Not sure what server would use this - sun-manageconsole

jcorr

Hello

Came across a server with port 878 with sun-manageconsole listening on it. Anyone know what type of O/S would be hosting such an application? Solaris? I assume sun-manageconole is an admin console of some sort?

j

syklops

jcorr wrote: »

Hello

Came across a server with port 878 with sun-manageconsole listening on it. Anyone know what type of O/S would be hosting such an application? Solaris? I assume sun-manageconole is an admin console of some sort?

j

A sun server seems logical.

Do you know that it is sun-manageconsole from nmap? Nmap often reports what that port 'usually' uses, but thats not to say thats whats actually running.

For example as a quick test I put netcat running on port 12345 and port scanned the local host with nmap and got the following results:

[root@newgrange ~]# nc -l 12345

Starting Nmap 6.01 ( http://nmap.org ) at 2014-07-07 21:50 IST
Nmap scan report for localhost.localdomain (127.0.0.1)
Host is up (0.0000070s latency).
Not shown: 992 closed ports
PORT      STATE SERVICE
22/tcp    open  ssh
25/tcp    open  smtp
53/tcp    open  domain
111/tcp   open  rpcbind
631/tcp   open  ipp
3001/tcp  open  nessus
6667/tcp  open  irc
12345/tcp open  netbus

Netbus isnt running, nmap is reporting it as such.

If I were you I would set up a packet sniffer, connect to it with netcat and send some data and a few return carriages and see what it returns.

Or, if you have access log into that system and see whats running on that port.

Or run a OS fingerprinting scan from nmap and see if you can determine whether it is a sun machine, and if not report it to the InfoSec team / internal IT.