Hello. This is most likely to be Tiny Personal Firewall. However, you should always double check... Download FPort from http://www.foundstone.com
It should show something like this: C:\...>fport .... 2144 PERSFW -> 44334 TCP C:\Program Files\Tiny Personal Firewall\PERSFW.EXE 2144 PERSFW -> 44334 UDP C:\Program Files\Tiny Personal Firewall\PERSFW.EXE Hope this helps, Angelz ----- Original Message ----- From: "Hyperion" <[EMAIL PROTECTED]> To: "Security Basics Mailing List" <[EMAIL PROTECTED]> Sent: Monday, June 30, 2003 5:52 PM Subject: What is this port? is it a trojan? > Hello all :) > > I have been taking a more detailed interest in my pc's security of late, > and security for computers in general, and I am learning at quite a fast > rate, although there is a great, great deal of information to learn out > there. > > Just recently I have taken to doing regular, netstat - probes on my machine > to see the different connections that arise and so forth. > Today I found a rather mysterious port with the number, 44334 and I have > copied/paste the results of the netstat -an below for people to look at. > Is the port in question, -44334- a Trojan? it strikes me as a rather > suspicious port and a rather large port number. > Could anyone tell me how I can find out what's running behind the port in > question, and also what to do about it if it is a port. > I have run my virus software, but it did not find any viruses or Trojans > installed on my machine, so I am at a loss as to what to do. > I am also very limited in my security knowledge, so I am basically stuck for > the necessary ideas or solutions on what to do in order to find out what's > behind this port. > Any and all help is greatly appreciated thanks. > > Details of netstat below:: > > Active Connections > > Proto Local Address Foreign Address State > TCP 0.0.0.0:135 0.0.0.0:0 LISTENING > TCP 0.0.0.0:445 0.0.0.0:0 LISTENING > TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING > TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING > TCP 0.0.0.0:1038 0.0.0.0:0 LISTENING > TCP 0.0.0.0:5000 0.0.0.0:0 LISTENING > TCP 0.0.0.0:44334 0.0.0.0:0 LISTENING > TCP 127.0.0.1:110 0.0.0.0:0 LISTENING > TCP 127.0.0.1:1279 127.0.0.1:110 TIME_WAIT > TCP 217.135.174.224:1280 195.92.193.154:110 TIME_WAIT > UDP 0.0.0.0:445 *:* > UDP 0.0.0.0:500 *:* > UDP 0.0.0.0:1036 *:* > UDP 0.0.0.0:44334 *:* > UDP 127.0.0.1:123 *:* > UDP 127.0.0.1:1900 *:* > UDP 217.135.174.224:123 *:* > UDP 217.135.174.224:1900 *:* > > > My Regards > Hyperion > > > -------------------------------------------------------------------------- - > Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! > The Gartner Group just put Neoteris in the top of its Magic Quadrant, > while InStat has confirmed Neoteris as the leader in marketshare. > > Find out why, and see how you can get plug-n-play secure remote access in > about an hour, with no client, server changes, or ongoing maintenance. > > Visit us at: http://www.neoteris.com/promos/sf-6-9.htm > -------------------------------------------------------------------------- -- > > > --- Outgoing mail is certified virus free by smtp.webchatx.org Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.495 / Virus Database: 294 - Release Date: 30/06/2003 --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
