|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Why alerts on ports 1025-1029, 1036
From: Leo, Joel (Joel.Leo
cw.com)
Date: Tue Apr 01 2003 - 18:54:23 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Foundstone.com has a useful tool called fport that will identify the pid
on nt & 2k. Might be useful in this case.
http://www.foundstone.com/knowledge/intrusion_detection.html
Joel
-----Original Message-----
From: Matt Marcos [mailto:Matt.Marcospaccar.com]
Sent: Monday, March 31, 2003 3:12 PM
To: incidentssecurityfocus.com
Subject: RE: Why alerts on ports 1025-1029, 1036
In XP you can type NETSTAT -o and this will show the PID of each
connection. You can then use task manager to corrolate the PID against
what program is
running. So NETSTAT -a -o will show you all listening processes and
what
PID is associated with them.
Matt.
-----Original Message-----
From: Erik Boles [mailto:erikcoloradosprings.com]
Sent: Tuesday, 1 April 2003 10:29 AM
To: Tomas Carlsson; incidentssecurityfocus.com
Subject: RE: Why alerts on ports 1025-1029, 1036
Tomas,
1025 is dynamically assigned, so really any program can request use of
it. I have seen nterm use 1026 rather frequently. 1036 is usually an
outbound port.
You can see what all is listneing on your system by running netstat -l
(unix) or netstat -a (windows) from a command prompt.
Erik
-----Original Message-----
From: Tomas Carlsson [mailto:xtcskildra.nu]
Sent: Monday, March 31, 2003 3:04 PM
To: incidentssecurityfocus.com
Subject: Why alerts on ports 1025-1029, 1036
I get constant alerts from Zonealarm and it is always blocking on ports
1025, 1026, 1027 or 1029. Can someone tell me why?
Sometimes also alerts from blocking on port 1036. What's there?
TIA
Tomas
------------------------------------------------------------------------
----
Powerful Anti-Spam Management and More...
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.securityfocus.com/SurfControl-incidents
------------------------------------------------------------------------
----
Powerful Anti-Spam Management and More...
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.securityfocus.com/SurfControl-incidents
------------------------------------------------------------------------
----
Powerful Anti-Spam Management and More...
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.securityfocus.com/SurfControl-incidents
----------------------------------------------------------------------------
Powerful Anti-Spam Management and More...
SurfControl E-mail Filter puts the brakes on spam,
viruses and malicious code. Safeguard your business
critical communications. Download a free 30-day trial:
http://www.securityfocus.com/SurfControl-incidents
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]