TCP 2002 open?

Discussion in 'macOS' started by theoliverwilson, Jun 24, 2010.

  1. theoliverwilson macrumors newbie

    Joined:
    Mar 6, 2010
    #1
    I randomly "nmap"ed my own system today and found that TCP 2002 was open on my MacBook Pro 13. It is called "Globe" on the scan however having searched around I've found a lot of malicious software using the port. Has anyone else got this? I don't have any "dodgy" software installed so I can't see what it could be. Any ideas? :confused: :apple:
     
  2. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #2
    This is one page that discusses a worm that uses port 2002. It has some info on how to detect if you're infected. You could take a look at that to see if it's present. The "globe" seems to just be the owner of that port so I don't think that part is significant.

    I also came across a few pages that talk about Cisco products using port 2002. Are you using any Cisco products?

    LogMeIn seems to make use of port 2002 as well.

    I don't have the port open on my machine. For others who want to check, open Network Utility, and use the Port Scan tab to scan for port 2002 on your own IP.
     
  3. theoliverwilson thread starter macrumors newbie

    Joined:
    Mar 6, 2010
    #3
    LogMeIn! Thank you very much angelwatt. Put my mind at ease now :) I thought I'd managed to do the seemingly impossible and contract a virus on my Mac :p Thanks for your help!
     
  4. DoFoT9 macrumors P6

    DoFoT9

    Joined:
    Jun 11, 2007
    Location:
    Singapore
    #4
    thats fairly dangerous... using a port that a few trojans make use of... ah well :p
     
  5. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #5
    Well, many more make use of port 80. Good luck blocking that one and being productive. :)

    As a note, the pages I came across about LogMeIn seemed to indicate this port was only used locally.
     
  6. DoFoT9 macrumors P6

    DoFoT9

    Joined:
    Jun 11, 2007
    Location:
    Singapore
    #6
    BAHA! true. but most programs and the OS itself that are running on 80 (i assume) would be more aware of the security threats - and logmein.com might not entirely be safe. if you get what i mean :\
     
  7. remmark macrumors newbie

    Joined:
    Jun 17, 2010
    #7
    I was wondering about that too. And then I realized that I am using ProSoft's Data BackUp and its Executor listens on :globe. Although it doesn't explicitly specify 2002.
     

Share This Page