Forums: Port 3003 - Forums

Jump to content

  • (2 Pages)
  • +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic

Port 3003

#1 User is offline   isaiah

  • Corporal
  • Icon
Group:
Members
Posts:
199
Joined:
13-August 03

Posted 29 January 2004 - 07:55 AM

I been Getting latly a lot of scans on my network for port 3003 does any one know a vuln that goes with that port
0

#2 Guest_liquidSilver_*

Group:
Guests

Posted 29 January 2004 - 08:25 AM

No idea, but it seems like its a TCP port... svhost.exe?

A few links:

http://www.seifried..../3000/3003.html

http://www.securityf...30/2003-12-06/0

...dunno if its something usefull..
0

#3 Guest_sysadmin_*

Group:
Guests

Posted 29 January 2004 - 09:14 AM

I only found this (google)

3003 - tcp, udp - cgms - tiscom.uscg.mil
0

#4 Guest_SirSmokealot_*

Group:
Guests

Posted 29 January 2004 - 09:27 AM

jeah that google stuff is also i know about it ... but i found a scan.txt with port 3003 scans on my machine.. was already some days old , and they lost connection cause of my dynamic ip(they got in via dameware-and i fixxed it now...)

but i am really interested what they tried to scan for... cause never saw anything with port 3003 before..... (was a irc script kiddy i think ...)
0

#5 User is offline   nolimit

  • Sergeant First Class
  • Icon
Group:
Members
Posts:
387
Joined:
27-January 04

Posted 29 January 2004 - 11:09 AM

It's possible it's the hackers backdoor port.
0

#6 Guest_usanet21_*

Group:
Guests

Posted 29 January 2004 - 02:15 PM

is it svhost.exe that is running maybe
svhost.exe runs on 3003
0

#7 User is offline   Viporizer

  • Private First Class
  • Icon
Group:
Members
Posts:
27
Joined:
21-January 04

Posted 29 January 2004 - 03:21 PM

My svhost doesn't run under port 3003...
0

#8 User is offline   320X

  • Master Sergeant
  • Icon
Group:
Members
Posts:
473
Joined:
14-December 03

Posted 29 January 2004 - 04:05 PM

isaiahi got the same port open in XP 3003, use the tcpview to see that conection
0

#9 User is offline   Icarus

  • Private First Class
  • Icon
Group:
Members
Posts:
45
Joined:
22-August 03

Posted 29 January 2004 - 04:29 PM

svchost.exe its a services, svhost.exe maybe its a backdoor look pid if = to port 135
0

#10 Guest_Nightdemon_*

Group:
Guests

Posted 29 January 2004 - 04:39 PM

TCP 3003 CGMS
don't have any idea what that could be :blink:
0

#11 User is offline   silos

  • Corporal
  • Icon
Group:
Members
Posts:
180
Joined:
19-August 03

Posted 29 January 2004 - 06:58 PM

like nolimit says it might be a port created by the hacker [netcat port perhaps].
0

#12 User is offline   Nexcess

  • Corporal
  • Icon
Group:
Members
Posts:
154
Joined:
13-September 03

Post icon  Posted 29 January 2004 - 07:10 PM

'svhost'

isnt a standard windows process

'svchost' is

if you have something called 'svhost' on your machine its something you or someone else has installed.
0

#13 User is offline   Planquadrat

  • Private First Class
  • Icon
Group:
Members
Posts:
48
Joined:
16-December 03

Posted 29 January 2004 - 07:40 PM

maby this can help you to find mor aboute port 3003 and Vul.

http://www.network-i...xpsig_3003.html
0

#14 Guest_anole_*

Group:
Guests

Posted 01 February 2004 - 08:46 AM

On my network, where 3003 is listening, there is a Serv-U installed listening on 43958…
0

#15 User is offline   Nostremato

  • Private First Class
  • Icon
Group:
Members
Posts:
43
Joined:
31-August 03

Posted 01 February 2004 - 09:09 AM

anole, on Feb 1 2004, 08:46 AM, said:

On my network, where 3003 is listening, there is a Serv-U installed listening on 43958…

maybe it is only a backdoor which the hackers installed :blink:
Sorry my bad english!
0
  • (2 Pages)
  • +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users