had the same problem before me.

My problem is that we have some strange traffic on the firewalls, going
from a server on a DMZ to public client pools.

10:09:10.511978 00:0e:0c:71:7f:cd > 10:00:00:00:26:01, ethertype IPv4
(0x0800), length 61: IP XXXXX.44267 > XXXXXX.3072: UDP, length 19

The problem is: with netstat i only see the ports daemons are listening
on. I want to know the process that is using the outgoing port, that is,
44267.

Is there a way to know this?

Thanks in advance.
Regards.
This e-mail is intended only for the use of the addressees named above and may be confidential. 
If you are not an addressee you must not use any information contained in nor copy it nor inform any person other than 
the addressees of its existence or contents. 

please consider the environment before printing this e-mail.