Re: Firewall-1 SP7 CPU utilisation 100%

[Matthew Pemble <mpemble () isintegration com>]

Not a firewall one issue, but on a recent audit, I found inetinfo.exe,
mstask.exe and sqlservr.exe all bound to ports in the 1030 - 1032 area.  I
assume (no, I hope) that none of these are running on a firewall, and I
further guess that it is because this range is just after the 1024 boundary
that NT uses it for services.

As to why, no idea.  I tried telnetting to the ports and got and maintained
a connection but no responses, banner, error or garbage.

AFAIK, the IAD BBN port range is to do with bridging between IP and other
protocols (eg X25).  There was a discussion about this in Feb 1999 on the
firewalls list at giac.net.

Use TCPView to find out what is binding the ports and then we might be able
to craft another FW-1 on NT DOS!

Matthew Pemble, Principal Consultant, IS Integration,
Preston Technology Management Centre, Marsh Lane, PRESTON,
Lancashire, PR1 8UD
Tel: +44 (0)1772 885850  Fax: +44 (0)1772 558881
Mobile: +44 (0)7050 128620
Mailto:mpemble () isintegration com  Web: http://www.isintegration.com

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify your system manager
or IS Integration Limited on +44 (0) 1772 885850

Any Views expressed in this e-mail message are those of the individual
sending the message, except where the sender specifically states them to be
the views of IS Integration Limited.