suspicious?!? someone please advise me?
netstat -an
TCP 67.19.10.12*:135 212.40.113.190:4643 ESTABLISHED
TCP 67.19.10.12*:135 212.40.113.190:4647 ESTABLISHED
ip is from Szolnok, Hungary
the * are two different ip numbers that are assigned to my server
Full Version: Is this suspicious?!
Port 135 is the port Microsoft's RPC service listens on and there are MANY exploits that use this port. You should definately close it ASAP.
That does look a little suspicious. Disable windows filesharing if you can.
QUOTE (klaude)
That does look a little suspicious. Disable windows filesharing if you can.
i think i know how to do this....I right clicked on my network connection and un checked file and printer sharing
not sure why it was enabled but whatever... it should be disabled now.
Ideally you really should close the port with a firewall, in addition to disabling the functions that use it. Also, for good measure, go to grc.com from your server's browser and run a port scan to see which other ports are still open that can be closed.
i dont have an external firewall, might get one some day,
but for now, cant i do this with ipsec?
but for now, cant i do this with ipsec?
Since you arent sure if you can or not I found an article for you to read 
http://support.microsoft.com/?id=813878
http://support.microsoft.com/?id=813878
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.