-
April 21st, 2003, 08:26 AM
#1
Nukleus Port 1463
Hi,
Anyone know what is "nukleus"?? I found this after I've done nmap to my Linux Box:
WARNING: RST from port 1463 --------- is this port really open?
WARNING: RST from port 1463 --------- is this port really open?
WARNING: RST from port 1463 --------- is this port really open?
Port ------ State---- Service
1463/tcp ----- open ---- nukleus
Thanks in advance for your information and BTW I don't run any "nukleus service" in my Box....or is that nukleus service from my ISP?
edit : the title should be nukleus port 1463, I was looking at wrong number
Not an image or image does not exist!
Not an image or image does not exist!
-
April 21st, 2003, 09:17 AM
#2
y would if be from you ISP? if u ask me, since your not runnin it, might be a trojan, is this on your FreeBSD machine? or another?
- Noia
With all the subtlety of an artillery barrage / Follow blindly, for the true path is sketchy at best. .: Bring OS X to x86!:.
Og ingen kan minnast dei linne drag i dronningas andlet den fagre dag Då landet her kvilte i heilag fred og alle hadde kjærleik å elske med.
-
April 21st, 2003, 09:48 AM
#3
Hi,
This is from another box, I tried to telnet to that port but "always time out"( done lsof but nothing suspicious) and yes I don't run any server in this box, friend of mine said that service might be from my ISP cause I've already close every ports.
If not from my ISP, what kind of trojan is it? tried google but no luck.
Cheers noia
Not an image or image does not exist!
Not an image or image does not exist!
-
April 21st, 2003, 11:37 AM
#4
Hey,
This is what I found :
nucleus 1463/tcp Nucleus
nucleus 1463/udp Nucleus
# Venky Nagar <venky@fafner.Stanford.EDU>
Got it from here :
http://www.iana.org/assignments/port-numbers
Don't know if this helps...
-
April 21st, 2003, 12:16 PM
#5
Took a bit of searching but it seems to be a data warehousing product made by a company called Sand. Check to see if port 1201 (I think that's it) is open as well as there seems to be two ports dedicated to Nucleus.
http://www.hpcwire.com/dsstar/00/0620/101828.html
http://www.hpcwire.com/dsstar/00/0215/101329.html
http://www.sand.com
Sorry that it's not more than that. Hope it helps.
-
April 21st, 2003, 07:06 PM
#6
Thanks guys/girl,
I just found it that service is from "gaim messenger", I thought nukleus is "trojan" ...well at least I know gaim using nukleus for their service.
I turn off gaim and I did nmap again to my Linux box and my FreeBSD laptop, this is what I've got:
#nmap -sT -O -I -R 127.0.0.1
Starting nmap 3.20 ( www.insecure.org/nmap/ ) at 2003-04-20
Warning: OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port.
All 1611 scanned ports on SWEET (127.0.0.1) are:closed
Too many fingerprints match this host for me to give an accurate OS guess!
Nmap run completed -- ! IP address (1 host up) scanned in 15.00 seconds
Thanks again for that good links.
Annya
Not an image or image does not exist!
Not an image or image does not exist!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|