SYSTEM(PID 4)正在使用端口8081,如何停止该端口

时间:2018-12-11 12:24:41

标签: .net port pid windows-server-2012-r2 netstat

我有一种情况,在服务器(dusxxxiweb2)中检测到一个漏洞,说端口8081已打开。我通过netstat -a -n -o | |获得了端口号。找到“ 8081”命令,我发现端口“ 8081”正在被系统进程使用PID 4

enter image description here

我想知道哪个系统进程在使用此服务.IIS未安装在该服务器中。但是我可以如下访问一个登录页面(.Net应用程序)。我不知道没有IIS怎么可能 http://dusxxxiweb2:8081/login

我想阻止此端口以解决漏洞问题。在这种情况下我该怎么办?

1 个答案:

答案 0 :(得分:1)

运行命令;

netsh http show servicestate view=requestq

这将提供所有HTTP侦听器的快照。找到包含您要查找的端口号的“注册URL”,控制进程的PID将在其上方几行,就像我在这里的恶意进程一样; 

Request queue name: Request queue is unnamed.
    Version: 2.0
    State: Active
    Request queue 503 verbosity level: Basic
    Max requests: 1000
    Number of active processes attached: 1
--> Process IDs:
        14035
    URL groups:
    URL group ID: F80000014000004F
        State: Active
        Request queue name: Request queue is unnamed.
        Properties:
            Max bandwidth: inherited
            Max connections: inherited
            Timeouts:
                Timeout values inherited
            Number of registered URLs: 1
-->         Registered URLs:
              HTTP://+:8081/ROGUESERVICE/
        Server session ID: F70000011000012D
            Version: 2.0
            State: Active
            Properties:
                Max bandwidth: 4294967295
                Timeouts:
                    Entity body timeout (secs): 120
                    Drain entity body timeout (secs): 120
                    Request queue timeout (secs): 120
                    Idle connection timeout (secs): 120
                    Header wait timeout (secs): 120
                    Minimum send rate (bytes/sec): 150
相关问题
最新问题