Folks, port 10000 can be used by anyone for any software application. There is nothing stopping me from using port 80 for mail. Or 10000. The standardization of ports use makes interoperability easier, but if I write a key logger, I'm going to have it report on some port I think will not be blocked, like ssl/https/secure socks/443. Why? Because what good is it to sow the seeds if you can't reap the profits/crops?
On ANY listening/talking port, run an app like fport that will tell you what app is mapped to the port. If it's outside trying to get in, kill it at the first inbound interface. If it's inside, hunt down the host and then fport it. I have to assume it's already blocked on the first outbound interface, since it's not a well known port. Invest in a cheap system and snort, or sniff the contents to see if it's malicious, or any other system to see what's up, but NEVER trust some published list of ports. Its whatever port(s) the author wanted them to be. D. Weiss *********** REPLY SEPARATOR *********** On 7/7/2003 at 5:07 PM Salvatore Poliandro wrote: >Hi All. >Does anyone know what port 10000 is used for. All my research says VPN >type >applications. We are running 10+ 2000 servers here, NO VPN, and 85% of >them >are listening on this port. TCP only. You can Telnet to it, but it >recieves >all your data, and never sends anything back. It will not close the >connection either. If anyone has any info that would be great. ITs not a >huge deal, that port is blocked by the firewalls ;) I would just like to >know. > >Sal > > >----------------------------------------------------------------------- ---- >Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! >The Gartner Group just put Neoteris in the top of its Magic Quadrant, >while InStat has confirmed Neoteris as the leader in marketshare. > >Find out why, and see how you can get plug-n-play secure remote access in >about an hour, with no client, server changes, or ongoing maintenance. > >Visit us at: http://www.neoteris.com/promos/sf-6-9.htm >----------------------------------------------------------------------- ----- --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
