Penetration Testing mailing list archives
Re: Opne ports 1863 & 5910 - pentest
From: "Andrew Kuriger" <a.kuriger () liquidphlux com>
Date: Wed, 8 Jul 2009 14:07:42 -0500 (CDT)
Hi Tom, Port 1863 is most commonly used for MSN Messenger (Using UDP) and VNC Server uses port 5910 (Using TCP). My guess would be that the company you are pen testing is using MSN messenger for collaboration and VNC for desktop assistance. You stated these are public IPs and the above would be an extremely bad idea to have the above ports open on the public facing side (Due to vuln in MSN and brute force attacks on VNC and possible VNC vulns). IMO this is fairly uncommon as most companies either use NAT or firewall so these ports are not public facing. I would be worried, but then again I have always been paranoid. ~Andrew On 7/8/2009, "tomright006 () gmail com" <tomright006 () gmail com> wrote:
Hi all, I have just started my information security career & I am doing pentest on pool of some public IP's as my first assignment in Pentest. During pentest I found that port 1863 & port 5910 are common for most of the IPs's ( In fact almost all). I would like to know if anyone come across such situation while doing pentest in past. Thanks Tom Right Security Engineer ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Opne ports 1863 & 5910 - pentest tomright006 (Jul 08)
- RE: Opne ports 1863 & 5910 - pentest John Perea (Jul 08)
- RE: Opne ports 1863 & 5910 - pentest Shenk, Jerry A (Jul 08)
- Re: Opne ports 1863 & 5910 - pentest jlay (Jul 08)
- Re: Opne ports 1863 & 5910 - pentest Andrew Kuriger (Jul 08)
- RE: Opne ports 1863 & 5910 - pentest Gorgon Beast (Jul 08)
- Re: Opne ports 1863 & 5910 - pentest JiPi DiNi (Jul 08)
- Re: Opne ports 1863 & 5910 - pentest Campbell Murray (Jul 09)