What is this port? is it a trojan?

From: Hyperion (nemesis_at_croasdalepreston.fsnet.co.uk)
Date: 06/30/03

  • Next message: alex.mole_at_realtimeworlds: "RE: Oh Dear, Where to start?!" 
    To: "Security Basics Mailing List" <security-basics@securityfocus.com>
Date: Mon, 30 Jun 2003 17:52:04 +0100

    Hello all :)

     I have been taking a more detailed interest in my pc's security of late,
    and security for computers in general, and I am learning at quite a fast
    rate, although there is a great, great deal of information to learn out
    there.

     Just recently I have taken to doing regular, netstat - probes on my machine
    to see the different connections that arise and so forth.
     Today I found a rather mysterious port with the number, 44334 and I have
    copied/paste the results of the netstat -an below for people to look at.
     Is the port in question, -44334- a Trojan? it strikes me as a rather
    suspicious port and a rather large port number.
     Could anyone tell me how I can find out what's running behind the port in
    question, and also what to do about it if it is a port.
     I have run my virus software, but it did not find any viruses or Trojans
    installed on my machine, so I am at a loss as to what to do.
    I am also very limited in my security knowledge, so I am basically stuck for
    the necessary ideas or solutions on what to do in order to find out what's
    behind this port.
    Any and all help is greatly appreciated thanks.

    Details of netstat below::

    Active Connections

      Proto Local Address Foreign Address State
      TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
      TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
      TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
      TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING
      TCP 0.0.0.0:1038 0.0.0.0:0 LISTENING
      TCP 0.0.0.0:5000 0.0.0.0:0 LISTENING
      TCP 0.0.0.0:44334 0.0.0.0:0 LISTENING
      TCP 127.0.0.1:110 0.0.0.0:0 LISTENING
      TCP 127.0.0.1:1279 127.0.0.1:110 TIME_WAIT
      TCP 217.135.174.224:1280 195.92.193.154:110 TIME_WAIT
      UDP 0.0.0.0:445 *:*
      UDP 0.0.0.0:500 *:*
      UDP 0.0.0.0:1036 *:*
      UDP 0.0.0.0:44334 *:*
      UDP 127.0.0.1:123 *:*
      UDP 127.0.0.1:1900 *:*
      UDP 217.135.174.224:123 *:*
      UDP 217.135.174.224:1900 *:*

    My Regards
    Hyperion

    ---------------------------------------------------------------------------
    Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
    The Gartner Group just put Neoteris in the top of its Magic Quadrant,
    while InStat has confirmed Neoteris as the leader in marketshare.
         
    Find out why, and see how you can get plug-n-play secure remote access in
    about an hour, with no client, server changes, or ongoing maintenance.
              
    Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
    ----------------------------------------------------------------------------

  • Next message: alex.mole_at_realtimeworlds: "RE: Oh Dear, Where to start?!"
    • Quantcast