By 3 3 8 9 port leads to the classic information-vulnerability warning-the black bar safety net

Today. D tool to check the port,Oh,actually there were two don’t know the port(because I compared dish)3 8 9 and 1 0 0 2. Haha,so you from the online search-related information(I’m afraid of viruses I’m afraid of Trojans,but I like the kinds of Trojans,it really is a rookie thought). Oh,and later with a fire wall plus 3 8 9 and 1 0 0 2 rules,found just General port,Oh,but actually information really there is about 3 8 9 worth it I glance at the information,for everyone to see,when after the meal the dessert bar,Oh[^_#!, Khan,who threw tomatoes hit me in the eye.]
[Celebrating]

[Text begins…]
=================The first part of the===============
Q:
3 8 9 port what’s the use? A host opened 3 8 9 port don’t know 3 8 9 What I said is that you can get this port can do what ? [Good question.]

Answer:
One, first of all, we will your question into three parts: the port, 3 8 9 Port, 3 8 9 port utilization.
Someone once put the server than for the house, and put the port as leading to the different rooms or service door, if you do not consider the details of the words, this is a good analogy. The invaders want to occupy this house, it is bound to break down the door-the physical invasion of another, then for the intruder to understand that the house opened a few doors, all kind of doors, behind the door there is what is essential. The intruder will usually use a scanner on the target host port scanning to determine which ports are open, from the open port, the intruder can know the target host generally provides which services, and then guess the possible presence of vulnerabilities, so the port scan can help us to better understand the target host, and for the administrator, scan the machine for open ports is also done to safe guard the first step. The port is divided into two kinds, one kind is a TCP port, a UDP port. Between the computers communicate with each other, is divided into two ways: one is to send the information later, you can confirm the information has arrived, i.e. the response, this approach is mostly used TCP Protocol; one is sent later on the matter, not go to confirm whether the information arrives, this way mostly using the UDP Protocol. Corresponding to both protocols of the services provided by the port, it is divided into the TCP port and UDP port. [Important basis to explain,rookie look.]

View port in Windows 2 0 0 0/XP/Server 2 0 0 3 to view the port, you can use the Netstat Command: click“Start→Run”, type“cmd”and hit Enter, open a Command Prompt window. At the command prompt, type“netstat-a-n”, press the ENTER key after you can see the display in digital form TCP and UDP connections to the port number and the state.

Second, secondly, let’s talk about 3 8 9 port. 3 8 9 port simple definition: a port:3 8 9 services:LDAP, ILS description:Lightweight Directory Access Protocol and NetMeeting Internet Locator Server shared this port. Then how to understand?
1, Lightweight Directory Access Protocol LDAP
Lightweight Directory Access Protocol (LDAP)is a service that allows anyone to find the network of organizations, individuals or the file or device, and other resources of a software Protocol, whether the public Internet or within the enterprise network. As the name suggests, LDAP is a"lightweight" (program code less smaller amount of code) version of DAP Directory Access Protocol), the DAP is a network directory service standard X. 5 0 0 part. The LDAP result does not include security measures so that the program code is relatively small.

{LDAP by the University of Michigan the invention, the current there have been 4 0 companies using, such as Netscape has been included in the latest edition of the Communicator Suite, it is also Microsoft added to Outlook Express and other products to a project called"Active Directory".} [Background information–nonsense! !#_#! And a tomato…]
Novell’s NetWare Directory Services and LDAP-compliant Cisco networking products are also supported. In the network, the directory can assist in finding a particular location of the object. In the TCP/IP network(including the Internet)with respect to the specific network location of the network name, which is composed of the directory system is called the domain name System DNS. LDAP can help to find to the individual, even if its position is not clear. LDAP is a used to publish directory information to many different resources to the agreement. Usually it is used as a centralized Address Book to use, but according to the Organizer’s needs, it can be made more powerful. How to understand Lightweight Directory Protocol yet, here are a few very important concepts----dn: a record of the location of the dc: one record belongs to the region ou: a record belongs to the organization of the cn/uid: a record of the name/ID. You can totally understand it as a database, but a database with tables to store data, it uses the tree! LDAP most basic form, is a connection to the database the standard way. The database is a read query for the optimization. Thus it can quickly obtain query results, but in other aspects, such as the update, it is much slower. Of special note is that LDAP is usually used as a hierarchal database used, rather than a relational database. Therefore, it is the structure of the tree to represent than with a table. Because of this, it cannot be used in SQL statements.
Simply put, LDAP is a get information about the people or the resources of the centralized, static data in a quick way. LDAP directory, for a layer of branches out of the tree, from the root directory, the subdivision of the country, region, organization, groups, organizations and individuals. The entire directory is distributed across many servers, each server copy a whole branch of the figure, the periodic synchronization of data. An LDAP server is called a Directory System Agent (DSA i.e., is-a directory system agent), by the user of the received request command, and, when necessary, to the other DSA, and be sure to have a single server can actually perform the task. System service DFS（Distributed File System and LSASS（Local Security Authority the Local Security Authority, the lsass. exe process is a system process, to provide Local Security Authority service, not the end, may be utilized, such as the Sasser virus each the use of a wide range of protocols are included in the LDAP this Agreement.
Application Protocol Protocol port
LDAP Server TCP 3 8 9
The LDAP Server UDP 3 8 9
[Behind the rookie is easy to feel dizzy,because I feel dizzy,look can probably.]
2, The Internet location server(ILS) The Microsoft Internet location server(ILS), and past the name of the ULS for NetMeeting 2.0 directory service provides an LDAP（Lightweight Directory Access Protocol interface. You can start NetMeeting 2.0 or Web page to view the ILS directory, you can also browse the currently using NetMeeting 2.0 in the user list. Later, you can select with the list of the one or more user connections, you can also enter other location information of the user choose to connect with them. In addition, you can also access the ILS and perform some server tasks, such as login and logout, create user directory list. LDAP standard will ensure that NetMeeting in the future can still be compatible with server interoperability. NetMeeting can be detected whether the server is available, and without user intervention automatically from the backend login. If the connection is terminated again after the required logon, NetMeeting will automatically log on to the specified ILS. You in install the latest Chinese netmeeting 3.01 version before uninstalling the previous Microsoft NetMeeting beta. Then in a windows NT Server on an Internet location server(ILS) is. The Microsoft Internet location server(ILS), the previous name for the ULS, for NetMeeting directory service provides an LDAP（Lightweight Directory Access Protocol interface. You can start NetMeeting 2.0 or Web page to view the ILS directory, you can also browse the currently using NetMeeting’s user list. Later, you can select with the list of the one or more user connections, you can also enter other location information of the user choose to connect with them. In addition, you can also access the ILS and perform some server tasks, such as login and logout, create user directory list. LDAP standard will ensure that NetMeeting in the future can still be compatible with server interoperability. This program is available from the Microsoft Chinese download site found on, ILS 2.0 for X86 Edition 文件 名为 ILS20-x86.exe that x86 refers to the intel CPU series chip, the ILS requirements of the system minimum configuration of 4 to 8 6 or more machine-type, NT server 4.0, service pack 1, internet information Server 3.0 and above, memory for 16M,32M in. 在 NT 下 运行 ILS20-x86.exe installation is very simple. However after installation, the system reports an error. With the Event Viewer looked at it, the report is the LDAP service does not start, force start is unsuccessful. Will NT restart it again,everything OK. ILS setting is in the internet Service Manager to an LDAP entry is set, but the General user there is nothing set, Use default value. If the service requirements are relatively high, you can refer to the included Help documentation for advanced settings are in English, a little trouble.
[Cheer up,to Jin.]
Third, how to use 3 8 9 port?
LDAP there is a big security threat, because LDAP is a similar to DNS, NIS on the directory services of the network Protocol,it will be from the network on the malicious attacks and tampering. In addition,the directory server also may be physical or remote attack damage,so the LDAP server security threats can basically be divided into two types:for non-catalog services for the threat and for the directory services of the threat.
(A)non-directory service threat:

1. On the LDAP server to network attacks, including on the serveroperating system, the open port, on the host running the process with the services to be attack to destroy the availability of resources, such as the use of viruses, worms, Trojan horse programs, and so on for the attack;
2. Through physical access to theoperating system, the file and the directory or peripheral equipment, etc. to attack the host, this attack will affect resource availability, integrity and confidentiality; and
3. To provide a directory service back-end database to attack.
   (II)for Directory Services threat:
4. Data acquisition data-fetching operation of non-authorized access to data;
5. By listening（monitoring）other access（Channel）unauthorized access to reusable client identity Certification information; and
6. By listening to the other access channel non-authorized access to data;
7. Unauthorized data modification;
8. Unauthorized configuration changes;
9. Unauthorized or excessive use of resources（denial of service）；
10. Directory of spoofing: spoofing clients client believe from a directory service on the false information in the adapter when modifying the data or the wrong guidance of customer connections, and so on.
    Currently based on these threats of attack and Defense is more complex, did not dare GOU theory. Our friends may be curious, we can simply talk about LDAP injection.
    LDAP injection Injection the concept is similar to SQL injection, and SQL injection different Is it to attack the target is Active Directory, Active Directory or any LDAP server. This idea is a malicious user in an LDAP query injection is not to be trusted data.
    Defense method: for spying on the internal network LDAP for blocking and record, if in public on the machine to provide the LDAP service, then you should put your LDAP server into the DMZ.
    [Oh give you a roughly impression,because as a rookie,to know.] (!###! A face with tomatoes…who threw the…)

The second part is too repetitive so it does not turn Please to the sources of information to see…