Traffic



Nog
07-10-2005, 02:38 AM
What is the purpose of this traffic?

File Version : 6.0.2900.2180
File Description : Windows Explorer (explorer.exe)
File Path : C:\WINDOWS\explorer.exe
Process ID : 0x87C (Heximal) 2172 (Decimal)

Connection origin : local initiated
Protocol : TCP
Local Address : 192.168.2.36
Local Port : 1699
Remote Name : eu-soft.net
Remote Address : 80.77.80.132
Remote Port : 80 (HTTP - World Wide Web)

Ethernet packet details:
Ethernet II (Packet Length: 76)
Destination: 00-30-bd-4a-03-26
Source: 00-40-05-35-4d-45
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 128
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0x20f8 (Correct)
Source: 192.168.2.36
Destination: 80.77.80.132
Transmission Control Protocol (TCP)
Source port: 1699
Destination port: 80
Sequence number: 4282251465
Acknowledgment number: 0
Header length: 28
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Checksum: 0x8720 (Correct)
Data (0 Bytes)

Binary dump of the packet:
0000: 00 30 BD 4A 03 26 00 40 : 05 35 4D 45 08 00 45 00 | .0.J.&.@.5ME..E.
0010: 00 30 9F 09 40 00 80 06 : F8 20 C0 A8 02 24 50 4D | .0..@.... ...$PM
0020: 50 84 06 A3 00 50 FF 3D : F8 C9 00 00 00 00 70 02 | P....P.=......p.
0030: FF FF 20 87 00 00 02 04 : 05 B4 01 01 04 02 03 6E | .. ............n
0040: 65 74 00 00 01 00 01 00 : 00 00 00 00 | et..........

Mark L. Ferguson
07-10-2005, 02:38 AM
Download MS anti-spyware beta :
http://www.microsoft.com/downloads/details.aspx?FamilyID=321cd7a2-6a57-4c57-a8bd-dbf62eda9671&displaylang=en and read the FAQ -
http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm

The new MS beta for Antispyware has an "Advanced Tools" menu item that allows
you to identify the maker and use of items on the Windows startup list. It's called
"System Explorer" There is also a Very nice "Browser Hijack" feature


--
Mark L. Ferguson
FAQ for Windows Antispy http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm
"Nog" <nognog@adelphia.net> wrote in message news:Uu-dnV8uxeiV2FrfRVn-rg@adelphia.com...
> What is the purpose of this traffic?
>
> File Version : 6.0.2900.2180
> File Description : Windows Explorer (explorer.exe)
> File Path : C:\WINDOWS\explorer.exe
> Process ID : 0x87C (Heximal) 2172 (Decimal)
>
> Connection origin : local initiated
> Protocol : TCP
> Local Address : 192.168.2.36
> Local Port : 1699
> Remote Name : eu-soft.net
> Remote Address : 80.77.80.132
> Remote Port : 80 (HTTP - World Wide Web)
>
> Ethernet packet details:
> Ethernet II (Packet Length: 76)
> Destination: 00-30-bd-4a-03-26
> Source: 00-40-05-35-4d-45
> Type: IP (0x0800)
> Internet Protocol
> Version: 4
> Header Length: 20 bytes
> Flags:
> .1.. = Don't fragment: Set
> ..0. = More fragments: Not set
> Fragment offset:0
> Time to live: 128
> Protocol: 0x6 (TCP - Transmission Control Protocol)
> Header checksum: 0x20f8 (Correct)
> Source: 192.168.2.36
> Destination: 80.77.80.132
> Transmission Control Protocol (TCP)
> Source port: 1699
> Destination port: 80
> Sequence number: 4282251465
> Acknowledgment number: 0
> Header length: 28
> Flags:
> 0... .... = Congestion Window Reduce (CWR): Not set
> .0.. .... = ECN-Echo: Not set
> ..0. .... = Urgent: Not set
> ...0 .... = Acknowledgment: Not set
> .... 0... = Push: Not set
> .... .0.. = Reset: Not set
> .... ..1. = Syn: Set
> .... ...0 = Fin: Not set
> Checksum: 0x8720 (Correct)
> Data (0 Bytes)
>
> Binary dump of the packet:
> 0000: 00 30 BD 4A 03 26 00 40 : 05 35 4D 45 08 00 45 00 | .0.J.&.@.5ME..E.
> 0010: 00 30 9F 09 40 00 80 06 : F8 20 C0 A8 02 24 50 4D | .0..@.... ...$PM
> 0020: 50 84 06 A3 00 50 FF 3D : F8 C9 00 00 00 00 70 02 | P....P.=......p.
> 0030: FF FF 20 87 00 00 02 04 : 05 B4 01 01 04 02 03 6E | .. ............n
> 0040: 65 74 00 00 01 00 01 00 : 00 00 00 00 | et..........
>
>


Traffic