TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
_I_ care about what these ports are used for because it's part of my job to know what
tools are being used to scan/probe my networks. I also take the scanning seriously
because I use this activity to judge the threat of the originating ISP's, .edu's, etc.
and often permanently block their packets at my perimeter. It's an indication that
they either don't have or don't enforce an Acceptable Use Policy. The day I feel fat,
dumb and happy behind my big bad firewall is the day I need to give up my job to
someone more proactive.
Just so you're aware, I checked several of my usual www resources, I checked the
archives and I made liberal use of several search engines, but was still unable to
turn up information on the ports I listed. Then, and only then, did I turn to this
list, the community of my peers, for assistance and education.
I take slight offense at being told to "look harder." If you don't have an answer or
don't care to answer... don't answer. Please don't do the moderator's job. If my
question was completely off topic or a complete waste of time, it would have been
filtered.
On a more positive note, I do appreciate the resource you forwarded... Thank you.
I'll check out tauscan and see what I can learn from it.
Kind Regards
NetBoss
-----Original Message-----
From: Daniel MD [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 14, 2000 04:28
To: netboss; [EMAIL PROTECTED]
Subject: Re: TCP ports 5665, 10742 or 11270 anyone?
Hello...
Who cares, you can use any port, if your sure you don't have a
client trojan installed they can scan all they want it's just a waste of
time, the only class that tries to "hack" you by trojan horses are script
kid's, so don't worry, if you want to be sure what the port's are used for,
search, the web for know trojan lists, there are several, if you look at
the archives of this mailing list you will find allot of link's to such web
sites, if you want to know what the services are normally used for, go to a
tcp port list and ask (e-mail) the person that serves has reference to the
gap of port's you are searching for, the persons responsible for
maintenance of these ports, know allot more than any of us, because they
are "responsible" for them.
P.S: Stop making such questions about port's, if you take the safe
precautions it's very rare that a script kid can crack your server/PCs,
open port attack's are very rare, and almost all firewalls will give you
protection against this sort of attack's, but if you want a product that
just scans for trojan you can try tauscan (win) from agnitum,
http://www.agnitum.com/products/tauscan/, it's good for you :). oh and
please search the web for trojan lists, the persons that maintain these
lists, are very competent and give you the fastest anwsers.
At 16:03 13-11-2000 -0500, you wrote:
>TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
>[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
>----------------------------------------------------------------------------
>
>All,
>
>This weekend was a busy one for script kiddies... lots of variety. I
>observed scans for NetBus (TCP 12345 & 12346), RingZero (TCP 3128), Sub
>Seven (TCP 27347) and one for Network Blackjack (TCP 1025). I also saw
>scans for TCP ports 5665, 10742 and 11270 which I wasn't able to classify.
>Can anyone identify the use of these ports? Network Blackjack is a new one
>for me. I'm assuming it's yet another trojan?
>
>Many thanks in advance.
Best Regard's and have a nice day...
Daniel MD [[EMAIL PROTECTED]]
______________________________________________
FREE Personalized Email at Mail.com
Sign up at http://www.mail.com/?sr=signup
