On 14/04/10 20:12:48, James Bensley wrote:
On 14 April 2010 19:07, Srdjan Todorovic todorovic.s@googlemail.com wrote:
Some references to that port from different sources are mentioned in some Snort mailing list threads that mention a possible NOP sled attack.
A NOP sled can be on any port, or no port. Like Srdjan said, get a dump or find out what process has that port open (through netstat possibly?). Also what is the IP? Have you resolved it to see what it is? Who does it belong to?
-- Regards, James.
tcp 0 0 *:53662 *:* LISTEN 5127/skype
That clears it up I think.
It must be something new because I've been using Skype for a long time and this has not occurred before. So I think I can let it through.
Thanks to eveyone for the prompts. I probably wouldn't have thought of trying tcpdump and netstat otherwise.