Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Port 8081 mystery

from [George A. Theall] Network Security [Permanent Link]
Subject: Re: Port 8081 mystery
Date: Tue, 23 Jan 2007 20:00:15 -0500 
On Tue, Jan 23, 2007 at 10:07:26PM +0400, WALI wrote:


I ran a nmap scan on quite a few machines on my internal subnet and one 
port that appears on all those scans, especially the machines that are 
still running adequately patched but older Windows 2000 workstations, is 
tcp 8081. Though nmap shows this as blackice-icecap port I do not find any 
such application running in task manager neither is this installed.

nestat-a just lists this port as 'Listening' and does not list any 
application name assigned to it, 


Since you have access to the box, you may want to try running a tool
like SysInternal's TCPView:

  http://www.microsoft.com/technet/sysinternals/utilities/TcpView.mspx

That should tell you which process is listening on that port. From there,
you should be able to get a better idea of what it's for.


Nessus Scan (tis weeks plugin feed) does not show this port listed amongst 
any vulnerability.


Be sure to:

  1) Make sure 8081 is included in the port range used for your scans,
     otherwise Nessus won't test it at all.
  2) Make sure you enable "Thorough tests" so that Nessus will look
     harder for servers on non-standard ports.
  3) Make sure you configure the client so that "Test SSL based 
     services" is set to "ALL" so that Nessus will look for SSL-enabled
     services on non-standard ports.


George
-- 
theall@tifaware.com

Attachment: pgpLDdwov0lMB.pgp
Description: PGP signature

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Port 8081 mystery, levinson_k
Next by Date:  Re: Port 8081 mystery, WALI
Previous by Thread:  RE: Port 8081 mystery, Remad
Next by Thread:  Re: Port 8081 mystery, Johnny Wong
Indexes:  [Date] [Thread] [Top] [All Lists]