|
-
January 9th, 2006, 05:25 AM
#1
Port 136 - Profile Naming System
Can anyone provide any information on port 136, the profile naming system? I'm unable to find anything other than a crappy description of UDP after a search. It appears to be something specific to macs, is that correct?
-
January 9th, 2006, 05:33 AM
#2
The UDP port 136 uses the datagram protocol, a communications protocol for the Internet network layer, transport layer, and session layer. This protocol when used over port 136 makes possible the transmission of a datagram message from one computer to an application running in another computer.
"When in doubt, use Brute Force."
Never argue with an idiot. They'll drag you down to their level, then beat you with experience.
-
January 9th, 2006, 05:50 AM
#3
Er, that's a description of UDP. I was looking for some info on "Profile Naming System". Thanks though!
-
January 9th, 2006, 06:51 AM
#4
ah well i dont have info on that others will help.
"When in doubt, use Brute Force."
Never argue with an idiot. They'll drag you down to their level, then beat you with experience.
-
January 9th, 2006, 07:11 AM
#5
/ somewhat off topic
I am pretty sure I remember reading somewhere that port 136 was no longer used and that you should close (filter?) it.
Is that true?
-
January 9th, 2006, 07:23 AM
#6
I found this,
Port number: 136
Common name(s): Profile Name Service
Common service(s): Profile Name Server (depreciated)
Service description(s): This port is no longer used by legitimate services.
Common server(s): None
Common client(s): None
Common problem(s): NA
Encrypted options: NA
Secure options: NA
Firewalling recommendations: Firewall port 136 inbound and outbound as it should not be used for anything.
Attack detection:
Related ports: NA
Related URL(s):
Other notes:
IANA ports lists information:
Port Number: 136
Protocol: tcp
Name: profile
Description: PROFILE Naming System
IANA ports lists information:
Port Number: 136
Protocol: udp
Name: profile
Description: PROFILE Naming System
Last updated 08/08/2005
Copyright Kurt Seifried 2005
http://www.seifried.org/security/ports/0/136.html
\"And life is what we make it. Always has been, always will be.\"
-
January 9th, 2006, 01:35 PM
#7
yea that goes along with the UDP.
"When in doubt, use Brute Force."
Never argue with an idiot. They'll drag you down to their level, then beat you with experience.
-
January 9th, 2006, 02:02 PM
#8
Short story is that I've got something on my network with 136 open. People have a history of bringing machines in and plugging them in, I'm just trying to get to the bottom of it without shutting the box down (cutting its network access off).
My other fear is that the box might be infected and sitting on my network. Is anyone aware of a particuler exploit or virus that causes this port to open? I haven't noticed a problem with any of my other machines yet.
-
January 9th, 2006, 02:17 PM
#9
Don't hesitate to kill that box.....
I have never come across this port open on any machine. I find this site to be useful and up to date for potential issues with a specific port and it lists nothing for 136. To me that implies that it's a custom port.... Do you get any response, (like an banner or something), from it? Since it appear's to be custom I would kill it and run FPort or similar on it to see what app is opening the port.
Don\'t SYN us.... We\'ll SYN you..... 
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
January 9th, 2006, 02:21 PM
#10
Thanks for the info, Tiger. I didn't think of that. I'll give that a quick shot and kill the machine afterwards.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
