Results 1 to 3 of 3

Thread: hopefully somebody can give me some insight...

  1. #1
    Join Date
    Feb 2002

    hopefully somebody can give me some insight...

    Hello all, I've returned to you guru's here at AO with another one of my questions.

    Today as I was downloading music using Kazaa Lite I decided to do a "netstat" for no reason other than I was bored and wanted to see all the hostnames go scrolling by. (Pathetic huh )

    Anyways, as the list scrolled by something caught my eye. It said under remote connections that "rickslaptop" was connected on port 3439 TCP. I googled for 'TCP port 3439' and learned that the port is an HRI interface port. I've included a screenshot of the netstat output if you want to see for yourself. I most likely would not have noticed but "rickslaptop" was the only thing that was provided as a remote name. I know it wasnt anybody from inside my home network, because we have no computers with that hostname. If it helps any I'm on a Cable connection behind a Netgear MR314 running Windows XP home.

    Some things I'm hoping you all can answer for me.

    1. What is an HRI interface port and what, if any, risks does it pose?
    2. How did this remote computer connect to me with just the name "rickslaptop"? (no domain)
    3. What process should I go through to make sure this doesnt happen again (assuming its a threat)

    Thanks in advance.

  2. #2
    1) ??? No clue.... Tell me if you find anything, because im interested =] From what I found its some kind of admin interface for some program... Get Ethereal and log some packets...
    2) It was probably someone on your node who accidentally connected to your computer... But then again, you can't be too sure...
    3) Block your IP subnet from access to your computer and allow only your local network to connect =]

  3. #3
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    New Jersey
    The best I could find for Port 3439(HRI Interface Port) is/was related to:
    Critical Link, LLC

    Apparently, Rickslaptop is/was the domain (I guess?)
    I did a search on "rickslaptop" on Yahoo and found
    this address: "009a01c0b0fe$24c2c5a0$3501a8c0@rickslaptop"
    this site here

    That was the best I could find for you, hope it helps somewhat.
    The object of war is not to die for your country but to make the other bastard die for his - George Patton

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts