Good morning,
I dont know why netstat was not bringing up the open ports, but I think Í
know what the Norton AV thing is all about. A Norton Enterprise Edition for
example consists of one (ore more) Server and one (ore more) Clients. The
clients are getting for example newest virus files updates not from the
internet but by those NAV Server. This will save costs of transmission
because just the server is opening the line once, getting the updates, and
then is distributing them to the clients. This communication between NAV
Server and NAV Client ist done via TCP/IP or via IPX ... and on TCP/IP its
done on port: (one moment, I have to look to the handbook): 2967 ... for IPX
(for Novell Clients e.g.) it is 33345. But the handbook says also:
1.) You can set the IP port as you want (so maybe it was changed manually)
2.) If the dedicated IP port is blocked at the moment where the
Client-Server communication should start, NAV will take any other free port
it could get.
Hope this helps
Michael
----- Original Message -----
From: "Michael Zimmermann"
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
At Monday 05 August 2002 16:37 Florian Schie?l wrote: [about open ports 389 and 1720]
Now I'm sure... From 3 other hosts, there are no unusual open ports... It's really being caused from the Norton-AV on my local host...
Now, please do someone enlighten me:
Why do the open ports don't show up on the output of netstat -l -n ??? Open Ports, which don't show up in netstat? What may Norton-AV be doing here?
Thanks for the know-how, or any hint or pointer into this quest.
Michael - -- Michael Zimmermann (Vegaa Safety and Security for Internet Services) Key fingerprint = 1E47 7B99 A9D3 698D 7E35 9BB5 EF6B EEDB 696D 5811 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQE9Tty772vu22ltWBERAgumAJ9vXhBWDedewqK7Rlj2fQcGCGABjwCfRF7i s04xwqvSftnJQF5dY6R31p4= =Hnnr -----END PGP SIGNATURE-----
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
--- Ausgehende Mail ist zertifiziert virenfrei. Überprüft durch AVG Antivirus System (http://www.grisoft.com/de). Version: 6.0.380 / Virendatenbank: 213 - Erstellungsdatum: 24.07.2002