IchBin wrote:
Guy Harris wrote:
On Jul 13, 2007, at 5:19 PM, Guy Harris wrote:
(Its output resembles that of netstat, probably intentionally. I
don't know whether any UN*Xes have tools such as that, i.e. either a
command-line or graphical netstat-plus-process-name - probably some
do.)
A Linux netstat man page at
http://linux.die.net/man/8/netstat
indicates that there's a "--process" flag that shows the process ID
and process name (probably the first N characters of the last
component of the executable name, or something such as that) of the
process that owns the socket; you have to be super-user to get that
for processes not your own.
lsof might also be able to get some information of that sort on some
UN*Xes.
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
Thanks Guy for the info. On windows the format is "Netstat -b". I do not
see any associated program that started the connection. I suspect that
programs that monitor the IP processes like WhatsRunning and System
internals, under windows, are just issuing Netstat commands and then
capturing the output and display their own display window. At least that
is what I have done in the pass when writing that type of interface
using Java.
[SNIP]
Again, thanks to you all of your guidance in this thread. This could be
a mute issue since I am building a new computer and plan to use a
different and newer windows OS. That is, WinXP SP Pro 64bit which may
open another can of worms so to speaks
Well after looking around and looking at SmitfraudFix output I see
something that is not correct.
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Realtek RTL8139 Family PCI Fast Ethernet NIC #2
DNS Server Search Order: 68.87.64.146
DNS Server Search Order: 68.87.75.194
Description: Realtek RTL8139 Family PCI Fast Ethernet NIC #2
DNS Server Search Order: 68.87.64.146
DNS Server Search Order: 68.87.75.194
HKLM\SYSTEM\CCS\Services\Tcpip\..\{83A9FF0F-296C-4D45-A153-6B8A6AFF8BCE}:
DhcpNameServer=207.68.160.190 194.25.2.129 208.67.222.222
,207.68.160.190 194.25.2.129 208.67.222.222
HKLM\SYSTEM\CCS\Services\Tcpip\..\{8A153A46-7E4A-44EE-8443-D1D0EA855ABD}:
DhcpNameServer=68.87.64.146 68.87.75.194
HKLM\SYSTEM\CCS\Services\Tcpip\..\{E55D5B3A-6EDC-4FC0-9E4B-6EEA562E9F44}:
DhcpNameServer=68.87.64.146 68.87.75.194
HKLM\SYSTEM\CS1\Services\Tcpip\..\{83A9FF0F-296C-4D45-A153-6B8A6AFF8BCE}:
DhcpNameServer=207.68.160.190 194.25.2.129 208.67.222.222
,207.68.160.190 194.25.2.129 208.67.222.222
HKLM\SYSTEM\CS1\Services\Tcpip\..\{8A153A46-7E4A-44EE-8443-D1D0EA855ABD}:
DhcpNameServer=68.87.64.146 68.87.75.194
HKLM\SYSTEM\CS1\Services\Tcpip\..\{E55D5B3A-6EDC-4FC0-9E4B-6EEA562E9F44}:
DhcpNameServer=68.87.64.146 68.87.75.194
HKLM\SYSTEM\CS3\Services\Tcpip\..\{83A9FF0F-296C-4D45-A153-6B8A6AFF8BCE}:
DhcpNameServer=207.68.160.190 194.25.2.129 208.67.222.222
,207.68.160.190 194.25.2.129 208.67.222.222
HKLM\SYSTEM\CS3\Services\Tcpip\..\{8A153A46-7E4A-44EE-8443-D1D0EA855ABD}:
DhcpNameServer=68.87.64.146 68.87.75.194
HKLM\SYSTEM\CS3\Services\Tcpip\..\{E55D5B3A-6EDC-4FC0-9E4B-6EEA562E9F44}:
DhcpNameServer=68.87.64.146 68.87.75.194
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=68.87.64.146
68.87.75.194
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=68.87.64.146
68.87.75.194
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=68.87.64.146
68.87.75.194
Not sure why these IP address are defined as a DhcpNameServer in the
windows registry (Not Comcast):
207.68.160.190 194.25.2.129 208.67.222.222 ,207.68.160.190 194.25.2.129
208.67.222.222
Not sure how to get rid of them either. Instructions I see about these
setting is to avoid changing them. Which does not make sense since I do
not think they should be there in the first place. Not realy sure if
this is apart of any problems I am having but does not look right. Guess
I need to know the implications of having them defined to DhcpNameServer.
--
Thanks in Advance... http://weconsulting.org
IchBin, Philadelphia, Pa, USA http://ichbinquotations.weconsulting.org
______________________________________________________________________
'If there is one, Knowledge is the "Fountain of Youth"'
-William E. Taylor, Regular Guy (1952-)
