a couple questions i need help on (overall concept should do) --
at a CMD prompt you type netstat -a -o -n.... note any TCP entries with status of ESTABLISHED and foreign address OTHER than 127.0.0.1.
what's the deal with these sites / ports? are they actually monitoring port 80 traffic & if so, what can they see? do keystroke readers operate in that fashion (simply monitoring ports or something).
i'm interested in understanding more about those entries. please explain.