PDA

可以告訴我關於一些port的用途嗎??



贊助商連結

PPM
2001-08-04, 09:57 PM
我用PORTSCAN掃自己的電腦(WIN2K SERVER),發現有下列的PORT可以CONNECT..
我的電腦上其他非WIN2K內建軟體還有
ICQ,DNS2GO,ZoneAlarm Pro2.6.88,office xp
CuteFTP Pro1.0,RealPlayer8.0 basic,FlashGet

((防火牆設定並未允許任何程式當SERVER))

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
80 connect
135 connect
139 connect
443 connect
445 connect
1025 connect
1026 connect
1027 connect
139 closed
3372 connect
445 closed
80 closed
443 closed
18724 connect
~~~~~~~~~~~~~~~~~~~~~~~

前面connect,後面卻出現closed
是因為防火牆的關係嗎??
我是用WIN2K SERVER~~~我只知道80是HTTP在用ㄉ~~那其他的呢??

贊助商連結

arthurh
2001-08-04, 11:23 PM
http://www.pczone.com.tw/showthread.php?t=13260&highlight=port
ranger
2001-08-04, 11:58 PM
port 21 - Back Construction, Blade Runner, Doly Trojan, Fore, FTP trojan,
Invisible FTP, Larva,WebEx, WinCrash
port 23 - Tiny Telnet Server (= TTS)
port 25 - Ajan, Antigen, Email Password Sender, Haebu Coceda (= Naebi),
Happy 99, Kuang2, ProMail trojan, Shtrilitz, Stealth, Tapiras, Terminator,
WinPC, WinSpy
port 31 - Agent 31, Hackers Paradise, Masters Paradise
port 41 - DeepThroat
port 59 - DMSetup
port 79 - Firehotcker
port 80 - Executor, RingZero
port 99 - Hidden Port
port 110 - ProMail trojan
port 113 - Kazimas
port 119 - Happy 99
port 121 - JammerKillah
port 421 - TCP Wrappers
port 456 - Hackers Paradise
port 531 - Rasmin
port 555 - Ini-Killer, NeTAdmin, Phase Zero, Stealth Spy
port 666 - Attack FTP, Back Construction, Cain & Abel, Satanz Backdoor,
ServeU, Shadow Phyre
port 911 - Dark Shadow
port 999 - DeepThroat, WinSatan
port 1001 - Silencer, WebEx
port 1010 - Doly Trojan
port 1011 - Doly Trojan
port 1012 - Doly Trojan
port 1015 - Doly Trojan
port 1024 - NetSpy
port 1042 - Bla
port 1045 - Rasmin
port 1090 - Xtreme
port 1170 - Psyber Stream Server, Streaming Audio trojan, Voice
port 1234 - Ultors Trojan
port 1243 - SubSeven
port 1245 - VooDoo Doll
port 1269 - Mavericks Matrix
port 1349 (UDP) - BO DLL
port 1492 - FTP99CMP
port 1509 - Psyber Streaming Server
port 1600 - Shivka-Burka
port 1807 - SpySender
port 1981 - Shockrave
port 1999 - BackDoor
port 1999 - TransScout
port 2000 - TransScout
port 2001 - TransScout
port 2001 - Trojan Cow
port 2002 - TransScout
port 2003 - TransScout
port 2004 - TransScout
port 2005 - TransScout
port 2023 - Ripper
port 2115 - Bugs
port 2140 - Deep Throat, The Invasor
port 2155 - Illusion Mailer
port 2283 - HVL Rat5
port 2565 - Striker
port 2583 - WinCrash
port 2600 - Digital RootBeer
port 2801 - Phineas Phucker
port 2989 (UDP) - RAT
port 3024 - WinCrash
port 3128 - RingZero
port 3129 - Masters Paradise
port 3150 - Deep Throat, The Invasor
port 3459 - Eclipse 2000
port 3700 - Portal of Doom
port 3791 - Eclypse
port 3801 (UDP) - Eclypse
port 4092 - WinCrash
port 4321 - BoBo
port 4567 - File Nail
port 4590 - ICQTrojan
port 5000 - Bubbel, Back Door Setup, Sockets de Troie
port 5001 - Back Door Setup, Sockets de Troie
port 5011 - One of the Last Trojans (OOTLT)
port 5031 - NetMetro
port 5321 - Firehotcker
port 5400 - Blade Runner, Back Construction
port 5401 - Blade Runner, Back Construction
port 5402 - Blade Runner, Back Construction
port 5550 - Xtcp
port 5512 - Illusion Mailer
port 5555 - ServeMe
port 5556 - BO Facil
port 5557 - BO Facil
port 5569 - Robo-Hack
port 5742 - WinCrash
port 6400 - The Thing
port 6669 - Vampyre
port 6670 - DeepThroat
port 6771 - DeepThroat
port 6776 - BackDoor-G, SubSeven
port 6912 - Shit Heep (not port 69123!)
port 6939 - Indoctrination
port 6969 - GateCrasher, Priority, IRC 3
port 6970 - GateCrasher
port 7000 - Remote Grab, Kazimas
port 7300 - NetMonitor
port 7301 - NetMonitor
port 7306 - NetMonitor
port 7307 - NetMonitor
port 7308 - NetMonitor
port 7789 - Back Door Setup, ICKiller
port 8080 - RingZero
port 9400 - InCommand
port 9872 - Portal of Doom
port 9873 - Portal of Doom
port 9874 - Portal of Doom
port 9875 - Portal of Doom
port 9876 - Cyber Attacker
port 9878 - TransScout
port 9989 - iNi-Killer
port 10067 (UDP) - Portal of Doom
port 10101 - BrainSpy
port 10167 (UDP) - Portal of Doom
port 10520 - Acid Shivers
port 10607 - Coma
port 11000 - Senna Spy
port 11223 - Progenic trojan
port 12076 - Gjamer
port 12223 - Hack?9 KeyLogger
port 12345 - GabanBus, NetBus, Pie Bill Gates, X-bill
port 12346 - GabanBus, NetBus, X-bill
port 12361 - Whack-a-mole
port 12362 - Whack-a-mole
port 12631 - WhackJob
port 13000 - Senna Spy
port 16969 - Priority
port 17300 - Kuang2 The Virus
port 20000 - Millennium
port 20001 - Millennium
port 20034 - NetBus 2 Pro
port 20203 - Logged
port 21544 - GirlFriend
port 22222 - Prosiak
port 23456 - Evil FTP, Ugly
arthurh
2001-08-05, 12:08 AM
最初由 ranger
port 21 - Back Construction, Blade Runner, Doly Trojan, Fore, FTP trojan,
Invisible FTP, Larva,WebEx, WinCrash
port 23 - Tiny Telnet Server (= TTS)
port 25 - Ajan, Antigen, Email Password Sender, Haebu Coceda (= Naebi),


其實現在的木馬server很多都可由user用editserver程式自行定義所要開的port
甚至是由亂數決定
上表列出的port有些過時
像一般常見的sub7 v2.13 的port 27374就沒列出
所以只能當作參考..
gargamel
2001-08-08, 11:51 PM
prot 0 - 65535

伺服器端
1 - 255 : common utility
256 - 1023 : 一般用途

使用者端
1024 - 7999 : 廠商使用
8000 - 65535 : 使用者自定

以上是請教工程師時抄的筆記 若有錯誤請補充..
--------------------
其中較感興趣的 想必是139了吧^_^
139是win下的網路資源分享 (罪惡的來源 ^_^)
如果你有開資源分享 port139就會開..
可以用掃port軟體掃 看看若有139的 就用net 來使用..

舉例來說 www.futek.com.tw
先ping www.futek.com.tw 發現其ip位置
net view \\xxx.xxx.xxx.xxx
會列出資源分享名稱..
發現futek有分享出來..

就用net use z: \\xxx.xxx.xxx.xxx\futek
這樣你的z:就是它的futek目錄了
然後你用netstat -n 看
就會發現遠端 它的ip位置 port 139有開..

這是簡單初級的網路應用 以上舉例futek 只是正巧看到..
-----------------------------