Port

Port	Protococol	Trojan/Backdoor
0	ICMP	No Trojan - Click Attack
8	ICMP	No Trojan - Ping Attack
9	UDP	Chargen
19	UDP	Chargen
21	TCP	Blade Runner
21	TCP	Back Construction
21	TCP	Doly Trojan
21	TCP	Fore
21	TCP	FTP trojan
21	TCP	WebEx
21	TCP	Invisible FTP
21	TCP	Larva
21	TCP	WinCrash
23	TCP	Tiny Telnet Server (= TTS)
25	TCP	Ajan
25	TCP	Antigen
25	TCP	Email Password Sender
25	TCP	Haebu Coceda (= Naebi)
25	TCP	Happy 99
25	TCP	Kuang2
25	TCP	ProMail trojan
25	TCP	Shtrilitz
25	TCP	Stealth
25	TCP	Tapiras
25	TCP	Terminator
25	TCP	WinPC
25	TCP	WinSpy
31	TCP	Agent 31
31	TCP	Hackers Paradise
41	TCP	DeepThroat
53	TCP	DNS Service
58	TCP	DMsetup
59	TCP	DMSetup
79	TCP	Firehotcker
80	TCP	Executor
80	TCP	RingZero
99	TCP	Hidden Port
110	TCP	ProMail trojan
113	TCP	Kazimas
119	TCP	Happy 99
121	TCP	JammerKillah
129	TCP	Password Generator Protocol
135	TCP	Winnuke (no trojan)
137	TCP	Netbios name (DoS attacks)
138	TCP	Netbios datagram (DoS attacks)
139	TCP	Winnuke (no trojan)
139	TCP	Netbios session (DoS attacks)
421	TCP	TCPWrappers
456	TCP	Hackers Paradise
531	TCP	Rasmin
555	TCP	Ini-Killer
555	TCP	NeTAdmin
555	TCP	Phase Zero
555	TCP	Stealth Spy
666	TCP	Attack FTP
666	TCP	Back Construction
666	TCP	Cain & Abel
666	TCP	Satanz Backdoor
666	TCP	ServeU
666	TCP	Shadow Phyre
911	TCP	Dark Shadow
999	TCP	DeepThroat
999	TCP	WinSatan
1001	TCP	Silencer
1001	TCP	WebEx
1010	TCP	Doly trojan 1.35
1011	TCP	Doly Trojan
1012	TCP	Doly Trojan
1015	TCP	Doly trojan 1.5
1024	TCP	NetSpy
1027	TCP	ICQ (www.mirabilis.com)
1029	TCP	ICQ (www.mirabilis.com)
1032	TCP	ICQ (www.mirabilis.com)
1033	TCP	Netspy
1042	TCP	Bla 1.1
1045	TCP	Rasmin
1080	TCP	Wingate (Socks-Proxy)
1090	TCP	Xtreme
1095	TCP	Rat
1097	TCP	Rat
1098	TCP	Rat
1099	TCP	Rat
1170	TCP	Psyber Stream Server
1170	TCP	Voice
1170	TCP	Voice -Streaming Audio Trojan
1234	TCP	Ultors Trojan
1243	TCP	Sub 7
1243	TCP	BackDoor-G
1245	TCP	VooDoo Doll
1269	TCP	Mavericks Matrix
1349	UDP	Back Ofrice DLL = BO DLL
1492	TCP	FTP99CMP
1509	TCP	Psyber Streaming Server
1600	TCP	Shivka-Burka
1807	TCP	SpySender
1981	TCP	Shockrave
1999	TCP	BackDoor 1.00-1.03
1999	TCP	TransScout
1999	TCP	TransScout
2000	TCP	TransScout
2001	TCP	TransScout
2001	TCP	Trojan Cow
2002	TCP	TransScout
2003	TCP	TransScout
2004	TCP	TransScout
2005	TCP	TransScout
2023	TCP	Pass Ripper
2115	TCP	BUGS
2140	TCP/UDP	Deep Throat
2140	TCP	The Invasor
2155	TCP	Illusion Mailer
2283	TCP	HVL Rat5
2565	TCP	Striker
2583	TCP	WinCrash
2600	TCP	Digital RootBeer
2801	TCP	Phineas Phucker
2989	UDP	RAT
3024	TCP	WinCrash
3128	TCP	RingZero
3129	TCP	Masters Paradise
3150	TCP/UDP	Deep Throat
3150	TCP	The Invasor
3459	TCP	Eclipse 2000
3700	TCP	Portal of Doom
3791	TCP	Eclypse
3801	UDP	Eclypse
4092	TCP	WinCrash
4321	TCP	BoBo
4567	TCP	File Nail 1
4590	TCP	ICQTrojan
5000	TCP	Bubbel
5000	TCP	Sockets de Troie
5000	TCP	Back Door Setup
5000	TCP	Socket23
5001	TCP	Sockets de Troie
5001	TCP	Back Door Setup
5011	TCP	One of the Last Trojans (OOTLT)
5031	TCP	NetMetro
5321	TCP	Firehotcker
5400	TCP	Blade Runner 0.80 Alpha
5400	TCP	BackConstruction 1.2
5401	TCP	Blade Runner 0.80 Alpha
5402	TCP	Blade Runner 0.80 Alpha
5512	TCP	Illusion Mailer
5550	TCP	Xtcp
5555	TCP	ServeMe
5556	TCP	BO Facil
5557	TCP	BO Facil
5569	TCP	Robo-Hack
5742	TCP	WinCrash
6400	TCP	The Thing
6669	TCP	Vampyre
6670	TCP/UDP	Deep Throat
6674	TCP	Deep Throat
6711	TCP	Sub 7
6771	TCP/UDP	Deep Throat
6776	TCP	Sub 7
6776	TCP	BackDoor-G
6883	UDP	DeltaSource
6912	TCP	Shit Heep (not 69123!)
6939	TCP	Indoctrination
6969	TCP	GateCrasher
6969	TCP	Priority
6969	TCP	IRC 3
6970	TCP	GateCrasher
7000	TCP	Remote Grab
7000	TCP	Kazimas
7300	TCP	NetMonitor
7301	TCP	NetMonitor
7306	TCP	NetMonitor
7307	TCP	NetMonitor
7308	TCP	NetMonitor
7410	TCP	Phoenix
7789	TCP	ICQ Killer
7789	TCP	Back Door Setup
8080	TCP	RingZero
9400	TCP	InCommand
9872	TCP	Portal of Doom
9873	TCP	Portal of Doom
9874	TCP	Portal of Doom
9875	TCP	Portal of Doom
9876	TCP	Cyber Attacker
9878	TCP	TransScout
9989	TCP	iNi-Killer
10067	TCP	Portal of Doom
10067	UDP	Portal of Doom
10101	TCP	BrainSpy
10167	UDP	Portal of Doom
10520	TCP	Acid Shivers
10607	TCP	Coma 1.0.9
11000	TCP	Senna Spy
11223	TCP	Progenic trojan
12076	TCP	Gjamer
12223	TCP	Hack´99 KeyLogger
12345	TCP	NetBus 1.20-1.70
12345	TCP	GabanBus
12345	TCP	Pie Bill Gates
12345	TCP	X - Bill
12346	TCP	NetBus 1.20-1.70
12346	TCP	GabanBus
12346	TCP	Netbus 1.x (avoiding NetBuster)
12346	TCP	X - Bill
12361	TCP	Whack-a-mole
12362	TCP	Whack-a-mole
12631	TCP	WhackJob
13000	TCP	Senna Spy
16969	TCP	Priority
17300	TCP	Kuang2 The Virus
20000	TCP	Millennium
20001	TCP	Millennium
20034	TCP	NetBus 2.0 Beta-NetBus 2.01
20034	TCP	Netbus 2 Pro
20203	TCP	Logged
20331	TCP	Bla
21544	TCP	GirlFriend 1.0 Beta-1.35
21554	TCP	Schwindler 1.82
22222	TCP	Prosiak
23456	TCP	Evil FTP
23456	TCP	Ugly FTP
23456	TCP	WhackJob
23476	TCP	Donald Dick
23477	TCP	Donald Dick
26274	UDP	Delta Source
27374	UDP	Subseven 7.2.1
27444	UDP	Trin00/TFN2K
27573	UDP/TCP	Subseven 7.2.1
27665	TCP	Trin00/DoS Attack
29559	UDP	Latinus
29891	UDP	The Unexplained
30029	TCP	AOL Trojan
30100	TCP	NetSphere 1.27a
30100	TCP/UDP	NetSphere 1.31
30101	TCP/UDP	NetSphere 1.31
30102	TCP	NetSphere 1.27a
30102	TCP/UDP	NetSphere 1.31
30103	TCP/UDP	NetSphere 1.31
30303	TCP	Sockets de Troi
30303	TCP	Socket25
30999	TCP	Kuang2
31336	TCP	Bo Whack
31337	TCP	Baron Night
31337	UDP	BackFire
31337	TCP/UDP	Back Orifice
31337	UDP	DeepBO
31337	TCP	BO Facil
31337	TCP	Baron Night
31338	UDP	DeepBO
31338	TCP	NetSpy DK
31338	UDP	Back Orifice
31338	UDP	Back Orifice
31339	TCP	NetSpy DK
31666	UDP	BOWhack
31666	TCP	BOWhack
31780	TCP	Hack'a'Tack
31785	TCP/UDP	Hack Attack
31787	TCP/UDP	Hack Attack
31788	TCP	Hack«a«Tack
31789	TCP/UDP	Hack Attack
31789	TCP/UDP	Hack Attack
31791	TCP/UDP	Hack Attack
33270	TCP	Trinity
32418	TCP	Acid Battery
33333	TCP	Prosiak
33390	UDP	?
33911	TCP	Spirit 2001a
34324	TCP	BigGluck
34324	TCP	TN
34324	TCP	Tiny Telnet Server
37651	TCP	Yet Another Trojan
40412	TCP	The Spy
40421	TCP	Masters Paradise
40421	TCP	Agent 40421
40421	TCP	Agent 40421
40422	TCP	Masters Paradise
40423	TCP	Masters Paradise
40425	TCP	Masters Paradise
40426	TCP	Masters Paradise
43210	TCP	Masters Paradise
47262	TCP	Delta
47262	UDP	Delta Source
49301	UDP	Online Keylogger
50505	TCP	Sockets de Troie
50766	TCP	Fore
50766	TCP	Schwindler
53001	TCP	Remote Windows Shutdown
54320	TCP	Back Orifice 2000
54320	UDP	Back Orifice 2000
54321	TCP	SchoolBus .69-1.11
54321	UDP	Back Orifice 2000
54321	TCP	Schoolbus
57341	TCP	NetRaider Trojan
57341	UDP	NetRaider Trojan
60000	TCP	Deep Throat
61348	TCP	Bunker Hill Trojan
61466	TCP	Telecommando
61603	TCP	Bunker Hill Trojan
63485	TCP	Bunker Hill Trojan
65000	TCP	Devil 1.3

Satanz Backdoor|666

Silencer|1001

WebEx|1001

Doly Trojan|1011

Psyber Stream Server|1170

Ultors Trojan|1234

VooDoo Doll|1245

FTP99CMP|1492

Shivka-Burka|1600

SpySender|1807

Shockrave|1981

BackDoor|1999

Trojan Cow|2001

Ripper|2023

Bugs|2115

Deep Throat|2140

The Invasor|2140

Phineas Phucker|2801

Masters Paradise|30129

Portal of Doom|3700

WinCrash|4092

ICQTrojan|4590

Sockets de Troie|5000

Sockets de Troie 1.x|5001

Firehotcker|5321

Blade Runner|5400

Blade Runner 1.x|5401

Blade Runner 2.x|5402

Robo-Hack|5569

DeepThroat|6670

DeepThroat|6771

GateCrasher|6969

Priority|6969

Remote Grab|7000

NetMonitor|7300

NetMonitor 1.x|7301

NetMonitor 2.x|7306

NetMonitor 3.x|7307

NetMonitor 4.x|7308

ICKiller|7789

Portal of Doom|9872

Portal of Doom 1.x|9873

Portal of Doom 2.x|9874

Portal of Doom 3.x|9875

Portal of Doom 4.x|10067

Portal of Doom 5.x|10167

iNi-Killer|9989

Senna Spy|11000

Progenic trojan|11223

Hack?99 KeyLogger|12223

GabanBus|1245

NetBus|1245

Whack-a-mole|12361

Whack-a-mole 1.x|12362

Priority|16969

Millennium|20001

NetBus 2 Pro|20034

GirlFriend|21544

Prosiak|22222

Prosiak|33333

Evil FTP|23456

Ugly FTP|23456

Delta|26274

Back Orifice|31337

Back Orifice|31338

DeepBO|31338

NetSpy DK|31339

BOWhack|31666

BigGluck|34324

The Spy|40412

Masters Paradise|40421

Masters Paradise 1.x|40422

Masters Paradise 2.x|40423

Masters Paradise 3.x|40426

Sockets de Troie|50505

Fore|50766

Remote Windows Shutdown|53001

Telecommando|61466

Devil|65000

The tHing|6400

NetBus 1.x|12346

NetBus Pro 20034

SubSeven|1243

NetSphere|30100

Silencer |1001

Millenium |20000

Devil 1.03 |65000

NetMonitor| 7306

Streaming Audio Trojan| 1170

Socket23 |30303

Gatecrasher |6969

Telecommando | 61466

Gjamer |12076

IcqTrojen| 4950

Priotrity |16969

Vodoo | 1245

Wincrash | 5742

Wincrash2| 2583

Netspy |1033

ShockRave | 1981

Stealth Spy |555

Pass Ripper |2023

Attack FTP |666

GirlFriend | 21554

Fore, Schwindler| 50766

Tiny Telnet Server| 34324

Kuang |30999

Senna Spy Trojans| 11000

WhackJob | 23456

Phase0 | 555

BladeRunner | 5400

IcqTrojan | 4950

InIkiller | 9989

PortalOfDoom | 9872

ProgenicTrojan | 11223

Prosiak 0.47 | 22222

RemoteWindowsShutdown | 53001

RoboHack |5569

Silencer | 1001

Striker | 2565

TheSpy | 40412

TrojanCow | 2001

UglyFtp | 23456

WebEx |1001

Backdoor | 1999

Phineas | 2801

Psyber Streaming Server | 1509

Indoctrination | 6939

Hackers Paradise | 456

Doly Trojan | 1011

FTP99CMP | 1492

Shiva Burka | 1600

Remote Windows Shutdown | 53001

BigGluck, | 34324

NetSpy DK | 31339

Hack?99 KeyLogger | 12223

iNi-Killer | 9989

ICQKiller | 7789

Portal of Doom | 9875

Firehotcker | 5321

Master Paradise |40423

BO jammerkillahV | 121

port 2 - Death

port 21 - Back Construction, Blade Runner, Doly Trojan, Fore, FTP trojan, Invisible FTP, Larva, MBT, Motiv, Net Administrator, Senna Spy FTP Server, WebEx, WinCrash

port 23 - Tiny Telnet Server, Truva Atl

port 25 - Aji, Antigen, Email Password Sender, Gip, Happy 99, I Love You, Kuang 2, Magic Horse, Moscow Email Trojan, Naebi, NewApt, ProMail trojan, Shtrilitz, Stealth, Tapiras, Terminator, WinPC, WinSpy

port 31 - Agent 31, Hackers Paradise, Masters Paradise

port 41 - DeepThroat

port 48 - DRAT

port 50 - DRAT

port 59 - DMSetup

port 79 - Firehotcker

port 80 - Back End, Executor, Hooker, RingZero

port 99 - Hidden Port

port 110 - ProMail trojan

port 113 - Invisible Identd Deamon, Kazimas

port 119 - Happy 99

port 121 - JammerKillah

port 123 - Net Controller

port 133 - Farnaz, port 146 - Infector

port 146 (UDP) - Infector

port 170 - A-trojan

port 421 - TCP Wrappers

port 456 - Hackers Paradise

port 531 - Rasmin

port 555 - Ini-Killer, NeTAdministrator, Phase Zero, Stealth Spy

port 606 - Secret Service

port 666 - Attack FTP, Back Construction, NokNok, Cain & Abel, Satanz Backdoor, ServeU, Shadow Phyre

port 667 - SniperNet

port 669 - DP Trojan

port 692 - GayOL

port 777 - Aim Spy

port 808 - WinHole

port 911 - Dark Shadow

port 999 - DeepThroat, WinSatan

port 1000 - Der Spacher 3

port 1001 - Der Spacher 3, Le Guardien, Silencer, WebEx

port 1010 - Doly Trojan

port 1011 - Doly Trojan

port 1012 - Doly Trojan

port 1015 - Doly Trojan

port 1016 - Doly Trojan

port 1020 - Vampire

port 1024 - NetSpy

port 1042 - Bla

port 1045 - Rasmin

port 1050 - MiniCommand

port 1080 - WinHole

port 1081 - WinHole

port 1082 - WinHole

port 1083 - WinHole

port 1090 - Xtreme

port 1095 - RAT

port 1097 - RAT

port 1098 - RAT

port 1099 - BFevolution, RAT

port 1170 - Psyber Stream Server, Streaming Audio trojan, Voice

port 1200 (UDP) - NoBackO

port 1201 (UDP) - NoBackO

port 1207 - SoftWAR

port 1212 - Kaos

port 1225 - Scarab

port 1234 - Ultors Trojan

port 1243 - BackDoor-G, SubSeven, SubSeven Apocalypse, Tiles

port 1245 - VooDoo Doll

port 1255 - Scarab

port 1256 - Project nEXT

port 1269 - Mavericks Matrix

port 1313 - NETrojan

port 1338 - Millenium Worm

port 1349 (UDP) - BO DLL

port 1492 - FTP99CMP

port 1509 - Psyber Streaming Server

port 1524 - Trinoo

port 1600 - Shivka-Burka

port 1777 - Scarab

port 1807 - SpySender

port 1966 - Fake FTP

port 1969 - OpC BO

port 1981 - Shockrave

port 1999 - BackDoor, TransScout

port 2000 - Der Spaeher 3, Insane Network, TransScout

port 2001 - Der Spaeher 3, Tr