Network Consulting

NOTE: New Main Phone Number: 732-784-2869

   
  

 

ONCTek has compiled a list of known Trojan/Backdoors and the TCP/UDP ports on which they operate. This list should not be considered complete, nor should all activity on these ports be considered suspect. This list is for informational purposes only. This list will be kept as up-to-date as possible within reason. Please contact us at ONCTek LLC with any additions, changes, or questions. We are currently tracking 500+ different trojan/versions/ports on this list. The more information we have the better we can protect ourselves.

Other links you might be interested in: Current TCP/IP Port Information (Well Known and Registered Ports)

NOTE: We are revamping our Trojan and port listing. In the coming weeks we will be unveiling a new database driven utility to return the latest information about the good and bad things particular TCP/IP ports are used for. Additionally we will provide analyst comments and more details. Stay tuned!

Port

Possible Trojan/BackDoor
1 Sockets de Troie (UDP)      
2 Death      
20 Senna Spy FTP Server      
21 Back Construction Blade Runner Doly Trojan Fore
21 FTP trojan Invisible FTP Larva WebEx
21   WinCrash Cattivik FTP Server CC Invader Dark FTP
21  Juggernaut 42 MotIv FTP Net Administrator Ramen
21  Senna Spy FTP Traitor 21 The Flu  
22 Shaft      
23 Tiny Telnet Server[TTS] Fire HacKer Truva Atl  
25 Ajan Antigen Email Password Sender [EPS] [EPS2] Haebu Coceda
25  Naebi Happy 99 Kuang2 ProMail trojan
25  Shtrilitz Stealth Tapiras Terminator
25  WinPC WinSpy Barok Gip
25  Gris HPteam Mail Hybris I Love You
25  Magic Horse Mail Bombing Trojan [MBT] Moscow EMail Trojan New Apt Worm
30  Agent 40421      
31 Agent 31 Hackers Paradise Masters Paradise  
41 DeepThroat Foreplay    
48 DRAT      
50 DRAT      
58 DMSetup      
59 DMSetup      
79 Firehotcker CDK    
80 Executor RingZero 711 Trojan AckCMD
80 BackEnd BackOrifice 200 Plug-ins Cafeini CGI Backdoor
80 God Message God Message Creator Hooker IISWorm
80 MTX NCX Reverse WWW Tunnel Backdoor Seeker
80 WAN Remote Web Server CT WebDownloader  
81 RemoConChubo      
99 Hidden Port NCX    
110 ProMail trojan      
113 Kazimas Invisible Identd Daemon    
119 Happy 99      
121 JammerKillah AttackBot God Message  
123 NetController      
133 Farnaz      
137 Chode MSinit (UDP)    
138 Chode      
139 Chode MSinit God Message Worm Netlog
139 Network Qaz    
142 NetTaxi      
146 Infector Infector (UDP)    
170 A-Trojan      
334 Backage      
411 Backage      
420 Breach Incognito    
421 TCP Wrappers      
455 Fatal Connections      
456 Hackers Paradise      
513 GRLogin      
514 RPCBackdoor      
531 Rasmin Net666    
555 Ini-Killer NeTAdmin Phase Zero Stealth Spy
555 711 [Seven Eleven]      
605 Secret Service      
666 Attack FTP Back Construction Cain & Abel Satanz Backdoor
666  ServeU Shadow Phyre NokNok BLA Trojan
666  Th3r1pp3rz [The Rippers]      
667  SniperNet      
669  DPTrojan      
692  GayOL      
777 AIM Spy Undetected    
808  WinHole      
911 Dark Shadow      
999 DeepThroat WinSatan Foreplay  
1000  Der Spaeher Der Späher Direct Connection  
1001 Silencer WebEx Le Guardian Der Späher
1001 Der Spaeher      
1010 Doly Trojan      
1011 Doly Trojan      
1012 Doly Trojan      
1015 Doly Trojan      
1016 Doly Trojan      
1024 NetSpy Jade Latinus  
1024 Remote Spy Remote Spy (UDP)    
1035 MultiDropper      
1042 Bla      
1045 Rasmin      
1049 /sbin/initd      
1050 MiniCommand      
1053 The Thief      
1054 AckCMD      
1080 WinHole      
1081 WinHole      
1082 WinHole      
1083 WinHole      
1090 Xtreme      
1095 RAT      
1097 RAT      
1098 RAT      
1099 RAT Bloodfest Evolution    
1150 Orion      
1151 Orion      
1170 Psyber Stream Server Voice Streaming Audio Streaming Audio Server  
1200 NoBackO (UDP)      
1201 NoBackO (UDP)      
1207 SoftWar      
1208 Infector      
1212 Kaos      
1234 Ultors Trojan SubSeven Java Client    
1243 BackDoor-G Seven SubSeven Apocalypse Tiles
1245 VooDoo Doll      
1255 Scarab      
1256 Project nEXT      
1257 Frenzy 2000      
1269 Mavericks Matrix      
1272 The Matrix      
1313 NETrojan      
1338 Millenium Worm      
1349 BO DLL (UDP)      
1394 GoFriller Backdoor G-1    
1441 Remote Storm      
1492 FTP99CMP      
1505 FunkProxy      
1509 Psyber Streaming Server      
1524 Trin00      
1568 Remote Hack      
1600 Shivka-Burka Direct Connection    
1703 Exploiter      
1777 Scarab      
1807 SpySender      
1966 FakeFTP      
1967 WM FTP Server      
1969 OpC BO      
1981 Shockrave Bowl    
1999 BackDoor TransScout SubSeven  
2000 TransScout Remote Explorer Der Späher Der Spaeher
2000 Insane Network Last 2000 Senna Spy Trojan Generator  
2001 TransScout Trojan Cow Der Späher Der Spaeher
2002 TransScout      
2003 TransScout      
2004 TransScout      
2005 TransScout      
2023 Ripper Pro HackCity     
2080 WinHole      
2086 Netscape/Corba Exploit      
2115 Bugs      
2030 Mini Backlash (UDP)      
2140 Deep Throat 1.3 Server (UDP) The Invasor Deep Throat 1.3 KeyLogger (UDP)  Deep Throat v2
2040 Foreplay (UDP)      
2155 Illusion Mailer      
2255 Nirvana      
2283 HVL Rat      
2300 Xplorer      
2311 Studio 54      
2330 Contact      
2331 Contact      
2332 Contact      
2333 Contact      
2335 Contact      
2336 Contact      
2337 Contact      
2338 Contact      
2339 Contact VoiceSpy VoiceSpy (UDP)  
2345 Doly Trojan      
2565 Striker      
2583 WinCrash      
2600 Digital RootBeer      
2716 Prayer 1.2 Prayer 1.3    
2773 SubSeven SubSeven Gold 2.1    
2774 SubSeven SubSeven Gold 2.1    
2801 Phineas Phucker      
2989 RAT (UDP)      
3000 RemoteShut      
3024 WinCrash      
3031 MicroSpy      
3128 RingZero Reverse WWW Tunnel Backdoor    
3129 Masters Paradise      
3150 Deep Throat 1.3 Server (UDP) The Invasor  Deep Throat v2  
3344 Matrix Client      
3345 Matrix Server      
3456 Terror Trojan      
3459 Eclipse 2000 Sanctuary    
3700 Portal of Doom      
3777 Psych Ward      
3791 Eclypse      
3801 Eclypse (UDP)      
4000 Skydance      
4092 WinCrash      
4242 Virtual Hacking Machine [VHM]      
4321 BoBo      
4444 Prosiak Swift Remote    
4567 File Nail      
4590 ICQTrojan ICQ Trogen [LM]    
5000 Bubbel Back Door Setup Sockets de Troie Socket23
5000 Blazer5 IC Killer Rald  
5001 Back Door Setup Sockets de Troie    
5002 cd00r Shaft    
5010 Solo      
5011 One of the Last Trojans [OOTLT]      
5025 WM Remote Keylogger      
5031 NetMetro      
5032 NetMetro      
5321 Firehotcker BackDoorz     
5333 Backage NetDemon    
5343 wCrat WC Remote Admin Tool      
5400 Blade Runner Back Construction    
5401 Blade Runner Back Construction    
5402 Blade Runner Back Construction    
5512 Illusion Mailer  Xtcp    
5534 The Flu      
5550 Xtcp      
5555 ServeMe      
5556 BO Facil      
5557 BO Facil      
5569 Robo-Hack      
5637 PC Crasher      
5638 PC Crasher      
5639 PC Crasher      
5714 WinCrash Server      
5741 WinCrash      
5742 WinCrash      
5760 PortMap Remote Root Linux Exploit      
5880 Y3K Rat      
5882 Y3K Rat Y3K Rat (UDP)    
5888 Y3K Rat Y3K Rat (UDP)    
5889 Y3K Rat      
6000 The Thing      
6006 Bad Blood      
6272 Secret Service      
6400 The Thing      
6661 TEMain Weia-Meia    
6666 DarkConnection Inside NetBus worm    
6667 Pretty Park DarkFTP ScheduleAgent SubSeven
6667 Subseven 2.14 DefCon 8 Trinity WinSatan
6669 Vampyre HostControl    
6670 DeepThroat  Deep Throat v2 BackWeb Server Deep Throat
6670 WinNuke eXtreame    
6671 DeepThroat       
6674 DeepThroat       
6711 Deep Throat v2  SubSeven BackDoor-G VP Killer
6712 SubSeven Funny Trojan    
6713 SubSeven      
6723 MStream      
6771 DeepThroat Foreplay    
6776 BackDoor-G SubSeven 2000 Cracks VP Killer
6838 MStream      
6883 DeltaSource DarkStar    
6912 Shit Heep      
6939 Indoctrination      
6969 GateCrasher Priority IRC 3 NetController
6970 GateCrasher      
7000 Remote Grab Kazimas Exploit Translation Server SubSeven
7000 SubSeven 2.1 Gold      
7001 Freak88 Freak2K    
7215 SubSeven SubSeven 2.1 Gold    
7300 NetMonitor      
7301 NetMonitor      
7306 NetMonitor      
7307 NetMonitor      
7308 NetMonitor      
7424 Host Control Host Control (UDP)    
7597 Qaz      
7626 Glacier      
7777 God Message Tini    
7789 Back Door Setup ICKiller    
7891 The ReVeNgEr      
7983 MStream      
8080 RingZero Brown Orifice RemoConChubo Reverse WWW Tunnel Backdoor
8787 BackOrifice 2000      
8988 BacHack      
8989 Recon  Recon2 xcon  
9000 NetMinistrater      
9325 MStream (UDP)      
9400 InCommand      
9872 Portal of Doom      
9873 Portal of Doom      
9874 Portal of Doom      
9875 Portal of Doom      
9876 Cyber Attacker Rux    
9878 TransScout      
9989 iNi-Killer      
9999 Prayer 1.2 Prayer 1.3    
10000 OpwinTRojan      
10005 OpwinTRojan      
10067 Portal of Doom (UDP)  Portal of Doom    
10085 Syphillis      
10086 Syphillis      
10100 Control Total Gift Trojan    
10101 BrainSpy Silencer    
10167 Portal of Doom (UDP)   Portal of Doom    
10520 Acid Shivers      
10528 Host Control      
10607 Coma      
10666 Ambush (UDP)      
11000 Senna Spy      
11050 Host Control      
11051 Host Control      
11223 Progenic trojan Secret Agent    
12076 Gjamer      
12223 Hack 99 KeyLogger      
12345 GabanBus NetBus Pie Bill Gates X-bill
12345 Ashley cron/crontab Fat Bitch Trojan icmp client.c
12345 icmp pipe.c Mypic Netbus Toy Netbus Worm
12345 Whack Job      
12346 GabanBus NetBus X-bill Fat Bitch Trojan
12349 BioNet      
12361 Whack-a-mole      
12362 Whack-a-mole      
12363 Whack-a-mole      
12623 DUN Control (UDP)      
12624 ButtMan      
12631 WhackJob      
12754 MStream      
13000 Senna Spy      
13010 Hacker Brasil [HBR]      
13013 Psych Ward      
13014 Psych Ward      
13223 Hack 99 Keylogger      
13473 Chupacabra      
14500 PC Invader      
14501 PC Invader      
14502 PC Invader      
14503 PC Invader      
15000 Net Demon      
15092 Host Control      
15104 MStream      
15302 Sub Zero      
15858 CDK      
16484 Mosucker      
16660 Stacheldraht      
16772 ICQ Revenge      
16959 Sub Seven Sub Seven 2.14 DefCon 8  
16969 Priority      
17166 Mosaic      
17300 Kuang2 The Virus      
17449 Kid Terror      
17499 CrazzyNet      
17500 CrazzyNet      
17569 Infector      
17593 Audio Door      
17777 Nephron      
18753 Shaft (UDP)      
19864 ICQ Revenge      
20000 Millennium      
20001 Millennium Millenium LM    
20002 Acidkor      
20005 Mosucker      
20023 VP Killer      
20034 NetBus 2 Pro NetBus 2 Pro Hidden NetRex WhackJob
20203 Chupacabra      
20331 Bla      
20203 Logged      
20331 BLA Trojan      
20432 Shaft      
20433 Shaft (UDP)      
20544 Girlfriend Kid Terror    
21554 GirlFriend Schwindler Exploiter WinSpoofer
22222 Prosiak Donald Dick Ruler RUX the TIc.k
23005 NetTrash      
23006 NetTrash      
23023 Logged      
23032 Amanda      
23432 Asylum      
23456 Evil FTP Ugly FTP Whack Job  
23476 Donald Dick      
23477 Donald Dick      
23777 InetSpy      
24000 Infector      
25685 Moonpie      
25686 Moonpie      
25982 Moonpie      
26274 Delta Source (UDP) Delta Source    
26681 VoiceSpy      
27374 Sub Seven 2.1 (UDP) Bad Blood Ramen Seeker
27374 Sub Seven 2.14 Sub Seven Muie DefCon 8 Ttfloader
27444 Trinoo (UDP)      
27573 Sub Seven 2.1 (UDP) Sub Seven 2.1    
27665 Trin00 DoS      
28678 Exploiter      
29104 NetTrojan      
29369 ovasOn      
29891 The Unexplained (UDP)      
30000 infector      
30001 ErrOr32      
30003 Lamers Death      
30029 AOL Trojan      
30100 NetSphere      
30101 NetSphere      
30102 NetSphere      
30103 NetSphere NetSphere (UDP)    
30133 NetSphere      
30303 Sockets de Troie Socket25    
30947 Intruse      
30999 Kuang      
31335 Trin00 DoS      
31336 Bo Whack Butt Funnel    
31337 Baron Night BackOrifice client BO2K Bo Facil
31337 Back Orifice (UDP) BackFire DeepBO NetPatch
31337 Beeone BO Spy Freak 88 Freak 2k
31337 Sockdmini icmp pipe.c cron / crontab  
31338 NetSpy DK Back Orifice (UDP) DeepBO (UDP) Butt Funnel
31339 NetSpy DK      
31666 BOWhack      
31785 Hack a Tack      
31787 Hack a Tack      
31788 Hack a Tack      
31789 Hack a Tack (UDP)      
31791 Hack a Tack (UDP)      
31792 Hack a Tack      
32001 Donald Dick      
32100 Peanut Brittle Project nEXT    
32418 Acid Battery      
33270 Trinity      
33333 Prosiak Blakharaz    
33577 Son of PsychWard      
33777 Son of PsychWard      
33911 Spirit 2001a Spirit 2000    
34324 BigGluck TN  Tiny Telnet Server  
34444 Donald Dick      
34555 WinTrinoo      
35555 WinTrinoo      
37237 Mantis      
37651 Yet Another Trojan      
40412 The Spy      
40421 Agent 40421 Masters Paradise    
40422 Masters Paradise      
40423 Masters Paradise      
40425 Masters Paradise      
40426 Masters Paradise      
41337 Storm      
41666 Remote Boot Tool [RBT]      
44444 Prosiak      
44575 Exploiter      
47262 Delta Source (UDP)      
49301 Online KeyLogger      
50130 Enterprise      
50505 Sockets de Troie      
50766 Fore Schwindler    
51966 Cafeini      
52317 Acid Battery 2000      
53001 Remote Windows Shutdown      
54283 SubSeven SubSeven 2.1 Gold    
54320 Back Orifice 2000      
54321 School Bus Back Orifice 2000 Back Orifice 2000 (UDP)  
55165 File Manager Trojan WM Trojan Generator    
55166 WM Trojan Generator      
57341 NetRaider Trojan      
58339 Butt Funnel      
60000 Deep Throat 1.3 Client (UDP)  Deep Throat v2 Foreplay Sockets de Troie
60001 Trinity      
60068 Xzip 6000068      
60411 Connection      
61348 Bunker-Hill Trojan      
61466 Telecommando      
61603 Bunker-Hill Trojan      
63485 Bunker-Hill Trojan      
64101 Taskman      
65000 Devil Stacheldraht Sockets de Troie  
65390 Eclypse      
65421 Jade      

  
 
© Copyright 1998-2017 ONCTek LLC and it's licensors. All rights reserved.