December 17th, 2001, 05:37 PM
TCP port 6768
Does anyone know of any new vulnerabilities that directly (or indirectly) relate to TCP port 6768. Any virii, trojans, security holes...anything. Any help would be appreciated.
December 17th, 2001, 08:48 PM
I think that the port is open for a trojan. If you are working with a Windows 2000 or NT you can download a program called Fport. This program show you the connections and what is the name of the program what is using the port. You can see too regedit to see if some rare program start when you boot your computer. To see this open regedit to open regedit do this:
and put regedit then a new window is open you have to go to this key:
and here you will seethe programs that run when you boot your computer and if you see the name of some trojan you have a trojan.
If you want more information about ports used by trojans see this url:
Hide your face forever
dream and search forever
night and night you feel nothing
there\'s no way outside of my land
Open your eyes, open your mind ...
December 18th, 2001, 12:58 AM
Good post from PainShock, look at that site,
eeshman: I think there is a possibility that you are dealing with
BackDoor-G or SubSeven
December 18th, 2001, 04:16 AM
I hate to ditto the bad news, but ports 6776-6780 are used almost exclusively by Sub7 and there are no other services that are known to communicate on this port.
Know this..., you may not by thyself in pride claim the Mantle of Wizardry; that way lies only Bogosity without End.
Rather must you Become, and Become, and Become, until Hackers respect thy Power, and other Wizards hail thee as a Brother or Sister in Wisdom, and you wake up and realize that the Mantle hath lain unknown upon thy Shoulders since you knew not when.
December 18th, 2001, 02:10 PM
Thanks for the help everyone. I was leaning toward Sub7, but was curious if anything was using this port exclusively. Once again, thanks.
By the way good site PainShock. Thanks for the link.