What Windows process initiate connection to other Port 139?
From: ys (yuu_shi_at_yahoo.com)
Date: 07/28/04
- Next message: ys: "Got flashing Red-Blue-Green bars"
- Previous message: phn_at_icke-reklam.ipsec.nu: "Re: **Secure** Ftp server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 27 Jul 2004 15:37:33 -0700
I am not sure whether my machine got hacked. It keeps trying to make
TCP connection to port 139 on the other machine[s]. However, I found
no process based on its initiating port. It seems to me it was
spawned by other running process, but I am running out of idea to
track that down.
One thing I don't really understand is that how does my machine know
these IP addresses for connection; therefore, I suspect it has been
hacked.
Not sure whether it is related. There are a lot of machines trying to
make connections to my machine at port 135 and 445. Most initiating
IP are near. If this is normal, how do they know my IP? I just hope
my machine didn't boardcast its address for invitations! :(
I am using Windows 2000 Server with limited ports open to the net. I
captured these IP log from my hardware router.
ys
- Next message: ys: "Got flashing Red-Blue-Green bars"
- Previous message: phn_at_icke-reklam.ipsec.nu: "Re: **Secure** Ftp server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
