TCP/UDP 端口及部分端口的作用

时间:2022-03-23 05:11:31

TCP/UDP 端口

TCP 和 UDP 都是 IP 层的传输协议,是 IP 与上层之间的处理接口。TCP 和 UDP 协议端口号被设计来区分运行在单个设备上的多重应用程序的 IP 地址。

由于同一台机器上可能会运行多个网络应用程序,所以计算机需要确保目标计算机上接收源主机数据包的软件应用程序的正确性,以及响应能够被发送到源主 机的正确应用程序上。该过程正是通过使用TCP 或 UDP 端口号来实现的。在 TCP 和 UDP 头部分,有“源端口”和“目标端口”段,主要用于显示发送和接收过程中的身份识别信息。IP 地址和端口号合在一起被称为“套接字”。

IETF IANA 定义了三种端口组:公认端口(Well Known Ports)、注册端口(RegisteredPorts)以及动态和/或私有端口(Dynamic and/or Private Ports) 。

  • 公认端口(Well Known Ports)从0到1023。
  • 注册端口(RegisteredPorts)从1024到49151。
  • 动态和/或私有端口(Dynamic and/or Private Ports)从49152到65535。

部分TCP/UDP端口

端口号 协议 服务名称 别名 注释
7 TCP echo   Echo
7 UDP echo   Echo
9 TCP discard sink null Discard
9 UDP discard sink null Discard
13 TCP daytime   Daytime
13 UDP daytime   Daytime
17 TCP qotd quote Quote of the day
17 UDP qotd quote Quote of the day
19 TCP chargen ttytst source Character generator
19 UDP chargen ttytst source Character generator
20 TCP ftp-data   File Transfer
21 TCP ftp   FTP Control
23 TCP telnet   Telnet
25 TCP smtp mail Simple Mail Transfer
37 TCP time   Time
37 UDP time   Time
39 UDP rlp resource Resource Location Protocol
42 TCP nameserver name Host Name Server
42 UDP nameserver name Host Name Server
43 TCP nicname whois Who Is
53 TCP domain   Domain Name
53 UDP domain   Domain Name Server
67 UDP bootps dhcps Bootstrap Protocol Server
68 UDP bootpc dhcpc Bootstrap Protocol Client
69 UDP tftp   Trivial File Transfer
70 TCP gopher   Gopher
79 TCP finger   Finger
80 TCP http www,http World Wide Web
88 TCP kerberos krb5 Kerberos
88 UDP kerberos krb5 Kerberos
101 TCP hostname hostnames NIC Host Name Server
102 TCP iso-tsap   ISO-TSAP Class 0
107 TCP rtelnet   Remote Telnet Service
109 TCP pop2 postoffice Post Office Protocol - Version 2
110 TCP pop3 postoffice Post Office Protocol - Version 3
111 TCP sunrpc rpcbind portmap SUN Remote Procedure Call
111 UDP sunrpc rpcbind portmap SUN Remote Procedure Call
113 TCP auth ident tap Authentication Sevice
117 TCP uucp-path   UUCP Path Service
119 TCP nntp usenet Network News Transfer Protocol
123 UDP ntp   Network Time Protocol
135 TCP epmap loc-srv DCE endpoint resolution
135 UDP epmap loc-srv DCE endpoint resolution
137 TCP netbios-ns nbname NETBIOS Name Service
137 UDP netbios-ns nbname NETBIOS Name Service
138 UDP netbios-dgm nbdatagram NETBIOS Datagram Service
139 TCP netbios-ssn nbsession NETBIOS Session Service
143 TCP imap imap4 Internet Message Access Protocol
158 TCP pcmail-srv repository PC Mail Server
161 UDP snmp snmp SNMP
162 UDP snmptrap snmp-trap SNMP TRAP
170 TCP print-srv   Network PostScript
179 TCP bgp   Border Gateway Protocol
194 TCP irc   Internet Relay Chat Protocol
213 UDP ipx   IPX over IP
389 TCP ldap   Lightweight Directory Access Protocol
443 TCP S-HTTP MCom  
443 UDP S-HTTP MCom  
445 TCP     Microsoft CIFS
445 UDP     Microsoft CIFS
464 TCP kpasswd   Kerberos (v5)
464 UDP kpasswd   Kerberos (v5)
500 UDP isakmp ike Internet Key Exchange (IPSec)
512 TCP exec   Remote Process Execution
512 UDP biff comsat Notifies users of new mail
513 TCP login   Remote Login
513 UDP who whod Database of who's logged on,average load
514 TCP cmd shell Automatic Authentication
514 UDP syslog    
515 TCP printer spooler Listens for incoming connections
517 UDP talk   Establishes TCP Connection
518 UDP ntalk    
520 TCP efs   Extended File Name Server
520 UDP router router routed RIPv.1,RIPv.2
525 UDP timed timeserver Timeserver
526 TCP tempo newdate Newdate
530 TCP,UDP courier rpc RPC
531 TCP conference chat IRC Chat
532 TCP netnews readnews Readnews
533 UDP netwall   For emergency broadcasts
540 TCP uucp uucpd Uucpd
543 TCP klogin   Kerberos login
544 TCP kshell krcmd Kerberos remote shell
550 UDP new-rwho new-who New-who
556 TCP remotefs rfs rfs_server Rfs Server
560 UDP rmonitor rmonitord Rmonitor
561 UDP monitor    
636 TCP ldaps sldap LDAP over TLS/SSL
749 TCP kerberos-adm   Kerberos administration
749 UDP kerberos-adm   Kerberos administration


大部分端口的作用

系统服务端口
1 tcpmux TCP Port Service Multiplexer  传输控制协议端口服务多路开关选择器
2  compressnet Management Utility     compressnet 管理实用程序
3 compressnet  Compression Process    压缩进程
5 rje Remote Job Entry          远程作业登录
7  echo Echo               回显
9 discard Discard            丢弃
11  systat Active Users          在线用户
13 daytime Daytime            时间
17  qotd Quote of the Day         每日引用
18 msp Message Send Protocol       消息发送协议
19 chargen Character Generator      字符发生器
20  ftp-data File Transfer [Default Data] 文件传输协议(默认数据口) 
21 ftp File Transfer [Control]      文件传输协议(控制)
22 ssh SSH Remote Login Protocol     SSH远程登录协议
23 telnet Telnet             终端仿真协议
24 ?  any private mail system       预留给个人用邮件系统
25 smtp Simple Mail Transfer       简单邮件发送协议
27 nsw-fe NSW User System FE       NSW 用户系统现场工程师
29 msg-icp MSG ICP            MSG ICP
31 msg-auth MSG Authentication      MSG验证
33 dsp Display Support Protocol     显示支持协议
35  ? any private printer server     预留给个人打印机服务
37 time Time                时间
38 rap Route Access Protocol       路由访问协议
39 rlp Resource Location Protocol    资源定位协议
41 graphics Graphics           图形
42  nameserver WINS Host Name Server   WINS 主机名服务
43 nicname Who Is            "绰号" who is服务
44 mpm-flags MPM FLAGS Protocol     MPM(消息处理模块)标志协议
45 mpm Message Processing Module [recv] 消息处理模块 
46 mpm-snd MPM [default send]      消息处理模块(默认发送口)
47  ni-ftp NI FTP             NI FTP
48 auditd Digital Audit Daemon      数码音频后台服务 
49 tacacs Login Host Protocol (TACACS)  TACACS登录主机协议
50 re-mail-ck Remote Mail Checking Protocol 远程邮件检查协议
51  la-maint IMP Logical Address Maintenance IMP(接口信息处理机)逻辑地址维护
52  xns-time XNS Time Protocol      施乐网络服务系统时间协议  
53 domain Domain Name Server       域名服务器
54 xns-ch XNS Clearinghouse       施乐网络服务系统票据交换
55  isi-gl ISI Graphics Language     ISI图形语言
56 xns-auth XNS Authentication      施乐网络服务系统验证
57 ? any private terminal access     预留个人用终端访问
58 xns-mail XNS Mail           施乐网络服务系统邮件
59 ? any private file service      预留个人文件服务
60 ? Unassigned             未定义
61  ni-mail NI MAIL            NI邮件?
62 acas ACA Services           异步通讯适配器服务
63 whois+ whois+              WHOIS+
64 covia  Communications Integrator (CI) 通讯接口 
65 tacacs-ds TACACS-Database Service   TACACS数据库服务
66 sql*net Oracle SQL*NET        Oracle SQL*NET
67 bootps Bootstrap Protocol Server   引导程序协议服务端
68 bootpc  Bootstrap Protocol Client   引导程序协议客户端
69 tftp Trivial File Transfer      小型文件传输协议
70 gopher Gopher             信息检索协议
71  netrjs-1 Remote Job Service      远程作业服务
72 netrjs-2 Remote Job Service      远程作业服务
73 netrjs-3 Remote Job Service      远程作业服务
74  netrjs-4 Remote Job Service      远程作业服务
75 ? any private dial out service    预留给个人拨出服务
76 deos Distributed External Object Store 分布式外部对象存储 
77 ? any private RJE service      预留给个人远程作业输入服务
78  vettcp vettcp             修正TCP?
79 finger Finger           FINGER(查 询远程主机在线用户等信息)
80 http World Wide Web HTTP       全球信息网超文本传输协议
81  hosts2-ns HOSTS2 Name Server     HOST2名称服务
82 xfer XFER Utility           传输实用程序
83 mit-ml-dev MIT ML Device       模块化智能终端ML设备
84 ctf Common Trace Facility       公用追踪设备
85  mit-ml-dev MIT ML Device       模块化智能终端ML设备
86 mfcobol Micro Focus Cobol       Micro Focus Cobol编程语言
87 ? any private terminal link      预留给个人终端连接
88 kerberos Kerberos           Kerberros安全认证系统
89  su-mit-tg SU/MIT Telnet Gateway    SU/MIT终端仿真网关
90 dnsix DNSIX Securit Attribute Token Map DNSIX 安全属性标记图 
91 mit-dov MIT Dover Spooler       MIT Dover假脱机
92 npp Network Printing Protocol     网络打印协议
93 dcp Device Control Protocol      设备控制协议
94 objcall  Tivoli Object Dispatcher   Tivoli对象调度
95 supdup SUPDUP            
96  dixie DIXIE Protocol Specification  DIXIE协议规范
97 swift-rvf Swift Remote Virtural File Protocol 快速远程虚拟文件协议 
98 tacnews TAC News          TAC(东京大学自动计算机?)新闻协议
99 metagram Metagram Relay       
100  newacct [unauthorized use]
7/tcp echo
7/udp discard
9/tcp sink nulldiscard
9/udp sink nullsystat
11/tcp users #Active userssystat
11/tcp users #Active usersdaytime
13/tcpdaytime
13/udpqotd
17/tcp quote #Quote of the dayqotd
17/udp quote #Quote of the daychargen
19/tcp ttytst source #Character generatorchargen
19/udp ttytst source #Character generatorftp-data
20/tcp #FTP, dataftp
21/tcp #FTP. controltelnet
23/tcpsmtp
25/tcp mail #Simple Mail Transfer Protocoltime
37/tcp timservertime
37/udp timserverrlp
39/udp resource #Resource Location Protocolnameserver
42/tcp name #Host Name Servernameserver
42/udp name #Host Name Servernicname
43/tcp whoisdomain
53/tcp #Domain Name Serverdomain
53/udp #Domain Name Serverbootps
67/udp dhcps #Bootstrap Protocol Serverbootpc
68/udp dhcpc #Bootstrap Protocol Clienttftp
69/udp #Trivial File Transfergopher
70/tcpfinger
79/tcphttp
80/tcp www www-http #World Wide Webkerberos
88/tcp krb5 kerberos-sec #Kerberoskerberos
88/udp krb5 kerberos-sec #Kerberoshostname
101/tcp hostnames #NIC Host Name Serveriso-tsap
102/tcp #ISO-TSAP Class 0rtelnet
107/tcp #Remote Telnet Servicepop2
109/tcp postoffice #Post Office Protocol - Version 2pop3
110/tcp #Post Office Protocol - Version 3sunrpc
111/tcp rpcbind portmap #SUN Remote Procedure Callsunrpc
111/udp rpcbind portmap #SUN Remote Procedure Callauth
113/tcp ident tap #Identification Protocoluucp-path
117/tcpnntp
119/tcp usenet #Network News Transfer Protocolntp
123/udp #Network Time Protocolepmap
135/tcp loc-srv #DCE endpoint resolutionepmap
135/udp loc-srv #DCE endpoint resolutionnetbios-ns
137/tcp nbname #NETBIOS Name Servicenetbios-ns
137/udp nbname #NETBIOS Name Servicenetbios-dgm
138/udp nbdatagram #NETBIOS Datagram Servicenetbios-ssn
139/tcp nbsession #NETBIOS Session Serviceimap
143/tcp imap4 #Internet Message Access Protocolpcmail-srv
158/tcp #PCMail Serversnmp
161/udp #SNMPsnmptrap
162/udp snmp-trap #SNMP trapprint-srv
170/tcp #Network PostScriptbgp
179/tcp #Border Gateway Protocolirc
194/tcp #Internet Relay Chat Protocol ipx
213/udp #IPX over IPldap
389/tcp #Lightweight Directory Access Protocolhttps
443/tcp MComhttps
443/udp MCommicrosoft-ds
445/tcpmicrosoft-ds
445/udpkpasswd
464/tcp # Kerberos (v5)kpasswd
464/udp # Kerberos (v5)isakmp
500/udp ike #Internet Key Exchangeexec
512/tcp #Remote Process Executionbiff
512/udp comsatlogin
513/tcp #Remote Loginwho
513/udp whodcmd
514/tcp shellsyslog
514/udpprinter
515/tcp spoolertalk
517/udpntalk
518/udpefs
520/tcp #Extended File Name Serverrouter
520/udp route routedtimed
525/udp timeservertempo
526/tcp newdatecourier
530/tcp rpcconference
531/tcp chatnetnews
532/tcp readnewsnetwall
533/udp #For emergency broadcastsuucp
540/tcp uucpdklogin
543/tcp #Kerberos loginkshell
544/tcp krcmd #Kerberos remote shellnew-rwho
550/udp new-whoremotefs
556/tcp rfs rfs_serverrmonitor
560/udp rmonitordmonitor
561/udpldaps
636/tcp sldap #LDAP over TLS/SSLdoom
666/tcp #Doom Id Softwaredoom
666/udp #Doom Id Softwarekerberos-adm
749/tcp #Kerberos administrationkerberos-adm
749/udp #Kerberos administrationkerberos-iv
750/udp #Kerberos version IVkpop
1109/tcp #Kerberos POPphone
1167/udp #Conference callingms-sql-s
1433/tcp #Microsoft-SQL-Server ms-sql-s
1433/udp #Microsoft-SQL-Server ms-sql-m
1434/tcp #Microsoft-SQL-Monitorms-sql-m
1434/udp #Microsoft-SQL-Monitor wins
1512/tcp #Microsoft Windows Internet Name Servicewins
1512/udp #Microsoft Windows Internet Name Serviceingreslock
1524/tcp ingresl2tp
1701/udp #Layer Two Tunneling Protocolpptp
1723/tcp #Point-to-point tunnelling protocolradius
1812/udp #RADIUS authentication protocolradacct
1813/udp #RADIUS accounting protocolnfsd
2049/udp nfs #NFS serverknetd
2053/tcp #Kerberos de-multiplexorman
9535/tcp #Remote Man Server
黑客端口
TCP 2=Death
TCP 7=Echo
TCP 12=Bomber
TCP 20=FTP Data
TCP 21=Back Construction,Blade Runner,Doly *,Fore,FTP *,Invisible FTP,Larva, WebEx,WinCrash
TCP 23=Telnet, Tiny Telnet Server (= TTS)
TCP 25=SMTP, Ajan, Antigen, Email Password Sender, Happy 99, Kuang2, ProMail *, Shtrilitz, Stealth, Tapiras, Terminator, WinPC, WinSpy, Haebu Coceda
TCP 31=Agent 31, Hackers Paradise, Masters Paradise
TCP 41=DeepThroat
TCP 43=WHOIS
TCP 48=DRAT
TCP 50=DRAT
TCP 53=DNS,Bonk (DOS Exploit)
TCP 58=DMSetup
TCP 59=DMSetup
TCP 70=Gopher
TCP 79=Firehotcker, Finger
TCP 80=Http服务器, Executor, RingZero
TCP 81=Chubo
TCP 99=Hidden Port
TCP 110=Pop3服务器, ProMail
TCP 113=Kazimas, Auther Idnet
TCP 118=Infector 1.4.2
TCP 119=Nntp, Happy 99
TCP 121=JammerKiller, Bo jammerkillah
TCP 123=Net Controller
TCP 133=Infector 1.x
//TCP 137=NetBios-NS
//TCP 138=NetBios-DGN
//TCP 139=NetBios-SSN
TCP 143=IMAP
TCP 146=FC Infector,Infector
TCP 161=Snmp
TCP 162=Snmp-Trap
TCP 170=A-*
TCP 194=Irc
TCP 256=Nirvana
TCP 315=The Invasor
TCP 420=Breach
TCP 421=TCP Wrappers
TCP 456=Hackers paradise,FuseSpark
TCP 531=Rasmin
TCP 555=Ini-Killer,Phase Zero,Stealth Spy
TCP 605=SecretService
TCP 606=Noknok8
TCP 661=Noknok8
TCP 666=Attack FTP,Satanz Backdoor,Back Construction,Dark Connection Inside 1.2
TCP 667=Noknok7.2
TCP 668=Noknok6
TCP 692=GayOL
TCP 777=AIM Spy
TCP 808=RemoteControl,WinHole
TCP 815=Everyone Darling
TCP 911=Dark Shadow
TCP 999=DeepThroat
TCP 1000=Der Spaeher
TCP 1001=Silencer,WebEx,Der Spaeher
TCP 1003=BackDoor
TCP 1010=Doly
TCP 1011=Doly
TCP 1012=Doly
TCP 1015=Doly
TCP 1020=Vampire
TCP 1024=NetSpy.698(YAI)
//TCP 1025=NetSpy.698
//TCP 1033=Netspy
//TCP 1042=Bla
//TCP 1045=Rasmin
//TCP 1047=GateCrasher
//TCP 1050=MiniCommand
TCP 1080=Wingate
//TCP 1090=Xtreme, VDOLive
//TCP 1095=Rat
//TCP 1097=Rat
//TCP 1098=Rat
//TCP 1099=Rat
//TCP 1170=Psyber Stream Server,Streaming Audio *,Voice
//TCP 1200=NoBackO
//TCP 1201=NoBackO
//TCP 1207=Softwar
//TCP 1212=Nirvana,Visul Killer
//TCP 1234=Ultors
//TCP 1243=BackDoor-G, SubSeven, SubSeven Apocalypse
//TCP 1245=VooDoo Doll
//TCP 1269=Mavericks Matrix
//TCP 1313=Nirvana
//TCP 1349=BioNet
//TCP 1441=Remote Storm
//TCP 1492=FTP99CMP(BackOriffice.FTP)
//TCP 1509=Psyber Streaming Server
//TCP 1600=Shivka-Burka
//TCP 1703=Exloiter 1.1
//TCP 1807=SpySender
//TCP 1966=Fake FTP 2000
//TCP 1976=Custom port
//TCP 1981=Shockrave
//TCP 1999=BackDoor, TransScout
//TCP 2000=Der Spaeher,INsane Network
//TCP 2001=Transmisson scout
//TCP 2002=Transmisson scout
//TCP 2003=Transmisson scout
//TCP 2004=Transmisson scout
//TCP 2005=TTransmisson scout
//TCP 2023=Ripper,Pass Ripper,Hack City Ripper Pro
//TCP 2115=Bugs
//TCP 2121=Nirvana
//TCP 2140=Deep Throat, The Invasor
//TCP 2155=Nirvana
//TCP 2208=RuX
//TCP 2255=Illusion Mailer
//TCP 2283=HVL Rat5
//TCP 2300=PC Explorer
//TCP 2311=Studio54
//TCP 2565=Striker
//TCP 2583=WinCrash
//TCP 2600=Digital RootBeer
//TCP 2716=Prayer *
//TCP 2801=Phineas Phucker
//TCP 2989=Rat
//TCP 3024=WinCrash *
//TCP 3128=RingZero
//TCP 3129=Masters Paradise
//TCP 3150=Deep Throat, The Invasor
//TCP 3210=SchoolBus
//TCP 3456=Terror
//TCP 3459=Eclipse 2000
//TCP 3700=Portal of Doom
//TCP 3791=Eclypse
//TCP 3801=Eclypse
TCP 4000=腾讯OICQ客户端
TCP 4092=WinCrash
TCP 4242=VHM
TCP 4321=BoBo
TCP 4444=Prosiak,Swift remote
TCP 4567=File Nail
TCP 4590=ICQ*
TCP 4950=ICQ*
TCP 5000=WindowsXP服务器,Blazer 5,Bubbel,Back Door Setup,Sockets de Troie
TCP 5001=Back Door Setup, Sockets de Troie
TCP 5011=One of the Last *s (OOTLT)
TCP 5031=Firehotcker,Metropolitan,NetMetro
TCP 5032=Metropolitan
TCP 5190=ICQ Query
TCP 5321=Firehotcker
TCP 5333=Backage * Box 3
TCP 5343=WCrat
TCP 5400=Blade Runner, BackConstruction1.2
TCP 5401=Blade Runner,Back Construction
TCP 5402=Blade Runner,Back Construction
TCP 5471=WinCrash
TCP 5521=Illusion Mailer
TCP 5550=Xtcp,INsane Network
TCP 5555=ServeMe
TCP 5556=BO Facil
TCP 5557=BO Facil
TCP 5569=Robo-Hack
TCP 5598=BackDoor 2.03
TCP 5631=PCAnyWhere data
TCP 5637=PC Crasher
TCP 5638=PC Crasher
TCP 5698=BackDoor
TCP 5714=Wincrash3
TCP 5741=WinCrash3
TCP 5742=WinCrash
TCP 5881=Y3K RAT
TCP 5882=Y3K RAT
TCP 5888=Y3K RAT
TCP 5889=Y3K RAT
TCP 6000=Backdoor.AB
TCP 6006=Noknok8
TCP 6272=SecretService
TCP 6400=Backdoor.AB,The Thing
TCP 6500=Devil 1.03
TCP 6661=Teman
TCP 6666=TCPshell.c
TCP 6667=NT Remote Control
TCP 6669=Vampyre
TCP 6670=DeepThroat
TCP 6711=SubSeven
TCP 6712=SubSeven1.x
TCP 6713=SubSeven
TCP 6723=Mstream
TCP 6767=NT Remote Control
TCP 6771=DeepThroat
TCP 6776=BackDoor-G,SubSeven,2000 Cracks
TCP 6789=Doly *
TCP 6838=Mstream
TCP 6883=DeltaSource
TCP 6912=Shit Heep
TCP 6939=Indoctrination
TCP 6969=GateCrasher, Priority, IRC 3
TCP 6970=GateCrasher
TCP 7000=Remote Grab,NetMonitor,SubSeven1.x
TCP 7001=Freak88
TCP 7201=NetMonitor
TCP 7215=BackDoor-G, SubSeven
TCP 7001=Freak88,Freak2k
TCP 7300=NetMonitor
TCP 7301=NetMonitor
TCP 7306=NetMonitor
TCP 7307=NetMonitor, ProcSpy
TCP 7308=NetMonitor, X Spy
TCP 7323=Sygate服务器端
TCP 7424=Host Control
TCP 7597=Qaz
TCP 7609=Snid X2
TCP 7626=冰河
TCP 7777=The Thing
TCP 7789=Back Door Setup, ICQKiller
TCP 7983=Mstream
TCP 8000=XDMA, 腾讯OICQ服务器端
TCP 8010=Logfile
TCP 8080=WWW 代理,Ring Zero,Chubo
TCP 8787=BackOfrice 2000
TCP 8897=Hack Office,Armageddon
TCP 8989=Recon
TCP 9000=Netministrator
TCP 9325=Mstream
TCP 9400=InCommand
TCP 9401=InCommand
TCP 9402=InCommand
TCP 9872=Portal of Doom
TCP 9873=Portal of Doom
TCP 9874=Portal of Doom
TCP 9875=Portal of Doom
TCP 9876=Cyber Attacker
TCP 9878=TransScout
TCP 9989=Ini-Killer
TCP 9999=Prayer *
TCP 10067=Portal of Doom
TCP 10084=Syphillis
TCP 10085=Syphillis
TCP 10086=Syphillis
TCP 10101=BrainSpy
TCP 10167=Portal Of Doom
TCP 10520=Acid Shivers
TCP 10607=Coma *
TCP 10666=Ambush
TCP 11000=Senna Spy
TCP 11050=Host Control
TCP 11051=Host Control
TCP 11223=Progenic,Hack '99KeyLogger
TCP 11831=TROJ_LATINUS.SVR
TCP 12076=Gjamer, MSH.104b
TCP 12223=Hack?9 KeyLogger
TCP 12345=GabanBus, NetBus, Pie Bill Gates, X-bill
TCP 12346=GabanBus, NetBus, X-bill
TCP 12349=BioNet
TCP 12361=Whack-a-mole
TCP 12362=Whack-a-mole
TCP 12378=W32/Gibe@MM
TCP 12456=NetBus
TCP 12623=DUN Control
TCP 12624=Buttman
TCP 12631=WhackJob, WhackJob.NB1.7
TCP 12701=Eclipse2000
TCP 12754=Mstream
TCP 13000=Senna Spy
TCP 13010=Hacker Brazil
TCP 13013=Psychward
TCP 13700=Kuang2 The Virus
TCP 14456=Solero
TCP 14500=PC Invader
TCP 14501=PC Invader
TCP 14502=PC Invader
TCP 14503=PC Invader
TCP 15000=NetDaemon 1.0
TCP 15092=Host Control
TCP 15104=Mstream
TCP 16484=Mosucker
TCP 16660=Stacheldraht (DDoS)
TCP 16772=ICQ Revenge
TCP 16969=Priority
TCP 17166=Mosaic
TCP 17300=Kuang2 The Virus
TCP 17490=CrazyNet
TCP 17500=CrazyNet
TCP 17569=Infector 1.4.x + 1.6.x
TCP 17777=Nephron
TCP 18753=Shaft (DDoS)
TCP 19864=ICQ Revenge
TCP 20000=Millennium II (GrilFriend)
TCP 20001=Millennium II (GrilFriend)
TCP 20002=AcidkoR
TCP 20034=NetBus 2 Pro
TCP 20203=Logged,Chupacabra
TCP 20331=Bla
TCP 20432=Shaft (DDoS)
TCP 21544=Schwindler 1.82,GirlFriend
TCP 21554=Schwindler 1.82,GirlFriend,Exloiter 1.0.1.2
TCP 22222=Prosiak,RuX Uploader 2.0
TCP 23432=Asylum 0.1.3
TCP 23456=Evil FTP, Ugly FTP, WhackJob
TCP 23476=Donald Dick
TCP 23477=Donald Dick
TCP 23777=INet Spy
TCP 26274=Delta
TCP 26681=Spy Voice
TCP 27374=Sub Seven 2.0+
TCP 27444=Tribal Flood Network,Trinoo
TCP 27665=Tribal Flood Network,Trinoo
TCP 29431=Hack Attack
TCP 29432=Hack Attack
TCP 29104=Host Control
TCP 29559=TROJ_LATINUS.SVR
TCP 29891=The Unexplained
TCP 30001=Terr0r32
TCP 30003=Death,Lamers Death
TCP 30029=AOL *
TCP 30100=NetSphere 1.27a,NetSphere 1.31
TCP 30101=NetSphere 1.31,NetSphere 1.27a
TCP 30102=NetSphere 1.27a,NetSphere 1.31
TCP 30103=NetSphere 1.31
TCP NetSphere Final
TCP 30303=Sockets de Troie
TCP 30947=Intruse
TCP 30999=Kuang2
TCP 21335=Tribal Flood Network,Trinoo
TCP 31336=Bo Whack
TCP 31337=Baron Night,BO client,BO2,Bo Facil,BackFire,Back Orifice,DeepBO,Freak2k,NetSpy
TCP 31338=NetSpy,Back Orifice,DeepBO
TCP 31339=NetSpy DK
TCP 31554=Schwindler
TCP 31666=BOWhack
TCP 31778=Hack Attack
TCP 31785=Hack Attack
TCP 31787=Hack Attack
TCP 31789=Hack Attack
TCP 31791=Hack Attack
TCP 31792=Hack Attack
TCP 32100=PeanutBrittle
TCP 32418=Acid Battery
TCP 33333=Prosiak,Blakharaz 1.0
TCP 33577=Son Of Psychward
TCP 33777=Son Of Psychward
TCP 33911=Spirit 2001a
TCP 34324=BigGluck,TN,Tiny Telnet Server
TCP 34555=Trin00 (Windows) (DDoS)
TCP 35555=Trin00 (Windows) (DDoS)
TCP 37651=YAT
TCP 40412=The Spy
TCP 40421=Agent 40421,Masters Paradise.96
TCP 40422=Masters Paradise
TCP 40423=Masters Paradise.97
TCP 40425=Masters Paradise
TCP 40426=Masters Paradise 3.x
TCP 41666=Remote Boot
TCP 43210=Schoolbus 1.6/2.0
TCP 44444=Delta Source
TCP 47252=Prosiak
TCP 47262=Delta
TCP 47878=BirdSpy2
TCP 49301=Online Keylogger
TCP 50505=Sockets de Troie
TCP 50766=Fore, Schwindler
TCP 51966=CafeIni
TCP 53001=Remote Windows Shutdown
TCP 53217=Acid Battery 2000
TCP 54283=Back Door-G, Sub7
TCP 54320=Back Orifice 2000,Sheep
TCP 54321=School Bus .69-1.11,Sheep, BO2K
TCP 57341=NetRaider
TCP 58339=ButtFunnel
TCP 60000=Deep Throat
TCP 60068=Xzip 6000068
TCP 60411=Connection
TCP 60606=TROJ_BCKDOR.G2.A
TCP 61466=Telecommando
TCP 61603=Bunker-kill
TCP 63485=Bunker-kill
TCP 65000=Devil, DDoS
TCP 65432=Th3tr41t0r, The Traitor
TCP 65530=TROJ_WINMITE.10
TCP 65535=RC
TCP 69123=ShitHeep
TCP 88798=Armageddon,Hack Office
UDP 1349=BO dll
UDP 2989=RAT
UDP 3801=Eclypse
UDP 10067=Portal of Doom
UDP 10167=Portal of Doom
UDP 12378=W32/Gibe@MM
UDP 26274=Delta Source
UDP 29891=The Unexplained
UDP 31337=Baron Night, BO client, BO2, Bo Facil, BackFire, Back Orifice, DeepBO
UDP 31338=Back Orifice, NetSpy DK, DeepBO
UDP 31789=Hack aTack
UDP 31791=Hack aTack
UDP 47262=Delta Source
UDP 54321=Back Orifice 2000

15=NETSTAT PORT
21=Blade Runner, Doly *, Fore, FTP *, Invisible FTP, Larva, ebEx, WinCrash
22=SSH PORT
23=Tiny Telnet Server
25=Shtrilitz Stealth, Terminator, WinPC, WinSpy, Kuang2 0.17A-0.30, Antigen, Email Password Sender, Haebu Coceda, Kuang2, ProMail *, Tapiras
31=Agent 31, Hackers Paradise, Masters Paradise
41=DeepThroat
53=DOMAIN PORT
58=DMSetup
63=WHOIS PORT
79=Firehotcker
80=Executor
90=DNS PORT
101=HOSTNAME PORT
110=POP3 PORT
110=ProMail *
121=JammerKillah
137=NETBIOS Name Service PORT
138=NETBIOS Datagram Service PORT
139=NETBIOS Session Service PORT
194=IRC PORT
406=IMSP PORT
421=TCP Wrappers
456=Hackers Paradise
531=Rasmin
555=Ini-Killer, Phase Zero, Stealth Spy
666=Attack FTP, Satanz Backdoor
911=Dark Shadow
999=DeepThroat
1001=Silencer, WebEx
1011=Doly *
1012=Doly *
1024=NetSpy
1045=Rasmin
1090=Xtreme
1095=Rat
1097=Rat
1098=Rat
1099=Rat
1170=Psyber Stream Server
1170=Voice
1234=Ultors *
1243=BackDoor-G, SubSeven
1245=VooDoo Doll
1349=BO DLL
1492=FTP99CMP
1600=Shivka-Burka
1807=SpySender
1080=SOCKS PORT
1981=Shockrave
1999=BackDoor 1.00-1.03
2001=* Cow
2023=Ripper
2115=Bugs
2140=Deep Throat
2140=The Invasor
2565=Striker
2583=WinCrash
2801=Phineas Phucker
3024=WinCrash
3129=Masters Paradise
3150=Deep Throat, The Invasor
3700=Portal of Doom
4092=WinCrash
4567=File Nail
4590=ICQ*
5000=Bubbel, Back Door Setup, Sockets de Troie
5001=Back Door Setup, Sockets de Troie
5321=Firehotcker
5400=Blade Runner
5401=Blade Runner
5402=Blade Runner
5550=JAPAN *-xtcp
5555=ServeMe
5556=BO Facil
5557=BO Facil
5569=Robo-Hack
5742=WinCrash
6400=The Thing
6666=IRC SERVER PORT
6667=IRC CHAT PORT
6670=DeepThroat
6711=SubSeven
6771=DeepThroat
6776=BackDoor-G, SubSeven
6939=Indoctrination
6969=GateCrasher
6969=Priority
7000=Remote Grab
7300=NetMonitor
7301=NetMonitor
7306=NetMonitor
7307=NetMonitor
7308=NetMonitor
7626=G_Client
7789=Back Door Setup, ICKiller
9872=Portal of Doom
9873=Portal of Doom
9874=Portal of Doom
9875=Portal of Doom
9989=iNi-Killer
10067=Portal of Doom
10167=Portal of Doom
10520=Acid Shivers
10607=Coma
11000=Senna Spy
11223=Progenic *
12223=Hack?9 KeyLogger
12345=GabanBus, NetBus, Pie Bill Gates, X-bill
12346=GabanBus, NetBus, X-bill
12361=Whack-a-mole
12362=Whack-a-mole
12631=WhackJob
13000=Senna Spy
16969=Priority
20001=Millennium
20034=NetBus 2 Pro
21544=GirlFriend
22222=Prosiak
23456=Evil FTP, Ugly FTP
26274=Delta Source
29891=The Unexplained
30029=AOL *
30100=NetSphere 1.27a, NetSphere 1.31
30101=NetSphere 1.31, NetSphere 1.27a
30102=NetSphere 1.27a, NetSphere 1.31
30103=NetSphere 1.31
30303=Sockets de Troie
31337=Baron Night, BO client, BO2, Bo Facil, BackFire, Back Orifice, DeepBO
31338=NetSpy DK,Back Orifice, DeepBO
31339=NetSpy DK
31666=BOWhack
31785=Hack Attack
31787=Hack Attack
31789=Hack Attack
31791=Hack Attack
33333=Prosiak
34324=BigGluck, TN
40412=The Spy
40421=Agent 40421, Masters Paradise
40422=Masters Paradise
40423=Masters Paradise
40426=Masters Paradise
47262=Delta Source
50505=Sockets de Troie
50766=Fore
53001=Remote Windows Shutdown
54321=School Bus .69-1.11
60000=Deep Throat
61466=Telecommando
65000=Devil
69123=ShitHeep