- From: Bit Twister <BitTwister@xxxxxxxxxxxxxxxx>
- Date: Mon, 15 Jan 2007 01:57:21 -0600
On Sun, 14 Jan 2007 23:32:13 -0800, Lew/+Silat wrote:
Im trying to learn about all this but need some help. So I hope this question is a good place to start.
What does the following mean?
it shows what ports are connected to what ip addresses.
Want to know what a port connection MIGHT mean. You can use these two sites:
http://isc.sans.org/port.html?port= <== put port # of intrest here
I opened cmd and typed netstat.
If there are things wrong what am I supposed to do?
Get rid of the offending software opening the port. :(
TCP :1025 localhost:1137 ESTABLISHED
TCP :1137 localhost:1025 ESTABLISHED
Check the write up and see if you have any of the indicated services running.
TCP :3189 comcast.dca.giganews.com:nntp ESTABLISHED
That is your Usenet connection where you posted this message.
TCP :3198 wwwbaytest2.microsoft.com:http ESTABLISHED
Guessing you have a browser open and connected to Micro$oft or it's
Micro$oft code calling home :(
TCP :3192 po-in-f104.google.com:http ESTABLISHED
Looks like a google search page connection. Maybe something in the
TCP :3202 220.127.116.11:http ESTABLISHED
On my Linux OS, that ip addy lookup shows
$ whois 18.104.22.168
Qwest Communications Corporation QWEST-INET-9 (NET-63-236-0-0-1)
22.214.171.124 - 126.96.36.199
Qwest Cybercenters QWEST-CYBERCENTER (NET-63-236-0-0-2)
188.8.131.52 - 184.108.40.206
Akamai Technologies, Inc. QWEST-BUC-AKAMAI (NET-63-236-1-128-1)
220.127.116.11 - 18.104.22.168
So I'll guess one of the Micro$oft connections has a connection into
Akamai Tech. Why you ask, because I know Micro$not uses them to host
some of their servers. Linux server boxes as I misunderstand it. :-)
You can look up ip addresses or net block owner lookup somewhere like
- Re: Netstat
- From: Ansgar -59cobalt- Wiechers
- Re: Netstat