Strange ports

To:	Pen-Tests <pen-test@securityfocus.com>
Subject:	Strange ports
From:	killy <killfactory@gmail.com>
Date:	Mon, 18 Jun 2007 14:59:06 -0400
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	pentest-list2@consult.net
Delivered-to:	mailing list pen-test@securityfocus.com
Delivered-to:	moderator for pen-test@securityfocus.com
Dkim-signature:	a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=VboRTJ6bag12G2drpjrsw7RneNDNLzDeFQQLgRvpE1qeLkoVveu1L/QIA6MpRwzyWQvjg/rcQQb5Uwtcv8pGgIraZtgQYRyaxDgtrhB+9T98qKwDdFaWjGiMRTssjU4wCVN0WeKlwdk57b+MBhTSWmCfOWqnKyc6plCIGAGeQG4=
Domainkey-signature:	a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=gA0nVV//GgPN2F/ahVi/5p6zyxG5DF/YTuVqZvGGvDInSj239gBasv+55OmG+37AvFC5qihzh+FnSuIl2Wlt7LTi+6pMthvd3pUxiiUzkHj4S9d/BCjH42mgzNtjhZJ+8+7C1rQvKRpYjxwgM+IbSWhoj/lENIp65LznAM+u948=
List-help:	<mailto:pen-test-help@securityfocus.com>
List-id:	<pen-test.list-id.securityfocus.com>
List-post:	<mailto:pen-test@securityfocus.com>
List-subscribe:	<mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list:	contact pen-test-help@securityfocus.com; run by ezmlm
Resent-date:	Mon, 18 Jun 2007 20:48:19 -0600 (MDT)
Resent-from:	pen-test-return-1078484389@securityfocus.com
Resent-message-id:	<20070619024819.92323237CCC@outgoing3.securityfocus.com>
Resent-sender:	listbounce@securityfocus.com
Sender:	listbounce@securityfocus.com

Scanning my external firewall(at work), I (yes, it is my job to) find this:


PORT     STATE    SERVICE
53/tcp   open     domain

1029/tcp open     ms-lsa
1032/tcp open     iad3

3389/tcp open     ms-term-serv


Why would 1029 and 1032 need to be open from the outside?

-Kill


--
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
Strange ports, killy <= RE: Strange ports, Erin Carroll Re: Strange ports, Jason Barbier Message not available Re: Strange ports, StaticRez Re: Strange ports, zion Re: Strange ports, R. DuFresne Re: Strange ports, Christine Kronberg Re: Strange ports, Tim Shea Re: Strange ports, killy Re: Strange ports, ebk_lists Re: Re: Strange ports, brian . marino

Previous by Date:	Re: Pentesting Openmail Web login, R. DuFresne
Next by Date:	RE: Strange ports, Erin Carroll
Previous by Thread:	Re: Pentesting Openmail Web login, R. DuFresne
Next by Thread:	RE: Strange ports, Erin Carroll
Indexes:	[Date] [Thread] [Top] [All Lists]