| |

VerySource

 Forgot password?
 Register
Search
VerySource»Forum System / Network / Service / Application / Hardware / Security Security The NETSTAT information is as follows, is it a Troja ...
Return to list New
View: 2189|Reply: 5

The NETSTAT information is as follows, is it a Trojan horse, how to solve it?

[Copy link]
liunan9

1

Threads

1

Posts

2.00

Credits

Newbie

Rank: 1

Credits
2.00

 China
Post time: 2020-1-16 18:00:01
| Show all posts |Read mode
:\Documents and Settings\Administrator> NETSTAT

ctive Connections

 Proto Local Address Foreign Address State
 TCP clx: 1736 59.151.21.101:http ESTABLISHED
 TCP clx: 1738 222.77.179.5:http ESTABLISHED
 TCP clx: 1739 222.77.179.5:http ESTABLISHED
 TCP clx: ms-sql-s 222.39.89.138:1035 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1048 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1144 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1171 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1182 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1214 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1448 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1515 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1550 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1631 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1935 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1979 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:2080 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:2104 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:2137 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:2141 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:2253 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:2260 TIME_WAIT
Reply

Use magic Report

whlw00

0

Threads

1

Posts

2.00

Credits

Newbie

Rank: 1

Credits
2.00

 Japan
Post time: 2020-1-25 23:18:01
| Show all posts
Can't see it!
Reply

Use magic Report

vgf10002

0

Threads

20

Posts

19.00

Credits

Newbie

Rank: 1

Credits
19.00

 China
Post time: 2020-1-26 15:45:02
| Show all posts
NETSTAT -an
Reply

Use magic Report

wjcllove

0

Threads

1

Posts

2.00

Credits

Newbie

Rank: 1

Credits
2.00

 China
Post time: 2020-1-28 00:54:01
| Show all posts
Probably not a Trojan horse
222.39.89.138 This IP address is trying to connect to your server's sqlserver
It is best to block the connection to sqlserver on the firewall, or change the default port of sqlserver and set a strong sa password
Reply

Use magic Report

sniperyb

0

Threads

1

Posts

2.00

Credits

Newbie

Rank: 1

Credits
2.00

 China
Post time: 2020-1-30 20:45:01
| Show all posts
TCP clx: ms-sql-s 222.39.89.138:1035 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1048 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1144 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1171 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1182 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1214 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1448 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1515 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1550 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1631 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1935 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:1979 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:2080 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:2104 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:2137 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:2141 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:2253 TIME_WAIT
 TCP clx: ms-sql-s 222.39.89.138:2260 TIME_WAIT
Estimated to be doing multi-threaded password cracking
Reply

Use magic Report

x790htt

0

Threads

1

Posts

2.00

Credits

Newbie

Rank: 1

Credits
2.00

 China
Post time: 2021-5-15 11:42:29
| Show all posts
Temporarily turn MS-SQL, some people are doing violent cracks
Reply

Use magic Report

Return to list New
Advanced Mode
B Color Image Link Quote Code Smiles
You have to log in before you can reply Login | Register

Points Rules

Contact us|Archive|Mobile|CopyRight © 2008-2023|verysource.com ( 京ICP备17048824号-1 )

Quick Reply To Top Return to the list