Re: Port 8081 mystery
- From: WALI <hkhasgiwale@xxxxxxxxx>
- Date: Wed, 24 Jan 2007 21:03:22 +0400
Thanks guys...it's indeed the ePolicy orchestrator!!
Thanks for all the replies....
At 10:07 AM 1/24/2007 -0500, TheGesus wrote:
On 1/23/07, WALI <hkhasgiwale@xxxxxxxxx> wrote:HI list...
I ran a nmap scan on quite a few machines on my internal subnet and one
port that appears on all those scans, especially the machines that are
still running adequately patched but older Windows 2000 workstations, is
tcp 8081. Though nmap shows this as blackice-icecap port I do not find any
such application running in task manager neither is this installed.
nestat-a just lists this port as 'Listening' and does not list any
application name assigned to it, so why is this port there? Who is using
this? I have ran antivirus scan and spybot checker just to rule out any
Nessus Scan (tis weeks plugin feed) does not show this port listed amongst
Here is the nmap output:
SuSE101:/home/root # nmap -O 192.168.126.245 --osscan-guess
Starting Nmap 4.00 ( http://www.insecure.org/nmap/ ) at 2007-01-23 11:10 GST
Interesting ports on 192.168.126.245:
(The 1667 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
2030/tcp open device2
8081/tcp open blackice-icecap
Device type: general purpose
Running: Microsoft Windows NT/2K/XP
OS details: Microsoft Windows 2000 SP4 or XP SP1
Nmap finished: 1 IP address (1 host up) scanned in 1.107 seconds
Very likely it's McAfee's ePolicy Orchestrator (ePO) agent. Point a
browser at it (http://x.x.x.x:8081) and you should see the activity
- Prev by Date: Re: Port 8081 mystery
- Next by Date: Re: What backup software do you use and like?
- Previous by thread: Re: Highlighting weak password dangers
- Next by thread: Port 8081 mystery