Open ports
Results 1 to 8 of 8

Thread: Open ports

  1. #1
    Senior Member
    Join Date
    May 2003
    Posts
    226

    Open ports

    i did a netstat -an, i found out that there are connections like this

    TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
    TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
    TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
    TCP 0.0.0.0:1028 0.0.0.0:0 LISTENING
    TCP 0.0.0.0:1031 0.0.0.0:0 LISTENING
    TCP 0.0.0.0:1035 0.0.0.0:0 LISTENING
    TCP 0.0.0.0:1068 0.0.0.0:0 LISTENING
    TCP 0.0.0.0:1147 0.0.0.0:0 LISTENING
    TCP 0.0.0.0:1148 0.0.0.0:0 LISTENING
    TCP 0.0.0.0:1151 0.0.0.0:0 LISTENING
    TCP 0.0.0.0:1425 0.0.0.0:0 LISTENING
    TCP 0.0.0.0:1467 0.0.0.0:0 LISTENING
    TCP 127.0.0.1:1027 0.0.0.0:0 LISTENING
    TCP 127.0.0.1:1067 0.0.0.0:0 LISTENING
    TCP 127.0.0.1:1067 127.0.0.1:1068 ESTABLISHED
    TCP 127.0.0.1:1068 127.0.0.1:1067 ESTABLISHED
    UDP 0.0.0.0:445 *:*
    UDP 0.0.0.0:1033 *:*
    UDP 0.0.0.0:1037 *:*
    UDP 0.0.0.0:1081 *:*
    UDP 127.0.0.1:1032 *:*

    How can i findout which applications are using them and close all the ports

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    netstat -on will tell you the process id (PID). You can lookup PID->application name using the taskmanager.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    Senior Member
    Join Date
    May 2003
    Posts
    226
    i have a question i seen some weird entries in my HOST file like 127.0.0.1 www.blahblah.com

    what does it do?

    it seems to be alter

  4. #4
    Senior Member
    Join Date
    Jan 2003
    Posts
    220
    Well 127.0.0.1 is a loopback address to your own computer. I think the hosts file should be empty, but im not sure.
    [gloworange]And then it happened... a door opened to a world... rushing through the phone line like heroin through an addict\'s veins, an electronic pulse is sent out, a refuge from the day-to-day incompetencies is sought... a board is found. \"This is it... this is where I belong...\" I know everyone here... even if I\'ve never met them, never talked to them, may never hear from them again... I know you all...[/gloworange]

  5. #5
    Junior Member
    Join Date
    Oct 2004
    Posts
    1

    hsots

    anything pointing to 127.0.0.1 (or localhost) will revert back to your own computer.

    so the hosts file can be used a simple blocker.

    so the entry :-

    127.0.0.1 dirtybleedingscumbagpopupadsite.com

    when a site trys to pop up this ad site your computer will look in the hosts file for the ip and will actually pop up a blank page (assuming you are not running a webserver fo course) this is because your computer checks its host file before going to its DNS to get the address.

    There are websites out there that post huge lists of ad sites to allow you to do this its very handy at reducing bandwidth wastage
    --
    CurioCT

  6. #6
    Senior Member
    Join Date
    Mar 2004
    Posts
    557
    Hi

    First question:
    I very like [1]. It shows you the program name and the ports it uses.
    In combination with [2], you have some useful information about what
    is going on on your system.

    Probably, you cannot avoid that the programs are listening on these
    ports. However, you can block (firewall) all traffic to or from it. Note however,
    that you should be careful what to close and what to allow.

    Second question:
    hosts-file (?)
    The OS (most) uses the host-file to resolve DNS before looking it up on
    some DNS Server. In your case, if you ping www.blahblah.com, it will
    send a ping to 127.0.0.1, which is your localhost ie your computer.

    Cheers

    [1] http://www.diamondcs.com.au/openports/
    [2] http://www.foundstone.com/index.htm?...desc/fport.htm


    /edit: wow, people are really quick here. during writing this post, you got 3~4 replies

  7. #7
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Umm... first question I'd be asking is, did you alter the hosts file? If not, there is one known virus (worm?) that would do this (for the life of me the name escapes me). There is an actual website for www.blahblah.com so is that the url in there or is it another?

    There are also hosts files that you can get online that use the loopback to block known spammers/ad sites, as mentioned above. Is it possible you downloaded and installed one of these and forgot you did it?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  8. #8
    Senior Member
    Join Date
    May 2003
    Posts
    226
    well, lucky that i have created a ghost image backup. i have restored back to good working state. backup is good . just to be careful with all these spyware and virus.

    lmao didnt knew there's a blahblah.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •