Security Incidents mailing list archives

Re: Port 2000, 2002 scans

From: "Stone, Sgt Michael A" <StoneMA () AUSTIN USMC MIL>
Date: Wed, 13 Sep 2000 18:33:15 +0300

Port 2000 is also the default port for the program "Remotely Anywhere".
It is a remote administration tool for windows NT. The program opens up
port 2000 for http. If you want an https connection when -- remotely
administrating -- the I believe the default port for that is 2002.


"L.A. Smith" wrote:


Hello!

I have had hundreds of complaints from one user about port scans on

his PC

for ports 2000 and 2002.  I know 2000 can be used for OpenWin.  I

haven't

been able to get a straight answer from this person about what they're
running but seeing as they use Jammer as their firewall software (heh,

not

my idea!), they must be running Windoze of some sort.  Could someone

shed

some light as to what hundreds of IP addresses would want with their

port

2000 and 2002?

Thanks!

Current thread:

Port 2000, 2002 scans L.A. Smith (Sep 12)
- Re: Port 2000, 2002 scans Elias Levy (Sep 12)
- AW: Port 2000, 2002 scans Roth, Peter (Sep 12)
- Re: Port 2000, 2002 scans Erik Tayler (Sep 12)
- <Possible follow-ups>
- Re: Port 2000, 2002 scans Arnold, Jamie (Sep 12)
  - Re: Port 2000, 2002 scans Erik Tayler (Sep 13)
- Re: Port 2000, 2002 scans Bruce Anhalt (Sep 13)
- Re: Port 2000, 2002 scans Stone, Sgt Michael A (Sep 13)