I capture unwanted traffic to ip 64.91.226.82 whois LIQUIDWEB. How do i trace source?

LIQUIDWEB

asked 2017-12-05 06:46:05 +0000

Anonymous

updated 2017-12-05 09:48:50 +0000

grahamb

flag of United Kingdom of Great Britain and Northern Ireland

23835 ●4 ●976 ●227 https://www.wireshark.org

Summary:

1354    164.030569  192.168.0.2 64.91.226.82    TCP 54  0.000073000 41  53843 → 443 [ACK] Seq=1 Ack=1 Win=65700 Len=0

How can i stop this? How to find source on my PC?

Thanks!

edit retag flag offensive close merge delete

add a comment

1 Answer

Sort by » oldest newest most voted

answered 2017-12-06 02:40:51 +0000

Rooster_50

254 ●10 ●21 ●26

Run cmd.exe as administrator and type "netstat -abn". Look for the socket you are inquiring about. The command will also list the executable that created the connection.

edit flag offensive delete link

Comments

Were you capturing from a span or tap? Or was this traffic in an out of your own box?

masonke ( 2017-12-06 23:21:38 +0000 )edit

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2017-12-05 06:46:05 +0000

Seen: 458 times

Last updated: Dec 06 '17

I capture unwanted traffic to ip 64.91.226.82 whois LIQUIDWEB. How do i trace source? edit