Re: heavy traffic on port 1025
From: Doug Knox MS-MVP (dknox_at_mvps.org)
Date: 07/31/04
- Next message: Star Fleet Admiral Q: "Re: WinXP Firewall (Home Edition)"
- Previous message: Star Fleet Admiral Q: "Re: xp-sp2 rpc authentication ?"
- In reply to: Star Fleet Admiral Q: "Re: heavy traffic on port 1025"
- Next in thread: Erwin Michiels: "Re: heavy traffic on port 1025"
- Reply: Erwin Michiels: "Re: heavy traffic on port 1025"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 31 Jul 2004 01:21:03 -0400
I don't see why, if he's one of these experiencing this issue, he doesn't use
NETSTAT -A -B
To see what program is trying to access port 1025. It may be task scheduler, but I doubt it. Probaly something that's running as a task.
-- Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart Display Win 95/98/Me/XP Tweaks and Fixes http://www.dougknox.com -------------------------------- Per user Group Policy Restrictions for XP Home and XP Pro http://www.dougknox.com/xp/utils/xp_securityconsole.htm -------------------------------- Please reply only to the newsgroup so all may benefit. Unsolicited e-mail is not answered. "Star Fleet Admiral Q" <Star_Fleet_Admiral_Q(NO-SPAM)@(FORGET-SPAM)hotmail.com> wrote in message news:%23LGQwzrdEHA.1356@TK2MSFTNGP09.phx.gbl... > Question - if task scheduler is using port 1025, then why are you > telling everyone to block all the other ports 1024 and 1026-65535? > They may have other important applications running on those ports and > what you've told them just broke them - and yes, most people on these > groups are not "tech savey" so next there will be a post "My > such-n-such all of sudden quit working" - be mindful of your audience > when suggesting. > > -- > > Star Fleet Admiral Q @ your service > -------------------------------------------------------- > "Erwin Michiels" <ErwinMichiels@discussions.microsoft.com> wrote in > message news:E2B7FF8B-0FC3-47FF-A25F-03C32B19F0A1@microsoft.com... >> Many people seem to have noticed heavy traffic on port 1025. This > traffic is caused by the task scheduler service hosted by svchost.exe. > This service opens port 1025 by default. There are two ways to block > this traffic: >> >> 1) disable task scheduler service and reboot; be aware it is > possible that prefetch, system restore and bootvis won't work properly > anymore; >> >> 2) deny inbound traffic for svchost.exe using TCP on the local ports > 1024-65535; you can use a firewall like Agnitum Outpost 1.0 (freeware) > to configure your system this way ( > http://www.agnitum.com/download/outpost1.html ). >> >> To exploit task scheduler listening on port 1025, you can even > download a tool from the net: remoxec from > http://www.securityfriday.com/tools/Remoxec.html . This explains > probably the amount of scans of port 1025. > >
- Next message: Star Fleet Admiral Q: "Re: WinXP Firewall (Home Edition)"
- Previous message: Star Fleet Admiral Q: "Re: xp-sp2 rpc authentication ?"
- In reply to: Star Fleet Admiral Q: "Re: heavy traffic on port 1025"
- Next in thread: Erwin Michiels: "Re: heavy traffic on port 1025"
- Reply: Erwin Michiels: "Re: heavy traffic on port 1025"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
