Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Incidents: RE: Why would my machine do this?

RE: Why would my machine do this?

From: Jose Nazario <jose_at_biocserver.BIOC.cwru.edu>
Date: Fri, 8 Feb 2002 12:29:32 -0500 (EST)

On Thu, 7 Feb 2002, Bill Royds wrote:

> Is one of the machines a SGI Irix machine. SGI uses port 1 for service
> multiplexing and this may be a communication from the service
> multiplexor. It can be pretty chatty with it.

1/UDP is not used by those . 1/TCP is TCPmux (RFC 1078) to multiplex
services. UDP doesn't use that TCPmux service for the same purposes.

you are right in that several SGI specific tools use TCPmux (1/TCP). but
they're TCP only.

____________________________
jose nazario jose_at_cwru.edu
                           PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
Received on Feb 08 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos