A porta 546 é uma porta usada pelo IPv6 para DHCP. Dê uma olhada neste artigo da MS
Eu não conectaria esta porta em uso com qualquer atividade suspeita.
Na figura abaixo, como você vê Quando eu escrevo netstat -an
dentro da linha de comando, recebo esta resposta na foto. A última linha é diferente das outras.
Às vezes, eu procuro o comando netstat -an
dentro da linha de comando. Os primeiros 4 caracteres permanecem iguais, fe80
. Outros caracteres nesta linha mudam por um tempo diferente. Além disso, às vezes a última linha é vista às vezes não é vista quando eu consultar o comando netstat -an
. Finalmente, o que isso significa? Existe algum keylogger no meu computador? Isso significa que alguém me observa às vezes?
Minha saída da linha de comando:
C:\Users\ASUS>netstat -an
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1309 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3306 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49156 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49157 0.0.0.0:0 LISTENING
TCP 127.0.0.1:5939 0.0.0.0:0 LISTENING
TCP 127.0.0.1:9990 0.0.0.0:0 LISTENING
TCP 127.0.0.1:23401 0.0.0.0:0 LISTENING
TCP 127.0.0.1:43227 0.0.0.0:0 LISTENING
TCP 192.168.1.42:139 0.0.0.0:0 LISTENING
TCP 192.168.1.42:49185 191.232.139.129:443 ESTABLISHED
TCP 192.168.1.42:49371 199.16.156.21:443 ESTABLISHED
TCP 192.168.1.42:49454 54.225.136.233:443 CLOSE_WAIT
TCP 192.168.1.42:49487 191.232.139.122:443 ESTABLISHED
TCP 192.168.1.42:49544 54.225.136.233:443 CLOSE_WAIT
TCP 192.168.1.42:49545 54.225.136.233:443 CLOSE_WAIT
TCP 192.168.1.42:49546 216.58.209.194:443 ESTABLISHED
TCP 192.168.1.42:49549 216.58.209.195:443 ESTABLISHED
TCP 192.168.1.42:49556 216.58.209.195:443 ESTABLISHED
TCP 192.168.1.42:49569 216.58.209.174:443 ESTABLISHED
TCP 192.168.1.42:49571 185.15.42.42:80 ESTABLISHED
TCP 192.168.1.42:49572 74.125.136.95:80 ESTABLISHED
TCP 192.168.1.42:49574 185.15.42.36:80 ESTABLISHED
TCP 192.168.1.42:49576 185.15.42.36:80 ESTABLISHED
TCP 192.168.1.42:49577 185.15.42.36:80 ESTABLISHED
TCP 192.168.1.42:49578 185.15.42.36:80 ESTABLISHED
TCP 192.168.1.42:49579 185.15.42.36:80 ESTABLISHED
TCP 192.168.1.42:49580 216.58.209.174:80 ESTABLISHED
TCP 192.168.1.42:49586 23.74.205.54:80 ESTABLISHED
TCP 192.168.1.42:49587 195.175.112.152:80 ESTABLISHED
TCP 192.168.1.42:49590 185.15.42.42:80 ESTABLISHED
TCP 192.168.1.42:49591 185.15.42.42:80 ESTABLISHED
TCP 192.168.1.42:49598 216.58.209.205:443 ESTABLISHED
TCP 192.168.1.42:49601 23.74.203.155:443 ESTABLISHED
TCP 192.168.1.42:49602 23.74.203.155:443 ESTABLISHED
TCP 192.168.1.42:49603 23.74.203.155:443 ESTABLISHED
TCP 192.168.1.42:49604 23.74.203.155:443 ESTABLISHED
TCP 192.168.1.42:49605 23.74.203.155:443 ESTABLISHED
TCP 192.168.1.42:49606 23.74.203.155:443 ESTABLISHED
TCP 192.168.1.42:49608 168.61.58.142:443 ESTABLISHED
TCP 192.168.1.42:49609 168.61.58.142:443 ESTABLISHED
TCP 192.168.1.42:49610 168.61.58.142:443 ESTABLISHED
TCP 192.168.1.42:49613 195.175.112.241:80 ESTABLISHED
TCP 192.168.1.42:49614 54.192.95.81:443 ESTABLISHED
TCP 192.168.1.42:49615 72.21.202.25:80 ESTABLISHED
TCP 192.168.1.42:49631 216.58.209.194:443 ESTABLISHED
TCP 192.168.1.42:49644 185.15.42.42:443 ESTABLISHED
TCP 192.168.1.42:49646 216.58.209.206:443 ESTABLISHED
TCP 192.168.1.42:49647 216.58.209.162:80 ESTABLISHED
TCP 192.168.1.42:49648 185.15.42.36:80 ESTABLISHED
TCP 192.168.1.42:49682 216.58.209.163:443 ESTABLISHED
TCP 192.168.1.42:49709 31.13.90.36:443 ESTABLISHED
TCP 192.168.1.42:49712 195.175.112.201:80 ESTABLISHED
TCP 192.168.1.42:49714 195.175.112.201:80 TIME_WAIT
TCP 192.168.1.42:49868 216.58.209.206:443 ESTABLISHED
TCP 192.168.1.42:49941 216.58.209.206:443 TIME_WAIT
TCP 192.168.1.42:49947 216.58.209.163:80 ESTABLISHED
TCP 192.168.1.42:49948 216.58.209.163:80 ESTABLISHED
TCP 192.168.1.42:49949 216.58.209.163:80 ESTABLISHED
TCP 192.168.1.42:49950 216.58.209.163:80 ESTABLISHED
TCP 192.168.1.42:49951 185.15.42.36:80 ESTABLISHED
TCP 192.168.1.42:49952 216.58.209.163:80 ESTABLISHED
TCP 192.168.1.42:49953 216.58.209.163:80 ESTABLISHED
TCP 192.168.1.42:49962 54.192.95.225:443 ESTABLISHED
TCP 192.168.1.42:49969 216.58.209.170:80 ESTABLISHED
TCP 192.168.1.42:49971 74.125.136.95:443 ESTABLISHED
TCP 192.168.1.42:49974 216.58.209.161:443 ESTABLISHED
TCP 192.168.1.42:49975 40.114.151.29:80 ESTABLISHED
TCP 192.168.1.42:49976 40.114.151.29:80 ESTABLISHED
TCP 192.168.1.42:49977 40.114.151.29:80 ESTABLISHED
TCP 192.168.1.42:49978 40.114.151.29:80 ESTABLISHED
TCP 192.168.1.42:49979 40.114.151.29:80 ESTABLISHED
TCP 192.168.1.42:49998 52.30.99.216:80 ESTABLISHED
TCP 192.168.1.42:50014 216.58.209.163:443 ESTABLISHED
TCP 192.168.1.42:50017 52.4.197.142:80 ESTABLISHED
TCP 192.168.1.42:50019 54.154.240.164:80 ESTABLISHED
TCP 192.168.1.42:50020 54.77.71.247:80 ESTABLISHED
TCP 192.168.1.42:50021 54.77.71.247:80 ESTABLISHED
TCP 192.168.1.42:50022 54.77.71.247:80 ESTABLISHED
TCP 192.168.1.42:50024 179.60.192.7:443 ESTABLISHED
TCP 192.168.1.42:50057 81.26.166.11:80 ESTABLISHED
TCP 192.168.1.42:50083 216.58.209.174:443 ESTABLISHED
TCP 192.168.1.42:50086 198.252.206.25:443 ESTABLISHED
TCP 192.168.1.42:50129 216.58.209.163:443 TIME_WAIT
TCP 192.168.1.42:50304 198.252.206.25:443 ESTABLISHED
TCP 192.168.1.42:50364 75.101.140.77:443 TIME_WAIT
TCP 192.168.1.42:50365 75.101.140.77:443 ESTABLISHED
TCP 192.168.1.42:50415 216.58.209.165:443 ESTABLISHED
TCP 192.168.1.42:50417 23.74.192.186:443 ESTABLISHED
TCP 192.168.1.42:50418 216.58.209.168:443 TIME_WAIT
TCP 192.168.1.42:50425 75.101.140.77:443 TIME_WAIT
TCP 192.168.1.42:50427 173.194.65.157:443 ESTABLISHED
TCP 192.168.1.42:50435 216.58.209.196:443 ESTABLISHED
TCP 192.168.1.42:50464 216.58.209.174:443 TIME_WAIT
TCP 192.168.1.42:50470 216.58.209.170:443 TIME_WAIT
TCP 192.168.1.42:50471 173.194.113.31:443 ESTABLISHED
TCP 192.168.1.42:50473 216.58.209.193:443 TIME_WAIT
TCP 192.168.1.42:50481 216.58.209.163:443 TIME_WAIT
TCP 192.168.1.42:50491 216.58.208.97:443 ESTABLISHED
TCP 192.168.1.42:50493 216.58.209.174:443 ESTABLISHED
TCP 192.168.1.42:50495 216.58.209.174:443 TIME_WAIT
TCP 192.168.1.42:50500 216.58.209.206:443 ESTABLISHED
TCP 192.168.1.42:50501 216.58.209.206:443 ESTABLISHED
TCP 192.168.1.42:50506 216.58.209.206:443 TIME_WAIT
TCP 192.168.1.42:50510 74.125.136.189:443 ESTABLISHED
TCP 192.168.1.42:50514 216.58.209.162:443 ESTABLISHED
TCP 192.168.1.42:50516 216.58.209.174:443 TIME_WAIT
TCP 192.168.1.42:50517 216.58.209.194:443 ESTABLISHED
TCP 192.168.1.42:50580 92.45.4.105:443 ESTABLISHED
TCP 192.168.1.42:50581 92.45.4.105:443 ESTABLISHED
TCP 192.168.1.42:50583 216.58.209.194:80 ESTABLISHED
TCP 192.168.1.42:50599 92.45.4.105:443 ESTABLISHED
TCP 192.168.1.42:50608 92.45.4.105:443 ESTABLISHED
TCP 192.168.1.42:50611 92.45.4.105:443 ESTABLISHED
TCP 192.168.1.42:50614 199.16.156.41:443 ESTABLISHED
TCP 192.168.1.42:50615 199.16.156.75:443 ESTABLISHED
TCP 192.168.1.42:50637 216.58.209.193:443 ESTABLISHED
TCP 192.168.1.42:50639 195.175.112.137:80 ESTABLISHED
TCP 192.168.1.42:50641 95.131.122.232:443 ESTABLISHED
TCP 192.168.1.42:50648 50.31.164.175:443 ESTABLISHED
TCP 192.168.1.42:50652 216.58.209.166:443 ESTABLISHED
TCP 192.168.1.42:50653 104.86.246.200:443 ESTABLISHED
TCP 192.168.1.42:50654 63.140.35.160:443 ESTABLISHED
TCP 192.168.1.42:50655 216.58.209.198:443 ESTABLISHED
TCP 192.168.1.42:50669 216.58.209.166:443 ESTABLISHED
TCP 192.168.1.42:50672 216.58.209.168:80 ESTABLISHED
TCP 192.168.1.42:50676 216.58.209.193:443 ESTABLISHED
TCP 192.168.1.42:50677 40.118.20.241:443 ESTABLISHED
TCP 192.168.1.42:50679 198.41.215.67:443 ESTABLISHED
TCP 192.168.1.42:50683 104.28.6.106:443 ESTABLISHED
TCP 192.168.1.42:50689 198.41.215.67:443 ESTABLISHED
TCP 192.168.1.42:50691 104.16.95.65:443 ESTABLISHED
TCP 192.168.1.42:50791 23.111.11.34:80 TIME_WAIT
TCP 192.168.1.42:50792 216.58.209.202:80 TIME_WAIT
TCP 192.168.1.42:50793 40.114.151.29:80 TIME_WAIT
TCP 192.168.1.42:50797 54.192.135.87:80 TIME_WAIT
TCP 192.168.1.42:50799 216.58.209.162:80 TIME_WAIT
TCP 192.168.1.42:50800 216.58.209.162:80 TIME_WAIT
TCP 192.168.1.42:50803 195.175.112.137:80 TIME_WAIT
TCP 192.168.1.42:50806 195.244.32.92:80 TIME_WAIT
TCP 192.168.1.42:50807 195.244.32.92:80 TIME_WAIT
TCP 192.168.1.42:50808 195.244.32.92:80 TIME_WAIT
TCP 192.168.1.42:50809 195.244.32.92:80 TIME_WAIT
TCP 192.168.1.42:50812 83.66.160.22:80 TIME_WAIT
TCP 192.168.1.42:50813 195.175.112.179:80 TIME_WAIT
TCP 192.168.1.42:50814 195.175.112.179:80 TIME_WAIT
TCP 192.168.1.42:50815 46.20.153.237:80 TIME_WAIT
TCP 192.168.1.42:50817 195.175.112.179:80 TIME_WAIT
TCP 192.168.1.42:50818 195.175.112.179:80 TIME_WAIT
TCP 192.168.1.42:50819 195.175.112.179:80 TIME_WAIT
TCP 192.168.1.42:50820 81.26.166.11:80 TIME_WAIT
TCP 192.168.1.42:50821 81.26.166.11:80 TIME_WAIT
TCP 192.168.1.42:50825 2.23.97.60:443 TIME_WAIT
TCP 192.168.1.42:50829 179.60.192.7:80 TIME_WAIT
TCP 192.168.1.42:50830 179.60.192.7:80 TIME_WAIT
TCP 192.168.1.42:50831 195.175.112.137:80 TIME_WAIT
TCP 192.168.1.42:50832 195.175.112.137:80 TIME_WAIT
TCP 192.168.1.42:50833 195.175.112.137:80 TIME_WAIT
TCP 192.168.1.42:50834 195.175.112.137:80 TIME_WAIT
TCP 192.168.1.42:50838 104.16.35.249:80 ESTABLISHED
TCP 192.168.1.42:50841 107.21.125.66:443 TIME_WAIT
TCP 192.168.1.42:50852 195.175.112.106:80 ESTABLISHED
TCP 192.168.1.42:50853 195.175.112.106:80 ESTABLISHED
TCP 192.168.1.42:50854 195.175.112.112:80 ESTABLISHED
TCP 192.168.1.42:50855 195.175.112.112:80 ESTABLISHED
TCP 192.168.1.42:50856 195.175.112.106:80 ESTABLISHED
TCP 192.168.1.42:50869 104.16.24.235:80 ESTABLISHED
TCP 192.168.1.42:50871 94.31.29.230:80 TIME_WAIT
TCP 192.168.1.42:50873 83.66.160.22:80 TIME_WAIT
TCP 192.168.1.42:50874 192.229.233.25:80 TIME_WAIT
TCP 192.168.1.42:50882 216.58.209.170:80 TIME_WAIT
TCP 192.168.1.42:50884 23.111.11.34:80 TIME_WAIT
TCP 192.168.1.42:50891 40.114.151.29:80 TIME_WAIT
TCP 192.168.1.42:50894 23.111.11.34:80 TIME_WAIT
TCP 192.168.1.42:50895 54.182.216.4:80 ESTABLISHED
TCP 192.168.1.42:50896 54.182.216.4:80 TIME_WAIT
TCP 192.168.1.42:50897 104.16.17.35:80 ESTABLISHED
TCP 192.168.1.42:50899 195.175.112.179:80 ESTABLISHED
TCP 192.168.1.42:50901 216.58.209.194:80 TIME_WAIT
TCP 192.168.1.42:50902 216.58.209.194:80 TIME_WAIT
TCP 192.168.1.42:50905 82.199.80.143:80 TIME_WAIT
TCP 192.168.1.42:50906 82.199.80.143:80 TIME_WAIT
TCP 192.168.1.42:50907 82.199.80.143:80 TIME_WAIT
TCP 192.168.1.42:50908 195.175.112.137:80 TIME_WAIT
TCP 192.168.1.42:50909 195.175.112.137:80 TIME_WAIT
TCP 192.168.1.42:50911 46.20.158.25:80 TIME_WAIT
TCP 192.168.1.42:50913 179.60.192.7:80 TIME_WAIT
TCP 192.168.1.42:50914 179.60.192.7:80 TIME_WAIT
TCP 192.168.1.42:50915 195.175.112.179:80 TIME_WAIT
TCP 192.168.1.42:50916 195.175.112.179:80 TIME_WAIT
TCP 192.168.1.42:50917 195.175.112.179:80 TIME_WAIT
TCP 192.168.1.42:50918 195.175.112.179:80 TIME_WAIT
TCP 192.168.1.42:50921 81.26.166.11:80 TIME_WAIT
TCP 192.168.1.42:50922 81.26.166.11:80 TIME_WAIT
TCP 192.168.1.42:50925 195.244.32.81:80 TIME_WAIT
TCP 192.168.1.42:50926 195.244.32.81:80 TIME_WAIT
TCP 192.168.1.42:50927 195.244.32.81:80 TIME_WAIT
TCP 192.168.1.42:50932 195.244.32.81:80 TIME_WAIT
TCP 192.168.1.42:50933 2.23.97.60:443 TIME_WAIT
TCP 192.168.1.42:50938 54.175.54.188:443 ESTABLISHED
TCP 192.168.1.42:50939 5.79.74.36:443 ESTABLISHED
TCP 192.168.1.42:50940 40.118.20.241:443 TIME_WAIT
TCP 192.168.1.42:50944 94.31.29.230:80 TIME_WAIT
TCP 192.168.1.42:50959 23.111.11.34:80 TIME_WAIT
TCP 192.168.1.42:50960 216.58.209.170:80 TIME_WAIT
TCP 192.168.1.42:50961 40.114.151.29:80 TIME_WAIT
TCP 192.168.1.42:50963 54.192.198.230:80 ESTABLISHED
TCP 192.168.1.42:50965 54.192.198.230:80 TIME_WAIT
TCP 192.168.1.42:50966 216.58.209.194:80 TIME_WAIT
TCP 192.168.1.42:50967 216.58.209.194:80 TIME_WAIT
TCP 192.168.1.42:50968 82.199.80.143:80 TIME_WAIT
TCP 192.168.1.42:50969 82.199.80.143:80 TIME_WAIT
TCP 192.168.1.42:50970 195.175.112.137:80 TIME_WAIT
TCP 192.168.1.42:50974 83.66.160.22:80 TIME_WAIT
TCP 192.168.1.42:50975 195.175.112.201:80 TIME_WAIT
TCP 192.168.1.42:50976 216.58.209.194:80 TIME_WAIT
TCP 192.168.1.42:50977 104.16.24.235:80 TIME_WAIT
TCP 192.168.1.42:50978 216.58.209.194:80 ESTABLISHED
TCP 192.168.1.42:50979 81.26.166.70:80 ESTABLISHED
TCP 192.168.1.42:50980 195.175.112.179:80 TIME_WAIT
TCP 192.168.1.42:50981 195.175.112.179:80 TIME_WAIT
TCP 192.168.1.42:50982 195.175.112.179:80 TIME_WAIT
TCP 192.168.1.42:50983 195.175.112.179:80 TIME_WAIT
TCP 192.168.1.42:50984 81.26.166.11:80 TIME_WAIT
TCP 192.168.1.42:50985 81.26.166.11:80 TIME_WAIT
TCP 192.168.1.42:50989 31.13.90.6:80 TIME_WAIT
TCP 192.168.1.42:50990 31.13.90.6:80 TIME_WAIT
TCP [::]:135 [::]:0 LISTENING
TCP [::]:445 [::]:0 LISTENING
TCP [::]:3306 [::]:0 LISTENING
TCP [::]:5357 [::]:0 LISTENING
TCP [::]:49152 [::]:0 LISTENING
TCP [::]:49153 [::]:0 LISTENING
TCP [::]:49154 [::]:0 LISTENING
TCP [::]:49155 [::]:0 LISTENING
TCP [::]:49156 [::]:0 LISTENING
TCP [::]:49157 [::]:0 LISTENING
TCP [::1]:49158 [::]:0 LISTENING
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:4500 *:*
UDP 0.0.0.0:5355 *:*
UDP 0.0.0.0:49154 *:*
UDP 0.0.0.0:49253 *:*
UDP 0.0.0.0:52445 *:*
UDP 0.0.0.0:57103 *:*
UDP 127.0.0.1:1900 *:*
UDP 127.0.0.1:5353 *:*
UDP 127.0.0.1:48200 *:*
UDP 127.0.0.1:52444 *:*
UDP 192.168.1.42:137 *:*
UDP 192.168.1.42:138 *:*
UDP 192.168.1.42:1900 *:*
UDP 192.168.1.42:52443 *:*
UDP [::]:500 *:*
UDP [::]:3702 *:*
UDP [::]:3702 *:*
UDP [::]:3702 *:*
UDP [::]:3702 *:*
UDP [::]:3702 *:*
UDP [::]:3702 *:*
UDP [::]:4500 *:*
UDP [::]:49155 *:*
UDP [::]:49254 *:*
UDP [::]:52446 *:*
UDP [::]:57104 *:*
UDP [::1]:1900 *:*
UDP [::1]:52442 *:*
UDP [fe80::2003:35e3:3f57:fed5%8]:546 *:*
C:\Users\ASUS>
A porta 546 é uma porta usada pelo IPv6 para DHCP. Dê uma olhada neste artigo da MS
Eu não conectaria esta porta em uso com qualquer atividade suspeita.
Tente um
Netstat -anp udp -o
isto mostrará o id do processo de qualquer coisa que esteja usando aquela conexão, então procure por aquele PID na guia de serviços do gerenciador de tarefas.
Não, isso definitivamente não significa que alguém esteja te observando. O que isso significa é que o IPv6 está sendo usado na porta 546.
Vamos descobrir o que está usando a porta 546.
Faça o seguinte:
- Open a command prompt with elevated privileges
- Run Netstat -ano | find "546"
- Look for the PID (this is the Process ID)
- Open up Task Manager
- Go to Processes
- Then go to View > Select Columns > PID
- Now look up the PID number that was output in your Netstat Command.
Este seria o aplicativo usando o endereço IPv6 e o número da porta que você viu. Isso significa simplesmente que um aplicativo específico estava usando essa porta.
Espero que isso ajude!
Tags networking ipv6 netstat keylogger