Written by Barry Dysert (last updated June 19, 2017)
Before we talk about scanning your system for open ports, I think we would benefit from a brief overview of ports in general. A port is an access point on an IP address that an application can use for communicating with an application on another network device. An analogy for a port is a particular unit number in an apartment building. The address of the apartment building is like the IP address, and each unit in it has its own "port number."
There are two types of ports: TCP and UDP. TCP stands for "Transmission Control Protocol." Under TCP, when computers want to exchange information a link is established from one computer to the other, and that link remains open for the duration of the exchange. Once the exchange is finished, the link is then disconnected.
UDP stands for "User Datagram Protocol." Under UDP, when computers want to exchange information, the sending computer wraps the data into a package, and the package is dropped onto the network, addressed to the receiving computer. Devices in between the sender and receiver take on the task of relaying the package to its ultimate destination.
Each type of port is numbered from 0 through 65535 (that would make for quite a large apartment building!). You can see what ports your system has open by using the netstat command-line utility. The netstat command accepts several switches, but I typically specify "-aon". These switches cause the utility to display all connections and listening ports in numerical form, including the owning process ID associated with each connection. The following shows the partial output of executing the command "netstat -aon":
Proto Local Address Foreign Address State PID TCP 0.0.0.0:4242 0.0.0.0:0 LISTENING 1896 TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:5500 0.0.0.0:0 LISTENING 5920 TCP 0.0.0.0:9090 0.0.0.0:0 LISTENING 1372 TCP 0.0.0.0:9998 0.0.0.0:0 LISTENING 4460 TCP 0.0.0.0:11456 0.0.0.0:0 LISTENING 1612 TCP 0.0.0.0:17500 0.0.0.0:0 LISTENING 2540 TCP 0.0.0.0:30101 0.0.0.0:0 LISTENING 4460 TCP 0.0.0.0:47232 0.0.0.0:0 LISTENING 2940 TCP 0.0.0.0:47233 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:49732 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:49735 0.0.0.0:0 LISTENING 4 TCP 127.0.0.1:1051 127.0.0.1:5354 ESTABLISHED 1824 TCP 127.0.0.1:1052 127.0.0.1:5354 ESTABLISHED 1824 UDP 0.0.0.0:3702 *:* 2180 UDP 0.0.0.0:4500 *:* 1120 UDP 0.0.0.0:5355 *:* 1500 UDP 0.0.0.0:17500 *:* 2540 UDP 0.0.0.0:53301 *:* 1704 UDP 0.0.0.0:60429 *:* 1096 UDP 0.0.0.0:60431 *:* 1096 UDP 0.0.0.0:60959 *:* 2180 UDP 0.0.0.0:64927 *:* 1612 UDP 127.0.0.1:1900 *:* 2180 UDP 127.0.0.1:49307 *:* 5784 UDP 127.0.0.1:49308 *:* 5784 UDP 127.0.0.1:52417 *:* 5684 UDP 127.0.0.1:53299 *:* 1824 UDP 127.0.0.1:53300 *:* 1824 UDP 127.0.0.1:57665 *:* 804 UDP 127.0.0.1:58065 *:* 1120 UDP 127.0.0.1:60428 *:* 2180 UDP 127.0.0.1:60977 *:* 1500
The first column indicates whether the port is using TCP or UDP. The second column gives the IP:port address on the local machine. The third column gives the IP:port address on the remote machine. The last two columns indicate the state of the connection and the process ID of the process using the port.
This tip (9986) applies to Windows 7, 8, and 10.
Edge Chromium's Startup Boost reduces the time it takes for Edge to load. Enable this feature with a simple setting change.Discover More
Microsoft's Edge Chromium allows for a powerful new feature called Profiles. These allow for one web browser to be used ...Discover More
Having Edge store password information can be a time saver and helpful. See how to remove saved passwords within Edge.Discover More