Penetration Testing mailing list archives

Re: Strange ports

From: Christine Kronberg <seeker () shalla de>
Date: Fri, 22 Jun 2007 11:30:34 +0200 (CEST)

On Thu, 21 Jun 2007, R. DuFresne wrote:

Without port 53, networking in any real fashion would be pretty toughwithout a vast memory of all existing IP address-space.


  This depends who is in charge of running the dns servers.
  Some companies do it themselves others let their providers
  do the job for them.

  Cheers,

  Christine Kronberg.

On Tue, 19 Jun 2007, zion wrote:

 Hi Killy,

 I am not sure if even port 53 needs to be open, It all depends on what
 service do you want to offer to the world. so you need to see if your
 organizations is offering this service to the world e.g. 3389 terminal
 service for the world to see ? you may need to contact some one in
 your organizations to ask if they need those services from the
 internet ?

 Hope i have been of some help.

 Regards
 Zion


 killy wrote:

> Scanning my external firewall(at work), I (yes, it is my job to)> find this:>>> PORT STATE SERVICE

>  53/tcp   open     domain

>> 1029/tcp open ms-lsa

>  1032/tcp open     iad3

>> 3389/tcp open ms-term-serv>>> Why would 1029 and 1032 need to be open from the outside?>> -Kill>>

 ------------------------------------------------------------------------
 This List Sponsored by: Cenzic

 Are you using SPI, Watchfire or WhiteHat?
 Consider getting clear vision with Cenzic
 See HOW Now with our 20/20 program!

 http://www.cenzic.com/c/2020
 ------------------------------------------------------------------------

- --~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

       admin & senior security consultant:  sysinfo.com
                       http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

....We waste time looking for the perfect lover
instead of creating the perfect love.

               -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFGesO8st+vzJSwZikRAi53AJ9KoHNt1Q6ZBik5kDwrAmjCVqPW/QCgzr43
LMmZxZoU/JrXBGPMPhssKxM=
=Gz9z
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

Current thread:

Strange ports killy (Jun 18)
- RE: Strange ports Erin Carroll (Jun 19)
- Re: Strange ports Jason Barbier (Jun 19)
  - Message not available
    - Re: Strange ports StaticRez (Jun 19)
- Re: Strange ports zion (Jun 19)
  - Re: Strange ports R. DuFresne (Jun 21)
    - Re: Strange ports Christine Kronberg (Jun 22)
- Re: Strange ports Tim Shea (Jun 19)
- Re: Strange ports killy (Jun 24)
- <Possible follow-ups>
- Re: Strange ports ebk_lists (Jun 19)
- Re: Re: Strange ports brian . marino (Jun 22)
  - Re: Re: Strange ports Tim Shea (Jun 22)
  - Re: Re: Strange ports Thor (Hammer of God) (Jun 22)