Use activeports or fportng to figure out which processes/programs are
attached to which ports. Some quickies from your list:
111: RPC; 135: Windows networking equivalent of RPC; 445: Active
Directory listener; 1025-1046 probably windows networking things like
messenger and such, which the process behind 135 knows about and will
distribute requests to this group.
Carl R Diliberto wrote:
>I got such great responses to my last questions, thanks to all those who
>responded, I got brownie points with the boss! :o)
>
>I have a newly built Dell PowerEdge Server and now have ports open I can't
>explain clearly to government management. .
>
>Results of Netstat -an below:
>
>Active Connections
> Proto Local Address Foreign Address State
> TCP 0.0.0.0:111 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:1032 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:1041 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:1044 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:1045 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:1046 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:1311 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:3372 0.0.0.0:0 LISTENING
> TCP 0.0.0.0:8000 0.0.0.0:0 LISTENING
> TCP 127.0.0.1:1043 0.0.0.0:0 LISTENING
> TCP 127.0.0.1:1043 127.0.0.1:1044 ESTABLISHED
> TCP 127.0.0.1:1044 127.0.0.1:1043 ESTABLISHED
> TCP 127.0.0.1:1045 127.0.0.1:1046 ESTABLISHED
> TCP 127.0.0.1:1046 127.0.0.1:1045 ESTABLISHED
> UDP 0.0.0.0:111 *:*
> UDP 0.0.0.0:135 *:*
> UDP 0.0.0.0:445 *:*
> UDP 0.0.0.0:1036 *:*
> UDP 0.0.0.0:1038 *:*
> UDP 0.0.0.0:2148 *:*
>
> Any ideas?
>
>Thanks
>Carl
>
>
>
Received on Nov 02 2002
Intro
