[Dshield] Suggestions - how-to find local source of open+activeport???

Brian Dessent brian at dessent.net
Fri Jul 25 03:44:28 GMT 2003

Dale Sampson wrote:

> I was hoping for some suggestions as to how to identify what on the XP
> system is keeping this port open and active.  Does anyone recognize the
> activity pattern of the log sample below?

Go to sysinternals.com and get TCPView.  It's like "netstat -an" except
it's a GUI that updates in realtime, and it shows which process owns
which connection.  You can also close individual connections by right
clicking and choosing "Close connection."


More information about the list mailing list