Re: FW: Connections to Port 5632

[GraffiX <graffix () GRAFFIX TZO COM>]

Welp, when I fire up PCA host in versions 8.x, 9.0, or 9.2, it opens as I
said.  Shutting down the host also shuts down the afore mentioned ports,
including port 22 udp/tcp.  Restarting the host again opens the same ports,
including 22.  Connecting to the host from remote indicates port 22 is
doing the handshake, and then pushing the session up to 5632.

Using TCPView is how I'm making this determination, and it's available at
www.sysinternals.com.

Regardless of what you're seeing, I can tell you with 100% accuracy that
what I've described is happening.  Perhaps asking Symantec would be in
order at this point?  All I know is what I'm seeing, and I'm seeing it on
both upgrades from earlier versions, as well as a clean install of 9.2 on a
bare OS that's never seen PCA.



At 01:18 PM 8/12/00 +0200, you wrote:
> GraffiX wrote To INCIDENTS () SECURITYFOCUS COM:
> > Um, actually, that's incorrect.  Version 9.x of PCA (which includes 9.2,
> > the latest to the best of my knowledge) STILL opens up port 22 tcp/udp, and
> > initiates the connections via port 22.  It also opens up 5631/5632 as you
> > stated, however, it would be incorrect to state that UDP 22 is no longer
> > used by PCA, as it no doubt is still opening the port for connectivity.
> Pretty interesting that my statical NAT for this works w/o 22. In fact
> 22/tcp is used for sshd elsewhere. So.. i cant see 22 in newer PCA!?
>
> ciao
> --
> Philipp Buehler, aka fIpS | sysfive.com GmbH | BOfH | NUCH | <double-p>
>
> %SYSTEM-F-TOOEARLY, please contact your sysadmin at a sensible time.
> Artificial Intelligence stands no chance against Natural Stupidity.