Solved

Internet Gateway > Internet Connection'  LIVE CALL WHAT IS THIS  FOR ??

Posted on 2007-06-29
24
800 Views
Last Modified: 2012-05-05
I am running XP Home edition 2002 sp2

in my Network connections I found an
'Internet Gateway > Internet Connection'
which i am sure i have never seen before

when i viewed the properties of the  'Internet Connection'
icon it had a 'settings' button

clicking this opened a 'services' dialog which had 3 entries

livecall (192.168.1.100:8345) 21985 UDP
livecall (192.168.1.100:8345) 36069 TCP
MsnMsgr (192.168.1.100:10205) 4582 UDP

I unchecked these items and also 'disabled' this interent gateway and my internet still seems to be running fine

I do have SKYPE and MSN installed and i use SKYPE for VoiP
 Can anyone tell me whether these settings have allowed someone to access my PC ?
0
Comment
Question by:aphuk
  • 11
  • 8
  • 3
24 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 19394514
Livecall looks like http://www.liveperson.com/sb/livecall.asp
MsnMsgr is most likely MSN Messenger from Microsoft, an online chat and instant messaging client.

Do you use either one of these?
0
 

Author Comment

by:aphuk
ID: 19394870
i do not use Livecall
i do use MSN & SKYPE and i noticed this time that i also now have a check box for SKYPE in the connection list

is 'Internet Gateway > Internet Connection' always present when you are online ?  i am sure i have never seen it before
0
 

Author Comment

by:aphuk
ID: 19394872
for now  have set the 'Internet Gateway > Internet Connection'  to disabled, what impact will this have on SKYPE & MSN msgr?
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 57

Expert Comment

by:giltjr
ID: 19396537
I am not really sure.  I have not seen "Internet Gatgeway > Internet Connection" before, but what I think this may is Internet Connection Sharing.  Have you ever configured your computer to allow Internet Connection Sharing before?
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 19398005
Internet Gateway is alos a result of UPnP, a service that allows for dynamic configuration of the router. If you go to start>run>services.msc, and disable Univeral Plug and Play, then reboot... Does it appear?
0
 

Author Comment

by:aphuk
ID: 19403892
this time round only the MSnMsgr was checked ?!*
stopped the service
it said dependency was from Windows Media Player
that may be because MSN displays whatever music i am playing on the MSN title bar ...??
0
 

Author Comment

by:aphuk
ID: 19404083
service was stopped
machine was rebooted
conditions still exist and i now have 4 items back in the list
livecall (192.168.1.100:8345) 21985 UDP
livecall (192.168.1.100:8345) 36069 TCP
MsnMsgr (192.168.1.100:10205) 4582 UDP
SKYPE

services show Upnp running as a manual service
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 19404815
Can you upload the dump files from c:\windows\minidump for us to look at?

Http://www.ee-stuff.com is a free upload site for us....

Might be able to pinpoint the fauting modules in there....
0
 
LVL 57

Expert Comment

by:giltjr
ID: 19404840
Not sure if it is directly related, but there is a MSN Messenger plugin for Windows Media player.  one of the features is if you are using MSN Messenger as a IM client, it will display the music you have been listening to with Windows Media player.

http://www.mess.be/msnmessengerfaq/article.php?id=117&action=print

It is also possible that Windows Media player does use MSN Messenger to get the information about music you are listening to.

As to the livecall stuff, did you look at the Web Page I referred you to earlier?  Did it look/sound familure?  Do you, or did you, ever have 3rd party support?
0
 

Author Comment

by:aphuk
ID: 19405306
giltjr:
looked at this 'livecall' site and it is not familiar to me at all but you know how it is , in the past i have used direct contact dialog boxes to some websites (talk to a LIVE operator) but not for a LONG time!!
Also no sure why there are two of them in the list. The only 3rd party support i can recall is PREVX. It would be nice if these references were signed as to who put it in my configuration!!

I can delete the 'service' using the properties but as soon as i restart the machine the service is back

i have screen shots available but cannot get them onto Http://www.ee-stuff.com as it appears to be in flux at the minute
0
 

Author Comment

by:aphuk
ID: 19405316
johnb6767:
Http://www.ee-stuff.com appears to be unavailable at the moment

I have one minidump on my machine from Aug 2006.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 19407313
You may want to get HijackThis (http://www.spywareinfo.com/~merijn/programs.php)  and run it to see what it says.

I did a little more searching and it seems that livecall may also be related to MSN Messenger.

0
 

Author Comment

by:aphuk
ID: 19601465
Thanks Tolomir. Thought someone would have been able to shed light on this one.?!
0
 
LVL 57

Expert Comment

by:giltjr
ID: 19601603
Do you think that somebody has accessed your computer?  

If you do a:

     netstat -ano

Do you show anything running with those ports open?  Those settings by themself would not have allowed somebody to access your computer.  If you have your firewall configured correctly then nobody should have been able to get into your computer.

However if your firewall is not configured correctly, then almost anybody can.
0
 

Author Comment

by:aphuk
ID: 19602157
i am not sure if someone has accessed my computer

netstat -ano reports the following, but I am not sure if this is GOOD or BAD ?

Active Connections

  Proto  Local Address          Foreign Address        State           PID
  TCP    0.0.0.0:80             0.0.0.0:0              LISTENING       3812
  TCP    0.0.0.0:135            0.0.0.0:0              LISTENING       1012
  TCP    0.0.0.0:443            0.0.0.0:0              LISTENING       3812
  TCP    0.0.0.0:445            0.0.0.0:0              LISTENING       4
  TCP    0.0.0.0:990            0.0.0.0:0              LISTENING       2428
  TCP    0.0.0.0:999            0.0.0.0:0              LISTENING       3784
  TCP    0.0.0.0:2869           0.0.0.0:0              LISTENING       1244
  TCP    0.0.0.0:10243          0.0.0.0:0              LISTENING       2036
  TCP    0.0.0.0:26675          0.0.0.0:0              LISTENING       3784
  TCP    0.0.0.0:57830          0.0.0.0:0              LISTENING       3812
  TCP    127.0.0.1:1029         0.0.0.0:0              LISTENING       708
  TCP    127.0.0.1:4664         0.0.0.0:0              LISTENING       3480
  TCP    127.0.0.1:5679         0.0.0.0:0              LISTENING       2280
  TCP    127.0.0.1:7438         0.0.0.0:0              LISTENING       2280
  TCP    169.254.2.2:139        0.0.0.0:0              LISTENING       4
  TCP    169.254.2.2:990        169.254.2.1:1139       ESTABLISHED     2428
  TCP    169.254.2.2:990        169.254.2.1:1141       ESTABLISHED     2428
  TCP    169.254.2.2:999        169.254.2.1:1142       ESTABLISHED     3784
  TCP    169.254.2.2:5678       169.254.2.1:1143       ESTABLISHED     3784
  TCP    169.254.2.2:5678       169.254.2.1:1144       ESTABLISHED     3784
  TCP    169.254.2.2:5721       0.0.0.0:0              LISTENING       2428
  TCP    169.254.2.2:26675      169.254.2.1:1158       ESTABLISHED     4
  TCP    192.168.1.101:139      0.0.0.0:0              LISTENING       4
  TCP    192.168.1.101:1138     207.46.109.42:1863     ESTABLISHED     1424
  TCP    192.168.1.101:1341     24.225.201.62:56841    ESTABLISHED     3812
  TCP    192.168.1.101:1933     62.189.194.207:80      TIME_WAIT       0
  TCP    192.168.1.101:1935     64.156.132.140:80      TIME_WAIT       0
  TCP    192.168.1.101:1964     62.189.194.207:80      TIME_WAIT       0
  TCP    192.168.1.101:2807     192.168.10.70:445      ESTABLISHED     4
  TCP    192.168.1.101:58898    192.168.1.1:2869       CLOSING         1424
  UDP    0.0.0.0:445            *:*                                    4
  UDP    0.0.0.0:500            *:*                                    752
  UDP    0.0.0.0:1028           *:*                                    1472
  UDP    0.0.0.0:1041           *:*                                    1164
  UDP    0.0.0.0:1099           *:*                                    1424
  UDP    0.0.0.0:1136           *:*                                    1164
  UDP    0.0.0.0:4500           *:*                                    752
  UDP    0.0.0.0:57830          *:*                                    3812
  UDP    127.0.0.1:123          *:*                                    1092
  UDP    127.0.0.1:1080         *:*                                    3812
  UDP    127.0.0.1:1131         *:*                                    1424
  UDP    127.0.0.1:1900         *:*                                    1244
  UDP    127.0.0.1:1931         *:*                                    1396
  UDP    127.0.0.1:1946         *:*                                    3356
  UDP    169.254.2.2:123        *:*                                    1092
  UDP    169.254.2.2:137        *:*                                    4
  UDP    169.254.2.2:138        *:*                                    4
  UDP    169.254.2.2:1900       *:*                                    1244
  UDP    169.254.2.2:15797      *:*                                    1424
  UDP    169.254.2.2:62567      *:*                                    1424
  UDP    192.168.1.101:123      *:*                                    1092
  UDP    192.168.1.101:137      *:*                                    4
  UDP    192.168.1.101:138      *:*                                    4
  UDP    192.168.1.101:1900     *:*                                    1244
  UDP    192.168.1.101:12215    *:*                                    1424
  UDP    192.168.1.101:60844    *:*                                    1424
0
 
LVL 57

Expert Comment

by:giltjr
ID: 19602658
O.K, it looks like you have two network connections.  Are you using this as a Internet Connection Sharing devices?


I would figure out what all of the following is.  You need to find out what  the PIDs are.  These are listening, which means they are waiting for somebody to connect to them.  If your firewall is not configured properly, then somebody could connect to your computer via the Internet.

TCP    0.0.0.0:990            0.0.0.0:0              LISTENING       2428
TCP    0.0.0.0:999            0.0.0.0:0              LISTENING       3784
TCP    0.0.0.0:2869           0.0.0.0:0              LISTENING       1244
TCP    0.0.0.0:10243          0.0.0.0:0              LISTENING       2036
TCP    0.0.0.0:26675          0.0.0.0:0              LISTENING       3784
TCP    0.0.0.0:57830          0.0.0.0:0              LISTENING       3812
UDP    192.168.1.101:1900     *:*                                    1244
UDP    192.168.1.101:12215    *:*                                    1424
UDP    192.168.1.101:60844    *:*                                    1424
UDP    169.254.2.2:1900       *:*                                    1244
UDP    169.254.2.2:15797      *:*                                    1424
UDP    169.254.2.2:62567      *:*                                    1424
0
 
LVL 66

Accepted Solution

by:
johnb6767 earned 150 total points
ID: 19603822
TCPView for Windows v2.4
http://www.microsoft.com/technet/sysinternals/Utilities/TcpView.mspx

GUI alternative to the old netstat -abn command.......
0
 

Author Comment

by:aphuk
ID: 19661500
giltjr:

sorry did not get back sooner but i have been in a location with no internet connection

can you help me with finding out what the PID's are ?

0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 100 total points
ID: 19662985
You may want to use the program that johnb6767 suggested.  I beleive it will tell you what task/program is associated with the PIDs listed in the output of the netstat command.
0
 

Author Comment

by:aphuk
ID: 19683455
Sorry it took so long but I got there in the end. Only Grey area is
'Internet Gateway > Internet Connection'
from what i can work out it seems that if i have a wireless connection then it appears
if i am using cable then it does'nt
I have both network types on my laptop.

Used Netstat and TCPView for Windows v2.4 and then good old Google to look up each item in the list and they all seemed to be Valid so 'all's well that ends well'
0
 
LVL 57

Expert Comment

by:giltjr
ID: 19683553
My guess is that you have your computer configured for Internet Connection Sharing (ICS).  This is only active if you have two network connection.  You can't use ICS with a single connection.
0
 

Author Comment

by:aphuk
ID: 19683864
found how it can be installed here
http://www.practicallynetworked.com/sharing/xp_ics/

found out how to remove it here
http://support.microsoft.com/kb/263276
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
How do we balance the user experience (UX) with reasonable security measures? It can be done, if you keep these fundamentals in mind.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question