TCP/UDP 端口
TCP 和 UDP 都是 IP 层的传输协议,是 IP 与上层之间的处理接口。TCP 和 UDP 协议端口号被设计来区分运行在单个设备上的多重应用程序的 IP 地址。
由于同一台机器上可能会运行多个网络应用程序,所以计算机需要确保目标计算机上接收源主机数据包的软件应用程序的正确性,以及响应能够被发送到源主 机的正确应用程序上。该过程正是通过使用TCP 或 UDP 端口号来实现的。在 TCP 和 UDP 头部分,有“源端口”和“目标端口”段,主要用于显示发送和接收过程中的身份识别信息。IP 地址和端口号合在一起被称为“套接字”。
IETF IANA 定义了三种端口组:公认端口(Well Known Ports)、注册端口(RegisteredPorts)以及动态和/或私有端口(Dynamic and/or Private Ports) 。
- 公认端口(Well Known Ports)从0到1023。
- 注册端口(RegisteredPorts)从1024到49151。
- 动态和/或私有端口(Dynamic and/or Private Ports)从49152到65535。
部分TCP/UDP端口
端口号 | 协议 | 服务名称 | 别名 | 注释 |
7 | TCP | echo | Echo | |
7 | UDP | echo | Echo | |
9 | TCP | discard | sink null | Discard |
9 | UDP | discard | sink null | Discard |
13 | TCP | daytime | Daytime | |
13 | UDP | daytime | Daytime | |
17 | TCP | qotd | quote | Quote of the day |
17 | UDP | qotd | quote | Quote of the day |
19 | TCP | chargen | ttytst source | Character generator |
19 | UDP | chargen | ttytst source | Character generator |
20 | TCP | ftp-data | File Transfer | |
21 | TCP | ftp | FTP Control | |
23 | TCP | telnet | Telnet | |
25 | TCP | smtp | Simple Mail Transfer | |
37 | TCP | time | Time | |
37 | UDP | time | Time | |
39 | UDP | rlp | resource | Resource Location Protocol |
42 | TCP | nameserver | name | Host Name Server |
42 | UDP | nameserver | name | Host Name Server |
43 | TCP | nicname | whois | Who Is |
53 | TCP | domain | Domain Name | |
53 | UDP | domain | Domain Name Server | |
67 | UDP | bootps | dhcps | Bootstrap Protocol Server |
68 | UDP | bootpc | dhcpc | Bootstrap Protocol Client |
69 | UDP | tftp | Trivial File Transfer | |
70 | TCP | gopher | Gopher | |
79 | TCP | finger | Finger | |
80 | TCP | http | www,http | World Wide Web |
88 | TCP | kerberos | krb5 | Kerberos |
88 | UDP | kerberos | krb5 | Kerberos |
101 | TCP | hostname | hostnames | NIC Host Name Server |
102 | TCP | iso-tsap | ISO-TSAP Class 0 | |
107 | TCP | rtelnet | Remote Telnet Service | |
109 | TCP | pop2 | postoffice | Post Office Protocol - Version 2 |
110 | TCP | pop3 | postoffice | Post Office Protocol - Version 3 |
111 | TCP | sunrpc | rpcbind portmap | SUN Remote Procedure Call |
111 | UDP | sunrpc | rpcbind portmap | SUN Remote Procedure Call |
113 | TCP | auth | ident tap | Authentication Sevice |
117 | TCP | uucp-path | UUCP Path Service | |
119 | TCP | nntp | usenet | Network News Transfer Protocol |
123 | UDP | ntp | Network Time Protocol | |
135 | TCP | epmap | loc-srv | DCE endpoint resolution |
135 | UDP | epmap | loc-srv | DCE endpoint resolution |
137 | TCP | netbios-ns | nbname | NETBIOS Name Service |
137 | UDP | netbios-ns | nbname | NETBIOS Name Service |
138 | UDP | netbios-dgm | nbdatagram | NETBIOS Datagram Service |
139 | TCP | netbios-ssn | nbsession | NETBIOS Session Service |
143 | TCP | imap | imap4 | Internet Message Access Protocol |
158 | TCP | pcmail-srv | repository | PC Mail Server |
161 | UDP | snmp | snmp | SNMP |
162 | UDP | snmptrap | snmp-trap | SNMP TRAP |
170 | TCP | print-srv | Network PostScript | |
179 | TCP | bgp | Border Gateway Protocol | |
194 | TCP | irc | Internet Relay Chat Protocol | |
213 | UDP | ipx | IPX over IP | |
389 | TCP | ldap | Lightweight Directory Access Protocol | |
443 | TCP | S-HTTP | MCom | |
443 | UDP | S-HTTP | MCom | |
445 | TCP | Microsoft CIFS | ||
445 | UDP | Microsoft CIFS | ||
464 | TCP | kpasswd | Kerberos (v5) | |
464 | UDP | kpasswd | Kerberos (v5) | |
500 | UDP | isakmp | ike | Internet Key Exchange (IPSec) |
512 | TCP | exec | Remote Process Execution | |
512 | UDP | biff | comsat | Notifies users of new mail |
513 | TCP | login | Remote Login | |
513 | UDP | who | whod | Database of who's logged on,average load |
514 | TCP | cmd | shell | Automatic Authentication |
514 | UDP | syslog | ||
515 | TCP | printer | spooler | Listens for incoming connections |
517 | UDP | talk | Establishes TCP Connection | |
518 | UDP | ntalk | ||
520 | TCP | efs | Extended File Name Server | |
520 | UDP | router | router routed | RIPv.1,RIPv.2 |
525 | UDP | timed | timeserver | Timeserver |
526 | TCP | tempo | newdate | Newdate |
530 | TCP,UDP | courier | rpc | RPC |
531 | TCP | conference | chat | IRC Chat |
532 | TCP | netnews | readnews | Readnews |
533 | UDP | netwall | For emergency broadcasts | |
540 | TCP | uucp | uucpd | Uucpd |
543 | TCP | klogin | Kerberos login | |
544 | TCP | kshell | krcmd | Kerberos remote shell |
550 | UDP | new-rwho | new-who | New-who |
556 | TCP | remotefs | rfs rfs_server | Rfs Server |
560 | UDP | rmonitor | rmonitord | Rmonitor |
561 | UDP | monitor | ||
636 | TCP | ldaps | sldap | LDAP over TLS/SSL |
749 | TCP | kerberos-adm | Kerberos administration | |
749 | UDP | kerberos-adm | Kerberos administration |
大部分端口的作用
1 tcpmux TCP Port Service Multiplexer 传输控制协议端口服务多路开关选择器
2 compressnet Management Utility compressnet 管理实用程序
3 compressnet Compression Process 压缩进程
5 rje Remote Job Entry 远程作业登录
7 echo Echo 回显
9 discard Discard 丢弃
11 systat Active Users 在线用户
13 daytime Daytime 时间
17 qotd Quote of the Day 每日引用
18 msp Message Send Protocol 消息发送协议
19 chargen Character Generator 字符发生器
20 ftp-data File Transfer [Default Data] 文件传输协议(默认数据口)
21 ftp File Transfer [Control] 文件传输协议(控制)
22 ssh SSH Remote Login Protocol SSH远程登录协议
23 telnet Telnet 终端仿真协议
24 ? any private mail system 预留给个人用邮件系统
25 smtp Simple Mail Transfer 简单邮件发送协议
27 nsw-fe NSW User System FE NSW 用户系统现场工程师
29 msg-icp MSG ICP MSG ICP
31 msg-auth MSG Authentication MSG验证
33 dsp Display Support Protocol 显示支持协议
35 ? any private printer server 预留给个人打印机服务
37 time Time 时间
38 rap Route Access Protocol 路由访问协议
39 rlp Resource Location Protocol 资源定位协议
41 graphics Graphics 图形
42 nameserver WINS Host Name Server WINS 主机名服务
43 nicname Who Is "绰号" who is服务
44 mpm-flags MPM FLAGS Protocol MPM(消息处理模块)标志协议
45 mpm Message Processing Module [recv] 消息处理模块
46 mpm-snd MPM [default send] 消息处理模块(默认发送口)
47 ni-ftp NI FTP NI FTP
48 auditd Digital Audit Daemon 数码音频后台服务
49 tacacs Login Host Protocol (TACACS) TACACS登录主机协议
50 re-mail-ck Remote Mail Checking Protocol 远程邮件检查协议
51 la-maint IMP Logical Address Maintenance IMP(接口信息处理机)逻辑地址维护
52 xns-time XNS Time Protocol 施乐网络服务系统时间协议
53 domain Domain Name Server 域名服务器
54 xns-ch XNS Clearinghouse 施乐网络服务系统票据交换
55 isi-gl ISI Graphics Language ISI图形语言
56 xns-auth XNS Authentication 施乐网络服务系统验证
57 ? any private terminal access 预留个人用终端访问
58 xns-mail XNS Mail 施乐网络服务系统邮件
59 ? any private file service 预留个人文件服务
60 ? Unassigned 未定义
61 ni-mail NI MAIL NI邮件?
62 acas ACA Services 异步通讯适配器服务
63 whois+ whois+ WHOIS+
64 covia Communications Integrator (CI) 通讯接口
65 tacacs-ds TACACS-Database Service TACACS数据库服务
66 sql*net Oracle SQL*NET Oracle SQL*NET
67 bootps Bootstrap Protocol Server 引导程序协议服务端
68 bootpc Bootstrap Protocol Client 引导程序协议客户端
69 tftp Trivial File Transfer 小型文件传输协议
70 gopher Gopher 信息检索协议
71 netrjs-1 Remote Job Service 远程作业服务
72 netrjs-2 Remote Job Service 远程作业服务
73 netrjs-3 Remote Job Service 远程作业服务
74 netrjs-4 Remote Job Service 远程作业服务
75 ? any private dial out service 预留给个人拨出服务
76 deos Distributed External Object Store 分布式外部对象存储
77 ? any private RJE service 预留给个人远程作业输入服务
78 vettcp vettcp 修正TCP?
79 finger Finger FINGER(查 询远程主机在线用户等信息)
80 http World Wide Web HTTP 全球信息网超文本传输协议
81 hosts2-ns HOSTS2 Name Server HOST2名称服务
82 xfer XFER Utility 传输实用程序
83 mit-ml-dev MIT ML Device 模块化智能终端ML设备
84 ctf Common Trace Facility 公用追踪设备
85 mit-ml-dev MIT ML Device 模块化智能终端ML设备
86 mfcobol Micro Focus Cobol Micro Focus Cobol编程语言
87 ? any private terminal link 预留给个人终端连接
88 kerberos Kerberos Kerberros安全认证系统
89 su-mit-tg SU/MIT Telnet Gateway SU/MIT终端仿真网关
90 dnsix DNSIX Securit Attribute Token Map DNSIX 安全属性标记图
91 mit-dov MIT Dover Spooler MIT Dover假脱机
92 npp Network Printing Protocol 网络打印协议
93 dcp Device Control Protocol 设备控制协议
94 objcall Tivoli Object Dispatcher Tivoli对象调度
95 supdup SUPDUP
96 dixie DIXIE Protocol Specification DIXIE协议规范
97 swift-rvf Swift Remote Virtural File Protocol 快速远程虚拟文件协议
98 tacnews TAC News TAC(东京大学自动计算机?)新闻协议
99 metagram Metagram Relay
100 newacct [unauthorized use]
7/tcp echo
7/udp discard
9/tcp sink nulldiscard
9/udp sink nullsystat
11/tcp users #Active userssystat
11/tcp users #Active usersdaytime
13/tcpdaytime
13/udpqotd
17/tcp quote #Quote of the dayqotd
17/udp quote #Quote of the daychargen
19/tcp ttytst source #Character generatorchargen
19/udp ttytst source #Character generatorftp-data
20/tcp #FTP, dataftp
21/tcp #FTP. controltelnet
23/tcpsmtp
25/tcp mail #Simple Mail Transfer Protocoltime
37/tcp timservertime
37/udp timserverrlp
39/udp resource #Resource Location Protocolnameserver
42/tcp name #Host Name Servernameserver
42/udp name #Host Name Servernicname
43/tcp whoisdomain
53/tcp #Domain Name Serverdomain
53/udp #Domain Name Serverbootps
67/udp dhcps #Bootstrap Protocol Serverbootpc
68/udp dhcpc #Bootstrap Protocol Clienttftp
69/udp #Trivial File Transfergopher
70/tcpfinger
79/tcphttp
80/tcp www www-http #World Wide Webkerberos
88/tcp krb5 kerberos-sec #Kerberoskerberos
88/udp krb5 kerberos-sec #Kerberoshostname
101/tcp hostnames #NIC Host Name Serveriso-tsap
102/tcp #ISO-TSAP Class 0rtelnet
107/tcp #Remote Telnet Servicepop2
109/tcp postoffice #Post Office Protocol - Version 2pop3
110/tcp #Post Office Protocol - Version 3sunrpc
111/tcp rpcbind portmap #SUN Remote Procedure Callsunrpc
111/udp rpcbind portmap #SUN Remote Procedure Callauth
113/tcp ident tap #Identification Protocoluucp-path
117/tcpnntp
119/tcp usenet #Network News Transfer Protocolntp
123/udp #Network Time Protocolepmap
135/tcp loc-srv #DCE endpoint resolutionepmap
135/udp loc-srv #DCE endpoint resolutionnetbios-ns
137/tcp nbname #NETBIOS Name Servicenetbios-ns
137/udp nbname #NETBIOS Name Servicenetbios-dgm
138/udp nbdatagram #NETBIOS Datagram Servicenetbios-ssn
139/tcp nbsession #NETBIOS Session Serviceimap
143/tcp imap4 #Internet Message Access Protocolpcmail-srv
158/tcp #PCMail Serversnmp
161/udp #SNMPsnmptrap
162/udp snmp-trap #SNMP trapprint-srv
170/tcp #Network PostScriptbgp
179/tcp #Border Gateway Protocolirc
194/tcp #Internet Relay Chat Protocol ipx
213/udp #IPX over IPldap
389/tcp #Lightweight Directory Access Protocolhttps
443/tcp MComhttps
443/udp MCommicrosoft-ds
445/tcpmicrosoft-ds
445/udpkpasswd
464/tcp # Kerberos (v5)kpasswd
464/udp # Kerberos (v5)isakmp
500/udp ike #Internet Key Exchangeexec
512/tcp #Remote Process Executionbiff
512/udp comsatlogin
513/tcp #Remote Loginwho
513/udp whodcmd
514/tcp shellsyslog
514/udpprinter
515/tcp spoolertalk
517/udpntalk
518/udpefs
520/tcp #Extended File Name Serverrouter
520/udp route routedtimed
525/udp timeservertempo
526/tcp newdatecourier
530/tcp rpcconference
531/tcp chatnetnews
532/tcp readnewsnetwall
533/udp #For emergency broadcastsuucp
540/tcp uucpdklogin
543/tcp #Kerberos loginkshell
544/tcp krcmd #Kerberos remote shellnew-rwho
550/udp new-whoremotefs
556/tcp rfs rfs_serverrmonitor
560/udp rmonitordmonitor
561/udpldaps
636/tcp sldap #LDAP over TLS/SSLdoom
666/tcp #Doom Id Softwaredoom
666/udp #Doom Id Softwarekerberos-adm
749/tcp #Kerberos administrationkerberos-adm
749/udp #Kerberos administrationkerberos-iv
750/udp #Kerberos version IVkpop
1109/tcp #Kerberos POPphone
1167/udp #Conference callingms-sql-s
1433/tcp #Microsoft-SQL-Server ms-sql-s
1433/udp #Microsoft-SQL-Server ms-sql-m
1434/tcp #Microsoft-SQL-Monitorms-sql-m
1434/udp #Microsoft-SQL-Monitor wins
1512/tcp #Microsoft Windows Internet Name Servicewins
1512/udp #Microsoft Windows Internet Name Serviceingreslock
1524/tcp ingresl2tp
1701/udp #Layer Two Tunneling Protocolpptp
1723/tcp #Point-to-point tunnelling protocolradius
1812/udp #RADIUS authentication protocolradacct
1813/udp #RADIUS accounting protocolnfsd
2049/udp nfs #NFS serverknetd
2053/tcp #Kerberos de-multiplexorman
9535/tcp #Remote Man Server
黑客端口
TCP 2=Death
TCP 7=Echo
TCP 12=Bomber
TCP 20=FTP Data
TCP 21=Back Construction,Blade Runner,Doly *,Fore,FTP *,Invisible FTP,Larva, WebEx,WinCrash
TCP 23=Telnet, Tiny Telnet Server (= TTS)
TCP 25=SMTP, Ajan, Antigen, Email Password Sender, Happy 99, Kuang2, ProMail *, Shtrilitz, Stealth, Tapiras, Terminator, WinPC, WinSpy, Haebu Coceda
TCP 31=Agent 31, Hackers Paradise, Masters Paradise
TCP 41=DeepThroat
TCP 43=WHOIS
TCP 48=DRAT
TCP 50=DRAT
TCP 53=DNS,Bonk (DOS Exploit)
TCP 58=DMSetup
TCP 59=DMSetup
TCP 70=Gopher
TCP 79=Firehotcker, Finger
TCP 80=Http服务器, Executor, RingZero
TCP 81=Chubo
TCP 99=Hidden Port
TCP 110=Pop3服务器, ProMail
TCP 113=Kazimas, Auther Idnet
TCP 118=Infector 1.4.2
TCP 119=Nntp, Happy 99
TCP 121=JammerKiller, Bo jammerkillah
TCP 123=Net Controller
TCP 133=Infector 1.x
//TCP 137=NetBios-NS
//TCP 138=NetBios-DGN
//TCP 139=NetBios-SSN
TCP 143=IMAP
TCP 146=FC Infector,Infector
TCP 161=Snmp
TCP 162=Snmp-Trap
TCP 170=A-*
TCP 194=Irc
TCP 256=Nirvana
TCP 315=The Invasor
TCP 420=Breach
TCP 421=TCP Wrappers
TCP 456=Hackers paradise,FuseSpark
TCP 531=Rasmin
TCP 555=Ini-Killer,Phase Zero,Stealth Spy
TCP 605=SecretService
TCP 606=Noknok8
TCP 661=Noknok8
TCP 666=Attack FTP,Satanz Backdoor,Back Construction,Dark Connection Inside 1.2
TCP 667=Noknok7.2
TCP 668=Noknok6
TCP 692=GayOL
TCP 777=AIM Spy
TCP 808=RemoteControl,WinHole
TCP 815=Everyone Darling
TCP 911=Dark Shadow
TCP 999=DeepThroat
TCP 1000=Der Spaeher
TCP 1001=Silencer,WebEx,Der Spaeher
TCP 1003=BackDoor
TCP 1010=Doly
TCP 1011=Doly
TCP 1012=Doly
TCP 1015=Doly
TCP 1020=Vampire
TCP 1024=NetSpy.698(YAI)
//TCP 1025=NetSpy.698
//TCP 1033=Netspy
//TCP 1042=Bla
//TCP 1045=Rasmin
//TCP 1047=GateCrasher
//TCP 1050=MiniCommand
TCP 1080=Wingate
//TCP 1090=Xtreme, VDOLive
//TCP 1095=Rat
//TCP 1097=Rat
//TCP 1098=Rat
//TCP 1099=Rat
//TCP 1170=Psyber Stream Server,Streaming Audio *,Voice
//TCP 1200=NoBackO
//TCP 1201=NoBackO
//TCP 1207=Softwar
//TCP 1212=Nirvana,Visul Killer
//TCP 1234=Ultors
//TCP 1243=BackDoor-G, SubSeven, SubSeven Apocalypse
//TCP 1245=VooDoo Doll
//TCP 1269=Mavericks Matrix
//TCP 1313=Nirvana
//TCP 1349=BioNet
//TCP 1441=Remote Storm
//TCP 1492=FTP99CMP(BackOriffice.FTP)
//TCP 1509=Psyber Streaming Server
//TCP 1600=Shivka-Burka
//TCP 1703=Exloiter 1.1
//TCP 1807=SpySender
//TCP 1966=Fake FTP 2000
//TCP 1976=Custom port
//TCP 1981=Shockrave
//TCP 1999=BackDoor, TransScout
//TCP 2000=Der Spaeher,INsane Network
//TCP 2001=Transmisson scout
//TCP 2002=Transmisson scout
//TCP 2003=Transmisson scout
//TCP 2004=Transmisson scout
//TCP 2005=TTransmisson scout
//TCP 2023=Ripper,Pass Ripper,Hack City Ripper Pro
//TCP 2115=Bugs
//TCP 2121=Nirvana
//TCP 2140=Deep Throat, The Invasor
//TCP 2155=Nirvana
//TCP 2208=RuX
//TCP 2255=Illusion Mailer
//TCP 2283=HVL Rat5
//TCP 2300=PC Explorer
//TCP 2311=Studio54
//TCP 2565=Striker
//TCP 2583=WinCrash
//TCP 2600=Digital RootBeer
//TCP 2716=Prayer *
//TCP 2801=Phineas Phucker
//TCP 2989=Rat
//TCP 3024=WinCrash *
//TCP 3128=RingZero
//TCP 3129=Masters Paradise
//TCP 3150=Deep Throat, The Invasor
//TCP 3210=SchoolBus
//TCP 3456=Terror
//TCP 3459=Eclipse 2000
//TCP 3700=Portal of Doom
//TCP 3791=Eclypse
//TCP 3801=Eclypse
TCP 4000=腾讯OICQ客户端
TCP 4092=WinCrash
TCP 4242=VHM
TCP 4321=BoBo
TCP 4444=Prosiak,Swift remote
TCP 4567=File Nail
TCP 4590=ICQ*
TCP 4950=ICQ*
TCP 5000=WindowsXP服务器,Blazer 5,Bubbel,Back Door Setup,Sockets de Troie
TCP 5001=Back Door Setup, Sockets de Troie
TCP 5011=One of the Last *s (OOTLT)
TCP 5031=Firehotcker,Metropolitan,NetMetro
TCP 5032=Metropolitan
TCP 5190=ICQ Query
TCP 5321=Firehotcker
TCP 5333=Backage * Box 3
TCP 5343=WCrat
TCP 5400=Blade Runner, BackConstruction1.2
TCP 5401=Blade Runner,Back Construction
TCP 5402=Blade Runner,Back Construction
TCP 5471=WinCrash
TCP 5521=Illusion Mailer
TCP 5550=Xtcp,INsane Network
TCP 5555=ServeMe
TCP 5556=BO Facil
TCP 5557=BO Facil
TCP 5569=Robo-Hack
TCP 5598=BackDoor 2.03
TCP 5631=PCAnyWhere data
TCP 5637=PC Crasher
TCP 5638=PC Crasher
TCP 5698=BackDoor
TCP 5714=Wincrash3
TCP 5741=WinCrash3
TCP 5742=WinCrash
TCP 5881=Y3K RAT
TCP 5882=Y3K RAT
TCP 5888=Y3K RAT
TCP 5889=Y3K RAT
TCP 6000=Backdoor.AB
TCP 6006=Noknok8
TCP 6272=SecretService
TCP 6400=Backdoor.AB,The Thing
TCP 6500=Devil 1.03
TCP 6661=Teman
TCP 6666=TCPshell.c
TCP 6667=NT Remote Control
TCP 6669=Vampyre
TCP 6670=DeepThroat
TCP 6711=SubSeven
TCP 6712=SubSeven1.x
TCP 6713=SubSeven
TCP 6723=Mstream
TCP 6767=NT Remote Control
TCP 6771=DeepThroat
TCP 6776=BackDoor-G,SubSeven,2000 Cracks
TCP 6789=Doly *
TCP 6838=Mstream
TCP 6883=DeltaSource
TCP 6912=Shit Heep
TCP 6939=Indoctrination
TCP 6969=GateCrasher, Priority, IRC 3
TCP 6970=GateCrasher
TCP 7000=Remote Grab,NetMonitor,SubSeven1.x
TCP 7001=Freak88
TCP 7201=NetMonitor
TCP 7215=BackDoor-G, SubSeven
TCP 7001=Freak88,Freak2k
TCP 7300=NetMonitor
TCP 7301=NetMonitor
TCP 7306=NetMonitor
TCP 7307=NetMonitor, ProcSpy
TCP 7308=NetMonitor, X Spy
TCP 7323=Sygate服务器端
TCP 7424=Host Control
TCP 7597=Qaz
TCP 7609=Snid X2
TCP 7626=冰河
TCP 7777=The Thing
TCP 7789=Back Door Setup, ICQKiller
TCP 7983=Mstream
TCP 8000=XDMA, 腾讯OICQ服务器端
TCP 8010=Logfile
TCP 8080=WWW 代理,Ring Zero,Chubo
TCP 8787=BackOfrice 2000
TCP 8897=Hack Office,Armageddon
TCP 8989=Recon
TCP 9000=Netministrator
TCP 9325=Mstream
TCP 9400=InCommand
TCP 9401=InCommand
TCP 9402=InCommand
TCP 9872=Portal of Doom
TCP 9873=Portal of Doom
TCP 9874=Portal of Doom
TCP 9875=Portal of Doom
TCP 9876=Cyber Attacker
TCP 9878=TransScout
TCP 9989=Ini-Killer
TCP 9999=Prayer *
TCP 10067=Portal of Doom
TCP 10084=Syphillis
TCP 10085=Syphillis
TCP 10086=Syphillis
TCP 10101=BrainSpy
TCP 10167=Portal Of Doom
TCP 10520=Acid Shivers
TCP 10607=Coma *
TCP 10666=Ambush
TCP 11000=Senna Spy
TCP 11050=Host Control
TCP 11051=Host Control
TCP 11223=Progenic,Hack '99KeyLogger
TCP 11831=TROJ_LATINUS.SVR
TCP 12076=Gjamer, MSH.104b
TCP 12223=Hack?9 KeyLogger
TCP 12345=GabanBus, NetBus, Pie Bill Gates, X-bill
TCP 12346=GabanBus, NetBus, X-bill
TCP 12349=BioNet
TCP 12361=Whack-a-mole
TCP 12362=Whack-a-mole
TCP 12378=W32/Gibe@MM
TCP 12456=NetBus
TCP 12623=DUN Control
TCP 12624=Buttman
TCP 12631=WhackJob, WhackJob.NB1.7
TCP 12701=Eclipse2000
TCP 12754=Mstream
TCP 13000=Senna Spy
TCP 13010=Hacker Brazil
TCP 13013=Psychward
TCP 13700=Kuang2 The Virus
TCP 14456=Solero
TCP 14500=PC Invader
TCP 14501=PC Invader
TCP 14502=PC Invader
TCP 14503=PC Invader
TCP 15000=NetDaemon 1.0
TCP 15092=Host Control
TCP 15104=Mstream
TCP 16484=Mosucker
TCP 16660=Stacheldraht (DDoS)
TCP 16772=ICQ Revenge
TCP 16969=Priority
TCP 17166=Mosaic
TCP 17300=Kuang2 The Virus
TCP 17490=CrazyNet
TCP 17500=CrazyNet
TCP 17569=Infector 1.4.x + 1.6.x
TCP 17777=Nephron
TCP 18753=Shaft (DDoS)
TCP 19864=ICQ Revenge
TCP 20000=Millennium II (GrilFriend)
TCP 20001=Millennium II (GrilFriend)
TCP 20002=AcidkoR
TCP 20034=NetBus 2 Pro
TCP 20203=Logged,Chupacabra
TCP 20331=Bla
TCP 20432=Shaft (DDoS)
TCP 21544=Schwindler 1.82,GirlFriend
TCP 21554=Schwindler 1.82,GirlFriend,Exloiter 1.0.1.2
TCP 22222=Prosiak,RuX Uploader 2.0
TCP 23432=Asylum 0.1.3
TCP 23456=Evil FTP, Ugly FTP, WhackJob
TCP 23476=Donald Dick
TCP 23477=Donald Dick
TCP 23777=INet Spy
TCP 26274=Delta
TCP 26681=Spy Voice
TCP 27374=Sub Seven 2.0+
TCP 27444=Tribal Flood Network,Trinoo
TCP 27665=Tribal Flood Network,Trinoo
TCP 29431=Hack Attack
TCP 29432=Hack Attack
TCP 29104=Host Control
TCP 29559=TROJ_LATINUS.SVR
TCP 29891=The Unexplained
TCP 30001=Terr0r32
TCP 30003=Death,Lamers Death
TCP 30029=AOL *
TCP 30100=NetSphere 1.27a,NetSphere 1.31
TCP 30101=NetSphere 1.31,NetSphere 1.27a
TCP 30102=NetSphere 1.27a,NetSphere 1.31
TCP 30103=NetSphere 1.31
TCP NetSphere Final
TCP 30303=Sockets de Troie
TCP 30947=Intruse
TCP 30999=Kuang2
TCP 21335=Tribal Flood Network,Trinoo
TCP 31336=Bo Whack
TCP 31337=Baron Night,BO client,BO2,Bo Facil,BackFire,Back Orifice,DeepBO,Freak2k,NetSpy
TCP 31338=NetSpy,Back Orifice,DeepBO
TCP 31339=NetSpy DK
TCP 31554=Schwindler
TCP 31666=BOWhack
TCP 31778=Hack Attack
TCP 31785=Hack Attack
TCP 31787=Hack Attack
TCP 31789=Hack Attack
TCP 31791=Hack Attack
TCP 31792=Hack Attack
TCP 32100=PeanutBrittle
TCP 32418=Acid Battery
TCP 33333=Prosiak,Blakharaz 1.0
TCP 33577=Son Of Psychward
TCP 33777=Son Of Psychward
TCP 33911=Spirit 2001a
TCP 34324=BigGluck,TN,Tiny Telnet Server
TCP 34555=Trin00 (Windows) (DDoS)
TCP 35555=Trin00 (Windows) (DDoS)
TCP 37651=YAT
TCP 40412=The Spy
TCP 40421=Agent 40421,Masters Paradise.96
TCP 40422=Masters Paradise
TCP 40423=Masters Paradise.97
TCP 40425=Masters Paradise
TCP 40426=Masters Paradise 3.x
TCP 41666=Remote Boot
TCP 43210=Schoolbus 1.6/2.0
TCP 44444=Delta Source
TCP 47252=Prosiak
TCP 47262=Delta
TCP 47878=BirdSpy2
TCP 49301=Online Keylogger
TCP 50505=Sockets de Troie
TCP 50766=Fore, Schwindler
TCP 51966=CafeIni
TCP 53001=Remote Windows Shutdown
TCP 53217=Acid Battery 2000
TCP 54283=Back Door-G, Sub7
TCP 54320=Back Orifice 2000,Sheep
TCP 54321=School Bus .69-1.11,Sheep, BO2K
TCP 57341=NetRaider
TCP 58339=ButtFunnel
TCP 60000=Deep Throat
TCP 60068=Xzip 6000068
TCP 60411=Connection
TCP 60606=TROJ_BCKDOR.G2.A
TCP 61466=Telecommando
TCP 61603=Bunker-kill
TCP 63485=Bunker-kill
TCP 65000=Devil, DDoS
TCP 65432=Th3tr41t0r, The Traitor
TCP 65530=TROJ_WINMITE.10
TCP 65535=RC
TCP 69123=ShitHeep
TCP 88798=Armageddon,Hack Office
UDP 1349=BO dll
UDP 2989=RAT
UDP 3801=Eclypse
UDP 10067=Portal of Doom
UDP 10167=Portal of Doom
UDP 12378=W32/Gibe@MM
UDP 26274=Delta Source
UDP 29891=The Unexplained
UDP 31337=Baron Night, BO client, BO2, Bo Facil, BackFire, Back Orifice, DeepBO
UDP 31338=Back Orifice, NetSpy DK, DeepBO
UDP 31789=Hack aTack
UDP 31791=Hack aTack
UDP 47262=Delta Source
UDP 54321=Back Orifice 2000
15=NETSTAT PORT
21=Blade Runner, Doly *, Fore, FTP *, Invisible FTP, Larva, ebEx, WinCrash
22=SSH PORT
23=Tiny Telnet Server
25=Shtrilitz Stealth, Terminator, WinPC, WinSpy, Kuang2 0.17A-0.30, Antigen, Email Password Sender, Haebu Coceda, Kuang2, ProMail *, Tapiras
31=Agent 31, Hackers Paradise, Masters Paradise
41=DeepThroat
53=DOMAIN PORT
58=DMSetup
63=WHOIS PORT
79=Firehotcker
80=Executor
90=DNS PORT
101=HOSTNAME PORT
110=POP3 PORT
110=ProMail *
121=JammerKillah
137=NETBIOS Name Service PORT
138=NETBIOS Datagram Service PORT
139=NETBIOS Session Service PORT
194=IRC PORT
406=IMSP PORT
421=TCP Wrappers
456=Hackers Paradise
531=Rasmin
555=Ini-Killer, Phase Zero, Stealth Spy
666=Attack FTP, Satanz Backdoor
911=Dark Shadow
999=DeepThroat
1001=Silencer, WebEx
1011=Doly *
1012=Doly *
1024=NetSpy
1045=Rasmin
1090=Xtreme
1095=Rat
1097=Rat
1098=Rat
1099=Rat
1170=Psyber Stream Server
1170=Voice
1234=Ultors *
1243=BackDoor-G, SubSeven
1245=VooDoo Doll
1349=BO DLL
1492=FTP99CMP
1600=Shivka-Burka
1807=SpySender
1080=SOCKS PORT
1981=Shockrave
1999=BackDoor 1.00-1.03
2001=* Cow
2023=Ripper
2115=Bugs
2140=Deep Throat
2140=The Invasor
2565=Striker
2583=WinCrash
2801=Phineas Phucker
3024=WinCrash
3129=Masters Paradise
3150=Deep Throat, The Invasor
3700=Portal of Doom
4092=WinCrash
4567=File Nail
4590=ICQ*
5000=Bubbel, Back Door Setup, Sockets de Troie
5001=Back Door Setup, Sockets de Troie
5321=Firehotcker
5400=Blade Runner
5401=Blade Runner
5402=Blade Runner
5550=JAPAN *-xtcp
5555=ServeMe
5556=BO Facil
5557=BO Facil
5569=Robo-Hack
5742=WinCrash
6400=The Thing
6666=IRC SERVER PORT
6667=IRC CHAT PORT
6670=DeepThroat
6711=SubSeven
6771=DeepThroat
6776=BackDoor-G, SubSeven
6939=Indoctrination
6969=GateCrasher
6969=Priority
7000=Remote Grab
7300=NetMonitor
7301=NetMonitor
7306=NetMonitor
7307=NetMonitor
7308=NetMonitor
7626=G_Client
7789=Back Door Setup, ICKiller
9872=Portal of Doom
9873=Portal of Doom
9874=Portal of Doom
9875=Portal of Doom
9989=iNi-Killer
10067=Portal of Doom
10167=Portal of Doom
10520=Acid Shivers
10607=Coma
11000=Senna Spy
11223=Progenic *
12223=Hack?9 KeyLogger
12345=GabanBus, NetBus, Pie Bill Gates, X-bill
12346=GabanBus, NetBus, X-bill
12361=Whack-a-mole
12362=Whack-a-mole
12631=WhackJob
13000=Senna Spy
16969=Priority
20001=Millennium
20034=NetBus 2 Pro
21544=GirlFriend
22222=Prosiak
23456=Evil FTP, Ugly FTP
26274=Delta Source
29891=The Unexplained
30029=AOL *
30100=NetSphere 1.27a, NetSphere 1.31
30101=NetSphere 1.31, NetSphere 1.27a
30102=NetSphere 1.27a, NetSphere 1.31
30103=NetSphere 1.31
30303=Sockets de Troie
31337=Baron Night, BO client, BO2, Bo Facil, BackFire, Back Orifice, DeepBO
31338=NetSpy DK,Back Orifice, DeepBO
31339=NetSpy DK
31666=BOWhack
31785=Hack Attack
31787=Hack Attack
31789=Hack Attack
31791=Hack Attack
33333=Prosiak
34324=BigGluck, TN
40412=The Spy
40421=Agent 40421, Masters Paradise
40422=Masters Paradise
40423=Masters Paradise
40426=Masters Paradise
47262=Delta Source
50505=Sockets de Troie
50766=Fore
53001=Remote Windows Shutdown
54321=School Bus .69-1.11
60000=Deep Throat
61466=Telecommando
65000=Devil
69123=ShitHeep