First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

I capture unwanted traffic to ip 64.91.226.82 whois LIQUIDWEB. How do i trace source?

Summary:

1354    164.030569  192.168.0.2 64.91.226.82    TCP 54  0.000073000 41  53843 → 443 [ACK] Seq=1 Ack=1 Win=65700 Len=0

How can i stop this? How to find source on my PC?

Thanks!

anonymous user
asked 2017-12-05 06:46:05 +0000
grahamb's avatar
23.8k
grahamb
updated 2017-12-05 09:48:50 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

Run cmd.exe as administrator and type "netstat -abn". Look for the socket you are inquiring about. The command will also list the executable that created the connection.

Rooster_50's avatar
254
Rooster_50
answered 2017-12-06 02:40:51 +0000
edit flag offensive 0 remove flag delete link
more

Comments

Were you capturing from a span or tap? Or was this traffic in an out of your own box?

masonke's avatar masonke (2017-12-06 23:21:38 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer