(200 Points) Some questions about netstat output
Posted on 2001-06-16
The questions I have this time have many times been asked on the net, but never were answered.
The output of netstat on a NT4 box shows the following mysterious ports beeing open and in listening state:
This arises some questions:
? what are they good for
? is there a program to do further tracking of the NT internals to get a hint (program name, dll name, anything that helps) what service or other software is bound to those ports, or other ports in general?
? when local ports are listed, I sometimes get ports
192.168.16.100 (local IP adress) as the source adress. Now I wonder what the difference is, if there is a difference at all.
I have, like usual, already checked various Internet sources (newsgroups, ms-kb, Technet) with no success. Especially the port 1027 questionseems to be a quite common one for people dealing with firewalling, but nobody ever got any satisfactory answer.
For a complete answer of all questions, the reward is 200. I do assume that probably more than one expert contributes. Splitting points on EE is still difficult. So I rate the question 100, and either increase points or post a dummy for other contributors when accepting and grading.