On Windows systems, netstat.exe is a useful utility to check for open ports and listeners. However, the tool returns text only, has cryptic arguments, and isn’t available cross-platform.

On Windows systems, you can use a new PowerShell cmdlet named Get-NetTCPConnection which mimics much of the functionality found in netstat.exe. For example, you can list all HTTPS connections (port 443) currently open by any of your software (browsers):

 
PS> Get-NetTCPConnection -RemotePort 443 -State Established 

LocalAddress  LocalPort RemoteAddress  RemotePort State       AppliedSetting OwningProcess
------------  --------- -------------  ---------- -----       -------------- -------------
192.168.2.105 58640     52.114.74.221  443        Established Internet       14204        
192.168.2.105 56201     52.114.75.149  443        Established Internet       9432         
192.168.2.105 56200     52.114.142.145 443        Established Internet       13736        
192.168.2.105 56199     13.107.42.12   443        Established Internet       12752        
192.168.2.105 56198     13.107.42.12   443        Established Internet       9432         
192.168.2.105 56192     40.101.81.162  443        Established Internet       9432         
192.168.2.105 56188     168.62.58.130  443        Established Internet       10276        
192.168.2.105 56181     168.62.58.130  443        Established Internet       10276        
192.168.2.105 56103     13.107.6.171   443        Established Internet       9432         
192.168.2.105 56095     13.107.42.12   443        Established Internet       9432         
192.168.2.105 56094     13.107.43.12   443        Established Internet       9432         
192.168.2.105 55959     140.82.112.26  443        Established Internet       21588        
192.168.2.105 55568     52.113.206.137 443        Established Internet       13736        
192.168.2.105 55555     51.103.5.186   443        Established Internet       12752        
192.168.2.105 49638     51.103.5.186   443        Established Internet       5464  
 

Unfortunately, Get-NetTCPConnection has severe limitations. For example, it does not resolve IP addresses or process IDs, so you can’t easily discover the server names you are connected to, and the programs maintaining the connections. And it is available on Windows systems only.

Let’s lift these limitations one by one in the next parts.



Twitter This Tip! ReTweet this Tip!

Anonymous