Guest
|
 Posted:
Fri Jan 14, 2005 3:32 am Post subject:
lots of system:8 connections in win2k using tcpview |
|
|
Hi,
yesterday I was monitoring my windows 2000 connections using
sysinternals's TCPview and noticed something I didn't saw before.
There's a lot of system:8 connections while I'm using some programs
other then MS IE. It seems that every connections made by a program
also opens a system:8 connection (to the same IP)(except IE) with these
states : SYN_SENT or TIME_WAIT. When the connection is closed by the
program the system:8 connection is also closed. I know that netbios and
microsof-ds system:8 are normal (anyway my firewall blocks them) but
what about all the other connections? I don't recall seeing all those
connections (I can see more than 30 connections while using eMule, each
one is duplicated one for eMule and one for system:8), but maybe I was
just testing it while running IE. Can it be explained by the fact that
every application have to pass through the system to connect to the
internet ? I have an external linux firewall and I don't see anything
unusual when monitoring the connection with tcpdump.
Thanks in advance |
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in