Re: why everybody tries my port #44767 ?

Fri, 16 Jun 2000 07:45:31 -0700 

Here is a list of the default ports for most common trojans.
Of course, most of these can be changed before distributing the trojan.
This doesn't mean you're safe...I suggest getting a port scanner such as NMAP
http://www.insecure.org/nmap if you're using *nix. If you're using Windows I really 
can't help you there, I don't know which scanners are available for MS platforms. I'm 
sure someone on the list can suggest one. Scan your system for ports offering 
services. If anything suspicious comes up, let me know and I'll try to help out.




31337 tcp backorifice BO standard port 
21 TCP Blade Runner, Doly Trojan, Fore, Invisible FTP, WebEx, WinCrash ftp port 
spoofing trojans 
23 TCP Tiny Telnet Server small telnet daemon back door 
25 TCP Antigen, Email Password Sender, Haebu Coceda, Shtrilitz Stealth, Terminator, 
WinPC, WinSpy, Kuang2 0.17A-0.30 
31 TCP Hackers Paradise Backdoor 
80 TCP Executor webport spoofed backdoor 
456 TCP Hackers Paradise Backdoor 
555 TCP Ini-Killer, Phase Zero, Stealth Spy Backdoor 
666 TCP Satanz Backdoor 
1001 TCP Silencer, WebEx Backdoor 
1011 TCP Doly Trojan Backdoor 
1095 TCP Rat Backdoor 
1097 TCP Rat Backdoor 
1098 TCP Rat Backdoor 
1099 TCP Rat Backdoor 
1170 TCP Psyber Stream Server, Voice Backdoor 
1234 TCP TCP Ultors Trojan Backdoor 
1243 TCP Sub 7 sends a notfier to a irc server of the hackers choice 'look for 
connections to irc servers n netsta -a' 
6711 TCP Sub 7 sends a notfier to a irc server of the hackers choice 'look for 
connections to irc servers n netsta -a' 
6776 TCP Sub 7 sends a notfier to a irc server of the hackers choice 'look for 
connections to irc servers n netsta -a' 


Be sure to check us out at http://infosec.20m.com
_________________________________________________




On Tue, 13 June 2000, "Mustafa Do�ru" wrote:

> 
> 
> 
> I get reports on trial of connection on port 44767 to my personal computer.
> What for is this port?
> Thank u.
> 
> Mustafa Dogru
> Systems Specialist.
> 
> 
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]

   
-------------------------------------------------
Join a North Sky Community Today!
http://communities.northsky.com 
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to