Security Basics mailing list archives
Re: port 2112
From: Dean_Larson () May-Co com
Date: Fri, 8 Aug 2003 07:56:38 -0500
i did a netstat -a and it showed nothing unusual. i found that strange, as their are thousands of attempted connections out of this pc. "J. Lambrecht" <jl_post@pandora To: <security-basics () securityfocus com>, <Dean_Larson () May-Co com> .be> cc: Subject: Re: port 2112 08/06/2003 05:38 PM Please respond to "J. Lambrecht" check in portlists for possible trojans at that portnbr., as i remember kerberos is somehow attracting attention to one of it's port. Ehr, thought this had something to do with LDAP or some other similarlylike service. Verify wich services there are running at your host wich is initiating (?) the connections. Eventually verify these with reliable service activity on the machine itself. Do you mean you have no way of doing 'netstat -a' or something ? ----- Original Message ----- From: <Dean_Larson () May-Co com> To: <security-basics () securityfocus com> Sent: Wednesday, August 06, 2003 8:12 PM Subject: port 2112
we have a computer trying to contact a computer on the internet
66.7.244.x
on port 2112 /tcp. we've looked at the computer inside our network, but didn't find anything unusual (but we were not able to do a lot of
snooping
on the computer -- politics). i did a google search on found a few programs running on this port, mostly kerberos related. anyone seen this type of activity also? suggestions? thanks for your help
-------------------------------------------------------------------------- -
-------------------------------------------------------------------------- --
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- port 2112 Dean_Larson (Aug 06)
- Re: port 2112 J. Lambrecht (Aug 07)
- <Possible follow-ups>
- Re: port 2112 Dean_Larson (Aug 08)