Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 - Tcp/Udp connections log


  • Please log in to reply
3 replies to this topic

#1 Scaroptics

Scaroptics

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:58 PM

Posted 23 November 2013 - 09:29 PM

Here is a cmd prompt log that I copied, these are live connections that are running on PC

 

 

 

 

C:\Windows\system32>netstat -a -o -n

Active Connections

  Proto  Local Address          Foreign Address        State           PID
  TCP    0.0.0.0:135            0.0.0.0:0              LISTENING       856
  TCP    0.0.0.0:445            0.0.0.0:0              LISTENING       4
  TCP    0.0.0.0:2869           0.0.0.0:0              LISTENING       4
  TCP    0.0.0.0:12025          0.0.0.0:0              LISTENING       1348
  TCP    0.0.0.0:12110          0.0.0.0:0              LISTENING       1348
  TCP    0.0.0.0:12119          0.0.0.0:0              LISTENING       1348
  TCP    0.0.0.0:12143          0.0.0.0:0              LISTENING       1348
  TCP    0.0.0.0:12465          0.0.0.0:0              LISTENING       1348
  TCP    0.0.0.0:12563          0.0.0.0:0              LISTENING       1348
  TCP    0.0.0.0:12993          0.0.0.0:0              LISTENING       1348
  TCP    0.0.0.0:12995          0.0.0.0:0              LISTENING       1348
  TCP    0.0.0.0:27275          0.0.0.0:0              LISTENING       1348
  TCP    0.0.0.0:49152          0.0.0.0:0              LISTENING       548
  TCP    0.0.0.0:49153          0.0.0.0:0              LISTENING       980
  TCP    0.0.0.0:49154          0.0.0.0:0              LISTENING       652
  TCP    0.0.0.0:49155          0.0.0.0:0              LISTENING       408
  TCP    0.0.0.0:49156          0.0.0.0:0              LISTENING       628
  TCP    127.0.0.1:12025        0.0.0.0:0              LISTENING       1348
  TCP    127.0.0.1:12080        0.0.0.0:0              LISTENING       1348
  TCP    127.0.0.1:12110        0.0.0.0:0              LISTENING       1348
  TCP    127.0.0.1:12119        0.0.0.0:0              LISTENING       1348
  TCP    127.0.0.1:12143        0.0.0.0:0              LISTENING       1348
  TCP    127.0.0.1:12465        0.0.0.0:0              LISTENING       1348
  TCP    127.0.0.1:12563        0.0.0.0:0              LISTENING       1348
  TCP    127.0.0.1:12993        0.0.0.0:0              LISTENING       1348
  TCP    127.0.0.1:12995        0.0.0.0:0              LISTENING       1348
  TCP    127.0.0.1:27275        0.0.0.0:0              LISTENING       1348
  TCP    127.0.0.1:49310        127.0.0.1:49311        ESTABLISHED     3300
  TCP    127.0.0.1:49311        127.0.0.1:49310        ESTABLISHED     3300
  TCP    127.0.0.1:49427        127.0.0.1:12080        TIME_WAIT       0
  TCP    192.168.0.11:139       0.0.0.0:0              LISTENING       4
  TCP    192.168.0.11:49160     77.234.44.51:80        ESTABLISHED     1348
  TCP    192.168.0.11:49281     173.194.46.103:80      CLOSE_WAIT      1368
  TCP    192.168.0.11:49313     74.125.225.113:80      TIME_WAIT       0
  TCP    192.168.0.11:49314     74.125.225.113:443     ESTABLISHED     3300
  TCP    192.168.0.11:49354     74.125.29.95:443       ESTABLISHED     3300
  TCP    192.168.0.11:49404     211.234.116.208:80     TIME_WAIT       0
  TCP    192.168.0.11:49408     211.234.116.208:80     TIME_WAIT       0
  TCP    192.168.0.11:49410     211.234.116.208:80     TIME_WAIT       0
  TCP    192.168.0.11:49412     211.234.116.208:80     TIME_WAIT       0
  TCP    192.168.0.11:49413     211.234.116.208:80     TIME_WAIT       0
  TCP    192.168.0.11:49414     211.234.116.208:80     TIME_WAIT       0
  TCP    192.168.0.11:49416     74.125.29.156:80       TIME_WAIT       0
  TCP    192.168.0.11:49420     74.125.228.44:443      ESTABLISHED     3300
  TCP    192.168.0.11:49422     74.125.228.98:80       TIME_WAIT       0
  TCP    192.168.0.11:49424     74.125.228.67:80       TIME_WAIT       0
  TCP    192.168.0.11:49426     74.125.228.9:80        TIME_WAIT       0
  TCP    192.168.0.11:49443     74.125.29.95:80        TIME_WAIT       0
  TCP    192.168.0.11:49444     74.125.29.95:80        TIME_WAIT       0
  TCP    192.168.0.11:49445     74.125.29.95:80        TIME_WAIT       0
  TCP    192.168.0.11:49448     54.230.103.80:80       TIME_WAIT       0
  TCP    192.168.0.11:49452     74.125.228.44:80       TIME_WAIT       0
  TCP    192.168.0.11:49453     74.125.228.9:80        TIME_WAIT       0
  TCP    192.168.0.11:49454     107.22.182.190:80      LAST_ACK        1348
  TCP    192.168.0.11:49457     74.125.*106:80      TIME_WAIT       0
  TCP    192.168.0.11:49458     74.125.2*8.106:80      TIME_WAIT       0
  TCP    192.168.0.11:49461     74.125.22*.114:80      TIME_WAIT       0
  TCP    192.168.0.11:49462     74.125.2*.95:443       TIME_WAIT       0
  TCP    192.168.0.11:49464     74.125.2*5.114:80      TIME_WAIT       0
  TCP    192.168.0.11:49465     74.125.1*6.113:80      TIME_WAIT       0
  TCP    [::]:135               [::]:0                 LISTENING       856
  TCP    [::]:445               [::]:0                 LISTENING       4
  TCP    [::]:2869              [::]:0                 LISTENING       4
  TCP    [::]:49152             [::]:0                 LISTENING       548
  TCP    [::]:49153             [::]:0                 LISTENING       980
  TCP    [::]:49154             [::]:0                 LISTENING       652
  TCP    [::]:49155             [::]:0                 LISTENING       408
  TCP    [::]:49156             [::]:0                 LISTENING       628
  TCP    [::1]:12025            [::]:0                 LISTENING       1348
  TCP    [::1]:12080            [::]:0                 LISTENING       1348
  TCP    [::1]:12110            [::]:0                 LISTENING       1348
  TCP    [::1]:12119            [::]:0                 LISTENING       1348
  TCP    [::1]:12143            [::]:0                 LISTENING       1348
  TCP    [::1]:12465            [::]:0                 LISTENING       1348
  TCP    [::1]:12563            [::]:0                 LISTENING       1348
  TCP    [::1]:12993            [::]:0                 LISTENING       1348
  TCP    [::1]:12995            [::]:0                 LISTENING       1348
  TCP    [::1]:27275            [::]:0                 LISTENING       1348
  UDP    0.0.0.0:53             *:*                                    408
  UDP    0.0.0.0:161            *:*                                    1936
  UDP    0.0.0.0:500            *:*                                    408
  UDP    0.0.0.0:4500           *:*                                    408
  UDP    0.0.0.0:5355           *:*                                    1160
  UDP    0.0.0.0:53602          *:*                                    408
  UDP    0.0.0.0:53612          *:*                                    408
  UDP    0.0.0.0:53614          *:*                                    408
  UDP    127.0.0.1:1900         *:*                                    2812
  UDP    127.0.0.1:53603        *:*                                    408
  UDP    127.0.0.1:53623        *:*                                    2812
  UDP    192.168.0.11:137       *:*                                    4
  UDP    192.168.0.11:138       *:*                                    4
  UDP    192.168.0.11:1900      *:*                                    2812
  UDP    192.168.0.11:53622     *:*                                    2812
  UDP    [::]:161               *:*                                    1936
  UDP    [::]:500               *:*                                    408
  UDP    [::]:547               *:*                                    408
  UDP    [::]:4500              *:*                                    408
  UDP    [::]:5355              *:*                                    1160
  UDP    [::]:53613             *:*                                    408
  UDP    [::]:53615             *:*                                    408
  UDP    [::1]:1900             *:*                                    2812
  UDP    [::1]:53621            *:*                                    2812
  UDP    [fe80::3966:f595:233:b5db%12]:53  *:*
  408
  UDP    [fe80::3966:f595:233:b5db%12]:546  *:*
   980
  UDP    [fe80::3966:f595:233:b5db%12]:1900  *:*
    2812
  UDP    [fe80::3966:f595:233:b5db%12]:53620  *:*
     2812

C:\Windows\system32>
 

Is everything looking ok? How can you tell and what should I look for?



BC AdBot (Login to Remove)

 


#2 jhayz

jhayz

  • BC Advisor
  • 6,922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:58 AM

Posted 24 November 2013 - 02:12 AM

:welcome: Scaroptics to Bleeping Computer Community.

Please see this link for a clearer explanation on how to investigate the listening and established ports regarding the path and process ID. Hope this helps.


Tekken
 


#3 Scaroptics

Scaroptics
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:58 PM

Posted 24 November 2013 - 12:42 PM

Ok, that gives me a better explaination on what I'm trying to do Thank you



#4 jhayz

jhayz

  • BC Advisor
  • 6,922 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:58 AM

Posted 24 November 2013 - 06:28 PM

:thumbup2:


Tekken
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users