question about port 389 in windows 2000 server

Discussion in 'Server Networking' started by yatlam, Aug 10, 2004.

  1. yatlam

    yatlam Guest

    Hi all, I found that there is an unknown problem in the port 389 of my
    windows 2000 server and it is really disturbing.
    I have checked the TCP Connections on my server, there are over a hundred of
    established connections on the port 389 with the other local ports. For
    example, my server's local IP is, the connections are as below: 389 -> 10000 ESTABLISHED 389 -> 10201 ESTABLISHED 389 -> 10332 ESTABLISHED 389 -> 10403 ESTABLISHED 389 -> 10522 ESTABLISHED 389 -> 10615 ESTABLISHED
    .. 389 -> 11315 TIME_WAIT

    It seems that it is caused by some virus, but I have tried a full scan on my
    server and checked all process on run. No virus has been discovered. Some of
    my local network applications, such as files accessing and active directory
    accessing, have been slow down and even unaccessable. I have no idea on
    that. Could any one help me to figure out the problems and give me some
    suggestion to tackle this? Thank you very much.

    yatlam, Aug 10, 2004
    1. Advertisements

  2. yatlam

    Miha Pihler Guest


    389 is TCP port used by LDAP (Lightweight Directory Access Protocol). LDAP
    is a base for Active Directory -- all the queries in Active Directory are
    done through LDAP (e.g. looking for user information etc...).

    Miha Pihler, Aug 10, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.