on command netstat -na, between others, i'm getting next line:
tcp 0 0 XXX.XXX.XXX.XXX:48746 YYY.YYY.YYY.YYY:80 TIME_WAIT
is this some kind of hacking attempt? can you give me in a few words what number 48746 means.
thank you in advance!
There is nothing in the output that you included with your question that would indicate one way or another regarding whether that particular tcp connection is part of an attempt to crack your machine.
The number 48746 is the port on the local end of the connection, and 80 is the port on the remote end. Since the local port is in the unprivileged range, and the remote port is the standard port for HTTP, I would guess that this is merely an outgoing HTTP connection.
TIME_WAIT indicates that the connection is waiting to make sure that it is really closed.
You may want to read the following for the full explanation:
http://www.developerweb.net/forum/showthread.php?t=2941
No. This simply shows that you are connected (or, rather, were connected) to a web server, possibly as part of a browsing session.
The part of the left (XXX.XXX.XXX.XXX should be your IP) shows the local address of the connection. The part on the right shows the remote address. On each side, the part after the colon is the port number. On the remote side, the port is 80, the port normally used by web servers. On the left, it is a large arbitrary number. Servers tend to use low, well-known ports for incoming connections, but clients making outgoing connections do so on randomly-selected ports between 1025 and 65535.
TIME_WAIT means that it's waiting for the remote side to terminate the connection, so all this means is that your browser was recently talking to a web server at YYY.YYY.YYY.YYY, and it the connection hasn't completely closed down yet, for various reasons.
The only reason to be concerned about this would be if you had not recently been using a web browser. Then it might indicate that something on your machine was surreptitiously contacting a webserver without your knowledge.
As vezult and Tyler have stated, xxx.xxx.xxx.xxx:48746 is the local address, this is the machine you're running netstat on.
xxx.xxx.xxx.xxx:80 is the remote address, this is the remote machine and port that your machine is\was connected to, in this case a web server (Port 80 is HTTP).
TIME_WAIT state: This is part of the connection teardown process and it means that the client (your machine) has sent a FIN (close connection) to the server and is waiting for the server to acknowledge the FIN.
