PDA

View Full Version : Question I've Wanted To Ask For A While


3rd gen noob
12-01-2003, 06:34 AM
whenever i do a netstat, the only entry which seems to be there every single time is:

"TCP computername:microsoft-ds computername:0 LISTENING"

what does this actually do?

tia :)
balamm
12-01-2003, 06:50 AM
I think that just indicates your computer (computername:microsoft-ds) is listening on tcp to another computer ( computername:0 ) = no active connection ??

what switches are you using? netstat -a should give you something like this that shows all active services and ports



Active Connections

 Proto  Local Address          Foreign Address        State
 TCP    www-a-3592ba7e1:http   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:epmap  www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:microsoft-ds  www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:1026   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:1027   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:1028   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:1029   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:1099   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:1255   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:1327   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:ms-sql-s  www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:1631   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:1722   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:1734   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:1817   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:1940   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:1998   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2014   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2028   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2038   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2054   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2062   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2071   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2073   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2075   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2077   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2079   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2084   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2090   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2092   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2094   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2096   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2098   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2100   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2102   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2104   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2106   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2108   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2110   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2112   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2114   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2116   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2118   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2120   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2122   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2124   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2126   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2128   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2132   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2134   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2135   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2137   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2139   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2145   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2147   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2149   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2151   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2152   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2154   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2169   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2173   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2175   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2177   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2179   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2181   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2183   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2185   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2187   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2189   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2192   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2194   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2196   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2198   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2200   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:2425   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:4346   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:4662   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:6684   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:9582   www-a-3592ba7e1:0      LISTENING
 TCP    www-a-3592ba7e1:1940   200.82.37.184:4665     FIN_WAIT_1
 TCP    www-a-3592ba7e1:1987   pacnet1.xs4all.nl:4662  TIME_WAIT
 TCP    www-a-3592ba7e1:1991   host81-128-172-220.in-addr.btopenworld.com:4662
TIME_WAIT
 TCP    www-a-3592ba7e1:1998   217.165.185.3:4662     TIME_WAIT
 TCP    www-a-3592ba7e1:2012   ca-montpellier-3-195.w80-8.abo.wanadoo.fr:4662
TIME_WAIT
 TCP    www-a-3592ba7e1:2014   a213-22-47-43.netcabo.pt:4662  ESTABLISHED
 TCP    www-a-3592ba7e1:2020   vodsl-391.vo.lu:4662   TIME_WAIT
 TCP    www-a-3592ba7e1:2028   155.Red-81-32-32.pooles.rima-tde.net:4662  TIME_
WAIT
 TCP    www-a-3592ba7e1:2038   a7057.upc-a.chello.nl:4662  FIN_WAIT_1
 TCP    www-a-3592ba7e1:2040   CPE000102914ee3-CM014270032935.cpe.net.cable.rog
ers.com:4662  TIME_WAIT
 TCP    www-a-3592ba7e1:2042   wnpgmb01dc2-39-219.dynamic.mts.net:4662  TIME_WA
3rd gen noob
12-01-2003, 06:53 AM
Originally posted by balamm@1 December 2003 - 05:50
I think that just indicates your computer (computername:microsoft-ds) is listening on tcp to another computer ( computername:0 ) = no active connection ??

what switches are you using? netstat -a should give you something like this that shows all active services and ports
yeah, netstat -a was what i used
so that 'connection' isn't really an active connection at all...?
balamm
12-01-2003, 07:00 AM
It's a listening port. If you have printer and file sharring enabled in XP, that's what it is. It listens for incoming requests. On a desktop, it can be a vulnerability for dos attack and other things.


"Microsoft-DS"....it's the service/protocol name for tcp\udp port 445 which as you may know is for File\Print Sharing.
3rd gen noob
12-01-2003, 07:02 AM
Originally posted by balamm@1 December 2003 - 06:00
It's a listening port. If you have printer and file sharring enabled in XP, that's what it is. It listens for incoming requests. On a desktop, it can be a vulnerability for dos attack and other things.


"Microsoft-DS"....it's the service/protocol name for tcp\udp port 445 which as you may know is for File\Print Sharing.

ok, thanks :)