October 13th, 2004, 03:05 PM
i did a netstat -an, i found out that there are connections like this
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1028 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1031 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1035 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1068 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1147 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1148 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1151 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1425 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1467 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1027 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1067 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1067 127.0.0.1:1068 ESTABLISHED
TCP 127.0.0.1:1068 127.0.0.1:1067 ESTABLISHED
UDP 0.0.0.0:445 *:*
UDP 0.0.0.0:1033 *:*
UDP 0.0.0.0:1037 *:*
UDP 0.0.0.0:1081 *:*
UDP 127.0.0.1:1032 *:*
How can i findout which applications are using them and close all the ports
October 13th, 2004, 03:09 PM
netstat -on will tell you the process id (PID). You can lookup PID->application name using the taskmanager.
Experience is something you don't get until just after you need it.
October 13th, 2004, 03:13 PM
i have a question i seen some weird entries in my HOST file like 127.0.0.1 www.blahblah.com
what does it do?
it seems to be alter
October 13th, 2004, 03:17 PM
Well 127.0.0.1 is a loopback address to your own computer. I think the hosts file should be empty, but im not sure.
[gloworange]And then it happened... a door opened to a world... rushing through the phone line like heroin through an addict\'s veins, an electronic pulse is sent out, a refuge from the day-to-day incompetencies is sought... a board is found. \"This is it... this is where I belong...\" I know everyone here... even if I\'ve never met them, never talked to them, may never hear from them again... I know you all...[/gloworange]
October 13th, 2004, 03:22 PM
anything pointing to 127.0.0.1 (or localhost) will revert back to your own computer.
so the hosts file can be used a simple blocker.
so the entry :-
when a site trys to pop up this ad site your computer will look in the hosts file for the ip and will actually pop up a blank page (assuming you are not running a webserver fo course) this is because your computer checks its host file before going to its DNS to get the address.
There are websites out there that post huge lists of ad sites to allow you to do this its very handy at reducing bandwidth wastage
October 13th, 2004, 03:25 PM
I very like . It shows you the program name and the ports it uses.
In combination with , you have some useful information about what
is going on on your system.
Probably, you cannot avoid that the programs are listening on these
ports. However, you can block (firewall) all traffic to or from it. Note however,
that you should be careful what to close and what to allow.
The OS (most) uses the host-file to resolve DNS before looking it up on
some DNS Server. In your case, if you ping www.blahblah.com, it will
send a ping to 127.0.0.1, which is your localhost ie your computer.
/edit: wow, people are really quick here. during writing this post, you got 3~4 replies
October 13th, 2004, 03:28 PM
Umm... first question I'd be asking is, did you alter the hosts file? If not, there is one known virus (worm?) that would do this (for the life of me the name escapes me). There is an actual website for www.blahblah.com so is that the url in there or is it another?
There are also hosts files that you can get online that use the loopback to block known spammers/ad sites, as mentioned above. Is it possible you downloaded and installed one of these and forgot you did it?
October 13th, 2004, 03:37 PM
well, lucky that i have created a ghost image backup. i have restored back to good working state. backup is good . just to be careful with all these spyware and virus.
lmao didnt knew there's a blahblah.com