You can keep guessing at the service running on this port, but the only
sure way is to run a network monitor, ie ethereal, windump/tcpdump there
are loads about, and check the packets.

Subsurface
 
It is very dangerous to swim with the sharks,
But at least they don't nag.


-----Original Message-----
From: Matti Haack [mailto:[EMAIL PROTECTED] 
Sent: 04 July 2003 19:01
To: [EMAIL PROTECTED]
Subject: Re[2]: What is this port? is it a trojan?


Do you use Kerio/tiny Firewall?

Its the administration port number...

Matti


kmuam> Hello all :)

kmuam>  I have been taking a more detailed interest in my pc's security 
kmuam> of late, and security for computers in general, and I am learning

kmuam> at quite a fast rate, although there is a great, great deal of 
kmuam> information to learn out there.

kmuam>  Just recently I have taken to doing regular, netstat - probes on

kmuam> my machine to see the different connections that arise and so 
kmuam> forth.  Today I found a rather mysterious port with the number, 
kmuam> 44334 and I have copied/paste the results of the netstat -an 
kmuam> below for people to look at.  Is the port in question, -44334- a 
kmuam> Trojan? it strikes me as a rather suspicious port and a rather 
kmuam> large port number.  Could anyone tell me how I can find out 
kmuam> what's running behind the port in question, and also what to do 
kmuam> about it if it is a port.  I have run my virus software, but it 
kmuam> did not find any viruses or Trojans installed on my machine, so I

kmuam> am at a loss as to what to do. I am also very limited in my 
kmuam> security knowledge, so I am basically stuck for the necessary 
kmuam> ideas or solutions on what to do in order to find out what's 
kmuam> behind this port. Any and all help is greatly appreciated thanks.

kmuam> Details of netstat below::

kmuam> Active Connections

kmuam>   Proto  Local Address          Foreign Address        State
kmuam>   TCP    0.0.0.0:135            0.0.0.0:0              LISTENING
kmuam>   TCP    0.0.0.0:445            0.0.0.0:0              LISTENING
kmuam>   TCP    0.0.0.0:1025           0.0.0.0:0              LISTENING
kmuam>   TCP    0.0.0.0:1026           0.0.0.0:0              LISTENING
kmuam>   TCP    0.0.0.0:1038           0.0.0.0:0              LISTENING
kmuam>   TCP    0.0.0.0:5000           0.0.0.0:0              LISTENING
kmuam>   TCP    0.0.0.0:44334          0.0.0.0:0              LISTENING
kmuam>   TCP    127.0.0.1:110          0.0.0.0:0              LISTENING
kmuam>   TCP    127.0.0.1:1279         127.0.0.1:110          TIME_WAIT
kmuam>   TCP    217.135.174.224:1280   195.92.193.154:110     TIME_WAIT
kmuam>   UDP    0.0.0.0:445            *:*
kmuam>   UDP    0.0.0.0:500            *:*
kmuam>   UDP    0.0.0.0:1036           *:*
kmuam>   UDP    0.0.0.0:44334          *:*
kmuam>   UDP    127.0.0.1:123          *:*
kmuam>   UDP    127.0.0.1:1900         *:*
kmuam>   UDP    217.135.174.224:123    *:*
kmuam>   UDP    217.135.174.224:1900   *:*


kmuam> My Regards
kmuam> Hyperion


kmuam> -----------------------------------------------------------------
kmuam> ----------
kmuam> Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top
analysts! The Gartner Group just put Neoteris in the top of its Magic
Quadrant, while InStat has confirmed Neoteris as the
kmuam> leader in marketshare.
     
kmuam> Find out why, and see how you can get plug-n-play secure remote 
kmuam> access in about an hour, with no client, server changes, or
ongoing maintenance.
          
kmuam> Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
kmuam> -----------------------------------------------------------------
kmuam> -----------


------------------------------------------------------------------------
---
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top
analysts! The Gartner Group just put Neoteris in the top of its Magic
Quadrant, while InStat has confirmed Neoteris as the leader in
marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access
in about an hour, with no client, server changes, or ongoing
maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------

Reply via email to