Need help with multiple port connections to beyond.com

W

Will DeKroney

Recently a run of 'netstat -a' produced the list of active connections
shown below. The computer is running Windows XP SP1 in a non-Domain
network. All of the connections to 'beyond.com' are particularly
interesting. I need advice about methods that could be used to
identify what programs are initiating those processes and how to shut
them down.

This is an obviously brief description so I will be ready to answer
more specific questions that are relevant to identifying the
connection source.

Will

************

Active Connections

Proto Local Address Foreign Address State
TCP kathy:time beyond.com:0 LISTENING
TCP kathy:epmap beyond.com:0 LISTENING
TCP kathy:microsoft-ds beyond.com:0 LISTENING
TCP kathy:1024 beyond.com:0 LISTENING
TCP kathy:1025 beyond.com:0 LISTENING
TCP kathy:1038 beyond.com:0 LISTENING
TCP kathy:1075 beyond.com:0 LISTENING
TCP kathy:1122 beyond.com:0 LISTENING
TCP kathy:1463 beyond.com:0 LISTENING
TCP kathy:2149 beyond.com:0 LISTENING
TCP kathy:2172 beyond.com:0 LISTENING
TCP kathy:2190 beyond.com:0 LISTENING
TCP kathy:2608 beyond.com:0 LISTENING
TCP kathy:3117 beyond.com:0 LISTENING
TCP kathy:3350 beyond.com:0 LISTENING
TCP kathy:5000 beyond.com:0 LISTENING
TCP kathy:8100 beyond.com:0 LISTENING
TCP kathy:1024 localhost:2172 ESTABLISHED
TCP kathy:1121 beyond.com:0 LISTENING
TCP kathy:1121 localhost:1122 ESTABLISHED
TCP kathy:1122 localhost:1121 ESTABLISHED
TCP kathy:2172 localhost:1024 ESTABLISHED
TCP kathy:2607 beyond.com:0 LISTENING
TCP kathy:2607 localhost:2608 ESTABLISHED
TCP kathy:2608 localhost:2607 ESTABLISHED
TCP kathy:5100 beyond.com:0 LISTENING
TCP kathy:8117 beyond.com:0 LISTENING
TCP kathy:netbios-ssn beyond.com:0 LISTENING
TCP kathy:1075 htx417-f.cce.hp.com:ftp FIN_WAIT_2
TCP kathy:1463 dux434.den.hp.com:ftp FIN_WAIT_2
TCP kathy:2149 213.244.181.53:http FIN_WAIT_2
TCP kathy:3117 mail.cablespeed.com:ftp CLOSE_WAIT
TCP kathy:3350 mail.cablespeed.com:ftp CLOSE_WAIT
UDP kathy:time *:*
UDP kathy:ntp *:*
UDP kathy:microsoft-ds *:*
UDP kathy:1026 *:*
UDP kathy:1027 *:*
UDP kathy:1028 *:*
UDP kathy:1029 *:*
UDP kathy:1030 *:*
UDP kathy:2190 *:*
UDP kathy:1534 *:*
UDP kathy:1802 *:*
UDP kathy:1900 *:*
UDP kathy:netbios-ns *:*
UDP kathy:netbios-dgm *:*
UDP kathy:1900 *:*
UDP kathy:2051 *:*
 
H

Hubert Schmitt

Try to use the tool TCPVIEW from www.sysinternals.com. It's a
kind of advanced GUI-version of netstat, i.e. you get a process
name of each active connection entry.
Best regards

Hubert
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Remote Desktop Protocol Error between XP pro PC and NT Server 4.0 4
Closing Ports on Computer 1
interpreting TCPview results 4
Epmap Connectionn Problem 4
What is up with port 135? 3
SVChost.exe is making my life miserable! 6
Dial-up ICS settings = Configuration Problems 2
help, port LISTENING to unware host 2

Top