Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

New here ; a little Netstat question...

Status
Not open for further replies.
BomBoklaT

BomBoklaT

IS-IT--Management
Mar 31, 2005
4
FR
Hi all,

this seems to be a pretty cool place to learn and share knwoledge;i think i like it! :)
I come to you concerning a question i have about TCP IP connections.
I did a netstat on my work pc coz i was bored, and this is the result (i removed the corp info) ; those are the last four lines of the netstat and they initiated my need for an answer :


TCP HLS10:3020 HLS10.xxxx.xxx:6139 ESTABLISHED
TCP HLS10:3028 HLS10.xxxx.xxx:3029 ESTABLISHED
TCP HLS10:3029 HLS10.xxxx.xxx:3028 ESTABLISHED
TCP HLS10:6139 HLS10.xxxx.xxx:3020 ESTABLISHED

My question is : why do those 4 ports interconnect to eachother?

Another question i have is do you know any software that can list in real-time all outgoing connections from my w2000 box?
I need to know the destination of all outgoing traffic i create...

Thanks a lot for your help!
 
Sort by date Sort by votes
Any good ethernet analyser will do this. Ethereal for example is free but I would suggest a version of sniffer or Ultra network sniffer which is a far cheaper alternative and almost as good. You need not capture the packets but merely monitor traffic.

After netstat an ethernet analyser was always my natural next stop.
 
Upvote 0 Downvote
Hi Tim,

thanks for your reply, one thing though, you say that Ethereal is free but that Sniffer or Ultra network sniffer are cheaper?
I guess i'll just try both...

Anythoughts on the interconnecting ports though?

Cheers! :D
 
Upvote 0 Downvote
Those are more than likely two seperate programs.. one program is using ports 3020 and 6139, and another 3028 nd 3029.

Generally these are services.

Port 3020 is generally used by CIFS.

and 3028 and 3029 is generally used by LiebDevMgmt_A and LiebDevMgmt_DM

Computer/Network Technician
CCNA
 
Upvote 0 Downvote
Okay thanks a lot for your reply LLoyd!
But why are they inversed?
is it one way input and the other output?

Thanks! :)
 
Upvote 0 Downvote
Well you have to look at it in a client/server formation.

When the client sends something to a server, it comes from a port to another port, then the server sends back the response, it goes from that port back to the original port.

Computer/Network Technician
CCNA
 
Upvote 0 Downvote
Oh ok i see, just like a null cable modem, thanks a lot for clearing that up Lloyd!
Cheers!

 
Upvote 0 Downvote
As you are using Windows 2000, you will need to use a third party software to show all connections in real time. I suggest TCPView from (its free).

Windows XP has this function built in (using the netstat -o command).
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Zebad
  • Locked
  • Question
TFTP interference from another host (Windows Server , VxWorks Client)
Replies
0
Views
657
Zebad
Zebad
robocat
  • Locked
  • Question
Yet another TCP RST flag problem
Replies
0
Views
586
robocat
robocat
jmarkus
  • Locked
  • Question
Can I have a different private IP address which isn't on my router's subnet?
Replies
6
Views
696
sbcsu
sbcsu
Vedant Gonnade
  • Locked
  • Question
How to send a string (generated by camera) to computer
Replies
0
Views
577
Vedant Gonnade
Vedant Gonnade
Vitor Fernandes-Neto
  • Locked
  • Question
Ldap authentication in classic asp, retrieving givenname, displayname etc
Replies
0
Views
702
Vitor Fernandes-Neto
Vitor Fernandes-Neto

Part and Inventory Search

Sponsor

Back
Top