Solved

netstat shows suspicious connections

Posted on 2008-10-17
4
1,183 Views
Last Modified: 2013-12-04
since few days,  there are lot of suspicoius activities on my desktop like double click does not open the file or database connection.
hence to check it i executed netstat command to see who is connected to my machine
and everytime i have this problem and after i run netstat i get list of connections, one of which is machine of my coworker. everytime i have such unusual behaviors running on my pc and i run netstat i find a connection with my co-workers' machine
the connection was through port - 1865
can you pl help whats going on,,,
0
Comment
Question by:at999
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 17

Accepted Solution

by:
OriNetworks earned 250 total points
ID: 22747069
You can begin by running netstat -b

the -b switch will show you what program is running on that port. It may be nothing to worry about but my biggest question is are you using a firewall?? This is the most basic step you can take to protect yourself. Also, do you have any antivirus software installed and up to date. Lastly, do you have a good AntiSpyware program such as Microsofts free Windows Defender installed?

I would do a full scan with you AntiVirus and AntiSpyware software just to be safe and make sure your firewall in ON
0
 
LVL 23

Assisted Solution

by:phototropic
phototropic earned 250 total points
ID: 22747542
A Hijackthis scan log would help to show what is going on on your pc.

Download here:

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

Download the installer. Click on "Do a system scan and save a logfile". Post the scan log here via the "attach code snippet" box below.
0
 

Author Comment

by:at999
ID: 22749359
thnks for ur comments...

actually this is not continuous ,....
sometimes this happens, and everytime i see such supicious behavior of applications I use like double click on that application wont work etc.,  i find that the machine of my co-worker is connected to my machine

when i do a netstat -b,  it does not list any program that is running on this port...

i'll try turning firewall on...  will the window's xp firewal be enough
mny thnks
0
 

Author Comment

by:at999
ID: 22758043
Netstat commands shows this

TCP    DEF:3782           ABC http  ESTABLISHED     732
c:\windows\system32\WS2_32.dll
C:\WINDOWS\system32\WININET.dll
-- unknown component(s) --

where ABC is my coworker's machine and DEF is my machine  
0

Featured Post

Enroll in June's Course of the Month

June’s Course of the Month is now available! Experts Exchange’s Premium Members, Team Accounts, and Qualified Experts have access to a complimentary course each month as part of their membership—an extra way to sharpen your skills and increase training.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
OfficeMate Freezes on login or does not load after login credentials are input.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question