| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Lots of ports open, why? |
My dad is running w2k and netstat shows an unbelievable number of ports open. Listening on more than 50. My thoughts are worm but which one? He cannot start his antivirus, it immediately closes and his computer is running slower than a slug. I've had him check services and startup stuff. Nothing stands out unless it has taken on a name of something else that is legitimate. Entries are like this: TCP jrobert:1181 jrobert:0 LISTENING TCP jrobert:1182 jrobert:0 LISTENING TCP jrobert:1183 jrobert:0 LISTENING TCP jrobert:1391 jrobert:0 LISTENING TCP jrobert:1394 127.0.0.120:epmap SYN_SENT TCP jrobert:1397 127.0.0.120:epmap SYN_SENT TCP jrobert:1407 127.0.0.120:epmap SYN_SENT I've searched these port numbers at Symantec and google but nothing definite comes up. Does anyone have an idea of what could be causing entries like this. I guess I'll have to drive down there and install the latest definitions and hope that solves it, but if it's not a worm, what else would be doing this type of activity. Thanks, Jon ------------------------ Yahoo! Groups Sponsor ---------------------~--> Upgrade to 128-bit SSL Security! http://us.click.yahoo.com/qZ0LdD/yjVHAA/TtwFAA/E8folB/TM ---------------------------------------------------------------------~-> Yahoo! Groups Links To visit your group on the web, go to: http://groups.yahoo.com/group/os2user/ To unsubscribe from this group, send an email to: os2user-unsubscribe{at}yahoogroups.com Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/ ---* Origin: Waldo's Place USA Internet Gateway (1:3634/1000) SEEN-BY: 633/267 270 @PATH: 3634/1000 12 106/2000 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.