Re: System Idle Process making TCP connections

[John Davison <johndavison () compasseng com>]

It turns out I jumped to conclusions here.  They have some kind of (apparently 
buggy) barcode printing software on this machine.  I didn't realize that the 
idle proc inherits time wait sockets (makes total sense if the owning proc 
dies.)

So it looks like this software was stuck in some kind of a loop that was 
spawning procs that were making socket connections then dying very quickly.  

Thanks the for responses though.

On Friday 07 July 2006 07:47 pm, lee.e.rian () census gov wrote:
> Does TCPView ever show the System Idle Process with any connections in the
> LISTENING or ESTABLISHED state?
>
> All of the System Idle Process connections listed are in the TIME_WAIT
> state - which most probably means that some other process created the
> connection and closed it.  ( I'd guess something trying to talk to
> spoolsv.exe since it's listening on port 6160 )
>
> > Has anyone seen anything like this before?
>
> No, not that many connections in a timed wait state.  But whenever a
> connection is closed it moves to the TIME_WAIT state and TCPView says it's
> owned by [System Process]:0 on my windoze machine.
>
> HTH,
> Lee

-- 
---
John Davison
Compass Engineering Group
email : johndavison () compasseng com

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

mQGiBEShREkRBAC3apDBDVdXXUqWIhOEtqV5ziZ1POKdHJ0pkHNPFTUi+KCWzmVy
qtszWSf0lFit5GyuQk0LhnU+L1nvwu7/sqCnuvK/uHDScgW38FjuPJ2LhLshz2Qw
W89lzhJd55PrP4+baVqUeMxhBJPCGTi9a0vx4VZVXFiP+opG1TgFaRsvbwCgu9iO
IfdpSLsFMc4g7/WOdeid9wcD/2na7++Gu2cWn97FQHTKZ7aV3cRYV3Bz+h0ywbWG
8bO5VIT28+u0cNJ4BJro2NJT7xK1S03eHKi4C44L00hYQ3XA5lDfOeI6RAJyntyP
kpS4UYa2PrwsdXE1tH7FWL1RxI9N/4lf7xVNd37Gnphccoucb/LYQw3g2cgaFM4R
j0+0A/9s2SsLTr+DZmnCTpmbRy84QLTp9LHEwByCyH/olUO2StljS6nT1iKuNVTT
wBBftgOx03qk7CT70mq6R2VPriUpUGVweLTTuNF+wdWisgZqNbEeB6JnfbaciuEZ
JB01vp/srsclsr5XETLN+kSC+dnEBfkgRUWHGU8d2m9BaeKxd7QpSm9obiBEYXZp
c29uIDxqb2huZGF2aXNvbkBjb21wYXNzZW5nLmNvbT6IYAQTEQIAIAUCRKFESQIb
AwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEIe4N0PB1ntvmkwAoJIhqQ+xc9LX
efi1zRngGtvIj/nVAKCLhdSCNUGg0LdAwbelk0G5PhuRF7kCDQREoUSOEAgAoxat
qsUtLv27ePWClRAOJ6ZgphMSFNqsxo39+pWziQCe4jytVOUw2Gs9MeFB3N1OAkXG
Maoxv2Z105GNrtmiYSVgsjeVBvs077CITjGfo0PNP56j+26nV+GWGQUChWdxvqO9
QmhZ2SrXfD3iFVG9BBgS1iaqu62OKUDLwaqE8+r0mToaeHipo7BPP6ew+UcHdGU6
OFlEKHwGQ8vTLsqSLuM4WDd9NZ6fW/z9lHcmrnYTMVpHwq61t93MZO4wcvKac9QA
KiiZkxs16lGSh/i31Qza8qUUtY0hD1YpPuBuwwysq/7JwS4WZJ7hOLHk2ZVvmiKH
B6ivctsJ21kFgvk5mwADBgf/TXdcQfAuN/LzJ0aph2hPeAkQrWaVRZRpd2TbbSaY
c+VuprHAALdZPdbPd/ZYDAANyCVvdEOfRsL/7xzNmEgQx/2EUfErE4acYaWo5kd9
0VOpno6d3OlJL2RlNZ6iufs2kn8ZS6mgXPMfHKN85v2OZJ34Gf9VB7xtN6+F5SQK
0B7Wb47wJdApUotqCTg5WXEJ0juAw1fGXUy9u2WqfSq4si5OtvTay/EMFJPsZ49f
0JfdzgJbvmYYuH0ghLeEvIFnEZcpfbVtKUtNAhHLW6Cze27xY4wx+9uSN22q41kh
RdGr91g64ST7C/mpXiX80rYRo3Vslgnqpq1fJ2XvpSRYgohJBBgRAgAJBQJEoUSO
AhsMAAoJEIe4N0PB1ntvLtUAmwRNrDu1JaYpnfudHCJ6xmO1xhy7AKCq7zA1gmtc
oDiShAq5QiKJP7VQSg==
=usOt
-----END PGP PUBLIC KEY BLOCK-----

Attachment: _bin
Description: