Skip to main content


How To Check Exactly What Ports Are In Use


In order for processes and applications to communicate over a network,  TCP/IP ports will be claimed In the form of a port number, thereby locking out other applications from using one that's already In use. However for diagnostic, troubleshooting or any other purpose, sometimes you'd want to know exactly what apps and processes are utilizing your ports. As such, In this tutorial, I will show you how to check exactly what ports are In use.


Without the tech jargon, the easiest way I can explain what a port does, Is that It allows your computer or an application to connect to another computer within your network, or on the Internet. On other words, It's simply a gateway that allows Information to travel from one point to another, and vice versa.

Ports are constantly In use by applications and processes and whilst there's usually no cause for concern, there are times that you'll need to know exactly what's going on. For Instance, some apps will attempt to listen for traffic on a port that's already In use, or perhaps a piece of malware Is communicating with It's author on a particular port.

As a result, I will be using the good old Windows Command Prompt, with the aid of netstat to see which applications and processes are using which ports. You'll then have a clear picture of what's actively running on your computer/network. So without further delay, let's rip Into this tutorial.


Step One:
The first thing we need to do, Is access the Command Prompt with elevated privileges. Open the Search bar, enter cmd and then right-click the entry at the top and select Run as administrator.



Step Two:
The Command Prompt will now execute, so type the following command and hit Enter.
netstat -ab

This will now display a list of ports, as well as the processes that're actively using them. The port numbers are those listed after the colon.



Step Three:
Upon scrolling through the list, you may come across CLOSE_WAIT, ESTABLISHED and LISTENING as shown below.


CLOSE_WAIT Is when an active connection Is ending. ESTABLISHED Is an active connection of traffic being exchanged. And LISTENING Is an open port, that's listening for Inbound connections.


Step Four:
If you haven't already, you will come across can not obtain ownership Information. This doesn't tell you anything about what It relates to. So to Identify It, you first need to grab It's port number. In my case, I will use port number 8034.



Step Five:
Now you need to match the port number with It's corresponding PID (Process Identifier), by entering the following command Into the Command Prompt.
netstat -aon

Hit the Enter key on your keyboard, and (of relevance here), the Local Address and PID entries will be displayed. As you can see, the port number 8034, corresponds to PID 4. In the next step, we'll open Task Manager and see the Description of PID 4.



Step Six:
Upon opening Task Manager and selecting the Details tab, the PID number 4 has been Identified as NT Kernel & System. You can use this method for every other unknown running process.



Last Step:
I'm aware that the above PID Is safe, but If you're not sure, simply right-click It and select Search online. This actually provides a wealth of Information on the net.



Final Thoughts:
You now have a clear understanding, of how to lookup and Identify applications & processes that're actively using your ports. Irrespective of whether everything Is running fine with no signs of Inconsistencies nor malicious behavior, It's good practice to check your ports every now and then. It only takes a few minutes, so there's no excuse not to.



Comments

Popular posts from this blog

How To Decode The Windows 10 Product Key

Every Windows 10 operating system that's Installed and activated on the computer, has what's called a Product Key, that Is either pre-Installed by the manufacturer, or added by the end user when formatting their PC. In order to have a fully-functional OS, It must contain a valid Product Key. Whilst there are many tools that can extract It from the operating system, In this tutorial, I will show you how to manually decode the Product Key.

How To Create A Virtual Machine Using VMware

A virtual machine, often abbreviated as a VM, Is a software program containing an operating system that's Installed on the physical machine (PC), and operates In It's own Isolated environment. Every task performed In the VM, remains there, without affecting the main computer. Every user should have a virtual machine up and running, so In this tutorial, I will demonstrate a detailed guide on how to create & Install a virtual machine on your computer, namely VMware Workstation.

Check The Health Of Your Laptop's Battery

When you first purchase your laptop and fully charge the battery thereafter, It runs at It's optimal state for quite a while. However, over time, It Inevitably decreases In performance, and does not hold It's charge capacity as per It's brand new state. This Is due to wear & tear, and a few other factors. It's very Important to know the condition of your battery, so In this tutorial, I will show you how to view the current status and health of your laptop's battery.