[Dshield] Scans on port 3659?

Andre Costa brblueser at uol.com.br
Fri Nov 8 19:58:32 GMT 2002

Hi Aleph0.

thks for replying, please refer to my last post with updated info.



On Fri, 8 Nov 2002 11:24:31 -0800
"ALEPH0" <aleph0 at pacbell.net> wrote:

> Do a netstat.  The "-p" option (under linux) will give you PIDs and
> program names for your listeners.  If you aren't listening on that
> port, it might be yet another trojan port that someone is trawling for
> infectees.
> -----Original Message-----
> From: list-admin at dshield.org [mailto:list-admin at dshield.org]On Behalf
> Of Ed Truitt
> Sent: Friday, November 08, 2002 9:47 AM
> To: list at dshield.org
> Subject: Re: [Dshield] Scans on port 3659?
> Have you tried running the netstat command to see if you have anything
> listening on that port?  If you don't have something listening, then
> it is probably not legit traffic.  If you do, then you need to look at
> what it is and determine if it is legit or not.
> Port 3659 is not assigned according to IANA.
> Cheers,
> Ed Truitt
> PGP fingerprint:  5368 D25E 468C A250 9833  CCD6 DBAE 9C25 02F9 0AB9
> http://www.etee2k.net
> http://www.bsatroop148.org
> "Note to spammers:  my 'delete' key is connected to YOUR ISP.
>  Also, if you send me UCE, I reserve the right to post your spew
> on my Web site, with the appropriate color commentary, so that
> others may have a good laugh at your expense."

Andre Oliveira da Costa

More information about the list mailing list