Nmap Development mailing list archives
Re: port 50000
From: flacman Cuteam <flacman () cuteam org>
Date: Tue, 4 May 2010 13:43:41 -0500
Internet/Intranet Input Method Server Framework... yes david, 523 is the ibm DAS (admin) port, but the default "database" port is 50000 sans institute talks about a trojan and ibm-db2 in this port: http://isc.sans.org/port.html?port=50000 I "scan the internet" nmap -iR 50000 -p50000 -sV and just find 13 hosts with this port open and have IBM-db2 (love iR option :P) and other 3 with a tcp-wrapper. and i really can't find much info about iiimsf when i google "port 50000" 2010/5/4 David Fifield <david () bamsoftware com>:
On Sun, May 02, 2010 at 12:18:34AM -0500, flacman Cuteam wrote:hi i've just made an scan and i got this result: 50000/tcp open iiimsf it really was a ibm-db2 (of course, with the -sV option the info is accurate, it apears ibm-db2). I THINK it's more comon to find ibm-db2 in this port than iiimsf.Do you whether the protocol that runs on port 50000 is the same protocol that is on 523 (which is called ibm-db2 in the nmap-services file). Probably ibm-db2 is more common but it would be good to have some evidence to back it up. Does anyone know where iiimsf came from in the first place? David Fifield
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- port 50000 flacman Cuteam (May 03)
- Re: port 50000 David Fifield (May 04)
- Re: port 50000 flacman Cuteam (May 04)
- Re: port 50000 David Fifield (May 06)
- Re: port 50000 flacman Cuteam (May 04)
- Re: port 50000 David Fifield (May 04)