I just finished performing a vulnerability assessment scan on a clients Win 2003 3790 server running IIS 6.0.
Using our tool (and others) port 4531 came up several times, each time with a different issue.
First: Possible Backdoor iise.exe - //admin.dll
Second: Web server tries to hide its version or name however using a special crafted request, we were able to discover it
Third: directories /help & /images were discovered
Fourth: Web server type is Microsoft-IIS/6.0
Fifth: Web server running on that port.
I'm not too familiar with IIS but why would it be "running" on that port? As far as I know, they have their server setup to run on port 80 (pursuant to other scans and the fact that we don't have to type host:4531 to get to the page nor are we redirected from host:80 to host:4531 when the page is accessed normally) but what purpose does port 4531 serve?
Using our tool (and others) port 4531 came up several times, each time with a different issue.
First: Possible Backdoor iise.exe - //admin.dll
Second: Web server tries to hide its version or name however using a special crafted request, we were able to discover it
Third: directories /help & /images were discovered
Fourth: Web server type is Microsoft-IIS/6.0
Fifth: Web server running on that port.
I'm not too familiar with IIS but why would it be "running" on that port? As far as I know, they have their server setup to run on port 80 (pursuant to other scans and the fact that we don't have to type host:4531 to get to the page nor are we redirected from host:80 to host:4531 when the page is accessed normally) but what purpose does port 4531 serve?