SuperChicoMJ
asked on
Lots of Unknown TCP Ports
Have quite a bit of data on this SonicWall Soho3 that is moving over the T1. Outside of the Wec, the Citrix, and the Send Mail, I am confused on these port numbers. The first 3 on the list are all Unlisted. So I am a bit confused. Anyone have any idea what is causing all this traffic?
Thanks in advance. M.J.
1 TCP Port 49109 (6,49109) 133.703
2 TCP Port 42342 (6,42342) 132.898
3 TCP Port 8080 (6,8080) 114.842
4 Web (HTTP) (6,80) 75.072
5 Citrix (6,1494) 23.210
6 Send Email (SMTP) (6,25) 14.454
7 TCP Port 5001 (6,5001) 11.623
8 TCP Port 41389 (6,41389) 7.217
9 TCP Port 43071 (6,43071) 7.140
10 TCP Port 43972 (6,43972) 7.080
11 TCP Port 41396 (6,41396) 6.421
12 TCP Port 43993 (6,43993) 6.339
13 TCP Port 43076 (6,43076) 6.267
14 TCP Port 43987 (6,43987) 5.960
15 TCP Port 43075 (6,43075) 5.951
16 TCP Port 41393 (6,41393) 5.920
17 HTTPS (6,443) 5.850
18 TCP Port 41589 (6,41589) 3.329
19 TCP Port 41590 (6,41590) 3.282
20 TCP Port 44746 (6,44746) 3.281
21 TCP Port 44810 (6,44810) 3.274
22 TCP Port 41782 (6,41782) 3.191
23 TCP Port 41581 (6,41581) 3.180
24 TCP Port 41580 (6,41580) 3.174
25 TCP Port 44474 (6,44474) 3.172
Thanks in advance. M.J.
1 TCP Port 49109 (6,49109) 133.703
2 TCP Port 42342 (6,42342) 132.898
3 TCP Port 8080 (6,8080) 114.842
4 Web (HTTP) (6,80) 75.072
5 Citrix (6,1494) 23.210
6 Send Email (SMTP) (6,25) 14.454
7 TCP Port 5001 (6,5001) 11.623
8 TCP Port 41389 (6,41389) 7.217
9 TCP Port 43071 (6,43071) 7.140
10 TCP Port 43972 (6,43972) 7.080
11 TCP Port 41396 (6,41396) 6.421
12 TCP Port 43993 (6,43993) 6.339
13 TCP Port 43076 (6,43076) 6.267
14 TCP Port 43987 (6,43987) 5.960
15 TCP Port 43075 (6,43075) 5.951
16 TCP Port 41393 (6,41393) 5.920
17 HTTPS (6,443) 5.850
18 TCP Port 41589 (6,41589) 3.329
19 TCP Port 41590 (6,41590) 3.282
20 TCP Port 44746 (6,44746) 3.281
21 TCP Port 44810 (6,44810) 3.274
22 TCP Port 41782 (6,41782) 3.191
23 TCP Port 41581 (6,41581) 3.180
24 TCP Port 41580 (6,41580) 3.174
25 TCP Port 44474 (6,44474) 3.172
ASKER
Checked the port assignments already. Did not find much.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
generally, very high number ports are not reserved for commercial use. there are proprietary applications that do use these however, anything can use those ports. its not uncommon to find worms, trojans... using high level port numbers to look unsuspicious. mainly designed for public use to avoid conflictions with commercial use.
here is the latest port number revisions as posted by IANA
http://www.iana.org/assignments/port-numbers