| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Re: UDP port 445 |
From: "Hrvoje Mesing" Sorry ... .. [cut] .. Process ID: 4 (System) System Process PID Port Local IP State Remote IP:Port 4 TCP 445 0.0.0.0 LISTENING 0.0.0.0:41142 4 UDP 445 0.0.0.0 *:* Port Statistics TCP mappings: 1 UDP mappings: 1 TCP ports in a LISTENING state: 1 = 100.00% Could not access module information for this process .. [cut] .. From : http://www.microsoft.com/france/entrepreneur/solutions/sgc/articles/sec_iis_6_0 .mspx .. [cut] .. SMB utilise les ports suivants : . Port TCP 139 . Port TCP et UDP 445 (SMB Direct Host) NetBIOS utilise les ports suivants : . Port TCP et UDP (User Datagram Protocol) 137 (service de noms NetBIOS) . Port TCP et UDP 138 (service de datagrammes NetBIOS) . Port TCP et UDP 139 (service de sessions NetBIOS) .. [cut] .. Also, should check: http://www.iana.org/assignments/port-numbers, do not just check for 445, first read the entry, then check the comments. Nice (!!): http://vabo1.jp.apan.net/flow/, will show You the example of port consuming, which is more used in our example TCP or UDP on "some" server. From: http://support.microsoft.com/default.aspx?scid=kb;en-us;832017: 445 TCP SMB Fax Service 445 TCP SMB Print Spooler 445 TCP SMB Server 445 TCP SMB Remote Procedure Call Locator 445 TCP SMB Distributed File System 445 TCP SMB License Logging Service 445 TCP SMB Net Logon .. no one talking 'bout UDP :) .. this is just a 5 min. Quich Peak in the whole Question. Also, there is a problem in quereying System process ("Could not access module information for this process"), so, the only good way to find out which processes are using the 445 UDP and what is coming and going over it is to use Port mapper like portqry with -local -wport* switches and something like NetMon to capture the traffic then anaylze - Snort and tcpdump could come in handy. Also, MS should document stuff better (revisited KB pages), as registry and hidden registry values (alternative is to use RegMon and check for missed values) to find out how in the Hell to controll this system, WinXP or Win2K3 ... Goto eat something. Enjoy All + Best in New 2005 to everyone. -+- M. --- BBBS/NT v4.01 Flag-5* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45) SEEN-BY: 633/267 270 5030/786 @PATH: 379/45 1 106/2000 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.