pedja_portugalac
August 7th, 2008, 06:08 PM
After checking my active network services I discovered 2 active services I can't find what program use that and what for. So I need your help please?
-First port is: 5353 (Mdns)
Darren Spruell on 2007-12-07 said:
5353/udp is more generally associated with multicast DNS used commonly for Zeroconf service discovery on a LAN. Besides Apple's Bonjour, another notable implementation is found in the Avahi service discovery toolset.
******* I have tried to learn fast about Mdns, Zeroconf and also Avahi and this is where I am.
Avahi is a system which facilitates service discovery on a local network. This means that you can plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared. This kind of technology is already found in Apple MacOS X (branded Rendezvous, Bonjour and sometimes Zeroconf) and is very convenient. Avahi is mainly based on Lennart Poettering's flexmdns mDNS implementation for Linux which has been discontinued in favour of Avahi.
I presume this is legitimate Avahi service on Ubuntu but I am confused by this IANA database?
wCrat 5343/tcp #[trojan] WC Remote Administration Tool
BackConstruction 5400/tcp #[trojan] Back Construction
BackConstruction 5400/tcp #[trojan] Back Construction
BladeRunner 5400/tcp #[trojan] Blade Runner
I can't see port 5353 and I'm afraid this possible trojans work on range between 5343 and 5400?
-Second port is: 42067/udp (Service Unknown)
Any comment welcome.
-First port is: 5353 (Mdns)
Darren Spruell on 2007-12-07 said:
5353/udp is more generally associated with multicast DNS used commonly for Zeroconf service discovery on a LAN. Besides Apple's Bonjour, another notable implementation is found in the Avahi service discovery toolset.
******* I have tried to learn fast about Mdns, Zeroconf and also Avahi and this is where I am.
Avahi is a system which facilitates service discovery on a local network. This means that you can plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared. This kind of technology is already found in Apple MacOS X (branded Rendezvous, Bonjour and sometimes Zeroconf) and is very convenient. Avahi is mainly based on Lennart Poettering's flexmdns mDNS implementation for Linux which has been discontinued in favour of Avahi.
I presume this is legitimate Avahi service on Ubuntu but I am confused by this IANA database?
wCrat 5343/tcp #[trojan] WC Remote Administration Tool
BackConstruction 5400/tcp #[trojan] Back Construction
BackConstruction 5400/tcp #[trojan] Back Construction
BladeRunner 5400/tcp #[trojan] Blade Runner
I can't see port 5353 and I'm afraid this possible trojans work on range between 5343 and 5400?
-Second port is: 42067/udp (Service Unknown)
Any comment welcome.