-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > -----Original Message----- > From: Katherine Ogden [mailto:kogdenat_private] > Sent: Wednesday, January 09, 2002 11:01 AM > > We began having trouble with our exchange server. > For no reason we could pin down the OWA would > throw up an error and stop the www service. Being > the slightly paranoid sort I downloaded Retina and ran > it against the email server. It showed the usual things > but it also showed > Port 1058 - Nim > Port 1090 - Xtreme > > Two other exchange servers show these ports open. > Port 1042 - Bla > Port 1059 - Nimreg Katherine, as Nexus said, use FPort (or similar) to figure out the service/task associated with that port. My guess would be 1042 - dsamain.exe and 1059 - store.exe (which is the Directory service and the Information Store of Exchange). However, if fport shows 1042 - winshell.exe, or any other executable an ordinary NT server doesn't have, then yank the box and investigate. Regards, Frank -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.8 Comment: PGP or S/MIME (X.509) encrypted email preferred. iQA/AwUBPDz58szYtOFvgXQfEQL2XQCfQrL5fFM5RdVMY560RaszC5xRl4oAoPjN muuJZfeDiElaa0fLRTsAJIom =DwWz -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Jan 09 2002 - 21:10:12 PST