Solved

Internet Gateway > Internet Connection'  LIVE CALL WHAT IS THIS  FOR ??

Posted on 2007-06-29
24
802 Views
Last Modified: 2012-05-05
I am running XP Home edition 2002 sp2

in my Network connections I found an
'Internet Gateway > Internet Connection'
which i am sure i have never seen before

when i viewed the properties of the  'Internet Connection'
icon it had a 'settings' button

clicking this opened a 'services' dialog which had 3 entries

livecall (192.168.1.100:8345) 21985 UDP
livecall (192.168.1.100:8345) 36069 TCP
MsnMsgr (192.168.1.100:10205) 4582 UDP

I unchecked these items and also 'disabled' this interent gateway and my internet still seems to be running fine

I do have SKYPE and MSN installed and i use SKYPE for VoiP
 Can anyone tell me whether these settings have allowed someone to access my PC ?
0
Comment
Question by:aphuk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 8
  • 3
24 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 19394514
Livecall looks like http://www.liveperson.com/sb/livecall.asp
MsnMsgr is most likely MSN Messenger from Microsoft, an online chat and instant messaging client.

Do you use either one of these?
0
 

Author Comment

by:aphuk
ID: 19394870
i do not use Livecall
i do use MSN & SKYPE and i noticed this time that i also now have a check box for SKYPE in the connection list

is 'Internet Gateway > Internet Connection' always present when you are online ?  i am sure i have never seen it before
0
 

Author Comment

by:aphuk
ID: 19394872
for now  have set the 'Internet Gateway > Internet Connection'  to disabled, what impact will this have on SKYPE & MSN msgr?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 57

Expert Comment

by:giltjr
ID: 19396537
I am not really sure.  I have not seen "Internet Gatgeway > Internet Connection" before, but what I think this may is Internet Connection Sharing.  Have you ever configured your computer to allow Internet Connection Sharing before?
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 19398005
Internet Gateway is alos a result of UPnP, a service that allows for dynamic configuration of the router. If you go to start>run>services.msc, and disable Univeral Plug and Play, then reboot... Does it appear?
0
 

Author Comment

by:aphuk
ID: 19403892
this time round only the MSnMsgr was checked ?!*
stopped the service
it said dependency was from Windows Media Player
that may be because MSN displays whatever music i am playing on the MSN title bar ...??
0
 

Author Comment

by:aphuk
ID: 19404083
service was stopped
machine was rebooted
conditions still exist and i now have 4 items back in the list
livecall (192.168.1.100:8345) 21985 UDP
livecall (192.168.1.100:8345) 36069 TCP
MsnMsgr (192.168.1.100:10205) 4582 UDP
SKYPE

services show Upnp running as a manual service
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 19404815
Can you upload the dump files from c:\windows\minidump for us to look at?

Http://www.ee-stuff.com is a free upload site for us....

Might be able to pinpoint the fauting modules in there....
0
 
LVL 57

Expert Comment

by:giltjr
ID: 19404840
Not sure if it is directly related, but there is a MSN Messenger plugin for Windows Media player.  one of the features is if you are using MSN Messenger as a IM client, it will display the music you have been listening to with Windows Media player.

http://www.mess.be/msnmessengerfaq/article.php?id=117&action=print

It is also possible that Windows Media player does use MSN Messenger to get the information about music you are listening to.

As to the livecall stuff, did you look at the Web Page I referred you to earlier?  Did it look/sound familure?  Do you, or did you, ever have 3rd party support?
0
 

Author Comment

by:aphuk
ID: 19405306
giltjr:
looked at this 'livecall' site and it is not familiar to me at all but you know how it is , in the past i have used direct contact dialog boxes to some websites (talk to a LIVE operator) but not for a LONG time!!
Also no sure why there are two of them in the list. The only 3rd party support i can recall is PREVX. It would be nice if these references were signed as to who put it in my configuration!!

I can delete the 'service' using the properties but as soon as i restart the machine the service is back

i have screen shots available but cannot get them onto Http://www.ee-stuff.com as it appears to be in flux at the minute
0
 

Author Comment

by:aphuk
ID: 19405316
johnb6767:
Http://www.ee-stuff.com appears to be unavailable at the moment

I have one minidump on my machine from Aug 2006.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 19407313
You may want to get HijackThis (http://www.spywareinfo.com/~merijn/programs.php)  and run it to see what it says.

I did a little more searching and it seems that livecall may also be related to MSN Messenger.

0
 

Author Comment

by:aphuk
ID: 19601465
Thanks Tolomir. Thought someone would have been able to shed light on this one.?!
0
 
LVL 57

Expert Comment

by:giltjr
ID: 19601603
Do you think that somebody has accessed your computer?  

If you do a:

     netstat -ano

Do you show anything running with those ports open?  Those settings by themself would not have allowed somebody to access your computer.  If you have your firewall configured correctly then nobody should have been able to get into your computer.

However if your firewall is not configured correctly, then almost anybody can.
0
 

Author Comment

by:aphuk
ID: 19602157
i am not sure if someone has accessed my computer

netstat -ano reports the following, but I am not sure if this is GOOD or BAD ?

Active Connections

  Proto  Local Address          Foreign Address        State           PID
  TCP    0.0.0.0:80             0.0.0.0:0              LISTENING       3812
  TCP    0.0.0.0:135            0.0.0.0:0              LISTENING       1012
  TCP    0.0.0.0:443            0.0.0.0:0              LISTENING       3812
  TCP    0.0.0.0:445            0.0.0.0:0              LISTENING       4
  TCP    0.0.0.0:990            0.0.0.0:0              LISTENING       2428
  TCP    0.0.0.0:999            0.0.0.0:0              LISTENING       3784
  TCP    0.0.0.0:2869           0.0.0.0:0              LISTENING       1244
  TCP    0.0.0.0:10243          0.0.0.0:0              LISTENING       2036
  TCP    0.0.0.0:26675          0.0.0.0:0              LISTENING       3784
  TCP    0.0.0.0:57830          0.0.0.0:0              LISTENING       3812
  TCP    127.0.0.1:1029         0.0.0.0:0              LISTENING       708
  TCP    127.0.0.1:4664         0.0.0.0:0              LISTENING       3480
  TCP    127.0.0.1:5679         0.0.0.0:0              LISTENING       2280
  TCP    127.0.0.1:7438         0.0.0.0:0              LISTENING       2280
  TCP    169.254.2.2:139        0.0.0.0:0              LISTENING       4
  TCP    169.254.2.2:990        169.254.2.1:1139       ESTABLISHED     2428
  TCP    169.254.2.2:990        169.254.2.1:1141       ESTABLISHED     2428
  TCP    169.254.2.2:999        169.254.2.1:1142       ESTABLISHED     3784
  TCP    169.254.2.2:5678       169.254.2.1:1143       ESTABLISHED     3784
  TCP    169.254.2.2:5678       169.254.2.1:1144       ESTABLISHED     3784
  TCP    169.254.2.2:5721       0.0.0.0:0              LISTENING       2428
  TCP    169.254.2.2:26675      169.254.2.1:1158       ESTABLISHED     4
  TCP    192.168.1.101:139      0.0.0.0:0              LISTENING       4
  TCP    192.168.1.101:1138     207.46.109.42:1863     ESTABLISHED     1424
  TCP    192.168.1.101:1341     24.225.201.62:56841    ESTABLISHED     3812
  TCP    192.168.1.101:1933     62.189.194.207:80      TIME_WAIT       0
  TCP    192.168.1.101:1935     64.156.132.140:80      TIME_WAIT       0
  TCP    192.168.1.101:1964     62.189.194.207:80      TIME_WAIT       0
  TCP    192.168.1.101:2807     192.168.10.70:445      ESTABLISHED     4
  TCP    192.168.1.101:58898    192.168.1.1:2869       CLOSING         1424
  UDP    0.0.0.0:445            *:*                                    4
  UDP    0.0.0.0:500            *:*                                    752
  UDP    0.0.0.0:1028           *:*                                    1472
  UDP    0.0.0.0:1041           *:*                                    1164
  UDP    0.0.0.0:1099           *:*                                    1424
  UDP    0.0.0.0:1136           *:*                                    1164
  UDP    0.0.0.0:4500           *:*                                    752
  UDP    0.0.0.0:57830          *:*                                    3812
  UDP    127.0.0.1:123          *:*                                    1092
  UDP    127.0.0.1:1080         *:*                                    3812
  UDP    127.0.0.1:1131         *:*                                    1424
  UDP    127.0.0.1:1900         *:*                                    1244
  UDP    127.0.0.1:1931         *:*                                    1396
  UDP    127.0.0.1:1946         *:*                                    3356
  UDP    169.254.2.2:123        *:*                                    1092
  UDP    169.254.2.2:137        *:*                                    4
  UDP    169.254.2.2:138        *:*                                    4
  UDP    169.254.2.2:1900       *:*                                    1244
  UDP    169.254.2.2:15797      *:*                                    1424
  UDP    169.254.2.2:62567      *:*                                    1424
  UDP    192.168.1.101:123      *:*                                    1092
  UDP    192.168.1.101:137      *:*                                    4
  UDP    192.168.1.101:138      *:*                                    4
  UDP    192.168.1.101:1900     *:*                                    1244
  UDP    192.168.1.101:12215    *:*                                    1424
  UDP    192.168.1.101:60844    *:*                                    1424
0
 
LVL 57

Expert Comment

by:giltjr
ID: 19602658
O.K, it looks like you have two network connections.  Are you using this as a Internet Connection Sharing devices?


I would figure out what all of the following is.  You need to find out what  the PIDs are.  These are listening, which means they are waiting for somebody to connect to them.  If your firewall is not configured properly, then somebody could connect to your computer via the Internet.

TCP    0.0.0.0:990            0.0.0.0:0              LISTENING       2428
TCP    0.0.0.0:999            0.0.0.0:0              LISTENING       3784
TCP    0.0.0.0:2869           0.0.0.0:0              LISTENING       1244
TCP    0.0.0.0:10243          0.0.0.0:0              LISTENING       2036
TCP    0.0.0.0:26675          0.0.0.0:0              LISTENING       3784
TCP    0.0.0.0:57830          0.0.0.0:0              LISTENING       3812
UDP    192.168.1.101:1900     *:*                                    1244
UDP    192.168.1.101:12215    *:*                                    1424
UDP    192.168.1.101:60844    *:*                                    1424
UDP    169.254.2.2:1900       *:*                                    1244
UDP    169.254.2.2:15797      *:*                                    1424
UDP    169.254.2.2:62567      *:*                                    1424
0
 
LVL 66

Accepted Solution

by:
johnb6767 earned 150 total points
ID: 19603822
TCPView for Windows v2.4
http://www.microsoft.com/technet/sysinternals/Utilities/TcpView.mspx

GUI alternative to the old netstat -abn command.......
0
 

Author Comment

by:aphuk
ID: 19661500
giltjr:

sorry did not get back sooner but i have been in a location with no internet connection

can you help me with finding out what the PID's are ?

0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 100 total points
ID: 19662985
You may want to use the program that johnb6767 suggested.  I beleive it will tell you what task/program is associated with the PIDs listed in the output of the netstat command.
0
 

Author Comment

by:aphuk
ID: 19683455
Sorry it took so long but I got there in the end. Only Grey area is
'Internet Gateway > Internet Connection'
from what i can work out it seems that if i have a wireless connection then it appears
if i am using cable then it does'nt
I have both network types on my laptop.

Used Netstat and TCPView for Windows v2.4 and then good old Google to look up each item in the list and they all seemed to be Valid so 'all's well that ends well'
0
 
LVL 57

Expert Comment

by:giltjr
ID: 19683553
My guess is that you have your computer configured for Internet Connection Sharing (ICS).  This is only active if you have two network connection.  You can't use ICS with a single connection.
0
 

Author Comment

by:aphuk
ID: 19683864
found how it can be installed here
http://www.practicallynetworked.com/sharing/xp_ics/

found out how to remove it here
http://support.microsoft.com/kb/263276
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Do you know what to look for when considering cloud computing? Should you hire someone or try to do it yourself? I'll be covering these questions and looking at the best options for you and your business.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question