Link to home
Create AccountLog in
Avatar of montana4me
montana4me

asked on

Possible back door unknown connection on port 1220

I ran the following at start up netstat -b 5 > activity.txt. Here is a line from the output file:

TCP    Chris-T42p:1220        c-24-6-141-198.hsd1.ca.comcast.net:24017  TIME_WAIT       0
  TCP    Chris-T42p:1241        192.168.1.6:http       TIME_WAIT       0
  TCP    Chris-T42p:1249        192.168.1.6:3128       TIME_WAIT       0
  TCP    Chris-T42p:1031        localhost:8200         SYN_SENT        3312
  [javaw.exe]

I don't know what is trying to connect to port 1220  in Canada, but I suspect it is not good. According to my Avast antivirus I don't have any problems. I cannot find much info by searching about port 1220. To provide a solution, please identify the program what is requesting this connection and how to remove it if it is bad. If it is benign, then just identifying it is OK. Thanks.
ASKER CERTIFIED SOLUTION
Avatar of al_ghamdi
al_ghamdi

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of montana4me
montana4me

ASKER

Hello al_ghamdi

How can I see for myself that the connection being made by Javaw.exe to c-24-6-141-198.hsd1.ca.comcast.net:24017 on port 1220 is being made by QT Server Admin?

If I can see it for myself, I would accept your answer.

Thanks.
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
SOLUTION
Avatar of johnb6767
johnb6767
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Forced accept.

Computer101
EE Admin