Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Unknown ports

Posted on 2008-09-30
3
Medium Priority
?
684 Views
Last Modified: 2012-05-05
I have been monitoring traffic on my WAN and I can see some traffic that I cant identify.

From a server running Windows 2003 R2 SP1 and Exchange 2003 I am seeing traffic on tcp port 1245. My analyzer is identifying the application as "isbconference2"

A separate server again running Win2k3 R2 SP1 and Exchange 2003 is pushing out traffic on tcp port 1230 and the analyzer is identifying this as application "periscope"

Please can you help me determine what this traffic is?
0
Comment
Question by:dgjlee
3 Comments
 
LVL 23

Expert Comment

by:Justin Durrant
ID: 22606591
0
 
LVL 1

Author Comment

by:dgjlee
ID: 22606905
Sorry... This answer is not applicable.
0
 
LVL 32

Accepted Solution

by:
harbor235 earned 1500 total points
ID: 22613533
Periscope Presentation software displays the screen of a Pocket PC onto a nearby desktop or laptop PC for projection, and remotely controls PowerPoint presentations, runs on port 1230

For port 1245 i found this
http://www.symantec.com/business/security_response/attacksignatures/detail.jsp?asid=20256
However,  isbconference2 run on this port as well, could be conferencing software, i would ask around and see if anyone is running these apps. Go to the server in question and list the software that is installed and see if any of the above software is installed . If not i would look at this from a potential security threat and runs some virus/malware program on this system.

harbor235 ;}

0

Featured Post

Prepare for an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program curriculum features two internationally recognized certifications from the EC-Council at no additional time or cost.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

879 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question