Listening process

Hi all,

I’m attaching a screenshot from TCPView from my Win2K system. Can someone confirm my understanding that the “System:8” processes are something that is safely blocked by the default NM rules? And that a LISTENING process is something like a program trying to act as a server that needs a rule letting it be visible?

I gather from Googling and from grc.com* that this is a kind of built-in Trojan, an SMB server that listens on port 445, and that there’s no easy way to shut down.

*GRC | Port Authority, for Internet Port 445  

[attachment deleted by admin]

Hi Ravenheart (:WAV)

It looks like you have File-Sharing on… or something like it. The DS is MS’s Directory Service. Are you on a LAN?

Hi Kail,

Yes, I’m behind a router but not enabling the Client for Microsoft Networks, File and Printer Sharing, NetBIOS, or any such thing, just TCP/IP.

I’d be grateful if you could double check the Network tab under the Properties of your Network connection. Just to make sure something didn’t activate sharing indirectly. Thanks.

I don’t think I have such a tab with this OS, if I’m looking in the right place, as you see here. I don’t see one drilling down Internet Protocol > Properties > Advanced.

The Network Monitor Driver is a packet sniffer, WinPCap.

[attachment deleted by admin]