Um, I had some trouble working out exactly what you mean, but...
Yes. Netstat will show you all the ports you are listening on - I haven't
seen an external portscan and a netstat in conflict, anyway.
Remember, just because you open _access_ to a port on your firewall software
(I assume that's what we're talking about) doesn't mean that there is a
process _listening_ on the port. For example, you may have a packet screen
that _allows_ incoming traffic to port 25, but unless you're running a
mail-server or mail-proxy etc you won't see anything in netstat and incoming
SMTP connections won't go anywhere. Think of the packet screens as a shell
over the actual ports that are open on the box.
So, personally, I'd be making sure that my firewall knows to forward your
SQL traffic.
Cheers,
--
Ben Nagy
Network Consultant, CPM&S Group of Companies
PGP Key ID: 0x1A86E304 Mobile: +61 414 411 520
> -----Original Message-----
> From: Jean Morissette [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, 23 September 1999 10:19 PM
> To: Ben Nagy; [EMAIL PROTECTED]
> Subject: RE: Which process owns which port (NT)
>
>
> Sorry, Can't help you this time but very interesting question!.
> I have an easier question but in the same area:
> If I do a netstat -a on my NT firewall, shouldn't I see all
> the open ports,
> like if I open TCP 1433 port on my secure and DMZ interfaces
> on the fw,
> shouldn't I see TCP hostxxx:1433 0.0.0.0 LISTENING
> or something
> like that. If not, why? According to my
> rules/services/connections, the
> port is opened??? So Obviously ODBC can't get through the fw
> (between DMZ
> and secure net). If I try from the fw to the secure SQL, it
> works fine so I
> know that the TCP1433 on the secure interface is opened! I am frickin
> puzzled! There must be something I did not grab! i put a
> SQL client on the
> IIS in the DMZ to test connectivity, I can see that the
> client is trying
> sending TCP433 SYN packets to the SQL on the secure but no luck! So
> something between the DMZ and the secure interface is not going, if my
> reasoning is good!
>
> So any good, positive, helpful, comments are very much welcome!
> Jean Morissette
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of Ben Nagy
> > Sent: Thursday, September 23, 1999 3:44 AM
> > To: '[EMAIL PROTECTED]'
> > Subject: Which process owns which port (NT)
> >
> >
> > G'day,
> >
> > I know this has come up briefly before (in this group or
> t'other anyway).
> >
> > Does anyone know of a way that I can find out which process is
> > listening on
> > a certain port? Netstat will happily tell me that something is
> > listening on
> > 7777 or whatever, but I can find no way to work out which process is
> > actually doing the listening.
> >
> > No points will be awarded for lists of well-known ports,
> references to the
> > 'netstat' command or suggestions involving "using a real
> > operating system".
> >
> > Cheers,
> >
> > --
> > Ben Nagy
> > Network Consultant, CPM&S Group of Companies
> > PGP Key ID: 0x1A86E304 Mobile: +61 414 411 520
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]