Security Incidents mailing list archives
RE: Strange set of TCP ports
From: "Benjamin Tomhave" <falcon () secureconsulting net>
Date: Mon, 19 Apr 2004 20:27:06 -0400
tcpview.exe from SysInternals will show ports mapped to processes and their state -- it's good for both TCP and UDP services http://www.sysinternals.com/ntw2k/source/tcpview.shtml
-----Original Message----- From: mgotts () 2roads com [mailto:mgotts () 2roads com] Sent: Monday, April 19, 2004 4:10 PM To: Harlan Carvey Cc: Incidents; Raistlin Subject: Re: Strange set of TCP portsRun openports.exe from DiamondCS on the suspect boxen. If you don't have physical access, but do have admin access, use psexec.exe from SysInternals, as well.psexec.exe from SysInternals is a remote program execution utility. I use it now and then, and am not aware of any capability to have it list ports in use and what programs are using them. SysInternals probably does have such a utility, but I'm not sure what it is off the top of my head. -- Mark--- Raistlin <raistlin () gioco net> wrote:Greetings, can someone help me in identifying the following strange subset of open TCP ports ? 3687/tcp open unknown 3688/tcp open unknown 3689/tcp open rendezvous 3690/tcp open unknown 3691/tcp open unknown Googling or looking at the usual known ports lists do not yield any results. I'd like to identify this beast if possible. Thanks in advance. Stefano------------------------------------------------------------------ --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------ForwardSourceID:NT000844F2------------------------------------------------------------------ --------- ------------------------------------------------------------------ ----------
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Strange set of TCP ports Raistlin (Apr 19)
- Re: Strange set of TCP ports Harlan Carvey (Apr 19)
- Re: Strange set of TCP ports mgotts (Apr 19)
- Re: Strange set of TCP ports Shashank Rai (Apr 20)
- Re: Strange set of TCP ports Josh Tolley (Apr 20)
- RE: Strange set of TCP ports Benjamin Tomhave (Apr 20)
- Re: Strange set of TCP ports Scott Weeks (Apr 21)
- Re: Strange set of TCP ports mgotts (Apr 19)
- Re: Strange set of TCP ports Jim Matthews (Apr 20)
- <Possible follow-ups>
- RE: Strange set of TCP ports Steven Trewick (Apr 19)
- RE: Strange set of TCP ports Schmehl, Paul L (Apr 19)
- RE: Strange set of TCP ports J Jason Bridge (Apr 19)
- RE: Strange set of TCP ports Romulo M. Cholewa (Apr 20)
- RE: Strange set of TCP ports Chris Bell (Apr 20)
- Re: Strange set of TCP ports Raistlin (Apr 22)
- RE: Strange set of TCP ports Meidinger Chris (Apr 23)
- Re: Strange set of TCP ports Harlan Carvey (Apr 19)