Does anyone know of any new vulnerabilities that directly (or indirectly) relate to TCP port 6768. Any virii, trojans, security holes...anything. Any help would be appreciated.
-The Eeshman
Printable View
Does anyone know of any new vulnerabilities that directly (or indirectly) relate to TCP port 6768. Any virii, trojans, security holes...anything. Any help would be appreciated.
-The Eeshman
I think that the port is open for a trojan. If you are working with a Windows 2000 or NT you can download a program called Fport. This program show you the connections and what is the name of the program what is using the port. You can see too regedit to see if some rare program start when you boot your computer. To see this open regedit to open regedit do this:
start\execute
and put regedit then a new window is open you have to go to this key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
and here you will seethe programs that run when you boot your computer and if you see the name of some trojan you have a trojan.
If you want more information about ports used by trojans see this url:
http://www.doshelp.com/trojanports.htm
Bye :)
Good post from PainShock, look at that site,
eeshman: I think there is a possibility that you are dealing with
BackDoor-G or SubSeven
I hate to ditto the bad news, but ports 6776-6780 are used almost exclusively by Sub7 and there are no other services that are known to communicate on this port.
Thanks for the help everyone. I was leaning toward Sub7, but was curious if anything was using this port exclusively. Once again, thanks.
By the way good site PainShock. Thanks for the link.
-The Eeshman