Unknown port : Asterix port 8600?

Running nmap on my linux box, I find the following open port :

8600/tcp open  asterix

After searching online, I found almost no information about this service except a short description:

Port 8600

Transport Layer tcp

Keyword asterix

Description Surveillance Data

http://www.tcp-udp-ports.com/ports8600-8700.htm

More seraching leads me to: http://www.eurocontrol.int/services/asterix

ASTERIX stands for All Purpose STructured Eurocontrol SuRveillance Information EXchange.

It is an ATM Surveillance Data Binary Messaging Format which allows transmission of harmonised information between any surveillance and automation system.

ASTERIX defines the structure of the data to be exchanged over a communication medium, from the encoding of every bit of information up to the organisation of the data within a block of data - without any loss of information during the whole process.

Is there any more information out there? What could be the next step to deal witht this unknown open port? such as ignore it or format...

ports

Robertson Jes

Posted 2013-06-04T22:28:25.380

Reputation:

Try running sudo netstat -lpn | grep :8600 to see what process is listening to that port. Port 8600 may be commonly used for asterix (which I'm not familiar with), but any other process could be configured to listen on that port. – Johnny – 2013-06-04T23:47:40.343

Answers

It could be used by Java for debugging. A warning, it might close any app that runs under Java or that is using that port. For instance Aptana.

fuser -k -i -v 8600/tcp

AbsoluteƵERØ

Posted 2013-06-04T22:28:25.380

Reputation: 380

1Okay, maybe a little. Lazy way out. – AbsoluteƵERØ – 2013-06-05T00:59:47.257

Your search is correct. Asterix is a format used in air traffic control to transmit radar data. It was defined by European organization Eurocontrol but is now used worldwide.

You will definitely not use Asterix, so you can use 8600 port without fear.

nobody

Posted 2013-06-04T22:28:25.380

Reputation: 151

Not sure if this helps or not, but I found the same thing while scanning a windows box via nmap. It turns out that in my situation port 8600 was being used by a local install of CommVault. Like TildalWave suggested, identifying the process associated with that port should lead you to an answer. I just happened to find the port open on a windows box so I used the sysinternals tools to find the process.

Jon

Posted 2013-06-04T22:28:25.380

Reputation: 1

nmap? - good choice.

My IP camera is remotely controlled via 8600 (Aterix) port (rotation,oscilation and so on)

All about Asterix protocol can be found here - https://www.eurocontrol.int/asterix and also http://www.eurocontrol.int/sites/default/files/field_tabs/content/documents/single-sky/specifications/20120401-asterix-spec-v2.0.pdf

I think it's used in your linuxbox just for remote control ie switch on/off, change channels and so on. I've never met in my practice any spyware or maliciousware to use this protocol (because it's very known and open) - especially on linux platform (so far) ^).

But if you still have any suspicion you can use ZENMAP (graphical interface for nmap) for your network analysis and !-wireshark-!

Good chance! ^)

By the way: I found a lot of interesting when checked with wireshark an intense traffic in-between my Samsung smart TV and various servers around the globe (it was sending all the statistics not only about channels and programs I'd watched, but also outlet voltage and power consumption).

Dim

Posted 2013-06-04T22:28:25.380

Reputation: 1