Question : What is Port 1828 / ITM-MCELL-U

Can anyone tell me what Port 1828 / ITM-MCELL-U is used for? An internet search tells me that Port 1828 = ITM-MCELL-U, but not what uses it.

I've seen traffic on this port on the LAN / Internet but cannot identify it.

Thanks in advance.

Answer : What is Port 1828 / ITM-MCELL-U

Although there are standards for what runs on what port, they are not definitive answers. Almost any server/daemon can be configured to listen on any port for any purpose. Also, source and destination ports are typically different, but I'll assume you know that and are certain your port 1828 traffic is the destination port.

Depending on your network environment, weather you have physical/remote access to the machine generating the packets destined for 1828 or weather you are only able to sniff out those packets from elsewhere on the network, you could look up the IP address that is being connected to to get some hints. Example: if it is a typical windows workstation (non-techy user that insists on using IE to browse during breaks) that has these unidentified connections, and the IP it is connecting to resolves to something.blah.blah.ru and you have no reason to be connecting to a site in Russia, there is a near-certain chance it is some spyware app that has infected the machine in question and it could be sending anything from url's visited, keystrokes and screenshots, or company files/directories to this malicious overseas computer, in which case you should immediately block traffic to that IP at the firewall then take appropriate measures to scan/disinfect the misbehaving workstation.

If you have no access to the workstation in question and can't determine if the traffic is legit after sniffing the packets (like if it is a TLS connection or otherwise encrypted), you may have no choice but to block that traffic at the firewall then wait for a phone call from someone complaining about being broken.

I'm paranoid...if I see traffic I can't identify, my first reaction is to determine if it is malicious. Hopefully it's not, but (IMO) it's better to check it out and be safe than sorry.

Random Solutions

Roaming Profile Alternatives

International calling

HOSTS File - FQDN or simply host name?

Is this an NT Permissions problem?

CHILD DOMAIN DNS

Cant ping FQDN for some of the machines but I am able to ping them by IP

Proxy Server Setup on XP Laptop

How do i get OWA to work with Barracuda Spam and Virus Firewall

What is "Radius" stands for ??

I need help regarding SAN/NAS Configuration.