Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: Identifying Activity on Ports

  1. #1

    Question Identifying Activity on Ports

    I was reviewing my firewall's bandwidth usage by services report this morning, and found a number of ports active that I wasn't familiar with. Googled to get a full listing of ports, and what little I did find didn't tell me much. Googled each particular service I found to see if I could learn what exactly each service was -- no luck. So, here's a a list of all the ports and associated services I found them to be for via Googling:

    1580 tn-tl-rl
    1064 unassigned
    1285 unassigned
    1752 lofr-lm Leap of Faith Research License Manager
    1468 CSDM
    2747 fjippol-swrly
    3571 unassigned
    3758 unassigned
    4150 unassigned
    1063 unassigned
    1983 unassigned

    Does anybody have any idea what these services are? And regarding the "unassigned" ports, how do I figure out what the deal is with those, since they're evidently active?

  2. #2
    oldie ric-o's Avatar
    Join Date
    Nov 2002
    AK: Check out this site http://www.treachery.net/tools/ports/lookup.cgi as I find it very handy when researching these. It had a couple on there you had listed as unassigned.

    I assume these are destination/service ports right?

  3. #3
    Thanks, that did provide a little more. Here's the updated info:

    1064 JSTEL
    1285 neoiface
    1063 KyoceraNetDev
    1983 Loophole Test Protocol

    No clue what those services are though...

    /edit -- Ooooh, now this is interesting though. I did find info on one service:

    • gets you directly out to the Internet, through your company's firewall or web filter
    • encrypts where-you're-going and what-you're-doing-there
    • is discreet (can run from CD-ROM and use Camouflage Mode to avoid leaving tracks on your work computer)
    • uses your cable or DSL modem (uses your home computer's bandwidth while you're at work).
    Loophole uses HTTP tunneling to avoid filtering by the firewall or web filter. Tunneling combines with strong encryption to make your traffic secure against monitoring.
    Hmm...Looks like I have something to look into!

  4. #4
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    /edit -- Ooooh, now this is interesting though. I did find info on one service:
    Sounds like someones gonna be begging for their job really soon....
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  5. #5
    Sounds like someones gonna be begging for their job really soon....
    I know, I know, I had that coming. I am honestly working on de-noobing myself as quickly as possible though. You should see the stack of AO tuts I have printed out over here...Just cut me some slack and be glad I'm not asking how to hack Hotmail.

  6. #6
    Top Gun Maverick811's Avatar
    Join Date
    Oct 2001
    Shouldn't those ports be closed by default - closed unless explicity opened by the firewall ruleset? Might be worth digging into your firewall setup to make sure that everything is as it should be. ..
    - Maverick

  7. #7
    Good point. That firewall was configured by the intern who preceded me in this position, so that could be the case. Off I go to do some digging!

  8. #8
    Senior Member
    Join Date
    Oct 2002
    The port's you don't know about, simply type in the services into google and you'll get your answer as to what they are (that's normally what I do when I run a port scan or whatever and find services I dunno about).
    Space For Rent.. =]

  9. #9
    Yeah, I already did that, in keeping with the sacred rule of AO, but all I turned up were pages that said what service used the port, but didn't tell me anything about the service. Then I googled the service, and just found other websites that listed the service but didn't describe it (the exception being the Loophole software). Erg, maybe I'm just being impatient and not looking deep enough. I'll keep digging.

  10. #10
    Senior Member
    Join Date
    Apr 2004
    allways go here first --> http://www.iana.org/assignments/port-numbers
    valid providers use to put their odd ports there. Usually near port has a comment about who (and from where) has added that entry. Some entries that you didnt find are there...
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts