Server 2003. When I telnet to port 5900, Pop3 server replies
Posted on 2006-10-19
I have been unable to run VNC in server mode on our Windows 2003 Standard Edition Server. When I telnet to port 5900, I get the response : "220 Internet Acces Protocol 3". (Access is mis-spelt in the response).
Typing Help provides a list of 40 three and four-letter commands, none of which I can run because I can't get authenticated by the program.
I've uninstalled VNC and am pretty sure it is not a left-over service from that program. We run VNC on a couple of servers (without problem) and when I telnet to 5900 on these servers, I get "RFB 003.008".
My guess is that this is a trojan, but nothing that my AV software has found.
Checking through the system services provides no answer and, obviously if it's malicious, I want it off of our server.
Any ideas what this program might be, and any way to get rid of it.