lsof | grep IPv
Permet de lister les applications qui écoutent des ports; ex pour office excel 2004:
Excel 1173 mgi 19u IPv4 0x9c85270 0t0 TCP *:3371 (LISTEN)
Excel 1173 mgi 23u IPv4 0x11441cc8 0t0 UDP *:rockwell-csp2
et après quitté et relancé
Excel 1913 mgi 21u IPv4 0x9c85270 0t0 TCP *:3546 (LISTEN)
Excel 1913 mgi 23u IPv4 0x1153aa38 0t0 UDP *:rockwell-csp2
Donc c'est une plage de port qui est écoutée
et office excel 2008
Microsoft 1892 mgi 20u IPv4 0x9c8ae64 0t0 TCP *:3323 (LISTEN)
Microsoft 1892 mgi 21u IPv4 0x1153a378 0t0 UDP *:rockwell-csp3
rockwell-csp3 est le port 2222
rockwell-csp3 est le port 2223
The behavior of the MS Database Daemon (PID Sniffer) is pretty well known by now. It uses UDP port 2222 (ou 2223 pour office 2008) to announce its presence and to find other daemons running on the local network. Then the various Office apps use a random TCP port in the range 3000-3999 to listen for other copies with the same serial number. Blocking these ports with your firewall is a prudent thing to do, whether or not you are trying to use multiple copies with the same serial number. Even if you are only using a single copy, it's possible for a hacker to sniff out your daemon and then terminate your MS Office apps by faking a serial number collision. If you have made any unsaved changes, they would be lost. For this reason alone, Microsoft should be roasted over a slow fire for implementing such a dangerous "anti-piracy" scheme. Since the applications use a random port number, you will actually have to block all TCP ports in the range 3000-3999.
Inscription à :
Publier les commentaires (Atom)
Aucun commentaire:
Enregistrer un commentaire