CarstenLevin

Port 5003 - trojans ... :-)

Discussion created by CarstenLevin on Sep 18, 2012
Latest reply on Sep 19, 2012 by taylorsharpe

Hi, one of our customers firewall gave this listing of use/misuse of port 5003.

 

We are having many many FileMaker Servers with port 5003 open in the FireWalls. At many sites, Danish and International companies. Also some very restrictive ones with very strict rules.

We never had any security problem with FileMaker 7-8-8.5-9-10-11 and of course not with 12.

 

And when FileMaker is listening on 5003, i would say that there will be no risc. But I promised to check it, and to comme backup with what I could find.

 

Can anyone supply me with extra informatino.

 

Best regards

 

Carsten

 

 

 

Port(s)

Protocol

Service

Details

Source

5003

tcp

trojans

W32.Spybot.IVQ (01.26.2005) - Worm with distributed denial of service and backdoor capabilities. Spreads through network shares, MySQL (port 3306)/MS SQL (port 1433) servers with weak passwords, and by exploiting system vulnerabilities (ports 135, 445).

Opens a backdoor on one or more of these ports: 5002, 5003, 1927, 1930.

SG

5003

tcp,udp

FileMaker (official)

Wikipedia

5003

tcp

fmpro-internal

FileMaker, Inc. - Proprietary transport

IANA

5003

udp

fmpro-internal

FileMaker, Inc. - Proprietary name binding

IANA

5003

tcp

fmpro-internal

FileMaker Inc. - Proprietary transport

SANS

5003

udp

fmpro-internal

FileMaker Inc. - Proprietary name binding

SANS

5003

tcp,udp

applications

Digi-Watcher

Portforward

5003

tcp,udp

applications

FileMaker Pro

Portforward

5003

tcp,udp

filemaker

Filemaker Server - http://www.filemaker.com/ti/104289.html

Nmap

5003

tcp

threat

W32.Spybot

Bekkoame

5003

tcp

fmpro-internal

FileMaker, Inc. - Proprietary transport

Bekkoame

5003

udp

fmpro-internal

FileMaker, Inc. - Proprietary name binding

Bekkoame

Outcomes