PDA

View Full Version : Please look at my port explorer record

MaryH
May 3rd, 2003, 12:23 AM
Here is a copy of my most recent run:

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------
| NAME | CREATION | PID | PROTOCOL | LOCAL ADDRESS | LOCAL PORT | REMOTE ADDRESS | REMOTE PORT | PORT STATUS | SENT | RECVD |
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------
| SYSTEM | --- | 4 | TCP | 0.0.0.0 | 1030 | 0.0.0.0 | 0 | LISTENING | --- | --- |
| SYSTEM | --- | 4 | TCP | XX.XXX.XX.XX | 139 | 0.0.0.0 | 0 | LISTENING | --- | --- |
| SYSTEM | --- | 4 | TCP | 0.0.0.0 | 445 | 0.0.0.0 | 0 | LISTENING | --- | --- |
| SYSTEM | --- | 4 | UDP | XX.XXX.XX.XX | 137 | *.*.*.* | * | LISTENING | --- | --- |
| SYSTEM | --- | 4 | UDP | XX.XXX.XX.XX | 138 | *.*.*.* | * | LISTENING | --- | --- |
| SYSTEM | --- | 4 | UDP | 0.0.0.0 | 445 | *.*.*.* | * | LISTENING | --- | --- |
| Internet Desktop Application | 23:51 02/05/2003 | 252 | UDP | 127.0.0.1 | 1031 | 127.0.0.1 | 1031 | LISTENING | 5/5 | 5/5 |
| Internet Desktop Application | 23:51 02/05/2003 | 252 | TCP | 127.0.0.1 | 4004 | 0.0.0.0 | 0 | LISTENING | 0/0 | 0/0 |
| TDS-3 Professional | 23:51 02/05/2003 | 264 | TCP | 0.0.0.0 | 1034 | 0.0.0.0 | 0 | LISTENING | 0/0 | 0/0 |
| TDS-3 Professional | 23:51 02/05/2003 | 264 | TCP | 0.0.0.0 | 1035 | 0.0.0.0 | 0 | LISTENING | 0/0 | 0/0 |
| TDS-3 Professional | 23:51 02/05/2003 | 264 | TCP | 0.0.0.0 | 1036 | 0.0.0.0 | 0 | LISTENING | 0/0 | 0/0 |
| TDS-3 Professional | 23:51 02/05/2003 | 264 | TCP | 0.0.0.0 | 1037 | 0.0.0.0 | 0 | LISTENING | 0/0 | 0/0 |
| TDS-3 Professional | 23:51 02/05/2003 | 264 | TCP | 0.0.0.0 | 1038 | 0.0.0.0 | 0 | LISTENING | 0/0 | 0/0 |
| TDS-3 Professional | 23:51 02/05/2003 | 264 | TCP | 0.0.0.0 | 1039 | 0.0.0.0 | 0 | LISTENING | 0/0 | 0/0 |
| TDS-3 Professional | 23:51 02/05/2003 | 264 | TCP | 0.0.0.0 | 1040 | 0.0.0.0 | 0 | LISTENING | 0/0 | 0/0 |
| TDS-3 Professional | 23:51 02/05/2003 | 264 | TCP | 0.0.0.0 | 1041 | 0.0.0.0 | 0 | LISTENING | 0/0 | 0/0 |
| TDS-3 Professional | 23:51 02/05/2003 | 264 | TCP | 0.0.0.0 | 1042 | 0.0.0.0 | 0 | LISTENING | 0/0 | 0/0 |
| TDS-3 Professional | 23:51 02/05/2003 | 264 | TCP | 0.0.0.0 | 1043 | 0.0.0.0 | 0 | LISTENING | 0/0 | 0/0 |
| LSA Shell (Export Version) | 23:50 02/05/2003 | 572 | UDP | 0.0.0.0 | 500 | *.*.*.* | * | LISTENING | 0/0 | 0/0 |
| Generic Host Process for Win32 Services | 23:50 02/05/2003 | 736 | TCP | 0.0.0.0 | 135 | 0.0.0.0 | 0 | LISTENING | 0/0 | 0/0 |
| Generic Host Process for Win32 Services | 23:50 02/05/2003 | 736 | UDP | 0.0.0.0 | 135 | *.*.*.* | * | LISTENING | 0/0 | 0/0 |
| Generic Host Process for Win32 Services | 23:50 02/05/2003 | 800 | TCP | 0.0.0.0 | 1025 | 0.0.0.0 | 0 | LISTENING | 0/0 | 0/0 |
| Generic Host Process for Win32 Services | 23:50 02/05/2003 | 800 | UDP | XX.XXX.XX.XX | 123 | *.*.*.* | * | LISTENING | 0/0 | 0/0 |
| Generic Host Process for Win32 Services | 23:50 02/05/2003 | 800 | UDP | 127.0.0.1 | 123 | *.*.*.* | * | LISTENING | 0/0 | 0/0 |
| Generic Host Process for Win32 Services | 23:50 02/05/2003 | 800 | UDP | 0.0.0.0 | 1026 | *.*.*.* | * | LISTENING | 0/0 | 0/0 |
| Generic Host Process for Win32 Services | 23:51 02/05/2003 | 952 | UDP | 0.0.0.0 | 1032 | XXX.XXX.X.XXX | 53 | LISTENING | 2/75 | 2/228 |
| Generic Host Process for Win32 Services | 23:51 02/05/2003 | 1004 | TCP | 0.0.0.0 | 5000 | 0.0.0.0 | 0 | LISTENING | 0/0 | 0/0 |
| Generic Host Process for Win32 Services | 23:51 02/05/2003 | 1004 | UDP | XX.XXX.XX.XX | 1900 | *.*.*.* | * | LISTENING | 0/0 | 0/0 |
| Generic Host Process for Win32 Services | 23:51 02/05/2003 | 1004 | UDP | 127.0.0.1 | 1900 | 127.0.0.1 | 1029 | LISTENING | 0/0 | 3/399 |
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------


I wanted to let you know that there is one that is not showing on this but is coming up on the TDS-3 on the bottom as an alert - it is netsurf.exe - anyone heard of it? It's tacked onto our Optimum online....

Any help will be appreciated.

FYI - I must have done something right because there is a lot less today than yesterday...

- removed your IP address for your protection - LWM
LowWaterMark
May 3rd, 2003, 01:04 AM
FYI - Here's a (link (http://www.wilderssecurity.com/showthread.php?t=8942)) to the related TDS-3 forum thread, that this is related to.

Hi MaryH,

Please remember to check your other thread (linked above) and respond to the questions there. The information you posted in that thread does not show the alert you are referring to here. It is just the normal TDS-3 initialization information.

We'll need more information on exactly what it is you are seeing in TDS that you are concerned about. The Port Explorer summary you've posted above appears to basically show a normal Windows XP system, with all the default processes running and listening on their related ports. While there are services that you could close down if you aren't using them, we'd need to know what your specific concern is first before we could advise you further.

Thanks,
LowWaterMark
LowWaterMark
May 3rd, 2003, 01:17 AM
Here is an image of the Port Explorer text listing above. It may be a little easier to see than the long lines of text. I realize this will make the webpage a little too wide, but it's still a bit easier. ;)

The actual IP address has been removed, as has the IP of the primary DNS server. The only columns removed were the date/time and the ending columns (port status, send, recv). All port statuses were "Listening".
Gavin - DiamondCS
May 3rd, 2003, 11:44 AM
Hi,

Zip and send netsurf.exe to me, i'll private message you in a moment. Everything else looks normal :)