Hi,
389 is TCP port used by LDAP (Lightweight Directory Access Protocol). LDAP
is a base for Active Directory -- all the queries in Active Directory are
done through LDAP (e.g. looking for user information etc...).
Mike
"yatlam" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> Hi all, I found that there is an unknown problem in the port 389 of my
> windows 2000 server and it is really disturbing.
> I have checked the TCP Connections on my server, there are over a hundred
of
> established connections on the port 389 with the other local ports. For
> example, my server's local IP is 10.8.0.191, the connections are as below:
> 10.8.0.191 389 -> 10.8.0.191 10000 ESTABLISHED
> 10.8.0.191 389 -> 10.8.0.191 10201 ESTABLISHED
> 10.8.0.191 389 -> 10.8.0.191 10332 ESTABLISHED
> 10.8.0.191 389 -> 10.8.0.191 10403 ESTABLISHED
> 10.8.0.191 389 -> 10.8.0.191 10522 ESTABLISHED
> 10.8.0.191 389 -> 10.8.0.191 10615 ESTABLISHED
> .
> .
> .
> .
> .
> 10.8.0.191 389 -> 10.8.0.191 11315 TIME_WAIT
> .
> .
>
> It seems that it is caused by some virus, but I have tried a full scan on
my
> server and checked all process on run. No virus has been discovered. Some
of
> my local network applications, such as files accessing and active
directory
> accessing, have been slow down and even unaccessable. I have no idea on
> that. Could any one help me to figure out the problems and give me some
> suggestion to tackle this? Thank you very much.
>
> Lam
>
>
|
Similar Threads
Linear Mode
