Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is someone remotely logging into my laptop


  • This topic is locked This topic is locked
14 replies to this topic

#1 marie0329

marie0329

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:25 PM

Posted 22 July 2015 - 11:50 AM

Trying very hard to understand the computer world and not having very much luck.  Any light anyone could shed on the below would be greatly appreciated.

 

I ran netstat and was not logged into any applications, programs etc and the below information was returned:

 

Proto    Local Address              Foreign Address                        State

TCP     192.168.1.155:2869     BasementLaptop:61109            TIME_WAIT

TCP     192.168.1.155:59665   msnbot-65-52-108-227:https     ESTABLISHED

TCP     192.168.1.155:60003   bn3sch020010553:https            ESTABLISHED

TCP     192.168.1.155:60075   59:https                                     TIME_WAIT

TCP     192.168.1.155:60078   7ga25s41-in-f2:http                   TIME_WAIT

TCP     192.168.1.155:60083   7ga15s42-in-f16:http                 TIME_WAIT

TCP     192.168.1.155:60095   ghs-vip-any-c1018:http             TIME_WAIT

TCP     192.168.1.155:60109   7ga15s49-in-f16:https               TIME_WAIT

TCP     192.168.1.155:60110   7ga25s40-in-f205:https             TIME_WAIT

TCP     192.168.1.155:60147   HP9EC364:8080                       ESTABLISHED

TCP     192.168.1.155:60180   b73301-g:https                          ESTABLISHED

TCP     192.168.1.155:60215   a23-0-160-10:http                     TIME_WAIT

 

 

I know that the local address is my IP - but not sure was the numbers are following the (:)mark.  Also don't understand the foreign address nor how to figure out what they are.  Again any help would be greatly appreciated.

 

Thanks,

Marie

 

 



BC AdBot (Login to Remove)

 


m

#2 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:03:25 PM

Posted 22 July 2015 - 11:59 AM

what follows the : is the port number.  These are program connections from your laptop/pc to the internet.  These are not someone/something from the outside connecting to you.


Edited by Wand3r3r, 22 July 2015 - 12:00 PM.


#3 marie0329

marie0329
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:25 PM

Posted 22 July 2015 - 12:48 PM

Thank you for your response, one quick question......BasementLaptop is not my laptop but another laptop located in my home.  Is that laptop able to remotely connect to my laptop?



#4 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:03:25 PM

Posted 22 July 2015 - 02:08 PM

That would depend on you.  Are you sharing files/public folder?  Do you have remote desktop enabled?



#5 marie0329

marie0329
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:25 PM

Posted 22 July 2015 - 02:29 PM

No I am not sharing and am not connected to a home group.  Even changing my password doesn't work, also had 245 port forwarding protocols on my wireless router.  There were servers/video conferencing apps/games etc., was told by someone in my house that is normal and no one had to enter them into our router.  jI did some research and there are standard port forwarding rules with every router but not 245. 

I am told that I am being paranoid, and that this is normal.



#6 Ratedgore

Ratedgore

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New-Brunswick, Canada
  • Local time:06:25 PM

Posted 22 July 2015 - 02:31 PM

Well NSA ... you know where this is going.



#7 marie0329

marie0329
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:25 PM

Posted 22 July 2015 - 02:40 PM

I need concrete proof as to what is happening but don't know how to do that...I have learned a ton over the past few months but just can't nail it down. Any help you could offer would be greatly appreciated.

#8 CaveDweller2

CaveDweller2

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:25 PM

Posted 22 July 2015 - 03:22 PM

can you post a screen shot of the router screen you are talking about?


Hope this helps thumbup.gif

Associate in Applied Science - Network Systems Management - Trident Technical College


#9 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:03:25 PM

Posted 22 July 2015 - 03:43 PM

Forwarded ports come in two flavors,

one is using UPnP

https://en.wikipedia.org/wiki/Universal_Plug_and_Play

two is actually manually forwarding the port or ports in the router

https://en.wikipedia.org/wiki/Port_forwarding

 

The 245 ports, if you have avid gamers in the house, is not unusual. When you consider there are over 65,000 ports you begin to get the idea how small 245 is.  Ports have nothing to do with your internet access.  The other users in the house are the likely culprit to your access issues.

 

You appear to have two issues;

1. intermittent connection to the internet

2. concern your pc/laptop is being accessed by someone remotely

 

Concerning #1 are you connected via wifi?

Concerning #2 do you have the software firewall enabled and have updated your antivirus/antimalware software? 



#10 marie0329

marie0329
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:25 PM

Posted 23 July 2015 - 12:32 AM

Cave Dweller, attached is a copy of the netstat I pulled later this evening.  I am not part of the home group and the only item I am sharing is the printer (which I am blocked from utilizing). Maries is my laptop and the basement laptop is my husbands. Not sure why our Fios is showing up as active on my laptop 

 

Regarding the 245 port forwarding protocols - I am the only who plays  games and there are only 2,candy crush and words with friends.....and I use my cell phone not my laptop.  It is just my husband and I here no avid gamers.    

 

Thanks for the help!

Attached Files



#11 CaveDweller2

CaveDweller2

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:25 PM

Posted 23 July 2015 - 12:53 AM

That is not the 245 ports you have forwarded in your router. I'd like to see the screen you see that on.


Hope this helps thumbup.gif

Associate in Applied Science - Network Systems Management - Trident Technical College


#12 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:03:25 PM

Posted 23 July 2015 - 12:06 PM

Fifos is your internet connection!

If you and your husband are no gamers and you are only using your phone, which does not count, I have to conclude you are mixing concepts like apples with oranges.

 

Your concerns presently are not based on any facts. It takes an investment in time to learn windows/internet security.  Not only do you need a good base to grow from but you can't believe every thing you read on the internet.  Even those of us who understand this stuff have to wade through what is opinion [not fact] and what the actual level of risk is concerning any issue.

 

 

"which I am blocked from utilizing"

You want to elaborate on that?



#13 marie0329

marie0329
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:25 PM

Posted 23 July 2015 - 07:12 PM

cave dweller, i will forward the port forwarding protocols shortly.

Wand3r3r,that was exactly my point, i only use my cell phone to play games...so why are there so many on my router. I am trying to educate myself and dont items on the internet as fact. I try to do as much reading and research as possible...i have purchased many books and am working my way through them.
Regarding my printer, error message was no driver installed....i tried many times to install the missing driver with no luck...error message saying unable to down liad drivers. Found out after many hours of frustration that the hp account my husband set up when he regisyered our printer had me on a black list, which was preventing me from installing the driver.
When i changped the information i was able to install the drivers and print for a short period. The driver has been deleted from my laptop again and now i cannot access the hp website at all....get an error message every time.

#14 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,589 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:25 AM

Posted 23 July 2015 - 07:17 PM

If i might hazard a guess at this stage.....I would say there is a reasonable chance that your PC is infected......and should be in THIS particular forum for a check up.

 

I will leave it to CaveDweller2 and Wand3r3r to sort out any other anomalies/problems


Condobloke

Outback Australian  

 

fed up with Windows antics...??

 

LINUX IS THE ANSWER

 

I USE LINUX MINT 18.3  EXCLUSIVELY.

 Failure is not an option. It comes bundled with your Microsoft product.

 

Success is not Final, Failure is not Fatal,

 

It is the Courage to Continue that Counts.

W.C. 4th June 1940

 

 

 


#15 Chris Cosgrove

Chris Cosgrove

  • Moderator
  • 5,978 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:10:25 PM

Posted 25 July 2015 - 04:46 PM

As the possibility of malware has been raised, the OP is gong to start a topic in 'Am I infected?'. To prevent any confusion this topic is now closed.

 

Chris Cosgrove






1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users