On Wed, 16 May 2001, VanMeter, John wrote: > I did a scan of a NT 4.0 SP6a server and found the following > iad1 1030/tcp BBN IAD This is probably a dynamically assigned port (or one of them) used by a program supporting MS RPC over TCP. There is a program out there that can query the "portmapper" listening on port 135/tcp, dump the list of MS RPC servers, and--if you are lucky--provide some clues regarding the nature of a service running on a given port, e.g. IfId: 469d6ec0-0d87-11ce-b13f-00aa003bac6c version 16.0 Annotation: MS Exchange System Attendant Public Interface UUID: 469d6ec0-0d87-11ce-b13f-00aa003bac6c Binding: ncacn_ip_tcp:172.16.15.37[1058] RpcMgmtInqIfIds succeeded Interfaces: 4 469d6ec0-0d87-11ce-b13f-00aa003bac6c v16.0 83d72bf0-0d89-11ce-b13f-00aa003bac6c v6.0 67df7c70-0f04-11ce-b13f-00aa003bac6c v3.0 06ed1d30-d3d3-11cd-b80e-00aa004b9c30 v1.0 RpcMgmtInqServerPrincName succeeded Name: MSExchangeSA RpcMgmtInqStats succeeded Stats[0]: 60342 Stats[1]: 0 Stats[2]: 48 Stats[3]: 51 Look for a file called (approximately) rpctools-1.0.zip. If you have the package where Microsoft puts all useful stuff they neglect to include in the base system (resource kit?), you may find a similar program there. (BTW: I have a feeling MS RPC is a can of worms waiting to be open.) --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
This archive was generated by hypermail 2b30 : Fri May 18 2001 - 12:39:30 PDT