Generates and replies with a stream of characters (TCP) or a packet containing characters (UDP).
By sending a specially-crafted SNMP SetRequest PDU sent to UDP port 16, a remote attacker could exploit this vulnerability to cause the application to crash.
Observer is vulnerable to a denial of service, caused by a NULL pointer dereference when copying an octet string from a variable binding list. It can be used to list active processes and who launched them on some UNIX machines. Rarely available because of security concerns. Port used by netstat (a variant of systat, see port 11). Different machines respond with slightly different date/time format, so port can be used to fingerprint machines. On UNIX, there are also local commands that show this information, such as systat or ps.ĭaytime service - responds with the current time of day. This service is rarely available anymore because of these security concerns. However, intruders will query the systat information in order to map out the system. The original intent for this was to make remote management of UNIX easier. On some UNIX machines, creating a TCP connection to this port will dump the active processes and who launched them. On certain versions of the Ascend operating system, the router can be forced to cause an internal error, resulting in the router rebooting.ĪT&T 5268ac router may listen on port 10 TCP This exploit kills Ascend routers by sending them a specially formatted malformed TCP packet. Railroad Tycoon 3 also uses this port (TCP). WOL (Wake on LAN) typically uses UDP port 7 or 9 (LANDESK uses port 0). The service listening at this port (both TCP and UDP) simply discards any input. LANDESK Management Suite uses port 0 for WOL.ĭiscard server - this protocol is only installed on machines for test purposes. WOL (Wake on LAN) typically uses UDP port 7 or 9. Part of this implementation includes bouncing packets off the echo port in order to test if the peers are alive.Īct P202S VoIP WiFi phone undocumented open port, multiple vulnerabilities. ICP - Internet Caching Protocol - This protocol is used by HTTP caching proxies in order to coordinate working together in a cluster. This feature can be used in many attacks, such as Smurf/Fraggle. Midnight Commander sometimes uses port 4/tcp as well.Įcho Service, somewhat outdated by ICMP echo. SFS uses NFS 3 as the underlying protocol for file access. SFS is a secure, global file system with completely decentralized control. Self-Certifying File System(SFS) sfssd acceps connections on TCP port 4 and passes them to the appropriate SFS daemon. Port 2 is also registered with IANA for compressnet management utility. Files: death.exe, config.cfgĪmerica's Army, Operation Flashpoint also use this port.
#Port forwarding network utilities crack windows
Trojans that use this port: Death remote access trojan (coded in VB, afects Windows 9x), port can be changed. Trojans that use this port: Breach.2001, SocketsDeTroie In the case of TCPMUX, however, after the "lookup" phase, all further communication continues to run over that port.īuiltins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1 (TCP/UDP). RFC1078 - TCPMUX acts much like Sun's portmapper, or Microsoft's end-point mapper in that it allows services to run on arbitrary ports. This service is almost never used in practice. Scans against this port are commonly used to test if a machine runs SGI Irix (as SGI is the only system that typically has this enabled). Backdoor.Sockets23, Lame, Backdoor.Kamikaze, IRC_trojan, TROJ_Backdoor, W32/Cheval.gen, coded in Delphi 3, 06.1998).
Sockets des Troie remote access trojan uses this port (a.k.a. TCP Port Service Multiplexer (IANA registered) Port 0 can be used by applications when calling the bind() command to request the next available dynamically allocated source port number. Some ISPs may block it because of exploits. It is sometimes used to fingerprint machines, because different operating systems respond to this port in different ways. Port 0 is reserved by IANA, it is technically invalid to use, but possible.