Hi everyone, Trying to learn how to check on the legitimacy of what's running on my Network Services. I've installed an application named 'autoruns' which lists the Network Service it scans and reports, and I've also used the DOS command of netstat -a which provides me a list of connections that it scans and reports. Towards beginning to use these utilities (w/my currentl level of knowledge) so as to monitor/verify what's going in/out of my computer, one of my first attempts at tracing what something is (etc.), I'm stopped at the point where I find that network connection is reported as (I'm only guessing now) as using port 137 (i.e.; Protocol: UDP, Executable: tcpsvcs.exe, Local: MyComputerName : 137). Unlike many other of my reported network connections, this one has nothing listed for "remote", likely as it is soley an internal thing and actually is not sending or receiving anything over the internet. Correct? As for my understanding what other network connections are accessing the internet, where other reported network connections show reported details indicating "remote" ('IP'?) addresses (e.g.; 207.241.234.218 : 20), from what I understand, by using WHOIs, this can point me in the direction of either what company or individual is assigned to that IP (somewhat understandably, this's not always true). Have I got the general gist of this right so far? Anyway, without wanting or necessarily needing to get a information technologies degree, I'm looking for some rudementary guidance so as to help me use the tools I mentioned if only to feel better about knowing what's going out and coming into my computer, not to mention understand more about this often mysterious machine. Thanks in advance for any pointers or even links. Regards and hap-e-trails, Steve Hopper

Steve, The first thing you need to do is learn what ports are assigned to what. A simple search on Google for “TCP port list” should give you the info you need. (Such as port 137. That is the listening port for netbios protocol.) I don’t know why you are trying to track down all this info, but I know you have been doing this for some time. The only reason I can think of going to this extent would be if you think your PC is being compromised by an outside source. Do you have a good reason to think that it is? If your running up to date anti virus and firewall software then I suggest you let them do their job. (Don’t try to fix something that isn't broken, or it will soon need to be fixed.)