W2K netstat detects port 1433 is listenning but fport does NOT..., can't start mission critical sql server !!!

From: SammyBar (sammybar_at_gmail.com)
Date: 10/14/05

  • Next message: David H. Lipman: "Re: W2K netstat detects port 1433 is listenning but fport does NOT..., can't start mission critical sql server !!!"
    Date: Fri, 14 Oct 2005 13:20:19 -0500
    
    

    Hi all,

    I have a problem with my Sql Server 2000 server. A malware captured the 1433
    port when we restarted the SQL Server service. Now we have some users (that
    uses TCP/IP to connect to the server instead named pipes) that can not
    access to the server. The server is mission critical, can not be reset until
    midnight to eliminate the virus. We want to kill the malware process but we
    can not get the process id of the malware. We tryed with fport last version
    downloaded from Foundstone but it does't lists the 1433 port as being in
    use. But netstat -an clearly shows the 1433 port is listening. The Sql
    Server Log says it could not be binded to 1433. So is it possible fport
    fails to detect a process? Which other way can I use to detect the process
    id of the malware apart of fport?

    Thanks in advance
    Sammy


  • Next message: David H. Lipman: "Re: W2K netstat detects port 1433 is listenning but fport does NOT..., can't start mission critical sql server !!!"