Or you can do what I do and not have your computer connected to the Internet at all.

No I'm not paranoid, I don't have broadband and my modem is in my parent's computer.

See my sig, Dave. The Router not only protects me very nicely, but is a very convenient way of sharing the connection. I often build PCs for friends/colleagues, and being able to just plug them into the router (for updates, installs etc) makes life so simple its unreal. The RP114 is better & cheaper now. It lets you restrict browsing activity & will email you usage - great for keeping an eye on the kids (one day...).

With the Router and NAV I've never had a virus. I once got a trojan, but I sorta deserved it (Kazaa activities )

HTH

Tony.

<pre><hr />TCP appy2000:1062 OL157-23.fibertel.com.ar:1214 CLOSING
TCP appy2000:1064 h98n1fls31o1109.telia.com:3766 CLOSING
TCP appy2000:1085 CPE014380027386.cpe.net.cable.rogers.com:1214 LAST_ACK
TCP appy2000:1098 fctn1-2173.nb.aliant.net:1214 CLOSING
TCP appy2000:1164 adsl-33-104-101.asm.bellsouth.net:2138 CLOSING
TCP appy2000:1219 pool-151-201-45-167.pitt.east.verizon.net:1214 FIN_WAIT_1
TCP appy2000:1313 pcp02293346pcs.ptchar01.fl.comcast.net:1214 CLOSING
TCP appy2000:1362 dsl-018.cascadeaccess.com:1890 CLOSING
TCP appy2000:1411 66.227.174.188.mi.chartermi.net:1652 LAST_ACK
TCP appy2000:1423 h0040cab54a86.ne.client2.attbi.com:2219 CLOSING
TCP appy2000:1458 242850hfc136.tampabay.rr.com:1214 CLOSING
TCP appy2000:1495 ip68-97-53-52.ok.ok.cox.net:1214 CLOSING
TCP appy2000:1514 67.84.83.205:3229 CLOSING
TCP appy2000:1537 spamchang.Stanford.EDU:1214 CLOSING
TCP appy2000:1543 pcp02293346pcs.ptchar01.fl.comcast.net:1214 CLOSING
TCP appy2000:1550 servedby.advertising.com:http CLOSING
TCP appy2000:1554 host217-39-88-175.in-addr.btopenworld.com:1369 CLOSING
TCP appy2000:1579 a213-84-145-212.adsl.xs4all.nl:1214 CLOSING
TCP appy2000:1608 pcp02293346pcs.ptchar01.fl.comcast.net:1214 CLOSING
TCP appy2000:1646 c68.112.134.92.stc.mn.charter.com:1214 CLOSING
TCP appy2000:1651 242850hfc136.tampabay.rr.com:1214 CLOSING
TCP appy2000:1842 12-231-225-70.client.attbi.com:1214 CLOSING
TCP appy2000:1843 OL157-23.fibertel.com.ar:1214 CLOSING
TCP appy2000:1894 ip68-8-219-86.sd.sd.cox.net:1214 CLOSING
TCP appy2000:1897 ip-md-cmbrlnd-68-112-045-178.charterpa.com:1214 CLOSING
TCP appy2000:1901 12-254-45-171.client.attbi.com:1214 CLOSING
TCP appy2000:1960 nycmny1-ar4-4-35-092-165.nycmny1.elnk.dsl.genuity.net:1214 LAST_ACK
TCP appy2000:1999 OL157-23.fibertel.com.ar:1214 CLOSING
TCP appy2000:2019 ilm56-213-107.ec.rr.com:1214 CLOSING
TCP appy2000:2202 CPE00045a6ce02b-CM0080378683f3.cpe.net.cable.rogers.com:1214 CLOSING
TCP appy2000:2229 dhcp065-025-150-150.columbus.rr.com:2799 CLOSING
TCP appy2000:2294 bkhe504xy5xk.ab.hsia.telus.net:1214 CLOSING
TCP appy2000:2323 syru203-206.syr.edu:1796 CLOSING
TCP appy2000:2545 Toronto-HSE-ppp3737689.sympatico.ca:3869 CLOSING
TCP appy2000:2638 pcp818481pcs.nrockv01.md.comcast.net:1127 CLOSING
TCP appy2000:2920 Toronto-HSE-ppp3737689.sympatico.ca:1214 CLOSING
TCP appy2000:2979 CPE00045a6ce02b-CM0080378683f3.cpe.net.cable.rogers.com:1214 CLOSING
TCP appy2000:3028 pcp206627pcs.vineln01.nj.comcast.net:2347 CLOSING
TCP appy2000:3065 12-218-82-156.client.mchsi.com:1214 LAST_ACK
TCP appy2000:3076 CPE014480023303.cpe.net.cable.rogers.com:1214 CLOSING
TCP appy2000:3314 adsl-64-168-76-37.dsl.snfc21.pacbell.net:3461 CLOSING
TCP appy2000:3346 66.8.184.88:1214 CLOSING
TCP appy2000:3499 gso26-138-142.triad.rr.com:1046 CLOSING
TCP appy2000:3595 HSE-QuebecCity-ppp3499420.sympatico.ca:3037 CLOSING
TCP appy2000:3663 HSE-QuebecCity-ppp3499420.sympatico.ca:3037 CLOSING
TCP appy2000:3774 evrtwa1-ar3-4-65-128-094.evrtwa1.dsl-verizon.net:1147 CLOSING
TCP appy2000:3948 S0028139968:1214 LAST_ACK
TCP appy2000:4033 192.168.0.1:telnet TIME_WAIT
TCP appy2000:4038 192.168.0.1:netbios-ssn ESTABLISHED
TCP appy2000:4097 192.168.0.1:telnet TIME_WAIT
TCP appy2000:4158 c-24-98-140-85.atl.client2.attbi.com:1214 CLOSING
TCP appy2000:4160 user-0ccekq8.cable.mindspring.com:3123 LAST_ACK
TCP appy2000:4186 216.26.202.208:1214 LAST_ACK
TCP appy2000:4238 bkhe504xy5xk.ab.hsia.telus.net:1214 CLOSING
TCP appy2000:4306 ACAB0677.ipt.aol.com:1833 CLOSING
TCP appy2000:4414 CPE00045a6ce02b-CM0080378683f3.cpe.net.cable.rogers.com:1214 CLOSING
TCP appy2000:4690 dial1400.wroclaw.dialog.net.pl:1214 CLOSING
TCP appy2000:4745 nycmny1-ar4-4-35-092-165.nycmny1.elnk.dsl.genuity.net:1214 CLOSING
TCP appy2000:4770 cs6668108-123.austin.rr.com:3809 CLOSING
TCP appy2000:4786 Toronto-HSE-ppp3737689.sympatico.ca:3869 CLOSING
TCP appy2000:4794 CPE00045a6ce02b-CM0080378683f3.cpe.net.cable.rogers.com:1214 LAST_ACK
TCP appy2000:4854 ip68-102-204-171.ks.ok.cox.net:1214 CLOSING
TCP appy2000:4950 pcp01699443pcs.nftmyr01.fl.comcast.net:1214 CLOSING
TCP appy2000:4959 bki332huy50x9.ab.hsia.telus.net:1413 CLOSING<hr /></pre>
Hmm, I run netstat once in a while - interesting result today...

Can anyone tell me what the bit after my computer name is btw? Meanwhile I'm off to find the TCP/IP spec

P.

I finally got a chance to run some of the other tests that were recommended here:

Your IP Address
Conclusion: Healthy Setup! We could detect nothing interesting on any of the default ports on your IP address. Your computer appears to be a hard target. Well done!
ALL TCP
FILTERED No response (open or closed) to an open request was received.
ALL UDP
FILTERED No response (open or closed) to an open request was received.


Thanks again,

Dave

Edit: so I guess this means my router is doing what we hoped it was doing.

What about Steve Gibson's "shields up "and its advice about unlinking netbios? Any merit to this?

http://www.grcsucks.com

pace: appy2000:1234 are the port numbers.

Ok...but why are the ports those numbers? I don't recognise them at all. The remote IP : ports are easy (21, 80 and 1214 should be there for web, telnet and iMesh), but why are the ports on my PC counting up? Guess this is just my lack of networking knowledge.

The amount of connections is unusual though - it appears to be every connection I've made recently. I thought I'd ran a little trojan program at first, but I see P2P:1214 in there a lot - which I've been using this past week. Is this just a bug in netstat? How do I clear this?

P.

Here's another site with lots of info on security.



Paul

Well, those are the local ports on your machine. When you connect to a remote machine the application opens a local port and connects that port to the remote port on the remote machine.

For example, when you connect to a web site you should see something like

TCP mymachine:1625 www.msn.com:http ESTABLISHED

I suppose it TCP/IP stakc starts at around 1024 and increments the port number since that is the most likely the simplest way of getting a non-conflicting port address on the local machine.