General discussion


Port 1036 to

By AnthonyMCSE ·
I've been trying to track down a stray connection on my Windows 98 workstation. When I run NETSTAT -n I get the following connection I can't figure out:

Active Connections

Proto Local Address Foreign Address State
TCP172.22.3.201:1036 CLOSE_WAIT

The resolves to

My sense is that I have been hacked, how can I figure out if a program on my system is responsible?

I don't want to just install ZoneAlarm or somesuch, I would like to manually figure out what's up. I've run the latest Spybot 1.2 and it says I'm clean.

I figured a network sniffer could help, but have little experience in that area. Maybe some kind of Port Monitor? Again, little experience, if there are some easy & free tools out there, please let me know.

Can I get some suggestions on how to track this down?

Also, I tried NETSTAT -a and see some listening ports--is there a list somewhere showing "legit" listening ports?

Sigh, someday I'll be a network stud.


Anthony, MCSE

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums