Does Windows NT use TCP port 2000/2001?

From: Devin L. Ganger (devin@thecabal.org)
Date: 10/19/01

Previous message: Andrew Kavanagh: "Terminal Service for Remote Connections"
Next in thread: Eduard Wirch: "AW: Does Windows NT use TCP port 2000/2001?"
Reply: Eduard Wirch: "AW: Does Windows NT use TCP port 2000/2001?"
Reply: Mike Brentlinger: "Re: Does Windows NT use TCP port 2000/2001?"
Reply: Burak DAYIOGLU: "Re: Does Windows NT use TCP port 2000/2001?"
Reply: Jeff Miller: "RE: Does Windows NT use TCP port 2000/2001?"
Reply: H C: "Re: Does Windows NT use TCP port 2000/2001?"
Reply: Margulis, Scott: "RE: Does Windows NT use TCP port 2000/2001?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 18 Oct 2001 16:29:15 -0700
From: "Devin L. Ganger" <devin@thecabal.org>
To: focus-ms@securityfocus.com
Subject: Does Windows NT use TCP port 2000/2001?
Message-ID: <20011018162915.A13488@thecabal.org>

I'm looking over the results of a port scan for a client with a couple
of exposed NT 4.0 boxes, and on both boxes I see that TCP port 2000 is
open; on one box, TCP 2001 is also open.

The most information I've been able to find out about these ports
after a couple of days of digging is that 2000 is "callbook" and
2001 is "dc".

I don't recall seeing these ports open on any other NT box I have
scanned, and I don't have NT boxes ready to hand.

Does anyone know if these are legitimate ports to be open, and if
not, what they're likely to indicate? Neither box is running IIS,
nor are they running any applications in common.

-- 
Devin L. Ganger <devin@thecabal.org>
A man, a miss, a car -- a curve,
He kissed the miss and missed the curve -- Burma Shave (1948)

Previous message: Andrew Kavanagh: "Terminal Service for Remote Connections"
Next in thread: Eduard Wirch: "AW: Does Windows NT use TCP port 2000/2001?"
Reply: Eduard Wirch: "AW: Does Windows NT use TCP port 2000/2001?"
Reply: Mike Brentlinger: "Re: Does Windows NT use TCP port 2000/2001?"
Reply: Burak DAYIOGLU: "Re: Does Windows NT use TCP port 2000/2001?"
Reply: Jeff Miller: "RE: Does Windows NT use TCP port 2000/2001?"
Reply: H C: "Re: Does Windows NT use TCP port 2000/2001?"
Reply: Margulis, Scott: "RE: Does Windows NT use TCP port 2000/2001?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: TCP port 5000 syn increasing
... I have noticed the TCP port 5000's also, and I'm getting a fair amount from ... > Security Linux, the comprehensive security solution that combines six ...
(Incidents)
Re: Info on SMC Barricade
... 24.242.35.125:1025 to UDP port 137 ... Thursday, November 22, 2001 16:43:25 Unrecognized access from ... 213.131.184.204:2048 to TCP port 53 ...
(Security-Basics)
RE: RDC Problem Driving me Mental
... SBS 2003 computer starts using TCP port 3389 before the Terminal Services ... The process that most frequently causes this problem is the Microsoft ... Exchange System Attendant service. ...
(microsoft.public.windows.server.sbs)
Re: [RFC][PATCH 1/1] cxgb3i: cxgb3 iSCSI initiator
... the port stealing approach we've taken has its issues. ... Would the stack provide a TCP port allocation service, we'd be glad to use it to solve the current concerns. ... Hardware designers make the mistake of assuming that firmware management of a TCP port successfully provides the illusion to the OS that that port is simply inactive, and the OS happily continues internetworking its merry way through life. ... Excuse my language, but, what a fucking security and management nightmare in a cross-vendor environment. ...
(Linux-Kernel)
RE: A new hack tool - tcp port 3139 ?
... A new hack tool - tcp port 3139? ... or return channel traffic) to a packet originating from hosts on ...
(Incidents)