1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Two Factor Authentication is now available on BeyondUnreal Forums. To configure it, visit your Profile and look for the "Two Step Verification" option on the left side. We can send codes via email (may be slower) or you can set up any TOTP Authenticator app on your phone (Authy, Google Authenticator, etc) to deliver codes. It is highly recommended that you configure this to keep your account safe.

Progam to monitor net access/activity

Discussion in 'Off Topic' started by zeep, Dec 21, 2004.

  1. zeep

    zeep :(

    Joined:
    Feb 16, 2001
    Messages:
    1,738
    Likes Received:
    0
    I get the feeling my winxp is possesed. Lately i see data being send/received but there's nothing running. I want to run a program that shows what is doing what on my internet connection. I don't have a firewall installed btw. Just xp sp1 firewall. Mcafee didnt find anything btw.

    Is there a simple (free) program out there that can help me find out whats going on?
     
  2. Nightmare

    Nightmare Only human

    Joined:
    Sep 23, 2001
    Messages:
    446
    Likes Received:
    0
    Just install ZoneAlarm and see what programs ask for access. I've got 30 different programs cleared for net access, all from games to the update checker for java.
     
  3. frenchfrog

    frenchfrog The mighty batrachian

    Joined:
    Jan 18, 2004
    Messages:
    139
    Likes Received:
    0
    netstat -a ? ;)

    Here you go for a graphical netstat with the attached process that have opened the port: TCPView

    btw, sysinternals have a lots of every usefull utilities.
     
  4. zeep

    zeep :(

    Joined:
    Feb 16, 2001
    Messages:
    1,738
    Likes Received:
    0
    Forum speed is horrid! So thanks for taking time to reply. I'm going to try everything you mentioned.

    Btw, my netstat -a results, should i be afraid?

    Code:
    C:\Documents and Settings\zeep>netstat -a
    
    Active Connections
    
      Proto  Local Address          Foreign Address        State
      TCP    ZEEP_1:epmap           ZEEP_1:0               LISTENING
      TCP    ZEEP_1:microsoft-ds    ZEEP_1:0               LISTENING
      TCP    ZEEP_1:1025            ZEEP_1:0               LISTENING
      TCP    ZEEP_1:1026            ZEEP_1:0               LISTENING
      TCP    ZEEP_1:1030            ZEEP_1:0               LISTENING
      TCP    ZEEP_1:1039            ZEEP_1:0               LISTENING
      TCP    ZEEP_1:1040            ZEEP_1:0               LISTENING
      TCP    ZEEP_1:1041            ZEEP_1:0               LISTENING
      TCP    ZEEP_1:1593            ZEEP_1:0               LISTENING
      TCP    ZEEP_1:1597            ZEEP_1:0               LISTENING
      TCP    ZEEP_1:1605            ZEEP_1:0               LISTENING
      TCP    ZEEP_1:1613            ZEEP_1:0               LISTENING
      TCP    ZEEP_1:pptp            ZEEP_1:0               LISTENING
      TCP    ZEEP_1:5000            ZEEP_1:0               LISTENING
      TCP    ZEEP_1:netbios-ssn     ZEEP_1:0               LISTENING
      TCP    ZEEP_1:1030            10.0.0.138:pptp        ESTABLISHED
      TCP    ZEEP_1:10452           ZEEP_1:0               LISTENING
      TCP    ZEEP_1:1592            ZEEP_1:0               LISTENING
      TCP    ZEEP_1:1592            localhost:1593         ESTABLISHED
      TCP    ZEEP_1:1593            localhost:1592         ESTABLISHED
      TCP    ZEEP_1:netbios-ssn     ZEEP_1:0               LISTENING
      TCP    ZEEP_1:netbios-ssn     dsl-201-135-89-174.prod-infinitum.com.mx:63825
    ESTABLISHED
      TCP    ZEEP_1:microsoft-ds    80-219-159-70.dclient.hispeed.ch:4502  ESTABLISH
    ED
      TCP    ZEEP_1:microsoft-ds    gv-bzh-143d.adsl.wanadoo.nl:3140  ESTABLISHED
      TCP    ZEEP_1:microsoft-ds    gv-bzh-143d.adsl.wanadoo.nl:4158  ESTABLISHED
      TCP    ZEEP_1:1040            205.188.9.44:5190      ESTABLISHED
      TCP    ZEEP_1:1041            baym-cs284.msgr.hotmail.com:1863  ESTABLISHED
      TCP    ZEEP_1:1588            baym-sb18.msgr.hotmail.com:1863  TIME_WAIT
      TCP    ZEEP_1:1597            baym-sb36.msgr.hotmail.com:1863  ESTABLISHED
      TCP    ZEEP_1:1599            mail.beyondunreal.com:http  TIME_WAIT
      TCP    ZEEP_1:1605            66.102.9.99:http       ESTABLISHED
      TCP    ZEEP_1:1612            62.109.86.75:http      TIME_WAIT
      TCP    ZEEP_1:1613            baym-sb72.msgr.hotmail.com:1863  ESTABLISHED
      TCP    ZEEP_1:7956            ZEEP_1:0               LISTENING
      UDP    ZEEP_1:microsoft-ds    *:*
      UDP    ZEEP_1:isakmp          *:*
      UDP    ZEEP_1:1035            *:*
      UDP    ZEEP_1:1036            *:*
      UDP    ZEEP_1:1581            *:*
      UDP    ZEEP_1:ntp             *:*
      UDP    ZEEP_1:netbios-ns      *:*
      UDP    ZEEP_1:netbios-dgm     *:*
      UDP    ZEEP_1:1900            *:*
      UDP    ZEEP_1:8307            *:*
      UDP    ZEEP_1:14583           *:*
      UDP    ZEEP_1:ntp             *:*
      UDP    ZEEP_1:1900            *:*
      UDP    ZEEP_1:ntp             *:*
      UDP    ZEEP_1:netbios-ns      *:*
      UDP    ZEEP_1:netbios-dgm     *:*
      UDP    ZEEP_1:1900            *:*
      UDP    ZEEP_1:11973           *:*
      UDP    ZEEP_1:49382           *:*
     
  5. frenchfrog

    frenchfrog The mighty batrachian

    Joined:
    Jan 18, 2004
    Messages:
    139
    Likes Received:
    0
    ok, first try to run it when your computer boot, not when you have your AIM client, MSN client, INF message board open in your browser ...

    anyway try the graphical one (it will tell you the process attached to the port)


    thinking about it, your problem is perhaps only related to microsoft "background intelligent transfert" service (you can turn in off by putting it in "manual" starting).

    also after a quick look at your "netstat -a" output:
    -port 5000 is kind of ****ty and opened by the "Windows Universal plug and play" service, it's not causing your problem but it would probably a good idea to shut that service down.
     

Share This Page