Gotta be Gnutella who's default port is 6346. I bet some user is running
Gnutella on your system and bumped the default port to 6347.
Gnutella can be found at http://gnutella.wego.com
Paris
> -----Original Message-----
> From: Dante Mercurio [mailto:Dante_at_WEBCTI.COM]
> Sent: Thursday, June 08, 2000 9:21 AM
> To: INCIDENTS_at_SECURITYFOCUS.COM
> Subject: Port 6347
>
>
> BM_207_245_35_170207.245.35.170
> First Last Type Server Port Protocol Attempts
>
> 06/05/2000 12:49:23 06/05/2000 12:49:44 Denied Packet(s)
> X.X.X.111 6347 tcp 4
> icl192132121_icl_fiicl192132121.icl.fi
> First Last Type Server Port Protocol Attempts
>
> 06/05/2000 18:08:11 06/05/2000 18:08:32 Denied Packet(s)
> X.X.X.111 6347 tcp 4
>
>
> Excerpt from my log. I have received many attempts at this
> port, and from
> many different systems, all to one server. I have searched
> the well known
> port lists, and trojan port lists, and the web and can find
> no mention of
> this port. I would like to know what this port is servicing, and if
> possible, have the web site this info is on to add to my port lists to
> search before posting.
>
> --Dante
>
Received on Jun 10 2000
Intro
