Summary: Portscan reporting port 9991 open

From: Paul Beebe <>
Date: Thu Nov 03 2005 - 13:28:11 EST
Thank you to Casper for the help in obtaining the information I needed.
Apparently port 9991 is used by a CA-Unicenter application that is a
requirement of this company.

Steps used:

cd /proc
pfiles *

search for port 9991 and determine which program has it open. Also thank
you to the rest for suggestion of installing lsof, I will be using that
program in the future.


System: V440 running solaris 9, kernel patch 118558-11
No other applications running at this time
Sun Security toolkit run in default, secure mode.

The problem: Our security administrator is beating me up about port 9991
being open when she does a nmap scan of my box. I cannot find any config
files that control this port (9991/tcp issa).

What is the consequence of closing this port, is there a way to close
it, or is it necessary for the port to remain open? Any help is
appreciated. I have a suspicion that the issa port is opened / used by
her tool, but I can't prove it yet.

Paul Beebe
sunmanagers mailing list
Received on Thu Nov 3 13:28:56 2005

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:52 EST