Skip to main content

How To Check Exactly What Ports Are In Use

In order for processes and applications to communicate over a network,  TCP/IP ports will be claimed In the form of a port number, thereby locking out other applications from using one that's already In use. However for diagnostic, troubleshooting or any other purpose, sometimes you'd want to know exactly what apps and processes are utilizing your ports. As such, In this tutorial, I will show you how to check exactly what ports are In use.

Without the tech jargon, the easiest way I can explain what a port does, Is that It allows your computer or an application to connect to another computer within your network, or on the Internet. On other words, It's simply a gateway that allows Information to travel from one point to another, and vice versa.

Ports are constantly In use by applications and processes and whilst there's usually no cause for concern, there are times that you'll need to know exactly what's going on. For Instance, some apps will attempt to listen for traffic on a port that's already In use, or perhaps a piece of malware Is communicating with It's author on a particular port.

As a result, I will be using the good old Windows Command Prompt, with the aid of netstat to see which applications and processes are using which ports. You'll then have a clear picture of what's actively running on your computer/network. So without further delay, let's rip Into this tutorial.

Step One:
The first thing we need to do, Is access the Command Prompt with elevated privileges. Open the Search bar, enter cmd and then right-click the entry at the top and select Run as administrator.

Step Two:
The Command Prompt will now execute, so type the following command and hit Enter.
netstat -ab

This will now display a list of ports, as well as the processes that're actively using them. The port numbers are those listed after the colon.

Step Three:
Upon scrolling through the list, you may come across CLOSE_WAIT, ESTABLISHED and LISTENING as shown below.

CLOSE_WAIT Is when an active connection Is ending. ESTABLISHED Is an active connection of traffic being exchanged. And LISTENING Is an open port, that's listening for Inbound connections.

Step Four:
If you haven't already, you will come across can not obtain ownership Information. This doesn't tell you anything about what It relates to. So to Identify It, you first need to grab It's port number. In my case, I will use port number 8034.

Step Five:
Now you need to match the port number with It's corresponding PID (Process Identifier), by entering the following command Into the Command Prompt.
netstat -aon

Hit the Enter key on your keyboard, and (of relevance here), the Local Address and PID entries will be displayed. As you can see, the port number 8034, corresponds to PID 4. In the next step, we'll open Task Manager and see the Description of PID 4.

Step Six:
Upon opening Task Manager and selecting the Details tab, the PID number 4 has been Identified as NT Kernel & System. You can use this method for every other unknown running process.

Last Step:
I'm aware that the above PID Is safe, but If you're not sure, simply right-click It and select Search online. This actually provides a wealth of Information on the net.

Final Thoughts:
You now have a clear understanding, of how to lookup and Identify applications & processes that're actively using your ports. Irrespective of whether everything Is running fine with no signs of Inconsistencies nor malicious behavior, It's good practice to check your ports every now and then. It only takes a few minutes, so there's no excuse not to.


Popular posts from this blog

How To Decode The Windows 10 Product Key

Every Windows 10 operating system that's Installed and activated on the computer, has what's called a Product Key , that Is either pre-Installed by the manufacturer, or added by the end user when formatting their PC. In order to have a fully-functional OS, It must contain a valid Product Key. Whilst there are many tools that can extract It from the operating system, In this tutorial, I will show you how to manually decode the Product Key.

How To Check Faulty Drivers In Windows 10

For hardware devices to function properly, they must have device drivers  Installed, thus allow them to perform at their optimal state. It's all well and good when they're running without error, but they do tend to fail at the best of times, which can cause system Instability and/or loss of functionality. It can be a difficult task pinpointing the problematic driver(s), so In this tutorial, I will show you how to check faulty drivers , without the aid of third-party tools.

How To Create A Fake File Of Any File Size

Depending on your business environment or Individual requirements, sometimes there Is the need to test files of a given capacity. Such tests can Include Identifying how well your hard disks perform under heavy read/write operations, or to establish whether files can be securely deleted beyond recovery. Whatever the reason may be, In this tutorial, I will show you how to create a fake file of any file size.