Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: Port 1975 rogue service
From: H C <keydet89 () yahoo com>
Date: Thu, 31 Oct 2002 13:56:48 -0800 (PST)
Willian,

...and the reason you haven't used fport.exe (from
Foundstone) to get more information on this rogue
service is....what, exactly?  

I mean, after all, you ARE a CISSP.  When I had the
cert, there wasn't anything in the
troubleshooting/investigation methodology that said,
"give it to someone else to figure out".


--- WIlliam Kintz <bkintz () smtp aed org> wrote:



I have discovered a rogue service of some sort
running
on Port 1975 on one of my Win2000 boxes. Connecting
to
this port via a telnet gives me the below output.
Anyone have any idea what this is?

TIA,

William J Kintz, CISSP, CCNA

<begin screen capture>

220-A Fire_Fly_808 Production
220-
220-
220-
220-     


°ñ?`?ñ°,?_?,°ñ?`?ñ°,?_?,°ñ?`?ñ°,?_?,°ñ?`?ñ°,?_?,°ñ?`?ñ°,?_?,°ñ?`?ñ°,?_

,°ñ?`?ñ°
220-
220-             [ server time is 15:35:37  ]
220-             [ server date is Thursday 31
October,
2002  ]
220-             [ you are connecting from:
XX.XX.XX.XX  ]
220-
220-     


°ñ?`?ñ°,?_?,°ñ?`?ñ°,?_?,°ñ?`?ñ°,?_?,°ñ?`?ñ°,?_?,°ñ?`?ñ°,?_?,°ñ?`?ñ°,?_

,°ñ?`?ñ°
220-
220-             [ server stats  ]
220-             [ pubstro uptime: 4 Days, 13 Hours,
4
Mins  ]
220-             [ leechers 0ver the last 24 hours:
1699  ]
220-             [ leechers logged in: 1783  ]
220-             [ current leechers: 2  ]
220-             [ kb leeched: 11550405 kb/s  ]
220-             [ kb filled: 4438567 kb/s  ]
220-             [ hdd freespace: 768.62 kb  ]
220-             [ Average Bandwith used: 40.719  ]
220-             [ Current Bandwith in use: 16.500 
]
220-
220      


°ñ?`?ñ°,?_?,°ñ?`?ñ°,?_?,°ñ?`?ñ°,?_?,°ñ?`?ñ°,?_?,°ñ?`?ñ°,?_?,°ñ?`?ñ°,??

,°ñ?`?ñ°







----------------------------------------------------------------------------

This list is provided by the SecurityFocus ARIS
analyzer service.
For more information on this free incident handling,
management 
and tracking system please see:
http://aris.securityfocus.com




__________________________________________________
Do you Yahoo!?
HotJobs - Search new jobs daily now
http://hotjobs.yahoo.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]