Out of curiosity, I ran Netstat
on my Windows PC, and I found some strange entries like:
xx-fbcdn-shv-01-amt2:https
edge-star-mini-shv-01-frt3:https
mil04s03-in-f10:https
xx-fbcdn-shv-01-amt2:https
fra16s25-in-f14:https
lu7:http
40:https
mil04s04-in-f12:https
wb-in-f188:https
ec2-52-86-85-106:https
db5sch101101419:https
bam-6:https
What are these/how can I tell what these are?
Best Answer
You can get more useful information from the Netstat command by adding the
-f
and-b
parameters, like this:According to the help (
netstat -?
) the-f
switch:And the
-b
switch:Put the two together and you'll see what processes are creating each connection and the full remote host name.
To aid in investigating the executables (and the connection's they're making) use Microsoft's Process Explorer. When you run the program you'll be presented with a list of everything running on your system, like this:
Then, to see the connections made by an executable, double-click it and have a look at the TCP/IP tab: