閱讀861 返回首頁    go 人物

Network Security Open Port Question

Hello,

 

When I used the Port Scanner in Network Utility, I noticed there were 3 open TCP ports: Port 1110, which had nfs-status as its usage, Port 1538, which linked to 3ds-lm, and Port 53213 which didn't have any identified usage listed, which I found to be suspicious.

 

When I used the netstat -a command in terminal, I saw the following as it related to Port 53213:

 

Proto Recv-Q Send-Q  Local Address          Foreign Address        (state)

 

tcp4       0      0  localhost.53213        localhost.57089        CLOSE_WAIT

tcp4       0      0  localhost.57089        localhost.53213        FIN_WAIT_2

 

and:

 

tcp4       0      0  localhost.53213        localhost.49875        ESTABLISHED

tcp4       0      0  localhost.49875        localhost.53213        ESTABLISHED

tcp4       0      0  localhost.53213        *.*                    LISTEN

 

When I googled Port 53213, I noticed it was associated with a something called Xsan Filesystem Access. I read Xsan may be associated with vulnerabilities.  Specifically, I read:

 

The Problem
There is a buffer overflow vulnerability in the Xsan filesystem driver that may affect systems directly attached to Xsan. An authenticated user with write access to the filesystem may exploit this vulnerability by creating a file with a specially crafted path name.

Impact

A local, authenticated attacker may be able to execute arbitrary code with system privileges, or create a denial-of-service condition.

 

Does anyone know what these ports are generally associated with?  Does anything seem suspicious? What does the foreign address *-* that the open Port 53213 is communicating with mean?

 

Thank you for your help

最後更新:2017-09-13 12:07:56

  上一篇:go Is it worth it to upgrade the hard drive to an ...
  下一篇:go What controls the behavior of a Mac when it has...