I'd like to do what TCPView does from the command line, for example, closing a connection used by a particular process (without ending the process). Is there a way to do this?
Asked
Active
Viewed 1.7k times
4 Answers
2
You could use hping3 to send a tcp reset from the same source port to the same destination ip/port as the connection you'd like to close. netstat -b will give you the process information.
Cakemox
- 25,549
- 7
- 45
- 67
-
Seems a bit heavyweight as it requires installing winpcap (driver + DLLs) as a dependency. Not sure what that would do to my system. – Jon Mar 16 '11 at 03:35
2
http://nirsoft.net/utils/cports.html - see "Closing a connection from Command-line" section (I've not tried it).
TessellatingHeckler
- 5,726
- 3
- 27
- 45
1
Tcpkill from dsniff performs a bruteforce on the tcp sequence to send RST to the target flow. Use it with lsof or netstat to get the open sockets, then kill them :
petrus@seth:~$ sudo lsof -i TCP:80
COMMAND PID USER TYPE NODE NAME
chromium- 2674 petrus IPv4 TCP seth:44545->stackoverflow.com:www (ESTABLISHED)
petrus@seth:~$ sudo tcpkill -9 port 44545
tcpkill: listening on eth0 [port 44545]
64.34.119.12:80 > 172.22.151.34:44545: R 2186116153:2186116153(0) win 0
64.34.119.12:80 > 172.22.151.34:44545: R 2186116230:2186116230(0) win 0
64.34.119.12:80 > 172.22.151.34:44545: R 2186116384:2186116384(0) win 0
64.34.119.12:80 > 172.22.151.34:44545: R 2186116615:2186116615(0) win 0
petrus
- 5,327
-
Hmm, just saw that you installed winpcap... So I guess dsniff won't help you :( – petrus Jun 20 '11 at 22:37
-2
You can try wkillcx.
wkillcx can close an active connection.
You can download wkillcx at: http://sourceforge.net/projects/wkillcx/
It's freeware.
You can also view an example at the end of this post (it's in Spanish):
http://www.sysadmit.com/2015/01/windows-eliminar-conexiones-activas-tcp.html
AdrianM
- 1