0

We have been having some rare port exhaustion issues on our computers. We deployed a little netstat monitoring app that tracks the amount of TIME_WAIT statuses per application and notifies us if there are more than usual. One suggestion was that our netstat tool would not help us find the culprit application and check something else using Wireshark.

Since we are tracking port exhaustion, would it be possible to check which application is opening and closing their ports rapidly? And log that information somewhere in Wireshark?

Improve this question
3
  • If you're referring to the netstat command in Windows, you can display the executable and/or the PID responsible for the connection. - learn.microsoft.com/en-us/windows-server/administration/…
    – joeqwerty
    Commented Sep 22, 2022 at 22:37
  • My first paragraph does mention that I've already been using netstat and I can see the PID information just fine. My question was regarding the fact that if I can see the same information using Wireshark? And then if possible track how fast they're opening and closing.
    – Zarif Rahman
    Commented Sep 22, 2022 at 22:40
  • Yes, I know you're using netstat. That's why I commented. I missed the part that you were getting info per application. My apologies. Carry on.
    – joeqwerty
    Commented Sep 23, 2022 at 0:38

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .