If you don't mind possibly crashing the server, might I suggest Arne
Vidstrom's Inzider utility: http://ntsecurity.nu/toolbox/inzider/

It will tell you which processes are listening on which ports. I
wouldn't necessarily use it on a production box, but it does a pretty
decent job.

Henry

> -----Original Message-----
> From: Perkins, Sharon ISTA:EX
[mailto:Sharon.PerkinsGEMS3.GOV.BC.CA]
> Sent: Friday, April 27, 2001 3:07 PM
> To: FOCUS-MSSECURITYFOCUS.COM
> Subject: Port 1081
>
>
> Hi I need some advise,
>
> We've run a port scan on several of our servers and
> discovered port 1081
> open on one of the boxes. This box is a pre-production
> Windows 2000 PDC.
> Currently it is on it's own domain within our larger network
> structure. I
> first suspected that the winhole trojan was present but none
> of the files or
> reg settings are present. I have looked at the running
> services and nothing
> seems inappropriate, Net Stat returns that the port is open
> but doesn't
> identify by what, port2service identifies the port as
> listening but the
> service is unknown. Any help idenifiying what is using this
> port would be
> appreciated.
>
> Sharon
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]