C:\Users\Antonello>netstat -o Connessioni attive Proto Indirizzo locale Indirizzo esterno Stato PID TCP 127.0.0.1:5354 PC-Antonello:49156 ESTABLISHED 1496 TCP 127.0.0.1:5354 PC-Antonello:49157 ESTABLISHED 1496 TCP 127.0.0.1:19872 PC-Antonello:49516 ESTABLISHED 3080 TCP 127.0.0.1:27015 PC-Antonello:49159 ESTABLISHED 1864 TCP 127.0.0.1:49156 PC-Antonello:5354 ESTABLISHED 1864 TCP 127.0.0.1:49157 PC-Antonello:5354 ESTABLISHED 1864 TCP 127.0.0.1:49159 PC-Antonello:27015 ESTABLISHED 3500 TCP 127.0.0.1:49321 PC-Antonello:49322 ESTABLISHED 5540 TCP 127.0.0.1:49322 PC-Antonello:49321 ESTABLISHED 5540 TCP 127.0.0.1:49516 PC-Antonello:19872 ESTABLISHED 3080 TCP 217.203.82.227:60446 157.56.52.27:33033 ESTABLISHED 3036 TCP 217.203.82.227:60449 xmpp-shv-01-frc3:5222 ESTABLISHED 3036 TCP 217.203.82.227:60452 db3wns2011414:https ESTABLISHED 1900 TCP 217.203.82.227:60457 db3msgr6011709:https ESTABLISHED 3036 TCP 217.203.82.227:60464 157.56.53.47:12350 ESTABLISHED 3036 TCP 217.203.82.227:61164 mil01s17-in-f14:https ESTABLISHED 5540 TCP 217.203.82.227:61195 a23-221-224-55:https CLOSE_WAIT 10968 TCP 217.203.82.227:61200 65.55.58.184:http CLOSE_WAIT 10968 TCP 217.203.82.227:61202 a23-221-224-55:http CLOSE_WAIT 10968 TCP 217.203.82.227:61203 a23-221-224-55:http CLOSE_WAIT 10968 TCP 217.203.82.227:61204 a23-221-224-55:https CLOSE_WAIT 10968 TCP 217.203.82.227:61205 a23-221-224-55:https CLOSE_WAIT 10968 TCP 217.203.82.227:61206 a23-221-224-55:https CLOSE_WAIT 10968 TCP 217.203.82.227:61207 sjd-ra1-1b:http CLOSE_WAIT 3080 TCP 217.203.82.227:61209 65.55.58.184:http CLOSE_WAIT 10968 TCP 217.203.82.227:61212 5.178.42.10:http CLOSE_WAIT 10968 TCP 217.203.82.227:61213 5.178.42.10:http CLOSE_WAIT 10968 TCP 217.203.82.227:61214 5.178.42.10:http CLOSE_WAIT 10968 TCP 217.203.82.227:61215 5.178.42.10:http CLOSE_WAIT 10968 TCP 217.203.82.227:61216 5.178.42.10:http CLOSE_WAIT 10968 TCP 217.203.82.227:61217 5.178.42.10:http CLOSE_WAIT 10968 TCP 217.203.82.227:61218 5.178.42.57:http CLOSE_WAIT 10968 TCP 217.203.82.227:61219 5.178.42.57:http CLOSE_WAIT 10968 TCP 217.203.82.227:61220 5.178.42.57:http CLOSE_WAIT 10968 TCP 217.203.82.227:61221 5.178.42.57:http CLOSE_WAIT 10968 TCP 217.203.82.227:61224 5.178.42.57:http CLOSE_WAIT 10968 TCP 217.203.82.227:61226 5.178.42.10:http CLOSE_WAIT 10968 TCP 217.203.82.227:61333 91.190.216.7:https TIME_WAIT 0 TCP 217.203.82.227:61334 91.190.216.7:https TIME_WAIT 0 TCP 217.203.82.227:61386 channelproxy-shv-06-frc1:https ESTABLISHED 5540 TCP 217.203.82.227:61387 edge-star-shv-03-mxp1:https ESTABLISHED 303 6 TCP 217.203.82.227:61388 xx-fbcdn-shv-01-mxp1:https ESTABLISHED 3036 C:\Users\Antonello>La prima colonna è il protocollo
La seconda è, a parte le prime in cui non ci ho capito niente, il mio IP con la porta attraverso la quale sta ricevendo qualcosa: ho verificato che si tratta del mio IP tramite ipconfig
Indirizzo IPv4. . . . . . . . . . . . : 217.203.82.227
Subnet mask . . . . . . . . . . . . . : 255.255.255.255
Gateway predefinito . . . . . . . . . : 0.0.0.0
La terza è il sistema remoto con la sua porta attraverso la quale ricevo i dati.
La quarta è lo stato della connessione.
La quinta è il PID, ossia il numero identificativo del processo.
Per trovare a quale processo corrisponda il numero ho il comando tasklist
C:\Users\Antonello>tasklist Nome immagine PID Nome sessione Sessione n. Utilizzo mem ========================= ======== ================ =========== ============ System Idle Process 0 Services 0 20 K System 4 Services 0 8.568 K smss.exe 300 Services 0 280 K csrss.exe 472 Services 0 2.232 K wininit.exe 516 Services 0 276 K csrss.exe 536 Console 1 45.188 K winlogon.exe 580 Console 1 14.976 K services.exe 620 Services 0 8.100 K lsass.exe 628 Services 0 16.832 K svchost.exe 732 Services 0 16.748 K svchost.exe 944 Services 0 9.352 K svchost.exe 992 Services 0 29.100 K dwm.exe 404 Console 1 33.404 K svchost.exe 452 Services 0 42.336 K svchost.exe 808 Services 0 20.460 K svchost.exe 928 Services 0 102.572 K svchost.exe 1116 Services 0 18.920 K svchost.exe 1144 Services 0 42.072 K wlanext.exe 1320 Services 0 3.316 K conhost.exe 1344 Services 0 300 K spoolsv.exe 1616 Services 0 17.324 K taskhostex.exe 1652 Console 1 8.596 K armsvc.exe 1844 Services 0 920 K AppleMobileDeviceService. 1864 Services 0 3.000 K explorer.exe 1900 Console 1 94.308 K TabTip.exe 1084 Console 1 4.792 K TabTip32.exe 772 Console 1 504 K mDNSResponder.exe 1496 Services 0 2.928 K BrcmCardReader.exe 1172 Services 0 1.604 K CCDMonitorService.exe 1292 Services 0 1.840 K dsiwmis.exe 284 Services 0 1.912 K dasHost.exe 1768 Services 0 6.968 K ETDService.exe 2072 Services 0 1.320 K HeciServer.exe 2120 Services 0 1.128 K ETDCtrl.exe 2128 Console 1 6.636 K Jhi_service.exe 2148 Services 0 372 K LMutilps32.exe 2172 Console 1 3.596 K AdAwareService.exe 2216 Services 0 13.392 K LManager.exe 2244 Console 1 3.184 K MfeASUM.exe 2364 Services 0 5.060 K mfevtps.exe 2392 Services 0 2.392 K sqlservr.exe 2436 Services 0 12.516 K rundll32.exe 2584 Console 1 16.624 K rundll32.exe 2592 Console 1 20.588 K igfxtray.exe 2692 Console 1 1.652 K NOBuAgent.exe 2744 Services 0 3.088 K hkcmd.exe 2776 Console 1 1.792 K igfxpers.exe 2808 Console 1 3.960 K RAVCpl64.exe 2856 Console 1 5.364 K AdAwareTray.exe 2944 Console 1 5.248 K RfBtnSvc64.exe 2956 Services 0 2.768 K c2c_service.exe 3016 Services 0 1.624 K Skype.exe 3036 Console 1 175.416 K Smartbar.exe 1408 Console 1 23.120 K SSScheduler.exe 2380 Console 1 708 K sqlwriter.exe 2984 Services 0 1.696 K svchost.exe 2684 Services 0 15.008 K Pen_Tablet.exe 3032 Services 0 972 K Dropbox.exe 3080 Console 1 73.824 K McAPExe.exe 3160 Services 0 1.944 K RfBtnHelper.exe 3228 Console 1 1.280 K Pen_TabletUser.exe 3268 Console 1 1.148 K jusched.exe 3328 Console 1 7.796 K Pen_Tablet.exe 3348 Console 1 2.568 K ePowerTray.exe 3448 Console 1 812 K iTunesHelper.exe 3500 Console 1 3.920 K adawarebp.exe 3556 Console 1 3.760 K unsecapp.exe 4072 Services 0 1.644 K WmiPrvSE.exe 3236 Services 0 5.044 K unsecapp.exe 2024 Console 1 2.372 K WmiPrvSE.exe 3620 Services 0 10.744 K MMDx64Fx.exe 4112 Console 1 1.848 K igfxext.exe 4148 Console 1 2.912 K iPodService.exe 4320 Services 0 2.560 K SearchIndexer.exe 4392 Services 0 20.352 K svchost.exe 4572 Services 0 24.152 K ETDCtrlHelper.exe 4628 Console 1 2.912 K svchost.exe 4708 Services 0 9.692 K DeviceDetector.exe 4176 Console 1 564 K ePowerSvc.exe 5972 Services 0 3.000 K igfxsrvc.exe 5772 Console 1 3.824 K unsecapp.exe 6016 Console 1 2.700 K ePowerEvent.exe 5808 Console 1 1.168 K LMS.exe 5004 Services 0 2.468 K NASvc.exe 3176 Services 0 1.664 K UNS.exe 208 Services 0 4.416 K taskhost.exe 4172 Services 0 13.444 K Chiavetta Internet.exe 5008 Console 1 42.848 K firefox.exe 5540 Console 1 628.500 K explorer.exe 6228 Console 1 62.172 K McSmtFwk.exe 8092 Services 0 1.768 K mcshield.exe 4584 Services 0 227.796 K mfefire.exe 2724 Services 0 3.912 K VCExpress.exe 6844 Console 1 63.676 K audiodg.exe 6736 Services 0 13.740 K McSvHost.exe 2028 Services 0 24.708 K McSvHost.exe 7560 Services 0 4.448 K taskhost.exe 5880 Console 1 8.876 K notepad.exe 9628 Console 1 35.288 K McUICnt.exe 3632 Console 1 71.744 K plugin-container.exe 72 Console 1 21.088 K FlashPlayerPlugin_12_0_0_ 8300 Console 1 10.980 K FlashPlayerPlugin_12_0_0_ 8508 Console 1 89.576 K cmd.exe 7848 Console 1 2.148 K conhost.exe 2404 Console 1 7.692 K mcods.exe 6848 Services 0 12.092 K RuntimeBroker.exe 11092 Console 1 13.492 K WWAHost.exe 10968 Console 1 36.832 K Lrcnta.exe 6744 Console 1 22.144 K WSHost.exe 10112 Console 1 11.888 K cmd.exe 10876 Console 1 2.120 K conhost.exe 7920 Console 1 6.824 K NETSTAT.EXE 2628 Console 1 3.436 K taskeng.exe 6652 Services 0 4.208 K WWAHost.exe 7844 Console 1 21.644 K LiveComm.exe 9648 Console 1 13.896 K tasklist.exe 11184 Console 1 5.240 K C:\Users\Antonello>Ho marcato tutti i processi che ho ritrovato nelle varie connessioni identificate con il netstat.
Nessun commento:
Posta un commento