Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Strange ports

From: killy <killfactory () gmail com>
Date: Sat, 23 Jun 2007 22:49:16 -0400
Thanks for all of the great responses.

I guess it may help to clear up a few things.

53 is valid and documented.
3389 is not documented, but I already know the answer before I ask why
they did this ;-)

But 1029 and 1032, were the interesting ones ot me.

Not documented or common to myself.









On 6/18/07, killy <killfactory () gmail com> wrote:

Scanning my external firewall(at work), I (yes, it is my job to) find this:


PORT     STATE    SERVICE
53/tcp   open     domain

1029/tcp open     ms-lsa
1032/tcp open     iad3

3389/tcp open     ms-term-serv


Why would 1029 and 1032 need to be open from the outside?

-Kill


--
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke




--
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: