Re: Netstat

On Sun, 14 Jan 2007 23:32:13 -0800, Lew/+Silat wrote:
Im trying to learn about all this but need some help. So I hope this question is a good place to start.
What does the following mean?

it shows what ports are connected to what ip addresses.

Want to know what a port connection MIGHT mean. You can use these two sites:

http://isc.sans.org/port.html?port= <== put port # of intrest here
http://www.dshield.org/port_report.html?port=



I opened cmd and typed netstat.
If there are things wrong what am I supposed to do?

Get rid of the offending software opening the port. :(

Active Connections


TCP :1025 localhost:1137 ESTABLISHED
TCP :1137 localhost:1025 ESTABLISHED

http://isc.sans.org/port.html?port=1025
Check the write up and see if you have any of the indicated services running.


TCP :3189 comcast.dca.giganews.com:nntp ESTABLISHED

That is your Usenet connection where you posted this message.


TCP :3198 wwwbaytest2.microsoft.com:http ESTABLISHED

Guessing you have a browser open and connected to Micro$oft or it's
Micro$oft code calling home :(

TCP :3192 po-in-f104.google.com:http ESTABLISHED

Looks like a google search page connection. Maybe something in the
task bar.

TCP :3202 63.236.1.139:http ESTABLISHED

On my Linux OS, that ip addy lookup shows
$ whois 63.236.1.139
Qwest Communications Corporation QWEST-INET-9 (NET-63-236-0-0-1)
63.236.0.0 - 63.239.255.255
Qwest Cybercenters QWEST-CYBERCENTER (NET-63-236-0-0-2)
63.236.0.0 - 63.236.127.255
Akamai Technologies, Inc. QWEST-BUC-AKAMAI (NET-63-236-1-128-1)
63.236.1.128 - 63.236.1.255

So I'll guess one of the Micro$oft connections has a connection into
Akamai Tech. Why you ask, because I know Micro$not uses them to host
some of their servers. Linux server boxes as I misunderstand it. :-)


You can look up ip addresses or net block owner lookup somewhere like
http://samspade.org/
http://www.webyield.net/domainquery.html
http://www.geektools.com/whois.php

.

Relevant Pages

  • RE: Configure Hardware Firewall for SBS 2003
    ... the corresponding ports to the SBS box. ... When a router is deployed at the SBS end, you must forward the port numbers ... TCP 110 This port is used for POP3 mail clients. ... TCP 1723 PPTP VPN connection ...
    (microsoft.public.windows.server.sbs)
  • Re: HTTP DDoS attack on our servers
    ... A quick googling for TCP port 45836 turns up the following page at ... The worm creates a remote access server by listening on TCP ... > Basically,> 8.000 IP numbers are sending HTTP requests to our server on ... > connection after the first sent line, ...
    (Incidents)
  • Re: .NET SqlConnection: connect error SQL Server 2005 DEV on same
    ... If I wanted to specify the port in the conenct string, ... enable TCP in the surface area configuration? ... Rick Byham, SQL Server Books Online ... An error has occurred while establishing a connection to the ...
    (microsoft.public.sqlserver.connect)
  • Re: Correction
    ... Normally to physically disconnect is just a matter of reaching for the ... >> I have an ADSL connection which polls my computer from time to time, ... > disallow each and every port with Windows Firewall? ...
    (microsoft.public.windowsxp.messenger)
  • Re: Using Remote Desktop From an SBS Domain
    ... when you tried to RDP while attached directly to a port on your router? ... Internet to initiate an IP conversation with your computer. ... This situation is different than if you ran your own NAT connection sharing ...
    (microsoft.public.windows.server.sbs)