Security Basics mailing list archives

re: Port 2848

From: H C <keydet89 () yahoo com>
Date: Wed, 18 Dec 2002 11:05:13 -0800 (PST)

Nathan,

An ARIN search on the IP addresses you mentioned
reveals:

206.204.212.226 is owned by ConXioN Corporation,
according to ARIN.  Nslookup reveals that the name of
the host is "gw02entry01.gw02.dis.symantec.com".

206.204.52.98 is also "owned by" ConXion, but it's
name is "gw01entry01.gw01.dis.symantec.com".

Here's a suggestion...rather than posting to the list
and waiting for someone to tell you what to do, why
not go on over to 192.168.100.2 and run 'netstat -an'?
 See if the connection is still open to either one of
those systems.  Then, depending on which operating
system that system is running, run a port-to-process
mapping tool (lsof or fuser for Linux/*nix, fport for
NT/2K/XP, or 'netstat -ano' on XP).  

Maybe if you did a little checking yourself, you'd
save yourself a lot of time.




__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

Current thread:

Port 2848 Nathan (Dec 18)
- RE: Port 2848 Dominick Sardina (Dec 19)
- RE: Port 2848 Mahoney, Paul (Dec 20)
- <Possible follow-ups>
- re: Port 2848 H C (Dec 19)
- RE: Port 2848 Mike Heitz (Dec 19)
- RE: Port 2848 Malin, Scott M (Dec 20)