republican-creole
site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Security > netstat screenshot (inquire within)

Search Topic:
 Uniqs:
387		 Share Topic
Posting?
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AuthorAll Replies

ohjar

join:2013-02-27
Edmond, OK

netstat screenshot (inquire within)

screenshotrrr.pdf
New to the forums so hello! My computer has been acting weird lately and I've had a bad experience with hackers(to make a long story short my comp was being used as a sword by a guy in anonymous"have poof") I've been monitoring my netstat and this pops up all at once(screenshot). should i be worried?

EDIT: sorry for picture quality
to forum · permalink · 2013-02-27 21:15:40 ·


trparky
Apple... YUM
Premium,MVM
join:2000-05-24
Cleveland, OH
kudos:2

That hardly tells us anything, we need to know what programs are initiating those connections. Local ports, remote ports, PIDs, executable names, etc.

to forum · permalink · 2013-02-27 22:14:57 ·


NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:9
Reviews:
·SONIC.NET
·Pacific Bell - SBC

reply to ohjar

said by ohjar:

EDIT: sorry for picture quality

Copy, paste, and code blocks. And the "Foreign Addresses" and process IDs; like this:
C:\util\dig>netstat -aon
 
Active Connections
 
  Proto  Local Address          Foreign Address        State           PID
  TCP    0.0.0.0:135            0.0.0.0:0              LISTENING       812
  TCP    0.0.0.0:445            0.0.0.0:0              LISTENING       4
  TCP    0.0.0.0:5357           0.0.0.0:0              LISTENING       4
  TCP    192.168.42.36:49171    69.22.151.207:443      ESTABLISHED     3312
  TCP    192.168.42.36:49204    17.149.36.220:5223     ESTABLISHED     3928
  TCP    192.168.42.36:59744    31.13.77.39:443        ESTABLISHED     1788
  TCP    192.168.42.36:59779    31.13.77.42:443        ESTABLISHED     1788
  TCP    192.168.42.36:60811    74.125.224.100:80      ESTABLISHED     1788
  TCP    192.168.42.36:60818    209.123.109.175:80     TIME_WAIT       0
  TCP    192.168.42.36:60819    209.123.109.175:80     TIME_WAIT       0
  TCP    192.168.42.36:60827    74.125.141.95:80       ESTABLISHED     1788
  TCP    192.168.42.36:60844    2.19.131.235:443       ESTABLISHED     364
  UDP    0.0.0.0:7              *:*                                    1812
  UDP    0.0.0.0:9              *:*                                    1812
  UDP    0.0.0.0:13             *:*                                    1812
  UDP    0.0.0.0:17             *:*                                    1812
  UDP    0.0.0.0:19             *:*                                    1812
  UDP    0.0.0.0:68             *:*                                    976

--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum
to forum · permalink · 2013-02-28 03:11:34 ·

HELLFIRE

join:2009-11-25
kudos:7

reply to ohjar
Try "netstat -abn > file.txt" and post file.txt up for review.

If you're thinking you're still being hacked, you definately want to do the above and write to a new file periodically for
review / comparison.

Regards

to forum · permalink · 2013-03-01 00:24:28 ·
Forums > Broadband Tech > Security > Security

Sunday, 19-May 20:35:08 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 13.5 years online © 1999-2013 dslreports.com.
Most commented news this week
Hot Topics