Penetration Testing mailing list archives
Re: tcp port 999
From: "Erik Birkholz" <erik () foundstone com>
Date: Thu, 26 Aug 2004 00:06:09 -0700
Given my 2 assumptions: 1. You own the box 2. You don't think anyone has trojaned netstat.exe. ;) Since it is XP, you should use netstat -ano to determine what application is running on that port. Then break out some google-fu. P.s. Did you try to telnet to port 999 on the box? Nc.exe? Any response? --------------------------------------- (Msg from BlackBerry Wireless Handheld) --------------------------------------- Erik Pace Birkholz - CISSP, MCSE Foundstone, Inc. Strategic Security Read Special Ops and mount an assault to eradicate network negligence today. www.SpecialOpsSeries.com [Tel] 949.297.5591 [Cel] 323.252.5916 [Fax] 949.297.5575 [pgp] https://www.foundstone.com/pgpkeys/erik-birkholz.asc -----Original Message----- From: Gargac. Jeff <jgargac () maryville edu> To: pen-test () securityfocus com <pen-test () securityfocus com> Sent: Wed Aug 25 06:54:14 2004 Subject: tcp port 999 Hi all, I ran nmap across one of my Windows XP SP1 workstations and it report tcp port 999 open with the description of garcon. Does anyone have an idea as to what this is? I've searched google and am unable to find a description. Thanks, Jeff ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------------- ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- tcp port 999 Gargac. Jeff (Aug 25)
- Re: tcp port 999 markzero (Aug 26)
- Re: tcp port 999 Gary H. Jones II (Aug 26)
- Re: tcp port 999 Tomas Sedlak (Aug 28)
- <Possible follow-ups>
- RE: tcp port 999 Ferino Mardo (Aug 26)
- Re: tcp port 999 Erik Birkholz (Aug 26)
- Re: tcp port 999 Mansoor Ahmed (Aug 26)
- Re: tcp port 999 J. Oquendo (Aug 26)