Trojan Port List
HOW YOUR COMPUTER COMMUNICATES WITH THE OUTSIDE WORLD
For your computer to be able to connect to the Internet and
surf the web, download information and files, to run software updates
and send and receive emails and messages you have to connect to the
‘outside world’.
You already knew that, so pretty simple so far.
Without getting too technical, this connection mechanism in a computer
is called an ‘IP Port’ and most of us are aware
that our computers have a unique ‘IP address’ so
that we can receive information across the internet. Because there are
a large number of processes that potentially may need to be running
simultaneously, the IP (Internet Protocol) system has some 65535
available ports.
This may seem like an excessively large number but it ensures that
channel conflicts are unlikely to arise particularly as new
applications, programs and services continue to evolve, and as each
process usually requires at least one unique sending and receiving port
for each function and more if you are part of a network.
Each port is known by its port number with certain key ports being
reserved for particular functions. IANA is the governing body that
issues registrations for use of IP ports which are divided into three
ranges;
- Ports 0 to 1023 are known as the ‘Well Known Ports’ used for the most common functions,
- Ports 1024 to 49151 designated as Registered Ports and
- Ports in the range 49152 to 65535 are defined as Dynamic or Private Ports.
Network Sorcery's IP Port
Assignment page is for the real geeks among you to check out what
applications or functions, if any, are allocated to which ports.
Actually, it can be a useful reference if a suspicious connection is
detected using a certain port and you want to determine if the
connection may be part of a valid process.
IP PORT VULNERABILITIES
So an IP port is a gateway from your computer to the outside world and access from the outside world into your computer. These are the ‘city gates’ to your fortress and someone decided that you needed 65000 of them to guard !With so many trojans and spyware around and so many doors to get thru it is not difficult to see that at some point in time you may potentially be hacked.
If some of your bandwidth ever is hijacked and is being used as a thru-channel to attack other unsuspecting users then the most common symptom will be excessive internet activity that does not appear to correspond to traffic generated by any legitimate processes that you have running.
One tool you use to check this quickly is Microsoft's built-in Task Manager, (Control Alt & Delete then select Task Manager). Use the tabs to navigate to see what processes are running and which ones are using your system resources.
Look at system resources being used and applications running.
Check your internet connection Icon and see what the internet send/receive activity levels are after closing all unnecessary programs. Note any suspicious applications for further investigation.
If a Trojan does penetrate your Firewall/Scanner security shield and attempts to download some spyware to send information back to the hacker host it will need to open two ports on your machine to do so. IP Ports then are a vulnerability but as any traffic must pass thru these they can also become a detection point with the right monitoring software.
Return to top
USEFUL MONITORING AND DETECTION TOOLS
The following are useful detection tools for determining what processes are accessing the internet from your computer.Process Explorer V11.21 (FREEWARE)
This utility is like a beefed up Task Manager.Process Explorer can be used to find out program has a particular file or directory open and shows you information about which handles and DLLs processes have opened or loaded.
The top display frame of Process Explorer lists all the active processes, including the master application names and the lower frame shows dependant information for any process selected. Another setting identifies what applications are accessing which DLLs, Dynamic Linked Libraries, - mini program directory lists which are accessed by active applications periodically to allow them run on your computer.
Process Explorer is compatible with Windows 2000 SP4 and Windows XP.
Fport (FREEWARE)
Fport V2.0Fport identifies unknown open ports and their associated applications. It reports all open TCP/IP and UDP ports and maps them to the owning application.
This is the same information you would see using the 'netstat -a' or 'netstat –n' commands, but it also maps those ports to running processes with the PID, process name and path.
Fport can be used to quickly identify unknown open ports and their associated applications.
Fport is compatible with Windows NT4, Windows 2000 and Windows XP Copyright 2002 (c) by Foundstone, Inc. www.foundstone.com
FreePortScanner V2.7 (FREEWARE)
Free Port Scanner is a small, fast, robust port scanner for the Win32 platform and the display panel is simple but easy to use.Scans can be done in a few seconds and can be on predefined port ranges. This tool uses TCP packets to determine available hosts, open ports and service associated with the port and other important characteristics.
Copyright by NSAUDITOR.COM
Compatible with Windows2000,WinXP,Windows2003
Return to top
TROJAN PORT ARCHIVE LIST
The following Trojan Port list compiled by Jonathan Read was current circa 2004 before the Trojan/Spyware/Malware explosion. It shows which ports known trojans open to exchange information with the remote hacker host. The information is posted here as an archival list for reference purposes.|
Port Opened
|
Protocol Used
|
Name of trojan or trojans
|
|
1
|
UDP
|
Sockets des Troie |
|
2
|
TCP
|
Death |
|
20
|
TCP
|
Senna Spy FTP server |
|
21
|
TCP
|
Back Construction, Blade Runner, Cattivik FTP Server, CC Invader, Dark FTP, Doly Trojan, Freddy beta 2 - beta 3, Fore, Invisible FTP, Juggernaut 42, Larva, MotIv FTP, Net Administrator, Ramen, Senna Spy FTP server, The Flu, Traitor 21, WebEx, WinCrash |
|
22
|
TCP
|
Shaft |
|
23
|
TCP
|
Fire HacKer, Tiny Telnet Server - TTS, Truva Atl, My Very Own Trojan |
|
25
|
TCP
|
Ajan, Antigen, Barok, BSE Trojan, Email Password Sender - EPS, EPS II, Gip, Gris, Happy99, Hpteam mail, Hybris, I love you, Kuang2, Magic Horse, MBT (Mail Bombing Trojan), Moscow Email trojan, Naebi, NewApt worm, ProMail trojan, Shtirlitz, Stealth, Stukach, Tapiras, Terminator, WinPC, WinSpy |
|
30
|
TCP
|
Agent 40421 |
|
31
|
TCP
|
Agent 31, Hackers Paradise, Masters Paradise |
|
39
|
TCP
|
SubSARI |
|
41
|
TCP
|
Deep Throat, Foreplay |
|
44
|
TCP
|
Arctic Trojan |
|
48
|
TCP
|
D.R.A.T |
|
50
|
TCP
|
D.R.A.T |
|
58
|
TCP
|
DMSetup |
|
59
|
TCP
|
DMSetup |
|
79
|
TCP
|
CDK, Firehotcker |
|
80
|
TCP,
ACK
|
711 Beta, Back End, AckCmd (ack), CGI BackDoor, Exector, Hooker, Ring Zero, Web Serve 2, Back End, Back Orifice 2000 Plug-Ins, Cafeini, CGI Backdoor, Executor, God Message, God Message Creator, Hooker, IISworm, MTX, NCX, Reverse WWW Tunnel Backdoor, RingZero, Seeker, WAN Remote, Web Server CT, WebDownloader |
|
81
|
TCP
|
RemoConChubo |
|
99
|
TCP
|
Hidden Port, NCX |
|
110
|
TCP
|
ProMail |
|
113
|
TCP
|
Invisible Identd Deamon, Kazimas |
|
119
|
TCP
|
Happy99 |
|
121
|
TCP,
UDP
|
Attack Bot, God Message, JammerKillah (UDP) |
|
123
|
TCP
|
NetController |
|
133
|
TCP
|
Farnaz |
|
137
|
TCP,
UDP
|
Chode, MSinit (UDP) |
|
138
|
TCP
|
Chode |
|
139
|
TCP
|
Chode, God Message worm, MSinit, Netlog, Network, Qaz |
|
142
|
TCP
|
NetTaxi |
|
146
|
TCP,
UDP
|
The infector |
|
170
|
TCP
|
A-Trojan |
|
334
|
TCP
|
Backage |
|
411
|
TCP
|
Backage |
|
420
|
TCP
|
Breach, Incognito |
|
421
|
TCP
|
TCP Wrappers trojan |
|
455
|
TCP
|
Fatal Connections 2.0 |
|
456
|
TCP
|
Hackers Paradise 2 beta 3, Masters Paradise 98 beta 2, Masters Paradise 99 beta 9.9d |
|
513
|
TCP
|
Grlogin |
|
514
|
TCP
|
RPC Backdoor |
|
531
|
TCP
|
Net666, Rasmin |
|
555
|
TCP
|
711, Ini-Killer, Net Administrator, Phase Zero, Phase-0, Stealth Spy |
|
605
|
TCP
|
Secret Service |
|
666
|
TCP
|
Attack FTP, Back Construction, BLA trojan, Cain & Abel, NokNok, Satans Back Door, ServU, ShadowPhyre, th3r1pp3rz |
|
667
|
TCP
|
SniperNet |
|
669
|
TCP
|
DP trojan |
|
692
|
TCP
|
GayOL |
|
777
|
TCP
|
AimSpy, Undetected |
|
808
|
TCP
|
WinHole |
|
911
|
TCP,
UDP
|
DarkShadow's trojan |
|
999
|
TCP,
UDP
|
Deep Throat, Foreplay, WinSatan |
|
1000
|
TCP
|
DerSpaeher, Direct Connection |
|
1001
|
TCP
|
DerSpaeher, Le Guardien, SK Silencer, WebEx |
|
1010
|
TCP
|
Doly |
|
1011
|
TCP
|
Doly |
|
1012
|
TCP
|
Doly |
|
1015
|
TCP
|
Doly |
|
1016
|
TCP
|
Doly |
|
1020
|
TCP
|
Vampire |
|
1024
|
TCP
|
Latinus 1.0, Latinus 1.2, NetSpy, Jade |
|
1025
|
TCP,
UDP
|
Fraggle Rock, NetSpy, Remote Storm (TCP and UDP) |
|
1031
|
TCP
|
Xanadu |
|
1035
|
TCP
|
Multidropper |
|
1042
|
TCP
|
BLA |
|
1045
|
TCP
|
Rasmin |
|
1050
|
TCP
|
MiniCommand |
|
1053
|
TCP
|
Thief |
|
1054
|
ACK
|
AckCmd |
|
1066
|
TCP
|
B.F. Evolution |
|
1080
|
TCP
|
WinHole |
|
1081
|
TCP
|
WinHole |
|
1082
|
TCP
|
WinHole |
|
1083
|
TCP
|
WinHole |
|
1090
|
TCP
|
Xtreme |
|
1095
|
TCP
|
Remote Administration Tool |
|
1097
|
TCP
|
Remote Administration Tool |
|
1098
|
TCP
|
Remote Administration Tool |
|
1099
|
TCP
|
B.F.Evolution |
|
1104
|
UDP
|
RexxRave |
|
1150
|
TCP
|
Orion |
|
1151
|
TCP
|
Orion |
|
1170
|
TCP
|
Psyber Stream Server, Streaming Audio Server, VoiceDLL |
|
1200
|
UDP
|
NoBackO |
|
1201
|
UDP
|
NoBackO |
|
1207
|
TCP
|
SoftWAR |
|
1208
|
TCP
|
Infector |
|
1212
|
TCP
|
Kaos |
|
1234
|
TCP
|
Ultor's Telnet Trojan, SubSeven Java client |
|
1243
|
TCP
|
SubSeven, SubSeven, Tiles |
|
1245
|
TCP
|
Voodoo Doll |
|
1255
|
TCP
|
Scarab |
|
1256
|
TCP
|
Project nEXT |
|
1269
|
TCP
|
Mavericks Matrix |
|
1272
|
TCP
|
The Matrix |
|
1313
|
TCP
|
NETrojan |
|
1338
|
TCP
|
Millenium Worm |
|
1349
|
UDP
|
Back Orifice DLL |
|
1386
|
TCP
|
Dagger |
|
1394
|
TCP
|
Gofriller |
|
1441
|
TCP
|
Remote Storm |
|
1492
|
TCP
|
FTP99cmp |
|
1524
|
TCP
|
Trinoo (DDoS) |
|
1568
|
TCP
|
Remote Hack |
|
1600
|
TCP
|
Direct Connection, Shivka-Burka |
|
1703
|
TCP
|
Exploiter |
|
1777
|
TCP
|
Scarab |
|
1807
|
TCP
|
Spy Sender |
|
1966
|
TCP
|
Fake FTP |
|
1967
|
TCP
|
F.Y.E.O, WM FTP Server |
|
1969
|
TCP
|
OpC Back orifice |
|
1981
|
TCP
|
Bowl 1.0, ShockRave |
|
1991
|
TCP
|
Pitfall |
|
1999
|
TCP
|
BackDoor, Transmission Scout |
|
2000
|
TCP
|
DerSpaeher, Insane Network, Last 2000, Remote Explorer 2000, Senna Spy Trojan Generator |
|
2001
|
TCP
|
DerSpaeher, Trojan Cow |
|
2023
|
TCP
|
Ripper Pro |
|
2080
|
TCP
|
WinHole |
|
2115
|
TCP
|
Bugs |
|
2130
|
UDP
|
Mini Backlash |
|
2140
|
UDP
|
Invasor, Deep Throat, Foreplay |
|
2155
|
TCP
|
Illusion Mailer |
|
2255
|
TCP
|
Nirvana |
|
2283
|
TCP
|
Hvl RAT |
|
2300
|
TCP
|
Xplorer |
|
2311
|
TCP
|
Studio 54 |
|
2330
|
TCP
|
Contact |
|
2331
|
TCP
|
Contact |
|
2332
|
TCP
|
Contact |
|
2333
|
TCP
|
Contact |
|
2334
|
TCP
|
Contact |
|
2335
|
TCP
|
Contact |
|
2336
|
TCP
|
Contact |
|
2337
|
TCP
|
Contact |
|
2338
|
TCP
|
Contact |
|
2339
|
TCP,
UDP
|
Voice Spy |
|
2345
|
TCP
|
Doly |
|
2565
|
TCP
|
Striker |
|
2583
|
TCP
|
WinCrash |
|
2589
|
TCP
|
Dagger |
|
2600
|
TCP
|
Digital Root beer |
|
2716
|
TCP
|
The Prayer |
|
2773
|
TCP
|
Subseven |
|
2774
|
TCP
|
Subseven |
|
2801
|
TCP
|
Phineas Phucker |
|
2989
|
UDP
|
R.A.T. |
|
3000
|
TCP
|
InetSpy beta 1, Remote Shut |
|
3024
|
TCP
|
WinCrash |
|
3031
|
TCP
|
Microspy |
|
3128
|
TCP
|
Reverse WWW Tunnel Backdoor, RingZero |
|
3129
|
TCP
|
Masters Paradise |
|
3131
|
TCP
|
SubSARI |
|
3150
|
UDP
|
Invasor, Mini BackLash, Deep Throat, Foreplay |
|
3456
|
TCP
|
Terror trojan |
|
3457
|
TCP
|
P.E.T |
|
3459
|
TCP
|
Eclipse 2000, Sanctuary |
|
3700
|
TCP
|
Portal of Doom |
|
3777
|
TCP
|
Psychward |
|
3791
|
TCP
|
Total Solar Eclypse |
|
3801
|
TCP
|
Total Solar Eclypse |
|
4000
|
TCP
|
Skydance |
|
4092
|
TCP
|
WinCrash |
|
4201
|
TCP
|
WarTrojan |
|
4242
|
TCP
|
Virtual Hacking Machine |
|
4321
|
TCP
|
Bobo |
|
4444
|
TCP
|
CrackDown, Prosiak, Swift Remote |
|
4488
|
TCP
|
Event Horizon |
|
4567
|
TCP
|
File Nail |
|
4590
|
TCP
|
ICQ Trojan |
|
4653
|
TCP
|
Cero |
|
4666
|
TCP
|
Mneah Trojan |
|
4950
|
TCP
|
ICQ Trojan |
|
5000
|
TCP
|
BioNet lite, Back Door Setup, Blazer5, Bubbel, ICKiller, Ra1d, Sockets des Troie |
|
5001
|
TCP
|
Back Door Setup, Sockets des Troie |
|
5002
|
TCP
|
cd00r, Shaft |
|
5010
|
TCP
|
Solo |
|
5011
|
TCP
|
One of the last trojans |
|
5025
|
TCP
|
WM Remote Keylogger |
|
5031
|
TCP
|
Net Metropolitan |
|
5032
|
TCP
|
Net Metropolitan |
|
5321
|
TCP
|
Firehotcker |
|
5333
|
TCP
|
Backage, NetDemon |
|
5343
|
TCP
|
wCrat |
|
5400
|
TCP
|
Back Construction, Blade Runner |
|
5401
|
TCP
|
Back Construction, Blade Runner, Mneah Trojan |
|
5402
|
TCP
|
Back Construction, Blade Runner, Mneah Trojan |
|
5512
|
TCP
|
Illusion Mailer |
|
5534
|
TCP
|
THE FLU |
|
5550
|
TCP
|
Xtcp |
|
5555
|
TCP
|
ServeMe |
|
5556
|
TCP
|
BO Facil |
|
5557
|
TCP
|
BO Facil |
|
5569
|
TCP
|
Robo Hack |
|
5637
|
TCP
|
PC Crasher |
|
5638
|
TCP
|
PC Crasher |
|
5742
|
TCP
|
WinCrash |
|
5880
|
TCP
|
Y3K |
|
5882
|
TCP,
UDP
|
Y3K |
|
5888
|
TCP,
UDP
|
Y3K |
|
5889
|
TCP,
UDP
|
Y3K |
|
6000
|
TCP
|
tHing |
|
6006
|
TCP
|
Bad Blood |
|
6272
|
TCP
|
Secret Service |
|
6400
|
TCP
|
tHing |
|
6661
|
TCP
|
TEMan, Weia-Meia |
|
6666
|
TCP
|
Dark Connection Inside, NetBus worm |
|
6667
|
TCP
|
Dark FTP, ScheduleAgent, Subseven, Trinity, WinSatan |
|
6669
|
TCP
|
Host Control, Vampire |
|
6670
|
TCP
|
BackWeb Server, Deep Throat, Foreplay, WinNuke eXtreame |
|
6711
|
TCP
|
SubSARI, SubSeven, VP Killer |
|
6712
|
TCP
|
Funny Trojan, Subseven |
|
6713
|
TCP
|
Subseven |
|
6723
|
TCP
|
Mstream |
|
6771
|
TCP
|
Deep Throat, Foreplay |
|
6776
|
TCP
|
2000 Cracks, Subseven, VP Killer |
|
6838
|
TCP
|
Mstream (DDoS) |
|
6883
|
TCP
|
DELTA Source |
|
6912
|
TCP
|
ShitHeep |
|
6939
|
TCP
|
Indoctrination |
|
6969
|
TCP
|
Gatecrasher, IRC 3, Net Controller, Priority |
|
6970
|
TCP
|
Gatecrasher |
|
7000
|
TCP
|
Remote Grab |
|
7001
|
TCP
|
Freak88, Freak2k (DDoS) |
|
7215
|
TCP
|
Subseven |
|
7300
|
TCP
|
Net Monitor |
|
7301
|
TCP
|
Net Monitor |
|
7306
|
TCP
|
Net Monitor |
|
7307
|
TCP
|
Net Monitor |
|
7308
|
TCP
|
Net Monitor |
|
7424
|
TCP,
UDP
|
Host Control |
|
7626
|
TCP
|
Glacier |
|
7777
|
TCP
|
God Message, Tini |
|
8080
|
TCP
|
Brown Orifice, RemoConChubo, Reverse WWW Tunnel Backdoor, Ring Zero |
|
8787
|
TCP
|
BO2K |
|
8988
|
TCP
|
Back Hack |
|
8989
|
TCP
|
Rcon, Recon, Xcon |
|
9000
|
TCP
|
Netministrator |
|
9325
|
UDP
|
Mstream |
|
9400
|
TCP
|
Incommand |
|
9872
|
TCP
|
Portal of Doom |
|
9873
|
TCP
|
Portal of Doom |
|
9874
|
TCP
|
Portal of Doom |
|
9875
|
TCP
|
Cyber Attacker, RUX |
|
9878
|
TCP
|
Trans scout |
|
9989
|
TCP
|
INI Killer |
|
9999
|
TCP
|
Prayer |
|
10067
|
UDP
|
Portal of Doom |
|
10085
|
TCP
|
Syphilis |
|
10086
|
TCP
|
Syphilis |
|
10100
|
TCP
|
Control total beta 4, Gift |
|
10101
|
TCP
|
BrainSpy Beta, Silencer |
|
10167
|
UDP
|
Portal of Doom |
|
10520
|
TCP
|
Acid Shivers |
|
10528
|
TCP
|
Host Control |
|
10607
|
TCP
|
COMA |
|
10666
|
UDP
|
Ambush 1.0 |
|
11000
|
TCP
|
Senna SPY |
|
11050
|
TCP
|
Host Control |
|
11051
|
TCP
|
Host Control |
|
11223
|
TCP
|
Progenic trojan, Secret Agent |
|
12076
|
TCP
|
Gjamer |
|
12223
|
TCP
|
Hack´99 KeyLogger |
|
12310
|
TCP
|
Precursor |
|
12345
|
TCP
|
Ashley, Fat Bitch trojan, Gabanbus, Mypic, Netbus, Netbus Toy, NetBus worm, Pie Bill Gates, Whack Job, X-bill, ValV-N.E.t |
|
12346
|
TCP
|
Fat Bitch trojan, Gabanbus, Mypic, Netbus, Netbus Toy, NetBus worm, Pie Bill Gates, Whack Job, X-bill, ValV-N.E.t |
|
12349
|
TCP
|
Bionet |
|
12361
|
TCP
|
Whack-a-Mole |
|
12362
|
TCP
|
Whack-a-Mole |
|
12623
|
UDP
|
DUN Control |
|
12624
|
TCP
|
ButtMan |
|
12631
|
TCP
|
Whack job |
|
12754
|
TCP
|
Mstream (DDoS) |
|
13000
|
TCP
|
Senna SPY |
|
13010
|
TCP
|
HBR (Hacker Brazil) |
|
13013
|
TCP
|
Psychward |
|
13014
|
TCP
|
Psychward |
|
13223
|
TCP
|
Hack´99 KeyLogger |
|
13473
|
TCP
|
Chupacabra |
|
14500
|
TCP
|
PC Invader |
|
14501
|
TCP
|
PC Invader |
|
14502
|
TCP
|
PC Invader |
|
14503
|
TCP
|
PC Invader |
|
15000
|
TCP
|
NetDemon |
|
15092
|
TCP
|
Host Control |
|
15104
|
TCP
|
Mstream (DDoS) |
|
15382
|
TCP
|
SubZERO |
|
15858
|
TCP
|
CDK |
|
16484
|
TCP
|
MoSucker |
|
16660
|
TCP
|
Stacheldraht (DDoS) |
|
16772
|
TCP
|
ICQ Revenge |
|
16959
|
TCP
|
Subseven |
|
16969
|
TCP
|
Priority |
|
17166
|
TCP
|
Mosaic |
|
17300
|
TCP
|
Kuang 2 the Virus |
|
17449
|
TCP
|
Kid Terror |
|
17499
|
TCP
|
CrazzyNet |
|
17500
|
TCP
|
CrazzyNet |
|
17569
|
TCP
|
The Infector |
|
17593
|
TCP
|
AudioDoor |
|
17777
|
TCP
|
Nephron |
|
18753
|
UDP
|
SHAFT |
|
19864
|
TCP
|
ICQ Revenge |
|
20000
|
TCP
|
Millenium |
|
20001
|
TCP
|
Insect, Millenium, Millenium (Lm) |
|
20002
|
TCP
|
AcidkoR |
|
20005
|
TCP
|
MoSucker |
|
20023
|
TCP
|
VP Killer |
|
20034
|
TCP
|
NetBus 2.0 Pro, NetBus 2.0 Pro Hidden, NetRex, Whack Job |
|
20203
|
TCP
|
Chupacabra |
|
20331
|
TCP
|
BLA |
|
20432
|
TCP
|
Shaft |
|
20433
|
UDP
|
Shaft |
|
21544
|
TCP
|
Girlfriend, Exploiter, Freddy, Kid Terror, Maverick's Matrix |
|
21554
|
TCP
|
Exploiter, Kid Terror, Schwindler, Winsp00fer |
|
22222
|
TCP
|
Donald Dick, Prosiak, Ruler, RUX The TIc.K |
|
23005
|
TCP
|
Nettrash |
|
23006
|
TCP
|
Nettrash |
|
23023
|
TCP
|
Logged |
|
23032
|
TCP
|
Amanda |
|
23432
|
TCP
|
Asylum |
|
23456
|
TCP
|
Evil FTP, Ugly FTP, Whack Job |
|
23476
|
TCP,
UDP
|
Donald Dick |
|
23477
|
TCP
|
Donald Dick |
|
23777
|
TCP
|
InetSpy beta 1 |
|
24000
|
TCP
|
The Infector |
|
25123
|
TCP
|
Goy'Z Trojan |
|
25685
|
TCP
|
Moonpie |
|
25686
|
TCP
|
Moonpie |
|
25982
|
TCP
|
Moonpie |
|
26274
|
UDP
|
Delta Source |
|
26681
|
TCP
|
Voice Spy |
|
27160
|
TCP
|
Moonpie |
|
27374
|
TCP
|
Bad Blood, Ramen, Seeker, Subseven, Ttfloader |
|
27444
|
UDP
|
TRINOO (DDoS) |
|
27573
|
TCP
|
Subseven |
|
27665
|
TCP
|
TRINOO (DDoS) |
|
28678
|
TCP
|
Exploiter |
|
29104
|
TCP
|
NETrojan |
|
29891
|
UDP
|
The Unexplained |
|
30000
|
TCP
|
Infector ? |
|
30001
|
TCP
|
Err0r32 |
|
30003
|
TCP
|
Lamers Death |
|
30029
|
TCP
|
AOL Trojan |
|
30070
|
TCP
|
Mantis (shaban) |
|
30101
|
TCP
|
NetSphere |
|
30102
|
TCP
|
NetSphere |
|
30103
|
TCP,
UDP
|
NetSphere |
|
30133
|
TCP
|
NetSphere |
|
30303
|
TCP
|
Sockets des Troie |
|
30947
|
TCP
|
Intruse |
|
30999
|
TCP
|
Kuang2 |
|
31335
|
TCP
|
Trinoo |
|
31336
|
TCP,
UDP
|
Bo Whack, Butt Funnel |
|
31337
|
TCP,
UDP
|
Back Fire, Back Orifice, Baron Night, Beeone, BO Facil, BO spy, BO2, Freak88, Freak2k |
|
31338
|
TCP,
UDP
|
DK NetSpy, Deep BO |
|
31339
|
TCP,
UDP
|
NetSpy (DK) |
|
31557
|
TCP
|
Xanadu |
|
31666
|
TCP
|
Bowhack |
|
31785
|
TCP,
UDP
|
Hack'a'Tack |
|
31787
|
TCP,
UDP
|
Hack'a'Tack |
|
31788
|
TCP,
UDP
|
Hack'a'Tack |
|
31789
|
TCP,
UDP
|
Hack'a'Tack |
|
31790
|
TCP,
UDP
|
Hack'a'Tack |
|
31791
|
UDP
|
Hack'a'Tack |
|
31792
|
UDP
|
Hack'a'Tack |
|
32001
|
TCP
|
Donald Dick |
|
32100
|
TCP
|
Peanut Brittle, Project nEXT |
|
32418
|
TCP
|
Acid Battery |
|
33270
|
TCP
|
Trinity (DDoS) |
|
33333
|
TCP
|
Blakharaz, Prosiak |
|
33577
|
TCP
|
Son of Psychward |
|
33777
|
TCP
|
Son of Psychward |
|
33911
|
TCP
|
Spirit 2000, Spirit 2001 |
|
34324
|
TCP
|
Big Gluck, TN |
|
34444
|
TCP
|
Donald Dick |
|
34555
|
UDP
|
WINTrinoo (DDoS) |
|
35555
|
UDP
|
WINTrinoo (DDoS) |
|
37237
|
TCP
|
Mantis |
|
37651
|
TCP
|
Y.A.T. |
|
40412
|
TCP
|
The Spy Beta 1 |
|
40421
|
TCP
|
Agent 40421, Masters Paradise |
|
40422
|
TCP
|
Masters Paradise |
|
40423
|
TCP
|
Masters Paradise |
|
40425
|
TCP
|
Masters Paradise |
|
40426
|
TCP
|
Masters Paradise |
|
41337
|
TCP
|
Storm |
|
41666
|
TCP,
UDP
|
Remote Boot Tool |
|
44444
|
TCP
|
Prosiak |
|
44575
|
TCP
|
Exploiter |
|
47262
|
TCP,
UDP
|
Delta source |
|
48004
|
TCP
|
Fraggle Rock |
|
48006
|
TCP
|
Fraggle Rock |
|
49000
|
TCP
|
Fraggle Rock |
|
49301
|
TCP
|
OnLine KeyLogger |
|
50000
|
TCP
|
SubSARI |
|
50130
|
TCP
|
Enterprise |
|
50505
|
TCP
|
Sockets des Troie |
|
50766
|
TCP
|
Fore, Schwindler |
|
51966
|
TCP
|
CAFEiNi |
|
52317
|
TCP
|
Acid Battery 2000 |
|
53001
|
TCP
|
Remote Windows Shutdown |
|
54283
|
TCP
|
SubSeven |
|
54320
|
TCP
|
BO2K |
|
54321
|
TCP
|
BO2K, SchoolBus |
|
55165
|
TCP
|
File Manager Trojan |
|
55166
|
TCP
|
File Manager Trojan, WM Trojan Generator |
|
57341
|
TCP
|
NetRaider |
|
58339
|
TCP
|
Butt Funnel |
|
60000
|
TCP
|
Deep Throat, Foreplay, Sockets des Troie |
|
60001
|
TCP
|
Trinity (DDoS) |
|
60068
|
TCP
|
Xzip 6000068 |
|
60411
|
TCP
|
Connection |
|
61348
|
TCP
|
Bunker Hill |
|
61466
|
TCP
|
Telecommando |
|
61603
|
TCP
|
Bunker Hill |
|
63485
|
TCP
|
Bunker Hill |
|
64101
|
TCP
|
Taskman |
|
65000
|
TCP
|
Devil, Sockets des Troie, Stacheldraht (DDoS) |
|
65390
|
TCP
|
Eclypse |
|
65421
|
TCP
|
Jade |
|
65432
|
TCP,
UDP
|
Traitor |
|
65530
|
TCP
|
Windows Mite |
|
65535
|
TCP
|
RC |
|
|
copyright 2001 © anti-trojan.org |
Return to top
