Security Basics mailing list archives
RE: Port TCP/8000
From: "Golden_Eternity" <bhodi_jabir () yahoo com>
Date: Fri, 1 Nov 2002 10:47:34 -0800
I have a newly built Dell PowerEdge Server and now have ports open I can't explain clearly to government management. .
Active Connections Proto Local Address Foreign Address State TCP 0.0.0.0:111 0.0.0.0:0 LISTENING
portmap. If you don't use rpc, kill it.
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
445 is pretty common on 2k servers; like 137-139 on 9x boxen. 135 is MS' RPC...
TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING
...
TCP 0.0.0.0:1311 0.0.0.0:0 LISTENING
These are all open connections to localhost. (see http://www.robertgraham.com/pubs/firewall-seen.html#1.1)
TCP 0.0.0.0:3372 0.0.0.0:0 LISTENING TCP 0.0.0.0:8000 0.0.0.0:0 LISTENING
MSDTC and iRDMI? I'm sure one of the other posts'll be able to help you with these two. -G_E
Current thread:
- Port TCP/8000 Carl R Diliberto (Nov 01)
- RE: Port TCP/8000 Golden_Eternity (Nov 01)
- RE: Port TCP/8000 Optrics Engineering - Shaun Sturby, MCSE (Nov 01)
- Re: Port TCP/8000 James Lee Bell (Nov 01)
- Re: Port TCP/8000 Richard H. Cotterell (Nov 04)
- <Possible follow-ups>
- RE: Port TCP/8000 Floura, Ranvir (NIH/CIT) (Nov 01)
- RE: Port TCP/8000 Naman Latif (Nov 01)
- Port TCP/8000 landgraf (Nov 01)
- RE: Port TCP/8000 Hay,Daniel (Nov 01)
- RE: Port TCP/8000 Ye, Wilson (Nov 04)