Re: Ports 1985 and 1986

[Jeff Lane <crash () pinehurst net>]

Thanks to everyone who helped.  I tried fport and it does exactly what I 
wanted it to do :)  so thanks a lot.

I havent seen any other connects to those ports since I first posted 
them (the first thing I did was adjust the firewall on this box to block 
all activity on those ports...).  I just opened those ports back up 
again adn hopefully, I will find a connect or two to see what is going 
on wiht them.

This isnt a production server, so I am not too worried about it, but I 
just happend to be running a netstat at the right time and found these 
two odd connections that I had mentioned.

So once again, thank you all!

Jeff


Jeff Lane wrote:
> This afternoon I noticed a couple connections on a new server on ports 
> 1985 and 1986.  Anyone know what these ports are?
>
> The machine is a win2k web server with Ensim installed, MS SQL Server 7, 
> and not much else.  It has all the latest updates from MS as well.
>
> If anyone has any info, or needs more info from me, please let me know. 
>    Unfortunately, I am a linux admin, not a windows admin, so I am not 
> sure yet how to track down things like rogue processes, and which user 
> is doing which, and what is bound to what port on a windows machine.
>
> Thanks
> Jeff


--
Jeffrey Lane
ConnectNC.com / Internet of the Sandhills
W4KDH () arrl net

chown -r us:us /yourbase/



---------------------------------------------------------------------------
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes:  Security +, Check Point, 
Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now!
--UP TO 30% off classes in select cities-- 
http://www.securityfocus.com/Vigilar-security-basics
----------------------------------------------------------------------------