Solved

Why am I getting all these TCP connections from places I don't know.

Posted on 2014-02-28
12
382 Views
Last Modified: 2014-03-11
My computer is running slow and I think it is because of TCP connections coming in to my computer.

See image below.  What can I do to stop this kind of stuff?

TCP Port Connections reported by "netstat -no"
Thanks for your help.
0
Comment
Question by:LessonsLearned
  • 4
  • 3
  • 2
  • +3
12 Comments
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 100 total points
ID: 39896544
Those are IP addresses that you are connecting to with either your web browser or maybe some media program.  What programs did you have open when you did this scan?

74.125.0.0 - 74.125.255.255 is Google.
23.72.0.0 - 23.79.255.255 is the AKAMAI content delivery network.
207.200.0.0 - 207.200.63.255 is OnRamp but I don't know what they do.
66.63.128.0 - 66.63.128.255 is Nethere and I don't know what they do either.

You can look up all the others too.  There is nothing wrong with having all those connections.  They can simply be a result of using your web browser.
0
 
LVL 37

Assisted Solution

by:Bing CISM / CISSP
Bing CISM / CISSP earned 275 total points
ID: 39896546
Download and run TCPVIEW from Microsoft to check which program or process is causing most connections.

http://technet.microsoft.com/en-us/sysinternals/bb897437.aspx
0
 
LVL 92

Expert Comment

by:John Hurst
ID: 39896548
Some of the IP addresses are Onramp (Your ISP maybe) and Akamai (content supplier). It looks (in a brief look) like stuff you asked for.

Do you keep IE open with lots of open tabs?
0
 
LVL 7

Expert Comment

by:Sivaraj E
ID: 39896715
You can install WireShark a free open source network traffic and port monitoring tool to analyze, Its a real time analyzer.

http://www.wireshark.org/download.html

Regards, Shiva
0
 
LVL 37

Accepted Solution

by:
Bing CISM / CISSP earned 275 total points
ID: 39896830
even if you use NETSTAT only, you may use -o option to display the owning process ID associated with each connection, therefore you can trace back to the process name per ID using Windows Task Manager.
0
 
LVL 61

Expert Comment

by:gheist
ID: 39897860
Your netstat looks like you use IE to browse the web... Problem is somewhere else.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:LessonsLearned
ID: 39900594
Oh, okay.  So this is normal.  I do use IE and Firefox to browse the web, but I close them when I am finished.   Correct me if I am wrong, but when I close the browsers, shouldn't the tcp connections close as well?
0
 
LVL 61

Expert Comment

by:gheist
ID: 39900652
TCP stack is expected to keep lingering (kind of not completely closed) connections open for a while after protocol closed locally
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
ID: 39900676
> when I close the browsers, shouldn't the tcp connections close as well?

basically, YES.

technically, you can't see the connections disappear instantly as it may take a while waiting for timeout. Eventually, all connections established by IE will be closed once IE is terminated.
0
 
LVL 61

Assisted Solution

by:gheist
gheist earned 125 total points
ID: 39901215
No, time_wait connections wait for predefined time so other end has chance to close correctly. They are no more sockets held by a process.
0
 

Author Closing Comment

by:LessonsLearned
ID: 39921092
Thank you very much.  I now have a better understanding of how this works.
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
ID: 39922338
> No, time_wait connections wait for
predefined time so other end has
chance to close correctly. They are no
more sockets held by a process.

thanks for correcting me.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
small, multi network, problem 3 84
cloning computer 13 68
Unable to RDP to windows 10 pro machine 15 76
Looking for open port with Telnet 5 37
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now