Lots of Unknown TCP Ports

Have quite a bit of data on this SonicWall Soho3 that is moving over the T1.  Outside of the Wec, the Citrix, and the Send Mail, I am confused on these port numbers.  The first 3 on the list are all Unlisted.  So I am a bit confused.  Anyone have any idea what is causing all this traffic?

Thanks in advance.  M.J.


1 TCP Port 49109 (6,49109) 133.703
2 TCP Port 42342 (6,42342) 132.898
3 TCP Port 8080 (6,8080) 114.842
4 Web (HTTP) (6,80) 75.072
5 Citrix (6,1494) 23.210
6 Send Email (SMTP) (6,25) 14.454
7 TCP Port 5001 (6,5001) 11.623
8 TCP Port 41389 (6,41389) 7.217
9 TCP Port 43071 (6,43071) 7.140
10 TCP Port 43972 (6,43972) 7.080
11 TCP Port 41396 (6,41396) 6.421
12 TCP Port 43993 (6,43993) 6.339
13 TCP Port 43076 (6,43076) 6.267
14 TCP Port 43987 (6,43987) 5.960
15 TCP Port 43075 (6,43075) 5.951
16 TCP Port 41393 (6,41393) 5.920
17 HTTPS (6,443) 5.850
18 TCP Port 41589 (6,41589) 3.329
19 TCP Port 41590 (6,41590) 3.282
20 TCP Port 44746 (6,44746) 3.281
21 TCP Port 44810 (6,44810) 3.274
22 TCP Port 41782 (6,41782) 3.191
23 TCP Port 41581 (6,41581) 3.180
24 TCP Port 41580 (6,41580) 3.174
25 TCP Port 44474 (6,44474) 3.172
SuperChicoMJAsked:
Who is Participating?
 
ViRoyConnect With a Mentor Commented:

The best way to determine what these ports are really being used for, is to use a packet sniffer to capture the data flowing to and from those ports. i would reccomend using ethereal for this, however this will require someone moderatley knowledgable to decipher what is happening by looking at the raw data. if you do not have someone available, maybe we can help read the data. (or you can fly me down there and ill do it for you at a reasonable rate)
0
 
ViRoyCommented:

generally, very high number ports are not reserved for commercial use. there are proprietary applications that do use these however, anything can use those ports. its not uncommon to find worms, trojans... using high level port numbers to look unsuspicious. mainly designed for public use to avoid conflictions with commercial use.

here is the latest port number revisions as posted by IANA
http://www.iana.org/assignments/port-numbers
0
 
SuperChicoMJAuthor Commented:
Checked the port assignments already.  Did not find much.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.