Security Basics mailing list archives
Re: Port 8081 mystery
From: "George A. Theall" <theall () tifaware com>
Date: Tue, 23 Jan 2007 20:00:15 -0500
On Tue, Jan 23, 2007 at 10:07:26PM +0400, WALI wrote:
I ran a nmap scan on quite a few machines on my internal subnet and one port that appears on all those scans, especially the machines that are still running adequately patched but older Windows 2000 workstations, is tcp 8081. Though nmap shows this as blackice-icecap port I do not find any such application running in task manager neither is this installed. nestat-a just lists this port as 'Listening' and does not list any application name assigned to it,
Since you have access to the box, you may want to try running a tool like SysInternal's TCPView: http://www.microsoft.com/technet/sysinternals/utilities/TcpView.mspx That should tell you which process is listening on that port. From there, you should be able to get a better idea of what it's for.
Nessus Scan (tis weeks plugin feed) does not show this port listed amongst any vulnerability.
Be sure to: 1) Make sure 8081 is included in the port range used for your scans, otherwise Nessus won't test it at all. 2) Make sure you enable "Thorough tests" so that Nessus will look harder for servers on non-standard ports. 3) Make sure you configure the client so that "Test SSL based services" is set to "ALL" so that Nessus will look for SSL-enabled services on non-standard ports. George -- theall () tifaware com
Attachment:
_bin
Description:
Current thread:
- RE: Highlighting weak password dangers, (continued)
- RE: Highlighting weak password dangers Simon W. Hall (Jan 25)
- RE: Highlighting weak password dangers Scott Ramsdell (Jan 26)
- Re: Highlighting weak password dangers Manuel Arostegui Ramirez (Jan 26)
- Re: Highlighting weak password dangers Alexander Bolante (Jan 30)
- Re: Highlighting weak password dangers anesde (Jan 31)
- Message not available
- Re: Port 8081 mystery WALI (Jan 24)
- Port 8081 mystery WALI (Jan 23)
- RE: Port 8081 mystery Gressick, Michael (Jan 24)
- Re: Port 8081 mystery Brian . D . Turk (Jan 24)
- RE: Port 8081 mystery Remad (Jan 24)
- Re: Port 8081 mystery George A. Theall (Jan 24)
- Re: Port 8081 mystery Johnny Wong (Jan 24)
- RE: Port 8081 mystery Sandro, Herpich (Jan 24)
- RE: Port 8081 mystery Christopher A. Libby (Jan 25)