|
Greetings!
Don Yakubowski wrote: I have a system running NT4 (SP4) with a proxy/firewall product on it acting as our Internet access point.It is a dual homed system,and is NOT offering any INBOUND services.All services are restricted tobeing initiated from the inside. I have been reviewing the state of services running and am seeing aservice I can't account for! Does anyone recognize the TCP port 41524 as belonging to any trojans,etc?My netstat -a output lists this port as listening,but it is not a known service to me. I realize alot oftrojans can be used on diff ports,but I am wondering if anyone recognizes this number from pastexperience.Could it even be some legitimate NT4 app or service? Don YakubowskiI guess you have CA/Cheyenne ArcServe running on your system? The Cheyenne Discovery Service does use this port. Disabling the service won't help to prevent ArcServe from sending our requests (will be reduced though) - only deinstalling all ArcServe will stop that. This is a known beature. I'd highly recommend disabling the Cheyenne Discovery Service and set all ArcServe services to manual (assuming non-automatic backups here). Bye
|
begin:vcard n:Tanger;Volker tel;fax:+49 - 69 - 92901-213 tel;work:+49 - 69 - 92901-570 x-mozilla-html:FALSE url:http://www.res.globalone.net/ org:Global One;Global Project Engineering version:2.1 email;internet:[EMAIL PROTECTED] title:Sr. Security Engineer adr;quoted-printable:;;Stiftstrasse 23=0D=0A;Frankfurt;;60313;Germany note;quoted-printable:Room 608=0D=0A fn:Volker Tanger end:vcard
