Netstat Findings

Toggle sidebar Toggle sidebar

EMPshockwave82

Diamond Member
Jul 7, 2003
3,012
2
0
I have been seeing some weird activity of the upload / download sort. Using DUMeter the color RED is me downloading information packets from other sources and green is other people accessing my computer to download information packets.

I have been seeing fairly large numbers in the green (upload) area recently. A constant 30kB/sec as a matter of fact.

running a netstat I contine to find that *.level3.mail.yahoo.com and 216.239.41.99 seem to be the culprits in my little problem

My question then is this:
Does anyone know about these addresses?

mta-v5.level3.mail.yahoo.com:smtp
216.239.41.99:http
mta-v4.level3.mail.yahoo.com:smtp
 
P

PTCvette

Banned
Sep 26, 2002
870
0
0
Well, doing a whois on from ARIN on 216.239.41.99 gives me this:

Search results for: 216.239.41.99

OrgName: Google Inc.
OrgID: GOGL
Address: 2400 E. Bayshore Parkway
City: Mountain View
StateProv: CA
PostalCode: 94043
Country: US

NetRange: 216.239.32.0 - 216.239.63.255
CIDR: 216.239.32.0/19
NetName: GOOGLE
NetHandle: NET-216-239-32-0-1
Parent: NET-216-0-0-0-0

So I don't think google is causing all this traffic... THIS is where I did the search on that IP address... The other 2 look legit enough as just regular old yahoo, but I am at work, and don't have time to look them up.

Jeff
 
P

PTCvette

Banned
Sep 26, 2002
870
0
0
Actually I pinged that yahoo one and got this IP: 67.28.113.11... It looks like it is in Yahoo's range according to ARIN:

OrgName: Yahoo!
OrgID: YAOO
Address: 701 First Avenue
City: Sunnyvale
StateProv: CA
PostalCode: 94089
Country: US

NetRange: 67.28.112.0 - 67.28.115.255


Are you running any kind of firewall on the computer? If not, either turn on the windows firewall and see if that slows anything down, or grab the free zone alarm and see what it gives you as far as info on your traffic goes. Windows firewall can keep a log of blocked stuff, so that would tell you what's trying to get in and out.

Jeff
 
F

fractilian

Member
Jun 17, 2001
35
0
0
Are you running the yahoo or google toolbar in your browser? What about yahoo instant messenger?
 
P

PTCvette

Banned
Sep 26, 2002
870
0
0
Yeah that's kind of what I was thinking too. Maybe one of the toolbars or yahoo messenger? Seems like neither one of those would generate the kinds of traffic you are seeing though.......
 
S

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
Also I thought the Nagle worm's hit google and opened mail servers?

Make sure your AV is up to date and run a full scan.
 

EMPshockwave82

Diamond Member
Jul 7, 2003
3,012
2
0
Originally posted by: spidey07
Also I thought the Nagle worm's hit google and opened mail servers?

Make sure your AV is up to date and run a full scan.
Click to expand...

been there... done that x 4

updated norton and then ran virus scan in safe mode with no findings
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom
sale-70-410-exam    | Exam-200-125-pdf    | we-sale-70-410-exam    | hot-sale-70-410-exam    | Latest-exam-700-603-Dumps    | Dumps-98-363-exams-date    | Certs-200-125-date    | Dumps-300-075-exams-date    | hot-sale-book-C8010-726-book    | Hot-Sale-200-310-Exam    | Exam-Description-200-310-dumps?    | hot-sale-book-200-125-book    | Latest-Updated-300-209-Exam    | Dumps-210-260-exams-date    | Download-200-125-Exam-PDF    | Exam-Description-300-101-dumps    | Certs-300-101-date    | Hot-Sale-300-075-Exam    | Latest-exam-200-125-Dumps    | Exam-Description-200-125-dumps    | Latest-Updated-300-075-Exam    | hot-sale-book-210-260-book    | Dumps-200-901-exams-date    | Certs-200-901-date    | Latest-exam-1Z0-062-Dumps    | Hot-Sale-1Z0-062-Exam    | Certs-CSSLP-date    | 100%-Pass-70-383-Exams    | Latest-JN0-360-real-exam-questions    | 100%-Pass-4A0-100-Real-Exam-Questions    | Dumps-300-135-exams-date    | Passed-200-105-Tech-Exams    | Latest-Updated-200-310-Exam    | Download-300-070-Exam-PDF    | Hot-Sale-JN0-360-Exam    | 100%-Pass-JN0-360-Exams    | 100%-Pass-JN0-360-Real-Exam-Questions    | Dumps-JN0-360-exams-date    | Exam-Description-1Z0-876-dumps    | Latest-exam-1Z0-876-Dumps    | Dumps-HPE0-Y53-exams-date    | 2017-Latest-HPE0-Y53-Exam    | 100%-Pass-HPE0-Y53-Real-Exam-Questions    | Pass-4A0-100-Exam    | Latest-4A0-100-Questions    | Dumps-98-365-exams-date    | 2017-Latest-98-365-Exam    | 100%-Pass-VCS-254-Exams    | 2017-Latest-VCS-273-Exam    | Dumps-200-355-exams-date    | 2017-Latest-300-320-Exam    | Pass-300-101-Exam    | 100%-Pass-300-115-Exams    |
http://www.portvapes.co.uk/    | http://www.portvapes.co.uk/    |