Archived from groups: microsoft.public.windowsxp.security_admin,microsoft.public.windowsxp.perform_maintain,microsoft.public.windowsxp.help_and_support (
More info?)
Again, I wouldn't be too concerned. If you allow and application to
communicate with your PC, then you're allowing it. If you have a
professional type firewall software installed, then you may allow certain
ports to be open/closed for certain things.
If you are using a software firewall, try deleting every program that you
are using for what you are concerned, then when you restart them, your
firewall should ask if you want to allow this. If any other connections seem
to arise from that program, your firewall should alert you, and you can
deny, or allow (if even for one instance at a time).
"DCSouthSide" <DrewStuffL@excite.com> wrote in message
news:eDDm5%23JKFHA.2736@TK2MSFTNGP09.phx.gbl...
> My reason for getting concerned about who is connecting to my computer is
> this: when I first installed Yahoo Messenger, I had the option set to
> allow Yahoo websites (games, chat) to show whether I am online or offline.
> I did not list myself in the Yahoo directory, so no one could find me by
> searching for my screen name. I turned that first option off because I
> was receiving unsolicited IMs all the time. They have decreased
> significantly. What I am worried about, however, is whether an advertiser
> or someone harmful could have detected my IP and stored it on their
> computer. Call me paranoid if you wish, but Yahoo has a terrible problem
> with advertisers abusing Messenger.
>
>
> "Tom" <noway@nothere.com> wrote in message
> news:OyleNxBKFHA.2428@TK2MSFTNGP10.phx.gbl...
>>
>> "DCSouthSide" <DrewStuffL@excite.com> wrote in message
>> news:ugEf%231AKFHA.4028@tk2msftngp13.phx.gbl...
>>> Then, while chatting on Yahoo Messenger I ran netstat again and got
>>> this:
>>>
>>> Active Connections
>>>
>>> Proto Local Address Foreign Address State
>>> TCP _____________:#### localhost:#### ESTABLISHED
>>> TCP _____________:#### localhost:#### TIME_WAIT
>>> TCP _____________:#### localhost:#### TIME_WAIT
>>> TCP _____________:#### localhost:#### TIME_WAIT
>>> TCP _____________:#### localhost:#### TIME_WAIT
>>> TCP _____________:#### localhost:#### ESTABLISHED
>>> TCP _____________:#### localhost:#### TIME_WAIT
>>> TCP _____________:#### localhost:#### ESTABLISHED
>>> TCP _____________:#### localhost:#### ESTABLISHED
>>> TCP _____________:#### msnews.microsoft.com:nntp ESTABLISHED
>>> TCP _____________:#### cs19.msg.dcn.yahoo.com:5050 ESTABLISHED
>>> TCP _____________:#### 204.71.200.36:http TIME_WAIT
>>> TCP _____________:#### 205.161.6.47:http ESTABLISHED
>>>
>>> Obviously msnews.microsoft.com:nntp is Outlook Express's connection to
>>> the
>>> Microsoft news server. Yahoo.com is equally obvious. 204.71.200.36 is
>>> Yahoo, I believe. I have no idea what 205.161.6.47 is.
>>>
>>
>> Your only concern should be whether your firewall is working properly. If
>> you
>> are getting hit, and your FW doesn't detect, or you allowed the setting
>> to
>> accept other connections, then you will see these other addresses you not
>> sure of. For example, you may be at yahoo, and the address is listed, the
>> other addresses may be conntection from yahoo that show up also.
>>
>> In mine, while only using OE connected to the MS servers, I get this:
>>
>> Proto Local Address Foreign Address State
>> TCP home-pc:1073 msnews.microsoft.com:nntp ESTABLISHED
>> TCP home-pc:1028 207.46.248.16:nntp TIME_WAIT
>> TCP home-pc:1073 207.46.248.16:nntp ESTABLISHED
>>
>> The lower IP addy is MS in Redmond WA, and I can assume that is the news
>> servers there where I am connected.
>>
>> Close all active Windows, run Netstat, and you'll get nothing (maybe,
>> sometimes you get a similar connection that doesn't list active, reboot
>> Windows if you want a true showing), open IE and
>> see what shows up. Another addy may just be tracking how well MS's
>> website
>> gets hits, and you show that in netstat, or it will show MS, and the
>> related IP addy is uses to be on the web..
>>
>>
>>
>
>