Identify windows process behind short lived ephemeral port
Hi, I am trying to track down a process behind some network packets.
The process sends out a UDP packet every minute or so and gets an immediate reply, every time it sends it uses a different UDP port on the local machine (the remote port always stays he same). I suspect that the process closes the port as soon as it gets the reply, as I can never see it in "netstat -abn".
How do I identify the process behind these packets? - Is there a way to log whenever a process opens a port?
Thank you