Re: OT: Unknown protocol on network [7:35331]
john, Rusers = unix command for checking who`s logged on Rstad = is a server which returns performance statistics obtained from the kernel walld = writes mesages to all users on system... all unix commands..these are RPC type commands... also found this PhoneFree (Watch Out! Opens a wide port range!) IN UDP 1034 - 1035 IN UDP 9900 - 9901 IN TCP 1034 - 1035 IN TCP 2644 IN TCP 8000 This Mapping is needed to hear the audio from the incoming party, outgoing audio would work without it. ** According to phonefree the ports you need open are: 8000 TCP For Server access 1034 UDP Voice in/out 1035 TCP Voice in/out 2644 TCP Personal Communication Center I found that port range 9900-9901 UDP is also needed but not mentioned at phonefree support. Also shut off any other firewall programs you may have running. HTH steve From: John Neiberger Reply-To: John Neiberger To: [EMAIL PROTECTED] Subject: OT: Unknown protocol on network [7:35331] Date: Wed, 13 Feb 2002 14:38:59 -0500 After watching a sniffer connected to one of our LANs we're seeing a lot of different clients attempting to reach UDP port 1034 on one of our primary servers. The source UDP port is in the range 1026-1033. I'm not able to find any good information regarding these ports. Some sites say that some of these are used by BBN Integrated Access Devices. I have no idea what those are and I'm pretty sure we don't have any around. :-) Other pages mention that 1032-1034 are used for rstatd, rusers, and walld. Again, I don't really know what those are but it looks like they'd be more appropriate in a unix context. Any ideas? Thanks! John _ Send and receive Hotmail on your mobile device: http://mobile.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=35515t=35331 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Unknown protocol on network [7:35331]
BBN Integrated Access Devices, This was the company that built the first switch/routers for arpanet. also they have somrthing to do with RSVP. hey wtah happeded to RSVP kinda fell out of favour huh OZ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=35591t=35331 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: Unknown protocol on network [7:35331]
After watching a sniffer connected to one of our LANs we're seeing a lot of different clients attempting to reach UDP port 1034 on one of our primary servers. The source UDP port is in the range 1026-1033. I'm not able to find any good information regarding these ports. Some sites say that some of these are used by BBN Integrated Access Devices. I have no idea what those are and I'm pretty sure we don't have any around. :-) Other pages mention that 1032-1034 are used for rstatd, rusers, and walld. Again, I don't really know what those are but it looks like they'd be more appropriate in a unix context. Any ideas? Thanks! John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=35331t=35331 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Unknown protocol on network [7:35331]
I found three that it could be. Any of the other ports open listed below? I hope this comes through readable... 1. Pal Talk [support page] (Watch Out! Opens a wide port range!) IN UDP 2090 [voice] IN UDP 2091 [control stream] IN TCP 2090 [file transfer] IN TCP 2091 [video listening] IN TCP 2095 [file transfer- older versions] OUT TCP 5001 - 50015 [text messaging] OUT TCP 8200 - 8700 [Firewall / network mode group voice] OUT UDP 8200 - 8700 [Firewall / network mode group voice] OUT UDP 1025 - 2500 [outbound voice control stream (user configurable)] The last 2 UDP outbound ports are usually set in pairs. 1024 - 1025, 1026 - 1027, etc... Most users never have to set these lower two ports. They are dynamically assigned if you leave the lower two boxes set to 0's on the 'paltalk port settings' tab. Outbound ports are usually not an issue but are listed here for network users who may need to manually configure for a proxy or NAT server or other hardware device. 2. Everquest (it's a videogame) (Watch Out! Opens a wide port range!) See this Everquest page for more info IN TCP 1024 7000 IN UDP 1024 6000 Note: May have to open this last UDP range even wider 3. CarbonCopy32 host on your LAN (Watch Out! Opens a wide port range!) INTCP 1680 INUDP 1023-1679 John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... After watching a sniffer connected to one of our LANs we're seeing a lot of different clients attempting to reach UDP port 1034 on one of our primary servers. The source UDP port is in the range 1026-1033. I'm not able to find any good information regarding these ports. Some sites say that some of these are used by BBN Integrated Access Devices. I have no idea what those are and I'm pretty sure we don't have any around. :-) Other pages mention that 1032-1034 are used for rstatd, rusers, and walld. Again, I don't really know what those are but it looks like they'd be more appropriate in a unix context. Any ideas? Thanks! John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=35334t=35331 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Unknown protocol on network [7:35331]
We now think that this is related to the Corporate Edition of Norton AntiVirus. There is some sort of scanning involved there, but I'm not very clear on the details. Our LAN people just rolled this version out into our network a couple of weeks ago which explains why I wasn't seeing it in the past. Thanks for the research! John Steven A. Ridder 2/13/02 1:00:53 PM I found three that it could be. Any of the other ports open listed below? I hope this comes through readable... 1. Pal Talk [support page] (Watch Out! Opens a wide port range!) IN UDP 2090 [voice] IN UDP 2091 [control stream] IN TCP 2090 [file transfer] IN TCP 2091 [video listening] IN TCP 2095 [file transfer- older versions] OUT TCP 5001 - 50015 [text messaging] OUT TCP 8200 - 8700 [Firewall / network mode group voice] OUT UDP 8200 - 8700 [Firewall / network mode group voice] OUT UDP 1025 - 2500 [outbound voice control stream (user configurable)] The last 2 UDP outbound ports are usually set in pairs. 1024 - 1025, 1026 - 1027, etc... Most users never have to set these lower two ports. They are dynamically assigned if you leave the lower two boxes set to 0's on the 'paltalk port settings' tab. Outbound ports are usually not an issue but are listed here for network users who may need to manually configure for a proxy or NAT server or other hardware device. 2. Everquest (it's a videogame) (Watch Out! Opens a wide port range!) See this Everquest page for more info IN TCP 1024 7000 IN UDP 1024 6000 Note: May have to open this last UDP range even wider 3. CarbonCopy32 host on your LAN (Watch Out! Opens a wide port range!) INTCP 1680 INUDP 1023-1679 John Neiberger wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... After watching a sniffer connected to one of our LANs we're seeing a lot of different clients attempting to reach UDP port 1034 on one of our primary servers. The source UDP port is in the range 1026-1033. I'm not able to find any good information regarding these ports. Some sites say that some of these are used by BBN Integrated Access Devices. I have no idea what those are and I'm pretty sure we don't have any around. :-) Other pages mention that 1032-1034 are used for rstatd, rusers, and walld. Again, I don't really know what those are but it looks like they'd be more appropriate in a unix context. Any ideas? Thanks! John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=35335t=35331 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
