Solved

netstat shows suspicious connections

Posted on 2008-10-17
4
1,168 Views
Last Modified: 2013-12-04
since few days,  there are lot of suspicoius activities on my desktop like double click does not open the file or database connection.
hence to check it i executed netstat command to see who is connected to my machine
and everytime i have this problem and after i run netstat i get list of connections, one of which is machine of my coworker. everytime i have such unusual behaviors running on my pc and i run netstat i find a connection with my co-workers' machine
the connection was through port - 1865
can you pl help whats going on,,,
0
Comment
Question by:at999
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 17

Accepted Solution

by:
OriNetworks earned 250 total points
ID: 22747069
You can begin by running netstat -b

the -b switch will show you what program is running on that port. It may be nothing to worry about but my biggest question is are you using a firewall?? This is the most basic step you can take to protect yourself. Also, do you have any antivirus software installed and up to date. Lastly, do you have a good AntiSpyware program such as Microsofts free Windows Defender installed?

I would do a full scan with you AntiVirus and AntiSpyware software just to be safe and make sure your firewall in ON
0
 
LVL 23

Assisted Solution

by:phototropic
phototropic earned 250 total points
ID: 22747542
A Hijackthis scan log would help to show what is going on on your pc.

Download here:

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

Download the installer. Click on "Do a system scan and save a logfile". Post the scan log here via the "attach code snippet" box below.
0
 

Author Comment

by:at999
ID: 22749359
thnks for ur comments...

actually this is not continuous ,....
sometimes this happens, and everytime i see such supicious behavior of applications I use like double click on that application wont work etc.,  i find that the machine of my co-worker is connected to my machine

when i do a netstat -b,  it does not list any program that is running on this port...

i'll try turning firewall on...  will the window's xp firewal be enough
mny thnks
0
 

Author Comment

by:at999
ID: 22758043
Netstat commands shows this

TCP    DEF:3782           ABC http  ESTABLISHED     732
c:\windows\system32\WS2_32.dll
C:\WINDOWS\system32\WININET.dll
-- unknown component(s) --

where ABC is my coworker's machine and DEF is my machine  
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
default domain policy in AD exemptions 3 89
Full list of ransomwares to date 6 140
Allow X-Forwarded-For Headers to Site or No? 3 89
Penetration Testing home based work 3 93
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question