|
-
April 28th, 2004, 01:05 AM
#1
 Who's this on my port?
I just recently learned about the netstat command (ok, ok, I'm a little behind, sue me), so I just tried it out on my home computer, and would ya know, this appeared:
TCP knight:3565 texasrealtors.com:http TIME_WAIT 0
TCP knight:3566 texasrealtors.com:http TIME_WAIT 0
What's up with this? I didn't have my web browser open at the time so I don't know why that website's there. I've got antispyware and my cookies are blocked, so what does this mean? Pardon me if it's a stupid question, but ya gotta start somewhere.
-
April 28th, 2004, 01:13 AM
#2
Try running your anti spyware in safe mode, it looks like its spyware and it looks like its running, your anti spyware can do absolutly nothing to anything thats running.
-
April 28th, 2004, 01:22 AM
#3
Relax its just you sending a request to texasrealtors.com
the TIME_WAIT means its waiting for the final packets from your web browser to tear down the connection were you on the website at all ?
By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
The 20th century pharoes have the slaves demanding work
http://muaythaiscotland.com/
-
April 28th, 2004, 03:51 AM
#4
If that were true, wouldnt the port number be 80 or 8080? Not 3565 right?
-
April 28th, 2004, 04:03 AM
#5
Member
No because the 3565 port is the source port on his (AngelicKnight) computer. your computer picks a random source port above 1024 and below a certain port (whos number I don't remember atm) to send data from. The service port (80 for http, 22 for SSH, etc.) is on the server end. Thus
TCP knight:3565 texasrealtors.com:http TIME_WAIT 0
shows that the connection is from his computer (knight) source port 3565 to texasrealtors.com port 80 (http).
-
April 28th, 2004, 04:15 AM
#6
that was me...sorry, I was just using your bathroom. I'll leave now...but I wouldn't go in there for a while if I was you...kinda stinks.
-
April 28th, 2004, 05:26 AM
#7
aw, I see, so you use a port to connect to port 80, but his port was still closing the information when he lost connection to port 80, right? Or at least do I have a good general idea?
-
April 28th, 2004, 06:02 AM
#8
I think he's right. Though I didn't have a browser open at the time, I had just closed one. Sounds like it just wasn't quite finished doing its thing at the time I tooke the snapshot. I checked again later and it had disappeared.
But whatever helps me understand this concept better is good for me...
-
April 28th, 2004, 07:21 AM
#9
a few things to bear in mind when examining connections....
Most services connect TO specified ports (ex. port 80 for http, 25 for smtp, etc) and FROM high ports (ports above 1024). This is important to consider not only when watching connections but when firewalling a machine that offers services.... (DNS is an excellent example on port 53) if I decide to only allow UDP to port 53 of my DNS server FROM port 53 of the client I will inevitably lock out the client and have a fairly useless rule, as the client will connect from a random high port.
and of course, closing your browser wont stop connections already in progress, it simply does what you told it, exits the browser application the connections time out by themselves (those good little connections)
~THEJRC~
I\'ll preach my pessimism right out loud to anyone that listens!
I\'m not afraid to be alive.... I\'m afraid to be alone.
-
April 28th, 2004, 07:28 AM
#10
But still it's better that he did infact post it here, just in case there was something a little evil going on behind the scenes..
I wish more noobies would be like this dude.
I loved the way he worded he's question and presented the information..Kudos to him.
cheers
front2back:.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote