[Dshield] Great article on Port Enumerators

Yevette Maurer yevettem at gsmt.com
Wed Oct 22 16:53:58 GMT 2003

I thought this might be helpful to a lot of people on this list. I found it
informative with good reviews on Port Enumerators.


Review: 11 Port Enumerators
One of the most frequently fielded questions among security
analysts is, "Do I have a Trojan horse program if I've found a port
open on my computer?" Variations of this question litter security
mailing lists, but the answer is always the same: Trace the port
number to the program that's opening the port, and investigate the
program. The process of tracing an open port to its causative agent is
called port enumeration (or port mapping). Of course, the answer
assumes that you have an adequate understanding of port numbers, a
good port-enumeration tool, and the ability to research whether the
found program is malicious. Roger A. Grimes takes a look at port
enumeration in general, then reviews 11 Windows port enumerators.

More information about the list mailing list