© Frank Ziemann – Update:
17.09.2009
Trojanische Pferde
und Hintertüren (Backdoors)
IP-Ports und ihre Nutzung durch Backdoor-Programme und legitime Netzwerkdienste
Für die Richtigkeit oder Vollständigkeit dieser Liste wird keine Gewähr übernommen.Hinweise und Ergänzungen sind willkommen.
Zunächst die legitimen IP-Dienste, weiter unten die Trojaner:
Port | Protokoll IP-Dienst (vergl. RfC 1700)
------+----------------------------------------
1 | TCP Port Service Multiplexer
2 | TCP/UDP Management Utility
3 | TCP/UDP Compression Process
5 | TCP/UDP Remote Job Entry
7 | TCP/UDP Echo
11 | TCP/UDP Systat Active Users
13 | TCP/UDP Daytime
17 | TCP/UDP Quote of the Day
18 | TCP/UDP Message Send Protocol
19 | TCP/UDP Character Generator
20 | TCP/UDP File Transfer (FTP) [Default Data]
21 | TCP/UDP File Transfer (FTP) [Control]
22 | TCP/UDP SSH Remote Login Protocol
23 | TCP/UDP Telnet
25 | TCP/UDP Simple Mail Transfer (SMTP)
27 | TCP/UDP NSW User System FE
29 | TCP/UDP MSG ICP
31 | TCP/UDP MSG Authentication
33 | TCP/UDP Display Support Protocol
37 | TCP/UDP Time
38 | TCP/UDP Route Access Protocol
39 | TCP/UDP Resource Location Protocol
41 | TCP/UDP Graphics
42 | TCP/UDP Host Name Server
43 | TCP/UDP Whois
44 | TCP/UDP MPM FLAGS Protocol
45 | TCP/UDP Message Processing Module [recv]
46 | TCP/UDP MPM [default send]
47 | TCP/UDP NI FTP
48 | TCP/UDP Digital Audit Daemon
49 | TCP/UDP Login Host Protocol (TACACS)
50 | TCP/UDP Remote Mail Checking Protocol
51 | TCP/UDP IMP Logical Address Maintenance
52 | TCP/UDP XNS Time Protocol
53 | TCP/UDP DNS (Domain Name Server)
54 | TCP/UDP XNS Clearinghouse
55 | TCP/UDP ISI Graphics Language
56 | TCP/UDP XNS Authentication
58 | TCP/UDP XNS Mail
61 | TCP/UDP NI MAIL
62 | TCP/UDP ACA Services
63 | TCP/UDP whois++
64 | TCP/UDP Communications Integrator (CI)
65 | TCP/UDP TACACS-Database Service
66 | TCP/UDP Oracle SQL*NET
67 | TCP/UDP Bootstrap Protocol Server
68 | TCP/UDP Bootstrap Protocol Client
69 | TCP/UDP Trivial File Transfer
70 | TCP/UDP Gopher
71 | TCP/UDP Remote Job Service
72 | TCP/UDP Remote Job Service
73 | TCP/UDP Remote Job Service
74 | TCP/UDP Remote Job Service
76 | TCP/UDP Distributed External Object Store
78 | TCP/UDP vetTCP
79 | TCP/UDP Finger
80 | TCP/UDP World Wide Web (HTTP)
81 | TCP/UDP HOSTS2 Name Server
82 | TCP/UDP XFER Utility
83 | TCP/UDP MIT ML Device
84 | TCP/UDP Common Trace Facility
85 | TCP/UDP MIT ML Device
86 | TCP/UDP Micro Focus Cobol
88 | TCP/UDP Kerberos
89 | TCP/UDP SU | MIT Telnet Gateway
90 | TCP/UDP DNSIX Securit Attribute Token Map
91 | TCP/UDP MIT Dover Spooler
92 | TCP/UDP Network Printing Protocol
93 | TCP/UDP Device Control Protocol
94 | TCP/UDP Tivoli Object Dispatcher
95 | TCP/UDP SUPDUP
96 | TCP/UDP DIXIE Protocol Specification
97 | TCP/UDP Swift Remote Virtural File Protocol
98 | TCP/UDP TAC News
99 | TCP/UDP Metagram Relay
101 | TCP/UDP NIC Host Name Server
102 | TCP/UDP ISO-TSAP Class 0
103 | TCP/UDP Genesis Point-to-Point Trans Net
104 | TCP/UDP ACR-NEMA Digital Imag. & Comm. 300
105 | TCP/UDP CCSO name server protocol, Mailbox Name Nameserver
106 | TCP/UDP 3COM-TSMUX
107 | TCP/UDP Remote Telnet Service
108 | TCP/UDP SNA Gateway Access Server
109 | TCP/UDP Post Office Protocol - Version 2 (POP2)
110 | TCP/UDP Post Office Protocol - Version 3 (POP3)
111 | TCP/UDP SUN Remote Procedure Call
112 | TCP/UDP McIDAS Data Transmission Protocol
113 | TCP/UDP Authentication Service, Ident
114 | TCP/UDP Audio News Multicast
115 | TCP/UDP Simple File Transfer Protocol
116 | TCP/UDP ANSA REX Notify
117 | TCP/UDP UUCP Path Service
118 | TCP/UDP SQL Services
119 | TCP/UDP Network News Transfer Protocol (NNTP)
120 | TCP/UDP CFDPTKT
121 | TCP/UDP Encore Expedited Remote Pro.Call
122 | TCP/UDP SMAKYNET
123 | TCP/UDP Network Time Protocol (NTP)
124 | TCP/UDP ANSA REX Trader
125 | TCP/UDP Locus PC-Interface Net Map Ser
126 | TCP/UDP Unisys Unitary Login
127 | TCP/UDP Locus PC-Interface Conn Server
128 | TCP/UDP GSS X License Verification
129 | TCP/UDP Password Generator Protocol
130 | TCP/UDP cisco FNATIVE
131 | TCP/UDP cisco TNATIVE
132 | TCP/UDP cisco SYSMAINT
133 | TCP/UDP Statistics Service
134 | TCP/UDP INGRES-NET Service
135 | TCP/UDP DCE endpoint resolution
136 | TCP/UDP PROFILE Naming System
137 | TCP/UDP NETBIOS Name Service (MS Windows u.a.)
138 | TCP/UDP NETBIOS Datagram Service (MS Windows u.a.)
139 | TCP/UDP NETBIOS Session Service (MS Windows u.a.)
140 | TCP/UDP EMFIS Data Service
141 | TCP/UDP EMFIS Control Service
142 | TCP/UDP Britton-Lee IDM
143 | TCP/UDP Internet Message Access Protocol
144 | TCP/UDP NewS
145 | TCP/UDP UAAC Protocol
146 | TCP/UDP ISO-IP0
147 | TCP/UDP ISO-IP
148 | TCP/UDP Jargon
149 | TCP/UDP AED 512 Emulation Service
150 | TCP/UDP SQL-NET
151 | TCP/UDP HEMS
152 | TCP/UDP Background File Transfer Program
153 | TCP/UDP SGMP
154 | TCP/UDP NETSC
155 | TCP/UDP NETSC
156 | TCP/UDP SQL Service
157 | TCP/UDP KNET | VM Command | Message Protocol
158 | TCP/UDP PCMail Server
159 | TCP/UDP NSS-Routing
160 | TCP/UDP SGMP-TRAPS
161 | TCP/UDP SNMP
162 | TCP/UDP SNMPTRAP
163 | TCP/UDP CMIP | TCP Manager
164 | TCP/UDP CMIP | TCP Agent
165 | TCP/UDP Xerox
166 | TCP/UDP Sirius Systems
167 | TCP/UDP NAMP
168 | TCP/UDP RSVD
169 | TCP/UDP SEND
170 | TCP/UDP Network PostScript
171 | TCP/UDP Network Innovations Multiplex
172 | TCP/UDP Network Innovations CL | 1
173 | TCP/UDP Xyplex
174 | TCP/UDP MAILQ
175 | TCP/UDP VMNET
176 | TCP/UDP GENRAD-MUX
177 | TCP/UDP X Display Manager Control Protocol
178 | TCP/UDP NextStep Window Server
179 | TCP/UDP Border Gateway Protocol
180 | TCP/UDP Intergraph
181 | TCP/UDP Unify
182 | TCP/UDP Unisys Audit SITP
183 | TCP/UDP OCBinder
184 | TCP/UDP OCServer
185 | TCP/UDP Remote-KIS
186 | TCP/UDP KIS Protocol
187 | TCP/UDP Application Communication Interface
188 | TCP/UDP Plus Five's MUMPS
189 | TCP/UDP Queued File Transport
190 | TCP/UDP Gateway Access Control Protocol
191 | TCP/UDP Prospero Directory Service
192 | TCP/UDP OSU Network Monitoring System
193 | TCP/UDP Spider Remote Monitoring Protocol
194 | TCP/UDP Internet Relay Chat Protocol
195 | TCP/UDP DNSIX Network Level Module Audit
196 | TCP/UDP DNSIX Session Mgt Module Audit Redir
197 | TCP/UDP Directory Location Service
198 | TCP/UDP Directory Location Service Monitor
199 | TCP/UDP SMUX
200 | TCP/UDP IBM System Resource Controller
201 | TCP/UDP AppleTalk Routing Maintenance
202 | TCP/UDP AppleTalk Name Binding
203 | TCP/UDP AppleTalk Unused
204 | TCP/UDP AppleTalk Echo
205 | TCP/UDP AppleTalk Unused
206 | TCP/UDP AppleTalk Zone Information
207 | TCP/UDP AppleTalk Unused
208 | TCP/UDP AppleTalk Unused
209 | TCP/UDP The Quick Mail Transfer Protocol
210 | TCP/UDP ANSI Z39.50
211 | TCP/UDP Texas Instruments 914C | G Terminal
212 | TCP/UDP ATEXSSTR
213 | TCP/UDP IPX
214 | TCP/UDP VM PWSCS
215 | TCP/UDP Insignia Solutions
216 | TCP/UDP Computer Associates Int'l License Server
217 | TCP/UDP dBASE Unix
218 | TCP/UDP Netix Message Posting Protocol
219 | TCP/UDP Unisys ARPs
220 | TCP/UDP Interactive Mail Access Protocol v3
221 | TCP/UDP Berkeley rlogind with SPX auth
222 | TCP/UDP Berkeley rshd with SPX auth
223 | TCP/UDP Certificate Distribution Center
242 | TCP/UDP Direct
243 | TCP/UDP Survey Measurement
244 | TCP/UDP Dayna
245 | TCP/UDP LINK
246 | TCP/UDP Display Systems Protocol
247 | TCP/UDP SUBNTBCST_TFTP
248 | TCP/UDP bhfhs
256 | TCP/UDP RAP
257 | TCP/UDP Secure Electronic Transaction
258 | TCP/UDP Yak Winsock Personal Chat
259 | TCP/UDP Efficient Short Remote Operations
260 | TCP/UDP Openport
261 | TCP/UDP IIOP Name Service over TLS | SSL
262 | TCP/UDP Arcisdms
263 | TCP/UDP HDAP
280 | TCP/UDP http-mgmt
281 | TCP/UDP Personal Link
282 | TCP/UDP Cable Port A | X
309 | TCP/UDP EntrustTime
310 | TCP/UDP bhmds
344 | TCP/UDP Prospero Data Access Protocol
345 | TCP/UDP Perf Analysis Workbench
346 | TCP/UDP Zebra server
347 | TCP/UDP Fatmen Server
348 | TCP/UDP Cabletron Management Protocol
349 | TCP/UDP mftp
350 | TCP/UDP MATIP Type A
351 | TCP/UDP MATIP Type B, bhoetty
352 | TCP/UDP DTAG
352 | TCP/UDP bhoedap4
354 | TCP/UDP bh611
357 | TCP/UDP bhevent
368 | UDP Wingate 3.0
371 | TCP/UDP Clearcase
372 | TCP/UDP ListProcessor
373 | TCP/UDP Legent Corporation
374 | TCP/UDP Legent Corporation
375 | TCP/UDP Hassle
376 | TCP/UDP Amiga Envoy Network Inquiry Proto
377 | TCP/UDP NEC Corporation
378 | TCP/UDP NEC Corporation
379 | TCP/UDP TIA | EIA | IS-99 modem client
380 | TCP/UDP TIA | EIA | IS-99 modem server
381 | TCP/UDP hp performance data collector
382 | TCP/UDP hp performance data managed node
383 | TCP/UDP hp performance data alarm manager
384 | TCP/UDP A Remote Network Server System
385 | TCP/UDP IBM Application
386 | TCP/UDP ASA Message Router Object Def.
387 | TCP/UDP Appletalk Update-Based Routing Pro.
388 | TCP/UDP Unidata LDM Version 4
389 | TCP/UDP Lightweight Directory Access Protocol
390 | TCP/UDP UIS
391 | TCP/UDP SynOptics SNMP Relay Port
392 | TCP/UDP SynOptics Port Broker Port
393 | TCP/UDP Data Interpretation System
394 | TCP/UDP EMBL Nucleic Data Transfer
395 | TCP/UDP NETscout Control Protocol
396 | TCP/UDP Novell Netware over IP
397 | TCP/UDP Multi Protocol Trans. Net.
398 | TCP/UDP Kryptolan
399 | TCP/UDP ISO Transport Class 2 Non-Control over TCP
400 | TCP/UDP Workstation Solutions
401 | TCP/UDP Uninterruptible Power Supply
402 | TCP/UDP Genie Protocol
403 | TCP/UDP decap
404 | TCP/UDP nced
405 | TCP/UDP ncld
406 | TCP/UDP Interactive Mail Support Protocol
407 | TCP/UDP Timbuktu
408 | TCP/UDP Prospero Resource Manager Sys. Man.
409 | TCP/UDP Prospero Resource Manager Node Man.
410 | TCP/UDP DECLadebug Remote Debug Protocol
411 | TCP/UDP Remote MT Protocol
412 | TCP/UDP Trap Convention Port
413 | TCP/UDP SMSP
414 | TCP/UDP InfoSeek
415 | TCP/UDP BNet
416 | TCP/UDP Silverplatter
417 | TCP/UDP Onmux
418 | TCP/UDP Hyper-G
419 | TCP/UDP Ariel
420 | TCP/UDP SMPTE
421 | TCP/UDP Ariel
422 | TCP/UDP Ariel
423 | TCP/UDP IBM Operations Planning and Control Start
424 | TCP/UDP IBM Operations Planning and Control Track
425 | TCP/UDP ICAD
426 | TCP/UDP smartsdp
427 | TCP/UDP Server Location
428 | TCP/UDP OCS_CMU
429 | TCP/UDP OCS_AMU
430 | TCP/UDP UTMPSD
431 | TCP/UDP UTMPCD
432 | TCP/UDP IASD
433 | TCP/UDP NNSP
434 | TCP/UDP MobileIP-Agent
435 | TCP/UDP MobilIP-MN
436 | TCP/UDP DNA-CML
437 | TCP/UDP comscm
438 | TCP/UDP dsfgw
439 | TCP dasp
440 | TCP/UDP sgcp
441 | TCP/UDP decvms-sysmgt
442 | TCP/UDP cvc_hostd
443 | TCP/UDP http protocol over TLS | SSL
444 | TCP/UDP Simple Network Paging Protocol
445 | TCP/UDP Microsoft-DS
446 | TCP/UDP DDM-RDB
447 | TCP/UDP DDM-RFM
448 | TCP/UDP DDM-BYTE
449 | TCP/UDP AS Server Mapper
450 | TCP/UDP TServer
451 | TCP/UDP Cray Network Semaphore server
452 | TCP/UDP Cray SFS config server
453 | TCP/UDP CreativeServer
454 | TCP/UDP ContentServer
455 | TCP/UDP CreativePartnr
456 | TCP/UDP macon-UDP
457 | TCP/UDP scohelp
458 | TCP/UDP apple quick time
459 | TCP/UDP ampr-rcmd
460 | TCP/UDP skronk
461 | TCP/UDP DataRampSrv
462 | TCP/UDP DataRampSrvSec
463 | TCP/UDP alpes
464 | TCP/UDP kpasswd
465 | TCP/UDP smtp protocol over TLS | SSL (was ssmtp)
466 | TCP/UDP digital-vrc
467 | TCP/UDP mylex-mapd
468 | TCP/UDP proturis
469 | TCP/UDP Radio Control Protocol
470 | TCP/UDP scx-proxy
471 | TCP/UDP Mondex
472 | TCP/UDP ljk-login
473 | TCP/UDP hybrid-pop
474 | TCP/UDP tn-tl-w2
475 | TCP TCPnethaspsrv
476 | TCP/UDP tn-tl-fd1
477 | TCP/UDP ss7ns
478 | TCP/UDP spsc
479 | TCP/UDP iafserver
480 | TCP/UDP iafdbase
481 | TCP/UDP Ph service
482 | TCP/UDP bgs-nsi
483 | TCP/UDP ulpnet
484 | TCP/UDP Integra Software Management Environment
485 | TCP/UDP Air Soft Power Burst
486 | TCP/UDP avian
487 | TCP/UDP saft
488 | TCP/UDP gss-http
489 | TCP/UDP nest-protocol
490 | TCP/UDP micom-pfs
491 | TCP/UDP go-login
492 | TCP/UDP Transport Independent Convergence for FNA
493 | TCP/UDP Transport Independent Convergence for FNA
494 | TCP/UDP POV-Ray
495 | TCP/UDP intecourier
496 | TCP/UDP PIM-RP-DISC
497 | TCP/UDP dantz
498 | TCP/UDP siam
499 | TCP/UDP ISO ILL Protocol
500 | TCP/UDP isakmp
501 | TCP/UDP STMF
502 | TCP/UDP asa-appl-proto
503 | TCP/UDP Intrinsa
504 | TCP/UDP citadel
505 | TCP/UDP mailbox-lm
506 | TCP/UDP ohimsrv
507 | TCP/UDP crs
508 | TCP/UDP xvttp
509 | TCP/UDP snare
510 | TCP/UDP FirstClass Protocol
511 | TCP/UDP mynet-as
512 | TCP/UDP remote process execution, Comsat, Biff
513 | TCP login (remote login a la telnet)
513 | UDP who (who is logged in)
514 | TCP shell (cmd like exec)
514 | UDP syslog
515 | TCP/UDP printer spooler
516 | TCP/UDP videotex
517 | TCP/UDP talk (rendezvous port from which a TCP connection is established))
518 | TCP/UDP ntalk
519 | TCP/UDP unixtime
520 | TCP/UDP extended file name server, router
521 | TCP/UDP ripng
522 | TCP/UDP ULP
523 | TCP IBM-DB2
524 | TCP/UDP NCP
525 | TCP/UDP timeserver
526 | TCP/UDP newdate
527 | TCP/UDP Stock IXChange
528 | TCP/UDP Customer IXChange
529 | TCP/TCP IRC-SERV
530 | TCP/UDP rpc
531 | TCP/UDP chat
532 | TCP/UDP readnews
533 | TCP/UDP for emergency broadcasts
534 | TCP/UDP MegaMedia Admin
535 | TCP/UDP iiop
536 | TCP/UDP opalis-rdv
537 | TCP/UDP Networked Media Streaming Protocol
538 | TCP/UDP gdomap
539 | TCP/UDP Apertus Technologies Load Determination
540 | TCP/UDP uucpd
541 | TCP/UDP uucp-rlogin
542 | TCP/UDP commerce
543 | TCP/UDP klogin
544 | TCP/UDP krcmd
545 | TCP/UDP appleqtcsrvr
546 | TCP/UDP DHCPv6 Client
547 | TCP/UDP DHCPv6 Server
548 | TCP/UDP AFP over TCP
549 | TCP/UDP IDFP
550 | TCP/UDP new-who
551 | TCP/UDP cybercash
552 | TCP/UDP deviceshare
553 | TCP/UDP pirp
554 | TCP/UDP Real Time Stream Control Protocol
555 | TCP/UDP dsf
556 | TCP/UDP rfs server
557 | TCP/UDP openvms-sysipc
558 | TCP/UDP SDNSKMP
559 | TCP/UDP TEEDTAP
560 | TCP/UDP rmonitord
561 | TCP/UDP monitor
562 | TCP/UDP chcmd
563 | TCP/UDP nntp protocol over TLS | SSL (was snntp)
564 | TCP/UDP plan 9 file service
565 | TCP/UDP whoami
566 | TCP/UDP streettalk
567 | TCP/UDP banyan-rpc
568 | TCP/UDP microsoft shuttle
569 | TCP/UDP microsoft rome
570 | TCP/UDP demon
571 | TCP/UDP udemon
572 | TCP/UDP sonar
573 | TCP/UDP banyan-vip
574 | TCP/UDP FTP Software Agent System
575 | TCP/UDP VEMMI
576 | TCP/UDP ipcd
577 | TCP/UDP vnas
578 | TCP/UDP ipdd
579 | TCP/UDP decbsrv
580 | TCP/UDP SNTP HEARTBEAT
581 | TCP/UDP Bundle Discovery Protocol
582 | TCP/UDP SCC Security
583 | TCP/UDP Philips Video-Conferencing
584 | TCP/UDP Key Server
585 | TCP/UDP IMAP4+SSL (not recommended; use 993 instead)
586 | TCP/UDP Password Change
587 | TCP/UDP Submission
588 | TCP/UDP CAL
589 | TCP/UDP EyeLink
590 | TCP/UDP TNS CML
591 | TCP/UDP FMPRO4 - HTTP
592 | TCP/UDP Eudora Set
600 | TCP/UDP Sun IPC server
606 | TCP/UDP Cray Unified Resource Manager
607 | TCP/UDP nqs
608 | TCP/UDP Sender-Initiated | Unsolicited File Transfer
609 | TCP/UDP npmp-trap
610 | TCP/UDP npmp-local
611 | TCP/UDP npmp-gui
612 | TCP/UDP HMMP Indication
613 | TCP/UDP HMMP Operation
614 | TCP/UDP SSLshell
615 | TCP/UDP Internet Configuration Manager
616 | TCP/UDP SCO System Administration Server
617 | TCP/UDP SCO Desktop Administration Server
618 | TCP/UDP DEI-ICDA
619 | TCP/UDP Digital EVM
620 | TCP/UDP SCO WebServer Manager
621 | TCP/UDP ESCP
633 | TCP/UDP Service Status update (Sterling Software)
634 | TCP/UDP ginad
635 | TCP/UDP RLZ DBase
636 | TCP/UDP ldap protocol over TLS | SSL (was sldap)
637 | TCP/UDP lanserver
666 | TCP/UDP doom Id Software
667 | TCP/UDP campaign contribution disclosures - SDR Technologies
668 | TCP/UDP MeComm
669 | TCP/UDP MeRegister
670 | TCP/UDP VACDSM-SWS
671 | TCP/UDP VACDSM-APP
672 | TCP/UDP VPPS-QUA
673 | TCP/UDP CIMPLEX
674 | TCP/UDP ACAP
675 | TCP/UDP DCTP
704 | TCP/UDP errlog copy | server daemon
705 | TCP/UDP AgentX
709 | TCP/UDP Entrust Key Management Service Handler
710 | TCP/UDP Entrust Administration Service Handler
729 | TCP/UDP IBM NetView DM | 6000 Server | Client
730 | TCP/UDP IBM NetView DM | 6000 send | TCP
731 | TCP/UDP IBM NetView DM | 6000 receive | TCP
741 | TCP/UDP netGW
742 | TCP/UDP Network based Rev. Cont. Sys.
744 | TCP/UDP Flexible License Manager
747 | TCP/UDP Fujitsu Device Control
748 | TCP/UDP Russell Info Sci Calendar Manager
749 | TCP/UDP kerberos administration
750 | UDP kerberos version IV
886 | TCP/UDP ICL coNETion locate server
887 | TCP/UDP ICL coNETion server info
888 | TCP/UDP AccessBuilder
900 | TCP/UDP OMG Initial Refs
911 | TCP xact-backup
989 | TCP/UDP ftp protocol, data, over TLS | SSL
990 | TCP/UDP ftp protocol, control, over TLS | SSL
991 | TCP/UDP Netnews Administration System
992 | TCP/UDP telnet protocol over TLS | SSL
993 | TCP/UDP imap4 protocol over TLS | SSL
994 | TCP/UDP irc protocol over TLS | SSL
995 | TCP/UDP pop3 protocol over TLS | SSL (was spop3)
1025 | TCP/UDP network blackjack, ICQ
1027 | TCP ICQ
1029 | TCP ICQ
1032 | TCP ICQ
1080 | TCP/UDP Socks, Wingate
1155 | TCP/UDP Network File Access
1212 | TCP/UDP lupa
1214 | TCP Kazaa, Morpheus
1433 | TCP/UDP Microsoft-SQL-Server
1434 | TCP/UDP Microsoft-SQL-Monitor
1451 | TCP/UDP IBM Information Management
1512 | TCP/UDP Wins (Microsoft's Windows Internet Name Service)
1547 | TCP/UDP laplink
1559 | TCP/UDP web2host
1735 | TCP/UDP PrivateChat
1745 | TCP/UDP remote-winsock
1789 | TCP/UDP hello
1801 | TCP/UDP Microsoft Message Que
1893 | TCP/UDP MSN Messenger
1986 | TCP/UDP cisco license management
1987 | TCP/UDP cisco RSRB Priority 1 port
1988 | TCP/UDP cisco RSRB Priority 2 port
1989 | TCP/UDP cisco RSRB Priority 3 port
1990 | TCP/UDP cisco STUN Priority 1 port
1991 | TCP/UDP cisco STUN Priority 2 port
1992 | TCP/UDP cisco STUN Priority 3 port
1992 | TCP/UDP IPsendmsg
1993 | TCP/UDP cisco SNMP TCP port
1994 | TCP/UDP cisco serial tunnel port
1995 | TCP/UDP cisco perf port
1996 | TCP/UDP cisco Remote SRB port
1997 | TCP/UDP cisco Gateway Discovery Protocol
1998 | TCP/UDP cisco X.25 service (XOT)
1999 | TCP/UDP cisco identification port
2049 | TCP/UDP Network File System - Sun Microsystems
2080 | TCP Wingate 3.0
2784 | TCP/UDP world wide web - development
3264 | TCP/UDP cc:mail | lotus
3268 | TCP/UDP Microsoft Global Catalog
3269 | TCP/UDP Microsoft Global Catalog with LDAP | SSL
3270 | TCP/UDP Verismart
4000+| TCP Imesh (4000 - 4999)
4662 | TCP eDonkey, eMule, overnet, ...
5001 | TCP Yahoo Messenger
5003 | TCP/UDP Claris FileMaker Pro
5190 | TCP AIM (AOL Instant Messenger)
5631 | TCP/UDP pcANYWHEREdata
5632 | TCP/UDP pcANYWHEREstat
5800+| TCP/UDP VNC (5900 - 5899)
5900+| TCP/UDP VNC (5900 - 5999)
6346 | TCP/UDP GNUtella
6667+| TCP IRC (6667-6679)
6891+| TCP MSN Messenger (6891-6900)
6901 | TCP/UDP MSN Messenger
7070 | TCP/UDP RealAudio
8010 | TCP Wingate 3.0
20000 | TCP ICQ
26000 | TCP quake
Port | Protokoll Trojans/Backdoors
------+------------------------------
2 | TCP Death
20 | TCP Senna Spy FTP Server
21 | TCP Back Construction, Blade Runner, Doly Trojan, Fore,
| FTP trojan, Invisible FTP, Juggernaut 42, Larva, MBT,
| Motiv, Net Administrator, Senna Spy FTP Server, Traitor,
| WebEx, WinCrash
22 | TCP Shaft (DDoS)
23 | TCP Prosiak (telnet), Tiny Telnet Server, Truva Atl
25 | TCP Ajan, Aji, Antigen, Email Password Sender, Email Worms,
| Gip, Gris, Happy99/Ska, Haebu Coceda, Hpteam Mail, Kuang2,
| Loveletter, Magic Horse, MBT, Moscow Email Trojan,
| Naebi, NewApt, ProMail trojan, Shtrilitz, Stealth, Tapiras,
| Terminator, WinPC, WinSpy
31 | TCP Agent 31, Hackers Paradise, Masters Paradise
41 | TCP DeepThroat
48 | TCP DRAT
50 | TCP DRAT
53 | TCP Bonk (DoS)
58 | TCP DMSetup
59 | TCP DMSetup
79 | TCP CDK, Firehotcker
80 | TCP AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero
81 | TCP RemoConChubo
99 | TCP Hidden Port
110 | TCP ProMail trojan
113 | TCP Invisible Identd Deamon, Kazimas
118 | UDP Infector 1.4.2
119 | TCP Happy99/Ska
121 | TCP JammerKillah
123 | TCP Net Controller
133 | TCP Farnaz
139 | TCP WinNuke
142 | TCP NetTaxi
146 | TCP/UDP Infector 1.x
170 | TCP A-Trojan
315 | TCP The Invasor
334 | TCP Backage
420 | TCP Breach
421 | TCP TCP Wrappers Trojan
456 | TCP Hackers Paradise
513 | TCP GRLogin
514 | TCP RPC Backdoor
531 | TCP Rasmin
555 | TCP/UDP Ini-Killer, NeTAdministrator, Phase Zero*, Stealth Spy
605 | TCP Secret Service
606 | TCP Secret Service
666 | TCP Attack FTP, Back Construction, Cain&Abel, NokNok,
| Satanz Backdoor, (ServU,) Shadow Phyre
667 | TCP SniperNet
669 | TCP DP Trojan
692 | TCP GayOL
777 | TCP Aim Spy, Undetected
808 | TCP WinHole
815 | TCP/UDP Everyone's Darling
911 | TCP Dark Shadow
999 | TCP DeepThroat
1000 | TCP Der Spaeher 3
1001 | TCP Der Spaeher 3, Le Guardien, Silencer, WebEx
1003 | TCP BackDoor 2.0x
1010 | TCP Doly Trojan 1.3, CafeIni 0.9 (1010:1100)
1011 | TCP Doly Trojan 1.1/1.2
1012 | TCP Doly Trojan 1.5
1015 | TCP Doly Trojan 1.6
1016 | TCP Doly Trojan
1020 | TCP Vampire
1024 | TCP NetSpy
1025 | TCP/UDP NetSpy, Maverick's Matrix, RemoteStorm
1029 | TCP/UDP InCommand
1033 | TCP NetSpy
1042 | TCP Bla 1.1
1045 | TCP Rasmin
1047 | TCP GateCrasher.b,c
1050 | TCP MiniCommand
1054 | TCP AckCmd
1080 | TCP WinHole
1081 | TCP WinHole
1082 | TCP WinHole
1083 | TCP WinHole
1090 | TCP Xtreme
1095 | TCP Rat
1097 | TCP Rat
1098 | TCP Rat
1099 | TCP BFevolution, Rat
1100 | TCP CafeIni 0.9 (1010:1100)
1137 | TCP MTX
1170 | TCP Psyber Stream Server, Streaming Audio Trojan, Voice
1200 | UDP NoBackO
1201 | UDP NoBackO
1207 | TCP SoftWAR
1208 | TCP/UDP Infector 1.3 + 1.4.1
1212 | TCP Kaos
1225 | TCP Scarab
1234 | TCP Ultors Trojan, SubSeven 2.0
1243 | TCP BackDoor-G/SubSeven/Sub7 *, SubSeven Apocalypse, Tiles
1245 | TCP VooDoo Doll
1255 | TCP Scarab
1256 | TCP Project nEXT
1269 | TCP Maverick's Matrix
1313 | TCP NETrojan
1338 | TCP Millenium Worm
1349 | UDP BO DLL
1441 | TCP RemoteStorm
1492 | TCP FTP99CMP, Back.Orifice.FTP
1509 | TCP Psyber Streaming Server
1524 | TCP Trin00 (DDoS)
1600 | TCP Shivka-Burka
1700 | TCP Rux.Tick
1777 | TCP Scarab
1784 | TCP Snid X2
1807 | TCP SpySender
1966 | TCP Fake FTP
1969 | TCP OpC BO
1981 | TCP Bowl, Shockrave
1989 | TCP W4llbre4ker
1999 | TCP BackDoor 1.00-1.03, TransScout 1.x
2000 | TCP Der Spaeher 3, Insane Network, TransScout
2001 | TCP Der Spaeher 3, TransScout, Trojan Cow
2002 | TCP TransScout
2003 | TCP TransScout
2004 | TCP TransScout
2005 | TCP TransScout
2023 | TCP (Pass) Ripper
2080 | TCP WinHole
2115 | TCP Bugs
2140 | UDP Deep Throat (alle Versionen), The Invasor
2155 | TCP Illusion Mailer
2208 | TCP Rux.PSW
2255 | TCP Nirvana
2283 | TCP HLV Rat 5
2300 | TCP Xplorer
2339 | UDP Voice Spy
2345 | TCP Doly Trojan
2565 | TCP Striker
2583 | TCP WinCrash 2
2600 | TCP Digital RootBeer
2716 | TCP The Prayer 2
2773 | TCP Backdoor-G/SubSeven/Sub7 *
2801 | TCP Phineas Phucker
2989 | TCP/UDP Rat 1.2
3000 | TCP Remote Shutdown
3024 | TCP WinCrash
3128 | TCP RingZero
3129 | TCP Masters Paradise
3150 | TCP The Invasor
3150 | UDP Deep Throat, Foreplay
3456 | TCP Terror Trojan
3459 | TCP Eclipse 2000, Sanctuary
3586 | TCP Snid X2
3700 | TCP Portal of Doom (PoD)
3791 | TCP Total Eclipse (FTP)
3801 | UDP Total Eclipse
4000 | TCP Skydance
4092 | TCP WinCrash
4242 | TCP Virtual Hacking Machine
4245 | TCP Rux.Backdoor
4321 | TCP BoBo, Schoolbus 1.0
4444 | TCP Prosiak, Swift remote
4711 | UDP Olfactor
4567 | TCP File Nail
4590 | TCP ICQTrojan
4950 | TCP ICQTrojan
5000 | TCP Bubbel, Back Door Setup, Blazer 5, Socket 23, Sockets de Troie
5001 | TCP Back Door Setup, Sockets de Troie
5002 | TCP cD00r, Shaft
5010 | TCP Solo
5011 | TCP OOTLT
5025 | TCP WM Remote KeyLogger
5031 | TCP NetMetropolitan 1.0 + 1.04
5032 | TCP NetMetropolitan 1.04
5321 | TCP Firehotcker
5333 | TCP Backage Trojan Box 3
5343 | TCP wCrat
5400 | TCP Blade Runner, Back Construction 1.2
5401 | TCP Blade Runner 1.x, Back Construction
5402 | TCP Blade Runner 2.x, Back Construction
5512 | TCP Illusion Mailer
5521 | TCP Illusion Mailer
5550 | TCP Xtcp 2
5555 | TCP ServeMe
5556 | TCP BO Facil, H0rtiga
5557 | TCP BO Facil
5569 | TCP RoboHack
5598 | TCP BackDoor 2.03
5637 | TCP PC Crasher
5638 | TCP PC Crasher
5714 | TCP WinCrash
5741 | TCP WinCrash
5742 | TCP WinCrash
5760 | TCP Portmap Remote Root Linux Exploit
5881 | UDP Y3K RAT
5882 | TCP/UDP Y3K RAT
5888 | TCP/UDP Y3K RAT
5889 | TCP Y3K RAT
6000 | TCP The Thing/APStrojan
6006 | TCP Bad Blood, The Thing/APStrojan
6272 | TCP Secret Service
6400 | TCP The Thing/APStrojan
6500 | TCP Devil 1.03
6666 | TCP Dark Connection Inside, NetBus, TCPshell.c
6667 | TCP Schedule Agent, Trinity, WinSatan
6669 | TCP Host Control, Vampyre 1.0
6670 | TCP DeepThroat, BackWeb Server, WinNuke eXtreame
6711 | TCP BackDoor-G/SubSeven/Sub7 *
6712 | TCP BackDoor-G/SubSeven/Sub7 *, Funny Trojan
6713 | TCP BackDoor-G/SubSeven/Sub7 *
6723 | TCP Mstream
6771 | TCP DeepThroat, Foreplay
6776 | TCP 2000 Cracks, BackDoor-G/SubSeven *
6789 | TCP Doly Trojan
6838 | UDP Mstream
6883 | TCP DeltaSource
6912 | TCP Shit Heep
6939 | TCP Indoctrination
6969 | TCP/UDP GateCrasher, IRC 3, NetController, Priority
6970 | TCP GateCrasher
7000 | TCP BackDoor-G/SubSeven *, Exploit Translation Server, Remote Grab, Kazimas
7001 | TCP Freak88
7215 | TCP BackDoor-G/SubSeven *
7300 | TCP NetMonitor
7301 | TCP NetMonitor
7306 | TCP NetMonitor
7307 | TCP NetMonitor
7308 | TCP NetMonitor
7323 | TCP SyGate
7424 | TCP/UDP Host Control
7597 | TCP Qaz
7609 | TCP Snid X2
7777 | TCP Tini
7789 | TCP Back Door Setup, ICKiller
7983 | TCP Mstream
8080 | TCP Brown Orifice, RemoConChubo, RingZero
8787 | TCP Back Orifice 2000 (BO2K) *
8897 | TCP HackOffice Armageddon
8988 | TCP BacHack
8989 | TCP Rcon, Recon, Xcon
9000 | TCP Netministrator
9325 | UDP Mstream
9400 | TCP InCommand
9872 | TCP Portal of Doom (PoD)
9873 | TCP Portal of Doom (PoD)
9874 | TCP Portal of Doom (PoD)
9875 | TCP Portal of Doom (PoD)
9876 | TCP Cyber Attacker, Rux.Backdoor
9878 | TCP TransScout
9989 | TCP iNi-Killer
9999 | TCP The Prayer 1
10067 | UDP Portal of Doom (PoD)
10085 | TCP Syphillis
10086 | TCP Syphillis
10101 | TCP BrainSpy
10167 | UDP Portal of Doom (PoD)
10520 | TCP Acid Shivers
10528 | TCP Host Control
10607 | TCP Coma
10666 | UDP Ambush
11000 | TCP Senna Spy
11050 | TCP Host Control
11051 | TCP Host Control
11223 | TCP Progenic Trojan, Secret Agent
12076 | TCP GJamer
12223 | TCP Hack´99 KeyLogger
12345 | TCP Fat Bitch, GabanBus, Mypic, NetBus 1.x (v1.7*),
| Pie Bill Gates, WhackJob, X-bill
12346 | TCP Fat Bitch, GabanBus, NetBus 1.x (v1.7*), X-bill
12349 | TCP BioNet
12361 | TCP Whack-a-mole
12362 | TCP Whack-a-mole
12623 | UDP DUN Control
12624 | TCP Buttman
12631 | TCP WhackJob
12701 | TCP Eclipse 2000
12754 | TCP Mstream
13000 | TCP Senna Spy
13010 | TCP Hacker Brazil
13700 | TCP Kuang2 The Virus
14456 | TCP Solero
14500 | TCP PC Invader 0.7
14501 | TCP PC Invader 0.7
14502 | TCP PC Invader 0.7
14503 | TCP PC Invader 0.7
15000 | TCP NetDaemon 1.0
15092 | TCP Host Control
15104 | TCP Mstream
15858 | TCP CDK
16484 | TCP Mosucker
16660 | TCP Stacheldraht (DDoS)
16772 | TCP ICQ Revenge
16969 | TCP Priority
17166 | TCP Mosaic
17300 | TCP Kuang2 The Virus
17449 | TCP Kid Terror
17490 | TCP CrazyNet
17499 | TCP CrazyNet
17500 | TCP CrazyNet
17569 | TCP Infector 1.4.x + 1.6.x
17777 | TCP Nephron
18753 | UDP Shaft (DDoS)
19864 | TCP ICQ Revenge
20000 | TCP Millennium
20001 | TCP Millennium
20002 | TCP AcidkoR
20023 | TCP VP Killer
20034 | TCP NetBus 2.0 Pro*, NetRex, WhackJob
20203 | TCP Chupacabra, Logged!
20331 | TCP Bla
20432 | TCP/UDP Shaft (DDoS)
20433 | UDP Shaft (DDoS)
21544 | TCP GirlFriend, Kid Terror, Schwindler, WinSp00fer
21554 | TCP Exploiter, GirlFriend, Schwindler 1.82
22222 | TCP Donald Dick, Prosiak
23005 | TCP/UDP Net Trash 1.0
23023 | TCP Logged!
23032 | TCP Amanda
23432 | TCP Asylum
23456 | TCP/UDP Evil FTP, Ugly FTP, WhackJob
23476 | TCP/UDP Donald Dick
23477 | TCP Donald Dick
26274 | UDP Delta Source
26681 | TCP Spy Voice
27374 | TCP BackDoor-G/SubSeven/Sub7 *
27444 | UDP Trin00 (DDoS)
27665 | TCP Trin00 (DDoS)
28431 | UDP Hack'a'Tack
28432 | UDP Hack'a'Tack
29104 | TCP Host Control
29891 | UDP The Unexplained
30001 | TCP Terr0r32
30029 | TCP AOL Trojan
30100 | TCP NetSphere 1.27a, NetSphere 1.31
30101 | TCP NetSphere 1.27a, NetSphere 1.31
30102 | TCP NetSphere 1.27a, NetSphere 1.31
30103 | TCP/UDP NetSphere 1.31
30133 | TCP NetSphere Final
30303 | TCP Sockets de Troie, Socket 23
30947 | TCP Intruse
30999 | TCP Kuang2
31335 | UDP Trin00 (DDoS)
31336 | TCP BOWhack, ButtFunnel
31337 | TCP/UDP BackFire, Baron Night, Back Orifice, BO client, BO2K *,
| Bo Facil, DeepBO, Freak
31338 | TCP/UDP Back Orifice, ButtFunnel, DeepBO, NetSpy DK
31339 | TCP NetSpy DK
31554 | TCP Schwindler
31666 | TCP BOWhack
31785 | TCP Hack'a'Tack
31787 | TCP Hack'a'Tack
31788 | TCP Hack'a'Tack
31789 | UDP Hack'a'Tack
31790 | UDP Hack'a'Tack
31791 | UDP Hack'a'Tack
31792 | TCP Hack'a'Tack
31787 | TCP Hack'a'Tack
32100 | TCP Peanut Brittle, Project nEXT
32418 | TCP Acid Battery
33333 | TCP Blakharaz, Prosiak
33577 | TCP PsychWard
33777 | TCP PsychWard
33911 | TCP Spirit 2001a
34324 | TCP BigGluck, TN, Tiny Telnet Server
34555 | UDP Trin00 (Windows) (DDoS)
35555 | UDP Trin00 (Windows) (DDoS)
37651 | TCP YAT
40412 | TCP The Spy
40421 | TCP Agent 40421, Masters Paradise
40422 | TCP Masters Paradise 1.x
40423 | TCP Masters Paradise
40425 | TCP Masters Paradise
40426 | TCP Masters Paradise 3.x
41666 | TCP/UDP Remote Boot
43210 | TCP Schoolbus 1.6/2.0
44444 | TCP Prosiak
47262 | UDP Delta Source
49301 | TCP Online Keylogger
50505 | TCP Sockets de Troie
50766 | TCP Fore, Schwindler
51996 | TCP CafeIni
53217 | TCP Acid Battery 2000
53001 | TCP Remote Windows Shutdown
54283 | TCP BackDoor-G/SubSeven/Sub7 *
54320 | UDP Back Orifice 2000 (BO2K) *
54321 | TCP/UDP School Bus .69-1.11 + 1.6 + 2.0, Back Orifice 2000 (BO2K) *
55555 | TCP EuroCalculator (= Back Orifice 2000) *
57341 | TCP NetRaider
58339 | TCP ButtFunnel
60000 | TCP Deep Throat 2.0/3.0
60068 | TCP Xzip 6000068
60411 | TCP Connection
61348 | TCP Bunker-Hill
61466 | TCP Telecommando
61603 | TCP Bunker-Hill
63485 | TCP Bunker-Hill
61466 | TCP Telecommando
65000 | TCP Devil 1.03, Stacheldraht (DDoS)
65432 | TCP/UDP The Traitor
65535 | TCP RC
---------
* Port ist beliebig aenderbar
Quellen: ISS X-Force, Simovits, TLSecurity, Toto, VHM, Whitehats
Quellen: ISS X-Force, Toto,
Simovits, VHM, Whitehats
zum Anfang dieser Seite | Zurück zur Trojaner-Seite