mpcntl
02-03-2009, 18:25
My parents are on Virgin Media cable broadband. They connect directly to the network using a standard Virgin Media modem, no router involved.
In netstat I've been seeing what appear to be private internet addresses, the kind allocated to users.
Here's a sample with the numbers starred out:
TCP ----:epmap cpc2-oldh6-0-0cust***.manc.cable.ntl.com:1818
TIME_WAIT
TCP ----:epmap cpc1-mfld6-0-0cust***.nott.cable.ntl.com:15253
TIME_WAIT
TCP ----:epmap cpc1-mfld6-0-0cust***.nott.cable.ntl.com:48271
ESTABLISHED
TCP ----:epmap cpc3-grnk3-0-0cust***.renf.cable.ntl.com:1025
TIME_WAIT
TCP ----:epmap cpc3-grnk3-0-0cust***.renf.cable.ntl.com:4894
TIME_WAIT
Ordinarily I would think this was some kind of Trojan activity or P2P program / Worm running. However the addresses are *always* NTL and no other network. So I though it might be normal for the network. I plan to put them behind a router later this week and probably reinstall windows. The latest scan with ESET and the Port probe at hackerwatch.org show all clear.
Just wondered if anyone could shed any light on the netstat entries. Thanks Matt.
In netstat I've been seeing what appear to be private internet addresses, the kind allocated to users.
Here's a sample with the numbers starred out:
TCP ----:epmap cpc2-oldh6-0-0cust***.manc.cable.ntl.com:1818
TIME_WAIT
TCP ----:epmap cpc1-mfld6-0-0cust***.nott.cable.ntl.com:15253
TIME_WAIT
TCP ----:epmap cpc1-mfld6-0-0cust***.nott.cable.ntl.com:48271
ESTABLISHED
TCP ----:epmap cpc3-grnk3-0-0cust***.renf.cable.ntl.com:1025
TIME_WAIT
TCP ----:epmap cpc3-grnk3-0-0cust***.renf.cable.ntl.com:4894
TIME_WAIT
Ordinarily I would think this was some kind of Trojan activity or P2P program / Worm running. However the addresses are *always* NTL and no other network. So I though it might be normal for the network. I plan to put them behind a router later this week and probably reinstall windows. The latest scan with ESET and the Port probe at hackerwatch.org show all clear.
Just wondered if anyone could shed any light on the netstat entries. Thanks Matt.