RE: The Mysterious open port 500??
- From: "Joseph" <cismic@xxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 5 Mar 2002 13:03:48 -0800
500 tcp isakmp
500 udp isakmp
RFC2408
http://www.cis.ohio-state.edu/cgi-bin/rfc/rfc2408.html
RFC2407
http://www.cis.ohio-state.edu/cgi-bin/rfc/rfc2407.html
Some excellent information from MIT
http://web.mit.edu/network/isakmp/
Joseph
-----Original Message-----
From: Nick [mailto:nick.lovett@xxxxxxxxxxxxxxxx]
Sent: Tuesday, March 05, 2002 2:54 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] The Mysterious open port 500??
http://www.ISAserver.org
Hi all,
Culd someone help me out please.
I have an ISA server machine, connected to a broadband cable modem with
one Nic and my internal 192.168.x.x network with the other.
I think I have pretty much nailed down the security on the External
(cable) interface. All services are unbound from that card, packet
filtering is enabled Etc Etc.
Now, if I do a "Netstat -na" from the command prompt of the server, I
see
that all open tcp/ip connections (other than the http) are bound to the
internal nic (great). Except there is always a UDP session on my
external
Interface using port 500! Thus : UDP 211.28.x.x:500 *:*
Does anyone know what Port 500 is used for? I Cant find any information
about port 500. Could it be a trojan horse?
Thanks!
Nick
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
cismic@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
