Security Incidents mailing list archives
RE: Port Zero
From: "Jim Harrison (ISA)" <jmharr () microsoft com>
Date: Mon, 18 Jul 2005 08:50:07 -0700
This is correct. Netstat is showing you that those listeners are waiting to accept traffic from (Foreign address) any IP (0.0.0.0) and any port (:0). Jim Harrison Security Business Unit (ISA SE) "When you come to a fork in the road, take it." --Yogi Berra -----Original Message----- From: Wimpie du Plessis [mailto:wimpie () issecurity co za] Sent: Sunday, July 17, 2005 11:59 PM To: omibaba () gmail com; incidents () securityfocus com Subject: RE: Port Zero Hi, I would think that it is cause it is listening and therefore it wont know the foreign address source port, thats why it is set to zero, it will accept any src port coming into that listening port. -----Original Message----- From: omibaba () gmail com [mailto:omibaba () gmail com] Sent: Saturday, July 16, 2005 6:14 AM To: incidents () securityfocus com Subject: Port Zero Active Connections Proto Local Address Foreign Address State TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING TCP 0.0.0.0:1028 0.0.0.0:0 LISTENING TCP 0.0.0.0:1054 0.0.0.0:0 LISTENING TCP 0.0.0.0:1307 0.0.0.0:0 LISTENING TCP 0.0.0.0:1344 0.0.0.0:0 LISTENING TCP 0.0.0.0:1445 0.0.0.0:0 LISTENING TCP 0.0.0.0:1447 0.0.0.0:0 LISTENING TCP 0.0.0.0:1452 0.0.0.0:0 LISTENING TCP 0.0.0.0:1453 0.0.0.0:0 LISTENING TCP 0.0.0.0:1455 0.0.0.0:0 LISTENING TCP 0.0.0.0:1460 0.0.0.0:0 LISTENING TCP 0.0.0.0:1465 0.0.0.0:0 LISTENING TCP 0.0.0.0:1466 0.0.0.0:0 LISTENING TCP 0.0.0.0:1469 0.0.0.0:0 LISTENING TCP 0.0.0.0:1491 0.0.0.0:0 LISTENING TCP 0.0.0.0:1496 0.0.0.0:0 LISTENING TCP 0.0.0.0:1498 0.0.0.0:0 LISTENING TCP 0.0.0.0:1507 0.0.0.0:0 LISTENING Above is the output of netstat -an |more Guys / Gals Do you know what means port zero in Windoze Platform ? I know the answer but jst wanted to know anyone has a better explaination. In Unix Family port zero is used for socket programming but not the same in Windoze family. I have asked this question in many programs of mine in CEH - Certfied Ethical Hacking but still awaiting for answers. Lemme see if can get some answers for this post!!!! Ciao Baba CEO Appsec
Current thread:
- Re: Port Zero, (continued)
- Re: Port Zero STRAMBO (Jul 17)
- Re: Port Zero Ron (Jul 17)
- Re: Port Zero Lee Dilkie (Jul 18)
- mysql attack Pall Thayer (Jul 19)
- Re: mysql attack Joel Esler (Jul 19)
- Re: mysql attack W. Guhan Iyer (Jul 19)
- Re: mysql attack Pall Thayer (Jul 21)
- Re: Port Zero Lee Dilkie (Jul 18)
- Re: Port Zero Harlan Carvey (Jul 19)
- Re: Port Zero Andrew Simmons (Jul 19)