Security Incidents mailing list archives
Re: Port 5552?
From: David Lawson <dlawson () gofilnet com>
Date: Wed, 13 Nov 2002 17:41:10 -0500
ChiliSoft runs its ASP engine starting at port 3000 (and usually has a few listeners about that, on my machine it's listening on 3000, 3001, and 3002) and its web based administration interface on 5000 by default. As far as I know, there'd be no reason for ChiliSoft to be listening on a port that high, certainly not by default. I just nmap'd my ChiliSoft box and it doesn't show anything listening on that particular port, so I think you'll have to look elsewhere for the culprit. :)
--David Lawson Tijl Schoonenberg wrote:
Hmm, ok. But this database seems to try telling me that all ports in the range from 3001 upto 6000 are used for ChilliASP. Of course this is a possibility, but it doesn't seem very plausible to me. Tijl Schoonenberg ----- Original Message ----- From: "Will Munkara-Kerr" <WillM () cs nsw gov au> To: <incidents () securityfocus com> Sent: Monday, November 11, 2002 11:51 PM Subject: RE: Port 5552?I've seen several TCP SYN packets for this port on one of the firewalls I maintain. Grepping through October's logs, I found a few more on another firewall. What I can't find is what uses this port. A Google search came up with Mac error codes and phone numbers. Anybody know? I'm just curious, and I want to put an entry in my /etc/services to have a name for it in the log analysis.http://www.portsdb.org/bin/portsdb.cgi?portnumber=5552&protocol=ANY&String=ChilliASP Asp module for Apache servers...Thanks! Lupe ChristophHope it helps, .will "This message is intended for the addressee named and may contain confidential information. If you are not the intended recipient, please destroy it and notify the sender. Views expressed in this message arethoseof the individual sender, and are not necessarily the views of the Central Sydney Area Health Service." ----------------------------------------------------------------------------This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Port 5552? Lupe Christoph (Nov 11)
- <Possible follow-ups>
- Re: Port 5552? Akkoord voor verzending (Nov 12)
- RE: Port 5552? Will Munkara-Kerr (Nov 12)
- Re: Port 5552? Tijl Schoonenberg (Nov 13)
- Re: Port 5552? David Lawson (Nov 15)
- Re: Port 5552? Tijl Schoonenberg (Nov 13)
- RE: Port 5552? Robb, Bev (Nov 12)