|
Security Incidents
mailing list archives
Re: Backdoor ?? "Girlnextdoor_" TCP Ports 1025/1028
From: Kevin Patz <jambo_cat () yahoo com>
Date: 5 Mar 2003 18:56:40 -0000
In-Reply-To: <1046857854.1736.10.camel () JayHome>
Do a "netstat -a -n" to get IP addresses instead of
host names. Girlnextdoor is the name of a computer on
your network (NETBIOS name), or a reverse DNS
resolution on the IP address. If a netstat with the -
n option shows 0.0.0.0:0 then it's just services on
your PC listening for connections (epmap, microsoft-
ds, etc.).
What's in your hosts and lmhosts files?
C:\>netstat -a
=20
Active Connections
=20
Proto Local Address Foreign
Address =20
State
TCP p4win2k:epmap
Girlnextdoor_:0 =20
LISTENING
TCP p4win2k:microsoft-ds
Girlnextdoor_:0 =20
LISTENING
TCP p4win2k:1025
Girlnextdoor_:0 =20
LISTENING
TCP p4win2k:1028
Girlnextdoor_:0 =20
LISTENING
TCP p4win2k:netbios-ssn
Girlnextdoor_:0 =20
LISTENING
UDP p4win2k:epmap *:*
UDP p4win2k:microsoft-ds *:*
UDP p4win2k:1027 *:*
UDP p4win2k:1030 *:*
UDP p4win2k:netbios-ns *:*
UDP p4win2k:netbios-dgm *:*
UDP p4win2k:isakmp *:*
=20
C:\>
----------------------------------------------------------------------------
<Pre>Lose another weekend managing your IDS?
Take back your personal time.
15-day free trial of StillSecure Border Guard.</Pre>
<A href="http://www.securityfocus.com/stillsecure";> http://www.securityfocus.com/stillsecure </A>
 By Date 
By Thread
Current thread:
- Re: Solved !! "Girlnextdoor_" TCP Ports 1025/1028, (continued)
Re: Backdoor ?? "Girlnextdoor_" TCP Ports 1025/1028 H C (Mar 05)
Re: Backdoor ?? "Girlnextdoor_" TCP Ports 1025/1028 Kevin Patz (Mar 05)
| 
Intro
