Hi, I’ve installed the Dude on a memory stick for “playing around” with it some days before now. Today I connected me to internet and got some alerts from my personal firewall about an application D:.…\Dude.exe which sends packets out (I think it was on port 5032 or so). The programm did NOT run (at least I thought so and I did not find any application in the task manager) I did not install the server as a service and I did not activate any other option which should start any process doing such things, when I leave the Dude main program.
So can anyone tell me, how the firewall saw this strange behaviour (and how did it know about the filename dude.exe)? And how to stop it?
As far as I know, a firewall can only know what program is initialting or responding to a connection if that program is running on the firewall itself. So, did you get the message from the firewall on the machine that was also running dude.exe?
Could also be that the firewall detected traffic on a ‘standard’ Dude port and so assumed it was some Dude service somewhere that was creating the traffic.
Well, then it’s very normal for the firewall to know which process/program is using initiating or receiving the connection. This info is readily available in Windows.
Try this:
Go to the command prompt and type ‘netstat -b’. This will show all your machine’s connections, including the program thats using it. The program is indicated by the PID (Process ID). You can check the PID in Task Manager (if you anable that column through View → Selct Columns…').
Your software firewall can also request such info from windows, just as you can through the command prompt. That’s why a firewall can only get such info about the connections from/to the machine it’s running on itself.