From: Gorgon Beast (gorgonbeasthotmail.com)
Date: Wed Jul 08 2009 - 15:04:47 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Tom,

When you come across ports that you don't know, you can google "tcp 5910" and the like. Internet Storm Center has some pretty good info about ports and what is flying around out there.

I wouldn't worry too much about these till the end of your project. Look at the familiar things, like telnet, ftp, msrpc, netbios-ssn; these might tell you more about the boxes. Then go after the unknowns, like 5910 and 1863 (they are MSN messaging and Context management, though I'm not familiar with 5910, it might be something that Cygwin uses... maybe someone can tell us more)

Beware, too, the IP's you are looking at may all be from one box. You might want to check that out first; if the time is identical on all of them, they are probably just one machine.

> Hi all,
>
>
>
> I have just started my information security career & I am doing pentest on pool of some public IP's as my first assignment in Pentest.
>
>
>
> During pentest I found that port 1863 & port 5910 are common for most of the IPs's ( In fact almost all).
>
>
>
> I would like to know if anyone come across such situation while doing pentest in past.
>
>
>
> Thanks
>
>
>
> Tom Right

_________________________________________________________________
Lauren found her dream laptop. Find the PC that’s right for you.
http://www.microsoft.com/windows/choosepc/?ocid=ftp_val_wl_290
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]