NETWORKING: 1. How do I look at the open ports on my machine?

Note: The NETSTAT command will show you whatever ports are open or in use, but it is NOT a port scanning tool! If you want to have your computer scanned for open ports see this page instead (link will follow shortly). Open Command Prompt and type:
C:'WINDOWS>netstat -an |find /i "listening" TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING TCP 0.0.0.0:1084 0.0.0.0:0 LISTENING TCP 0.0.0.0:2094 0.0.0.0:0 LISTENING TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING TCP 0.0.0.0:5000 0.0.0.0:0 LISTENING

You can redirect it to a text file by adding >c:'openports.txt to the command, if you want to:
netstat -an |find /i "listening" > c:'openports.txt

netstat -an |find /i "listening" > c:'openports.txt You can also change "listening" to "established" to see what ports your computer actually communicates with:
C:'WINDOWS>netstat -an |find /i "established" TCP 192.168.0.100:1084 192.168.0.200:1026 ESTABLISHED TCP 192.168.0.100:2094 192.168.0.200:1166 ESTABLISHED TCP 192.168.0.100:2305 209.211.250.3:80 ESTABLISHED TCP 192.168.0.100:2316 212.179.112.230:80 ESTABLISHED TCP 192.168.0.100:2340 209.211.250.3:110 ESTABLISHED

Note: In Windows XP and Windows Server 2003, you can type NETSTAT -O to get a list of all the owning process ID associated with each connection:
C:'WINDOWS>netstat -ao |find /i "listening" TCP pro1:epmap pro1.dpetri.net:0 LISTENING 860 TCP pro1:microsoft-ds pro1.dpetri.net:0 LISTENING TCP pro1:1025 pro1.dpetri.net:0 LISTENING 908 TCP pro1:1084 pro1.dpetri.net:0 LISTENING 596 TCP pro1:2094 pro1.dpetri.net:0 LISTENING 596 TCP pro1:3389 pro1.dpetri.net:0 LISTENING 908 TCP pro1:5000 pro1.dpetri.net:0 LISTENING 1068

4

You can use PULIST from the W2K Resource Kit (Download Free Windows 2000 Resource Kit Tools) to find the PID and see what process uses it and who started it. For example, you found out that your computer had an open connection to a remote IP address on TCP port 80, and you

179.168. Go to the Processes tab. .7:80 ESTABLISHED 1536 You can then use PULIST with the FIND command: C:'WINDOWS>pulist |find /i "1536" Process PID LUCOMS~1.100:2496 212.4. To set up Task Manager to show the PID column open Task Manager by using CTRL+SHIFT+ESC. You can sort the PID column to display the PIDs in descending or ascending order. In the Select Columns windows click to select PID and then click Ok. 1.EXE User 1536 DPETRI'danielp In this case. click View and then Select Columns.don't have any Internet Explorer or other browser windows open. LUCOMS~1. 1. You want to find out what process is using that session. 1. it's the Symantec Live Update process.0.EXE is run by DANIELP (myself) and as it happens. You can also look in Task Manager for the respective PID. C:'WINDOWS>netstat -no Active Connections Proto Local Address Foreign Address State PID TCP 192. 2.

exe. DNS and WINS addresses and many other options you can use Netsh. For example: . You can use the Netsh.exe you can easily view your TCP/IP settings.exe is available on Windows 2000. Netsh. What can we do with Netsh.exe can also save a configuration script in a text file for archival purposes or to help you configure other servers. Default Gateway.EXE): netsh interface ip show config With Netsh.exe tool to perform the following tasks: • • • • • • • Configure interfaces Configure routing protocols Configure filters Configure routes Configure remote access behavior for Windows-based remote access routers that are running the Routing and Remote Access Server (RRAS) Service Display the configuration of a currently running router on any computer Use the scripting feature to run a collection of commands in batch mode against a specified router.exe? With Netsh. Type the following command in a Command Prompt window (CMD. either locally or remotely.exe.02 What can you do with NETSH? Configure TCP/IP from the Command Prompt In order to configure TCP/IP settings such as the IP address. display or modify the network configuration of a computer that is currently running. Netsh.exe is a command-line scripting utility that allows you to. Subnet Mask. Netsh. Netsh.exe also provides a scripting feature that allows you to run a group of commands in batch mode against a specified computer. Windows XP and Windows Server 2003. you can easily configure your computer's IP address and other TCP/IP related settings.

EXE): netsh -f c:'location1.exe can also be used to configure your NIC to automatically obtain an IP address from a DHCP server: netsh interface ip set address "Local Area Connection" dhcp . but we'll keep it simple and only use 2 examples.168. DNS and WINS addresses).100.100 255.1 1 Netsh.exe can be also useful in certain scenarios such as when you have a portable computer that needs to be relocated between 2 or more office locations.1: netsh interface ip set address name="Local Area Connection" static 192.txt or netsh -f c:'location2.255.0.0. whenever you need to quickly import your IP settings and change them between location #1 and location #2.255.168. connect your portable computer to location #1. With Netsh. Now. you can easily save and restore the appropriate network configuration First. you need to export your current IP settings to a text file. Now.The following command configures the interface named Local Area Connection with the static IP address 192.0. and a default gateway of 192.255.0. only keep the new settings to a different file: netsh -c interface dump > c:'location2.0. You can also use the global EXEC switch instead of -F: netsh exec c:'location2. Subnet Mask.168. just enter the following command in a Command Prompt window (CMD.255.txt and so on.txt Netsh. Use the following command: netsh -c interface dump > c:'location1.0 192. the subnet mask of 255.168.txt You can go on with any other location you may need. and then manually configure the required settings (such as the IP address. do the same thing. while still maintaining a specific and static IP address configuration.exe.txt When you reach location #2. Default Gateway.

if you want. As you now see. you can configure your NIC to dynamically obtain it's DNS settings: netsh interface ip set dns "Local Area Connection" dhcp BTW.168.exe has many features you might find useful. and that goes beyond saying even without looking into the other valuable options that exist in the command .200 Or.Would you like to configure DNS and WINS addresses from the Command Prompt? You can.0.0. See this example for DNS: netsh interface ip set dns "Local Area Connection" static 192. add index=1 and index=2 respectively to the lines of Netsh command.200 and this one for WINS: netsh interface ip set wins "Local Area Connection" static 192. if you want to set a primary and secondary DNS address.168. Netsh.