Netstat -a output from Win98 PC

Discussion in 'other firewalls' started by polo, Aug 1, 2002.

Thread Status:
Not open for further replies.
  1. polo

    polo Guest

    A friend has Win98, Webcelerator, Gator, Audiogalaxy installed and hasn't followed the instructions at www.grc.com to unbind Netbios, etc. Is this dangerous:

    Active Connections

    Proto Local Address Foreign Address State
    TCP tinypc:1025 0.0.0.0:0 LISTENING
    TCP tinypc:1026 0.0.0.0:0 LISTENING
    TCP tinypc:1027 0.0.0.0:0 LISTENING
    TCP tinypc:1028 0.0.0.0:0 LISTENING
    TCP tinypc:1029 0.0.0.0:0 LISTENING
    TCP tinypc:1030 0.0.0.0:0 LISTENING
    TCP tinypc:1031 0.0.0.0:0 LISTENING
    TCP tinypc:1032 0.0.0.0:0 LISTENING
    TCP tinypc:1033 0.0.0.0:0 LISTENING
    TCP tinypc:1034 0.0.0.0:0 LISTENING
    TCP tinypc:1035 0.0.0.0:0 LISTENING
    TCP tinypc:1036 0.0.0.0:0 LISTENING
    TCP tinypc:1037 0.0.0.0:0 LISTENING
    TCP tinypc:1038 0.0.0.0:0 LISTENING
    TCP tinypc:1039 0.0.0.0:0 LISTENING
    TCP tinypc:1041 0.0.0.0:0 LISTENING
    TCP tinypc:1042 0.0.0.0:0 LISTENING
    TCP tinypc:1043 0.0.0.0:0 LISTENING
    TCP tinypc:1044 0.0.0.0:0 LISTENING
    TCP tinypc:1045 0.0.0.0:0 LISTENING
    TCP tinypc:1046 0.0.0.0:0 LISTENING
    TCP tinypc:1047 0.0.0.0:0 LISTENING
    TCP tinypc:1048 0.0.0.0:0 LISTENING
    TCP tinypc:1049 0.0.0.0:0 LISTENING
    TCP tinypc:1050 0.0.0.0:0 LISTENING
    TCP tinypc:1052 0.0.0.0:0 LISTENING
    TCP tinypc:1053 0.0.0.0:0 LISTENING
    TCP tinypc:1054 0.0.0.0:0 LISTENING
    TCP tinypc:1055 0.0.0.0:0 LISTENING
    TCP tinypc:1056 0.0.0.0:0 LISTENING
    TCP tinypc:1057 0.0.0.0:0 LISTENING
    TCP tinypc:1058 0.0.0.0:0 LISTENING
    TCP tinypc:1059 0.0.0.0:0 LISTENING
    TCP tinypc:1060 0.0.0.0:0 LISTENING
    TCP tinypc:1061 0.0.0.0:0 LISTENING
    TCP tinypc:1062 0.0.0.0:0 LISTENING
    TCP tinypc:1063 0.0.0.0:0 LISTENING
    TCP tinypc:1064 0.0.0.0:0 LISTENING
    TCP tinypc:1065 0.0.0.0:0 LISTENING
    TCP tinypc:1066 0.0.0.0:0 LISTENING
    TCP tinypc:1067 0.0.0.0:0 LISTENING
    TCP tinypc:1068 0.0.0.0:0 LISTENING
    TCP tinypc:1069 0.0.0.0:0 LISTENING
    TCP tinypc:1070 0.0.0.0:0 LISTENING
    TCP tinypc:1071 0.0.0.0:0 LISTENING
    TCP tinypc:1072 0.0.0.0:0 LISTENING
    TCP tinypc:1073 0.0.0.0:0 LISTENING
    TCP tinypc:1074 0.0.0.0:0 LISTENING
    TCP tinypc:1075 0.0.0.0:0 LISTENING
    TCP tinypc:1076 0.0.0.0:0 LISTENING
    TCP tinypc:1077 0.0.0.0:0 LISTENING
    TCP tinypc:1078 0.0.0.0:0 LISTENING
    TCP tinypc:1079 0.0.0.0:0 LISTENING
    TCP tinypc:1080 0.0.0.0:0 LISTENING
    TCP tinypc:1081 0.0.0.0:0 LISTENING
    TCP tinypc:1082 0.0.0.0:0 LISTENING
    TCP tinypc:1083 0.0.0.0:0 LISTENING
    TCP tinypc:1084 0.0.0.0:0 LISTENING
    TCP tinypc:1085 0.0.0.0:0 LISTENING
    TCP tinypc:1086 0.0.0.0:0 LISTENING
    TCP tinypc:1087 0.0.0.0:0 LISTENING
    TCP tinypc:1088 0.0.0.0:0 LISTENING
    TCP tinypc:1089 0.0.0.0:0 LISTENING
    TCP tinypc:1090 0.0.0.0:0 LISTENING
    TCP tinypc:1091 0.0.0.0:0 LISTENING
    TCP tinypc:1092 0.0.0.0:0 LISTENING
    TCP tinypc:1093 0.0.0.0:0 LISTENING
    TCP tinypc:1094 0.0.0.0:0 LISTENING
    TCP tinypc:1095 0.0.0.0:0 LISTENING
    TCP tinypc:1096 0.0.0.0:0 LISTENING
    TCP tinypc:1097 0.0.0.0:0 LISTENING
    TCP tinypc:1098 0.0.0.0:0 LISTENING
    TCP tinypc:1099 0.0.0.0:0 LISTENING
    TCP tinypc:1100 0.0.0.0:0 LISTENING
    TCP tinypc:1101 0.0.0.0:0 LISTENING
    TCP tinypc:1102 0.0.0.0:0 LISTENING
    TCP tinypc:1103 0.0.0.0:0 LISTENING
    TCP tinypc:1104 0.0.0.0:0 LISTENING
    TCP tinypc:1105 0.0.0.0:0 LISTENING
    TCP tinypc:1106 0.0.0.0:0 LISTENING
    TCP tinypc:1107 0.0.0.0:0 LISTENING
    TCP tinypc:1108 0.0.0.0:0 LISTENING
    TCP tinypc:kpop 0.0.0.0:0 LISTENING
    TCP tinypc:1110 0.0.0.0:0 LISTENING
    TCP tinypc:1111 0.0.0.0:0 LISTENING
    TCP tinypc:1112 0.0.0.0:0 LISTENING
    TCP tinypc:1113 0.0.0.0:0 LISTENING
    TCP tinypc:1114 0.0.0.0:0 LISTENING
    TCP tinypc:1115 0.0.0.0:0 LISTENING
    TCP tinypc:1116 0.0.0.0:0 LISTENING
    TCP tinypc:1117 0.0.0.0:0 LISTENING
    TCP tinypc:1118 0.0.0.0:0 LISTENING
    TCP tinypc:1119 0.0.0.0:0 LISTENING
    TCP tinypc:1120 0.0.0.0:0 LISTENING
    TCP tinypc:1121 0.0.0.0:0 LISTENING
    TCP tinypc:1122 0.0.0.0:0 LISTENING
    TCP tinypc:1123 0.0.0.0:0 LISTENING
    TCP tinypc:1124 0.0.0.0:0 LISTENING
    TCP tinypc:1125 0.0.0.0:0 LISTENING
    TCP tinypc:1126 0.0.0.0:0 LISTENING
    TCP tinypc:1127 0.0.0.0:0 LISTENING
    TCP tinypc:1128 0.0.0.0:0 LISTENING
    TCP tinypc:1129 0.0.0.0:0 LISTENING
    TCP tinypc:1130 0.0.0.0:0 LISTENING
    TCP tinypc:1040 0.0.0.0:0 LISTENING
    TCP tinypc:1051 0.0.0.0:0 LISTENING
    TCP tinypc:1130 127.0.0.1:smtp SYN_SENT
    TCP tinypc:24491 0.0.0.0:0 LISTENING
    TCP tinypc:24492 0.0.0.0:0 LISTENING
    UDP tinypc:1040 *:*
    UDP tinypc:1051 *:*


    [On my PC I get zero output, maybe cos it's Win95?]
     
  2. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Have you suggested that he/she go have their computer scanned at any of the leading sites? ShieldsUp, FI? ( https://grc.com/x/ne.dll?bh0bkyd2 )

    Do they have any type of firewall going?

    Looks to me like the computer's wide-open. Pete
     
  3. polo

    polo Guest

    No firewall. I've scanned it for viruses/trojans few months ago if they helps. But as I said Steve Gibson's instructions how to close the ports for a Win9x box haven't been done yet... haven't done the tests yet either. I think the file sharing is on too -- that's the default for W98? So in plain English is it dangerous, and easy to hack into at this present moment?

    It dunno if it's a W95 v W98 thing but when I'm disconnected I don't get any output (even though I've followed Gibson's advice). Maybe with all this "junk" webaccelator, MSN messenger, Yahoo messenger,. etc he's got on his PC it's more vunerable. He's got Gator installed which is spyware or something bad?

    I'm very fussy. I only install what I really need.
     
  4. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    Gator is spyware, and Spybot will definitely detect and clean it, I used it on my cousins machines while I was visiting earlier this year.
     
  5. Raygun

    Raygun Registered Member

    Joined:
    Apr 24, 2002
    Posts:
    31
    Location:
    The Beach!
    Do an on-line scan first. Make sure you use a spy-ware search and kill program. Ad-aware is good and free. Run and configure a firewall. and for god's sakes don't worry so much about what gibson says and find other sources to. It's not good to put everything in one place/person. try them all...

    Anti-Trojan Port Scan, http://www.anti-trojan.net/at.asp?l=en&t=onlinecheck
    Blackcode Port Scan, http://www.blackcode.com/scan/
    DSLReports Security Scan, http://www.dslreports.com/scan
    HackerWatch Port Scan, http://probe.hackerwatch.org/probe/probe.asp
    Ken Kalish Port Tester, http://www.mycgiserver.com/~kalish/
    PC Flank, http://www.pcflank.com/test.htm
    Sygate Security Scan, http://scan.sygatetech.com/prequickscan.html
    SecurityMetrics Port Scan, http://www.securitymetrics.com/portscan.adp
    Shields-UP, http://grc.com/x/ne.dll?bh0bkyd2
    Symantec Security Check, http://security2.norton.com/ssc/home.asp
     
  6. polo

    polo Guest

    spy1,

    This site says to TURN off the Firewall? Huh?

    http://www.markusjansson.net/eienbid.html
    - You can go to https://grc.com/x/ne.dll?bh0bkyd2 and run ?Test my shields!? and see that NetBIOS is really off. Remember to turn off your firewall if you have one that is.
     
  7. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    polo,

    In ideal testing surrounding - could be done. In practice, I would advice against it.

    regards.

    paul
     
  8. polo

    polo Guest

    Comment on this please

    http://www.markusjansson.net/ehacked.html#net
    Check out for ANYTHING that has been marked as "Listening" or "Connected" and DOES NOT HAVE 0.0.0.0:0 as IP address. There might be couple things that are "Listening" but are at IP 0.0.0.0:0, meaning that they are listening in your computer for your computer...this is long thing to explain so just IGNORE THEM, they are NOT trojans!!!
     
Loading...
Thread Status:
Not open for further replies.