Signature id for tcp port 6070

Similar Messages

• Unable to telnet on command prompt for udp port 514, but able to on cmd for tcp port 514

  I am unable to telnet on command prompt for udp port 514. But when I use packet snifer or wireshark I am able to see traffic going to the targetted server from udp port 514. I thought it might be a firewall issue blocking the port from communicating. But
  I figured out that windows firewall is disabled. I am able to make similar connections on the cmd for tcp port 514.
  I did a netstat -an and see that udp:514 is enabled and listening on the server.
  What am I missing here?

  Telnet actually supports TCP only. You might want to try another tool as suggested here: http://serverfault.com/questions/263032/how-to-connect-to-a-udp-port-command-line
  This posting is provided AS IS with no warranties or guarantees , and confers no rights.
  Ahmed MALEK
  My Website Link
  My Linkedin Profile
  My MVP Profile

• Saprouter config with RFC on tcp port 33xx

  I have a customer who has configured saprouter to allow remote (from the Internet) connections via the SAP GUI.  These connections work great.  However, when they try to add entries to the route tables for TCP port 3300, 3301, and 3303 the external application they are using (a gateway connection on these ports) fails.  Is there some special configuration which needs to take place to allow the RFC connections vs. the regular SAP GUI connections on ports 32xx?
  Kind Regards,
  Eric J.

  I was able to fix the problem by configuring profile parameter "gw/alternative_hostnames" to the public IP of the SAP system.

• Monitor a TCP port but alert only if timed out X times

  Hello,
  I need to build a moniotr that will probe a TCP port but alert only if timed out X times
  I was looking at Microsoft.SystemCenter.SyntheticTransactions.TCPPortCheckProbe module but it doesn't have this options
  Thanks,
  Marius

       You can check 
     http://www.ghacks.net/2010/05/25/tcp-port-monitor-port-alert/
       for TCP Port Monitor Port Alert

• ACL filter tcp port

  Dear Expert,
  I study the ACL to filter (stop) the tcp port from below URL
  http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080100548.shtml
  In the section of "Allow Only Internal Networks to Initiate a TCP Session", grateful if someone would enlighten me the usage of "established"
  interface ethernet0
  ip access-group 102 in
  access-list 102 permit tcp any any gt 1023 established
  What is different if the ACL is changed to following:
  access-list 102 permit tcp any any gt 1023
  rdgs

  Dear Jennifer,
  Great helpful.
  Gratful if you would comment on following configuration which I digest your advice
  interface serial 0/0
  description 45M DS3 from HK to US
  ip access-group 105 in
  interface fastethernet 0/0
  Description Internat VLAN 100 for xxx department
  ip address 102.168.100.0 255.255.255.0
  ip access-group 101 in
  access-list 101 remark -- only allow Web service from internal to outside --
  access-list 101 permit tcp 192.168.100.0 0.0.0.255 any http
  access-list 105 remark -- allow return traffic if destination tcp port great than 1023 --
  access-list 105 permit tcp any 192.168.100.0 eq http 0.0.0.255 gt 1023 established
  ! it should embed the partial function of "permit tcp any eq http 192.168.100.0 0.0.0.255 gt 1023" but the
  ! traffic should be permit only if it initiates from 192.168.100.0/24. If the traffic is initiate from outside,
  ! the acl 105 would deny it.
  access-list 115 remark -- allow in/return traffic for tcp port great than 1023 --
  access-list 115 permit tcp any eq http 192.168.100.0 0.0.0.255 gt 1023
  ! the traffic is permit no matter it is initiate from internal or external
  access-list 125 remark -- allow return traffic for all tcp port --
  access-list 125 permit tcp any eq 80 192.168.100.0 0.0.0.255 any established
  ! include the function of ACL 105, also support tcp port range from 1 to 1023 
  access-list 135 remark -- allow in/return traffic for all tcp port --
  access-list 135 permit tcp any eq 80 192.168.100.0 0.0.0.255 any
  ! include the function of ACL 115, also support tcp port range from 1 to 1023
  If so, I would like to modify the ACL to support more services, grateful if you would comment on it.
  access-list 101 remark -- only allow Internet services from internal to outside --
  access-list 101 permit tcp 192.168.100.0 0.0.0.255 any http
  access-list 101 permit tcp 192.168.100.0 0.0.0.255 any smtp
  access-list 101 permit tcp 192.168.100.0 0.0.0.255 any pop
  access-list 101 permit tcp 192.168.100.0 0.0.0.255 any imap
  access-list 101 permit tcp host 192.168.100.120 eq imap any estanlished
  access-list 101 permit tcp 192.168.100.0 0.0.0.255 any telnet
  access-list 145 remark --- return and in traffic ---
  access-list 145 permit tcp any 192.168.100.0 0.0.0.255 gt 1023 established
  access-list 145 permit tcp any host 192.168.100.120 imap

• ACE Probe Config for Blue Coat Proxy TCP Port 74 NETRJS-4

  We are running 4710's with A5(2.2). We use Blue Coat proxies for our internet connections, specifcally TCP port 74. So when we open up a browser connection to www.cisco.com, the HTTP GET is actually encapsulated in TCP port 74 netrjs-4. We want to load-balance these proxies with ACE and I'm trying to setup health probes, but the only ones that work are the tcp probes PROXY_BCC_PROBE and PROXY_PROBE. I'd like to have health probes that hit external websites, but I'm confused whether the "ip address" Probe sub command is all I need, and netrjs is simple encapsulation of the HTTP request (which is what it looks like on a sniffer). Does anyone have Blue Coat proxies/ACE working? If so, how are your probes configured?
  Thanks,
  probe tcp PROXY_BCC_PROBE
    port 8084
    interval 3
    passdetect interval 3
  probe http PROXY_HTTP1_PROBE
    ip address 198.133.219.25
    port 74
    interval 3
    passdetect interval 3
    request method head url /index.html
    expect status 200 299
  probe http PROXY_HTTP2_PROBE
  ip address 198.133.219.25
    port 74
    interval 3
    request method get url /
    expect status 200 299
  probe tcp PROXY_PROBE
    port 74
    interval 3
    passdetect interval 3

  Hi,
  I have seen this working for one of the customer.
  probe http HTTPGET
    description Tests that www.gmail.com returns 302 redirect
    interval 10
    request method get url http://www.gmail.com
    expect status 302 302
  If I modify your probe :
  probe http PROXY_HTTP1_PROBE
    ip address 198.133.219.25
    port 74
    interval 3
    passdetect interval 3 
  request method get url
    http://www.gmail.com
  expect status 302 302
  Give it a try and see if that helps.
  regards,
  Ajay Kumar

• The access to our new chess hall may be blocked by your local firewall. You would need to reconfigure your firewall to open port 15010 for TCP traffic.

  How do I do the following so I can get into my chess program??
  The access to our new chess hall may be blocked by your
  local firewall. You would need to reconfigure your firewall to open port 15010
  for TCP traffic.

  This is not really Firefox related.
  What you need to do here is to read the firewall manual which usually explains how to create a rule for what you want to do.
  If you're using the Windows XP firewall, see this Microsoft article: http://windows.microsoft.com/en-US/windows-vista/Firewall-frequently-asked-questions

• Does Anyone Know the Standard TCP Port number for "itpc" Protocol?

  Hello,
  I am trying to determine if the TCP port number for “itpc://” protocols is 3689 (iTunes Music Sharing), 443 (iTunes Store), 548 (Personal File Sharing, Apple File Share), or another number. Searching through this form and referring to “Well Known” TCP and UDP Ports Used By Apple Software Products Tech document help point me in the right direction, I have no way of confirming any of the numbers as the standard.
  I have attached the URLs to documents that go further in depth on what I am talking about.
  “Well Known” TCP and UDP Ports Used By Apple Software Products Tech document
  http://docs.info.apple.com/article.html?artnum=106439
  Article explaining iTunes podcast direct links (“itpc://”)
  http://www.apple.com/itunes/store/podcaststechspecs.html
  Thank you for your help.
  Toshiba   Windows XP Pro  

  Hi Krisina ,
  You could seek help referring to the following link and find your serial number easily.
  https://helpx.adobe.com/x-productkb/global/find-serial-number.html
  Regards
  Sukrit Dhingra

• Looking for local VRU-PIM TCP port

  Hi Team,
  I am setting a VRU-PG to connect an external IVR, however I couldn't find anywhere what is the TCP port number used by the vrupim.exe process to open our firewall port accordingly.
  Is the VRU port dynamic ? "The port Port Utilization Guide for Cisco Unified Intelligent Contact ManagementEnterprise & Hosted Release 8.0"  document mentions that for GED-125 the server Protocol/Port  is TCP 5000–5001.
  However in my case the local TCP port of vrupim.exe  keeps changing. Whenever I cycle the PG it is changed to 1102, or 3352, 3407, 3443 etc..
  Thanks & Regards
  Nick
  Note:

  Hi Sentil,
  Thank you for your answer. The "VRUTcpServiceName" setting is indeed set to 3000. This is my remote port for my  the
  VRUIpHostName 10.173.33.143. However this is not what I am looking for.
  I am looking for the local port range which is used by the the VRUPIM.EXE process which is at the moment 2481 (see belloww). This is because the is a firewall on the remote site, where the VRU server is located, and they need to know which are the ports to open.
  C:\icm\pft\PG1A>netstat -bn
  Active Connections
    Proto  Local Address          Foreign Address        State           PID
    TCP    10.157.124.37:1802     10.157.124.33:40002    ESTABLISHED     4964
    [pgagent.exe]
    TCP    10.157.124.37:1803     10.157.124.50:40017    ESTABLISHED     4964
    [pgagent.exe]
    TCP    10.157.124.37:1804     10.157.125.50:41003    ESTABLISHED     4964
    [pgagent.exe]
    TCP    10.157.124.37:1805     10.157.125.50:41017    ESTABLISHED     4964
    [pgagent.exe]
    TCP    10.157.124.37:1806     10.157.125.33:41002    ESTABLISHED     4964
    [pgagent.exe]
    TCP    10.157.124.37:1807     10.157.124.50:40003    ESTABLISHED     4964
    [pgagent.exe]
    TCP    10.157.124.37:2481     10.173.33.143:3000     ESTABLISHED     4560
    [vrupim.exe]
    TCP    10.157.124.37:3389     10.159.29.60:52247     ESTABLISHED     3340
    TermService
    [svchost.exe]
    TCP    127.0.0.1:1069         127.0.0.1:7161         ESTABLISHED     3388
    [msnsaagt.exe]
    TCP    127.0.0.1:1076         127.0.0.1:7161         ESTABLISHED     3420
    [cccaAgent.exe]
    TCP    127.0.0.1:1077         127.0.0.1:7161         ESTABLISHED     3396
    [hostagt.exe]
  TCP    127.0.0.1:1138         127.0.0.1:7161         ESTABLISHED     3408
    [sappagt.exe]
  TCP    127.0.0.1:7161         127.0.0.1:1069         ESTABLISHED     3380
    [snmpdm.exe]
  TCP    127.0.0.1:7161         127.0.0.1:1077         ESTABLISHED     3380
    [snmpdm.exe]
  TCP    127.0.0.1:7161         127.0.0.1:1076         ESTABLISHED     3380
    [snmpdm.exe]
  TCP    127.0.0.1:7161         127.0.0.1:1138         ESTABLISHED     3380
    [snmpdm.exe]
  TCP    10.157.124.37:1062     10.157.124.42:389      CLOSE_WAIT      3048
    [DiagFwSvc.exe]
  C:\icm\pft\PG1A>
  Regards
  Nick

• Destinations and TCP Port Numbers for Creative Cloud

    Hi
  What are the Destination IP's and TCP port numbers that need to be allowed on a firewall to use creative cloud in a secure network?
  thanks

  Rave wrote:
  Hi mccalel,
  CS3 is a very very old software and is not a qualifying version for upgrade.
  Not sure I follow.
  The discounted promotional deal (for the first 12 months) for existing owners of CS3-CS6 suites is what the OP is trying to take advantage of.
  https://creative.adobe.com/plans

• IPS - alarm on specific tcp port scan

  Hi there,
  My problem is:
  I want to create a rule on IPS 5.x, in which a TCP high port rage sweep triggers a low alarm, but if the sweep includes tcp 2400 port, than I receive a high level alarm. But in the same time I don't want any alarms, if theres is a full 3-way handshake to tcp 2400 ports . Is it possible at all?
  Thanks,
  Aa

  The short answer is no, it does not help thanks... Shortly because it was not an answer to my question ;-)
  After further investigation I found the so-called META engine, in which there is a "component list", in which you can define more signatures. The alarm is fired if all the selected events match.
  Unfortunately the component list doesn't allow you to add a custom signature the the list, so I had to clone the "normal" tcp port sweep engine (to keep teh original), than modify the original 3001 engine to fire on tcp port 2400 mathces. Then I added this signature and TCP high port sweep signature to the component list.
  In this way it works. If anyone can suggest an easier way - Welcome! But now I think that can be a useful info for others also.
  Bests,
  Aa

• MARS - tcp port 0?

  On MARS alerts (from IPS 4260) are received on one of the IE vulnerabilities.
  Event- Microsoft Internet Explorer Dynamic HTML Element Processing Memory Corruption Vulnerability
  Source ip/port-a.b.c.d/0
  Destination ip/port-w.x.y.z/0
  Protocol-TCP
  [w.x.y.z is my proxy]
  [a.b.c.d should be a web server, running port 80]
  Qn> what is tcp port 0?why does MARS display as port 0?

  If you click on the name of the 'Reporting Device, for example 'ABCD-IDS-1', MARS will show you the 'Raw Event' (as received from the sensor). This will help you show if the IPS is sending the zero port or its the MARS.
  Some signatures don't report the port number properly, I don't this this is a bug or by design :) (Since the signature already says 'HTML' )
  Btw, I see this false positive on one of our customer's all the time....
  Regards
  Farrukh

• Help needed for a port scanning project

  Thank you first.
  This is actually my shcool project. we are writing a little port scanner in Java. I want to know how to
  tell the OS of a target machine.
  tell the UDP and TCP ports( which are UDP ports and which are TCP ports).
  My understanding of telling UDP or TCP ports is that an active UDP ports will not respond and a closed one will generate an error.
  Thank you again for your advice.

  this is the just an idea
  echo, 7
  ftp-data, 20
  ftp, 21
  telnet, 23
  smtp, 25
  time, 37
  name, 42
  bootp, 67
  tftp, 69
  finger, 79
  http, 79
  pop3, 110
  nntp, 119
  login, 513
  printer, 515
  route, 520
  String cIP = "192.168.0.1";
  int nPort = 23;
  Socket test = new Socket( cIP, nPort );
  public Socket(String host, int port) throws UnknownHostException, IOException{
  this(InetAddress.getByName(host), port, null, 0, true);
  try{
  // connection code in here
  catch(Throwable e){}
  String cIP = "192.168.0.";
  int nPort = 23;
  for( int nClassC=0; nClassC<=255; nClassC++ ){
  try {
  Socket test = new Socket( cIP+nClassC, nPort );
  test.close();
  } catch ( Throwable e ) {}
  public class checkSingleIP extends Thread{
  private String cIP;
  private int nPort;
  public checkSingleIP(String cIP, int nPort ){
  this.cIP = cIP;
  this.nPort = nPort;
  public void run(){
  try {
  Socket test = new Socket( cIP, nPort );
  System.out.println( nPort +" disponibile" );
  test.close();
  catch ( Throwable e ) {
  System.out.println( nPort +" NON disponibile" );
  checkSingleIP ip =
  new checkSingleIP( "192.168.0.1", 23 );
  ip.start();

• How to get the number of bytes at TCP port

  Hi all,
  How to get the number of bytes to read at the TCp port...as someone had suggested in some forum we do read the number of bytes first and then pass this...
  but we get a problem when we have FF data in this...because then it sends 2 FF data...and cause of this we skip the last data...is there any solution for the same?

  Hi
  In LabVIEW you don't have the same property as in serail port.
  You havn't "Byte at TCPIP port".
  if you developp a protocol, one soltion, is to send the size to read.
  Ingénieur d'Application / Développeur LabVIEW Certifié (CLD)
  Application Engineer / LabVIEW Certified Developer (CLD)

• Port Forwarding for Minecraft - Port not recognized as open

  I am trying to set up Port Forwarding to host a Minecraft server on a local machine. I am able to connect to Minecraft from within the network, but when I try to use my external IP, it fails. I have port forwarding (supposedly) set up on my Airport Extreme base station, for TCP/UDP port 25565. When I check on canyouseeme.com , it says that the port is not open. Do I have some configuration wrong in Airport Utility? I'm pretty sure it's not something wrong with my Ubuntu box (the one hosting the server) because I am able to connect to it without any problem using it's Internal IP.
  Any help is greatly appreciated.

  I am having this same problem.  My AirPort Utility is v6.2.  I have followed a tutorial labeled for v6.  I cannot open my ports.
  I have a static IP address with the following:
  Router Mode: DHCP and NAT
  I increased the DHCP Range so it would include the static IP address I selected.
  DHCP Reservations
  Description: Minecraft
  Reserve Address By: MAC Address and entered my MAC address
  IPv4 Address: the static IP address that I created in System Preferences- Network
  Port Settings
  Description: Minecraft
  Public UDP Ports: 25565
  Public TCP Ports: 25565
  Private IP Address: same as above which is the same as the statis IP address
  Private UDP Ports: 25565
  Private TCP Ports: 25565
  I also checked with Comcast, my internet provider, to make sure they were not blocking port 25565.  The person on the chat said that that port was open.
  I have been using yougetsignal.com to check if my ports are open and so far nothing.
  Does anyone have any suggestions?