Re: [H] IP stuff?
J, Thanks for the info re netstat.exe. For the past 2 days I have been scratching my head about your reference to the -b switch. In the w2k version of netstat, the -b switch is not present. I did find the -b switch in the XP version of netstat.exe. And the xp version does show more information than the w2k version. To bad the xp version does not work on w2k. Tried it this am. No problem. From what I am seeing in netstat, all my clients and the server are opsnorml for now. Thank you for your help. Best, Duncan At 00:11 07/26/2007 -0400, j maccraw wrote: This is where netstat -a -b -n comes in handy since it list the process as well as the port# (rather than common service name) so you know exactly what has that port. snip This email scanned for Viruses and Spam by ZCloud.net
Re: [H] IP stuff?
Scott, Ding! Ding! Think may be the simple answer for homer not working. No, I do not believe I have a web server in operation ATM. But, I am not certain either. There may be a web server built into my eset nod32 security app, and I do know that I did use the HTTP setup so my server modules, the mirror, and all clients communicate back and forth using http via port 80. I will confirm this with netstat, but have already seen the server connections for nod32 listed as: 10.0.0.x: - RAC/RAS to client comm channel 10.0.0.x:2223 - client to RAC/RAS comm channel 10.0.0.x:2846 - RAS re-direct should I choose to duplicate the mirror on another server (no plan to do this). More inline below At 19:25 07/24/2007 -0400, you wrote: snip Ok, so 127.0.0.1 is JUST your local computer, accesible only to you-- nobody else can get to that. Yes, understand this. 0.0.0.0 typically means ANY local address for your computer. So your computer at the same time has multiple addresses: 1) localhost -- 127.0.0.1 2) network -- 192.168.1.20 (or whatever your other IP address is) so if a program is listening on 0.0.0.0:25 (port 25), that would mean it would be listening on 127.0.0.1:25 and 192.168.1.20:25 Yes, understand this. Looking at the homer program, it tries to listen on port 80--that is the www / HTTP port. The port that you talk to other computers at when you request webpages. My guess would be that you're already running something that listens on port 80, ie, a web server. This would be a program that you installed or are running. Maybe Apache... Microsoft IIS. Are you running a webserver? Yes, as above, I now believe it is my install of nod32 that has done this! Do not use IIS or Apache either. This I will now investigate. In the end, I am not concerned that homer does not work. It would have been nice to try, but I am not going to take nod32 down just to play with homer. I will continue on with the large Hosts file from mvps.org for now while I do some further research of FireFox... Thank you again. Best, Duncan Scott __ NOD32 2418 (20070725) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com This email scanned for Viruses and Spam by ZCloud.net
RE: [H] IP stuff?
Jim, Perhaps I am guilty of seeking an instant fix. I am sorry. I have dumped homer based on previous comments. Homer can not connect and play with what is already in play. I can deal with that. Tough as that may be. The message you got is prezactly what I got too. Put me off. But I have moved beyond this. NO homer. 4Now. NO, homer was never running in taskmanager. It just quit on the server. Not a huge problem. I think I have some understanding now.. :) Basically I have given up... Best, Duncan 20:10 07/25/2007 -0400, you wrote: Duncan, Did you fire up Taskmanager and check if 'homer' is already running? I had homer running and tried to start another instance of homer. I got the Something is already listening to 127.0.0.1 ... message from the 2nd instance, but the 2nd instance didn't know homer (1st instance) was the listening proggy. On my machine (WIN2K) with no browsers running and homer running, netstat -a returns: C:\Documents and Settings\jrnetstat -a Active Connections Proto Local Address Foreign AddressState TCPjr0:epmap jr0:0 LISTENING TCPjr0:microsoft-ds jr0:0 LISTENING TCPjr0:1025 jr0:0 LISTENING TCPjr0:http jr0:0 LISTENING TCPjr0:netbios-ssnjr0:0 LISTENING UDPjr0:microsoft-ds *:* UDPjr0:1032 *:* UDPjr0:3015 *:* UDPjr0:netbios-ns *:* UDPjr0:netbios-dgm*:* UDPjr0:isakmp *:* UDPjr0:4500 *:* and without homer running and ... Active Connections Proto Local Address Foreign AddressState TCPjr0:epmap jr0:0 LISTENING TCPjr0:microsoft-ds jr0:0 LISTENING TCPjr0:1025 jr0:0 LISTENING TCPjr0:netbios-ssnjr0:0 LISTENING UDPjr0:microsoft-ds *:* UDPjr0:1032 *:* UDPjr0:3015 *:* UDPjr0:netbios-ns *:* UDPjr0:netbios-dgm*:* UDPjr0:isakmp *:* UDPjr0:4500 *:* ... so, at least on this machine, homer is the only app LISTENING on jr0:http. Periodically, netstat -a might show transient things like the following: TCPjr0:3100 mail.tstonramp.com:pop3 TIME_WAIT hth, _jim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of DHSinclair Sent: Monday, July 23, 2007 1:15 PM To: Hardware Group Subject: [H] IP stuff? Is there any way for me to query a given machine to find out who is camped out listening to 127.0.0.1? I am playing with homer. (http://www.funkytoad.com/content/view/14/32/) It will not start because somebody else beats homer to 127.0.0.1 for listening. Yes, this is another progy advised from mvps.org that gives out the hosts files. I am playing ATM. Thanks, Duncan This email scanned for Viruses and Spam by ZCloud.net __ NOD32 2420 (20070725) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com This email scanned for Viruses and Spam by ZCloud.net
Re: [H] IP stuff?
This is where netstat -a -b -n comes in handy since it list the process as well as the port# (rather than common service name) so you know exactly what has that port. nobozoz wrote: Duncan, Did you fire up Taskmanager and check if 'homer' is already running? I had homer running and tried to start another instance of homer. I got the Something is already listening to 127.0.0.1 ... message from the 2nd instance, but the 2nd instance didn't know homer (1st instance) was the listening proggy. On my machine (WIN2K) with no browsers running and homer running, netstat -a returns: C:\Documents and Settings\jrnetstat -a Active Connections Proto Local Address Foreign Address State TCPjr0:epmap jr0:0 LISTENING TCPjr0:microsoft-ds jr0:0 LISTENING TCPjr0:1025 jr0:0 LISTENING TCPjr0:http jr0:0 LISTENING TCPjr0:netbios-ssnjr0:0 LISTENING UDPjr0:microsoft-ds *:* UDPjr0:1032 *:* UDPjr0:3015 *:* UDPjr0:netbios-ns *:* UDPjr0:netbios-dgm*:* UDPjr0:isakmp *:* UDPjr0:4500 *:* and without homer running and ... Active Connections Proto Local Address Foreign Address State TCPjr0:epmap jr0:0 LISTENING TCPjr0:microsoft-ds jr0:0 LISTENING TCPjr0:1025 jr0:0 LISTENING TCPjr0:netbios-ssnjr0:0 LISTENING UDPjr0:microsoft-ds *:* UDPjr0:1032 *:* UDPjr0:3015 *:* UDPjr0:netbios-ns *:* UDPjr0:netbios-dgm*:* UDPjr0:isakmp *:* UDPjr0:4500 *:* ... so, at least on this machine, homer is the only app LISTENING on jr0:http. Periodically, netstat -a might show transient things like the following: TCPjr0:3100 mail.tstonramp.com:pop3 TIME_WAIT hth, _jim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of DHSinclair Sent: Monday, July 23, 2007 1:15 PM To: Hardware Group Subject: [H] IP stuff? Is there any way for me to query a given machine to find out who is camped out listening to 127.0.0.1? I am playing with homer. (http://www.funkytoad.com/content/view/14/32/) It will not start because somebody else beats homer to 127.0.0.1 for listening. Yes, this is another progy advised from mvps.org that gives out the hosts files. I am playing ATM. Thanks, Duncan This email scanned for Viruses and Spam by ZCloud.net Looking for a deal? Find great prices on flights and hotels with Yahoo! FareChase. http://farechase.yahoo.com/
Re: [H] IP stuff?
TCPView - http://www.microsoft.com/technet/sysinternals/Networking/TcpView.mspx Though no one other than local processes can access the loopback IP. From: DHSinclair Is there any way for me to query a given machine to find out who is camped out listening to 127.0.0.1? I am playing with homer. (http://www.funkytoad.com/content/view/14/32/) It will not start because somebody else beats homer to 127.0.0.1 for listening. Yes, this is another progy advised from mvps.org that gives out the hosts files. I am playing ATM. Get the Yahoo! toolbar and be alerted to new email wherever you're surfing. http://new.toolbar.yahoo.com/toolbar/features/mail/index.php
Re: [H] IP stuff?
Opps. I should not have given my answer as a question... That address is internal to your own computer, so it is trying to talk to itself... ??? I can't explain it too well, that is why I quoted Karen (of Karenware)... Who-Is is a couple things, depending on how the term is used. When I do a who-is, I am looking up the owner of an IP address (or Domain). Karen's Who-Is is a program that pretty much automates that process... It is free... http://www.karenware.com/powertools/ptwhois.asp I also use her Hasher program, for making MD5s and such... Rick Glazier - Original Message - From: DHSinclair Rick, at the risk of being really stupid. I just do not know how to answer your question. I think yourself is proper, but just do not know. Sorry, I am not fast enough. Is who is my tool? Best, Duncan At 16:40 07/23/2007 -0400, you wrote: Yourself?
Re: [H] IP stuff?
OK. let me answer all of you collectively, sort of. I suspect I asked a shotgun question. What I have gotten back are laser beams. I am still confused. Hopefully, some of my answers will let you all know where I am. I freely admit that there is much about a server and the www that I do not yet understand. Have books, will read! Rick - Went to Karen'sTools and checked. WhoIs to me is an outbound looking app. I am looking internal to a single LAN client. Nothing I see there is what I am looking for, but I will go back and recheck again. j_maccraw - Thank you for the link to a newer version of tcpview. That did show me some very interesting stuff that just generates more questions, but does not show what I seek 4now. Thank you for the newer version. It is much better that the old version I had been using. Interestingly, I see nothing connected to 127.0.0.1 specifically. I do see lots of internal windows/? stuff connected to 0.0.0.0: ports doing their thing. From what I can see, all looks very normal and placid. Yes, I do see legitimate calls/connections to all my LAN clients (10.0.0.x) from eset's remote admin console and remote admin service. I expect these and they do come and go as I expect them to. Brian Weeden - Brian I do know that the ip addy of 127.0.0.1 is both non-routable and can not be resolved across my home LAN. This is not what I was asking. I am trying to find out who/what is attached to/listening to this internal ip addy in my server that keeps a proggy I am trying to use from working. The proggy is homer from FunkyToad.com. Maybe this proggy is lame. :) Thane - You reply really has me scratching my head. I do not have a router in play (yet). I know that the ip addy is my internal machine loop-back address. But, whenever I try to run the homer proggy, it fails saying someone else is camped out listening to this address. Well, Duh, yea, I would only hope my server (proper) is listening to its' loop-back addy (127.0.0.1). As B4, maybe this homer proggy is truly lame.. :) So, at this point, I may need to query FunkyToad about this and the homer proggy. I will admit that the instructions are sketchy at best, but I am up for a challenge. I only chose this route because this proggy is rated highly via the mvps.org site. And, I am playing with their latest hosts file. I am testing this hosts file as an added bit of protection for IE6. No, I am not ready to dump IE and goto FireFox! FireFox will not allow me to do my banking biz. And, I am not ready for multiple browsers. Besides, this may be a future topic for me as I read about the good/bad from other List Members using FireFox! Best, Duncan This email scanned for Viruses and Spam by ZCloud.net
Re: [H] IP stuff?
On Mon, 23 Jul 2007, DHSinclair wrote: Is there any way for me to query a given machine to find out who is camped out listening to 127.0.0.1? To be more specific, in any IPv4 TCP/IP stack, the whole class-A subnet 127.0.0.0/255.0.0.0 is your PC. http://en.wikipedia.org/wiki/Localhost So, in this instance, you have a program running locally that is binding itself to the same port that homer wants to bind to. http://www.microsoft.com/technet/sysinternals/Networking/TcpView.mspx The above program will help you track down what program is listening on the port you're trying to use for homer. Hope that helps! Christopher Fisk -- Marge: You don't have to join a freak show just because the opportunity came along. Homer: You know, Marge, in some ways you and I are very different people. Homerpalooza
Re: [H] IP stuff?
Christopher, Thank you. I do have and have been using TCPView. Yes, you have correctly got it! Now. I have run TCPView on my server. I see nobody camped out on 127.0.0.1. I do see many internal windows components camped out on 0.0.0.0:. So I suppose my next question is: Does 127.0.0.1 equal 0.0.0.0 ? I will go check the 2d link you gave. Have already been to the 1st link. :) I so apologize for being this dense. I did use to think I had a grasp of this. Perhaps not. The new server is forcing new schooling. Thanks again. Best, Duncan At 16:49 07/24/2007 -0400, you wrote: On Mon, 23 Jul 2007, DHSinclair wrote: Is there any way for me to query a given machine to find out who is camped out listening to 127.0.0.1? To be more specific, in any IPv4 TCP/IP stack, the whole class-A subnet 127.0.0.0/255.0.0.0 is your PC. http://en.wikipedia.org/wiki/Localhost So, in this instance, you have a program running locally that is binding itself to the same port that homer wants to bind to. http://www.microsoft.com/technet/sysinternals/Networking/TcpView.mspx The above program will help you track down what program is listening on the port you're trying to use for homer. Hope that helps! Christopher Fisk This email scanned for Viruses and Spam by ZCloud.net
Re: [H] IP stuff?
You're welcome for the link. There's not just an IP involved here, but also a port. Something else likely is using a port that homer needs to use. You run into this when you try to run more that one of the same kind of client or server software the needs a specific port on a machine. A simple netstat -a -b -n at the command prompt should tell you what ports are occupied on your machine and what Process ID's (PID) is responsible. Not using FF yet? What are you waiting for, an engraved invitation? Need IE for a few sites? Stop running the Iexplore EXE and use FireFox extension IETab to toggle what you are rendering through in FF. I use it all the time to deal with M$ incessant need to validate me using an activeX control when I want to download something. There is no true way to make IE safe for general browsing, no matter what you add on. DHSinclair wrote: j_maccraw - Thank you for the link to a newer version of tcpview. That did show me some very interesting stuff that just generates more questions, but does not show what I seek 4now. Thank you for the newer version. It is much better that the old version I had been using. Interestingly, I see nothing connected to 127.0.0.1 specifically. I do see lots of internal windows/? stuff connected to 0.0.0.0: ports doing their thing. From what I can see, all looks very normal and placid. Yes, I do see legitimate calls/connections to all my LAN clients (10.0.0.x) from eset's remote admin console and remote admin service. I expect these and they do come and go as I expect them to. Brian Weeden - Brian I do know that the ip addy of 127.0.0.1 is both non-routable and can not be resolved across my home LAN. This is not what I was asking. I am trying to find out who/what is attached to/listening to this internal ip addy in my server that keeps a proggy I am trying to use from working. The proggy is homer from FunkyToad.com. Maybe this proggy is lame. :) Thane - You reply really has me scratching my head. I do not have a router in play (yet). I know that the ip addy is my internal machine loop-back address. But, whenever I try to run the homer proggy, it fails saying someone else is camped out listening to this address. Well, Duh, yea, I would only hope my server (proper) is listening to its' loop-back addy (127.0.0.1). As B4, maybe this homer proggy is truly lame.. :) So, at this point, I may need to query FunkyToad about this and the homer proggy. I will admit that the instructions are sketchy at best, but I am up for a challenge. I only chose this route because this proggy is rated highly via the mvps.org site. And, I am playing with their latest hosts file. I am testing this hosts file as an added bit of protection for IE6. No, I am not ready to dump IE and goto FireFox! FireFox will not allow me to do my banking biz. And, I am not ready for multiple browsers. Besides, this may be a future topic for me as I read about the good/bad from other List Members using FireFox! Best, Duncan Fussy? Opinionated? Impossible to please? Perfect. Join Yahoo!'s user panel and lay it on us. http://surveylink.yahoo.com/gmrs/yahoo_panel_invite.asp?a=7
Re: [H] IP stuff?
Yourself? WhoIs Lookup performed by Karen's WhoIs The IP Address 127.0.0.1 falls within the Internet's Private or Reserved IP Address Space. If you have detected this address apparently assigned to a remote computer, the IP address is in error or has been forged. Details: This block is assigned for use as the Internet host loopback address. A datagram sent by a higher level protocol to an address anywhere within this block should loop back inside the host. This is ordinarily implemented using only 127.0.0.1/32 for loopback, but no addresses within this block should ever appear on any network anywhere [RFC1700, page 5]. From: DHSinclair Is there any way for me to query a given machine to find out who is camped out listening to 127.0.0.1? I am playing with homer. (http://www.funkytoad.com/content/view/14/32/) It will not start because somebody else beats homer to 127.0.0.1 for listening. Yes, this is another progy advised from mvps.org that gives out the hosts files. I am playing ATM.
Re: [H] IP stuff?
Rick, at the risk of being really stupid. I just do not know how to answer your question. I think yourself is proper, but just do not know. Sorry, I am not fast enough. Is who is my tool? Best, Duncan At 16:40 07/23/2007 -0400, you wrote: Yourself? WhoIs Lookup performed by Karen's WhoIs The IP Address 127.0.0.1 falls within the Internet's Private or Reserved IP Address Space. If you have detected this address apparently assigned to a remote computer, the IP address is in error or has been forged. Details: This block is assigned for use as the Internet host loopback address. A datagram sent by a higher level protocol to an address anywhere within this block should loop back inside the host. This is ordinarily implemented using only 127.0.0.1/32 for loopback, but no addresses within this block should ever appear on any network anywhere [RFC1700, page 5]. From: DHSinclair Is there any way for me to query a given machine to find out who is camped out listening to 127.0.0.1? I am playing with homer. (http://www.funkytoad.com/content/view/14/32/) It will not start because somebody else beats homer to 127.0.0.1 for listening. Yes, this is another progy advised from mvps.org that gives out the hosts files. I am playing ATM. This email scanned for Viruses and Spam by ZCloud.net
Re: [H] IP stuff?
At 05:14 PM 23/07/2007, DHSinclair wrote: Is there any way for me to query a given machine to find out who is camped out listening to 127.0.0.1? How do you mean? 127.0.0.1 is your local computer. Technically, no one can be listening to it unless you aren't using a router, and then they are listening to your public IP. Unless you have something running on your PC that is phoning home. If you are wondering about connections, try netstat. T
Re: [H] IP stuff?
Putting in 127.0.0.1 into any machine redirects to that machine. It isn't a routable IP so there is no way you can connect to a machine over the WAN using it. -- Brian Find my public PGP key at http://pgp.mit.edu/ On 7/24/07, Thane Sherrington [EMAIL PROTECTED] wrote: At 05:14 PM 23/07/2007, DHSinclair wrote: Is there any way for me to query a given machine to find out who is camped out listening to 127.0.0.1? How do you mean? 127.0.0.1 is your local computer. Technically, no one can be listening to it unless you aren't using a router, and then they are listening to your public IP. Unless you have something running on your PC that is phoning home. If you are wondering about connections, try netstat. T