Friday, March 28, 2014

Know your Ports!

Like many of you, I have used the windows utility of NETSTAT -a to reveal to me what port connections I have made when I (or the operating system) are connected to an outside resource. 
Note that you can see the local and remote systems and their local and remote port numbers (If instead of port numbers you see "isakmp" or "http", Windows looked up a nice label for the well-known-port reference from c:\windows\system32\drivers\etc\services file.
To complement this, let me suggest that you check out the Windows Resource Monitor available in Windows 7 and later. Open from Start or Task Manager.

Once inside, take a look at the networking tab:

As you can see, this utility will tell you the process ID (and goes ahead and looks up the process name) that goes with any assigned Port.
 Whether you are running Windows Server or Client software, it can be very nice to see exactly where your system is going when it thinks you're not paying attention - Think malware, viruses, gamers, etc.
 Remember, a port number is just a network convention used to find the right application on a system that is expected to speak a certain language. There is nothing that prevents an ftp client from making a request on port 25 rather than on port 21, but the problem is that the SMTP server service bound to Port 25 is expecting SMTP formatted email communications, not FTP file transfer requests!


No comments: