My firewall block this attempt.. but need info
Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: My firewall block this attempt.. but need info

  1. #1
    Junior Member
    Join Date
    May 2002
    Posts
    6

    My firewall block this attempt.. but need info

    Hi,

    Im a newbie so, I don`t know if this the right place too put this or Newbie Question..

    i keep getting this massage from my firewall

    Attempt to connect to local computer using the backdoor/SubSeven Trojan blocked...
    got this about 5 times

    is this SubSeven lurking within my rig or someone else trying too access my P.C.

    I`ll do some search on this SubSeven trojan..


    Peace!

  2. #2
    Member
    Join Date
    Apr 2002
    Posts
    88
    Have you run a virus scan? Trojan scan?
    WWJD
    What Would Jesus Do (For a klondike Bar?)

  3. #3
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,884
    Where is the message comming from? Inside your network or outside? I would run a trojan removal tool just in case. www.tauscan.com
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  4. #4
    Senior Member
    Join Date
    Apr 2002
    Posts
    889
    You been messin with Sub7 if not better have a few more drinks cause you got it. Removal tools are out there to get them first have some coffee, no wait shut off your computer sleep it off your digitally impared at the moment, when sober find a removal tool do a google search.
    I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg

  5. #5
    Senior Member
    Join Date
    Apr 2002
    Posts
    250
    Did you run some program that was like someones program or something? But didn't do what it was supposed to? You could be trying to get to run a trojan, and someone is trying to connect to it.
    [gloworange]Die, or surrender, either way won\'t work.[/gloworange]
    [shadow]HuntX7[/shadow]

  6. #6
    Junior Member
    Join Date
    May 2002
    Posts
    6
    Damn!!
    Fast reply...

    okay,
    I have run Norton AntiVirus no virus found
    Tauscan tool no trojan virus were found

    no, i have not been messing around with SubSeven stuff
    i don`t even know what was SubSeven until i got mgs from my firewall..

    huntx7..
    I was thinking the same thing.. I may have Dload something from Kazza
    but, i always run Antivirus when dloading stuff..


    guess what,
    I got hit again, twice about 4min apart

    a remote computer (172.159.XXXX)attempted to connect to your computer
    on a port commonly used by a remote access trojan horse..
    The attempt was blocked..
    and remote computer(62.114.xxxx)

    any ideas..

    Peace!

  7. #7
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,884
    What port is it trying to connect to? It looks like the remote thinks you have the trojan for some reason. Maybe your machine is announcing that it has sub7 even though it doesn't really.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  8. #8
    Senior Member
    Join Date
    Jun 2002
    Posts
    352
    Dag nabbit!!!!
    I get almost the exact same remote access warnings, 172.162.32.xxx BAckdoor/Subseven.
    I'm using Norton Internet security 2002.
    Have ran anti-virus scans with all the updated virus definitions, and Tauscan as well.
    Nothing shows.

    ANy help would be appreciated.
    \"When I give food to the poor, they call me a saint. When I ask why the poor have no food, they call me a communist.\" -- Dom Helder Camara

  9. #9
    Junior Member
    Join Date
    May 2002
    Posts
    6
    I notice that most of this intrusions or attacks
    are from America Online...

    any other ideas or what should i do...

    Thx!

  10. #10
    Junior Member
    Join Date
    Oct 2001
    Posts
    15
    When you firewall alerts you someone is scanning you for sub7 , it really means they are seeing if you have the sub7 already on your machine. What the person is doing is scanning several machines not just your's alone.The program not only includes a scanner, but also can tell a slave machine to scan as well. Be glad your firewall blocks it. Our BBS (hackers.com)is offline as it is undergoing some changes and will be up later this week. So I decided to come over here and say hello to a few friends.







    Trojan listing alternatives

    Trojan list sorted on name
    Trojan list sorted on filenames
    Trojan list sorted on filesizes
    Trojan list sorted on actions
    Trojan list sorted on affected systems
    Trojan list sorted on origin country
    Trojan list sorted on programming language
    Default ports used by some known trojan horses:


    port 1 (UDP) - Sockets des Troie
    port 2 Death
    port 15 B2
    port 20 Senna Spy FTP server
    port 21 Back Construction, Blade Runner, Cattivik FTP Server, CC Invader, Dark FTP, Doly Trojan, Fore, FreddyK, Invisible FTP, Juggernaut 42, Larva, MotIv FTP, Net Administrator, Ramen, RTB 666, Senna Spy FTP server, The Flu, Traitor 21, WebEx, WinCrash
    port 22 Adore sshd, Shaft
    port 23 ADM worm, Fire HacKer, My Very Own trojan, RTB 666, Telnet Pro, Tiny Telnet Server - TTS, Truva Atl
    port 25 Ajan, Antigen, Barok, BSE, Email Password Sender - EPS, EPS II, Gip, Gris, Happy99, Hpteam mail, Hybris, I love you, Kuang2, Magic Horse, MBT (Mail Bombing Trojan), Moscow Email trojan, Naebi, NewApt worm, ProMail trojan, Shtirlitz, Stealth, Stukach, Tapiras, Terminator, WinPC, WinSpy
    port 30 Agent 40421
    port 31 Agent 31, Hackers Paradise, Masters Paradise
    port 39 SubSARI
    port 41 Deep Throat, Foreplay
    port 44 Arctic
    port 48 DRAT
    port 50 DRAT
    port 53 ADM worm, Lion
    port 58 DMSetup
    port 59 DMSetup
    port 69 BackGate
    port 79 CDK, Firehotcker
    port 80 711 trojan (Seven Eleven), AckCmd, Back End, Back Orifice 2000 Plug-Ins, Cafeini, CGI Backdoor, Executor, God Message, God Message 4 Creator, Hooker, IISworm, MTX, NCX, Noob, Ramen, Reverse WWW Tunnel Backdoor, RingZero, RTB 666, Seeker, WAN Remote, Web Server CT, WebDownloader
    port 81 RemoConChubo
    port 99 Hidden Port, Mandragore, NCX
    port 110 ProMail trojan
    port 113 Invisible Identd Deamon, Kazimas
    port 119 Happy99
    port 121 Attack Bot, God Message, JammerKillah
    port 123 Net Controller
    port 133 Farnaz
    port 137 Chode
    port 137 (UDP) - Msinit, Qaz
    port 138 Chode
    port 139 Chode, God Message worm, Msinit, Netlog, Network, Qaz, Sadmind, SMB Relay
    port 142 NetTaxi
    port 146 Infector
    port 146 (UDP) - Infector
    port 166 NokNok
    port 170 A-trojan
    port 334 Backage
    port 411 Backage
    port 420 Breach, Incognito
    port 421 TCP Wrappers trojan
    port 455 Fatal Connections
    port 456 Hackers Paradise
    port 511 T0rn Rootkit
    port 513 Grlogin
    port 514 RPC Backdoor
    port 515 lpdw0rm, Ramen
    port 531 Net666, Rasmin
    port 555 711 trojan (Seven Eleven), Ini-Killer, Net Administrator, Phase Zero, Phase-0, Stealth Spy
    port 600 Sadmind
    port 605 Secret Service
    port 661 NokNok
    port 666 Attack FTP, Back Construction, BLA trojan, Cain & Abel, lpdw0rm, NokNok, Satans Back Door - SBD, ServU, Shadow Phyre, th3r1pp3rz (= Therippers)
    port 667 SniperNet
    port 668 th3r1pp3rz (= Therippers)
    port 669 DP trojan
    port 692 GayOL
    port 777 AimSpy, Undetected
    port 808 WinHole
    port 911 Dark Shadow, Dark Shadow
    port 999 Chat power, Deep Throat, Foreplay, WinSatan
    port 1000 Connecter, Der Späher / Der Spaeher, Direct Connection
    port 1001 Der Späher / Der Spaeher, Le Guardien, Silencer, Theef, WebEx
    port 1005 Theef
    port 1008 Lion
    port 1010 Doly Trojan
    port 1011 Doly Trojan
    port 1012 Doly Trojan
    port 1015 Doly Trojan
    port 1016 Doly Trojan
    port 1020 Vampire
    port 1024 Jade, Latinus, NetSpy, Remote Administration Tool - RAT [no 2]
    port 1025 Fraggle Rock, md5 Backdoor, NetSpy, Remote Storm
    port 1025 (UDP) - Remote Storm
    port 1031 Xanadu
    port 1035 Multidropper
    port 1042 BLA trojan
    port 1042 (UDP) - BLA trojan
    port 1045 Rasmin
    port 1049 /sbin/initd
    port 1050 MiniCommand
    port 1053 The Thief
    port 1054 AckCmd
    port 1080 SubSeven 2.2, WinHole
    port 1081 WinHole
    port 1082 WinHole
    port 1083 WinHole
    port 1090 Xtreme
    port 1095 Remote Administration Tool - RAT
    port 1097 Remote Administration Tool - RAT
    port 1098 Remote Administration Tool - RAT
    port 1099 Blood Fest Evolution, Remote Administration Tool - RAT
    port 1104 (UDP) - RexxRave
    port 1150 Orion
    port 1151 Orion
    port 1170 Psyber Stream Server - PSS, Streaming Audio Server, Voice
    port 1174 DaCryptic
    port 1180 Unin68
    port 1200 (UDP) - NoBackO
    port 1201 (UDP) - NoBackO
    port 1207 SoftWAR
    port 1208 Infector
    port 1212 Kaos
    port 1234 SubSeven Java client, Ultors Trojan
    port 1243 BackDoor-G, SubSeven, SubSeven Apocalypse, Tiles
    port 1245 VooDoo Doll
    port 1255 Scarab
    port 1256 Project nEXT, RexxRave
    port 1269 Matrix
    port 1272 The Matrix
    port 1313 NETrojan
    port 1337 Shadyshell
    port 1338 Millennium Worm
    port 1349 Bo dll
    port 1386 Dagger
    port 1394 GoFriller
    port 1441 Remote Storm
    port 1492 FTP99CMP
    port 1524 Trinoo
    port 1568 Remote Hack
    port 1600 Direct Connection, Shivka-Burka
    port 1703 Exploiter
    port 1777 Scarab
    port 1807 SpySender
    port 1826 Glacier
    port 1966 Fake FTP
    port 1967 For Your Eyes Only - FYEO, WM FTP Server
    port 1969 OpC BO
    port 1981 Bowl, Shockrave
    port 1991 PitFall
    port 1999 Back Door, SubSeven, TransScout
    port 2000 Der Späher / Der Spaeher, Insane Network, Last 2000, Remote Explorer 2000, Senna Spy Trojan Generator
    port 2001 Der Späher / Der Spaeher, Trojan Cow
    port 2023 Ripper Pro
    port 2080 WinHole
    port 2115 Bugs
    port 2130 (UDP) - Mini Backlash
    port 2140 The Invasor
    port 2140 (UDP) - Deep Throat, Foreplay
    port 2155 Illusion Mailer
    port 2255 Nirvana
    port 2283 Hvl RAT
    port 2300 Xplorer
    port 2311 Studio 54
    port 2330 IRC Contact
    port 2331 IRC Contact
    port 2332 IRC Contact
    port 2333 IRC Contact
    port 2334 IRC Contact
    port 2335 IRC Contact
    port 2336 IRC Contact
    port 2337 IRC Contact
    port 2338 IRC Contact
    port 2339 IRC Contact, Voice Spy
    port 2339 (UDP) - Voice Spy
    port 2345 Doly Trojan
    port 2400 Portd
    port 2555 Lion, T0rn Rootkit
    port 2565 Striker trojan
    port 2583 WinCrash
    port 2589 Dagger
    port 2600 Digital RootBeer
    port 2702 Black Diver
    port 2716 The Prayer
    port 2773 SubSeven, SubSeven 2.1 Gold
    port 2774 SubSeven, SubSeven 2.1 Gold
    port 2801 Phineas Phucker
    port 2929 Konik
    port 2989 (UDP) - Remote Administration Tool - RAT
    port 3000 InetSpy, Remote Shut
    port 3024 WinCrash
    port 3031 Microspy
    port 3128 Reverse WWW Tunnel Backdoor, RingZero
    port 3129 Masters Paradise
    port 3131 SubSARI
    port 3150 The Invasor
    port 3150 (UDP) - Deep Throat, Foreplay, Mini Backlash
    port 3456 Terror trojan
    port 3459 Eclipse 2000, Sanctuary
    port 3700 Portal of Doom
    port 3777 PsychWard
    port 3791 Total Solar Eclypse
    port 3801 Total Solar Eclypse
    port 4000 Connect-Back Backdoor, SkyDance
    port 4092 WinCrash
    port 4201 War trojan
    port 4242 Virtual Hacking Machine - VHM
    port 4321 BoBo
    port 4444 CrackDown, Prosiak, Swift Remote
    port 4488 Event Horizon
    port 4523 Celine
    port 4545 Internal Revise
    port 4567 File Nail
    port 4590 ICQ Trojan
    port 4653 Cero
    port 4666 Mneah
    port 4950 ICQ Trogen (Lm)
    port 5000 Back Door Setup, BioNet Lite, Blazer5, Bubbel, ICKiller, Ra1d, Sockets des Troie
    port 5001 Back Door Setup, Sockets des Troie
    port 5002 cd00r, Linux Rootkit IV (4), Shaft
    port 5005 Aladino
    port 5010 Solo
    port 5011 One of the Last Trojans - OOTLT, One of the Last Trojans - OOTLT, modified
    port 5025 WM Remote KeyLogger
    port 5031 Net Metropolitan
    port 5032 Net Metropolitan
    port 5321 Firehotcker
    port 5333 Backage, NetDemon
    port 5343 WC Remote Administration Tool - wCrat
    port 5400 Back Construction, Blade Runner
    port 5401 Back Construction, Blade Runner, Mneah
    port 5402 Back Construction, Blade Runner, Mneah
    port 5512 Illusion Mailer
    port 5534 The Flu
    port 5550 Xtcp
    port 5555 ServeMe
    port 5556 BO Facil
    port 5557 BO Facil
    port 5569 Robo-Hack
    port 5637 PC Crasher
    port 5638 PC Crasher
    port 5742 WinCrash
    port 5760 Portmap Remote Root Linux Exploit
    port 5802 Y3K RAT
    port 5873 SubSeven 2.2
    port 5880 Y3K RAT
    port 5882 Y3K RAT
    port 5882 (UDP) - Y3K RAT
    port 5888 Y3K RAT
    port 5888 (UDP) - Y3K RAT
    port 5889 Y3K RAT
    port 6000 The Thing
    port 6006 Bad Blood
    port 6272 Secret Service
    port 6400 The Thing
    port 6661 TEMan, Weia-Meia
    port 6666 Dark Connection Inside, NetBus worm
    port 6667 Dark FTP, EGO, Maniac rootkit, Moses, ScheduleAgent, SubSeven, Subseven 2.1.4 DefCon 8, The Thing (modified), Trinity, WinSatan
    port 6669 Host Control, Vampire
    port 6670 BackWeb Server, Deep Throat, Foreplay, WinNuke eXtreame
    port 6711 BackDoor-G, SubSARI, SubSeven, VP Killer
    port 6712 Funny trojan, SubSeven
    port 6713 SubSeven
    port 6723 Mstream
    port 6767 UandMe
    port 6771 Deep Throat, Foreplay
    port 6776 2000 Cracks, BackDoor-G, SubSeven, VP Killer
    port 6838 (UDP) - Mstream
    port 6883 Delta Source DarkStar (??)
    port 6912 **** Heep
    port 6939 Indoctrination
    port 6969 2000 Cracks, Danton, GateCrasher, IRC 3, Net Controller, Priority
    port 6970 GateCrasher
    port 7000 Exploit Translation Server, Kazimas, Remote Grab, SubSeven, SubSeven 2.1 Gold
    port 7001 Freak88, Freak2k, NetSnooper Gold
    port 7158 Lohoboyshik
    port 7215 SubSeven, SubSeven 2.1 Gold
    port 7300 NetMonitor
    port 7301 NetMonitor
    port 7306 NetMonitor
    port 7307 NetMonitor, Remote Process Monitor
    port 7308 NetMonitor, X Spy
    port 7424 Host Control
    port 7424 (UDP) - Host Control
    port 7597 Qaz
    port 7626 Binghe, Glacier, Hyne
    port 7718 Glacier
    port 7777 God Message, The Thing (modified), Tini
    port 7789 Back Door Setup, ICKiller, Mozilla
    port 7826 Oblivion
    port 7891 The ReVeNgEr
    port 7983 Mstream
    port 8080 Brown Orifice, Generic backdoor, RemoConChubo, Reverse WWW Tunnel Backdoor, RingZero
    port 8685 Unin68
    port 8787 Back Orifice 2000
    port 8812 FraggleRock Lite
    port 8988 BacHack
    port 8989 Rcon, Recon, Xcon
    port 9000 Netministrator
    port 9325 (UDP) - Mstream
    port 9400 InCommand
    port 9870 Remote Computer Control Center
    port 9872 Portal of Doom
    port 9873 Portal of Doom
    port 9874 Portal of Doom
    port 9875 Portal of Doom
    port 9876 Cyber Attacker, Rux
    port 9878 TransScout
    port 9989 Ini-Killer
    port 9999 The Prayer
    port 10000 OpwinTRojan
    port 10005 OpwinTRojan
    port 10008 Cheese worm, Lion
    port 10067 (UDP) - Portal of Doom
    port 10085 Syphillis
    port 10086 Syphillis
    port 10100 Control Total, GiFt trojan
    port 10101 BrainSpy, Silencer
    port 10167 (UDP) - Portal of Doom
    port 10520 Acid Shivers
    port 10528 Host Control
    port 10607 Coma
    port 10666 (UDP) - Ambush
    port 11000 Senna Spy Trojan Generator
    port 11050 Host Control
    port 11051 Host Control
    port 11223 Progenic trojan, Secret Agent
    port 11831 Latinus
    port 12076 Gjamer
    port 12223 Hack´99 KeyLogger
    port 12310 PreCursor
    port 12345 Adore sshd, Ashley, cron / crontab, Fat Bitch trojan, GabanBus, icmp_client.c, icmp_pipe.c, Mypic, NetBus, NetBus Toy, NetBus worm, Pie Bill Gates, ValvNet, Whack Job, X-bill
    port 12346 Fat Bitch trojan, GabanBus, NetBus, X-bill
    port 12348 BioNet
    port 12349 BioNet, Webhead
    port 12361 Whack-a-mole
    port 12362 Whack-a-mole
    port 12363 Whack-a-mole
    port 12623 (UDP) - DUN Control
    port 12624 ButtMan
    port 12631 Whack Job
    port 12754 Mstream
    port 13000 Senna Spy Trojan Generator, Senna Spy Trojan Generator
    port 13010 BitchController, Hacker Brasil - HBR
    port 13013 PsychWard
    port 13014 PsychWard
    port 13223 Hack´99 KeyLogger
    port 13473 Chupacabra
    port 14500 PC Invader
    port 14501 PC Invader
    port 14502 PC Invader
    port 14503 PC Invader
    port 15000 NetDemon
    port 15092 Host Control
    port 15104 Mstream
    port 15382 SubZero
    port 15858 CDK
    port 16484 Mosucker
    port 16660 Stacheldraht
    port 16772 ICQ Revenge
    port 16959 SubSeven, Subseven 2.1.4 DefCon 8
    port 16969 Priority
    port 17166 Mosaic
    port 17300 Kuang2 the virus
    port 17449 Kid Terror
    port 17499 CrazzyNet
    port 17500 CrazzyNet
    port 17569 Infector
    port 17593 AudioDoor
    port 17777 Nephron
    port 18667 Knark
    port 18753 (UDP) - Shaft
    port 19864 ICQ Revenge
    port 20000 Millenium
    port 20001 Insect, Millenium, Millenium (Lm)
    port 20002 AcidkoR
    port 20005 Mosucker
    port 20023 VP Killer
    port 20034 NetBus 2.0 Pro, NetBus 2.0 Pro Hidden, NetRex, Whack Job
    port 20203 Chupacabra
    port 20331 BLA trojan
    port 20432 Shaft
    port 20433 (UDP) - Shaft
    port 21544 GirlFriend, Kid Terror, Matrix
    port 21554 Exploiter, FreddyK, Kid Terror, Schwindler, Winsp00fer
    port 21579 Breach
    port 21957 Latinus
    port 22222 Donald Dick, Prosiak, Ruler, RUX The TIc.K
    port 23005 NetTrash, Olive, Oxon
    port 23006 NetTrash
    port 23023 Logged
    port 23032 Amanda
    port 23321 Konik
    port 23432 Asylum
    port 23456 Evil FTP, Ugly FTP, Whack Job
    port 23476 Donald Dick
    port 23476 (UDP) - Donald Dick
    port 23477 Donald Dick
    port 23777 InetSpy
    port 24000 Infector
    port 24289 Latinus
    port 25123 Goy'Z TroJan
    port 25555 FreddyK
    port 25685 MoonPie
    port 25686 MoonPie
    port 25982 MoonPie
    port 26274 (UDP) - Delta Source
    port 26681 Voice Spy
    port 27160 MoonPie
    port 27374 Bad Blood, EGO, Fake SubSeven, Lion, Ramen, Seeker, SubSeven, SubSeven 2.1 Gold, Subseven 2.1.4 DefCon 8, SubSeven 2.2, SubSeven Muie, The Saint, Ttfloader, Webhead
    port 27444 (UDP) - Trinoo
    port 27573 SubSeven
    port 27665 Trinoo
    port 28431 Hack´a´Tack
    port 28678 Exploiter
    port 29104 NetTrojan
    port 29292 BackGate
    port 29369 ovasOn
    port 29559 Latinus
    port 29891 The Unexplained
    port 30000 Infector
    port 30001 ErrOr32
    port 30003 Lamers Death
    port 30005 Backdoor JZ
    port 30029 AOL trojan
    port 30100 NetSphere
    port 30101 NetSphere
    port 30102 NetSphere
    port 30103 NetSphere
    port 30103 (UDP) - NetSphere
    port 30133 NetSphere
    port 30303 Sockets des Troie
    port 30700 Mantis
    port 30947 Intruse
    port 30999 Kuang2
    port 31221 Knark
    port 31335 Trinoo
    port 31336 Bo Whack, Butt Funnel
    port 31337 ADM worm, Back Fire, Back Orifice 1.20 patches, Back Orifice (Lm), Back Orifice russian, Baron Night, Beeone, bindshell, BO client, BO Facil, BO spy, BO2, cron / crontab, Freak88, Freak2k, Gummo, icmp_pipe.c, Linux Rootkit IV (4), Sm4ck, Sockdmini
    port 31337 (UDP) - Back Orifice, Deep BO
    port 31338 Back Orifice, Butt Funnel, NetSpy (DK)
    port 31338 (UDP) - Deep BO, NetSpy (DK)
    port 31339 NetSpy (DK), NetSpy (DK)
    port 31557 Xanadu
    port 31666 BOWhack
    port 31745 BuschTrommel
    port 31785 Hack´a´Tack
    port 31787 Hack´a´Tack
    port 31788 Hack´a´Tack
    port 31789 (UDP) - Hack´a´Tack
    port 31790 Hack´a´Tack
    port 31791 (UDP) - Hack´a´Tack
    port 31792 Hack´a´Tack
    port 32001 Donald Dick
    port 32100 Peanut Brittle, Project nEXT
    port 32418 Acid Battery
    port 32791 Acropolis
    port 33270 Trinity
    port 33333 Blakharaz, Prosiak
    port 33567 Lion, T0rn Rootkit
    port 33568 Lion, T0rn Rootkit
    port 33577 Son of PsychWard
    port 33777 Son of PsychWard
    port 33911 Spirit 2000, Spirit 2001
    port 34324 Big Gluck, TN
    port 34444 Donald Dick
    port 34555 (UDP) - Trinoo (for Windows)
    port 35555 (UDP) - Trinoo (for Windows)
    port 37237 Mantis
    port 37266 The Killer Trojan
    port 37651 Yet Another Trojan - YAT
    port 38741 CyberSpy
    port 39507 Busters
    port 40412 The Spy
    port 40421 Agent 40421, Masters Paradise
    port 40422 Masters Paradise
    port 40423 Masters Paradise
    port 40425 Masters Paradise
    port 40426 Masters Paradise
    port 41337 Storm
    port 41666 Remote Boot Tool - RBT, Remote Boot Tool - RBT
    port 44444 Prosiak
    port 44575 Exploiter
    port 44767 (UDP) - School Bus
    port 45559 Maniac rootkit
    port 45673 Acropolis
    port 47017 T0rn Rootkit
    port 47262 (UDP) - Delta Source
    port 48004 Fraggle Rock
    port 48006 Fraggle Rock
    port 49000 Fraggle Rock
    port 49301 OnLine KeyLogger
    port 50000 SubSARI
    port 50130 Enterprise
    port 50505 Sockets des Troie
    port 50766 Fore, Schwindler
    port 51966 Cafeini
    port 52317 Acid Battery 2000
    port 53001 Remote Windows Shutdown - RWS
    port 54283 SubSeven, SubSeven 2.1 Gold
    port 54320 Back Orifice 2000
    port 54321 Back Orifice 2000, School Bus
    port 55165 File Manager trojan, File Manager trojan, WM Trojan Generator
    port 55166 WM Trojan Generator
    port 57341 NetRaider
    port 58339 Butt Funnel
    port 60000 Deep Throat, Foreplay, Sockets des Troie
    port 60001 Trinity
    port 60008 Lion, T0rn Rootkit
    port 60068 Xzip 6000068
    port 60411 Connection
    port 61348 Bunker-Hill
    port 61466 TeleCommando
    port 61603 Bunker-Hill
    port 63485 Bunker-Hill
    port 64101 Taskman
    port 65000 Devil, Sockets des Troie, Stacheldraht
    port 65390 Eclypse
    port 65421 Jade
    port 65432 The Traitor (= th3tr41t0r)
    port 65432 (UDP) - The Traitor (= th3tr41t0r)
    port 65530 Windows Mite
    port 65534 /sbin/initd
    port 65535 Adore worm, RC1 trojan, Sins


    Adore HDC

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides