suspecious TCP connection Port 60000

Ajay

1/2/23, 9:20 AM

In my wireshark pcap file for the first time in last few months I saw that there is transfer of lot of data over TCP port 60000, 60002, 60004, 60008. One side IP address belongs to otx.alienvault.com. But as per this & This website port 60000 is used by trojan/ backdoors/ deep throat etc. I am unable to trace the application using this port.

3295    2021-09-02 06:50:19.696773242   99.XX.XX.XX 100.XX.XX.XXX   TCP 74  443 → 60000 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1440 SACK_PERM=1 TSval=143274654 TSecr=613246749 WS=512

On This link one suggest "Track down what machines are listening or using those ports and map those connections/ports back to their process ID." But how I don't know.

3391    2021-09-02 06:50:19.817344087   99.XX.XX.XX 100.XX.XX.XXX   TLSv1.3 1494    Application Data [TCP segment of a reassembled PDU]

These were different ports 60000, 60002, 60004, 60008. I completely layman. Please help me.

The MAC addresses showing are not MAC address of my laptop. these are MAC addresses of some devices in network. Ethernet II, Src: XX:XX:XX:XX:38:8e (XX:XX:XX:XX:38:8e), Dst: XX:XX:XX:XX:09:a9 (XX:XX:XX:XX:09:a9)

0 + 3

networking

David

1/2/23, 9:23 AM

This web site explains what the web site you have noted is. https://cybersecurity.att.com/resource-center/webcasts/how-to-use-otx-with-ossim It appears you are using their services?

David

1/2/23, 9:28 AM

BTW did you even bother to google that URL?

Ajay

1/2/23, 9:37 AM

Yes I googled. But as far as I remember I never opt to register at otx.alienvault.com. Otherwise the dst and src MAc addresses are not of my device these are devices somewhere in LAN network (may be of service provider). I am searching my root directory for {sudo ag "60000/tcp" /}

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: suspecious TCP connection Port 60000

TH: การเชื่อมต่อ TCP ที่น่าสงสัยพอร์ต 60000

RO: conexiune TCP suspectă Port 60000

RU: подозрительное TCP-соединение Порт 60000

VI: Cổng kết nối TCP đáng ngờ 60000

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.