Is it hacking?
-
@Antibiotic take a look at netstat to see what process is doing it.. Could be some addon in your browser as well.
as admin in a cmd prompt run netstat -anb
TCP 192.168.9.100:18958 208.123.73.77:443 ESTABLISHED [firefox.exe] TCP 192.168.9.100:20572 34.107.243.93:443 ESTABLISHED [firefox.exe] TCP 192.168.9.100:21258 146.75.77.91:443 ESTABLISHED [firefox.exe] TCP 192.168.9.100:21274 178.162.173.120:443 ESTABLISHED [firefox.exe] TCP 192.168.9.100:21326 151.101.193.188:443 ESTABLISHED [firefox.exe] TCP 192.168.9.100:21329 146.75.77.188:443 ESTABLISHED [firefox.exe] TCP 192.168.9.100:21340 23.33.29.88:443 ESTABLISHED [firefox.exe] TCP 192.168.9.100:21381 142.250.191.164:443 ESTABLISHED [firefox.exe] TCP 192.168.9.100:21384 104.18.17.97:443 ESTABLISHED
Or you could use tcpview
https://learn.microsoft.com/en-us/sysinternals/downloads/tcpviewbtw - I tried talking to that IP on both 443 and 80 and nothing answers anyway.
-
@johnpoz said in Is it hacking?:
as admin in a cmd prompt run netstat -anb
I did, but for this moment no connections with those IP's
-
@Antibiotic I see a 6881 port in there - you running torrents? Also that 6900 port also common torrent port.. So yeah I would expect IPs from all over.. I mean all over!!
-
@johnpoz I'm also start think about torrent client))))
-
@Antibiotic blocking outbound while your running a torrents going to drastically reduce the overall capability for it to function at its peak.
-
It looks like bit-torrents, Azure, Limewire, something like that. If you use snort you could activate openAppID and see what it is in a second
-
-
Maybe he is running torrents on purpose? He did say it was his laptop.. How would torrent just show up without the user knowing they were running torrents?
-
-
@johnpoz said in Is it hacking?:
Maybe he is running torrents on purpose? He did say it was his laptop.. How would torrent just show up without the user knowing they were running torrents?
It was my torrent client on laptop.
-
@Antibiotic get rid of that torrent client eventually it’s gonna break stuff if you keep using it. Trust me. Stop using it, think about how many ports you need open. It just takes one bad download