26

On Linux we can kill an Established TCP Connection using tcpkill command.

For example, to drop all connection to/from a particular IP: 

tcpkill host ipaddr

Or similary to kill all connection using port 21 at ethernet-1, by: 

tcpkill -i eth1 port 21

Similarly, i want to know what is the command to kill certain connection on windows, precisely windows 7. Like i can see a list of active connections by netstat -n, now i am wondering how to drop a particular or group of connections?

r0ca
  • 5,727
  • 10
  • 42
  • 63
Johnydep
  • 1,075
  • 5
  • 13
  • 18

4 Answers4

31

The Windows Sysinternals Suite contains a tool called TcpView. TcpView will show you all of the connections on your machine similar to netstat. It will also allow you to close the connection or kill the process hosting the connection.

heavyd
  • 62,847
  • 18
  • 155
  • 177
  • 2
    thanks but I am more interested in something that is available as command line options because i need to integrate that in my application. I looked at Tcpvcon.exe which is shipped with Tcpview but i do not know how to close connection using that. Since on GUI, we simply right click and close connection, wondering how to do the same for this command line tool? Any idea/ – Johnydep Feb 01 '12 at 14:34
  • If you need to do it programmatically, use a Windows api. – ZippyV Feb 01 '12 at 15:22
  • 1
    @ZippyV, which API i should be looking at? – Johnydep Feb 02 '12 at 16:11
  • @Johnydep, Post the question on Stackoverflow. It will be answered in minutes hopefully. – Pacerier Jan 23 '15 at 15:51
  • My system, while TcpView is running, is super sluggish. E.g. Alt-Tab is sloooow and painful. CurrPorts, suggested by Peter Hahndorf does not have this problem. – Evgeniy Berezovsky Mar 12 '15 at 05:00
  • Only does ipv4, looks like Windows API has no way to kill an ipv6 connection... sigh. – jjxtra Apr 10 '19 at 19:53
  • This is old and it may not have existed back then but SysInternals comes with a console-variant: tcpvcon.exe – thepip3r Oct 21 '19 at 18:55
10

The CurrPorts tool from Nirsoft seems to do that. Follow the link and search for 'Closing a Connection From Command-Line'.

Peter Hahndorf
  • 13,370
  • 9
  • 51
  • 67
  • thanks, it seems to have licensing issues, dosen't look like free to me – Johnydep Feb 02 '12 at 16:13
  • 3
    from the product page: "This utility is released as freeware. You are allowed to freely distribute this utility via floppy disk, CD-ROM, Internet, or in any other way, as long as you don't charge anything for this. If you distribute this utility, you must include all files in the distribution package, without any modification !" that seems pretty free to me. – Peter Hahndorf Feb 02 '12 at 17:34
1

You can execute netstat -o and the last column shows the process ID tied to the network connection, say, 1234. Then execute tasklist|find "1234" and it'll reveal the process name using that port. You can then choose to execute taskkill /pid 1234 to terminate the running process.

As someone else mentioned, you can simplify all this by using "TcpView" by SysInternals by Microsoft - it is better because it doesn't terminate the application, rather closes the questionable port connection.

John Neu-a-n
  • 11
  • 1
-1

CurrPorts (cports.exe) from Nirsoft provides a Windows interface to close the ports or at least to identify the processes that are holding it open. This is a pretty good debugging tool - helped me anyway:

Using CurrPorts

The main window of CurrPorts displays the list of all currently opened TCP and UDP ports. You can select one or more items, and then close the selected connections, copy the ports information to the clipboard, or save it to HTML/XML/Text file. If you don't want to view all available columns, or you want to change the order of the columns on the screen and in the files you save, select 'Choose Column' from the View menu, and select the desired columns and their order. In order to sort the list by specific column, click on the header of the desired column.

http://www.nirsoft.net/utils/cports.html

Community
  • 1
MediaWhapper
  • 1
  • 2
    This seems to be the same answer as another one already given 3 years before, with exactly the same link. – Pacopaco Apr 27 '18 at 15:53