Re: Port 1975 rogue service

From: H C (keydet89at_private)
Date: Thu Oct 31 2002 - 13:56:48 PST

Next message: Christopher E. Cramer: "Re: Port 1975 rogue service"

Previous message: Ashcraft, Brian S (Contractor): "RE: Port 1975 rogue service"
In reply to: WIlliam Kintz: "Port 1975 rogue service"
Next in thread: Christopher E. Cramer: "Re: Port 1975 rogue service"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Willian,

...and the reason you haven't used fport.exe (from
Foundstone) to get more information on this rogue
service is....what, exactly?  

I mean, after all, you ARE a CISSP.  When I had the
cert, there wasn't anything in the
troubleshooting/investigation methodology that said,
"give it to someone else to figure out".


--- WIlliam Kintz <bkintzat_private> wrote:
> 
> 
> I have discovered a rogue service of some sort
> running
> on Port 1975 on one of my Win2000 boxes. Connecting
> to
> this port via a telnet gives me the below output.
> Anyone have any idea what this is?
> 
> TIA,
> 
> William J Kintz, CISSP, CCNA
> 
> <begin screen capture>
> 
> 220-A Fire_Fly_808 Production
> 220-
> 220-
> 220-
> 220-     
>
Аё?`?ёА,?_?,Аё?`?ёА,?_?,Аё?`?ёА,?_?,Аё?`?ёА,?_?,Аё?`?ёА,?_?,Аё?`?ёА,?_
> ,Аё?`?ёА
> 220-
> 220-             [ server time is 15:35:37  ]
> 220-             [ server date is Thursday 31
> October,
> 2002  ]
> 220-             [ you are connecting from:
> XX.XX.XX.XX  ]
> 220-
> 220-     
>
Аё?`?ёА,?_?,Аё?`?ёА,?_?,Аё?`?ёА,?_?,Аё?`?ёА,?_?,Аё?`?ёА,?_?,Аё?`?ёА,?_
> ,Аё?`?ёА
> 220-
> 220-             [ server stats  ]
> 220-             [ pubstro uptime: 4 Days, 13 Hours,
> 4
> Mins  ]
> 220-             [ leechers 0ver the last 24 hours:
> 1699  ]
> 220-             [ leechers logged in: 1783  ]
> 220-             [ current leechers: 2  ]
> 220-             [ kb leeched: 11550405 kb/s  ]
> 220-             [ kb filled: 4438567 kb/s  ]
> 220-             [ hdd freespace: 768.62 kb  ]
> 220-             [ Average Bandwith used: 40.719  ]
> 220-             [ Current Bandwith in use: 16.500 
> ]
> 220-
> 220      
>
Аё?`?ёА,?_?,Аё?`?ёА,?_?,Аё?`?ёА,?_?,Аё?`?ёА,?_?,Аё?`?ёА,?_?,Аё?`?ёА,??
> ,Аё?`?ёА
> 
> 
> 
> 
> 
>
----------------------------------------------------------------------------
> This list is provided by the SecurityFocus ARIS
> analyzer service.
> For more information on this free incident handling,
> management 
> and tracking system please see:
> http://aris.securityfocus.com
> 


__________________________________________________
Do you Yahoo!?
HotJobs - Search new jobs daily now
http://hotjobs.yahoo.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Christopher E. Cramer: "Re: Port 1975 rogue service"
Previous message: Ashcraft, Brian S (Contractor): "RE: Port 1975 rogue service"
In reply to: WIlliam Kintz: "Port 1975 rogue service"
Next in thread: Christopher E. Cramer: "Re: Port 1975 rogue service"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Oct 31 2002 - 17:56:44 PST