Re: Ports 1985 and 1986

[Joerg Over <over () dexia de>]

Am 17:54 20.05.2003 -0400 teilte Jeff Lane mir folgendes mit:
->This afternoon I noticed a couple connections on a new server
on ports 
->1985 and 1986.  Anyone know what these ports are?

Not by heart, no. And even if I did you should check anyway :)

->sure yet how to track down things like rogue processes, and
which user 
->is doing which, and what is bound to what port on a windows
machine.

You might try sth like a decent personal firewall to check out
and control:
http://www.kerio.com/us/kpf_download.html

The other and faster option would be fport by foundstone.
http://www.foundstone.com/resources/intrusion_detection.htm
This is comparable to netstat/fuser/sockstat stuff.
There's other fine stuff at foundstone's, so browse.
www.sysinternals.com also has nice tools for that feat.

Everything mentioned here is at least free for personal use.

hth, jo

---------------------------------------------------------------------------
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes:  Security +, Check Point, 
Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now!
--UP TO 30% off classes in select cities-- 
http://www.securityfocus.com/Vigilar-security-basics
----------------------------------------------------------------------------