deyaa
asked on
netstat
hi All,
I have winxp with SP2 and the firewall is on, I use some downloading programs like IMesh, but when I open this program and without making any downloading or searching, I can see some transactions.
When I used netstat -an command, I found alot of established connections.
How can I disconnect or disable this unwanted connections.
Is there a program can show me all these sessions and give me the access to control these connections?
the netstat example is below :
C:\>netstat -an
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1214 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3531 0.0.0.0:0 LISTENING
TCP 0.0.0.0:16314 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1025 0.0.0.0:0 LISTENING
TCP 217.16.205.52:139 0.0.0.0:0 LISTENING
TCP 217.16.205.52:1217 212.179.66.8:8010 ESTABLISHED
TCP 217.16.205.52:1234 67.167.210.11:6346 ESTABLISHED
TCP 217.16.205.52:2219 82.251.125.60:6346 ESTABLISHED
TCP 217.16.205.52:2343 24.0.74.18:6346 ESTABLISHED
TCP 217.16.205.52:2515 213.107.129.137:6346 FIN_WAIT_1
TCP 217.16.205.52:2551 84.101.221.60:6346 TIME_WAIT
TCP 217.16.205.52:2581 67.83.141.14:30667 TIME_WAIT
TCP 217.16.205.52:2588 24.105.209.65:6346 ESTABLISHED
TCP 217.16.205.52:2593 70.69.178.218:35687 FIN_WAIT_2
TCP 217.16.205.52:2595 80.119.111.53:16246 TIME_WAIT
TCP 217.16.205.52:2599 82.234.230.192:6346 TIME_WAIT
TCP 217.16.205.52:2639 69.201.25.57:6346 FIN_WAIT_2
TCP 217.16.205.52:2650 66.24.48.115:6346 TIME_WAIT
TCP 217.16.205.52:2653 68.20.17.45:6346 ESTABLISHED
TCP 217.16.205.52:2655 65.188.180.34:6346 ESTABLISHED
TCP 217.16.205.52:2656 141.152.26.127:6346 SYN_SENT
TCP 217.16.205.52:2657 67.23.250.155:6346 SYN_SENT
TCP 217.16.205.52:3531 217.219.151.239:3996 FIN_WAIT_1
TCP 217.16.205.52:4160 212.199.220.98:3531 CLOSE_WAIT
TCP 217.16.205.52:4170 212.199.220.98:3531 CLOSE_WAIT
TCP 217.16.205.52:4699 145.53.43.165:3018 ESTABLISHED
UDP 0.0.0.0:1 *:*
UDP 0.0.0.0:445 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:1041 *:*
UDP 0.0.0.0:1064 *:*
UDP 0.0.0.0:1214 *:*
UDP 0.0.0.0:1223 *:*
UDP 0.0.0.0:3531 *:*
UDP 0.0.0.0:3724 *:*
UDP 0.0.0.0:3726 *:*
UDP 0.0.0.0:4500 *:*
UDP 0.0.0.0:16314 *:*
UDP 0.0.0.0:16327 *:*
UDP 127.0.0.1:123 *:*
UDP 127.0.0.1:1032 *:*
UDP 127.0.0.1:1206 *:*
UDP 127.0.0.1:1900 *:*
UDP 217.16.205.52:123 *:*
UDP 217.16.205.52:137 *:*
UDP 217.16.205.52:138 *:*
UDP 217.16.205.52:1900 *:*
C:\>
Thanks and best regards
I have winxp with SP2 and the firewall is on, I use some downloading programs like IMesh, but when I open this program and without making any downloading or searching, I can see some transactions.
When I used netstat -an command, I found alot of established connections.
How can I disconnect or disable this unwanted connections.
Is there a program can show me all these sessions and give me the access to control these connections?
the netstat example is below :
C:\>netstat -an
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1214 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3531 0.0.0.0:0 LISTENING
TCP 0.0.0.0:16314 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1025 0.0.0.0:0 LISTENING
TCP 217.16.205.52:139 0.0.0.0:0 LISTENING
TCP 217.16.205.52:1217 212.179.66.8:8010 ESTABLISHED
TCP 217.16.205.52:1234 67.167.210.11:6346 ESTABLISHED
TCP 217.16.205.52:2219 82.251.125.60:6346 ESTABLISHED
TCP 217.16.205.52:2343 24.0.74.18:6346 ESTABLISHED
TCP 217.16.205.52:2515 213.107.129.137:6346 FIN_WAIT_1
TCP 217.16.205.52:2551 84.101.221.60:6346 TIME_WAIT
TCP 217.16.205.52:2581 67.83.141.14:30667 TIME_WAIT
TCP 217.16.205.52:2588 24.105.209.65:6346 ESTABLISHED
TCP 217.16.205.52:2593 70.69.178.218:35687 FIN_WAIT_2
TCP 217.16.205.52:2595 80.119.111.53:16246 TIME_WAIT
TCP 217.16.205.52:2599 82.234.230.192:6346 TIME_WAIT
TCP 217.16.205.52:2639 69.201.25.57:6346 FIN_WAIT_2
TCP 217.16.205.52:2650 66.24.48.115:6346 TIME_WAIT
TCP 217.16.205.52:2653 68.20.17.45:6346 ESTABLISHED
TCP 217.16.205.52:2655 65.188.180.34:6346 ESTABLISHED
TCP 217.16.205.52:2656 141.152.26.127:6346 SYN_SENT
TCP 217.16.205.52:2657 67.23.250.155:6346 SYN_SENT
TCP 217.16.205.52:3531 217.219.151.239:3996 FIN_WAIT_1
TCP 217.16.205.52:4160 212.199.220.98:3531 CLOSE_WAIT
TCP 217.16.205.52:4170 212.199.220.98:3531 CLOSE_WAIT
TCP 217.16.205.52:4699 145.53.43.165:3018 ESTABLISHED
UDP 0.0.0.0:1 *:*
UDP 0.0.0.0:445 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:1041 *:*
UDP 0.0.0.0:1064 *:*
UDP 0.0.0.0:1214 *:*
UDP 0.0.0.0:1223 *:*
UDP 0.0.0.0:3531 *:*
UDP 0.0.0.0:3724 *:*
UDP 0.0.0.0:3726 *:*
UDP 0.0.0.0:4500 *:*
UDP 0.0.0.0:16314 *:*
UDP 0.0.0.0:16327 *:*
UDP 127.0.0.1:123 *:*
UDP 127.0.0.1:1032 *:*
UDP 127.0.0.1:1206 *:*
UDP 127.0.0.1:1900 *:*
UDP 217.16.205.52:123 *:*
UDP 217.16.205.52:137 *:*
UDP 217.16.205.52:138 *:*
UDP 217.16.205.52:1900 *:*
C:\>
Thanks and best regards
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Even better, type "netstat -ab" and that will give you the name of each program that is using those connections. Be patient, the "netstat -ab" command runs a bit slow.