Can anyone provide any information on port 136, the profile naming system? I'm unable to find anything other than a crappy description of UDP after a search. It appears to be something specific to macs, is that correct?
Printable View
Can anyone provide any information on port 136, the profile naming system? I'm unable to find anything other than a crappy description of UDP after a search. It appears to be something specific to macs, is that correct?
The UDP port 136 uses the datagram protocol, a communications protocol for the Internet network layer, transport layer, and session layer. This protocol when used over port 136 makes possible the transmission of a datagram message from one computer to an application running in another computer.
Er, that's a description of UDP. I was looking for some info on "Profile Naming System". Thanks though!
ah well i dont have info on that others will help.
/ somewhat off topic
I am pretty sure I remember reading somewhere that port 136 was no longer used and that you should close (filter?) it.
Is that true?
:)
I found this,
http://www.seifried.org/security/ports/0/136.htmlQuote:
Port number: 136
Common name(s): Profile Name Service
Common service(s): Profile Name Server (depreciated)
Service description(s): This port is no longer used by legitimate services.
Common server(s): None
Common client(s): None
Common problem(s): NA
Encrypted options: NA
Secure options: NA
Firewalling recommendations: Firewall port 136 inbound and outbound as it should not be used for anything.
Attack detection:
Related ports: NA
Related URL(s):
Other notes:
IANA ports lists information:
Port Number: 136
Protocol: tcp
Name: profile
Description: PROFILE Naming System
IANA ports lists information:
Port Number: 136
Protocol: udp
Name: profile
Description: PROFILE Naming System
Last updated 08/08/2005
Copyright Kurt Seifried 2005
yea that goes along with the UDP.
Short story is that I've got something on my network with 136 open. People have a history of bringing machines in and plugging them in, I'm just trying to get to the bottom of it without shutting the box down (cutting its network access off).
My other fear is that the box might be infected and sitting on my network. Is anyone aware of a particuler exploit or virus that causes this port to open? I haven't noticed a problem with any of my other machines yet.
Don't hesitate to kill that box.....
I have never come across this port open on any machine. I find this site to be useful and up to date for potential issues with a specific port and it lists nothing for 136. To me that implies that it's a custom port.... Do you get any response, (like an banner or something), from it? Since it appear's to be custom I would kill it and run FPort or similar on it to see what app is opening the port.
Thanks for the info, Tiger. I didn't think of that. I'll give that a quick shot and kill the machine afterwards.