Mailinglist Archive: opensuse-security (409 mails)

< Previous Next >
Re: [suse-security] Open Ports which do not show on netstat?
  • From: "Michael Haunzwickl" <michael.haunzwickl@xxxxxx>
  • Date: Tue, 6 Aug 2002 08:21:46 +0200
  • Message-id: <001801c23d11$8bcdbd90$f80a2b0a@xxxxxxxxxxx>
Good morning,

I dont know why netstat was not bringing up the open ports, but I think Í
know what the Norton AV thing is all about. A Norton Enterprise Edition for
example consists of one (ore more) Server and one (ore more) Clients. The
clients are getting for example newest virus files updates not from the
internet but by those NAV Server. This will save costs of transmission
because just the server is opening the line once, getting the updates, and
then is distributing them to the clients. This communication between NAV
Server and NAV Client ist done via TCP/IP or via IPX ... and on TCP/IP its
done on port: (one moment, I have to look to the handbook): 2967 ... for IPX
(for Novell Clients e.g.) it is 33345. But the handbook says also:

1.) You can set the IP port as you want (so maybe it was changed manually)
2.) If the dedicated IP port is blocked at the moment where the
Client-Server communication should start, NAV will take any other free port
it could get.

Hope this helps


----- Original Message -----
From: "Michael Zimmermann" <zim@xxxxxxxx>
To: <linux@xxxxxxxxxxxxxxxxxxx>; <suse-security@xxxxxxxx>
Sent: Monday, August 05, 2002 10:14 PM
Subject: [suse-security] Open Ports which do not show on netstat?

> Hash: SHA1
> At Monday 05 August 2002 16:37 Florian Schie?l wrote:
> [about open ports 389 and 1720]
> > Now I'm sure... From 3 other hosts, there are no unusual open ports...
> > It's really being caused from the Norton-AV on my local host...
> Now, please do someone enlighten me:
> Why do the open ports don't show up on the output
> of netstat -l -n ???
> Open Ports, which don't show up in netstat?
> What may Norton-AV be doing here?
> Thanks for the know-how, or any hint or pointer
> into this quest.
> Michael
> - --
> Michael Zimmermann (Vegaa Safety and Security for Internet Services)
> Key fingerprint = 1E47 7B99 A9D3 698D 7E35 9BB5 EF6B EEDB 696D 5811
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see
> iD8DBQE9Tty772vu22ltWBERAgumAJ9vXhBWDedewqK7Rlj2fQcGCGABjwCfRF7i
> s04xwqvSftnJQF5dY6R31p4=
> =Hnnr
> --
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here

Ausgehende Mail ist zertifiziert virenfrei.
Überprüft durch AVG Antivirus System (
Version: 6.0.380 / Virendatenbank: 213 - Erstellungsdatum: 24.07.2002

< Previous Next >