C:\Documents and Settings\hdofront>netstat
Active Connections
Proto Local Address Foreign Address State
TCP hdolc_1:1059 localhost:1060 ESTABLISHED
TCP hdolc_1:1060 localhost:1059 ESTABLISHED
TCP hdolc_1:1061 localhost:1062 ESTABLISHED
TCP hdolc_1:1062 localhost:1061 ESTABLISHED
TCP hdolc_1:1033 cs16.msg.dcn.yahoo.com:5050 ESTABLISHED
TCP hdolc_1:1036 sip44.voice.re2.yahoo.com:https ESTABLISHED
TCP hdolc_1:3905 www.ibm.com:http ESTABLISHED
TCP hdolc_1:3906 www.ibm.com:http ESTABLISHED
TCP hdolc_1:3907 www.ibm.com:http ESTABLISHED
TCP hdolc_1:3908 www.ibm.com:http ESTABLISHED
TCP hdolc_1:3909 www.ibm.com:http ESTABLISHED
TCP hdolc_1:3910 www.ibm.com:http ESTABLISHED
TCP hdolc_1:3911 www.ibm.com:http ESTABLISHED
TCP hdolc_1:3912 www.ibm.com:http ESTABLISHED
TCP hdolc_1:3915 hexasoft.com.my:http ESTABLISHED
TCP hdolc_1:3919 one.cbox.ws:http TIME_WAIT
TCP hdolc_1:3924 hexasoft.com.my:http ESTABLISHED
TCP hdolc_1:3928 42.subnet125-160-16.akamai.telkom.net.id:http ESTABLISHED
TCP hdolc_1:3929 42.subnet125-160-16.akamai.telkom.net.id:http ESTABLISHED
TCP hdolc_1:3930 42.subnet125-160-16.akamai.telkom.net.id:http ESTABLISHED
TCP hdolc_1:3931 42.subnet125-160-16.akamai.telkom.net.id:http ESTABLISHED
TCP hdolc_1:3934 nz-in-f191.google.com:https TIME_WAIT
TCP hdolc_1:3935 nz-in-f191.google.com:https TIME_WAIT
TCP hdolc_1:3961 172.16.133.99:microsoft-ds SYN_SENT
TCP hdolc_1:3962 172.16.133.99:netbios-ssn SYN_SENT
C:\Documents and Settings\hdofront>
analisis minimal buat tau port, sama ip yang diakses komputer. kalau normal2 aja port itu
1. port 80 , 8080, 3128 ( web, proxy)
2. Port 21 port Ftp
3. Port 23 Port Telnet
4. Port 22 Port ssh
5. port 6667 port Chat Mirc
6. port 5050 port Yahooo mesengger
diluar itu mungkin virus. atau software tertentu yang anda install.
No comments:
Post a Comment