Windows Security
  Home arrow Windows Security arrow Page 4 - Windows Host Security: Network Security Ha...
ASP Free Forums 
.NET  
ASP  
ASP Code  
ASP.NET  
ASP.NET Code  
BrainDump  
C#  
Code Examples  
Database  
Database Code  
IIS  
Microsoft Access  
MS SQL Server  
Visual Basic.NET  
Windows Scripting  
Windows Security  
XML  
ASP Web Hosting  
ASP.NET Web Hosting 
Dedicated Servers 
Actuate Whitepapers 
Moblin 
Windows Web Hosting
 
IBM® developerWorks 
Sun Developer Network 
Weekly Newsletter
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid 
Request Media Kit
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
WINDOWS SECURITY

Windows Host Security: Network Security Hacks
By: O'Reilly Media
  • Search For More Articles!
  • Disclaimer
  • Author Terms
    		•
    Rating: 5 stars5 stars5 stars5 stars5 stars / 10
    2004-09-20

    Table of Contents:
  • Windows Host Security: Network Security Hacks
  • Run the Verbose Switch
  • Hack 22: Get a List of Open Files and Their Owning Processes
  • Hack 23: List Running Services and Open Ports
  • Hack 24: Enable Auditing
  • Hacks 25 and 26: Secure Your Event Logs, and Change Your Maximum Log Files Sizes
  • Hacks 27 and 28: Disable Default Shares, and Encrypt Your Temp Folder
  • Hacks 29 and 30: Clear the Paging File at Shutdown, and Restrict Applications Available to Users
    		•

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
    		 
    Iron Speed
     
    ADVERTISEMENT

    Ajax Application Generator Generate database and reporting .NET Web apps in minutes. Quickly create visually stunning, feature-rich apps that are easy to customize and ready to deploy. Download Now!

    Windows Host Security: Network Security Hacks - Hack 23: List Running Services and Open Ports
    (Page 4 of 8 )

    Hack 23: List Running Services and Open Ports

    Check for remotely accessible services the Windows way.

    Unix makes it quick and easy to see which ports on a system are open, but how can you do that on Windows? Well, with FPort from Foundstone(http://www.foundstone.com/resources/index_resources.htm) it’s as quick and easy as running good old netstat.

    FPort has very few command-line options, and those deal mostly with specifying how you’d like the output sorted. For instance, if you want the output sorted by application name, you can use /a; if you want it sorted by process ID, you can use /i. While it may not be as full of features as netstat, it definitely gets the job done.

    To get a listing of all ports that are open on your system, simply type fport. If you want the list to be sorted by port number, use the /pswitch:

    C:\> fport /p
    FPort v2.0 - TCP/IP Process to Port Mapper
    Copyright 2000 by Foundstone, Inc.
    http://www.foundstone.com
    Pid Process Port Proto Path
    432 svchost -> 135 TCP C:\WINNT\system32\svchost.exe
    8 System -> 139 TCP
    8 System -> 445 TCP
    672 MSTask -> 1025 TCP C:\WINNT\system32\MSTask.exe
    8 System -> 1028 TCP
    8 System -> 1031 TCP
    1116 navapw32 -> 1035 TCP C:\PROGRA~1\NORTON~1\navapw32.exe
    788 svchost -> 1551 TCP C:\WINNT\system32\svchost.exe
    788 svchost -> 1553 TCP C:\WINNT\system32\svchost.exe
    788 svchost -> 1558 TCP C:\WINNT\system32\svchost.exe
    1328 svchost -> 1565 TCP C:\WINNT\System32\svchost.exe
    8 System -> 1860 TCP
    1580 putty -> 3134 TCP C:\WINNT\putty.exe
    772 WinVNC -> 5800 TCP C:\Program Files\TightVNC\WinVNC.exe
    772 WinVNC -> 5900 TCP C:\Program Files\TightVNC\WinVNC.exe
    432 svchost -> 135 UDP C:\WINNT\system32\svchost.exe
    8 System -> 137 UDP
    8 System -> 138 UDP
    8 System -> 445 UDP
    256 lsass -> 500 UDP C:\WINNT\system32\lsass.exe
    244 services -> 1027 UDP C:\WINNT\system32\services.exe
    688 IEXPLORE -> 2204 UDP C:\Program Files\Internet Explorer\
    IEXPLORE.EXE
    1396 IEXPLORE -> 3104 UDP C:\Program Files\Internet Explorer\
    IEXPLORE.EXE
    256 lsass -> 4500 UDP C:\WINNT\system32\lsass.exe

    Notice that there are some processes listed—such as navapw32, putty, and IEXPLORE—that don’t appear to be services. These show up in the output because FPort lists all open ports, not just opened ports that are listening.

    While FPort is not as powerful as some of the commands available under other operating systems, it is still a valuable, quick, and easy-to-use tool that is a great addition to Windows.

    Buy the book!If you've enjoyed what you've seen here, or to get more information, click on the "Buy the book!" graphic. Pick up a copy today!

    Visit the O'Reilly Network http://www.oreillynet.com for more online content.

    Next: Hack 24: Enable Auditing >>
     

    More Windows Security Articles
    More By O'Reilly Media


     
    >>> Be the FIRST to comment on this article!

    WINDOWS SECURITY ARTICLES

    - Advanced Data Protection in Windows
    - Basic Data Protection in Windows
    - Windows XP Security
    - Lucky You, Microsoft has Sent You an Email! ...
    - Implementing a PKI, Part III: Managing Micro...
    - Windows 2000 Security
    - A Security Roadmap
    - Implementing a Public Key Infrastructure (PK...
    - Hardening Communications
    - Windows Host Security: Network Security Hacks
    - Hardening Wireless LAN Connections, Part 2
    - Hardening Wireless LAN Connections Part 1
    - Windows Reverse Engineering
    - Microsoft's Latest Security Updates -- The G...
    - Cross Site Scripting (XSS): An Overview
    Find More Windows Security Articles



    © 2003-2008 by Developer Shed. All rights reserved. DS Cluster 1 hosted by Hostway