Results 1 to 6 of 6

Thread: Nukleus Port 4326??

  1. #1
    Senior Member
    Join Date
    Aug 2002
    Posts
    508

    Nukleus Port 1463

    Hi,

    Anyone know what is "nukleus"?? I found this after I've done nmap to my Linux Box:

    WARNING: RST from port 1463 --------- is this port really open?

    WARNING: RST from port 1463 --------- is this port really open?

    WARNING: RST from port 1463 --------- is this port really open?


    Port ------ State---- Service
    1463/tcp ----- open ---- nukleus


    Thanks in advance for your information and BTW I don't run any "nukleus service" in my Box....or is that nukleus service from my ISP?

    edit : the title should be nukleus port 1463, I was looking at wrong number
    Not an image or image does not exist!
    Not an image or image does not exist!

  2. #2
    Now, RFC Compliant! Noia's Avatar
    Join Date
    Jan 2002
    Posts
    1,210
    y would if be from you ISP? if u ask me, since your not runnin it, might be a trojan, is this on your FreeBSD machine? or another?

    - Noia
    With all the subtlety of an artillery barrage / Follow blindly, for the true path is sketchy at best. .:Bring OS X to x86!:.
    Og ingen kan minnast dei linne drag i dronningas andlet den fagre dag Då landet her kvilte i heilag fred og alle hadde kjærleik å elske med.

  3. #3
    Senior Member
    Join Date
    Aug 2002
    Posts
    508
    Hi,

    This is from another box, I tried to telnet to that port but "always time out"( done lsof but nothing suspicious) and yes I don't run any server in this box, friend of mine said that service might be from my ISP cause I've already close every ports.
    If not from my ISP, what kind of trojan is it? tried google but no luck.

    Cheers noia
    Not an image or image does not exist!
    Not an image or image does not exist!

  4. #4
    Trumpet-Eared Gentoo Freak
    Join Date
    Jan 2003
    Posts
    992
    Hey,

    This is what I found :

    nucleus 1463/tcp Nucleus
    nucleus 1463/udp Nucleus
    # Venky Nagar <venky@fafner.Stanford.EDU>

    Got it from here :

    http://www.iana.org/assignments/port-numbers

    Don't know if this helps...
    Come and check out our wargame-site @ http://www.rootcontest.org
    We chat @ irc.smdc-network.org #lobby

  5. #5
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Took a bit of searching but it seems to be a data warehousing product made by a company called Sand. Check to see if port 1201 (I think that's it) is open as well as there seems to be two ports dedicated to Nucleus.

    http://www.hpcwire.com/dsstar/00/0620/101828.html

    http://www.hpcwire.com/dsstar/00/0215/101329.html

    http://www.sand.com

    Sorry that it's not more than that. Hope it helps.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  6. #6
    Senior Member
    Join Date
    Aug 2002
    Posts
    508
    Thanks guys/girl,

    I just found it that service is from "gaim messenger", I thought nukleus is "trojan" ...well at least I know gaim using nukleus for their service.
    I turn off gaim and I did nmap again to my Linux box and my FreeBSD laptop, this is what I've got:

    #nmap -sT -O -I -R 127.0.0.1
    Starting nmap 3.20 ( www.insecure.org/nmap/ ) at 2003-04-20
    Warning: OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port.
    All 1611 scanned ports on SWEET (127.0.0.1) are:closed
    Too many fingerprints match this host for me to give an accurate OS guess!
    Nmap run completed -- ! IP address (1 host up) scanned in 15.00 seconds


    Thanks again for that good links.


    Annya
    Not an image or image does not exist!
    Not an image or image does not exist!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •