Re: Here's what.
From: remove (@boxfrog.com)
Date: 12/30/02
- Next message: remove: "Re: Increase in port 27374 probes"
- Previous message: remove: "Re: Here's what."
- In reply to: Don Kelloway: "Re: Here's what."
- Next in thread: remove: "Re: Here's what."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: HACKERSWILLBENAILEDTOTHEWALL <"trackers(remove)"@boxfrog.com> Date: Tue, 31 Dec 2002 00:04:15 +0300
Don Kelloway wrote:
> I was bolting out the door at the time of my post and I didn't want to get
> into specifics, but you are correct Mimic.
>
> 127.0.0.1:3001 is associated with "alg.exe", which is the Application Layer
> Gateway. This application/service provides support for 3rd party protocol
> plug-ins for Internet Connection Sharing and the Internet. It is a required
> application/service for Internet Connection Sharing (ICS) or Internet
> Connection Firewall (ICF).
> .
> 127.0.0.1:3002 and 127.0.0.1:3003 is associated with "svchost.exe -k
> netsvcs", which is responsible for applications/services such as AudioSrv,
> BITS, Browser, CryptSvc, Dhcp,
> ERSvc, EventSystem, FastUserSwitchingCompatibility, helpsvc, HidServ,
> LanmanServer, LanmanWorkstation, Netman, Nla, RasMan, Schedule, seclogon,
> SENS, SharedAccess, ShellHWDetection, srservice, TapiSrv, TermService,
> Themes, TrkWks, W32Time, winmgmt, and wuauserv.
>
> In closing, I think the benefit of this exercise is that Tracker was again
> incorrect in her statement(s). More important, these "listening" ports are
> not available to the Internet because they are solely listening on the
> loopback adapter. People should be made aware that the only way a
> connection can be made to a port bound to the loopback adapter is from
> within the system itself. Note from the Internet as Tracker would like
> everyone to think.
>
> --
> Best regards,
> Don Kelloway
> Commodon Communications
> http://www.commodon.com
>
> Visit http://www.commodon.com to learn about Back Orifice, NetBus, SubSeven,
> etc. All of which are "Threats to Your Security on the Internet".
>
> "Mimic" <gn0rty@gn0rties.ville> wrote in message
> news:aur4g9$ipt$1@news7.svr.pol.co.uk...
> > "Don Kelloway" <dkelloway@commodon.com> wrote in message
> > news:gX2Q9.121$vV6.97@tornadotest1.news.pas.earthlink.net...
> > > Yet again another post exemplifying that you have no clue as to what
> > you're
> > > talking about!
> > >
> > > What it really means, is that the user is running Windows XP (Home or
> Pro)
> > > and they've enabled the Application Layer Gateway protection, which uses
> > TCP
> > > ports 3001, 3002 and 3003!
> > >
> > >
> > > --
> > > Best regards,
> > > Don Kelloway
> > > Commodon Communications
> > > http://www.commodon.com
> > >
> >
> > uhuh i said a bit in my post up there ^^, just to point out, ALG.exe only
> > uses port 3001, the other two are used by a service thats running under
> > svchosts.exe
> >
> > --
> > Mimic
> >
> > "Without Knowledge You Have Fear, With Fear You Create Your Own
> Nightmares"
> >
> >
> >
excuse me i never spoke about 127.0.0.1 which has nothing to do with my post.
how nice of you to constantly change the subject. you know i think you might
shortly belong in my plonk file. my time is precious.
sure 30 minutes online a day does take up my 24 hour shift.
tracker
- Next message: remove: "Re: Increase in port 27374 probes"
- Previous message: remove: "Re: Here's what."
- In reply to: Don Kelloway: "Re: Here's what."
- Next in thread: remove: "Re: Here's what."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
