post the log up and lets take a look
I'm posting a portion of the first page, as most of the key words are repeated
throughout the file which is lengthly. OP is WXP Pro, SP 2
What I'm looking for is who is using my connectivity while I've set no permissions to update. My send/receive goes nuts on occasion and can't detect who's up/down loading.
Exceptions Settings:
File printer Sharing - off
Remote assistance - on
Remote Desktop - off
UPnP Framework - on
"Log dropped packets is - enabled"
"Log successful connections is - disabled"
When "my secret friend" is down/uploading, TaskManager Shows High activity in:
Firefox.exe, svchost.exe, and csrss.exe
#Version: 1.5
#Software: Microsoft Windows Firewall
#Time Format: Local
#Fields: date time action protocol src-ip dst-ip src-port dst-port size tcpflags tcpsyn tcpack tcpwin icmptype icmpcode info path
2008-01-23 13:33:33 DROP UDP 202.97.238.200 216.209.139.45 43962 1026 485 - - - - - - - RECEIVE
2008-01-23 13:34:01 DROP UDP 218.10.137.139 216.209.139.45 47201 1027 485 - - - - - - - RECEIVE
2008-01-23 13:34:43 DROP TCP 216.209.168.73 216.209.139.45 43749 135 52 S 1639133699 0 60352 - - - RECEIVE
2008-01-23 13:35:30 DROP UDP 202.97.238.200 216.209.139.45 44721 1027 485 - - - - - - - RECEIVE
2008-01-23 13:35:30 DROP TCP 209.132.213.151 216.209.139.45 80 1072 40 A 3922545633 4169477860 64989 - - - RECEIVE
2008-01-23 13:35:30 DROP TCP 209.132.213.151 216.209.139.45 80 1072 40 FA 3922545633 4169477860 64989 - - - RECEIVE
2008-01-23 13:35:32 DROP UDP 221.208.208.101 216.209.139.45 45557 1026 486 - - - - - - - RECEIVE
2008-01-23 13:35:42 DROP TCP 209.132.213.151 216.209.139.45 80 1071 1500 A 583959127 3234938155 64367 - - - RECEIVE
2008-01-23 13:35:42 DROP TCP 209.132.213.151 216.209.139.45 80 1071 628 AP 583960587 3234938155 64367 - - - RECEIVE
2008-01-23 13:35:42 DROP TCP 209.132.213.151 216.209.139.45 80 1071 1500 A 583961175 3234938155 64367 - - - RECEIVE
2008-01-23 13:35:42 DROP TCP 209.132.213.151 216.209.139.45 80 1071 628 AP 583962635 3234938155 64367 - - - RECEIVE
2008-01-23 13:35:43 DROP TCP 209.132.213.151 216.209.139.45 80 1071 1500 A 583963223 3234938155 64367 - - - RECEIVE
2008-01-23 13:35:43 DROP TCP 209.132.213.151 216.209.139.45 80 1071 628 AP 583964683 3234938155 64367 - - - RECEIVE
2008-01-23 13:35:43 DROP TCP 209.132.213.151 216.209.139.45 80 1071 1500 A 583965271 3234938156 64367 - - - RECEIVE
2008-01-23 13:35:51 DROP TCP 209.132.213.151 216.209.139.45 80 1074 40 A 2585199913 384599677 64977 - - - RECEIVE
2008-01-23 13:35:51 DROP TCP 209.132.213.151 216.209.139.45 80 1074 40 FA 2585199913 384599677 64977 - - - RECEIVE
2008-01-23 13:36:00 DROP TCP 209.132.213.151 216.209.139.45 80 1073 1500 A 1630649412 3285033617 64351 - - - RECEIVE
2008-01-23 13:36:00 DROP TCP 209.132.213.151 216.209.139.45 80 1073 628 AP 1630650872 3285033617 64351 - - - RECEIVE
2008-01-23 13:36:00 DROP TCP 209.132.213.151 216.209.139.45 80 1073 1500 A 1630651460 3285033617 64351 - - - RECEIVE
2008-01-23 13:36:00 DROP TCP 209.132.213.151 216.209.139.45 80 1073 628 AP 1630652920 3285033617 64351 - - - RECEIVE
2008-01-23 13:36:01 DROP TCP 209.132.213.151 216.209.139.45 80 1073 1500 A 1630653508 3285033617 64351 - - - RECEIVE
2008-01-23 13:36:01 DROP TCP 209.132.213.151 216.209.139.45 80 1073 628 AP 1630654968 3285033617 64351 - - - RECEIVE
2008-01-23 13:36:01 DROP TCP 209.132.213.151 216.209.139.45 80 1073 1500 A 1630655556 3285033618 64351 - - - RECEIVE
2008-01-23 13:36:21 DROP TCP 209.226.111.88 216.209.139.45 58522 135 52 S 583940736
Thanks for the help
Spence