Configuration Steps: Using the 'netstat' Command to determine if a Port is Open in Windows 2008 or Windows Vista

The 'netstat' command has been around for many years and on multiple Operating Systems. We will briefly review 3 netstat parameters useful on both Windows 2008 and Windows Vista. If you have ever been asked the question by a colleague, 'How do I tell if RDP is listening on Port TCP 3389 for Server XYZ'? I will show you an example of how to use the netstat command to see if a server is listening on a specific port using the find parameter.

Here are our 3 commands for this example:

  1. 'netstat'  - indicates 1) Protocol, 2) Local Address, 3) Foreign Address, and 4) State (of Connection).
  2. 'netstat -aon' - indicates 1) Protocol, 2) Local Address, 3) Foreign Address, 4) State and 5) Process ID (PID).
  3. 'netstat -an | find ":3389' - indicates any Local IP Address listening on TCP 3389 (default Protocol and Port for Remote Desktop (RDP))

Here are our 3 commands in action in a Windows Vista SP1 Command Window (if you like how clear this Windows appears take a look at my Blog Entry titled '

 

 Command 1 - 'netstat' - offers us a clear picture by protocol as to Local Ports open and to which Foreign Address (remote host).

Command 2 - 'netstat - aon' - provides similar detail with the addition of IPV6 information and specific Process IDs (PIDs).

 

Command 3 - 'netstat -an | find ":3389' - provides affirmation by IP Address of servers maintaining an open connection on TCP 3389.

Enjoy using this much overlook utility found in both Windows 2008 and Windows Vista! 

'Learn Advanced IT' - Free Video Lessons on 'Windows 2008 SP2 Failover Cluster Nodes for Highly Available File Services' and 'Forefront Client Security SP1 Single Server Topology on Windows 2008' - http://www.exchangesummit.net.  

 

Lynn Lunik
Chief Security Architect
IT Pro Secure Corporation
blog@itprosecure.com

Blog Tags: Amazon Web Services, Forefront Client SecurityForefront Endpoint Protection 2010, Hyper-VVirtual PC 2007,  SCOM2k7, SQL2k8, Windows 7Windows 2008Exchange 2007, Exchange 2010Failover Clustering – ITPS, Failover Clustering – LL

   

      



Trackbacks

No Trackbacks

Comments

No Comments