Trojan Ports

Port #

Protocol

General Description

0

ICMP

Click attack

8

ICMP

Ping Attack

9

UDP

Chargen

19

UDP

Chargen

21

TCP

FTP service, Dolly Trojan

23

TCP

TELNET Service

25

TCP

SMTP, AntiGen

31

TCP

Agent 31, Hacker's Paradise

41

TCP

Deep Throat

53

TCP

DNS

58

TCP

DM Setup

79

TCP

Firehotcker

80

TCP

Executor

90

TCP

Hidden Port 2.o

110

TCP

ProMail Trojan

113

TCP

Kazimas

119

TCP

Happy99

121

TCP

Jammer Killah

129

TCP

Password Generator Protocol

135

TCP UDP

Netbios Remote procedure call

137

TCP UDP

Netbios name (DoS attacks)

138

TCP UDP

Netbios datagram

139

TCP UDP

Netbios session (DoS attacks)

146

TCP 

Infector 1.3

421

TCP

Tcp Wrappers

456

TCP

Hacker's Paradise

531

TCP

Rasmin

555

TCP

Stealth Spy, Phaze

666

TCP

Attack FTP

777

TCP

AIM Spy Application

911

TCP

Dark Shadow

999

TCP

DeepThroat

9400

TCP

InCommand

9999

TCP

The prayer 1.2 -1.3

1000

TCP

Der Spaeher

1001

TCP

Silencer, WebEx

1011

TCP

Doly Trojan

1012

TCP

Doly Trojan

1015

TCP

Doly Trojan

1024

TCP

NetSpy

1025

UDP

Maverick's Matrix 1.2 - 2.0

1027

TCP

ICQ

1029

TCP

ICQ

1032

TCP

ICQ

1033

TCP

NetSpy

1042

TCP

Bla

1045

TCP

Rasmin

1080

TCP

Socks/Wingate

1090

TCP

Xtreme

1170

TCP

Voice Streaming Audio

1207

TCP

SoftWar

1214

TCP

 KaZaa File Sharing (not a trojan)

1234

TCP

Ultors Trojan

1243

TCP

Sub Seven

1245

TCP

VooDoo Doll

1269

TCP

Maverick's Matrix

12631

TCP

WhackJob

1349

UDP

BackOrifice DLL Comm

1394

TCP

GoFriller, Backdoor G-1

1492

TCP

FTP99CMP

1505

TCPUDP

 FunkProxy 

1509

TCP

Psyber Streaming server

1600

TCP

Shivka-Burka

1604

TCP UDP

ICA Browser

1807

TCP

SpySender

1981

TCP

Shockrave

1999

TCP

BackDoor

2000

TCP

Remote Explorer

2001

TCP

Trojan Cow

2002

TCP

TransScout

2003

TCP

TransScout

2004

TCP

TransScout

2005

TCP

TransScout

2023

TCP

Ripper

2115

TCP

Bugs

2140

TCP

Deep Throat

2140

UDP

Deep Throat

2155

TCP

Illusion Mailer

2283

TCP

HLV Rat5

2565

TCP

Striker

2583

TCP

WinCrash

2716

TCP

The Prayer 1.2 -1.3

2721

TCP

Phase Zero

2801

TCP

Phineas Phucker

2989

UDP

Rat

3024

TCP

WinCrash

3028

TCP

Ring Zero

3129

TCP

Master's Paradise

3150

TCP

Deep Throat

3150

UDP

Deep Throat

3332

TCP

Q0 BackDoor

3459

TCP

Eclipse 2000

3700

TCP

Portal of Doom

3791

TCP

Eclypse

3801

UDP

Eclypse

4100

TCP

Watchguard Firebox  admin DoS Expl

4092

TCP

WinCrash

4567

TCP

File Nail

4590

TCP

ICQ Trojan

5000

TCP

Sokets de Trois v1./Bubbel

5001

TCP

Sokets de Trois v1./Bubbel

5011

TCP

Ootlt

5031

TCP

Net Metropolitan 1.0

5032

TCP

Net Metropolitan 1.04

5321

TCP

Firehotcker

5400

TCP

Blade Runner

5401

TCP

Blade Runner

5402

TCP

Blade Runner

5521

TCP

Illusion Mailer

5550

TCP

Xtcp

5512

TCP

Xtcp

5555

TCP

ServeMe

5556

TCP

BO Facil

5557

TCP

BO Facil

5569

TCP

Robo-Hack

5637

TCP

PC Crasher

5638

TCP

PC Crasher

5714

TCP

WinCrash

5741

TCP

WinCrash

5742

TCP

WinCrash

6000

TCP

The Thing 1.6

6112

TCP UDP

Battle.net Game (not a trojan)

6346

TCP

Gnutella clone (not a trojan) see info

6400

TCP

The Thing

6667

TCP

Sub-7 Trojan (new icq notification)

6669

TCP

Vampyre

6670

TCP

Deep Throat

6671

TCP

Deep Throat

6711

TCP

Sub Seven

6712

TCP

Sub Seven

6713

TCP

Sub Seven

6723

TCP

Mstream attack-handler

6771

TCP

Deep Throat

6776

TCP

Sub Seven

6838

UDP

Mstream Agent-handler

6912

TCP

Sh*t Heap 

6939

TCP

Indoctrination

6969

TCP

Gate Crasher, Priority

6970

TCP

Gate Crasher

7000

TCP

Remote Grab

7028

TCP

Unknown Trojan

7028

UDP

Unknown Trojan

7300

TCP

Net Monitor

7301

TCP

Net Monitor

7306

TCP

Net Monitor

7307

TCP

Net Monitor

7308

TCP

Net Monitor

7597

TCP

QaZ (Remote Access Trojan)

7789

TCP

ICKiller

7983

UDP

MStream handler-agent

8080

TCP

Ring Zero

8787

TCPUDP

BackOrifice 2000

8879

TCPUDP

BackOrifice 2000

9325

UDP

MStream Agent-handler

9872

TCP

Portal of Doom

9873

TCP

Portal of Doom

9874

TCP

Portal of Doom

9875

TCP

Portal of Doom

9876

TCP

Cyber Attacker

9878

TCP

Trans Scout

9989

TCP

iNi-Killer

10008

TCP

Cheese worm

10067

TCP

Portal of Doom

10067

UDP

Portal of Doom

10167

TCP

Portal of Doom

10167

UDP

Portal of Doom

10498

UDP

Mstream handler-agent

10520

TCP

Acid Shivers

10607

TCP

Coma

10666

TCP

Ambush

11000

TCP

Senna Spy

11050

TCP

Host Control

11223

TCP

Progenic Trojan

11831`

TCP

Latinus Server

12076

TCP

GJamer

12223

TCP

Hack'99, KeyLogger

12345

TCP

Netbus, Ultor's Trojan

12346

TCP

Netbus

12456

TCP

NetBus

12361

TCP

Whack-a-Mole

12362

TCP

Whack-a-Mole

12631

TCP

Whack Job

12701

TCP

Eclypse 2000

12754

TCP

Mstream attack-handler

13000

TCP

Senna Spy

13700

TCP

Kuang2 the Virus

15104

TCP

Mstream attack-handler

16484

TCP

Mosucker

16959

TCP

 SubSeven DEFCON8 2.1 Backdoor

16969

TCP

Priority

17300

TCP

Kuang2 The Virus

18753

UDP

Shaft  handler to Agent

20000

TCP

Millennium

20001

TCP

Millennium

20034

TCP

NetBus 2 Pro

20203

TCP

Logged!

20331

TCP

Bla Trojan

20432

TCP

Shaft Client to handlers

20433

TCP

Shaft Agent to handlers

21554

TCPUDP

GirlFriend

22222

TCP

Prosiak

23456

TCP

EvilFTP, UglyFTP

23476

TCP

Donald Dick

23477

TCP

Donald Dick

26274

TCP

Delta Source

26274

UDP

Delta Source

27374

UDP

Sub-7 2.1

27444

UDP

Trin00/TFN2K

27573

UDP

Sub-7 2.1

27573

TCP

Sub-7 2.1

27665

TCP

Trin00 DoS Attack

29559

TCP

Latinus Server

29891

TCP

The Unexplained

30029

TCP

AOL Trojan

30100

TCP

NetSphere

30101

TCP

NetSphere

30102

TCP

NetSphere

30133

TCP

NetSphere Final

30303

TCP

Sockets de Troie

30999

TCP

Kuang2

31335

UDP

Trin00 DoS Attack

31336

TCP

BO-Whack

31337

UDP

Backorifice (BO)

31337

TCP

Netpatch

31338

TCP

NetSpy DK

31338

UDP

Deep BO

31339

TCP

NetSpy DK

31666

TCP

BOWhack

31785

TCP

Hack'a'Tack

31787

UDP

Hack`a'Tack

31789

UDP

Hack'a'Tack

31790

UDP

Hack`a'Tack

31791

UDP

Hack'a'Tack

32418

TCP

Acid Battery

33270

TCP

Trinity Trojan

33333

TCP

Prosiak

33390

UDP

Unknown trojan

33911

TCP

Spirit 2001 a

34324

TCP

BigGluck, TN

37651

TCP

Yet Another Trojan

40421

TCP

Master's Paradise

40412

TCP

The Spy

40421

TCP

Agent, Master's of Paradise

40422

TCP

Master's Paradise

40423

TCP

Master's Paradise

40425

TCP

Master's Paradise

40426

TCP

Master's Paradise

43210

TCP

Master's Paradise

47252

TCP

Delta Source

47262

UDP

Delta Source

49301

UDP

OnLine keyLogger

50505

TCP

Sokets de Trois v2.

50776

TCP

Fore

53001

TCP

Remote Windows Shutdown

54320

TCP

Back Orifice 2000

54320

UDP

Back Orifice

54321

TCP

School Bus, Back Orifice

54321

UDP

Back Orifice 2000

57341

UDP

NetRaider Trojan

57341

TCP

NetRaider Trojan

60000

TCP

Deep Throat

61466

TCP

Telecommando

61348

TCP

Bunker-Hill Trojan

61603

TCP

Bunker-Hill Trojan

63485

TCP

Bunker-Hill Trojan

65000

TCP

Stacheldraht,  Devil