[c-nsp] Router TCP ports

Min Qiu mqiu at pop2pop.com
Mon Aug 22 10:39:13 EDT 2005


2065 could be aux port.

Min

> -----Original Message-----
> From: Cheung, Rick [mailto:Rick.Cheung at nextelpartners.com] 
> Sent: Monday, August 22, 2005 9:39 AM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] Router TCP ports
> 
> 
> 
> 	Hi, folks, I have a 2620 running 12.3.13 with the IPSec/FW/IDS
> feature set. Doing a port scan against the router, I notice 
> in addition
> to 22, ports 2065, 4065, 6065, 9065 open as well.
> 
> 	This is with "transport input ssh" configured on the VTYs. When
> I telnet to the router, it resets the connection, as expected. Oddly
> enough, telnetting to the router on 2065, 4065, and 6065 reveals the
> login banner, and the username prompt, but it does not allow 
> any input,
> and it times out within five seconds. Telnetting to port 9065, the
> router completes the three way handshake, but immediately resets the
> connection; no login prompt.
> 
> 	I'm just curious as to what those ports are. Anyone know?
> 
> 	A 2811 running 12.4.T2 Advanced IP Security also has high
> numbered ports open: 2001, 4001, 6001, 9001. It exhibits the same
> behavior as with the 2620.
> 
> 
> 
> 
> Thanks,
> Rick Cheung
> NPI IT Wan Analyst
> 585-350-2097 (Desk)
> 178*1*2097 (DAP)
> 
> 
> 
> This message, including any attachments, contains 
> confidential information intended for a specific
> individual and purpose and is protected by law. If you are 
> not the intended recipient, please contact
> sender immediately by reply e-mail and destroy all copies.
> You are hereby notified that any disclosure, copying, or 
> distribution of this message, or the taking
> of any action based on it, is strictly prohibited.
> 
> WARNING: Computer viruses can be transmitted via email. The 
> recipient should check this email
> and any attachments for the presence of viruses. The sender 
> accepts no liability for any damage
> caused by any virus transmitted by this email. E-mail 
> transmission cannot be guaranteed
> to be secure or error-free as information could be 
> intercepted, corrupted, lost, destroyed, arrive
> late or incomplete, or contain viruses. The sender therefore 
> does not accept liability for any errors
> or omissions in the contents of this message, which arise as 
> a result of e-mail transmission.
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 



More information about the cisco-nsp mailing list