Solved

Known uses of TCP ports 3030 4357?

Posted on 2008-06-20
6
2,512 Views
Last Modified: 2011-10-19
We are seeing alot of traffic between 2 servers that really shoundt be comunicating and it is on tcp ports 3030 and 4357. does anyone know what theese ports are commonly used for?
0
Comment
Question by:mgartley
6 Comments
 
LVL 6

Accepted Solution

by:
JapyDooge earned 250 total points
ID: 21831563
Does these services names tell you something?
arepa-cas       3030/tcp   Arepa Cas

arepa-cas       3030/udp   Arepa Cas

qsnet-cond      4357/tcp   QSNet Conductor

qsnet-cond      4357/udp   QSNet Conductor

Open in new window

port-numbers.txt
0
 
LVL 9

Expert Comment

by:jasonr0025
ID: 21831580
arepa-cas uses tcp and udp port 3030 and all the info i can find on it says it is not a known virus port. QSNet Conductor uses 4357 tcp and udp.  I know this isn't much but all i could find.
HTH
Jason
0
 
LVL 21

Expert Comment

by:from_exp
ID: 21831660
i would suggest doing from cmd

netstat -aon
then check the pid in task manager to see the app using mentioned ports
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 18

Assisted Solution

by:Johnjces
Johnjces earned 250 total points
ID: 21833061
Here is a good link to the IANA port assignments, or those 'good' applications that have registered and reserved those ports...

http://www.iana.org/assignments/port-numbers

Of course, there is nothing to say that some new malware won't use any port it wants too as  long as it is not in use.

And here is very good listing of known virus ports and added info.

http://www.chebucto.ns.ca/~rakerman/trojan-port-table.html

John
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 21836652
You could just block those ports and if no one lodges valid complains, then it was not an authorized use ;-)

Cheers,
-Jon
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 21842447
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now