Re: OT: EMERGENCY

[Robert Threet <rthreet@yahoo.com>]

Thanks to all.  I was pinch-hitting for the NT guy.  I had tried
stopping and restarting IIS but it wouldn't load, saying "..bind
conflict..".  I restarted the box with a "warm boot" and was still
unable to get IIS to load (same error).  After seeing several strange
processes running when I logged in, my paranoia kicked in and I began
to believe that someone had hacked the box and was using port 80 for
something else.  I did use nmap and netstat.  I wasn't able to
determine much beyond the fact that HTTP was running on the port.  

Evidently, all it needed was to be cold powered off (rebooted a 2nd
time) because after the cold boot it worked fine.

Thanks for the tool tips:  I'll definitely check out inzider.

--- William Underwood <wllmundrwd@charter.net> wrote:
> Robert Threet wrote:
> > 
> > Does anyone know how to see what is running on a port on Windows
> 2000?
> > 
> 
> Yes, I do.  The answer to the question you should have asked (Would
> you
> please tell me how...?) is:  Use Inzider, one of the most
> recommended
> security tools for WinNT/2K/XP, from Arne Vidstrom, a well-known
> contributor to many security lists.
> 
> http://ntsecurity.nu/toolbox/inzider/
> 
> William
> 
> -- 
> William Underwood
> wllmundrwd@charter.net
> 
> -
> To unsubscribe, send email to majordomo@silug.org with
> "unsubscribe silug-discuss" in the body.


__________________________________________________
Do you Yahoo!?
Faith Hill - Exclusive Performances, Videos & More
http://faith.yahoo.com

-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.