1. Home
  2. Wireless Networking
  3. Which of these netstat connections should be banned on WinXP?

Which of these netstat connections should be banned on WinXP?

Which of these netstat connections should I ban on Windows XP?

I thought I was protected on a home wireless network behind a d-link router. But coworkers said that with BitTorrent, even with avast and sygate running I should run the netstat ban command to find what to ban and then ban it.

Running the netstat ban command gave me the output below. Can you help point me to the right connections to kill daily?

I appreciate your help Barbara

Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:\\Documents and Settings\\babs> netstat -ban Active Connections Proto Local Address Foreign Address State PID TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4 [System]

TCP 127.0.0.1:1028 0.0.0.0:0 LISTENING 2552 [alg.exe]

TCP 127.0.0.1:12025 0.0.0.0:0 LISTENING 2584 [ashMaiSv.exe]

TCP 127.0.0.1:12080 0.0.0.0:0 LISTENING 308 [ashWebSv.exe]

TCP 127.0.0.1:12110 0.0.0.0:0 LISTENING 2584 [ashMaiSv.exe]

TCP 127.0.0.1:12119 0.0.0.0:0 LISTENING 2584 [ashMaiSv.exe]

TCP 127.0.0.1:12143 0.0.0.0:0 LISTENING 2584 [ashMaiSv.exe]

TCP 192.168.0.100:139 0.0.0.0:0 LISTENING 4 [System]

TCP 127.0.0.1:1996 127.0.0.1:12080 TIME_WAIT 0 TCP 127.0.0.1:1998 127.0.0.1:12080 TIME_WAIT 0 TCP 127.0.0.1:2000 127.0.0.1:12080 TIME_WAIT 0 TCP 127.0.0.1:2003 127.0.0.1:12080 TIME_WAIT 0 TCP 127.0.0.1:2005 127.0.0.1:12080 TIME_WAIT 0 TCP 127.0.0.1:2007 127.0.0.1:12080 TIME_WAIT 0 TCP 192.168.0.100:1975 70.86.5.131:80 TIME_WAIT 0 TCP 192.168.0.100:1977 70.86.5.131:80 TIME_WAIT 0 UDP 0.0.0.0:445 *:* 4 [System]

UDP 0.0.0.0:500 *:* 1004 [lsass.exe]

UDP 0.0.0.0:4693 *:* 1488 [smc.exe]

UDP 0.0.0.0:1025 *:* 1360 [BTStackServer.exe]

UDP 0.0.0.0:4500 *:* 1004 [lsass.exe]

UDP 127.0.0.1:1034 *:* 1488 [smc.exe]

UDP 127.0.0.1:1900 *:* 1736 c:\\windows\\system32\\WS2_32.dll c:\\windows\\system32\\ssdpsrv.dll ntdll.dll C:\\WINDOWS\\system32\\kernel32.dll [svchost.exe]

UDP 127.0.0.1:123 *:* 1376 c:\\windows\\system32\\WS2_32.dll c:\\windows\\system32\\w32time.dll ntdll.dll C:\\WINDOWS\\system32\\kernel32.dll [svchost.exe]

UDP 192.168.0.100:1900 *:* 1736 c:\\windows\\system32\\WS2_32.dll c:\\windows\\system32\\ssdpsrv.dll ntdll.dll C:\\WINDOWS\\system32\\kernel32.dll [svchost.exe]

UDP 192.168.0.100:137 *:* 4 [System]

UDP 192.168.0.100:138 *:* 4 [System]

UDP 192.168.0.100:123 *:* 1376 c:\\windows\\system32\\WS2_32.dll c:\\windows\\system32\\w32time.dll ntdll.dll C:\\WINDOWS\\system32\\kernel32.dll [svchost.exe]

C:\\Documents and Settings\\babs>

Reply to
Barbara Bailey
Loading thread data ...

Your colleagues are winding you up.

netstat -ban doesn't ban anything.

It just means

-a show all connections

-b show the executable (binary) using the connection

-n show the number

For reference netstat shows you the connections to or from your PC, so what this is doing is giving you too much info about them to digest, and scaring you.

However if you're /really/ worried, work out what each exe is, and whether you think it ought to be running. I've no idea what alg.exe and ashMaiSv.exe are, BTStackServer.exe is probably part of BitTorrent, and all the rest are perfectly normal.

Frankly tho, if it worries you, its much simpler just to stop using BitTorrent. It still beats me why anyone would want to use P2P, whenever I look at it, there's nothing but junk, illegal content and pron. Mark McIntyre

Reply to
Mark McIntyre

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.