Corrupted Data Recovery

Affordable Data Recovery Experts

Port Number 5989/tcp | What is Port 5989/tcp?

Information about wbem-https Port 5989/tcp

A Software Port (usually just called a 'port') is a virtual data connection that can be used by programs to exchange data directly, instead of going through a file or other temporary storage location. The most common of these are TCP and UDP ports which are used to exchange data between computers on the Internet. Port 5989/tcp uses the wbem-https protocol for service type wbem-https. A malformed request to port 5989/tcp is known to cause denial of service attacks.



In the TCP and UDP protocols used in computer networking, a port is a special number present in the header of a data packet. Ports are typically used to map data to a particular process running on a computer. Port numbers can occasionally be seen in the URLs of websites. By default, HTTP uses port 80 and HTTPS uses port 443, but a URL like http://www.MyCompany.com:8000/ would try to connect to an HTTP server on port 8000 instead. Port 5989/tcp is used for the wbem-https service. An example would be http://www.MyCompany.com:5989/tcp/ when accessed by a web service. Port 5989/tcp may be used for several services including WBEM CIM-XML (HTTPS) and more. Port 5989/tcp is known to have vulnerabilities caused by trojans and remote code execution.

Note that not all transport layers use network ports; for example, although UDP and TCP use ports, ICMP does not. By default, the firewall should disallow traffic to port 5989/tcp until all security checks have been passed. If an application cannot listen on port 5989/tcp, the port 5989/tcp is already in use by another application causing the conflict.

Port Number: 5989/tcp (Windows 7/Windows Vista/ Windows XP/Windows Server family)
WBEM CIM-XML (HTTPS)
Protocol Used : wbem-https
Service Type : wbem-https
Known Port 5989/tcp exploits: Yes
Known Port 5989/tcp Security Risks: Yes

Information on Port 5989/tcp: Windows 7/Vista/XP

Port 5989/tcp Information

  • Go to the command prompt (Start>Run>cmd)
  • Enter netstat -ano
  • You will get a report of Active Connections
  • Report includes: Protocol, Local Address, Foreign Address, State, PID
  • e.g.
    • Proto Local Address Foreign Address State PID
    • UDP 127.0.0.1:5989/tcp *:* 5989/tcp
  • Write down the PID (process identifier) associated with port 5989/tcp (Also note the Local Address, Foreign Address, Protocol and State.)
  • Next, start the Windows Task Manager
  • Select the Processes tab in Task Manager
  • Search for the PID you wrote down previously
  • netstat parameter -s displays per-protocol statistics. By default, statistics are shown for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6

How to manually open Port 5989/tcp in Windows Firewall?

Windows Firewall may block port 5989/tcp by default. If you want to allow a program to communicate using Port 5989/tcp through the firewall, you can usually do that by selecting the required program on the Exceptions tab in Windows Firewall. However, sometimes the program is not listed in the Exceptions tab. In this case you need to open the port manually.

1.Open Windows Firewall by clicking Start, Control Panel, Security, and then Windows Firewall.

2.Click 'Allow a program through Windows Firewall'.

3.Click 'Add port'.

4.In the 'Name' field, type a friendly name for the port like 'Port-5989/tcp'.

5.In the 'Port number' field, enter the port number '5989/tcp'.

6.Select TCP or UDP, depending on the protocol required for port 5989/tcp.

Free Software Downloads: Windows 7/Vista/XP

How to scan a PC/network for wbem-https port 5989/tcp vulnerabilities?
If you detect unusual port 5989/tcp activity or port 5989/tcp intrusion, you need to check for known security risks. Security risks are due to remote hacking attempts, trojans, malware and spyware present on the computer. Incorrect port 5989/tcp mapping, port 5989/tcp forwarding, or port 5989/tcp binding can cause vulnerabilities as well. A port scanner or network analyzer will detect open 5989/tcp ports used on a PC (or a network) and detect security threats. Other software tools like an IP scanner, open port 5989/tcp scanner, remote open port 5989/tcp scanner, open port scan tool or remote port check can be used. The software below is free or open source.

Free Online Port Scanner/Port Checker/Port Scan Test
Firewall Vulnerability Test Tool: Run Now
Network Security Scanner/Vulnerability Scanner/Port Scanner: Download Nmap