Re: weired logs
Hans-J. Ullrich schrieb:
> Hi all,
Hi,
> just a question. I found this entry in my logs:
>
> Nov 7 21:02:21 protheus2 check[7476]: [ 3] Unable to connect to
> c105.cloudmark.com:2703; Reason: Connection refused.
> Nov 7 21:02:21 protheus2 check[7476]: [ 3] Unable to connect to
> c105.cloudmark.com:2703; Reason: Connection refused.
> Nov 7 21:02:25 protheus2 check[7476]: [ 3] Unable to connect to
> c105.cloudmark.com:2703; Reason: Connection refused.
> Nov 7 21:02:25 protheus2 check[7476]: [ 3] Unable to connect to
> c105.cloudmark.com:2703; Reason: Connection refused.
>
> It looks like my host tried to connect to c105.cloudmark.com port:2703.
>
> I never tried to do this, so this might be caused by an application (which
> might be a security hole), someone attacked me, or this was caused by my
> running tor. What is port 2703 ?
The port 2703 not regular
prometheus ~ # grep 2703 /etc/services
-- no results
After i spend some time on google for you i found this interesting article:
http://www.auditmypc.com/port/udp-port-2703.asp
it seems to be an application for sms transfering or sth. stupid like
that. Try to locate the port by using netstat and isolate the socket and
the matching PID of the process. The rest should be a piece of cake :)
>
> Regards
Best Regards
>
> Hans
Jan
>
>
Reply to:
- References:
- weired logs
- From: "Hans-J. Ullrich" <hans.ullrich@loop.de>