23 Sep
2025
23 Sep
'25
5 p.m.
On Tue, 23 Sept 2025 at 16:47, CAREY SCHUG via Talk <talk@lists.gtalug.org> wrote:
what I need to know is who is talking to all those weird ports and how do I stop it.
My guess is that unless the machine you took the Wireshark trace on is the one causing your problems, you don't want to stop any of that stuff. Note that if a system is compromised, the malicious software will tend to use standard ports like 80 (HTTP) or 443 (HTTPS) to make it more likely that firewalls along the path won't block it. -- Scott