The Ask the Performance Team has a great post from earlier this week that discusses the use of the NETSTAT.EXE command line tool in determining the network ports used by a service.  Using the right combination of switches, netstat -a -n -o will display the list of ports on which the server is currently listening.  The TASKLIST.EXE process can then be used to cross-reference process IDs (PIDs) with process names.

From the post, which can be found in its entirety here:

So how do we determine the port that a service is using?  Without using Network Monitor, Wireshark or a similar utility, there are a couple of very handy utilities provided with the operating system that we can use – NETSTAT.EXE and TASKLIST.EXE.  Most administrators are familiar with NETSTAT.EXE already, but for those who are not, you can use NETSTAT.EXE to identify what ports are being used by a particular process.  The syntax that we will be using for NETSTAT.EXE is as follows: netstat.exe –a –n –o.  The switches we are using provide the following:

• -a: listing of all connections and listening ports
• -n: display address and port numbers in numerical form
• -o: display the owning PID associated with each connection

When the command is run, you will see output similar to what is below.  Something to keep in mind is that in the Proto column, the protocol may be TCP or UDP.

If there is a specific port in use that we want to examine, we need the PID of the owning process, and TASKLIST.EXE.

The article continues to discuss the steps used in unwrapping the individual services that are encapsulated by a svchost.exe process.  All-in-all, a very handy exercise.