How Can I Tell If I'm Being Hacked in Command Prompt?

There are various ways to see if you have been hacked. Using the Command Prompt, you can run a command utility that checks for all incoming and outgoing connections to your computer. By checking all the established connections, you can determine if a hacker might be connected to your computer. For a simple test, this can be quite difficult to understand and so it is not advised for beginners.

Step 1

Click "Start," then type "cmd" into the quick search. Right-click the app link and click "Run as administrator."

Step 2

Type "netstat -an" and press "Enter." Wait a few moments for the utility to run.

Step 3

Look through the results in the command-line tool "netstat" (network statistics). The first column tells you the type of connection, the second shows you the local address, the third the foreign address, and the final column shows the status of the connection.

Step 4

Check the port numbers for an intrusion. The port numbers follow the IP or server address in the following format: ":XXXXX." Ports between 0 and 1023 are safe; ports between 1024 and 49151 are relatively safe; and you should be suspicious of ports between 49152 and 65535. Certain peer-to-peer software applications use the final port range, so close any P2P software and scan again.

Step 5

Check suspicious IP addresses by looking in the third column. The foreign address refers to the location of the connection destination. Use a search engine to search through these IPs to see if they match up with programs, such as Windows Live Messenger.

references & resources