| Home | Forums | Reviews | Articles | Register |
 |
| Thread Tools | Rate Thread |
|
Guest
Posts: n/a
|
|
|
|
||
|
|
| |
|
Guest
Posts: n/a
|
OPS sorry... now I traslate
 )"Fabrizio" <lancill@?mail.it> ha scritto nel messaggio news:YumIb.28620$_(E-Mail Removed)... > Ciao a tutti, ho windows XP guardando il netstat -n ho visto che sul pc ci > sono troppe connessioni in ascolto sulla porta 135 da parte dello stesso > range di IP... guardate qui, aperto solo messenger, scheda di rete in > ascolto e forum di html.it (che sono le ultime righe): > > > > -------------------------------------------------------------------------- -- > -- > Proto Indirizzo locale Indirizzo esterno Stato > TCP 80.117.13.90:135 64.198.2.130:4597 ESTABLISHED > TCP 80.117.13.90:135 68.248.140.2:3469 ESTABLISHED > TCP 80.117.13.90:135 80.116.12.173:3561 ESTABLISHED > TCP 80.117.13.90:135 80.116.69.126:1623 ESTABLISHED > TCP 80.117.13.90:135 80.116.93.52:4728 ESTABLISHED > TCP 80.117.13.90:135 80.116.98.2:4721 ESTABLISHED > TCP 80.117.13.90:135 80.116.101.31:4751 ESTABLISHED > TCP 80.117.13.90:135 80.116.117.70:4147 ESTABLISHED > TCP 80.117.13.90:135 80.116.119.137:4479 ESTABLISHED > TCP 80.117.13.90:135 80.116.138.199:3122 ESTABLISHED > TCP 80.117.13.90:135 80.116.142.30:1532 ESTABLISHED > TCP 80.117.13.90:135 80.116.163.77:1546 ESTABLISHED > TCP 80.117.13.90:135 80.116.171.13:2779 ESTABLISHED > TCP 80.117.13.90:135 80.116.172.112:3165 ESTABLISHED > TCP 80.117.13.90:135 80.116.183.71:4441 ESTABLISHED > TCP 80.117.13.90:135 80.116.201.102:4521 ESTABLISHED > TCP 80.117.13.90:135 80.116.203.20:4043 ESTABLISHED > TCP 80.117.13.90:135 80.116.220.204:4126 ESTABLISHED > TCP 80.117.13.90:135 80.116.221.206:3486 ESTABLISHED > TCP 80.117.13.90:135 80.116.223.175:4067 ESTABLISHED > TCP 80.117.13.90:135 80.116.224.225:1729 ESTABLISHED > TCP 80.117.13.90:135 80.116.225.142:4845 ESTABLISHED > TCP 80.117.13.90:135 80.116.231.26:1446 ESTABLISHED > TCP 80.117.13.90:135 80.116.232.199:4543 ESTABLISHED > TCP 80.117.13.90:135 80.116.234.167:3613 ESTABLISHED > TCP 80.117.13.90:135 80.116.247.234:1064 ESTABLISHED > TCP 80.117.13.90:135 80.116.248.43:4140 ESTABLISHED > TCP 80.117.13.90:135 80.116.249.73:4743 ESTABLISHED > TCP 80.117.13.90:135 80.116.249.226:2449 ESTABLISHED > TCP 80.117.13.90:135 80.116.249.232:3931 ESTABLISHED > TCP 80.117.13.90:135 80.116.252.100:3893 ESTABLISHED > TCP 80.117.13.90:135 80.116.253.15:4417 ESTABLISHED > TCP 80.117.13.90:135 80.116.253.57:3588 ESTABLISHED > TCP 80.117.13.90:135 80.116.255.84:4986 ESTABLISHED > TCP 80.117.13.90:135 80.117.0.35:1347 ESTABLISHED > TCP 80.117.13.90:135 80.117.2.51:3914 ESTABLISHED > TCP 80.117.13.90:135 80.117.2.110:4252 ESTABLISHED > TCP 80.117.13.90:135 80.117.3.40:2070 ESTABLISHED > TCP 80.117.13.90:135 80.117.4.188:3816 ESTABLISHED > TCP 80.117.13.90:135 80.117.4.219:3829 ESTABLISHED > TCP 80.117.13.90:135 80.117.9.23:3782 ESTABLISHED > TCP 80.117.13.90:135 80.117.9.23:3806 ESTABLISHED > TCP 80.117.13.90:135 80.117.9.139:4823 ESTABLISHED > TCP 80.117.13.90:135 80.117.13.21:4189 ESTABLISHED > TCP 80.117.13.90:135 80.117.13.92:2433 ESTABLISHED > TCP 80.117.13.90:135 80.117.13.127:4024 ESTABLISHED > TCP 80.117.13.90:135 80.117.13.127:4044 ESTABLISHED > TCP 80.117.13.90:135 80.117.13.162:2158 ESTABLISHED > TCP 80.117.13.90:135 80.117.13.162:2178 ESTABLISHED > TCP 80.117.13.90:135 80.117.13.228:4160 ESTABLISHED > TCP 80.117.13.90:135 80.117.13.228:4181 ESTABLISHED > TCP 80.117.13.90:135 80.117.21.36:1789 ESTABLISHED > TCP 80.117.13.90:135 80.117.21.206:3256 ESTABLISHED > TCP 80.117.13.90:135 80.117.22.59:4857 ESTABLISHED > TCP 80.117.13.90:135 80.117.22.99:4276 ESTABLISHED > TCP 80.117.13.90:135 80.117.22.103:4006 ESTABLISHED > TCP 80.117.13.90:135 80.117.23.239:3667 ESTABLISHED > TCP 80.117.13.90:135 80.117.23.248:3776 ESTABLISHED > TCP 80.117.13.90:135 80.117.25.65:1965 ESTABLISHED > TCP 80.117.13.90:135 80.117.27.170:3744 ESTABLISHED > TCP 80.117.13.90:135 80.117.28.36:2029 ESTABLISHED > TCP 80.117.13.90:135 80.117.28.69:1482 ESTABLISHED > TCP 80.117.13.90:135 80.117.29.83:2062 ESTABLISHED > TCP 80.117.13.90:135 80.117.29.211:1178 ESTABLISHED > TCP 80.117.13.90:135 80.117.29.246:2033 ESTABLISHED > TCP 80.117.13.90:135 80.138.33.94:1593 ESTABLISHED > TCP 80.117.13.90:445 80.117.222.195:3776 ESTABLISHED > TCP 80.117.13.90:3029 207.46.106.88:1863 ESTABLISHED > TCP 80.117.13.90:4436 212.110.12.173:80 ESTABLISHED > TCP 80.117.13.90:4437 212.110.13.98:80 ESTABLISHED > TCP 80.117.13.90:4438 213.152.192.212:80 ESTABLISHED > -------------------------------------------------------------------------- -- > -- > > la 135 è la porta epmap, ma ho visto che viene sfruttata anche dal > Blaster... > ora visto che io non sono infetto, sono attacchi da altri pc? Da notare che > il mio firewall (Sygate Personal Firewall Pro) mi segnala migliaia di > tentativi al giorno di intrusione sulle porte del blaster. > > Inoltre ho provato a fare una scansione sul sito della Sygate senza firewall > e la situazione diventa un po' pericolosa! Ho aperta la porta 8, 135, 139 > (netbios!!), la 445, la 5000 (UPnP)... > > disabilitando la 5000 che conseguenze negative ho sul sistema? > Netbios dove si disabilita in Windows XP? Per la rete locale (2 PC connessi > con cavo cross) creerei dei problemi disattivandolo? > per le porte 8, 135 e 445 come risolvo? > > grazie mille dell'aiuto! e scusate la lunghezza! > > |
|
|
|
|
|||
|
Guest
Posts: n/a
|
Hi all, I've Windows XP... using "netstat -n" command I can see too many
active connection on port 135 from the same range of IP... look at this table! My pc was running only the messenger, a web page and listening in the lan! --------------------------------------------------------------------------- --- Proto Local address Remote address State TCP 80.117.13.90:135 64.198.2.130:4597 ESTABLISHED TCP 80.117.13.90:135 68.248.140.2:3469 ESTABLISHED TCP 80.117.13.90:135 80.116.12.173:3561 ESTABLISHED TCP 80.117.13.90:135 80.116.69.126:1623 ESTABLISHED TCP 80.117.13.90:135 80.116.93.52:4728 ESTABLISHED TCP 80.117.13.90:135 80.116.98.2:4721 ESTABLISHED TCP 80.117.13.90:135 80.116.101.31:4751 ESTABLISHED TCP 80.117.13.90:135 80.116.117.70:4147 ESTABLISHED TCP 80.117.13.90:135 80.116.119.137:4479 ESTABLISHED TCP 80.117.13.90:135 80.116.138.199:3122 ESTABLISHED TCP 80.117.13.90:135 80.116.142.30:1532 ESTABLISHED TCP 80.117.13.90:135 80.116.163.77:1546 ESTABLISHED TCP 80.117.13.90:135 80.116.171.13:2779 ESTABLISHED TCP 80.117.13.90:135 80.116.172.112:3165 ESTABLISHED TCP 80.117.13.90:135 80.116.183.71:4441 ESTABLISHED TCP 80.117.13.90:135 80.116.201.102:4521 ESTABLISHED TCP 80.117.13.90:135 80.116.203.20:4043 ESTABLISHED TCP 80.117.13.90:135 80.116.220.204:4126 ESTABLISHED TCP 80.117.13.90:135 80.116.221.206:3486 ESTABLISHED TCP 80.117.13.90:135 80.116.223.175:4067 ESTABLISHED TCP 80.117.13.90:135 80.116.224.225:1729 ESTABLISHED TCP 80.117.13.90:135 80.116.225.142:4845 ESTABLISHED TCP 80.117.13.90:135 80.116.231.26:1446 ESTABLISHED TCP 80.117.13.90:135 80.116.232.199:4543 ESTABLISHED TCP 80.117.13.90:135 80.116.234.167:3613 ESTABLISHED TCP 80.117.13.90:135 80.116.247.234:1064 ESTABLISHED TCP 80.117.13.90:135 80.116.248.43:4140 ESTABLISHED TCP 80.117.13.90:135 80.116.249.73:4743 ESTABLISHED TCP 80.117.13.90:135 80.116.249.226:2449 ESTABLISHED TCP 80.117.13.90:135 80.116.249.232:3931 ESTABLISHED TCP 80.117.13.90:135 80.116.252.100:3893 ESTABLISHED TCP 80.117.13.90:135 80.116.253.15:4417 ESTABLISHED TCP 80.117.13.90:135 80.116.253.57:3588 ESTABLISHED TCP 80.117.13.90:135 80.116.255.84:4986 ESTABLISHED TCP 80.117.13.90:135 80.117.0.35:1347 ESTABLISHED TCP 80.117.13.90:135 80.117.2.51:3914 ESTABLISHED TCP 80.117.13.90:135 80.117.2.110:4252 ESTABLISHED TCP 80.117.13.90:135 80.117.3.40:2070 ESTABLISHED TCP 80.117.13.90:135 80.117.4.188:3816 ESTABLISHED TCP 80.117.13.90:135 80.117.4.219:3829 ESTABLISHED TCP 80.117.13.90:135 80.117.9.23:3782 ESTABLISHED TCP 80.117.13.90:135 80.117.9.23:3806 ESTABLISHED TCP 80.117.13.90:135 80.117.9.139:4823 ESTABLISHED TCP 80.117.13.90:135 80.117.13.21:4189 ESTABLISHED TCP 80.117.13.90:135 80.117.13.92:2433 ESTABLISHED TCP 80.117.13.90:135 80.117.13.127:4024 ESTABLISHED TCP 80.117.13.90:135 80.117.13.127:4044 ESTABLISHED TCP 80.117.13.90:135 80.117.13.162:2158 ESTABLISHED TCP 80.117.13.90:135 80.117.13.162:2178 ESTABLISHED TCP 80.117.13.90:135 80.117.13.228:4160 ESTABLISHED TCP 80.117.13.90:135 80.117.13.228:4181 ESTABLISHED TCP 80.117.13.90:135 80.117.21.36:1789 ESTABLISHED TCP 80.117.13.90:135 80.117.21.206:3256 ESTABLISHED TCP 80.117.13.90:135 80.117.22.59:4857 ESTABLISHED TCP 80.117.13.90:135 80.117.22.99:4276 ESTABLISHED TCP 80.117.13.90:135 80.117.22.103:4006 ESTABLISHED TCP 80.117.13.90:135 80.117.23.239:3667 ESTABLISHED TCP 80.117.13.90:135 80.117.23.248:3776 ESTABLISHED TCP 80.117.13.90:135 80.117.25.65:1965 ESTABLISHED TCP 80.117.13.90:135 80.117.27.170:3744 ESTABLISHED TCP 80.117.13.90:135 80.117.28.36:2029 ESTABLISHED TCP 80.117.13.90:135 80.117.28.69:1482 ESTABLISHED TCP 80.117.13.90:135 80.117.29.83:2062 ESTABLISHED TCP 80.117.13.90:135 80.117.29.211:1178 ESTABLISHED TCP 80.117.13.90:135 80.117.29.246:2033 ESTABLISHED TCP 80.117.13.90:135 80.138.33.94:1593 ESTABLISHED TCP 80.117.13.90:445 80.117.222.195:3776 ESTABLISHED TCP 80.117.13.90:3029 207.46.106.88:1863 ESTABLISHED TCP 80.117.13.90:4436 212.110.12.173:80 ESTABLISHED TCP 80.117.13.90:4437 212.110.13.98:80 ESTABLISHED TCP 80.117.13.90:4438 213.152.192.212:80 ESTABLISHED ---------------------------------------------------------------------------- -- 135 is the epmap port... used also by blaster... but i'm not infected... are those others infected pc attacks? note that my Sygate Personal Firewall Pro blocks lots of attacks day by day (about 3000/day!!) Furthermore I've tried to make a security scan on the the Sygate web site with my firewall turned off and I can see that I've the 8, 135, 139 (netbios), 445, 5000 (UPnP) ports opened! So these are my questions: Turning down UPnP service what's happen to my system? Where can I disable Netbios? If I disable Netbios my little LAN (2 pc with a cross cable) could have some problem? What can I do for 8, 135 and 445? Thanks a lot, sorry for the long post (and sorry for posting in Italian ))!Cya Fabrizio |
|
|
|
|
|||
|
|
| |
|
| Thread Tools | |
| Rate This Thread | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Come ricevere una stringa sulla porta TCP/ip | sopra_sotto@hotmail.com | Microsoft C# .NET | 0 | 22nd Jun 2007 03:12 PM |
| Windows Vista Home Basic & IIS Altre opzioni | steo | Windows Vista General Discussion | 0 | 19th Mar 2007 02:14 PM |
| scheda madre gigabyte e porte usb | Stefano C. | Windows XP Hardware | 0 | 1st Feb 2005 01:33 PM |
| internet eplorer non apre altre pagine | marvin | Windows XP Internet Explorer | 0 | 18th May 2004 11:50 AM |
| Porta parallela esterna | ciber | Computer Hardware | 1 | 24th Nov 2003 08:16 PM |
