Open Ports on 2003 Server (No firewall)
From: Bruce Vander Werf (bvanderw-news5021_at_mailblocks.com)
Date: 08/24/04
- Previous message: Steven L Umbach: "Re: Win2003 encryption"
- Next in thread: Steven L Umbach: "Re: Open Ports on 2003 Server (No firewall)"
- Reply: Steven L Umbach: "Re: Open Ports on 2003 Server (No firewall)"
- Reply: Jeff Cochran: "Re: Open Ports on 2003 Server (No firewall)"
- Reply: Karl Levinson [x y] mvp: "Re: Open Ports on 2003 Server (No firewall)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 23 Aug 2004 21:40:27 -0500
We have been having some problems with a hacker on a new 2003 Server.
The server is not behind any type of firewall - it has a direct
connection to the Internet.
The following ports appear to be open:
21: FTP
80: HTTP
445: Microsoft-DS, SMB over TCP
1025: network blackjack, System V R3 listener (uucp)
1026: MSTASK/Remote Login Network Terminal, nterm
1027:
1028:
1030: BBN IAD
1031: InetInfo, BBN IAD
1032: InetInfo, BBN IAD
3306: MySQL
3389: MS Terminal Server
13782: VERTIAS NetBackup
The program names are what is being reported to us by a couple of
different port scanners.
Of these, we know FTP, HTTP, MySQL, and MS Terminal Server (Remote
Desktop) are installed. Veritias NetBackup is also installed.
What I don't know about are 445, 1025-1028, and 1030-1032. Can someone
shed some light on what is listening on these ports and why they might
need to be open?
FWIW, it appears the hacker is using this box to store files.
--Bruce
- Previous message: Steven L Umbach: "Re: Win2003 encryption"
- Next in thread: Steven L Umbach: "Re: Open Ports on 2003 Server (No firewall)"
- Reply: Steven L Umbach: "Re: Open Ports on 2003 Server (No firewall)"
- Reply: Jeff Cochran: "Re: Open Ports on 2003 Server (No firewall)"
- Reply: Karl Levinson [x y] mvp: "Re: Open Ports on 2003 Server (No firewall)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
