Re: Abnormal activity.

From: Justin Myers (etg_at_sdf.lonestar.org)
Date: 04/02/04

  • Next message: Andrew Hodgson: "RE: Secure host newbie" 
    Date: Thu, 1 Apr 2004 22:02:47 -0600 (CST)
To: "Brendan Halliday" <guardmasta@froggy.com.au>

    > Evening,
    >
    > I may just be oversensitive, but is anyone here receiving mass amounts
    > of connection requests on port 4662?
    >
    > If not, could someone point me to some documentation of what is
    > happening?
    >

    One possible explanation (long version):
    My computer receives many connection requests on port 4662 because that is
    the default port used by the eMule filesharing client (and, by extension,
    probably any other client using that network). In fact, one server to
    which I connected last week told me that I should set the port number in
    the preferences to something different because some ISPs block that one
    (all the legal stuff involving p2p these days).

    Short Version: TCP 4662 is most commonly used by the filesharing app
    eMule. Maybe that's it.

    Hope that helps!

    -----
    Justin Myers
    etg@sdf.lonestar.org
    AIM: Pinoy0130
    -----

    ---------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ----------------------------------------------------------------------------

  • Next message: Andrew Hodgson: "RE: Secure host newbie"

    Relevant Pages

    • FW: Legal? Road Runner proactive scanning.[Scanned]
      ... You consider a port scan to be an attack? ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)
    • RE: locking down snort
      ... When setting up snort the best method is ... Also in larger networks the sniffer management port can sit on the ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)
    • Re: Would you pay more ...
      ... Your missing the end user experience. ... To restrict port usage just seems like another annoyance for more ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)
    • RE: TS Problems? (fwd)
      ... You can use the Vision tool from Foundstone to map the port to the application. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • Re: Questions: nmap, nessus unreliability, setting up a packet capture box, using Impacket
      ... with specified source port). ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ...
      (Pen-Test)