Re: Ports 4162-4335
From: Samuel Lu (samuellu@online.microsoft.com)
Date: 11/30/02
- Next message: Karl Levinson [x y] mvp: "Re: system adman"
- Previous message: bob: "system adman"
- In reply to: Jon: "Re: Ports 4162-4335"
- Next in thread: Jon: "Re: Ports 4162-4335"
- Reply: Jon: "Re: Ports 4162-4335"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: samuellu@online.microsoft.com (Samuel Lu) Date: Sat, 30 Nov 2002 13:07:42 GMT
Hi John,
These ports are not the default ports that are defined by HTTP, FTP, ect.
If the firewall reports there are scans in these ports, are there any more
information the firewall reports?
Thanks.
Regards,
Samuel Lu
Microsoft Online Support Engineer
Get Secure! - www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
From: "Jon" <no@spam.com>
References: <#6VxW8lkCHA.1784@tkmsftngp09>
<Z59#6SMlCHA.1676@cpmsftngxa08>
Subject: Re: Ports 4162-4335
Date: Tue, 26 Nov 2002 00:30:17 -0000
Lines: 42
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Message-ID: <u4MgxMOlCHA.1488@tkmsftngp02>
Newsgroups: microsoft.public.security
NNTP-Posting-Host: pc-80-193-184-176-hw.blueyonder.co.uk 80.193.184.176
Path: cpmsftngxa08!tkmsftngp01!tkmsftngp02
Xref: cpmsftngxa08 microsoft.public.security:12404
X-Tomcat-NG: microsoft.public.security
Hi Sky,
I haven't got these ports open; my firewall caught and reported these
scans.
It was something I haven't seen before and looked similar to a hack.
There were about 180 scans in 15 mins. They started on 4162 and
increased to
4342. Some numbers were skipped and every now and then a 1952 was
thrown in.
The source address varied from DNS servers to video servers to unknown
IPs.
Not really consistant.
Although odd my guess is that this traffic was not malicious as I had
just
inherited a new IP address. Presumably the computer that was using the
address before was some sort of server. But, like you, I haven't found
anywhere which states what uses this ports. They're just listed by
IANA, etc
as "Unassigned".
It's been several days now on the new IP address and I haven't had a
repeat
run. However, I am still curious as to what this traffic is.
If you can find any more info please let me know.
Thanks.
""Sky Ingram [MS]"" <skyingramonline@microsoft.com> wrote in message
news:Z59#6SMlCHA.1676@cpmsftngxa08...
> Hello Jon,
>
> I don't find any information regarding what specifically might
require
> these ports. I also come up empty on research regarding mpnjsc.
> Is there a particular reason that you have these ports open?
>
> Thanks,
> Sky Ingram
> Microsoft Online Support
> Microsoft Corporation
>
> Get Secure! - <www.microsoft.com/security>
>
> This posting is provided "AS IS" with no warranties, and confers no
rights
>
- Next message: Karl Levinson [x y] mvp: "Re: system adman"
- Previous message: bob: "system adman"
- In reply to: Jon: "Re: Ports 4162-4335"
- Next in thread: Jon: "Re: Ports 4162-4335"
- Reply: Jon: "Re: Ports 4162-4335"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
