See What App Is Using A Port Mac
- See What App Is Using A Port Macbook
- See What App Is Using A Port Mac Pro
- See What App Is Using A Port Macquarie
$ ls -al /dev
Sometimes the localhost goes down and there is a dead process running on a port. When you want to restart the server, the port is occupied so that you cannot restart. How to kill a port? Lsof -i:portnumber. If the:portnumber is 11999, then try lsof -i:11999. In the result you will see the process with PID. Then just kill the process. The wildcards for the remotehost means the ntp server on the localhost is listening for any address on any port. The next columns in entries for the network apps and their sockets show bytes in and bytes out (since the app was launched). Returning to our example network app, Google Chrome, nettop might display something like this. MacOS Package (.pkg) Installer. The easiest way to install MacPorts on a Mac is by downloading the pkg or dmg for Catalina, Mojave, High Sierra, Sierra, El Capitan, Yosemite, Mavericks, Mountain Lion, Lion, Snow Leopard, Leopard or Tiger and running the system's Installer by double-clicking on the pkg contained therein, following the on-screen instructions until completion. You can allow or block incoming traffic to specific apps using the Security settings, but you can open specific ports in terminal. This used to be done using ipfw, but in OS X 10.10 and later you. How do I find (and kill) processes that listen to/use my tcp ports? I'm on mac os x. Sometimes, after a crash or some bug, my rails app is locking port 3000. I can't find it using ps -ef. Rails server I get. Address already in use - bind(2) (Errno::EADDRINUSE) 2014 update.
total 9
dr-xr-xr-x 3 root wheel 4372 Sep 2 12:15 .
drwxr-xr-x 32 root wheel 1156 Sep 2 12:13 .
crw------- 1 root wheel 13, 1 Sep 2 12:15 afsc_type5
crw------- 1 root wheel 8, 0 Sep 2 12:15 auditpipe
crw-r--r-- 1 root wheel 7, 3 Sep 2 12:15 auditsessions
crw------- 1 root wheel 18, 0 Sep 2 12:15 autofs
crw------- 1 root wheel 31, 0 Sep 2 12:15 autofs_control
crw-rw-rw- 1 root wheel 22, 0 Sep 2 12:15 autofs_homedirmounter
crw-rw-rw- 1 root wheel 21, 0 Sep 2 12:15 autofs_notrigger
crw-rw-rw- 1 root wheel 19, 24 Sep 2 12:15 autofs_nowait
crw------- 1 root wheel 23, 0 Sep 2 12:51 bpf0
crw------- 1 root wheel 23, 1 Sep 8 22:55 bpf1
crw------- 1 root wheel 23, 2 Sep 8 22:55 bpf2
crw------- 1 root wheel 23, 3 Sep 8 19:54 bpf3
crw------- 1 root wheel 23, 4 Sep 5 08:59 bpf4
crw------- 1 grant staff 0, 0 Sep 2 12:15 console
crw-rw-rw- 1 root wheel 17, 1 Sep 2 12:15 cu.Bluetooth-Incoming-Port
brw-r----- 1 root operator 1, 0 Sep 2 12:15 disk0
brw-r----- 1 root operator 1, 1 Sep 2 12:15 disk0s1
brw-r----- 1 root operator 1, 2 Sep 2 12:15 disk0s2
brw-r----- 1 root operator 1, 3 Sep 2 12:15 disk0s3
brw-r----- 1 root operator 1, 4 Sep 2 12:15 disk1
brw-r----- 1 root operator 1, 5 Sep 2 12:15 disk1s1
brw-r----- 1 root operator 1, 6 Sep 2 12:15 disk1s2
brw-r----- 1 root operator 1, 7 Sep 2 12:15 disk1s3
brw-r----- 1 root operator 1, 8 Sep 2 12:15 disk2
brw-r----- 1 root operator 1, 9 Sep 2 12:15 disk2s1
brw-r----- 1 root operator 1, 10 Sep 2 12:15 disk2s2
brw-r----- 1 root operator 1, 11 Sep 2 12:15 disk2s3
crw-rw-rw- 1 root wheel 24, 2 Sep 2 12:15 dtrace
crw-rw-rw- 1 root wheel 25, 0 Sep 2 12:15 dtracehelper
crw-rw-rw- 1 root wheel 0, 0 Sep 2 12:15 fbt
dr-xr-xr-x 1 root wheel 0 Sep 2 12:15 fd
crw-r--r-- 1 root wheel 10, 0 Sep 2 12:15 fsevents
crw-rw-rw- 1 root wheel 14, 16 Sep 8 23:04 io8log
How to change network sonos desktop app mac. cr--r--r-- 1 root wheel 14, 18 Sep 2 12:15 io8logmt
crw-rw-rw- 1 root wheel 14, 19 Sep 8 23:04 io8logtemp
crw------- 1 root wheel 6, 0 Sep 2 12:15 klog
crw-rw-rw- 1 root wheel 0, 0 Sep 2 12:15 lockstat
crw-rw-rw- 1 root wheel 0, 0 Sep 2 12:15 machtrace
crw-rw-rw- 1 root wheel 33, 0 Sep 5 16:41 nsmb0
crw-rw-rw- 1 root wheel 3, 2 Sep 8 23:04 null
crw------- 1 root wheel 9, 0 Sep 2 12:15 pf
crw------- 1 root wheel 9, 1 Sep 2 12:15 pfm
crw------- 1 root operator 20, 0 Sep 2 12:15 pmCPU
crw-rw-rw- 1 root wheel 0, 0 Sep 2 12:15 profile
crw-rw-rw- 1 root tty 15, 1 Sep 8 23:05 ptmx
crw-rw-rw- 1 root wheel 5, 0 Sep 2 12:15 ptyp0
crw-rw-rw- 1 root wheel 5, 1 Sep 2 12:15 ptyp1
crw-rw-rw- 1 root wheel 5, 2 Sep 2 12:15 ptyp2
crw-rw-rw- 1 root wheel 5, 3 Sep 2 12:15 ptyp3
crw-rw-rw- 1 root wheel 5, 4 Sep 2 12:15 ptyp4
crw-rw-rw- 1 root wheel 5, 5 Sep 2 12:15 ptyp5
crw-rw-rw- 1 root wheel 5, 6 Sep 2 12:15 ptyp6
crw-rw-rw- 1 root wheel 5, 7 Sep 2 12:15 ptyp7
crw-rw-rw- 1 root wheel 5, 8 Sep 2 12:15 ptyp8
crw-rw-rw- 1 root wheel 5, 9 Sep 2 12:15 ptyp9
crw-rw-rw- 1 root wheel 5, 10 Sep 2 12:15 ptypa
crw-rw-rw- 1 root wheel 5, 11 Sep 2 12:15 ptypb
crw-rw-rw- 1 root wheel 5, 12 Sep 2 12:15 ptypc
crw-rw-rw- 1 root wheel 5, 13 Sep 2 12:15 ptypd
crw-rw-rw- 1 root wheel 5, 14 Sep 2 12:15 ptype
crw-rw-rw- 1 root wheel 5, 15 Sep 2 12:15 ptypf
crw-rw-rw- 1 root wheel 5, 16 Sep 2 12:15 ptyq0
crw-rw-rw- 1 root wheel 5, 17 Sep 2 12:15 ptyq1
See What App Is Using A Port Macbook
crw-rw-rw- 1 root wheel 5, 18 Sep 2 12:15 ptyq2
crw-rw-rw- 1 root wheel 5, 19 Sep 2 12:15 ptyq3
crw-rw-rw- 1 root wheel 5, 20 Sep 2 12:15 ptyq4
crw-rw-rw- 1 root wheel 5, 21 Sep 2 12:15 ptyq5
crw-rw-rw- 1 root wheel 5, 22 Sep 2 12:15 ptyq6
crw-rw-rw- 1 root wheel 5, 23 Sep 2 12:15 ptyq7
crw-rw-rw- 1 root wheel 5, 24 Sep 2 12:15 ptyq8
crw-rw-rw- 1 root wheel 5, 25 Sep 2 12:15 ptyq9
crw-rw-rw- 1 root wheel 5, 26 Sep 2 12:15 ptyqa
crw-rw-rw- 1 root wheel 5, 27 Sep 2 12:15 ptyqb
crw-rw-rw- 1 root wheel 5, 28 Sep 2 12:15 ptyqc
crw-rw-rw- 1 root wheel 5, 29 Sep 2 12:15 ptyqd
crw-rw-rw- 1 root wheel 5, 30 Sep 2 12:15 ptyqe
crw-rw-rw- 1 root wheel 5, 31 Sep 2 12:15 ptyqf
crw-rw-rw- 1 root wheel 5, 32 Sep 2 12:15 ptyr0
crw-rw-rw- 1 root wheel 5, 33 Sep 2 12:15 ptyr1
crw-rw-rw- 1 root wheel 5, 34 Sep 2 12:15 ptyr2
crw-rw-rw- 1 root wheel 5, 35 Sep 2 12:15 ptyr3
crw-rw-rw- 1 root wheel 5, 36 Sep 2 12:15 ptyr4
crw-rw-rw- 1 root wheel 5, 37 Sep 2 12:15 ptyr5
crw-rw-rw- 1 root wheel 5, 38 Sep 2 12:15 ptyr6
crw-rw-rw- 1 root wheel 5, 39 Sep 2 12:15 ptyr7
crw-rw-rw- 1 root wheel 5, 40 Sep 2 12:15 ptyr8
crw-rw-rw- 1 root wheel 5, 41 Sep 2 12:15 ptyr9
crw-rw-rw- 1 root wheel 5, 42 Sep 2 12:15 ptyra
crw-rw-rw- 1 root wheel 5, 43 Sep 2 12:15 ptyrb
crw-rw-rw- 1 root wheel 5, 44 Sep 2 12:15 ptyrc
crw-rw-rw- 1 root wheel 5, 45 Sep 2 12:15 ptyrd
crw-rw-rw- 1 root wheel 5, 46 Sep 2 12:15 ptyre
crw-rw-rw- 1 root wheel 5, 47 Sep 2 12:15 ptyrf
crw-rw-rw- 1 root wheel 5, 48 Sep 2 12:15 ptys0
crw-rw-rw- 1 root wheel 5, 49 Sep 2 12:15 ptys1
crw-rw-rw- 1 root wheel 5, 50 Sep 2 12:15 ptys2
crw-rw-rw- 1 root wheel 5, 51 Sep 2 12:15 ptys3
crw-rw-rw- 1 root wheel 5, 52 Sep 2 12:15 ptys4
crw-rw-rw- 1 root wheel 5, 53 Sep 2 12:15 ptys5
crw-rw-rw- 1 root wheel 5, 54 Sep 2 12:15 ptys6
crw-rw-rw- 1 root wheel 5, 55 Sep 2 12:15 ptys7
crw-rw-rw- 1 root wheel 5, 56 Sep 2 12:15 ptys8
crw-rw-rw- 1 root wheel 5, 57 Sep 2 12:15 ptys9
crw-rw-rw- 1 root wheel 5, 58 Sep 2 12:15 ptysa
crw-rw-rw- 1 root wheel 5, 59 Sep 2 12:15 ptysb
crw-rw-rw- 1 root wheel 5, 60 Sep 2 12:15 ptysc
crw-rw-rw- 1 root wheel 5, 61 Sep 2 12:15 ptysd
crw-rw-rw- 1 root wheel 5, 62 Sep 2 12:15 ptyse
crw-rw-rw- 1 root wheel 5, 63 Sep 2 12:15 ptysf
crw-rw-rw- 1 root wheel 5, 64 Sep 2 12:15 ptyt0
crw-rw-rw- 1 root wheel 5, 65 Sep 2 12:15 ptyt1
crw-rw-rw- 1 root wheel 5, 66 Sep 2 12:15 ptyt2
crw-rw-rw- 1 root wheel 5, 67 Sep 2 12:15 ptyt3
crw-rw-rw- 1 root wheel 5, 68 Sep 2 12:15 ptyt4
crw-rw-rw- 1 root wheel 5, 69 Sep 2 12:15 ptyt5
crw-rw-rw- 1 root wheel 5, 70 Sep 2 12:15 ptyt6
crw-rw-rw- 1 root wheel 5, 71 Sep 2 12:15 ptyt7
crw-rw-rw- 1 root wheel 5, 72 Sep 2 12:15 ptyt8
crw-rw-rw- 1 root wheel 5, 73 Sep 2 12:15 ptyt9
crw-rw-rw- 1 root wheel 5, 74 Sep 2 12:15 ptyta
crw-rw-rw- 1 root wheel 5, 75 Sep 2 12:15 ptytb
crw-rw-rw- 1 root wheel 5, 76 Sep 2 12:15 ptytc
crw-rw-rw- 1 root wheel 5, 77 Sep 2 12:15 ptytd
crw-rw-rw- 1 root wheel 5, 78 Sep 2 12:15 ptyte
crw-rw-rw- 1 root wheel 5, 79 Sep 2 12:15 ptytf
crw-rw-rw- 1 root wheel 5, 80 Sep 2 12:15 ptyu0
crw-rw-rw- 1 root wheel 5, 81 Sep 2 12:15 ptyu1
crw-rw-rw- 1 root wheel 5, 82 Sep 2 12:15 ptyu2
crw-rw-rw- 1 root wheel 5, 83 Sep 2 12:15 ptyu3
crw-rw-rw- 1 root wheel 5, 84 Sep 2 12:15 ptyu4
crw-rw-rw- 1 root wheel 5, 85 Sep 2 12:15 ptyu5
crw-rw-rw- 1 root wheel 5, 86 Sep 2 12:15 ptyu6
crw-rw-rw- 1 root wheel 5, 87 Sep 2 12:15 ptyu7
crw-rw-rw- 1 root wheel 5, 88 Sep 2 12:15 ptyu8
crw-rw-rw- 1 root wheel 5, 89 Sep 2 12:15 ptyu9
crw-rw-rw- 1 root wheel 5, 90 Sep 2 12:15 ptyua
crw-rw-rw- 1 root wheel 5, 91 Sep 2 12:15 ptyub
crw-rw-rw- 1 root wheel 5, 92 Sep 2 12:15 ptyuc
crw-rw-rw- 1 root wheel 5, 93 Sep 2 12:15 ptyud
crw-rw-rw- 1 root wheel 5, 94 Sep 2 12:15 ptyue
crw-rw-rw- 1 root wheel 5, 95 Sep 2 12:15 ptyuf
crw-rw-rw- 1 root wheel 5, 96 Sep 2 12:15 ptyv0
crw-rw-rw- 1 root wheel 5, 97 Sep 2 12:15 ptyv1
crw-rw-rw- 1 root wheel 5, 98 Sep 2 12:15 ptyv2
crw-rw-rw- 1 root wheel 5, 99 Sep 2 12:15 ptyv3
crw-rw-rw- 1 root wheel 5, 100 Sep 2 12:15 ptyv4
crw-rw-rw- 1 root wheel 5, 101 Sep 2 12:15 ptyv5
crw-rw-rw- 1 root wheel 5, 102 Sep 2 12:15 ptyv6
crw-rw-rw- 1 root wheel 5, 103 Sep 2 12:15 ptyv7
crw-rw-rw- 1 root wheel 5, 104 Sep 2 12:15 ptyv8
crw-rw-rw- 1 root wheel 5, 105 Sep 2 12:15 ptyv9
crw-rw-rw- 1 root wheel 5, 106 Sep 2 12:15 ptyva
crw-rw-rw- 1 root wheel 5, 107 Sep 2 12:15 ptyvb
crw-rw-rw- 1 root wheel 5, 108 Sep 2 12:15 ptyvc
crw-rw-rw- 1 root wheel 5, 109 Sep 2 12:15 ptyvd
crw-rw-rw- 1 root wheel 5, 110 Sep 2 12:15 ptyve
crw-rw-rw- 1 root wheel 5, 111 Sep 2 12:15 ptyvf
crw-rw-rw- 1 root wheel 5, 112 Sep 2 12:15 ptyw0
crw-rw-rw- 1 root wheel 5, 113 Sep 2 12:15 ptyw1
crw-rw-rw- 1 root wheel 5, 114 Sep 2 12:15 ptyw2
crw-rw-rw- 1 root wheel 5, 115 Sep 2 12:15 ptyw3
crw-rw-rw- 1 root wheel 5, 116 Sep 2 12:15 ptyw4
crw-rw-rw- 1 root wheel 5, 117 Sep 2 12:15 ptyw5
crw-rw-rw- 1 root wheel 5, 118 Sep 2 12:15 ptyw6
crw-rw-rw- 1 root wheel 5, 119 Sep 2 12:15 ptyw7
crw-rw-rw- 1 root wheel 5, 120 Sep 2 12:15 ptyw8
crw-rw-rw- 1 root wheel 5, 121 Sep 2 12:15 ptyw9
crw-rw-rw- 1 root wheel 5, 122 Sep 2 12:15 ptywa
crw-rw-rw- 1 root wheel 5, 123 Sep 2 12:15 ptywb
crw-rw-rw- 1 root wheel 5, 124 Sep 2 12:15 ptywc
crw-rw-rw- 1 root wheel 5, 125 Sep 2 12:15 ptywd
crw-rw-rw- 1 root wheel 5, 126 Sep 2 12:15 ptywe
crw-rw-rw- 1 root wheel 5, 127 Sep 2 12:15 ptywf
crw-rw-rw- 1 root wheel 11, 0 Sep 8 22:55 random
crw-r----- 1 root operator 1, 0 Sep 2 12:15 rdisk0
crw-r----- 1 root operator 1, 1 Sep 2 12:15 rdisk0s1
crw-r----- 1 root operator 1, 2 Sep 2 12:15 rdisk0s2
crw-r----- 1 root operator 1, 3 Sep 2 12:15 rdisk0s3
crw-r----- 1 root operator 1, 4 Sep 2 12:15 rdisk1
crw-r----- 1 root operator 1, 5 Sep 2 12:15 rdisk1s1
crw-r----- 1 root operator 1, 6 Sep 2 12:15 rdisk1s2
crw-r----- 1 root operator 1, 7 Sep 2 12:15 rdisk1s3
crw-r----- 1 root operator 1, 8 Sep 2 12:15 rdisk2
crw-r----- 1 root operator 1, 9 Sep 2 12:15 rdisk2s1
crw-r----- 1 root operator 1, 10 Sep 2 12:15 rdisk2s2
crw-r----- 1 root operator 1, 11 Sep 2 12:15 rdisk2s3
lr-xr-xr-x 1 root wheel 0 Sep 2 12:15 stderr -> fd/2
lr-xr-xr-x 1 root wheel 0 Sep 2 12:15 stdin -> fd/0
lr-xr-xr-x 1 root wheel 0 Sep 2 12:15 stdout -> fd/1
crw-rw-rw- 1 root wheel 0, 0 Sep 2 12:15 systrace
crw-rw-rw- 1 root wheel 2, 0 Sep 2 12:15 tty
crw-rw-rw- 1 root wheel 17, 0 Sep 2 12:15 tty.Bluetooth-Incoming-Port
crw-rw-rw- 1 root wheel 4, 0 Sep 2 12:15 ttyp0
crw-rw-rw- 1 root wheel 4, 1 Sep 2 12:15 ttyp1
crw-rw-rw- 1 root wheel 4, 2 Sep 2 12:15 ttyp2
crw-rw-rw- 1 root wheel 4, 3 Sep 2 12:15 ttyp3
crw-rw-rw- 1 root wheel 4, 4 Sep 2 12:15 ttyp4
crw-rw-rw- 1 root wheel 4, 5 Sep 2 12:15 ttyp5
crw-rw-rw- 1 root wheel 4, 6 Sep 2 12:15 ttyp6
crw-rw-rw- 1 root wheel 4, 7 Sep 2 12:15 ttyp7
crw-rw-rw- 1 root wheel 4, 8 Sep 2 12:15 ttyp8
crw-rw-rw- 1 root wheel 4, 9 Sep 2 12:15 ttyp9
crw-rw-rw- 1 root wheel 4, 10 Sep 2 12:15 ttypa
crw-rw-rw- 1 root wheel 4, 11 Sep 2 12:15 ttypb
crw-rw-rw- 1 root wheel 4, 12 Sep 2 12:15 ttypc
crw-rw-rw- 1 root wheel 4, 13 Sep 2 12:15 ttypd
crw-rw-rw- 1 root wheel 4, 14 Sep 2 12:15 ttype
crw-rw-rw- 1 root wheel 4, 15 Sep 2 12:15 ttypf
crw-rw-rw- 1 root wheel 4, 16 Sep 2 12:15 ttyq0
crw-rw-rw- 1 root wheel 4, 17 Sep 2 12:15 ttyq1
crw-rw-rw- 1 root wheel 4, 18 Sep 2 12:15 ttyq2
crw-rw-rw- 1 root wheel 4, 19 Sep 2 12:15 ttyq3
crw-rw-rw- 1 root wheel 4, 20 Sep 2 12:15 ttyq4
crw-rw-rw- 1 root wheel 4, 21 Sep 2 12:15 ttyq5
crw-rw-rw- 1 root wheel 4, 22 Sep 2 12:15 ttyq6
crw-rw-rw- 1 root wheel 4, 23 Sep 2 12:15 ttyq7
crw-rw-rw- 1 root wheel 4, 24 Sep 2 12:15 ttyq8
crw-rw-rw- 1 root wheel 4, 25 Sep 2 12:15 ttyq9
crw-rw-rw- 1 root wheel 4, 26 Sep 2 12:15 ttyqa
crw-rw-rw- 1 root wheel 4, 27 Sep 2 12:15 ttyqb
crw-rw-rw- 1 root wheel 4, 28 Sep 2 12:15 ttyqc
crw-rw-rw- 1 root wheel 4, 29 Sep 2 12:15 ttyqd
crw-rw-rw- 1 root wheel 4, 30 Sep 2 12:15 ttyqe
crw-rw-rw- 1 root wheel 4, 31 Sep 2 12:15 ttyqf
crw-rw-rw- 1 root wheel 4, 32 Sep 2 12:15 ttyr0
crw-rw-rw- 1 root wheel 4, 33 Sep 2 12:15 ttyr1
crw-rw-rw- 1 root wheel 4, 34 Sep 2 12:15 ttyr2
crw-rw-rw- 1 root wheel 4, 35 Sep 2 12:15 ttyr3
crw-rw-rw- 1 root wheel 4, 36 Sep 2 12:15 ttyr4
crw-rw-rw- 1 root wheel 4, 37 Sep 2 12:15 ttyr5
crw-rw-rw- 1 root wheel 4, 38 Sep 2 12:15 ttyr6
crw-rw-rw- 1 root wheel 4, 39 Sep 2 12:15 ttyr7
crw-rw-rw- 1 root wheel 4, 40 Sep 2 12:15 ttyr8
crw-rw-rw- 1 root wheel 4, 41 Sep 2 12:15 ttyr9
crw-rw-rw- 1 root wheel 4, 42 Sep 2 12:15 ttyra
crw-rw-rw- 1 root wheel 4, 43 Sep 2 12:15 ttyrb
crw-rw-rw- 1 root wheel 4, 44 Sep 2 12:15 ttyrc
crw-rw-rw- 1 root wheel 4, 45 Sep 2 12:15 ttyrd
crw-rw-rw- 1 root wheel 4, 46 Sep 2 12:15 ttyre
crw-rw-rw- 1 root wheel 4, 47 Sep 2 12:15 ttyrf
crw-rw-rw- 1 root wheel 4, 48 Sep 2 12:15 ttys0
crw--w---- 1 grant tty 16, 0 Sep 8 23:05 ttys000
crw-rw-rw- 1 root wheel 4, 49 Sep 2 12:15 ttys1
crw-rw-rw- 1 root wheel 4, 50 Sep 2 12:15 ttys2
crw-rw-rw- 1 root wheel 4, 51 Sep 2 12:15 ttys3
crw-rw-rw- 1 root wheel 4, 52 Sep 2 12:15 ttys4
crw-rw-rw- 1 root wheel 4, 53 Sep 2 12:15 ttys5
crw-rw-rw- 1 root wheel 4, 54 Sep 2 12:15 ttys6
crw-rw-rw- 1 root wheel 4, 55 Sep 2 12:15 ttys7
crw-rw-rw- 1 root wheel 4, 56 Sep 2 12:15 ttys8
crw-rw-rw- 1 root wheel 4, 57 Sep 2 12:15 ttys9
crw-rw-rw- 1 root wheel 4, 58 Sep 2 12:15 ttysa
crw-rw-rw- 1 root wheel 4, 59 Sep 2 12:15 ttysb
crw-rw-rw- 1 root wheel 4, 60 Sep 2 12:15 ttysc
crw-rw-rw- 1 root wheel 4, 61 Sep 2 12:15 ttysd
crw-rw-rw- 1 root wheel 4, 62 Sep 2 12:15 ttyse
crw-rw-rw- 1 root wheel 4, 63 Sep 2 12:15 ttysf
crw-rw-rw- 1 root wheel 4, 64 Sep 2 12:15 ttyt0
crw-rw-rw- 1 root wheel 4, 65 Sep 2 12:15 ttyt1
crw-rw-rw- 1 root wheel 4, 66 Sep 2 12:15 ttyt2
crw-rw-rw- 1 root wheel 4, 67 Sep 2 12:15 ttyt3
crw-rw-rw- 1 root wheel 4, 68 Sep 2 12:15 ttyt4
crw-rw-rw- 1 root wheel 4, 69 Sep 2 12:15 ttyt5
crw-rw-rw- 1 root wheel 4, 70 Sep 2 12:15 ttyt6
crw-rw-rw- 1 root wheel 4, 71 Sep 2 12:15 ttyt7
crw-rw-rw- 1 root wheel 4, 72 Sep 2 12:15 ttyt8
crw-rw-rw- 1 root wheel 4, 73 Sep 2 12:15 ttyt9
crw-rw-rw- 1 root wheel 4, 74 Sep 2 12:15 ttyta
crw-rw-rw- 1 root wheel 4, 75 Sep 2 12:15 ttytb Blizzard app mac not connecting to internet.
crw-rw-rw- 1 root wheel 4, 76 Sep 2 12:15 ttytc
crw-rw-rw- 1 root wheel 4, 77 Sep 2 12:15 ttytd
crw-rw-rw- 1 root wheel 4, 78 Sep 2 12:15 ttyte
crw-rw-rw- 1 root wheel 4, 79 Sep 2 12:15 ttytf
crw-rw-rw- 1 root wheel 4, 80 Sep 2 12:15 ttyu0
crw-rw-rw- 1 root wheel 4, 81 Sep 2 12:15 ttyu1
crw-rw-rw- 1 root wheel 4, 82 Sep 2 12:15 ttyu2
crw-rw-rw- 1 root wheel 4, 83 Sep 2 12:15 ttyu3
crw-rw-rw- 1 root wheel 4, 84 Sep 2 12:15 ttyu4
crw-rw-rw- 1 root wheel 4, 85 Sep 2 12:15 ttyu5
crw-rw-rw- 1 root wheel 4, 86 Sep 2 12:15 ttyu6
crw-rw-rw- 1 root wheel 4, 87 Sep 2 12:15 ttyu7
crw-rw-rw- 1 root wheel 4, 88 Sep 2 12:15 ttyu8
crw-rw-rw- 1 root wheel 4, 89 Sep 2 12:15 ttyu9
crw-rw-rw- 1 root wheel 4, 90 Sep 2 12:15 ttyua
crw-rw-rw- 1 root wheel 4, 91 Sep 2 12:15 ttyub
crw-rw-rw- 1 root wheel 4, 92 Sep 2 12:15 ttyuc
crw-rw-rw- 1 root wheel 4, 93 Sep 2 12:15 ttyud
crw-rw-rw- 1 root wheel 4, 94 Sep 2 12:15 ttyue
crw-rw-rw- 1 root wheel 4, 95 Sep 2 12:15 ttyuf
See What App Is Using A Port Mac Pro
crw-rw-rw- 1 root wheel 4, 96 Sep 2 12:15 ttyv0
crw-rw-rw- 1 root wheel 4, 97 Sep 2 12:15 ttyv1
crw-rw-rw- 1 root wheel 4, 98 Sep 2 12:15 ttyv2
crw-rw-rw- 1 root wheel 4, 99 Sep 2 12:15 ttyv3
crw-rw-rw- 1 root wheel 4, 100 Sep 2 12:15 ttyv4
crw-rw-rw- 1 root wheel 4, 101 Sep 2 12:15 ttyv5
crw-rw-rw- 1 root wheel 4, 102 Sep 2 12:15 ttyv6
crw-rw-rw- 1 root wheel 4, 103 Sep 2 12:15 ttyv7
crw-rw-rw- 1 root wheel 4, 104 Sep 2 12:15 ttyv8
crw-rw-rw- 1 root wheel 4, 105 Sep 2 12:15 ttyv9
crw-rw-rw- 1 root wheel 4, 106 Sep 2 12:15 ttyva
crw-rw-rw- 1 root wheel 4, 107 Sep 2 12:15 ttyvb
crw-rw-rw- 1 root wheel 4, 108 Sep 2 12:15 ttyvc
crw-rw-rw- 1 root wheel 4, 109 Sep 2 12:15 ttyvd
See What App Is Using A Port Macquarie
crw-rw-rw- 1 root wheel 4, 110 Sep 2 12:15 ttyve
crw-rw-rw- 1 root wheel 4, 111 Sep 2 12:15 ttyvf
crw-rw-rw- 1 root wheel 4, 112 Sep 2 12:15 ttyw0
crw-rw-rw- 1 root wheel 4, 113 Sep 2 12:15 ttyw1
crw-rw-rw- 1 root wheel 4, 114 Sep 2 12:15 ttyw2
crw-rw-rw- 1 root wheel 4, 115 Sep 2 12:15 ttyw3
crw-rw-rw- 1 root wheel 4, 116 Sep 2 12:15 ttyw4
crw-rw-rw- 1 root wheel 4, 117 Sep 2 12:15 ttyw5
crw-rw-rw- 1 root wheel 4, 118 Sep 2 12:15 ttyw6
crw-rw-rw- 1 root wheel 4, 119 Sep 2 12:15 ttyw7
crw-rw-rw- 1 root wheel 4, 120 Sep 2 12:15 ttyw8
crw-rw-rw- 1 root wheel 4, 121 Sep 2 12:15 ttyw9
crw-rw-rw- 1 root wheel 4, 122 Sep 2 12:15 ttywa
crw-rw-rw- 1 root wheel 4, 123 Sep 2 12:15 ttywb
crw-rw-rw- 1 root wheel 4, 124 Sep 2 12:15 ttywc
crw-rw-rw- 1 root wheel 4, 125 Sep 2 12:15 ttywd
crw-rw-rw- 1 root wheel 4, 126 Sep 2 12:15 ttywe
crw-rw-rw- 1 root wheel 4, 127 Sep 2 12:15 ttywf
crw-rw-rw- 1 root wheel 11, 1 Sep 2 12:15 urandom
crw-rw-rw- 1 root wheel 3, 3 Sep 2 12:15 zero
Sep 8, 2016 8:06 PM
During the process of analyzing a network problem with a network analyzer tool or a protocol sniffer, especially when we find a suspicious worm or backdoor activity, we get only useful information like MAC addresses, IP addresses and also the port number in transport layer. The analyzer may not even know which application layer protocol is used, even it tells, we still need to figure out which application or process is using this application layer protocol. Is there any method that we can find out the original application or process using that TCP or UDP port? If you are conducting an on-site analysis, Capsa can easily help find out which process is using what port.
Let’s see how.
Find out Port Number
For example, I spot in Capsa Free the following TCP connection suspicious, which constantly communicates to IP: xx.xx.0.183, on port 8000. So I’m going to look up the process name using this port.
Find Process ID (PID)
At once I evoke Command Prompt, and entered the following string and hit enter.
netstat –aon findstr :8000
Explanation:
-a: list all active connections and their ports. –o: show process IDs. –n: display the port numbers numerically.
findstr :8000: display only the items with string :8000 (findstr means find string). Don’t forget the pipe symbol at the beginning.
Let’s see what we get.
We can read in this case 3968 is the PID, and the source IP address and the target address is the same as the first figure.
Find Process/Application
Next we’ll switch to another tool Process Explorer (a free tool that you can get from: http://technet.microsoft.com/en-us/sysinternals/bb896653) immediately. And we can easily find out the process or application of this PID: 3968.
I’m sure it’s an instant messenger used internal in my office and it’s safe. You can also try to find this PID in Windows Task Manager if you don’t have Process Explorer installed.
However task Manager will not provide as much information as Process Explorer. And command prompt is quite handy for geeks.
tasklist findstr 3968
This command will list only the task items with string 3968. Please refer to previous command if you not sure about findstr parameter.
Kill Process/Application
So next, you may want to kill a process when you find it’s malicious and want to end it at once? If you are with Process Explorer, you just right-click on a process item and choose Kill Process (Press Del button for short) to kill that process (you can do the same in Task Manager). Again, you may run the following in Command Prompt:
taskkill /F /PID 3968
Explanation:
/F means force to kill the process. And I suppose you understand PID so far.
Now we successfully detect and target the suspicious process with the specific port number, no matter UDP or TCP. And of course this procedure is reversible, you can find out the port number from the process’s PID.