Current location - Quotes Website - Collection of slogans - How to find the port number corresponding to a program?
How to find the port number corresponding to a program?
1 tcpmux TCP port service multiplexer transmission control protocol port service multiplexer

2 compressor management utility compressor management utility

3 compression network compression process compression process

5 rje remote job input remote job login

7 echo echo echo

9 discard discard discard discard

1 1 Systat active users online users

13 daytime daytime

17 daily reference

18 msp messaging protocol messaging protocol

19 character generator character generator

20 FTP- data file transfer [default data] file transfer protocol (default data port)

2 1 FTP file transfer [control] file transfer protocol (control)

22 ssh remote login protocol ssh remote login protocol

Terminal analog protocol

24 ? Any private mail system is reserved for personal mail systems.

25 smtp Simple Mail Transfer Simple Mail Transfer Protocol

27 nsw-fe NSW User System fe NSW User System Field Engineer

29 message -icp message icp message ICP message

3 1 message-verification message verification

33 dsp display support protocol

35 ? Any dedicated printer server is reserved for personal printer services.

37 time time

38 rap routing access protocol routing access protocol

39 rlp resource location protocol

4 1 graphics graphics

42 name server wins hostname server wins hostname service

43 nicname Who is the nickname and who is the service?

44 mpm-flags mpm FLAGS protocol MPM (message processing module)

45 MPM message processing module [recv] message processing module

46 MPM-SNMP[ default sending] message processing module (default sending port)

47 ni-ftp NI FTP NI FTP

48 auditd Digital Audit Daemon Digital Audio Background Service

49 TACACS Login Host Protocol (TACACS) TACACS Login Host Protocol

CK remote mail inspection protocol

5 1LA-maintimp logical address maintenance imp (Interface Information Processor) logical address maintenance

52 xns-time XNS time protocol Xerox network service system time protocol

53 domain name server domain name server

54 xns-ch Xerox Network Service System xns Clearing House

55 isi-gl ISI graphic language

Verifying xerox network service system with 56 xns-auth XNS authentication

57 ? Any private terminal access reserves personal terminal access.

58 xns-mail XNS mail Xerox network service system mail

59 ? Any private file service reserves the personal file service.

60 ? Unassigned is undefined.

6 1 ni-mail NI MAIL NI mail?

62 acas ACA service asynchronous communication adapter service

63 whois+ whois+ WHOIS+

64 Covia Communication Integrator (CI) Communication Interface

65 tacacs-dsttaacs- database service tacacs database service

66 SQL * NET Oracle SQL * NET Oracle SQL * NET

Bootps boot protocol server boot protocol server

68 bootpc Boot Protocol Client Boot Protocol Client

TFTP small file transfer small file transfer protocol

70 gopher Gopher information retrieval protocol

7 1 RJS internet-1 remote operation service

72 netrjs-2 remote job service remote job service

73 netrjs-3 remote job service remote job service

74 netrjs-4 remote job service remote job service

75 ? Any private dial-out service is reserved for personal dial-out service.

Distributed external object storage

77 ? Any private RJE service is reserved for personal remote job input service.

78 vettcp vettcp corrects tcp?

79 Finger Finger (Inquire about online users of remote hosts, etc.)

80 ews TAC News TAC (Tokyo University Automatic Computer? ) news protocol

99< me & gtmeta & lt/I & gt;; Gram & lt I & gtmeta & lt/I & gt;; Gram relay

100 new acct[ unauthorized use]

Port: 109

Service: post office protocol-Version 3

Description: The POP3 server opens this port to receive mail, and the client accesses the mail service on the server side. POP3 services have many recognized weaknesses. There are at least 20 weaknesses about user name and password exchange buffer overflow, which means that intruders can enter the system before actually logging in. There are other buffer overflow errors after successful login.

Port: 1 10

Service: all ports of SUN's RPC service.

Description: Common RPC services include rpc.mountd, NFS, rpc.statd, rpc.csmd, rpc.ttybd, amd, etc.

Port: 1 13

Service: authentication service

Description: This is a protocol that runs on many computers and is used to identify users of TCP connections. You can get information about many computers by using this standard service. But it can be used as a recorder for many services, especially FTP, POP, IMAP, SMTP and IRC. Usually, if many customers access these services through firewalls, they will see many connection requests to this port. Remember, if you block this port, the client will feel that the connection to the email server on the other side of the firewall is slow. Many firewalls support sending back RST during blocking of TCP connections. This will stop the slow connection.

Port: 1 19

Service: network news transfer protocol.

Description: news newsgroup transport protocol, which carries USENET communication. The connection of this port is usually when people are looking for a USENET server. Most ISPs only allow their customers to access their newsgroup servers. Opening the newsgroup server will allow anyone to post/read, access restricted newsgroup servers, post anonymously or send spam.

Port: 135

Services: Location Services

Description: Microsoft runs DCE RPC endpoint mapper on this port as its DCOM service. This is similar to the function of UNIX11port. Services using DCOM and RPC register their locations with the endpoint mapper on the computer. When remote customers connect to their computers, they will look for the location where the endpoint mapper finds the service. Will a hacker scan this port of a computer to find the Exchange Server running on this computer? What version? There are also some DOS attacks on this port.

Ports: 137, 138, 139

Service: NETBIOS name service

Note: Among them, 137 and 138 are UDP ports, which are used when transmitting files through network neighbors. And port 139: the connection coming through this port attempts to obtain NetBIOS/SMB service. This protocol is used for windows file and printer sharing and SAMBA. WINS Regisrtation also uses it.

Port: 143

Service: Temporary Mail Access Protocol v2.

Description: Like the security problem of POP3, many IMAP servers have buffer overflow vulnerabilities. Remember: LINUX worms (admv0rm) will spread through this port, so many scans of this port come from uninformed infected users. These vulnerabilities became popular when REDHAT allowed IMAP by default in its LINUX distribution. This port is also used for IMAP2, but it is not popular.

Port: 16 1

Service: SNMP

Description: SNMP allows remote management of devices. All configuration and operation information is stored in the database and can be obtained through SNMP. Many administrators' misconfigurations will be exposed online. Cackers will try to access the system using the default passwords public and private. They will try all possible combinations. SNMP packets may be incorrectly pointed to the user's network.

Port: 177

Service: X Display Manager Control Protocol

Description: Many intruders access the X-windows console through it, and it needs to open 6000 ports at the same time.

Port: 389

Services: LDAP, ILS

Description: Lightweight Directory Access Protocol and NetMeeting Internet Locator server * * * use this port.

Port: 443

Service: Https

Description: Web browsing port, another HTTP that can provide encryption and transmission through a secure port.

Port: 456

Service: [empty]

Trojan hacker paradise opens this port.

Port: 5 13

Services: login, remote login

Description: It is a broadcast from a UNIX computer that logs on to the subnet using a cable modem or DSL. These people provide information for intruders to enter their systems.

Port: 544

Service: [empty]

Description: kerberos kshell

Port: 548

Service: Macintosh, file service (AFP/IP)

Description: Macintosh, file service.

Port: 553

Service: CORBA IIOP (UDP)

Description: Use a cable modem, DSL or VLAN to view the broadcast on this port. CORBA is an object-oriented RPC system. Intruders can use this information to enter the system.

Port: 555

Service: DSF

Description: Trojan horse PhAse 1.0, stealth spy and IniKiller open this port.

Port: 568

Service: member DPA

Description: Membership DPA.

Port: 569

Service: Member MSN

Description: Member MSN.

Port: 635

Service: install d

Description: mountd Bug of Linux. This is a common error in scanning. The scanning of this port is mostly based on UDP, but the mountd based on TCP is increased (mountd runs on two ports at the same time). Remember that mountd can run on any port (which port is it, you need to query portmap on port11), but the default port of Linux is 635, just like NFS runs on port 2049.

Port: 636

Service: LDAP

Description: SSL (Secure Sockets Layer)

Port: 666

Service: Doom Id software

Description: Trojan attacks FTP and Satanz backdoor to open this port.

Port: 993

Service: IMAP

Description: SSL (Secure Sockets Layer)

Port: 100 1,101/

Service: [empty]

Description: Trojan silencer and WebEx open port 100 1. Trojan open port 10 1 1.

Port: 1024

Service: reserved

Description: It is the beginning of a dynamic port. Many programs don't care which port to use to connect to the network. They asked the system to assign them the next free port. Based on this, the allocation starts from port 1024. This means that the first person to send a request to the system will be assigned to port 1024. You can restart the machine, open Telnet, and then open a window to run natstat -a A. You will see that Telnet is assigned the port 1024. And SQL sessions also use this port and 5000 port.

Port: 1025, 1033

Service: 1025: network black jack 1033:[ empty]

Description: Trojan netspy opens these two ports.

Port: 1080

Service: socks

Description: This protocol tunnels through the firewall, allowing people behind the firewall to access the Internet through an IP address. Theoretically, it should only allow internal communication to reach the Internet. However, due to the wrong configuration, attacks outside the firewall will pass through the firewall. WinGate often makes this mistake and often sees it when joining IRC chat rooms.

Comparison of Common Ports (2)

Port: 1 170

Service: [empty]

Description: Trojan streaming audio Trojan, Psyber streaming server and voice open this port.

Ports: 1234,1243,6711,6776.

Service: [empty]

Description: Trojan and Autes Trojan open ports 1234 and 6776. Trojan Subeven 1.0/ 1.9 Open ports 1243, 671and 6776.

Port: 1245

Service: [empty]

Caption: Troy Waldo opened this port.

Port: 1433

Service: SQL

Description: Microsoft SQL service open port.

Port: 1492

Service: stone-design-1

Description: Trojan FTP99CMP opens this port.

Port: 1500

Service: RPC client fixed port session query.

Description: RPC client fixed port session query

Port: 1503

Service: NetMeeting T. 120

Description: network conference T. 120

Port: 1524

Service: entrance

Description: Many attack scripts will install the backdoor shell on this port, especially for the vulnerabilities of Sendmail and RPC services in SUN system. If you see someone trying to connect to this port after installing a firewall, this is probably the reason. You can try Telnet to this port on the user's computer to see if it will give you a SHELL. Connecting to a 600/pcserver also has this problem.

Port: 1600

Service: issd

Caption: Troy Shivka-burka opens this port.

Port: 1720

Service: NetMeeting

Description: NetMeeting H.233 call setup.

Port: 173 1

Service: NetMeeting audio call control

Description: NetMeeting audio call control.

Port: 1807

Service: [empty]

Caption: Troy Spisend opens this port.

Port: 198 1

Service: [empty]

Caption: Trojan shock opened this port.

Port: 1999

Service: Cisco Identification Port

Description: Trojan back door opens this port.

Port: 2000

Service: [empty]

Description: Trojan girlfriend 1.3 and Millennium 1.0 open this port.

Port: 200 1

Service: [empty]

Description: Trojan Millennium 1.0 and Trojan cows open this port.

Port: 2023

Service: xinuexpansion 4

Caption: Troy passes the ripper to open this port.

Port: 2049

Service: NFS

Description: NFS programs often run on this port. You usually need to visit the port mapper to find out which port the service is running on.

Port: 2 1 15

Service: [empty]

Description: Trojan bugs open this port.

Ports: 2 140, 3 150

Service: [empty]

Description: Trojan Deep Throat 1.0/3.0 Open this port.

Port: 2500

Service: RPC clients that use fixed port session replication.

Description: RPC client applying fixed port session replication.

Port: 2583

Service: [empty]

Description: Trojan Wincrash 2.0 opens this port.

Port: 280 1

Service: [empty]

Caption: Troy phineas Puke opened this port.

Ports: 3024, 4092

Service: [empty]

Caption: Troy Winchester opens this port.

Port: 3 128

Service: squid

Description: This is the default port of squid HTTP proxy server. Attackers scan this port to search for proxy servers and access the Internet anonymously. You will also see that ports 8000, 800 1, 8080 and 8888 are searching for other proxy servers. Another reason for scanning this port is that the user is entering a chat room. Other users will also check this port to determine whether the user's machine supports the agent.

Port: 3 129

Service: [empty]

Caption: Trojan Master Park opens this port.

Port: 3 150

Service: [empty]

Caption: Trojan invaders opened this port.

Ports: 32 10/0,4321

Service: [empty]

Description: Trojan school bus opens this port.

Port: 3333

Service: detailed description

Caption: Troy Maprothiak opened this port.

Port: 3389

Service: HyperTerminal

Description: WINDOWS 2000 terminal opens this port.

Port: 3700

Service: [empty]

Caption: The Doors of Troy opened this port.

Ports: 3996, 4060

Service: [empty]

Description: Trojan remote anything opens this port.

Port: 4000

Service: QQ client

Description: Tencent QQ client opens this port.

Port: 4092

Service: [empty]

Caption: Troy Winchester opens this port.

Port: 4590

Service: [empty]

Caption: Trojan ICQTrojan opened this port.

Ports: 5000,5001,532 1, 50505.

Service: [empty]

Description: Trojan blazer5 opens 5000 ports. Trojan Socket Company opened ports 5000, 500 1, 532 1 and 50505.

Port: 5400,5401,5402

Service: [empty]

Caption: Troy blade runner opens this port.

Port: 5550

Service: [empty]

Description: Trojan xtcp opens this port.

Port: 5569

Service: [empty]

Caption: Trojan robot hackers open this port.

Port: 5632

Service: pcAnywere

Note: Sometimes you will see many scans of this port, depending on the user's location. When a user opens pcAnywere, it will automatically scan the Class C network of the local area network for possible agents (the agent here refers to the agent, not the agent). Intruders will also look for computers that turn on this service. So you should check the source address of this scan. Some scan packets searching for pcAnywere usually contain UDP packets on port 22.

Port: 5742

Service: [empty]

Description: Trojan WinCrash 1.03 Open this port.

Port: 6267

Service: [empty]

Description: Trojans open this port to girls in Guangwai.

Port: 6400

Service: [empty]

Caption: Troy opened this port from east to west.

Port: 6670,6671

Service: [empty]

Description: Trojan deep throat opens port 6670. While deep throat 3.0 opens port 667 1.

Port: 6883

Service: [empty]

Caption: The Trojan Delta opened this port.

Port: 6969

Service: [empty]

Description: Trojan uninvited guests and give priority to opening this port.

Port: 6970

Service: real-time audio

Description: RealAudio client will receive audio data stream from UDP port of server 6970-7 170. This is set by the outgoing control connection of TCP-7070 port.

Port: 7000

Service: [empty]

Description: Trojan remote grab opens this port.

Ports: 7300, 730 1, 7306, 7307 and 7308.

Service: [empty]

Description: Trojan Network Monitor opens this port. In addition, NetSpy 1.0 also opens port 7306.

Port: 7323

Service: [empty]

Description: Sygate server.

Port: 7626

Service: [empty]

Caption: Troy Giesl opened the harbor.

Port: 7789

Service: [empty]

Caption: Troy Icole opened this port.

Port: 8000

Service: OICQ

Description: Tencent QQ server opens this port.

Port: 80 10

Service: wingate.

Description: Wingate proxy opens this port.

Port: 8080

Service: proxy port

Description: WWW proxy opens this port.

Port: 9400,9401,9402

Service: [empty]

Description: Trojan government 1.0 opens this port.

Ports: 9872, 9873, 9874, 9875, 10067, 10 167.

Service: [empty]

Caption: The Doors of Troy opened this port.

Port: 9989

Service: [empty]

Caption: Trojan iNi- Black Boy opens this port.

Port: 1 1000

Service: [empty]

Caption: Troy Sen Nasby opened the harbor.

Port: 1 1223

Service: [empty]

Description: Trojan opens this port.

Ports:12076,61466

Service: [empty]

Description: Trojan remote command opens this port.

Port: 12223

Service: [empty]

Description: Trojan hacker' 99 keyboard record opens this port.

Port: 12345, 12346

Service: [empty]

Description: Trojan network bus 1.60/ 1.70, GabanBus opens this port.

Port: 1236 1

Service: [empty]

Caption: Trojan whack-a-mole opened this port.

Port: 13223

Service: prayer ceremony

Description: PowWow is a tribal voice chat program. It allows users to open private chat connections at this port. This program is very aggressive in establishing connections. It will stay on this TCP port and wait for a response. Resulting in a connection request similar to a heartbeat interval. If a dial-up user inherits an IP address from another chatter, it will happen that many different people are testing this port. This protocol uses OPNG as the first 4 bytes of its connection request.

Port: 16969

Service: [empty]

Description: Trojan opens this port first.

Port: 17027

Service: conductor

Description: This is an outgoing connection. This is because someone inside the company has installed * * * enjoyment software that helps "adbot". Help * * * enjoy the software display advertising service. A popular software that uses this service is Pkware.

Port: 19 19 1

Service: [empty]

Caption: The blue flame of Troy opened this port.

Port: 20000,20001

Service: [empty]

Description: Trojan Millennium opens this port.

Port: 20034

Service: [empty]

Description: Trojan Network Bus Pro opens this port.

Port: 2 1554

Service: [empty]

Description: Trojan girlfriend opens this port.

Port: 22222

Service: [empty]

Caption: Troy Maprothiak opened this port.

Port: 23456

Service: [empty]

Description: Trojan's evil FTP and ugly FTP open this port.

Ports: 26274, 47262

Service: [empty]

Caption: The Trojan Delta opened this port.

Port: 27374

Service: [empty]

Description: Trojan Subeven 2. 1 Open this port.

Port: 30 100

Service: [empty]

Description: Trojan Cyberspace opens this port.

Port: 30303

Service: [empty]

Description: Trojan Socket23 opens this port.

Port: 30999

Service: [empty]

Description: Kuang Kai Port.

Ports: 3 1337, 3 1338

Service: [empty]

Description: Trombo (back hole) opens this port. In addition, the port of 3 1338 has been opened in Troy and Shenzhen.

Port: 3 1339

Service: [empty]

Description: Trojan NetSpy DK opens this port.

Port: 3 1666

Service: [empty]

Caption: Troy Burke opens this port.

Port: 33333

Service: [empty]

Caption: Troy Maprothiak opened this port.

Port: 34324

Service: [empty]

Description: Trojan Tiny Telnet server, BigGluck and TN open this port.

Port: 404 12

Service: [empty]

Caption: The spy Troy Horses opened the harbor.

Ports: 4042 1, 40422, 40423, 40426,

Service: [empty]

Caption: Master Troy Heaven opened this port.

Ports: 432 10/0,54321

Service: [empty]

Description: Trojan school bus 1.0/2.0 opens this port.

Port: 44445

Service: [empty]

Description: Trojan Happypig opens this port.

Port: 50766

Service: [empty]

Caption: Troy opened the port.

Port: 5300 1

Service: [empty]

Description: Trojan Remote Windows shuts down and opens this port.

Port: 65000

Service: [empty]

Description: Trojan Devil 1.03 Open this port.