Strange entries in Netstat output

windows networking internet netstat
23,436

You can get more useful information from the Netstat command by adding the -f and -b parameters, like this:

netstat -f -b

According to the help (netstat -?) the -f switch:

Displays Fully Qualified Domain Names (FQDN) for foreign addresses.

And the -b switch:

Displays the executable involved in creating each connection or listening port. In some cases well-known executables host multiple independent components, and in these cases the sequence of components involved in creating the connection or listening port is displayed. In this case the executable name is in [] at the bottom, on top is the component it called, and so forth until TCP/IP was reached. Note that this option can be time-consuming and will fail unless you have sufficient permissions.

Put the two together and you'll see what processes are creating each connection and the full remote host name.

To aid in investigating the executables (and the connection's they're making) use Microsoft's Process Explorer. When you run the program you'll be presented with a list of everything running on your system, like this:

enter image description here

Then, to see the connections made by an executable, double-click it and have a look at the TCP/IP tab: enter image description here

Share:
23,436

Related videos on Youtube

Admin
Author by

Admin

Updated on September 18, 2022

Comments

  • Admin
    Admin almost 2 years

    Out of curiosity, I ran Netstat on my Windows PC, and I found some strange entries like:

    xx-fbcdn-shv-01-amt2:https
edge-star-mini-shv-01-frt3:https
mil04s03-in-f10:https
xx-fbcdn-shv-01-amt2:https
fra16s25-in-f14:https
lu7:http
40:https
mil04s04-in-f12:https
wb-in-f188:https
ec2-52-86-85-106:https
db5sch101101419:https
bam-6:https

    What are these/how can I tell what these are?

  • I say Reinstate Monica
    I say Reinstate Monica over 7 years
    You're welcome. I updated my answer to give you an additional resource for investigating the connections made by processes on your machine. Hope it helps.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Linux Mint 11 won't connect to Windows 7 Wireless Ad Hoc
Get *hostname* of a RDP client computer
Disable default VPN ports on windows 500 and 4500
Setting multiple gateway for internet connection
The meaning of port 0 in netstat output
Internet connection issues after installing Windows Phone 8 SDK
How to select default network interface for internet?
How to find out which ports are used by a program?
Why UDP does not show LISTENING in the state column in netstat?
How to take advantage of two Internet connections (WiFi / Wired)?