Security Basics mailing list archives

RE: Port open - help

From: "dave kleiman" <dave () isecureu com>
Date: Tue, 8 Mar 2005 22:29:28 -0500

Peter,

Have you tried to identify what process is listening on those ports:

Netstat -ano

Tcpview http://www.sysinternals.com/ntw2k/source/tcpview.shtml

Vision
http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subconte
nt=/resources/freetools.htm

CurrPorts http://nirsoft.mirrorz.com/

Regards,
___________________________________________________
Dave Kleiman, CIFI, CISM, CISSP, ISSAP, ISSMP, MCSE

www.SecurityBreachResponse.com www.ComputerForensicInvestigations.com


-----Original Message-----
From: Peter Rodger [mailto:prodger2008 () yahoo com]
Sent: Tuesday, March 08, 2005 13:27
To: security-basics () securityfocus com
Subject: Port open - help

Hi, all

I just use nmap to scan our Citrix servers and found out ports 25 aqnd 110
open through public addresses.
I can use telnet ip 25/110 and ports are open.  But, no 25/110 services are
installed on the Citrix servers.  I used nmap to scan the Citrix servers
using internal IP and ports 25/110 are not open.  We use PIX 500 as a
firewall.

I did not open 25/110 for the Citrix servers on the firewall.  Why are
25/110 ports open and how do I solve them?


Thanks for any help!

Peter




__________________________________
Celebrate Yahoo!'s 10th Birthday!
Yahoo! Netrospective: 100 Moments of the Web
http://birthday.yahoo.com/netrospective/

Current thread:

Port open - help Peter Rodger (Mar 08)
- RE: Port open - help dave kleiman (Mar 09)
- <Possible follow-ups>
- RE: Port open - help Mike (Mar 09)
- RE: Port open - help Peter Rodger (Mar 09)
- RE: Port open - help Beauford, Jason (Mar 09)
- RE: Port open - help Andrew Shore (Mar 09)
- RE: Port open - help Peter Rodger (Mar 09)