Please see http://www.securityfocus.com/bid/282 for more
information on possible vulnerabilities on port 2301, especially if
the ports are accessible from an untrusted network.
Steve
[EMAIL PROTECTED] wrote:
>
>
> 2301 is used by the Compaq Insight management application. It is often
> running by default on a Compaq server install.
>
> > -----Original Message-----
> > From: Carric Dooley [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, May 23, 2000 12:57 PM
> > To: Low Lay Hua; [EMAIL PROTECTED]
> > Subject: Re: [FW1] udp 2301
> >
> >
> >
> > 12345 is the default port for Netbus...
> >
> > I have no idea what someone would be doing on 2301 udp unless they are
> > trying to comoufage a trojan by running it on that port. Do
> > you have a
> > sniffer??
> >
> > Carric Dooley
> > Network Security Consultant
> >
> > "I have often regretted my speech, never my silence."
> > - Xenocrates (396-314 B.C.)
> >
> >
> >
> > ----- Original Message -----
> > From: "Low Lay Hua" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Monday, May 22, 2000 9:01 PM
> > Subject: [FW1] udp 2301
> >
> >
> > >
> > > Hi,
> > >
> > > One of my firewall logs, have entry for udp 2301 every 2 mins from a
> > > particular IP address.
> > >
> > > Someone told me that 2301/udp is cpq-wbem (Compaq HTTP).
> > >
> > > Appreciate if anyone could let me know what is 2301/udp doing?
> > >
> > > I also saw 12345/tcp service on my logs. What is that?
> > >
> > > I understand all this service is user defined service. But
> > I would like
> > > to know how dangerous is it.
> > >
> > > Pls advise.
> > >
> > > Many thanks.
> > >
> > >
> > --------------------------------------------------------------
> > ------------
> > -
> > > Low Lay Hua Tel: 65 4719828
> > > Network Operation Centre Fax: 65 4753273
> > > Singapore Telecom [EMAIL PROTECTED]
> > >
> > > PGP Public Key: http://corporate.singnet.com.sg/layhua/PGP
> > > Key fingerprint = 90 58 94 77 BE FC 28 D1 5B 48 18 B1 69 73 06 D1
> > >
> > --------------------------------------------------------------
> > ------------
> > --
> > >
> > >
> > >
> > >
> > ==============================================================
> > ==============
> > ====
> > > To unsubscribe from this mailing list, please see the
> > instructions at
> > > http://www.checkpoint.com/services/mailing.html
> > >
> > ==============================================================
> > ==============
> > ====
> > >
> >
> >
> >
> > ==============================================================
> > ==================
> > To unsubscribe from this mailing list, please see the
> > instructions at
> > http://www.checkpoint.com/services/mailing.html
> > ==============================================================
> > ==================
> >
>
>
> ***********************************************************************
> Gruntal & Co., L.L.C.'s e-mail system is for business purposes only.
> Messages are not confidential. All e-mail may be reviewed by
> authorized supervisors, compliance or internal audit personnel.
> E-mail will be archived for at least three years and may be produced
> to regulatory agencies or others with a legal right to access such
> information. Gruntal will not accept trade order instructions via
> e-mail. Please telephone your Account Executive to place trade orders.
>
> Gruntal & Co., L.L.C.
> ***********************************************************************
--
Steven Lee, CISSP (206) 762-4000 x104
Senior Network Security Engineer (206) 762-4400 FAX
AVCOM Technologies, Inc. (800) 817-9525 Pager
4636 E Marginal Way S, Ste B-100 http://www.avcom.com
Seattle, WA 98134-2383 mailto:[EMAIL PROTECTED]
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
