Sistemac: Pojedinačna vijest

NASLOVNICA

MAPA WEBA

TRAŽILICA

KONTAKTI

CARNET WEB


Sigurnost

Distribucija

Pomoć

Dokumenti

13-08-04 10:15
[MS Windows] Koji servisi pokreću koje procese i koje portove koriste?

piše IGOR HITREC

Pod OS-om MS Windows ovu informaciju možemo jednostavno dobiti uporabom odgovarajućih naredbi iz command prompta;

odtipkamo "netstat -ano"

i rezultat će izgledati otprilike ovako:

Active Connections

Proto Local Address Foreign Address State PID

TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 996

TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4

TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 928

TCP 0.0.0.0:6346 0.0.0.0:0 LISTENING 2076

TCP 127.0.0.1:1060 0.0.0.0:0 LISTENING 1524

TCP 161.53.25.46:139 0.0.0.0:0 LISTENING 4

... da ne nabrajamo dalje;

Najdesniji stupac prikazuje vrijednost PID-a (process identifier) pa sada valja utvrditi kojem procesu pripada pojedini PID.

Upišemo "tasklist /svc"

i evo nam prikaza imena procesa, njima dodjeljenih vrijednosti PIDova i informaciju koji su servisi odgovorni za pojedine procese:

Image Name PID Services

System Idle Process 0 N/A

System 4 N/A

smss.exe 408 N/A

csrss.exe 672 N/A

winlogon.exe 696 N/A

services.exe 740 Eventlog, PlugPlay

lsass.exe 752 Netlogon, PolicyAgent, ProtectedStorage,

SamSs

svchost.exe 928 DcomLaunch, TermService

svchost.exe 996 RpcSs

svchost.exe 1084 AudioSrv, BITS, Browser, CryptSvc, Dhcp,

dmserver, ERSvc, EventSystem, helpsvc,

HidServ, lanmanserver, lanmanworkstation,

Netman, Nla, NtmsSvc, RasMan, Schedule,

seclogon, SENS, SharedAccess,

ShellHWDetection, srservice, TapiSrv,

Themes, TrkWks, W32Time, winmgmt, wuauserv,

WZCSVC

svchost.exe 1168 Dnscache

svchost.exe 1244 LmHosts, RemoteRegistry, SSDPSRV, WebClient

spoolsv.exe 1380 Spooler

scardsvr.exe 1424 SCardSvr

cisvc.exe 1548 CiSvc

MDM.EXE 1592 MDM

alg.exe 1524 ALG

msdtc.exe 1932 MSDTC

ctfmon.exe 2984 N/A

hkcmd.exe 3268 N/A

SOUNDMAN.EXE 3284 N/A

qttask.exe 3308 N/A

PDFSaver.exe 3592 N/A

WZQKPICK.EXE 3608 N/A

cidaemon.exe 4084 N/A

Shareaza.exe 2076 N/A

explorer.exe 1328 N/A

SWEEPSRV.SYS 1292 SWEEPSRV.SYS

SWNETSUP.EXE 812 SWEEPNET

SWUPDATE.EXE 1660 SWEEPUPDATE

ICMON.EXE 1068 N/A

OUTLOOK.EXE 1584 N/A

WINWORD.EXE 1620 N/A

iexplore.exe 1032 N/A

realsched.exe 180 N/A

iexplore.exe 3968 N/A

cmd.exe 1240 N/A

notepad.exe 252 N/A

iexplore.exe 1164 N/A

iexplore.exe 1964 N/A

tasklist.exe 3796 N/A

wmiprvse.exe 2612 N/A

[Lista]

Brzi linkovi

Politika korištenja helpdeska
Paketi
Savjeti o sigurnosti

	Ovu uslugu CARNeta realizira Sveučilišni računski centar Sveučilišta u Zagrebu
	Copyright ©2005. CARNet. Sva prava zadržana. Impressum. Mail to sys-portal@CARNet.hr