Overclock.net › Forums › Software, Programming and Coding › Networking & Security › why are there so many foreign connections to my computer?
New Posts  All Forums:Forum Nav:

why are there so many foreign connections to my computer?

post #1 of 11
Thread Starter 
Lately I've been getting a little paranoid about hackers on my computer and did a youtube search for how to see if theres any on your computer. One vid said to type "netstat -ano" into cmd and I did. I referenced the PIDs of the established connections to the processes in my task manager and they all looked normal. However one thing that seemed weird was I had over 50 established connections and the youtube presenter only seemed to have a handful. Is this reason for concern? Is it possible that an attacker could mimic the PID of safe processes in order to snoop around or mess with stuff.
post #2 of 11
I just tried it and I have an absolute ton of forign connections too.
X79-GCN
(22 items)
 
  
CPUMotherboardGraphicsRAM
Intel 3930K 4.5GHz HT GIGABYTE GA-X79-UP4 AMD R9-290X GEil Evo Potenza DDR3 2400MHz CL10 (4x4GB) 
Hard DriveCoolingCoolingCooling
Samsung 840 Pro 120GB EK Supremacy (CPU) NF F12's P/P (360 Rad)  NF A14's (420 Rad)  
CoolingCoolingCoolingCooling
XSPC Chrome Compression Fittings EK RES X3 150 Primochill PremoFlex Advanced LRT Clear 1/2 ID EK-FC (R9 290X) 
CoolingCoolingCoolingOS
EK D5 Vario Top-X  Phobya G-Changer V2 360mm Phobya G-Changer V2 420mm Win 10 x64 Pro 
MonitorKeyboardPowerCase
BenQ XR3501 35" Curved Corsair Vengeance K90 Seasonic X-1250 Gold (v2) Corsair 900D 
MouseAudio
Logitech G400s Senn HD 598 
  hide details  
Reply
X79-GCN
(22 items)
 
  
CPUMotherboardGraphicsRAM
Intel 3930K 4.5GHz HT GIGABYTE GA-X79-UP4 AMD R9-290X GEil Evo Potenza DDR3 2400MHz CL10 (4x4GB) 
Hard DriveCoolingCoolingCooling
Samsung 840 Pro 120GB EK Supremacy (CPU) NF F12's P/P (360 Rad)  NF A14's (420 Rad)  
CoolingCoolingCoolingCooling
XSPC Chrome Compression Fittings EK RES X3 150 Primochill PremoFlex Advanced LRT Clear 1/2 ID EK-FC (R9 290X) 
CoolingCoolingCoolingOS
EK D5 Vario Top-X  Phobya G-Changer V2 360mm Phobya G-Changer V2 420mm Win 10 x64 Pro 
MonitorKeyboardPowerCase
BenQ XR3501 35" Curved Corsair Vengeance K90 Seasonic X-1250 Gold (v2) Corsair 900D 
MouseAudio
Logitech G400s Senn HD 598 
  hide details  
Reply
post #3 of 11
*shrug* nothing abnormal looking here. Sure, I have about 100 connections, but only 20 or so are actually active, and I'm sitting here on OCN, another tab running pandora, steam downloading stuff in the background, chat clients running, and the system is hosting couple VIOP and game servers. All the IPs check out just fine.

I suppose if you had a really barebone system and weren't running anything with a networking component and you still saw more than a handful of connections, you might have cause for concern. For the typical user not so much, and even less so for OCN's heavy users like myself.
Arcane
(33 items)
 
Sanctum
(9 items)
 
Fukurou
(15 items)
 
CPUMotherboardGraphicsGraphics
Core i7 980x GIGABYTE GA-EX58-UD5 MSI RX 480 GAMING X 4GB MSI GeForce GTX 680 Lightning 
RAMHard DriveHard DriveHard Drive
Kingston HyperX T1 Intel X25-M WD Caviar Black FASS Plextor M5S 
Hard DriveHard DriveOptical DriveOptical Drive
WD Velociraptor WD Caviar Black FALS Sony DVD Burner w/ Lightscribe LG Bluray + HDDVD 
CoolingCoolingCoolingOS
Black Ice GTX 360 Black Ice GTX 240 Panaflo High Speed - Push-Pull w/ shrouds Windows 7 Pro (64) 
OSMonitorMonitorKeyboard
Ubuntu (64) X-Star DP2710 ASUS VK266H Black 25.5" 2ms LCD X-Armor U9BL (Mech) 
PowerCaseMouseMouse Pad
EVGA 1000 P2 Cooler Master HAF 932 Razer Deathadder Chroma Cougar Control 
AudioAudioAudioAudio
ATH-A900X Maudio AV-40 Polk PSW-10 Zalman Mic-1 (Clip-on Mic) 
AudioOtherOtherOther
Sound Blaster X7 LE Logitech G13 Wacom Intuos 3 Scythe "3-Foot Switch" 
Other
Modded PS4, PS3, Xbox 360, and Logitech PC Cont... 
CPUMotherboardGraphicsRAM
Ryzen 7 1700 MSI B350M Mortar Arctic GTX 560ti DirectCU II G.Skill TridentZ  
Hard DriveHard DriveOSPower
Samsung EVO 960 Consatellation Windows 10 Pro Corsair HX 1050 
Case
Raijintek Aeneas White Window 
CPUMotherboardRAMHard Drive
Core i5-661 GA-H55-USB3 12GB DDR3 1333 WD Caviar Black AALS 640GB 
Hard DriveHard DriveOptical DriveCooling
WD Caviar Green EARS 2TB Vertex Turbo 60GB (SSD) Samsung Blu-ray, Samsung DVD Burner H50 (With push/pull nocturas) 
OSMonitorKeyboardPower
Windows 10 Professional 64 LG 47inch LED LCD Saitek Eclipse Lite-touch Wireless Seasonic X750 Gold 
CaseAudio
CM690 II Passive bookshelfspeakers + amp. 
  hide details  
Reply
Arcane
(33 items)
 
Sanctum
(9 items)
 
Fukurou
(15 items)
 
CPUMotherboardGraphicsGraphics
Core i7 980x GIGABYTE GA-EX58-UD5 MSI RX 480 GAMING X 4GB MSI GeForce GTX 680 Lightning 
RAMHard DriveHard DriveHard Drive
Kingston HyperX T1 Intel X25-M WD Caviar Black FASS Plextor M5S 
Hard DriveHard DriveOptical DriveOptical Drive
WD Velociraptor WD Caviar Black FALS Sony DVD Burner w/ Lightscribe LG Bluray + HDDVD 
CoolingCoolingCoolingOS
Black Ice GTX 360 Black Ice GTX 240 Panaflo High Speed - Push-Pull w/ shrouds Windows 7 Pro (64) 
OSMonitorMonitorKeyboard
Ubuntu (64) X-Star DP2710 ASUS VK266H Black 25.5" 2ms LCD X-Armor U9BL (Mech) 
PowerCaseMouseMouse Pad
EVGA 1000 P2 Cooler Master HAF 932 Razer Deathadder Chroma Cougar Control 
AudioAudioAudioAudio
ATH-A900X Maudio AV-40 Polk PSW-10 Zalman Mic-1 (Clip-on Mic) 
AudioOtherOtherOther
Sound Blaster X7 LE Logitech G13 Wacom Intuos 3 Scythe "3-Foot Switch" 
Other
Modded PS4, PS3, Xbox 360, and Logitech PC Cont... 
CPUMotherboardGraphicsRAM
Ryzen 7 1700 MSI B350M Mortar Arctic GTX 560ti DirectCU II G.Skill TridentZ  
Hard DriveHard DriveOSPower
Samsung EVO 960 Consatellation Windows 10 Pro Corsair HX 1050 
Case
Raijintek Aeneas White Window 
CPUMotherboardRAMHard Drive
Core i5-661 GA-H55-USB3 12GB DDR3 1333 WD Caviar Black AALS 640GB 
Hard DriveHard DriveOptical DriveCooling
WD Caviar Green EARS 2TB Vertex Turbo 60GB (SSD) Samsung Blu-ray, Samsung DVD Burner H50 (With push/pull nocturas) 
OSMonitorKeyboardPower
Windows 10 Professional 64 LG 47inch LED LCD Saitek Eclipse Lite-touch Wireless Seasonic X750 Gold 
CaseAudio
CM690 II Passive bookshelfspeakers + amp. 
  hide details  
Reply
post #4 of 11
Thread Starter 
Thanks for checking. I think I'm in the same boat as you guys (lots of applications running) and its probably nothing.
post #5 of 11
Just close one program at a time and check netstat -ano after each one close.
You can go the other way round too - no open client/program and open one at a time.
Most connections come from the browser.
Rampage 3 Formula
(23 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 950 Asus Rampage lll Formula EVGA GTX980Ti ACX2.0 12 GB G-Skill 
Hard DriveHard DriveHard DriveOptical Drive
Intel 320 x 3 RAID 0 Seagate ST31000524NS x 2 Intel 520 Memorex 
CoolingOSMonitorMonitor
Corsair H70 Win7U 64-bit Planar PX2611W Planar PX2611W 
KeyboardPowerCaseMouse
Alps Wave Seasonic Platinum 1000W CM Cosmos S Logitech M510 
AudioAudioAudio
SoundBblaster X-FI Titanium HD Sennheiser PC350 Swan M-200 
  hide details  
Reply
Rampage 3 Formula
(23 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 950 Asus Rampage lll Formula EVGA GTX980Ti ACX2.0 12 GB G-Skill 
Hard DriveHard DriveHard DriveOptical Drive
Intel 320 x 3 RAID 0 Seagate ST31000524NS x 2 Intel 520 Memorex 
CoolingOSMonitorMonitor
Corsair H70 Win7U 64-bit Planar PX2611W Planar PX2611W 
KeyboardPowerCaseMouse
Alps Wave Seasonic Platinum 1000W CM Cosmos S Logitech M510 
AudioAudioAudio
SoundBblaster X-FI Titanium HD Sennheiser PC350 Swan M-200 
  hide details  
Reply
post #6 of 11
Just check destination ports. Your source port should be a random high level value for initiated traffic, if you see 80 or 443 on the remote end then it's just the plethora of outbound connections that are created whenever you browse to a website.
Waiting on X399
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II B57 @ X4 3.9 Gigabyte 790FXTA-UD5 Sapphire Radeon 290 8 GB G.Skill 2133 
Hard DriveCoolingOSKeyboard
250 GB 840 EVO Noctua NH-D14 Windows 10 Logitech K350 
PowerCaseMouseMouse Pad
Seasonic x750 Corsair 600T Logitech G100s Razer Goliathus Speed 
Audio
Plantronics Gamecom 788 
  hide details  
Reply
Waiting on X399
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II B57 @ X4 3.9 Gigabyte 790FXTA-UD5 Sapphire Radeon 290 8 GB G.Skill 2133 
Hard DriveCoolingOSKeyboard
250 GB 840 EVO Noctua NH-D14 Windows 10 Logitech K350 
PowerCaseMouseMouse Pad
Seasonic x750 Corsair 600T Logitech G100s Razer Goliathus Speed 
Audio
Plantronics Gamecom 788 
  hide details  
Reply
post #7 of 11
Just checked on my secure network and I've got no foreign connections except for one in Canada... Nothing out of the ordinary. Hmm... wonder what home will bring...

Is there any way to actively close out a network connection or block it from a specific IP?
post #8 of 11
i´m curious too.
post #9 of 11
FYI there's an official tool for Windows called TCPView, it's more convenient for checking on connections than a command-line tool.

HTTP/1.1* is the worst for opening a bunch of connections, especially when it's all third-party "analytics" garbage to spy on your surfing. DNS sinkholing helps to clean up a lot of that crap

*HTTP 2 is designed to multiplex requests over one connection so hopefully things will improve as it becomes commonly used
Black & Green
(12 items)
 
Dev Box
(7 items)
 
 
CPUMotherboardRAMHard Drive
Core2 Duo E7400 Asus P5Q Hyper-X  Sandisk 
OSPower
Fedora 22 Thermaltake 650W 
  hide details  
Reply
Black & Green
(12 items)
 
Dev Box
(7 items)
 
 
CPUMotherboardRAMHard Drive
Core2 Duo E7400 Asus P5Q Hyper-X  Sandisk 
OSPower
Fedora 22 Thermaltake 650W 
  hide details  
Reply
post #10 of 11
Quote:
Originally Posted by Petrol View Post

FYI there's an official tool for Windows called TCPView, it's more convenient for checking on connections than a command-line tool.

HTTP/1.1* is the worst for opening a bunch of connections, especially when it's all third-party "analytics" garbage to spy on your surfing. DNS sinkholing helps to clean up a lot of that crap

*HTTP 2 is designed to multiplex requests over one connection so hopefully things will improve as it becomes commonly used


Would you mind to share your knowledge about DNS sinkholing? I will definetily
browse the web and then report here what i did to my system,

Thanks mate
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › why are there so many foreign connections to my computer?