See what process is using a TCP port

See what process is using a TCP port

In some cases you want to know which process is using a certain TCP port. By running the following command can determine which process is using which port:

[text]

netstat -a -n -o

[/text]

You will see an output like this:

[text highlight=”16″]
Active Connections

Proto Local Address Foreign Address State PID
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:81 0.0.0.0:0 LISTENING 11464
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 844
TCP 0.0.0.0:443 0.0.0.0:0 LISTENING 2620
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:554 0.0.0.0:0 LISTENING 5124
TCP 0.0.0.0:902 0.0.0.0:0 LISTENING 3396
TCP 0.0.0.0:912 0.0.0.0:0 LISTENING 3396
TCP 0.0.0.0:2103 0.0.0.0:0 LISTENING 2220
TCP 0.0.0.0:2105 0.0.0.0:0 LISTENING 2220
TCP 0.0.0.0:2107 0.0.0.0:0 LISTENING 2220
TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:3306 0.0.0.0:0 LISTENING 10232
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 1408
TCP 0.0.0.0:5050 0.0.0.0:0 LISTENING 12904
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING 4
[/text]

If for example you are looking for the process that is using port 3306, than in this example this would be the process with PID 10232. By using the Windows Task Manager you could find the process using this port.

Another way to find the process would be using the tasklist command:
[text]
tasklist /svc /FI “PID eq 10232″
[/text]

The result of this command tells us that the MySQL daemon is using port 3306:

[text highlight=”3″]
Image Name PID Services
========================= ======== ==============
mysqld.exe 10232 asterix
[/text]

When you do a lot of these port searches, you can always create a script like this:

[text highlight=”8,16”]
@echo off

REM Check arguments
if (%1) == () goto usage

REM Find the process using the given port
set pid=
netstat -a -n -o | findstr %1 > port.txt
for /F “tokens=5” %%a in (port.txt) do set pid=%%a
del port.txt

REM Check if a process was found using the given port
if (%pid%) == () goto notfound

REM Show the process using the given port
tasklist /svc /FI “PID eq %pid%”
goto end

:usage
REM Show usage message
echo.
echo USAGE: %0 [port]
echo.
goto end

:notfound
REM Given port is not in use
echo.
echo Port %1 is not used
echo.
goto end

:end
[/text]

Comments are closed.