help with netstat output

Author	All Replies
Mitterwill @comcast.net	help with netstat output I've had a serious problem with an ex and his hacker friends. I started using my Mac (G4 OS 10.4.11) on the network at my parents' - we have 3 computers linked on a Cisco ethernet router. The hackers post clues for me and I found that they are able to hack some of my accounts or see where I am online. I fished around and found that I was connected to a foreign IP on port 22. I installed NoobProof to block that port. But now when I run netstat on the network utility I have some strange ports for localhost to localhost connections. I am pretty sure they have gotten to the other two computers here, but no one here at home is listening (they just put better firewalls up but are not checking the ports). Could someone help me with this netstat output to see is something strange is on it? Also is there a way that they can get in my computer through our lan? I have my powerbook passworded and I change the password daily. I can provide more information if needed. tcp4 0 0 localhost.netinfo-loca localhost.980 ESTABLISHED tcp4 0 0 localhost.980 localhost.netinfo-loca ESTABLISHED tcp4 0 0 localhost.895 . LISTEN tcp4 0 0 localhost.ipp . LISTEN tcp4 0 0 localhost.netinfo-loca localhost.1021 ESTABLISHED tcp4 0 0 localhost.1021 localhost.netinfo-loca ESTABLISHED tcp4 0 0 localhost.netinfo-loca . LISTEN udp4 0 0 .mdns .* udp4 0 0 localhost.49155 localhost.1022 udp4 0 0 localhost.49154 localhost.1022 udp4 0 0 localhost.1022 . udp4 0 0 localhost.49153 localhost.1023 udp4 0 0 localhost.1023 . udp4 0 0 .ipp .* udp6 0 0 .5353 .* udp4 0 0 .mdns .* udp4 0 0 . . udp4 0 0 localhost.netinfo-loca . icm6 0 0 . .
	to forum · permalink · 2009-11-20 15:28:38 ·
nwrickert sand groper Premium,MVM join:2004-09-04 Geneva, IL kudos:7 Reviews: ·AT&T U-Verse	I don't see anything obviously suspicious. If you happen to have the "lsof" command, you can use that to identify which software is using the various ports. -- AT&T Uverse; Zyxel NBG334W router (behind the 2wire gateway); openSuSE 11.0; firefox 3.0.15
	to forum · permalink · 2009-11-20 17:10:07 ·
Mitterwill @comcast.net	reply to Mitterwill I'll look for that but I am more noob to this than NoobProof... tonight I connected to Second Life on this machine and found some of those weird port connections established... like localhost 49523 to localhost 44125 then saw a weird one .49174 to .*. I tried closing those higher port numbers on NoobProof but then I couldn't get online. I should mention that my machine is not the main one connected to the router, but I guess that doesn't make a difference? I might just be paranoid after so many months of harassment - I know they have password hacks and they got through the computer I was using before (a PC) but I just want to get to where I know I am safe going online. Thanks for your help!
	to forum · permalink · 2009-11-20 21:26:06 ·

nwrickert sand groper Premium,MVM join:2004-09-04 Geneva, IL kudos:7 Reviews: ·AT&T U-Verse	If they are udp ports for localhost, then they are just for communication between processes on your own computer. It looked as if some were for netinfo, which is just a database for local use or between a network of related computers. Some operating systems use high port numbers for random ports, so there is no particular significance to that. -- AT&T Uverse; Zyxel NBG334W router (behind the 2wire gateway); openSuSE 11.0; firefox 3.0.15
	to forum · permalink · 2009-11-20 23:02:37 ·

Broadband Tech > Security > Security > help with netstat output