Home page logo
/

basics logo Security Basics mailing list archives

Remote Connection questions
From: <chersk () 9-edge com>
Date: 7 May 2003 22:54:50 -0000



Hi,

I ran PortExplorer this afternoon, while I had no apps running, and I 
noticed a Remote connection. The details are listed below. Since the ip 
address is owned by the DOD, I was a little alarmed. Being very ignorant 
on security and remote connections, I was wondering what I should do now, 
if anything, and if I should be concerned.

I rebooted and have been checking PortExplorer, but the connection has not 
been re-established. The time the connection was created was about the 
time I booted up this morning.

Thanks

Jay



RemotePort 16396
148.20.191.1
UDP
Status Listening
LocalPort 1027
Packets Sent 0/0
Packets Received 0/0
Creation 07:48 07/05/2003
Process Svchost.exe


OrgName:    DoD Network Information Center 
OrgID:      DNIC
Address:    7990 Science Applications Ct
Address:    M/S CV 50
City:       Vienna
StateProv:  VA
PostalCode: 22183-7000
Country:    US

NetRange:   148.10.0.0 - 148.50.255.255 
CIDR:       148.10.0.0/15, 148.12.0.0/14, 148.16.0.0/12, 148.32.0.0/12, 
148.48.0.0/15, 148.50.0.0/16 
NetName:    ARMYCORP-BLOCKB
NetHandle:  NET-148-10-0-0-1
Parent:     NET-148-0-0-0-0
NetType:    Direct Allocation
Comment:    United States Army Signal Center
Comment:    Fort Gordon
Comment:     ATZH-CDM
Comment:    Fort Gordon, GA 30905-5000 US
RegDate:    1991-03-13
Updated:    1998-09-23

TechHandle: MIL-HSTMST-ARIN
TechName:   Network DoD, Network 
TechPhone:  +1-703-676-1051
TechEmail:  HOSTMASTER () nic mil 

OrgTechHandle: MIL-HSTMST-ARIN
OrgTechName:   Network DoD, Network 
OrgTechPhone:  +1-703-676-1051
OrgTechEmail:  HOSTMASTER () nic mil

# ARIN WHOIS database, last updated 2003-05-06 20:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

---------------------------------------------------------------------------
FastTrain has your solution for a great CISSP Boot Camp. The industry's most 
recognized corporate security certification track, provides a comprehensive 
prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case 
studies and true hands-on utilization 
of pertinent security tools. For a limited time you can enter for a chance 
to win one of the latest technological innovations, the SEGWAY HT. 
Log onto http://www.securityfocus.com/FastTrain-security-basics 
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]