[svlug] Port 1480, pacerfourm.
xtifr at dsp.net
Wed May 31 11:35:40 PDT 2000
Bill Schoolcraft <bill at wiliweld.com> writes:
> At Fri, 26 May 2000 it looks like Chris Waters composed:
> CW-> Well, I just checked, and gnome-session is definitely not hardwired to
> CW-> 1480. On my laptop, for example, it's using 1025/tcp. I suspect that
> CW-> it chooses a free port at random, or something.
> Hmmm, so excuse my "chicken-n-egg" thinking, but _if_ a service does
> randomly choose 1480, the portscan only checks for life, references
> who's the last registered owner of that port and not who's
> actually breathing behind the port ?
The portscan, which is on the outside looking in, can't tell what
process actually owns a port. My understanding (and this could be
wrong) is that a typical portscan simply looks up the port number in
/etc/services to see if it can find a matching name. So, if I
decided, for whatever dumb reason, to set up my httpd to use port 25,
then a portscan would probably report that I have smtp running.
Skimming my /etc/services file, I see the following comment before the
listing of ports above 1024:
# From ``Assigned Numbers'':
#> The Registered Ports are not controlled by the IANA and on most systems
#> can be used by ordinary user processes or programs executed by ordinary
#> Ports are used in the TCP [45,106] to name the ends of logical
#> connections which carry long term conversations. For the purpose of
#> providing services to unknown callers, a service contact port is
#> defined. This list specifies the port used by the server process as its
#> contact port. While the IANA can not control uses of these ports it
#> does register or list uses of these ports as a convienence to the
I don't have port 1480 listed in my /etc/services at all, though, and
I'm not sure if that's significant, or simply a difference between
distributions. But 1480 probably fits in this category of unofficial
Hmm, I also see some fairly interesting services listed. How about:
rfe 5002/tcp # Radio Free Ethernet
mandelspawn 9359/udp mandelbrot # network mandelbrot
Chris Waters xtifr at dsp.net | I have a truly elegant proof of the
or xtifr at debian.org | above, but it is too long to fit into
http://www.dsp.net/xtifr | this .signature file.
More information about the svlug