RE: Access on Port 1

• From: Troy Radtke <TRadtke@xxxxxxxxxxxx>
• To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 27 Jul 2004 09:35:33 -0500

I searched on TCP/IP port listing

From the quick reading I did, I couldn't tell you if it's good or not.

-----Original Message-----
From: Jason Merrique [mailto:j.merrique@xxxxxxxxxxxxxxx] 
Sent: Tuesday, July 27, 2004 9:21 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Access on Port 1


http://www.ISAserver.org

Hi Troy,

You know, I did try google, but for some reason the phrase 'Port 1' doesn't
return much :\
(http://www.google.co.uk/search?sourceid=navclient&ie=UTF-8&oe=UTF-8&q=I
SA+%22destination+port%22+%22port+1%22)

Should I be expecting this from my a DC on my internal network? I've done a
scan and have found nothing. Then I allowed the traffic through, and now it
has stopped. Very bizarre. Would be great to know exactly what it was.
Thanks for putting me on track with tcpmux though :)

Cheers,

Jason

> -----Original Message-----
> From: Troy Radtke [mailto:TRadtke@xxxxxxxxxxxx]
> Sent: 27 July 2004 15:17
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Access on Port 1
> 
> http://www.ISAserver.org
> 
> Google is your friend =?)
> 
> Port number: 1
> 
> Common name(s): tcpmux
> 
> Common service(s): tcpmux
> 
> Service description(s): TCP multiplexer
> 
> Common server(s): tcpmux (sometimes named "simple tcp service")
> 
> Common client(s):
> 
> Common problem(s):
> 
> Encrypted options: N/A
> 
> Secure options: N/A
> 
> Firewalling recommendations: Firewall port 1
> 
> Attack detection: Virtually all traffic to port 1 can be
> considered hostile.
> 
> Related URL(s):
> 
> Other notes: RFC 1078
> 
>  
> 
> -----Original Message-----
> From: Jason Merrique [mailto:j.merrique@xxxxxxxxxxxxxxx]
> Sent: Tuesday, July 27, 2004 8:43 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Access on Port 1
> 
> 
> http://www.ISAserver.org
> 
> Hi chaps,
> 
> Quick question, one of our DC's keeps sending traffic to port
> 1 on our ISA
> server. Should I allow this? Should I be worried?
> 
> Cheers,
> 
> Jason
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading 
> Network Software Directory: http://www.serverfiles.com No.1 Exchange 
> Server Resource Site: http://www.msexchange.org Windows Security
> Resource Site:
> http://www.windowsecurity.com/ Network Security Library:
> http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tradtke@xxxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading 
> Network Software Directory: http://www.serverfiles.com No.1 Exchange 
> Server Resource Site: http://www.msexchange.org Windows Security 
> Resource Site: http://www.windowsecurity.com/ Network Security 
> Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: 
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: j.merrique@xxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com No.1 Exchange Server
Resource Site: http://www.msexchange.org Windows Security Resource Site:
http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tradtke@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist

Other related posts:

• » Access on Port 1
• » RE: Access on Port 1
• » RE: Access on Port 1
• » RE: Access on Port 1
• » RE: Access on Port 1
• » RE: Access on Port 1
• » RE: Access on Port 1
• » RE: Access on Port 1

1. Home
2. isalist
3. Archive
4. 07-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---