• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Mysterious Packets

T

TheMafioso

Member
Greetings Everyone,

I have Windows 2000 and Windows XP (Dual Boot) installed on my system.

For some days, in Windows 2000, i'm facing problem that network icon in taskbar is showing constant Network Actvity.In every 2-3 seconds, the network lights in the icon glow for no reason.
So i've installed zone alarm, to check if any spyware, etc is causing the activity.After completing its spyware/antivirus scan, nothing was found.But in "alerts and log" tab of zone alarm, the log viewer for firewall shows, the packets constantly being sent by some IP address(which are also constantly changing).Here's a screenshot of log viewer.
http://img400.imageshack.us/img400/2893/image18jc.jpg

All packets are directed to 6681 port in my system, which i have forwarded few days ago, in my router, for proper working of BitTorrent Client.So i initially thought, its causing the problem, but i don't suffer from this probem in WindowsXP.It happens to me only when i'm using Windows 2000.

A friend aviced me to use, TCPview too see which process are acessing the network, i tired it, but i couldn't make out much from it.Here's its screenshot
http://img218.imageshack.us/img218/4615/image26pp.th.jpg

(The active "vsmon.exe" process belongs to ZoneAlarm, and "BlueSoleil.exe", belongs to the Bluetooth Dongle Drivers on my system, so they shouldn't be a 'cause for concern )

So can anyone tell me, how to stop these packets.

Regards
TM
 
quit forwarding them on your router. I would guess that if you fired up ethereal and grabbed a capture, you would see them in XP too.
 
Okay, i will test with ethereal, but is there any way so that BitTorrent Clients work perfectly and i don't to have to forward ports ?
 
Per your zonealarm logs those are UDP packets showing up.

TCPView or other utilities (like netstat -an) won't show this traffic since UDP is connectionless.

Yes, you are seeing things directed at your port 6881 and zonealarm is blocking it.

If you don't want to see this traffic, block it at your firewall.

It kinda sounds like you want your cake and eat it too. You can't block 6881 and simultaneously listen on it for some app you want to run. One or the other.


 
So u mean its the windows sp2 firewall which is blocking the packets in Windows XP, and thus i don't see it.
Is there any utility, like TCPview, which show which process is causing traffic on UDP ?
 
Originally posted by: TheMafioso
So u mean its the windows sp2 firewall which is blocking the packets in Windows XP, and thus i don't see it.
Is there any utility, like TCPview, which show which process is causing traffic on UDP ?
Click to expand...

ethereal will show you the traffic on the wire. Restrict it in the filter section as much as possible.

Also, do a netstat -an and look for 6881 on the list.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top