Home page logo
/

basics logo Security Basics mailing list archives

RE: Port TCP/8000
From: "Optrics Engineering - Shaun Sturby, MCSE" <Shaun () Optrics com>
Date: Fri, 1 Nov 2002 12:17:01 -0700

Hello Carl,

If you would like to see the program that has the ports open use
netstat -ano on xp or the freeware active ports from the following URL. It
also has two lists of common ports included
(http://lists.gpick.com/portlist/portlist.htm and
http://www.iana.org/assignments/port-numbers) that show 8000 as being
_assigned_ to
8000 TCP irdmi iRDMI XConsole
8000 UDP irdmi iRDMI
Though that doesn't mean that is what is running there. ;->

Active Ports
http://www.protect-me.com/freeware.html

Other freeware that is worth checking out.
Try TCPView from Sysinternals
http://www.sysinternals.com/ntw2k/source/tcpview.shtml.

and I have hear good things about fport
from http://www.foundstone.com/knowledge/free_tools.html.

Though most of your ports look like the typical M$ ports.

 Shaun Sturby, MCSE

 Optrics Engineering - Ipswitch Premier Partners & Network Specialists
 Email: Shaun () Optrics com   Website: www.Optrics.com
 United States:  1859 East 5750 South, Ogden, UT 84403
 Toll Free: 1-877-386-3763  Fax: (801) 705-3150
 Canada: Suite 100  4911-114 St. Edmonton, AB, T6H 3L5
 Toll Free: 1-877-463-7638  Fax: (780) 432-5630
 Solutions for a Connected World:  www.Optrics.com/linecard.htm
 Optrics Engineering and FundSoft are divisions of Optrics Inc.

-----Original Message-----
From: Carl R Diliberto [mailto:cdiliberto () hotmail com]
Sent: Thursday, October 31, 2002 3:13 PM
To: security-basics
Subject: Port TCP/8000


I got such great responses to my last questions, thanks to all those who
responded, I got brownie points with the boss! :o)

I have a newly built Dell PowerEdge Server and now have ports open I can't
explain clearly to government management.  .

Results of Netstat -an below:

Active Connections
      Proto  Local Address          Foreign Address        State
      TCP    0.0.0.0:111            0.0.0.0:0              LISTENING
      TCP    0.0.0.0:135            0.0.0.0:0              LISTENING
      TCP    0.0.0.0:445            0.0.0.0:0              LISTENING
      TCP    0.0.0.0:1025           0.0.0.0:0              LISTENING
      TCP    0.0.0.0:1026           0.0.0.0:0              LISTENING
      TCP    0.0.0.0:1032           0.0.0.0:0              LISTENING
      TCP    0.0.0.0:1041           0.0.0.0:0              LISTENING
      TCP    0.0.0.0:1044           0.0.0.0:0              LISTENING
      TCP    0.0.0.0:1045           0.0.0.0:0              LISTENING
      TCP    0.0.0.0:1046           0.0.0.0:0              LISTENING
      TCP    0.0.0.0:1311           0.0.0.0:0              LISTENING
      TCP    0.0.0.0:3372           0.0.0.0:0              LISTENING
      TCP    0.0.0.0:8000           0.0.0.0:0              LISTENING
      TCP    127.0.0.1:1043         0.0.0.0:0              LISTENING
      TCP    127.0.0.1:1043         127.0.0.1:1044         ESTABLISHED
      TCP    127.0.0.1:1044         127.0.0.1:1043         ESTABLISHED
      TCP    127.0.0.1:1045         127.0.0.1:1046         ESTABLISHED
      TCP    127.0.0.1:1046         127.0.0.1:1045         ESTABLISHED
      UDP    0.0.0.0:111            *:*
      UDP    0.0.0.0:135            *:*
      UDP    0.0.0.0:445            *:*
      UDP    0.0.0.0:1036           *:*
      UDP    0.0.0.0:1038           *:*
      UDP    0.0.0.0:2148           *:*

 Any ideas?

Thanks
Carl
____________________________________________________________________________
_______

IMail Server has scanned this e-mail for viruses using Declude Virus from
Optrics.com



___________________________________________________________________________________

IMail Server has scanned this e-mail for viruses using Declude Virus from Optrics.com  


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault