Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Pavel Kankovsky (peakargo.troja.mff.cuni.cz)
Date: Fri May 18 2001 - 03:54:15 CDT
On Wed, 16 May 2001, VanMeter, John wrote:
> I did a scan of a NT 4.0 SP6a server and found the following
> iad1 1030/tcp BBN IAD
This is probably a dynamically assigned port (or one of them) used by a
program supporting MS RPC over TCP. There is a program out there that can
query the "portmapper" listening on port 135/tcp, dump the list of MS RPC
servers, and--if you are lucky--provide some clues regarding the nature of
a service running on a given port, e.g.
IfId: 469d6ec0-0d87-11ce-b13f-00aa003bac6c version 16.0
Annotation: MS Exchange System Attendant Public Interface
Look for a file called (approximately) rpctools-1.0.zip. If you have the
package where Microsoft puts all useful stuff they neglect to include in
the base system (resource kit?), you may find a similar program there.
(BTW: I have a feeling MS RPC is a can of worms waiting to be open.)
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."