Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Ports still bound on W2K?

From: Don Tuer <Don_Tuer () dtaadv on ca>
Date: Thu, 18 Jan 2001 04:45:32 -0500
Hi:

        I'm still fighting with open ports on my web server, W2K. I have
created TCP/IP filters to only let in 25,53, and 80. Yet NMAP shows the
following ports open. 


Port       State       Service
25/tcp     open        smtp
53/tcp     open        domain
80/tcp     open        http
389/tcp    open        ldap             <- issue #1
1002/tcp   open        unknown  <- issue #2

What I have done:
        Run TCPView     - does not show either of these ports open
        Run Fport - does not show either of these ports open
        Run Netstat - does not show either of these ports open

        Telnet to these ports, I get the following:

bash-2.04$ telnet myhost.com  389
Trying 64.231.73.171...
Connected to myhost.com.
Escape character is '^]'.
Connection closed by foreign host.
bash-2.04$ telnet myhost.com 1002
Trying 64.231.73.171...
Connected to myhost.com.
Escape character is '^]'.
Connection closed by foreign host.
bash-2.04$
        
Port 389 is the LDAP port but this server does not run Active Directory.
Port 1002 is unknown.

Question: Does anyone know of any other way to identify what services have
these ports open?

Thanks

Don
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: