If you have several services running on your Windows server you may need to check which ports they are using in order to prevent or resolve any conflicts.
The first step is to obtain a list of the ports being used, this can be carried out by opening a Command Prompt and executing netstat.exe and the following switches:
- list all the connections and listening ports
- display the address and port numbers in numerical form, alternatively, leave this switch off and netstat will try and resolve the computer name and “well know port”
- this switch will list the PID that the connection belongs to
If you run netstat -a -n -o you’ll be presented with a screen full of information, to make it more readable the output can be “piped” to the “more” option which will show a screen at a time (use the space bar to scroll to the next screen).
netstat -a -n -o | more
Also of use is redirecting the output from netstat to a file which can be sorted and filtered in Excel, to do this run:
netstat -a -n -o > ports.log
The next step is to obtain a list of the processes running on the computer. To do this, again from the Command Prompt, use tasklist. Again, it is easier to read by redirecting the output to a file:
tasklist > tasks.log
Now that a list of the processes running and ports used have been created, it is simply a matter of identifing the PID for the process in question and then filtering the list of ports using that PID.
If the PID relates to svchost.exe then further information can be obtained by again using tasklist. For a svchost.exe process with the PID 1072, use the following command:
tasklist /svc /FI "PID eq 1072"
This will then tell you what services the svchost process are running.
C:\Users\john.knight>tasklist /svc /FI “PID eq 1072”
Image Name PID Services ================= ===== ================= svchost.exe 1072 swprv
Hopefully this will help when you need to identify ports that may be clashing and then match them to the corresponding processes.