Tuesday, January 11, 2011

Microsoft.com IP adresses

In my cases I wanted to filter outbould traffic from my servers. especially http traffic. But they do need access to the microsoft server. Below is the IP spans i have found being used by Microsoft.com and windowsupdate.com

207.46.0.0/16
213.0.0.0/8
65.52.0.0/14
94.245.64.0/18

Thursday, January 6, 2011

Determine listening ports (and associaeted processes)

Scenario: You want to determine which ports are listening on an Microsoft server and the belonging process

Run the command netstat -ano |find /i "listening"

The last column shows the PID (ProcessID) the port belongs to. Use Process Explorer (http://technet.microsoft.com/en-us/sysinternals/bb896653) to find out the name of the executable that belongs to the PID .