December 15th, 2001, 11:55 AM
hello again thanks for the earlier replys helped alot....anyway
running netstat -a on w2k and finding on my dos promptī(besides some tcp and other UDp's)
Proto local address foreignaddress state
UDP 'usergroup:38037 *.*
UDP 'usergroup:isakmp' *.*
What does UDP that TCP does not and on such a high port number?
isakmp what is that??
What range on the port numbers listening are normal (I heard somepeople open backdoors on high portnumbers)?
New to security and networking,
December 15th, 2001, 03:48 PM
port 38037 + TCP + UDP
Welcome to Our World: Have fun!
Port 38037 = UDP C:\WINNT\System32\MsgSys.EXE
could've been the port netstat was running on
The Internet standard protocols and networking applications run on lower numbered ports but there are many higher numbered ports that registered apps operate on.
You need to use more than one tool/technique to find out what's happening with your system.
---- TCP ---
TCP offers reliability by providing connection-oriented, end-to-end reliable packet delivery through an internetwork.
It does this by sequencing bytes with a forwarding acknowledgment number that indicates to the destination the
next byte the source expects to receive. Bytes not acknowledged within a specified time period are retransmitted.
The reliability mechanism of TCP allows devices to deal with lost, delayed, duplicate, or misread packets. A time-out
mechanism allows devices to detect lost packets and request retransmission.
TCP offers efficient flow control, which means that, when sending acknowledgments back to the source,
the receiving TCP process indicates the highest sequence number it can receive without overflowing its internal buffers.
Full-duplex operation means that TCP processes can both send and receive at the same time.
Finally, TCP's multiplexing means that numerous simultaneous upper-layer conversations can be multiplexed
over a single connection
---- UDP ---
Unlike the TCP, UDP adds no reliability, flow-control, or error-recovery functions to IP.
Because of UDP's simplicity, UDP headers contain fewer bytes and consume less network overhead than TCP.
UDP is useful in situations where the reliability mechanisms of TCP are not necessary, such as in cases where
a higher-layer protocol might provide error and flow control.
UDP is the transport protocol for several well-known application-layer protocols, including Network File System (NFS),
Simple Network Management Protocol (SNMP), Domain Name System (DNS), and Trivial File Transfer Protocol (TFTP).
Internet Security Association and Key Management Protocol.
Internet IPSec protocol [RFC 2408] that negotiates, establishes, modifies, and deletes security associations.
It also exchanges key generation and authentication data (independent of the details of any specific key generation technique),key establishment protocol, encryption algorithm, or authentication mechanism.
Noah built the ark BEFORE it rained.