Re: Unknown App

From: Sharad Birmiwal (sharadbirmiwal@gmail.com)
Date: Fri Jul 22 2005 - 05:30:48 EDT

• Next message: Fabián Gabriel Chiera: "Re: Unknown App"
• Previous message: Alexander Anisimov: "[PTsecurity] MaxPatrol Network Security Scanner - Free unlimited version has been released."
• In reply to: Scott Fuhriman: "Unknown App"
• Next in thread: Scott Fuhriman: "Unknown App"
• Reply: Scott Fuhriman: "Unknown App"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

i recently discovered some worm on my network that tried to spread a
payload file 'xxxxxxxx' by binding on port 80. it didn't serve a
banner or any webpages, but http://>/xxxxxxxx worked.

sharad birmiwal

On 7/21/05, Scott Fuhriman <fuhrimans@llix.net> wrote:
>
> The easiest and fastest approach is to use a port mapping utility like
> Active Ports
> (http://www.ntutility.com) or TCPview (www.sysinternals.com) (there are
> others like fport, etc...) which will allow you to see what process has port
> 80 open on the machines.
>
> This will allow you to identify what application/process is utilizing that
> port.
>
>
>
> Scott Fuhriman
>
>

• Next message: Fabián Gabriel Chiera: "Re: Unknown App"
• Previous message: Alexander Anisimov: "[PTsecurity] MaxPatrol Network Security Scanner - Free unlimited version has been released."
• In reply to: Scott Fuhriman: "Unknown App"
• Next in thread: Scott Fuhriman: "Unknown App"
• Reply: Scott Fuhriman: "Unknown App"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:37 EDT