This never ceases to amaze me. A security consultant is performing a vulnerability assessment on a client's network, and finds an unusual port open...even intermittently. Yet in today's day and age of malware w/ configurable/random port bindings, they still persist in checking port lists, rather than going to the machine and typing 'netstat -a'. Some endpoint state information may still be available. Then using fport.exe from Foundstone will show which application is bound to that port.
__________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
