what are these network connections for
I have a 2003 domain controller and need demote them. when I check the network connections on these two servers, I found some of the following connections and want to know if it's OK to stop them or not.
>netstat -na -p tcp | more
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:53 0.0.0.0:0 LISTENING
TCP 0.0.0.0:88 0.0.0.0:0 LISTENING
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:389 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:464 0.0.0.0:0 LISTENING
TCP 0.0.0.0:593 0.0.0.0:0 LISTENING
TCP 0.0.0.0:636 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1027 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1089 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1125 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1160 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1167 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3052 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3268 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3269 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5007 0.0.0.0:0 LISTENING
TCP 10.1.6.4:135 10.1.6.4:4379 ESTABLISHED
TCP 10.1.6.4:135 10.1.6.15:3433 ESTABLISHED
TCP 10.1.6.4:135 10.1.6.20:3214 ESTABLISHED
TCP 10.1.6.4:135 10.1.6.221:41697 ESTABLISHED
TCP 10.1.6.4:135 10.1.6.222:34122 ESTABLISHED
TCP 10.1.6.4:135 10.1.7.60:61516 ESTABLISHED
TCP 10.1.6.4:135 10.50.240.6:56882 ESTABLISHED
TCP 10.1.6.4:135 10.50.240.6:56883 ESTABLISHED
TCP 10.1.6.4:135 10.50.240.164:49202 ESTABLISHED
TCP 10.1.6.4:135 192.168.254.79:61903 ESTABLISHED
TCP 10.1.6.4:139 0.0.0.0:0 LISTENING
TCP 10.1.6.4:139 10.1.6.70:2853 ESTABLISHED
TCP 10.1.6.4:139 10.1.7.217:22800 ESTABLISHED
TCP 10.1.6.4:389 10.1.5.28:1556 TIME_WAIT
TCP 10.1.6.4:389 10.1.5.28:1560 TIME_WAIT
TCP 10.1.6.4:389 10.1.6.4:4412 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.9:2554 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.20:4150 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.24:60342 TIME_WAIT
TCP 10.1.6.4:389 10.1.6.143:61669 TIME_WAIT
TCP 10.1.6.4:389 10.1.6.173:58442 TIME_WAIT
TCP 10.1.6.4:389 10.1.6.223:12533 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:17701 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:17703 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:18997 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:18999 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19000 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19009 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19013 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19015 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19020 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19031 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19032 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19042 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19114 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:33771 ESTABLISHED
.......
TCP 10.1.6.4:389 10.150.1.10:49986 TIME_WAIT
TCP 10.1.6.4:389 10.150.1.10:53343 ESTABLISHED
TCP 10.1.6.4:389 10.150.1.10:55249 TIME_WAIT
TCP 10.1.6.4:389 10.150.4.196:55330 TIME_WAIT
TCP 10.1.6.4:389 172.26.1.83:13063 TIME_WAIT
TCP 10.1.6.4:389 172.26.1.83:13064 TIME_WAIT
TCP 10.1.6.4:389 172.26.1.83:13069 TIME_WAIT
TCP 10.1.6.4:389 192.168.252.45:52631 TIME_WAIT
TCP 10.1.6.4:389 192.168.254.76:49343 TIME_WAIT
TCP 10.1.6.4:445 10.1.4.47:50705 ESTABLISHED
TCP 10.1.6.4:445 10.1.6.13:56776 ESTABLISHED
TCP 10.1.6.4:445 10.1.6.42:61897 ESTABLISHED
TCP 10.1.6.4:445 10.1.6.46:2858 ESTABLISHED
TCP 10.1.6.4:445 10.1.6.120:63566 ESTABLISHED
TCP 10.1.6.4:445 10.1.6.145:59268 ESTABLISHED
TCP 10.1.6.4:445 10.1.6.218:59709 ESTABLISHED
TCP 10.1.6.4:445 10.1.6.244:49230 ESTABLISHED
TCP 10.1.6.4:445 10.1.7.124:55670 ESTABLISHED
TCP 10.1.6.4:445 10.50.240.5:62971 ESTABLISHED
TCP 10.1.6.4:445 10.50.240.6:54482 ESTABLISHED
TCP 10.1.6.4:445 10.50.240.7:54571 ESTABLISHED
TCP 10.1.6.4:445 10.50.240.44:49454 ESTABLISHED
TCP 10.1.6.4:445 10.50.240.48:57235 ESTABLISHED
TCP 10.1.6.4:445 10.50.240.53:63978 ESTABLISHED
TCP 10.1.6.4:445 10.50.240.164:53562 ESTABLISHED
TCP 10.1.6.4:445 10.50.249.125:23781 ESTABLISHED
TCP 10.1.6.4:445 10.50.249.135:62081 ESTABLISHED
TCP 10.1.6.4:445 10.50.249.193:50397 ESTABLISHED
TCP 10.1.6.4:445 10.50.249.231:50372 ESTABLISHED
TCP 10.1.6.4:445 10.100.1.76:54148 ESTABLISHED
TCP 10.1.6.4:445 10.100.2.184:61596 ESTABLISHED
TCP 10.1.6.4:445 10.100.3.84:61326 ESTABLISHED
TCP 10.1.6.4:445 10.101.1.137:56579 ESTABLISHED
TCP 10.1.6.4:445 10.101.4.174:49452 ESTABLISHED
TCP 10.1.6.4:445 10.102.2.43:56053 ESTABLISHED
TCP 10.1.6.4:445 10.102.2.53:57267 ESTABLISHED
TCP 10.1.6.4:445 10.103.2.192:52987 ESTABLISHED
TCP 10.1.6.4:445 10.104.2.173:50059 ESTABLISHED
TCP 10.1.6.4:445 10.105.1.98:49742 ESTABLISHED
TCP 10.1.6.4:445 10.105.2.23:56695 ESTABLISHED
TCP 10.1.6.4:445 10.108.1.14:58221 ESTABLISHED
TCP 10.1.6.4:445 10.108.4.34:26511 ESTABLISHED
TCP 10.1.6.4:445 10.110.2.85:23872 ESTABLISHED
TCP 10.1.6.4:445 10.111.1.41:15494 ESTABLISHED
TCP 10.1.6.4:445 10.120.20.64:54369 ESTABLISHED
TCP 10.1.6.4:445 10.120.21.155:62529 ESTABLISHED
TCP 10.1.6.4:445 10.120.30.177:50972 ESTABLISHED
TCP 10.1.6.4:445 10.120.31.161:50646 ESTABLISHED
TCP 10.1.6.4:445 10.120.31.225:57164 ESTABLISHED
TCP 10.1.6.4:445 10.150.4.9:49178 ESTABLISHED
TCP 10.1.6.4:445 10.150.6.173:62500 ESTABLISHED
TCP 10.1.6.4:1026 10.1.5.28:1554 ESTABLISHED
TCP 10.1.6.4:1026 10.1.5.94:20671 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.4:1095 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.4:3903 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.4:4422 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.4:4458 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.5:2599 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.5:2618 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.15:3434 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.20:3215 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.24:60339 ESTABLISHED
If I want to do a test to manully kill them, which command should I use, thank you.
>netstat -na -p tcp | more
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:53 0.0.0.0:0 LISTENING
TCP 0.0.0.0:88 0.0.0.0:0 LISTENING
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:389 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:464 0.0.0.0:0 LISTENING
TCP 0.0.0.0:593 0.0.0.0:0 LISTENING
TCP 0.0.0.0:636 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1027 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1089 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1125 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1160 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1167 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3052 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3268 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3269 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5007 0.0.0.0:0 LISTENING
TCP 10.1.6.4:135 10.1.6.4:4379 ESTABLISHED
TCP 10.1.6.4:135 10.1.6.15:3433 ESTABLISHED
TCP 10.1.6.4:135 10.1.6.20:3214 ESTABLISHED
TCP 10.1.6.4:135 10.1.6.221:41697 ESTABLISHED
TCP 10.1.6.4:135 10.1.6.222:34122 ESTABLISHED
TCP 10.1.6.4:135 10.1.7.60:61516 ESTABLISHED
TCP 10.1.6.4:135 10.50.240.6:56882 ESTABLISHED
TCP 10.1.6.4:135 10.50.240.6:56883 ESTABLISHED
TCP 10.1.6.4:135 10.50.240.164:49202 ESTABLISHED
TCP 10.1.6.4:135 192.168.254.79:61903 ESTABLISHED
TCP 10.1.6.4:139 0.0.0.0:0 LISTENING
TCP 10.1.6.4:139 10.1.6.70:2853 ESTABLISHED
TCP 10.1.6.4:139 10.1.7.217:22800 ESTABLISHED
TCP 10.1.6.4:389 10.1.5.28:1556 TIME_WAIT
TCP 10.1.6.4:389 10.1.5.28:1560 TIME_WAIT
TCP 10.1.6.4:389 10.1.6.4:4412 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.9:2554 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.20:4150 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.24:60342 TIME_WAIT
TCP 10.1.6.4:389 10.1.6.143:61669 TIME_WAIT
TCP 10.1.6.4:389 10.1.6.173:58442 TIME_WAIT
TCP 10.1.6.4:389 10.1.6.223:12533 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:17701 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:17703 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:18997 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:18999 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19000 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19009 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19013 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19015 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19020 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19031 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19032 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19042 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:19114 ESTABLISHED
TCP 10.1.6.4:389 10.1.6.223:33771 ESTABLISHED
.......
TCP 10.1.6.4:389 10.150.1.10:49986 TIME_WAIT
TCP 10.1.6.4:389 10.150.1.10:53343 ESTABLISHED
TCP 10.1.6.4:389 10.150.1.10:55249 TIME_WAIT
TCP 10.1.6.4:389 10.150.4.196:55330 TIME_WAIT
TCP 10.1.6.4:389 172.26.1.83:13063 TIME_WAIT
TCP 10.1.6.4:389 172.26.1.83:13064 TIME_WAIT
TCP 10.1.6.4:389 172.26.1.83:13069 TIME_WAIT
TCP 10.1.6.4:389 192.168.252.45:52631 TIME_WAIT
TCP 10.1.6.4:389 192.168.254.76:49343 TIME_WAIT
TCP 10.1.6.4:445 10.1.4.47:50705 ESTABLISHED
TCP 10.1.6.4:445 10.1.6.13:56776 ESTABLISHED
TCP 10.1.6.4:445 10.1.6.42:61897 ESTABLISHED
TCP 10.1.6.4:445 10.1.6.46:2858 ESTABLISHED
TCP 10.1.6.4:445 10.1.6.120:63566 ESTABLISHED
TCP 10.1.6.4:445 10.1.6.145:59268 ESTABLISHED
TCP 10.1.6.4:445 10.1.6.218:59709 ESTABLISHED
TCP 10.1.6.4:445 10.1.6.244:49230 ESTABLISHED
TCP 10.1.6.4:445 10.1.7.124:55670 ESTABLISHED
TCP 10.1.6.4:445 10.50.240.5:62971 ESTABLISHED
TCP 10.1.6.4:445 10.50.240.6:54482 ESTABLISHED
TCP 10.1.6.4:445 10.50.240.7:54571 ESTABLISHED
TCP 10.1.6.4:445 10.50.240.44:49454 ESTABLISHED
TCP 10.1.6.4:445 10.50.240.48:57235 ESTABLISHED
TCP 10.1.6.4:445 10.50.240.53:63978 ESTABLISHED
TCP 10.1.6.4:445 10.50.240.164:53562 ESTABLISHED
TCP 10.1.6.4:445 10.50.249.125:23781 ESTABLISHED
TCP 10.1.6.4:445 10.50.249.135:62081 ESTABLISHED
TCP 10.1.6.4:445 10.50.249.193:50397 ESTABLISHED
TCP 10.1.6.4:445 10.50.249.231:50372 ESTABLISHED
TCP 10.1.6.4:445 10.100.1.76:54148 ESTABLISHED
TCP 10.1.6.4:445 10.100.2.184:61596 ESTABLISHED
TCP 10.1.6.4:445 10.100.3.84:61326 ESTABLISHED
TCP 10.1.6.4:445 10.101.1.137:56579 ESTABLISHED
TCP 10.1.6.4:445 10.101.4.174:49452 ESTABLISHED
TCP 10.1.6.4:445 10.102.2.43:56053 ESTABLISHED
TCP 10.1.6.4:445 10.102.2.53:57267 ESTABLISHED
TCP 10.1.6.4:445 10.103.2.192:52987 ESTABLISHED
TCP 10.1.6.4:445 10.104.2.173:50059 ESTABLISHED
TCP 10.1.6.4:445 10.105.1.98:49742 ESTABLISHED
TCP 10.1.6.4:445 10.105.2.23:56695 ESTABLISHED
TCP 10.1.6.4:445 10.108.1.14:58221 ESTABLISHED
TCP 10.1.6.4:445 10.108.4.34:26511 ESTABLISHED
TCP 10.1.6.4:445 10.110.2.85:23872 ESTABLISHED
TCP 10.1.6.4:445 10.111.1.41:15494 ESTABLISHED
TCP 10.1.6.4:445 10.120.20.64:54369 ESTABLISHED
TCP 10.1.6.4:445 10.120.21.155:62529 ESTABLISHED
TCP 10.1.6.4:445 10.120.30.177:50972 ESTABLISHED
TCP 10.1.6.4:445 10.120.31.161:50646 ESTABLISHED
TCP 10.1.6.4:445 10.120.31.225:57164 ESTABLISHED
TCP 10.1.6.4:445 10.150.4.9:49178 ESTABLISHED
TCP 10.1.6.4:445 10.150.6.173:62500 ESTABLISHED
TCP 10.1.6.4:1026 10.1.5.28:1554 ESTABLISHED
TCP 10.1.6.4:1026 10.1.5.94:20671 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.4:1095 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.4:3903 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.4:4422 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.4:4458 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.5:2599 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.5:2618 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.15:3434 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.20:3215 ESTABLISHED
TCP 10.1.6.4:1026 10.1.6.24:60339 ESTABLISHED
If I want to do a test to manully kill them, which command should I use, thank you.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yes they will, provided they can reach those servers. These services are standard connections and AD clients use DNS to find the closest DC. So if you have a new DC and its in DNS (which it should be), then the clients will redirect to them.
ASKER
Thanks, then do you have other suggestions to demote domain controllers?
Or any links will help? thanks.
Or any links will help? thanks.
The best test is to just shutdown that server. I don't expect you to have any issues, but doing that will show you.
ASKER