Solved

Unknown ports

Posted on 2008-09-30
3
664 Views
Last Modified: 2012-05-05
I have been monitoring traffic on my WAN and I can see some traffic that I cant identify.

From a server running Windows 2003 R2 SP1 and Exchange 2003 I am seeing traffic on tcp port 1245. My analyzer is identifying the application as "isbconference2"

A separate server again running Win2k3 R2 SP1 and Exchange 2003 is pushing out traffic on tcp port 1230 and the analyzer is identifying this as application "periscope"

Please can you help me determine what this traffic is?
0
Comment
Question by:dgjlee
3 Comments
 
LVL 23

Expert Comment

by:Justin Durrant
Comment Utility
0
 
LVL 1

Author Comment

by:dgjlee
Comment Utility
Sorry... This answer is not applicable.
0
 
LVL 32

Accepted Solution

by:
harbor235 earned 500 total points
Comment Utility
Periscope Presentation software displays the screen of a Pocket PC onto a nearby desktop or laptop PC for projection, and remotely controls PowerPoint presentations, runs on port 1230

For port 1245 i found this
http://www.symantec.com/business/security_response/attacksignatures/detail.jsp?asid=20256
However,  isbconference2 run on this port as well, could be conferencing software, i would ask around and see if anyone is running these apps. Go to the server in question and list the software that is installed and see if any of the above software is installed . If not i would look at this from a potential security threat and runs some virus/malware program on this system.

harbor235 ;}

0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Managing 24/7 IT Operations is a hands-on job and indeed a difficult one. Over the years I have found some simple tips and techniques to increase the efficiency of the overall operations. The core concept has always been on continuous improvement; a…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now