TCP Port Identification

I don't know why, but I have recently gotten it into my head that I absolutely must figure out what is coming in and going out of my Windows XP Professional machine.

Could some one who REALLY knows what they're talking about please give me their thoughts.
Here is the exact information from Essential Nettools showing the TCP ports that are currently active:
TCP  0.0.0.0        port 135    Listen          c:\windows\system32\svchost.exe
TCP  0.0.0.0        port 445    Listen          System
TCP  0.0.0.0      port 1025    Listen          c:\windows\system32\svchost.exe
TCP  0.0.0.0       port 1033   Listen          System
TCP  0.0.0.0       port 1052   Listen          c:\program files\messenger\msmsgs.exe
TCP  192.168.0.4 port 139    Listen          System
TCP  192.168.0.4 port 1052  Established   c:\program files\messenger\msmsgs.exe
TCP  192.168.0.4 port 9147  Listen           c:\program files\messenger\msmsgs.exe

I am relatively experienced at networking, but not an expert.  Here is my analysis along with a couple of specific questions.

My laptop is connected to a Windows 2003 domain controller and I am logged in.  Focusing on TCP first.  I have turned off all the services that I possibly can.

I know that the entry 192.168.0.4 port 139 and port 9147 are for the DHCP client.
192.168.0.4 and 0.0.0.0 port 1052 is my connection from Outlook Express to the newsgroup.

That leaves the following entries.

port 135
port 445
port 1025
port 1033

Most times, there is also a port 1027, but it wasn't there when I did the screen shot.

Also, these are the services that are running on my machine with notes.

****Event Log****
No option to stop this service

****Plug and Play****
No option to stop this service

****Remote Access Connection Manager****
Get the message, "Could not stop the Remote Access Connection Manager service on Local Computer.  The service did not return an error.  This could be an internal Windows error or an internal service error.  If the problem persists, contact your system administrator."

****Remote Procedure Call (RPC)****
No option to stop this service

****Security Accounts Manager****
No option to stop this service

****Telephony****
Message says that the Remote Access Connection Manager will also stop.

****Terminal Services****
No option to stop this service

****Windows Audio****
No option to stop this service

Every other service is turned off.

From my reading, it seems that ports 135 and 445 are very deeply rooted in Windows networking.  But, I'm really interested in what is *really* going on through these ports.  What kind of traffic moves in and out?

I don't have any idea what is going on with the other ports.

I'm not worried about the UDP ports at this point.  I want to figure out the TCP first, then I'll move on.

Any help would be appreciated.

--
Kurt DicusStart Free Trial