Scot L. Harris wrote:
A quick google on port 1025 had it listed in one place as network
blackjack. Not sure how accurate that is. But most likely this just
someone scanning various ports for something open or for a specific
exploit on a service that uses port 1025.
IIRC, Windows uses the ports immediately above 1024 for a variety of
readily-exploitable services. Configure the firewall to reject new
connections on those ports. My experience is that ports 1025-1030 are
the most common targets.
--
-John (john(a)os2.dhs.org)