Estoy tratando de encontrar una manera de hacer esto de forma nativa dentro de Windows sin tener que cargar ninguna aplicación de terceros. Cuando corro:
netstat -ba
Quiero encontrar conexiones establecidas sin perder el nombre del ejecutable que se adjunta a esa conexión en particular.
La salida original se ve así:
TCP 127.0.0.1:5905 My_HOSTNAME:1044 ESTABLISHED
[agent.exe]
TCP 127.0.0.1:5905 My_HOSTNAME:1045 ESTABLISHED
[agent.exe]
TCP 127.0.0.1:5905 My_HOSTNAME:1047 ESTABLISHED
[agent.exe]
TCP 127.0.0.1:5939 My_HOSTNAME:0 LISTENING
[TeamViewer_Service.exe]
TCP 127.0.0.1:5939 My_HOSTNAME:47311 ESTABLISHED
[TeamViewer_Service.exe]
TCP 127.0.0.1:9089 My_HOSTNAME:0 LISTENING
[vmware-converter-a.exe]
TCP 127.0.0.1:9421 My_HOSTNAME:0 LISTENING
[netsession_win.exe]
TCP 127.0.0.1:12656 My_HOSTNAME:33335 ESTABLISHED
[java.exe]
TCP 127.0.0.1:19872 My_HOSTNAME:47441 ESTABLISHED
[Dropbox.exe]
TCP 127.0.0.1:24001 My_HOSTNAME:0 LISTENING
[fileserver.exe]
TCP 127.0.0.1:24001 My_HOSTNAME:1078 ESTABLISHED
[fileserver.exe]
TCP 127.0.0.1:31000 My_HOSTNAME:32000 ESTABLISHED
[java.exe]
TCP 127.0.0.1:32000 My_HOSTNAME:0 LISTENING
[wrapper.exe]
TCP 127.0.0.1:32000 My_HOSTNAME:31000 ESTABLISHED
[wrapper.exe]
TCP 127.0.0.1:33335 My_HOSTNAME:0 LISTENING
[postgres.exe]
TCP 127.0.0.1:33335 My_HOSTNAME:1071 ESTABLISHED
[postgres.exe]
TCP 127.0.0.1:33335 My_HOSTNAME:1092 ESTABLISHED
[postgres.exe]
TCP 127.0.0.1:33335 My_HOSTNAME:12656 ESTABLISHED
[postgres.exe]
TCP 127.0.0.1:47311 My_HOSTNAME:5939 ESTABLISHED
[TeamViewer.exe]
TCP 127.0.0.1:47358 My_HOSTNAME:2002 ESTABLISHED
[LogMeInSystray.exe]
TCP 127.0.0.1:47389 My_HOSTNAME:62522 ESTABLISHED
[vpnui.exe]
TCP 127.0.0.1:47441 My_HOSTNAME:19872 ESTABLISHED
[Dropbox.exe]
TCP 127.0.0.1:49152 My_HOSTNAME:0 LISTENING
[omtsreco.exe]
TCP 127.0.0.1:62514 My_HOSTNAME:0 LISTENING
[cvpnd.exe]
TCP 127.0.0.1:62522 My_HOSTNAME:0 LISTENING
[vpnagent.exe]
TCP 127.0.0.1:62522 My_HOSTNAME:47389 ESTABLISHED
[vpnagent.exe]
TCP 10.97.0.133:7139 My_HOSTNAME:0 LISTENING
Can not obtain ownership information
Cuando encuentro las conexiones establecidas de esta manera:
netstat -ba | find "EST"
Elimina los nombres de los archivos ejecutables que se muestran en la línea de arriba y la salida parece:
TCP 127.0.0.1:47311 My_HOSTNAME:5939 ESTABLISHED
TCP 127.0.0.1:47358 My_HOSTNAME:2002 ESTABLISHED
TCP 127.0.0.1:47389 My_HOSTNAME:62522 ESTABLISHED
TCP 127.0.0.1:47441 My_HOSTNAME:19872 ESTABLISHED
TCP 127.0.0.1:62522 My_HOSTNAME:47389 ESTABLISHED
TCP 10.97.0.13:11523 SPICEWORKS:8080 ESTABLISHED
TCP 10.97.0.13:11537 SPICEWORKS:5556 ESTABLISHED
Me gustaría poder devolver resultados que se parecen a:
TCP 127.0.0.1:47441 My_HOSTNAME:19872 ESTABLISHED
[vpnagent.exe]
TCP 127.0.0.1:62522 My_HOSTNAME:47389 ESTABLISHED
Can not obtain ownership information
TCP 10.97.0.133:711523 SPICEWORKS:8080 ESTABLISHED
[vpnui.exe]
o como esto:
TCP 127.0.0.1:47441 My_HOSTNAME:19872 ESTABLISHED [vpnagent.exe]
TCP 127.0.0.1:62522 My_HOSTNAME:47389 ESTABLISHED Can not obtain ownership information
TCP 10.97.0.133:711523 SPICEWORKS:8080 ESTABLISHED [vpnui.exe]
Usando solo lo que está integrado en Windows, ¿cómo puedo lograrlo?