Background Intelligent Transfer Service, Possible Security Hole?

J

Jim Garrigan

I believe that someone was connected to my laptop via the
Background Intelligent Transfer Service. When I shutdown
the service the session was disconnected. I confirmed
this interaction by starting the service. After the
service started the session was connected again via
another port. Once again I shutdown the service and the
session dropped.

Active Connections

Proto Local Address Foreign Address
State
TCP laptop001:3083 208.172.48.132:http
ESTABLISHED

Active Connections

Proto Local Address Foreign Address
State
TCP laptop001:3085 208.172.16.132:http
ESTABLISHED
 
L

Lanwench [MVP - Exchange]

Get a firewall (either software like BlackIce or www.sygate.com 's freebie,
or a hardware appliance, if it's a true firewall and not just a NAT box).

Also run a full AV scan with updated software, and download/run AdAware from
www.lavasoftusa.com - update it first. Also, go to
windowsupdate.microsoft.com on a regular basis to get patched.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

What's opening these connections? 3
Background Intelligent Transfer Service 1
Misterious foreign IP address 2
been hacked, tlntsvr.exe cannot be shutdown 4
What is working here? 4
Local Port: 2280 connect to foreign address 65.54.249.190:80 1
What is blocking port 80? 5
my system is infected 1

Top