While installing a web server on a workstation, I kept getting an error that the port number was in use. This obviously caused some issues as it is an IT machine, who knows what was installed using the ports? There are two ways to figure out what software is using the ports required.
The first is Command Prompt which is a Legacy way of doing it but still works fine.
Secondly is with PowerShell which is much more powerful, but you do need to be very specific in what you are looking for.
CMD
Using Command Prompt the following “netstat” will be the primary command being used, netstat Displays protocol statistics and current TCP/IP network connections. Using the Below Switches will give you which PID is using this port.
-a Displays all connections and listening ports.
-o Displays the owning process ID associated with each connection
-n Displays addresses and port numbers in numerical form
To find the task that is using the port you can open the Task Manager and arrange the Tasks by PID and look for that specific PID, or in CMD use the tasklist command with the below Parameter.
/FI Displays a set of tasks that match the given criteria specified by the filter.
These Commands can of course be all set into a Single command by using the For Command and simply passing the PID into the tasklist command. This brings back which software is using that specific port.
for /f "tokens=5" %a in ('netstat -aon ^| findstr 8085') do tasklist /FI "PID eq %a"
The thing to notice is that the Command findstr is being used to filter the line. This will bring back any line where it finds the string 8085. Thus if there is a PID, Remote Port, or Local Port it will get the line back and give you the requested Data.
PowerShell
PowerShell works differently in that you request specifically what you want. The CMDLET Get-NetTCPConnection gets current TCP connections and specifically using the below parameters
-LocalPort Specifies an array of local ports. The cmdlet gets connections for the ports that you specify. -RemotePort Specifies an array of remote ports. The cmdlet gets connections for the ports that you specify.
Once you have the OwningProcess you can pass the ID on to the Get-Process CMDLET and it will return the ProcessName
The one thing that you need to note if you require UDP access you can use the CMDLET Get-NetUDPEndpoint with Parameter LocalPort