Re: What's opening these connections?
From: Gino (cosine_at_covad.net)
Date: 02/04/04
- Next message: Michael Giorgio - MS MVP: "Re: Not Enough Server Storage Space?"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: Adding a Local Printer to a DC"
- In reply to: Harry: "What's opening these connections?"
- Next in thread: Phillip Windell: "Re: What's opening these connections?"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 4 Feb 2004 12:54:27 -0500
Sorry for that. Here is a freeware download "Active Ports" that I use that
will show the IP, Ports. PID, Protocol, and the Path to the EXE.
http://www.ntutility.com/freeware.html
If the EXE for the local port is "SVCHOST.EXE" , this is a Microsoft
program that runs .DLL's in there own process (like RPC service) or in
pooled processes and is listed several times in TaskManager. To see what
.DLL's are running in these PID you have to use a utility.
http://support.microsoft.com/default.aspx?scid=kb;en-us;250320
"Harry" <a@abc.com> wrote in message
news:%23IGbmfz6DHA.1428@TK2MSFTNGP12.phx.gbl...
> Not sure what group this should be posted to so appologies in advance!
>
> Running ie 5.5 (sp2)
>
> I wonder if anybody can shed some light on this problem. My PC seems to be
> opening connections randomly to various port no's
>
> Some netstat results (p1900 is name of my PC as if you wouldn't know that
> anyway!) -
>
> So after system reboot -
>
> Active Connections
>
> Proto Local Address Foreign Address State
>
> After reboot & One browser window open at www.google.com
>
> Active Connections
>
> Proto Local Address Foreign Address State
> TCP p1900:1027 p1900:1031 ESTABLISHED
> TCP p1900:1027 p1900:1034 ESTABLISHED
> TCP p1900:1031 p1900:1027 ESTABLISHED
> TCP p1900:1034 p1900:1027 ESTABLISHED
> TCP p1900:1032 66.102.11.99:http ESTABLISHED
> TCP p1900:1035 216.239.59.104:http ESTABLISHED
>
> Port no's are not always consistant, for example close & reopen browser -
>
> Active Connections
>
> Proto Local Address Foreign Address State
> TCP p1900:1027 p1900:1039 ESTABLISHED
> TCP p1900:1027 p1900:1041 ESTABLISHED
> TCP p1900:1039 p1900:1027 ESTABLISHED
> TCP p1900:1041 p1900:1027 ESTABLISHED
> TCP p1900:1040 66.102.11.99:http ESTABLISHED
> TCP p1900:1042 216.239.59.104:http ESTABLISHED
>
> I have no idea why? - closing anti-virus (pc-cillin + firewall), spyweeper
&
> anything else network related i.e Oracle, doesn't make any difference!
>
> System has been virus checked, de-spywared loads of times so it's highly
> unlikely its one of those?
>
> Please has anyone any ideas as to what might be causing this?
>
> many thanks
>
> harry
>
>
>
- Next message: Michael Giorgio - MS MVP: "Re: Not Enough Server Storage Space?"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: Adding a Local Printer to a DC"
- In reply to: Harry: "What's opening these connections?"
- Next in thread: Phillip Windell: "Re: What's opening these connections?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
