RE: Ports 1985 and 1986

From: Christopher Harrington (charrington_at_syseng.com)
Date: 05/21/03

  • Next message: Zimin, Alex: "RE: Ports 1985 and 1986"
    Date: Wed, 21 May 2003 12:25:10 -0400
    To: "Jeff Lane" <crash@pinehurst.net>, <security-basics@securityfocus.com>
    

    Jeff,

    I would download a copy of Fport from Foundstone. It will tell you what
    application is bound to what port.

    http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcon
    tent=/resources/proddesc/fport.htm

    --Chris

    -----Original Message-----
    From: Jeff Lane [mailto:crash@pinehurst.net]
    Sent: Tuesday, May 20, 2003 5:55 PM
    To: security-basics@securityfocus.com
    Subject: Ports 1985 and 1986

    This afternoon I noticed a couple connections on a new server on ports
    1985 and 1986. Anyone know what these ports are?

    The machine is a win2k web server with Ensim installed, MS SQL Server 7,
    and not much else. It has all the latest updates from MS as well.

    If anyone has any info, or needs more info from me, please let me know.
        Unfortunately, I am a linux admin, not a windows admin, so I am not
    sure yet how to track down things like rogue processes, and which user
    is doing which, and what is bound to what port on a windows machine.

    Thanks
    Jeff

    --
    Jeffrey Lane
    ConnectNC.com / Internet of the Sandhills
    W4KDH@arrl.net
    chown -r us:us /yourbase/
    --------------------------------------------------------------------------
    -
    Thinking About Security Training? You Can't Afford Not To!
    Vigilar's industry leading curriculum includes:  Security +, Check Point,
    Hacking & Assessment, Cisco Security, Wireless Security & more! Register
    Now! --UP TO 30% off classes in select cities--
    http://www.securityfocus.com/Vigilar-security-basics
    --------------------------------------------------------------------------
    --
    
    



  • Next message: Zimin, Alex: "RE: Ports 1985 and 1986"

    Relevant Pages

    • Re: LISTENING, ESTABLISHED, CLOSE_WAIT TCP Ports & UDP Ports?
      ... properties of a process and it will show you what tcp/ip ports and services ... Beyond that I suggest you read the Windows 2003 Server Security Guide to see ...
      (microsoft.public.windows.server.security)
    • Re: Source Code to Filter out WindowsMessenger POP-UPS
      ... > time to get the details I did get about the ports and none ... It does not act as a relay server - at least ... To that I will just add that REAL security - ... > port 80 inbound ...
      (microsoft.public.inetserver.iis.security)
    • Re: Dropping syn+fin replies, but not really?
      ... Now we're required to run external security scans on some of the hosts, and they constantly come back with a "high" or "medium" severity problem: The host replies to TCP packets with SYN+FIN set. ... Since when did "pound ssl proxy" equal "aladdin web server"? ... You can let tcpdump only show specific ports and source/destination ...
      (FreeBSD-Security)
    • Ports 1985 and 1986
      ... This afternoon I noticed a couple connections on a new server on ports ... The machine is a win2k web server with Ensim installed, MS SQL Server 7, ... Unfortunately, I am a linux admin, not a windows admin, so I am not ... Thinking About Security Training? ...
      (Security-Basics)
    • OT: What will he do next?
      ... That was National Security. ... President Bush said Tuesday that a deal allowing an Arab company to take ... Senate Republican Leader Bill Frist urged the administration to ... Ports World, a state-owned business in the United Arab Emirates. ...
      (comp.sys.hp.mpe)