# Strange open ports



## Y0G (Oct 9, 2004)

Hi,

I use Network Utility to find out that my computer have opened ports that I never configured in my firewall... How come? Could anybody have a look at it and tell me if it can be a threat. Thank you in advance! (4662).

Port Scanning host: 10.0.1.2

Open Port: 1213
Open Port: 4000
Open Port: 4001
Open Port: 4002
Open Port: 4080
Open Port: 4662
Open Port: 6346
Open Port: 6881
Open Port: 6882
Open Port: 45100
Port Scan has completed ...


----------



## bobw (Oct 9, 2004)

These are ports that you're using for sharing.


----------



## Y0G (Oct 9, 2004)

Hi bobw,

Thank you for your reply! You are saying that these are ports that I am using are for sharing. But my Sharing Services and Internet Services are off... The only things I am sharing is through (4662 - (6881, 6882 - ) and  (6346)... The others,

Open Port: 1213
Open Port: 4000
Open Port: 4001
Open Port: 4002
Open Port: 4080
Open Port: 45100

I don't know what it can be ..!?


After having restarted my Mac, I have just finished another scan ports and there are all the same ports opened plus one more.

Open Port: 	3967

Any idea ..?


----------



## bobw (Oct 9, 2004)

Please read your PM.

nw-license      3697/tcp   NavisWorks License System

mpc-lifenet     1213/tcp   MPC LIFENET

http://www.iana.org/assignments/port-numbers


----------



## Y0G (Oct 9, 2004)

Thank you for the useful link!

bobw, I am a complete newbie in this kind of things... 

nw-license 3697/tcp NavisWorks License System

mpc-lifenet 1213/tcp MPC LIFENET

Are those site OK...?

Also, what does it mean to read a PM?

Thank you for your patience!


----------



## bobw (Oct 9, 2004)

PM - Private Message

There's a link near the top of page where it says Welcome Y0G


----------



## Y0G (Oct 9, 2004)

Thanks for the advice!



			
				Y0G said:
			
		

> bobw, I am a complete newbie in this kind of things...
> 
> nw-license 3697/tcp NavisWorks License System
> 
> ...


So the port 3697 and 1213 are safe...?


----------



## Y0G (Oct 10, 2004)

Connected with the following services are the port 3697 and 1213, which I still wonder if there OK or not.

nw-license 3697/tcp NavisWorks License System

mpc-lifenet 1213/tcp MPC LIFENET

Could anyone tell me where can I gather information in order to know which ports/services is safe or not?


----------



## scruffy (Oct 10, 2004)

To find out what programs are actually associated with each open port, you cam to use the command lsof

sudo lsof -i -P

will list the info you want

Also, you should know that a process can listen on more or less any port it wants - If the firewall is blocking that port, then the process may be waiting for an awfully long time to hear something, since anything destined for that port will be dropped by the kernel, rather than being passed to the listening process.


----------



## Y0G (Oct 11, 2004)

Thanks scruffy for your suggestion! Very useful!
Last time that I scanned ports I had found that the port 3697 and 1213 were opened and are connected with two services/sites (I don't know how to call them) named 

nw-license 3697/tcp NavisWorks License System
AND
mpc-lifenet 1213/tcp MPC LIFENET

What I'd like to know is if those services/sites I have just mentionned are safe (not spreading trojans, etc.) and especially where on Internet I can get such information if I need so for the future..??


----------



## bobw (Oct 11, 2004)

NavisWorks

Haven't found anything on MPC LIFENET. You might want to get Little Snitch to see where it's going and block if necessary.


----------



## Y0G (Oct 12, 2004)

Thank you bobw for those information!

Little Snitch would help surely to stop someone who is trying to send information gathered from my computer, but would it help using it if someone is trying to control my computer? Otherwise, what program could I use for that kind of purpose?


----------



## bobw (Oct 12, 2004)

Little Snitch will only block outgoing traffic, or allow it, depending on your choice.

Unlikely anyone would be able to control your machne from the outside.


----------



## Y0G (Oct 12, 2004)

Thank you very much for all those precious informations!!!


----------

