Fport Maps Ports To Applications - gHacks Tech News

Fport Maps Ports To Applications

Fport is a portable command line utility that will report all open TCP and UDP ports to the user. The port analyzer maps each open port to an application which distinguishes it from the netstat -an command in Windows which otherwise provides the same level of detail and information.

What this means is that Fport will display all open ports and the applications that use them for connections. This makes it very easy to find unauthorized connections by simply verifying the applications one by one.

Fport has to be launched from the command line or a batch script. It will display all open ports and their applications if it is executed without switches. The following switches are available:

/p (sort by port)
/a (sort by application)
/i (sort by pid)
/ap (sort by application path)

You may want to use the /a switch to sort the connections by applications as it makes it easier to find all connections of individual programs.

The output will look like this:

FPort v2.0 - TCP/IP Process to Port Mapper
Copyright 2000 by Foundstone, Inc.
Pid Process Port Proto Path
392 svchost -> 135 TCP C:\WINNT\system32\svchost.exe
8 System -> 139 TCP
8 System -> 445 TCP
508 MSTask -> 1025 TCP C:\WINNT\system32\MSTask.exe

392 svchost -> 135 UDP C:\WINNT\system32\svchost.exe
8 System -> 137 UDP
8 System -> 138 UDP
8 System -> 445 UDP
224 lsass -> 500 UDP C:\WINNT\system32\lsass.exe
212 services -> 1026 UDP C:\WINNT\system32\services.exe

The easiest way to work with fport is to save the output into a text document for further processing. This can be done with the command fport > output.txt which will create a text document with the name output.txt in the root directory of fport.

A similar application with a graphical user interface is Cports.

Update: Fport is still available on the McAfee website and it should work just fine. You find the tool listed under Intrusion Detection Tools on the download page.

Author Rating
no rating based on 0 votes
Software Name
Operating System
Landing Page

  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:


    1. joe said on February 3, 2009 at 3:18 pm

      tcpviewer developed by mark russinovich of sysinternals (now aquired by microsoft is better at it). comes with command line tool also.

    2. Andrew said on February 3, 2009 at 3:40 pm

      check out whatsrunning for a GUI tool that does all that and more

      Free for personal use, $25 for commercial.

      May not completely work on 64 bit systems though.

    Leave a Reply