tcp端口详解（TCP port detailed）.doc

tcp端口详解（TCP port detailed） TCP port corresponding table (including port of Trojan horse) On your own machine, you can list the ports in the command prompt window with the netstat -a -n command, and find the suspicious ports, and youll find out what program is using the port when you look for it. Port: 21 Services: FTP Description: FTP server open ports for uploading and downloading. The most common attackers are looking for ways to open anonymouss FTP server. These servers have a readable directory. Trojans, Doly, Trojan, Fore, Invisible, FTP, WebEx, WinCrash, and Blade Runner are open ports. Port: 22 Services: Ssh Explanation: PcAnywheres TCP connection to this port might be to find ssh. This service has many weaknesses, and if configured into a specific pattern, many versions of the RSAREF library will have quite a few holes. Port: 23 Services: Telnet Explanation: remote login, intruder in search of remote login UNIX service. In most cases, the port is scanned to find the operating system that the machine is running. And using other techniques, intruders will find passwords. Trojan Tiny Telnet Server opens this port. Port: 25 Services: SMTP Explanation: the port opened by the SMTP server for sending mail. Intruders look for SMTP servers to pass on their SPAM. The intruder accounts are closed, and they need to connect to a high bandwidth E-MAIL server and pass simple messages to different addresses. Trojan horse, Antigen, Email, Password, Sender, Haebu, Coceda, Shtrilitz, Stealth, WinPC and WinSpy are all open to this port. Port: 31 Services: MSG Authentication Description: Trojan Master, Paradise, Hackers, Paradise open this port. Port: 42 Services: WINS Replication Description: WINS replication Port: 53 Services: Domain, Name, Server (DNS) Explanation: the open port of the DNS server, the intruder may be attempting to pass through TCP, spoofing DNS (UDP), or hiding other communications. As a result, firewalls often filter or record this port. Port: 67 Services: B