tcp514端口(tcp514端口是什么协议)
最后更新:2022-11-10 01:20:21 手机定位技术交流文章
如何实现集中式RSYSLOG服务器监控
安装RSYSLOG服务器这第一个部分描述的是如何搭建从客户端收集syslog数据的RSYSLOG服务器。在该例子中,我们的服务器名为rsyslog.domain.com,其固定IP地址为192.168.0.15。首先,我们安装一些依赖项。apt-get updateapt-get upgradeapt-get install rsyslog rsyslog-mysql unzip zip binutils cpp fetchmail flex gcc libarchive-zip-perl libc6-dev libcompress-zlib-perl libpcre3 libpopt-dev lynx m4 make ncftp nmap openssl perl perl-modules zlib1g-dev autoconf automake1.9 libtool bison autotools-dev g++ mysql-server mysql-client libmysqlclient15-dev apache2 apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libdb4.6-dev libapache2-mod-php5 php5 php5-common php5-curl php5-dev php5-gd php5-idn php-pear php5-imagick php5-imap php5-json php5-mcrypt php5-memcache php5-mhash php5-ming php5-mysql php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl安装过程中要求你输入MySQL服务器的密码时,创建一个密码!我的OpenVZ模板已准备好了一切,所以下面这个命令对你来说可能没有必要……apt-get install linux-kernel-headers确保相应服务已创建并运行起来……/etc/init.d/rsyslog restart/etc/init.d/mysql restart/etc/init.d/apache2 restart确保服务器在侦听合适的TCP IP端口(端口80和端口3306)。这时,RSYSLOG还没有侦听任何端口。rsyslog:~# netstat -tapnActive Internet connections (servers and established)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program nametcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 415/mysqldtcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 581/apache2然后,我们可以构建rsyslog数据库:mysqladmin -u root -p create rsyslog接下来,我们启动MySQL命令外壳程序,创建rsyslog用户:mysql -u root -pGRANT SELECT, INSERT, UPDATE, DELETE ON rsyslog.* TO 'rsyslog'@'localhost' IDENTIFIED BY 'ENTER-YOUR-NEW-RSYSLOG-PASSWORD-HERE';FLUSH PRIVILEGES;quit接下来,我们配置rsyslog服务器,以便侦听TCP端口514:vi /etc/rsyslog.conf添加这几行……(要记得将密码更改成你在创建MySQL服务器的rsyslog用户时输入的那个密码。)$ModLoad MySQL*.* >127.0.0.1,rsyslog,rsyslog,ENTER-YOUR-NEW-RSYSLOG-PASSWORD-HERE……并去掉处理TCP syslog接收的几行代码前面的注释。# rsyslog v3的/etc/rsyslog.conf配置文件## 想了解更多信息,请参阅/usr/share/doc/rsyslog-doc/html/rsyslog_conf.html$ModLoad MySQL*.* >127.0.0.1,rsyslog,rsyslog,ENTER-YOUR-NEW-RSYSLOG-PASSWORD-HERE##################### 模块 #####################$ModLoad imuxsock # 提供对本地系统日志的支持$ModLoad imklog # 提供内核日志支持(以前由rklogd来提供)#$ModLoad immark # 提供--MARK--息功能# 提供UDP syslog接收#$ModLoad imudp#$UDPServerRun 514# 提供TCP syslog接收$ModLoad imtcp$InputTCPServerRun 514############################### 全局指令 ###############################并重启rsyslog服务。/etc/init.d/rsyslog restart确保服务器在侦听合适的TCP IP端口。(端口80、端口514和端口3306。)rsyslog:~# netstat -tapnActive Internet connections (servers and established)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program nametcp 0 0 0.0.0.0:514 0.0.0.0:* LISTEN 618/rsyslogdtcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 415/mysqldtcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 581/apache2接着我们下载LogAnalyzer,并配置Apache web服务器,以便显示日志。cd /tmpwgethttp://download.adiscon.com/loganalyzer/loganalyzer-3.4.1.tar.gztar xvzf loganalyzer-3.4.1.tar.gzmv loganalyzer-3.4.1/ /var/www/cd /var/www接着我们为Apache web服务器配置www文件夹用户权限。chown www-data:www-data * . -Rf然后,我们对LogAnalyzer文件夹作了一些“改进”工作。mv loganalyzer-3.4.1/ loganalyzercd contrib/cp * ./../src/cd ./../src/sh ./configure.sh我们已准备使用我们的互联网服务器来输入LogAnalyzer的最后设置项。往你的互联网浏览器里面输入rsyslog服务器的固定IP地址,本文中是http://192.168.0.15/loganalyzer/src/install.php。运行简单的设置脚本(很简单,只要点击next -> next。)现在,你应该有了正常运行的rsyslog服务器,而且LogAnalyzer已创建并运行起来。接下来,我们配置RSYSLOG客户端,以便将其syslog数据发送到rsyslog服务器:配置RSYSLOG客户端我们要做的通常仅仅是配置rsyslog.conf文件,然后重启服务。(几乎所有Debian操作系统都预先安装了rsyslog。)vi /etc/rsyslog.conf添加万一网络连接中断要用到的work spool目录这几行,并将你的rsyslog服务器IP地址更改成192.168.0.15。(你可能还想要用mkdir命令来创建/rsyslog/work spool目录。)# 提供TCP syslog接收#$ModLoad imtcp#$InputTCPServerRun 514$WorkDirectory /rsyslog/work # work(spool)文件的默认位置$ActionQueueType LinkedList # 使用异步处理$ActionQueueFileName srvrfwd # 设置文件名称,还启用磁盘模式$ActionResumeRetryCount -1 # 插入失败后,无限次重试$ActionQueueSaveOnShutdown on # 如果rsyslog关闭,保存内存中数据*.* @@YOUR-RSYSLOG-SERVER-ADDRESS-HERE############################### 全局指令###############################并重启rsyslog服务。/etc/init.d/rsyslog restart服务器已通过合适的TCP IP端口(端口514)连接。root@ic1:~# netstat -tapnActive Internet connections (servers and established)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program nametcp 0 0 192.168.0.100:49188 192.168.0.15:514 ESTABLISHED 13289/rsyslogd这就是成功搭建的系统的样子。
51413端口是udp还是tcp
这种大数字的都是动态的,只有少数端口是强制指定的,比如80
TCP/IP的所有端口号功能
TCP 0= ReservedTCP 1=TCP Port Service MultiplexerTCP 2=Death TCP 5=Remote Job Entry,yoyoTCP 7=Echo TCP 11=Skun TCP 12=Bomber TCP 16=Skun TCP 17=Skun TCP 18=消息传输协议,skun TCP 19=Skun TCP 20=FTP Data,Amanda TCP 21=文件传输,Back Construction,Blade Runner,Doly Trojan,Fore,FTP trojan,Invisible FTP,Larva, WebEx,WinCrash TCP 22=远程登录协议 TCP 23=远程登录(Telnet),Tiny Telnet Server (= TTS) TCP 25=电子邮件(SMTP),Ajan,Antigen,Email Password Sender,Happy 99,Kuang2,ProMail trojan,Shtrilitz,Stealth,Tapiras,Terminator,WinPC,WinSpy,Haebu Coceda TCP 27=Assasin TCP 28=Amanda TCP 29=MSG ICP TCP 30=Agent 40421 TCP 31=Agent 31,Hackers Paradise,Masters Paradise,Agent 40421 TCP 37=Time,ADM worm TCP 39=SubSARI TCP 41=DeepThroat,Foreplay TCP 42=Host Name Server TCP 43=WHOIS TCP 44=Arctic TCP 48=DRAT TCP 49=主机登录协议 TCP 50=DRAT TCP 51=IMP Logical Address Maintenance,Fuck Lamers Backdoor TCP 52=MuSka52,Skun TCP 53=DNS,Bonk (DOS Exploit) TCP 54=MuSka52 TCP 58=DMSetup TCP 59=DMSetup TCP 63=whois++ TCP 64=Communications Integrator TCP 65=TACACS-Database Service TCP 66=Oracle SQL*NET,AL-Bareki TCP 67=Bootstrap Protocol Server TCP 68=Bootstrap Protocol Client TCP 69=W32.Evala.Worm,BackGate Kit,Nimda,Pasana,Storm,Storm worm,Theef,Worm.Cycle.a TCP 70=Gopher服务,ADM worm TCP 79=用户查询(Finger),Firehotcker,ADM worm TCP 80=超文本服务器(Http),Executor,RingZero TCP 81=Chubo,Worm.Bbeagle.q TCP 82=Netsky-Z TCP 88=Kerberos krb5服务 TCP 99=Hidden Port TCP 102=消息传输代理 TCP 108=SNA网关访问服务器 TCP 109=Pop2 TCP 110=电子邮件(Pop3),ProMail TCP 113=Kazimas, Auther Idnet TCP 115=简单文件传输协议 TCP 118=SQL Services, Infector 1.4.2 TCP 119=新闻组传输协议(Newsgroup(Nntp)), Happy 99 TCP 121=JammerKiller, Bo jammerkillah TCP 123=网络时间协议(NTP),Net Controller TCP 129=Password Generator Protocol TCP 133=Infector 1.x TCP 135=微软DCE RPC end-point mapper服务 TCP 137=微软Netbios Name服务(网上邻居传输文件使用) TCP 138=微软Netbios Name服务(网上邻居传输文件使用) TCP 139=微软Netbios Name服务(用于文件及打印机共享) TCP 142=NetTaxi TCP 143=IMAP TCP 146=FC Infector,Infector TCP 150=NetBIOS Session Service TCP 156=SQL服务器 TCP 161=Snmp TCP 162=Snmp-Trap TCP 170=A-Trojan TCP 177=X Display管理控制协议 TCP 179=Border网关协议(BGP) TCP 190=网关访问控制协议(GACP) TCP 194=Irc TCP 197=目录定位服务(DLS) TCP 256=Nirvana TCP 315=The Invasor TCP 371=ClearCase版本管理软件 TCP 389=Lightweight Directory Access Protocol (LDAP) TCP 396=Novell Netware over IP TCP 420=Breach TCP 421=TCP Wrappers TCP 443=安全服务 TCP 444=Simple Network Paging Protocol(SNPP) TCP 445=Microsoft-DS TCP 455=Fatal Connections TCP 456=Hackers paradise,FuseSpark TCP 458=苹果公司QuickTime TCP 513=Grlogin TCP 514=RPC Backdoor TCP 520=Rip TCP 531=Rasmin,Net666 TCP 544=kerberos kshell TCP 546=DHCP Client TCP 547=DHCP Server TCP 548=Macintosh文件服务 TCP 555=Ini-Killer,Phase Zero,Stealth Spy TCP 569=MSN TCP 605=SecretService TCP 606=Noknok8 TCP 660=DeepThroat TCP 661=Noknok8 TCP 666=Attack FTP,Satanz Backdoor,Back Construction,Dark Connection Inside 1.2 TCP 667=Noknok7.2 TCP 668=Noknok6 TCP 669=DP trojan TCP 692=GayOL TCP 707=Welchia,nachi TCP 777=AIM Spy TCP 808=RemoteControl,WinHole TCP 815=Everyone Darling TCP 901=Backdoor.Devil TCP 911=Dark Shadow TCP 990=ssl加密 TCP 993=IMAP TCP 999=DeepThroat TCP 1000=Der Spaeher TCP 1001=Silencer,WebEx,Der Spaeher TCP 1003=BackDoor TCP 1010=Doly TCP 1011=Doly TCP 1012=Doly TCP 1015=Doly TCP 1016=Doly TCP 1020=Vampire TCP 1023=Worm.Sasser.e
tcp通信中怎么获得客户端的端口号?
TCP端口就是为TCP协议通信提供服务的端口。TCP (Transmission Control Protocol) ,TCP是一种面向连接(连接导向)的、可靠的、基于字节流的运输层(Transport layer)通信协议,由IETF的RFC 793说明(specified)。在计算机网络OSI模型中,它完成第四层传输层所指定的功能,我们的电脑与网络连接的许多应用都是通过TCP端口实现的。获取端口号为两种,分别如下: 一、静态端口获取TCP 0= ReservedTCP 1=TCP Port Service MultiplexerTCP 2=DeathTCP 5=Remote Job Entry,yoyoTCP 7=EchoTCP 11=SkunTCP 12=BomberTCP 16=SkunTCP 17=SkunTCP 18=消息传输协议,skunTCP 19=SkunTCP 20=FTP Data,AmandaTCP 21=文件传输,Back Construction,Blade Runner,Doly Trojan,Fore,FTP trojan,Invisible FTP,Larva, WebEx,WinCrashTCP 22=远程登录协议TCP 23=远程登录(Telnet),Tiny Telnet Server (= TTS)TCP 25=电子邮件(SMTP),Ajan,Antigen,Email Password Sender,Happy 99,Kuang2,ProMail trojan,Shtrilitz,Stealth,Tapiras,Terminator,WinPC,WinSpy,Haebu CocedaTCP 27=AssasinTCP 28=AmandaTCP 29=MSG ICPTCP 30=Agent 40421TCP 31=Agent 31,Hackers Paradise,Masters Paradise,Agent 40421TCP 37=Time,ADM wormTCP 39=SubSARITCP 41=DeepThroat,ForeplayTCP 42=Host Name ServerTCP 43=WHOISTCP 44=ArcticTCP 48=DRATTCP 49=主机登录协议TCP 50=DRATTCP 51=IMP Logical Address Maintenance,Fuck Lamers BackdoorTCP 52=MuSka52,SkunTCP 53=DNS,Bonk (DOS Exploit)TCP 54=MuSka52TCP 58=DMSetupTCP 59=DMSetupTCP 63=whois++TCP 64=Communications IntegratorTCP 65=TACACS-Database ServiceTCP 66=Oracle SQL*NET,AL-BarekiTCP 67=Bootstrap Protocol ServerTCP 68=Bootstrap Protocol ClientTCP 69=W32.Evala.Worm,BackGate Kit,Nimda,Pasana,Storm,Storm worm,Theef,Worm.Cycle.aTCP 70=Gopher服务,ADM wormTCP 79=用户查询(Finger),Firehotcker,ADM wormTCP 80=超文本服务器(Http),Executor,RingZeroTCP 81=Chubo,Worm.Bbeagle.qTCP 82=Netsky-ZTCP 88=Kerberos krb5服务TCP 99=Hidden PortTCP 102=消息传输代理TCP 108=SNA网关访问服务器TCP 109=Pop2TCP 110=电子邮件(Pop3),ProMailTCP 113=Kazimas, Auther IdnetTCP 115=简单文件传输协议TCP 118=SQL Services, Infector 1.4.2TCP 119=新闻组传输协议(Newsgroup(Nntp)), Happy 99TCP 121=JammerKiller, Bo jammerkillahUDP 123=网络时间协议(NTP),Net ControllerTCP 129=Password Generator ProtocolTCP 133=Infector 1.xTCP 135=微软DCE RPC end-point mapper服务TCP 137=微软Netbios Name服务(网上邻居传输文件使用)TCP 138=微软Netbios Name服务(网上邻居传输文件使用)TCP 139=微软Netbios Name服务(用于文件及打印机共享)TCP 142=NetTaxiTCP 143=IMAPTCP 146=FC Infector,InfectorTCP 150=NetBIOS Session ServiceTCP 156=SQL服务器TCP 161=SnmpTCP 162=Snmp-TrapTCP 170=A-TrojanTCP 177=X Display管理控制协议TCP 179=Border网关协议(BGP)TCP 190=网关访问控制协议(GACP)TCP 194=IrcTCP 197=目录定位服务(DLS)TCP 256=NirvanaTCP 315=The InvasorTCP 371=ClearCase版本管理软件TCP 389=Lightweight Directory Access Protocol (LDAP)TCP 396=Novell Netware over IPTCP 420=BreachTCP 421=TCP WrappersTCP 443=安全服务TCP 444=Simple Network Paging Protocol(SNPP)TCP 445=Microsoft-DSTCP 455=Fatal ConnectionsTCP 456=Hackers paradise,FuseSparkTCP 458=苹果公司QuickTimeTCP 513=GrloginTCP 514=RPC BackdoorTCP 520=EFS (UDP520=RIP)TCP 531=Rasmin,Net666TCP 544=kerberos kshellTCP 546=DHCP ClientTCP 547=DHCP ServerTCP 548=Macintosh文件服务TCP 555=Ini-Killer,Phase Zero,Stealth SpyTCP 569=MSNTCP 605=SecretServiceTCP 606=Noknok8TCP 660=DeepThroatTCP 661=Noknok8TCP 666=Attack FTP,Satanz Backdoor,Back Construction,Dark Connection Inside 1.2TCP 667=Noknok7.2TCP 668=Noknok6TCP 669=DP trojanTCP 692=GayOLTCP 707=Welchia,nachiTCP 777=AIM SpyTCP 808=RemoteControl,WinHoleTCP 815=Everyone DarlingTCP 901=Backdoor.DevilTCP 911=Dark ShadowTCP 990=ssl加密TCP 993=IMAPTCP 999=DeepThroatTCP 1000=Der SpaeherTCP 1001=Silencer,WebEx,Der SpaeherTCP 1003=BackDoorTCP 1010=DolyTCP 1011=DolyTCP 1012=DolyTCP 1015=DolyTCP 1016=DolyTCP 1020=VampireTCP 1023=Worm.Sasser.eTCP 1024=NetSpy.698(YAI)2二、动态端口获取TCP 1059=nimregTCP 1025=NetSpy.698,Unused Windows Services BlockTCP 1026=Unused Windows Services BlockTCP 1027=Unused Windows Services BlockTCP 1028=Unused Windows Services BlockTCP 1029=Unused Windows Services BlockTCP 1030=Unused Windows Services BlockTCP 1033=NetspyTCP 1035=MultidropperTCP 1042=BlaTCP 1045=RasminTCP 1047=GateCrasherTCP 1050=MiniCommandTCP 1069=Backdoor.TheefServer.202TCP 1070=Voice,Psyber Stream Server,Streaming Audio TrojanTCP 1080=Wingate,Worm.BugBear.B,Worm.Novarg.BTCP 1090=Xtreme, VDOLiveTCP 1092=LoveGateTCP 1095=RatTCP 1097=RatTCP 1098=RatTCP 1099=RatTCP 1110=nfsd-keepaliveTCP 1111=Backdoor.AIMVisionTCP 1155=Network File AccessTCP 1170=Psyber Stream Server,Streaming Audio trojan,VoiceTCP 1200=NoBackOTCP 1201=NoBackOTCP 1207=SoftwarTCP 1212=Nirvana,Visul KillerTCP 1234=UltorsTCP 1243=BackDoor-G, SubSeven, SubSeven ApocalypseTCP 1245=VooDoo DollTCP 1269=Mavericks MatrixTCP 1313=NirvanaTCP 1349=BioNetTCP 1433=Microsoft SQL服务TCP 1441=Remote StormTCP 1492=FTP99CMP(BackOriffice.FTP)TCP 1503=NetMeeting T.120TCP 1509=Psyber Streaming ServerTCP 1600=Shivka-BurkaTCP 1703=Exloiter 1.1TCP 1720=NetMeeting H.233 call SetupTCP 1731=NetMeeting音频调用控制TCP 1807=SpySenderTCP 1966=Fake FTP 2000TCP 1976=Custom portTCP 1981=ShockraveTCP 1990=stun-p1 cisco STUN Priority 1 portTCP 1990=stun-p1 cisco STUN Priority 1 portTCP 1991=stun-p2 cisco STUN Priority 2 portTCP 1992=stun-p3 cisco STUN Priority 3 port,ipsendmsg IPsendmsgTCP 1993=snmp-tcp-port cisco SNMP TCP portTCP 1994=stun-port cisco serial tunnel portTCP 1995=perf-port cisco perf portTCP 1996=tr-rsrb-port cisco Remote SRB portTCP 1997=gdp-port cisco Gateway Discovery ProtocolTCP 1998=x25-svc-port cisco X.25 service (XOT)TCP 1999=BackDoor, TransScoutTCP 2000=Der Spaeher,INsane NetworkTCP 2002=W32.Beagle. AX mmTCP 2001=Transmisson scoutTCP 2002=Transmisson scoutTCP 2003=Transmisson scoutTCP 2004=Transmisson scoutTCP 2005=TTransmisson scoutTCP 2011=cypressTCP 2015=raid-csTCP 2023=Ripper,Pass Ripper,Hack City Ripper ProTCP 2049=NFSTCP 2115=BugsTCP 2121=NirvanaTCP 2140=Deep Throat, The InvasorTCP 2155=NirvanaTCP 2208=RuXTCP 2255=Illusion MailerTCP 2283=HVL Rat5TCP 2300=PC ExplorerTCP 2311=Studio54TCP 2556=Worm.Bbeagle.qTCP 2565=StrikerTCP 3210=SchoolBusTCP 3332=Worm.Cycle.aTCP 3333=ProsiakTCP 3389=超级终端TCP 3456=TerrorTCP 3459=Eclipse 2000TCP 3700=Portal of DoomTCP 4500=W32.HLLW.TufasTCP 5190=ICQ QueryTCP 5321=FirehotckerTCP 5333=Backage Trojan Box 3TCP 5343=WCratTCP 5400=Blade Runner, BackConstruction1.2TCP 5401=Blade Runner,Back ConstructionTCP 5402=Blade Runner,Back ConstructionTCP 5471=WinCrashTCP 5512=Illusion MailerTCP 5521=Illusion MailerTCP 5550=Xtcp,INsane NetworkTCP 5554=Worm.SasserTCP 5555=ServeMeTCP 5556=BO FacilTCP 5557=BO FacilTCP 5569=Robo-HackTCP 5598=BackDoor 2.03TCP 5631=PCAnyWhere dataTCP 5632=PCAnyWhereTCP 5637=PC CrasherTCP 5638=PC CrasherTCP 5698=BackDoorTCP 5714=Wincrash3TCP 5741=WinCrash3TCP 5742=WinCrashTCP 5760=Portmap Remote Root Linux ExploitTCP 5880=Y3K RATTCP 5881=Y3K RATTCP 5882=Y3K RATTCP 5888=Y3K RATTCP 5889=Y3K RATTCP 5900=WinVncTCP 6000=Backdoor.ABTCP 6006=Noknok8TCP 6129=Dameware Nt Utilities服务器TCP 6272=SecretServiceTCP 6267=广外女生TCP 6400=Backdoor.AB,The ThingTCP 6500=Devil 1.03TCP 6661=TemanTCP 6666=TCPshell.cTCP 6667=NT Remote Control,Wise 播放器接收端口TCP 6668=Wise Video广播端口TCP 6669=VampyreTCP 6670=DeepThroat,iPhoneTCP 6671=Deep Throat 3.0TCP 6711=SubSevenTCP 6712=SubSeven1.xTCP 6713=SubSevenTCP 6723=MstreamTCP 6767=NT Remote ControlTCP 6771=DeepThroatTCP 6776=BackDoor-G,SubSeven,2000 CracksTCP 6777=Worm.BBeagleTCP 6789=Doly TrojanTCP 6838=MstreamTCP 6883=DeltaSourceTCP 6912=Shit HeepTCP 6939=IndoctrinationTCP 6969=GateCrasher, Priority, IRC 3TCP 6970=RealAudio,GateCrasherTCP 7000=Remote Grab,NetMonitor,SubSeven1.xTCP 7001=Freak88TCP 7201=NetMonitorTCP 7215=BackDoor-G, SubSevenTCP 7001=Freak88,Freak2kTCP 7300=NetMonitorTCP 7301=NetMonitorTCP 7306=NetMonitor,NetSpy 1.0TCP 7307=NetMonitor, ProcSpyTCP 7308=NetMonitor, X SpyTCP 7323=Sygate服务器端TCP 7424=Host ControlTCP 7511=聪明基因TCP 7597=QazTCP 7609=Snid X2TCP 7626=冰河TCP 7777=The ThingTCP 7789=Back Door Setup, ICQKillerTCP 7983=MstreamTCP 8000=腾讯OICQ服务器端,XDMATCP 8010=Wingate,LogfileTCP 8011=WAY2.4TCP 8080=WWW 代理,Ring Zero,Chubo,Worm.Novarg.BTCP 8102=网络神偷TCP 8181=W32.Erkez.DmmTCP 8520=W32.Socay.WormTCP 8594=I-Worm/Bozori.aTCP 8787=BackOfrice 2000TCP 8888=WinvncTCP 8897=Hack Office,ArmageddonTCP 8989=ReconTCP 9000=NetministratorTCP 9325=MstreamTCP 9400=InCommand 1.0TCP 9401=InCommand 1.0TCP 9402=InCommand 1.0TCP 9872=Portal of DoomTCP 9873=Portal of DoomTCP 9874=Portal of DoomTCP 9875=Portal of DoomTCP 9876=Cyber AttackerTCP 9878=TransScoutTCP 9989=Ini-KillerTCP 9898=Worm.Win32.Dabber.aTCP 9999=Prayer TrojanTCP 10000=webmin管理端口TCP 10067=Portal of DoomTCP 10080=Worm.Novarg.BTCP 10084=SyphillisTCP 10085=SyphillisTCP 10086=SyphillisTCP 10101=BrainSpyTCP 10167=Portal Of DoomTCP 10168=Worm.Supnot.78858.c,Worm.LovGate.TTCP 10520=Acid ShiversTCP 10607=Coma trojanTCP 10666=AmbushTCP 11000=Senna SpyTCP 11050=Host ControlTCP 11051=Host ControlTCP 11223=Progenic,Hack ’99KeyLoggerTCP 11831=TROJ_LATINUS.SVRTCP 12076=Gjamer, MSH.104bTCP 12223=Hack’99 KeyLoggerTCP 12345=GabanBus, NetBus 1.6/1.7, Pie Bill Gates, X-billTCP 12346=GabanBus, NetBus 1.6/1.7, X-billTCP 12349=BioNetTCP 12361=Whack-a-moleTCP 12362=Whack-a-moleTCP 12363=Whack-a-moleTCP 12378=W32/GibeMTCP 12456=NetBusTCP 12623=DUN ControlTCP 12624=ButtmanTCP 12631=WhackJob, WhackJob.NB1.7TCP 12701=Eclipse2000TCP 12754=MstreamTCP 13000=Senna SpyTCP 13010=Hacker BrazilTCP 13013=PsychwardTCP 13223=Tribal Voice的聊天程序PowWowTCP 13700=Kuang2 The VirusTCP 14456=SoleroTCP 14500=PC InvaderTCP 14501=PC InvaderTCP 14502=PC InvaderTCP 14503=PC InvaderTCP 15000=NetDaemon 1.0TCP 15092=Host Control TCP 15104=Mstream
在连接建立以后 getsockname可取得本地的连接信息.包括端口号.
在连接建立以后 getsockname可取得本地的连接信息.包括端口号.
各个端口都代表什么意思?
按照端口号的大小分类,可分为如下几类 :(1)公认端口(WellKnownPorts):从0到1023,它们紧密绑定(binding)于一些服务。通常这些端口的通讯明确表明了某种服务的协议。例如:80端口实际上总是HTTP通讯。(2)注册端口(RegisteredPorts):从1024到49151。它们松散地绑定于一些服务。也就是说有许多服务绑定于这些端口,这些端口同样用于许多其它目的。例如:许多系统处理动态端口从1024左右开始。(3)动态和/或私有端口(Dynamicand/orPrivatePorts):从49152到65535。理论上,不应为服务分配这些端口。实际上,机器通常从1024起分配动态端口。但也有例外:SUN的RPC端口从32768开始。扩展资料各种服务常用端口号:1,HTTP协议代理服务器常用端口号:80/8080/3128/8081/90982,SOCKS代理协议服务器常用端口号:10803,FTP(文件传输)协议代理服务器常用端口号:214,Telnet(远程登录)协议代理服务器常用端口号:235,HTTP服务器,默认端口号为80/tcp(木马Executor开放此端口)6,HTTPS(securely transferring web pages)服务器,默认端口号为443/tcp 443/udp7,Telnet(不安全的文本传送),默认端口号为23/tcp(木马Tiny Telnet Server所开放的端口)8,FTP,默认的端口号为21/tcp(木马Doly Trojan、Fore、Invisible FTP、WebEx、WinCrash和Blade Runner所开放的端口)9,TFTP(Trivial File Transfer Protocol),默认端口号为69/udp10,SSH(安全登录)、SCP(文件传输)、端口号重定向,默认的端口号为22/tcp11,SMTP Simple Mail Transfer Protocol(E-mail),默认端口号为25/tcp(木马Antigen、Email Password Sender、Haebu Coceda、Shtrilitz Stealth、WinPC、WinSpy都开放这个端口)12,POP3 Post Office Protocol(E-mail),默认端口号为110/tcp13,Webshpere应用程序,默认端口号为908014,webshpere管理工具,默认端口号909015,JBOSS,默认端口号为808016,TOMCAT,默认端口号为808017,WIN2003远程登录,默认端口号为338918,Symantec AV/Filter for MSE,默认端口号为 808119,Oracle 数据库,默认的端口号为152120,ORACLE EMCTL,默认的端口号为115821,Oracle XDB(XML 数据库),默认的端口号为808022,Oracle XDB FTP服务,默认的端口号为210023,MS SQL*SERVER数据库server,默认的端口号为1433/tcp 1433/udp24,MS SQL*SERVER数据库monitor,默认的端口号为1434/tcp 1434/udp
按照端口号的大小分类,可分为如下几类 :(1)公认端口(WellKnownPorts):从0到1023,它们紧密绑定(binding)于一些服务。通常这些端口的通讯明确表明了某种服务的协议。例如:80端口实际上总是HTTP通讯。(2)注册端口(RegisteredPorts):从1024到49151。它们松散地绑定于一些服务。也就是说有许多服务绑定于这些端口,这些端口同样用于许多其它目的。例如:许多系统处理动态端口从1024左右开始。(3)动态和/或私有端口(Dynamicand/orPrivatePorts):从49152到65535。理论上,不应为服务分配这些端口。实际上,机器通常从1024起分配动态端口。但也有例外:SUN的RPC端口从32768开始。各种服务常用端口号:1,HTTP协议代理服务器常用端口号:80/8080/3128/8081/90982,SOCKS代理协议服务器常用端口号:10803,FTP(文件传输)协议代理服务器常用端口号:214,Telnet(远程登录)协议代理服务器常用端口号:235,HTTP服务器,默认端口号为80/tcp(木马Executor开放此端口)6,HTTPS(securely transferring web pages)服务器,默认端口号为443/tcp 443/udp7,Telnet(不安全的文本传送),默认端口号为23/tcp(木马Tiny Telnet Server所开放的端口)8,FTP,默认的端口号为21/tcp(木马Doly Trojan、Fore、Invisible FTP、WebEx、WinCrash和Blade Runner所开放的端口)9,TFTP(Trivial File Transfer Protocol),默认端口号为69/udp10,SSH(安全登录)、SCP(文件传输)、端口号重定向,默认的端口号为22/tcp11,SMTP Simple Mail Transfer Protocol(E-mail),默认端口号为25/tcp(木马Antigen、Email Password Sender、Haebu Coceda、Shtrilitz Stealth、WinPC、WinSpy都开放这个端口)12,POP3 Post Office Protocol(E-mail),默认端口号为110/tcp13,Webshpere应用程序,默认端口号为908014,webshpere管理工具,默认端口号909015,JBOSS,默认端口号为808016,TOMCAT,默认端口号为808017,WIN2003远程登录,默认端口号为338918,Symantec AV/Filter for MSE,默认端口号为 808119,Oracle 数据库,默认的端口号为152120,ORACLE EMCTL,默认的端口号为115821,Oracle XDB(XML 数据库),默认的端口号为808022,Oracle XDB FTP服务,默认的端口号为210023,MS SQL*SERVER数据库server,默认的端口号为1433/tcp 1433/udp24,MS SQL*SERVER数据库monitor,默认的端口号为1434/tcp 1434/udp
1 tcpmux TCP Port Service Multiplexer 传输控制协议端口服务多路开关选择器 2 compressnet Management Utility compressnet 管理实用程序3 compressnet Compression Process 压缩进程5 rje Remote Job Entry 远程作业登录7 echo Echo 回显9 discard Discard 丢弃11 systat Active Users 在线用户13 daytime Daytime时间17 qotd Quote of the Day每日引用18 msp Message Send Protocol消息发送协议19 chargen Character Generator 字符发生器20 ftp-data File Transfer[Default Data]文件传输协议(默认数据口)21 ftp File Transfer[Control]文件传输协议(控制)22 ssh SSH Remote Login Protocol SSH远程登录协议23 telnet Telnet 终端仿真协议24 any private mail system预留给个人用邮件系统25 smtp Simple Mail Transfer简单邮件发送协议27 nsw-fe NSW User System FENSW 用户系统现场工程师29 msg-icp MSG ICPMSG ICP31 msg-auth MSG Authentication MSG验证33 dsp Display Support Protocol 显示支持协议35 any private printer server 预留给个人打印机服务37 time Time 时间38 rap Route Access Protocol路由访问协议39 rlp Resource Location Protocol 资源定位协议41 graphics Graphics 图形42 nameserver WINS Host Name Server WINS 主机名服务43 nicname Who Is "绰号" who is服务44 mpm-flags MPM FLAGS Protocol MPM(消息处理模块)标志协议45 mpm Message Processing Module [recv]消息处理模块46 mpm-snd MPM [default send]消息处理模块(默认发送口)47 ni-ftp NI FTP NI FTP48 auditd Digital Audit Daemon 数码音频后台服务49 tacacs Login Host Protocol (TACACS)TACACS登录主机协议50 re-mail-ck Remote Mail Checking Protocol远程邮件检查协议[未结束]51 la-maint IMP Logical Address MaintenanceIMP(接口信息处理机)逻辑地址维护52 xns-time XNS Time Protocol施乐网络服务系统时间协议53 domain Domain Name Server域名服务器54 xns-ch XNS Clearinghouse 施乐网络服务系统票据交换 55 isi-gl ISI Graphics Language ISI图形语言56 xns-auth XNS Authentication 施乐网络服务系统验证57 ? any private terminal access 预留个人用终端访问58 xns-mail XNS Mail 施乐网络服务系统邮件59 any private file service预留个人文件服务60 Unassigned未定义61 ni-mail NI MAILNI邮件?62 acas ACA Services 异步通讯适配器服务63 whois+ whois+WHOIS+64 covia Communications Integrator (CI)通讯接口65 tacacs-ds TACACS-Database Service TACACS数据库服务66 sql*net Oracle SQL*NETOracle SQL*NET67 bootps Bootstrap Protocol Server 引导程序协议服务端68 bootpc Bootstrap Protocol Client 引导程序协议客户端69 tftp Trivial File Transfer小型文件传输协议70 gopher Gopher 信息检索协议71 netrjs-1 Remote Job Service 远程作业服务72 netrjs-2 Remote Job Service 远程作业服务73 netrjs-3 Remote Job Service 远程作业服务74 netrjs-4 Remote Job Service 远程作业服务75 any private dial out service 预留给个人拨出服务76 deos Distributed External Object Store 分布式外部对象存储77 any private RJE service 预留给个人远程作业输入服务78 vettcp vettcp 修正TCP?79 finger Finger 查询远程主机在线用户等信息80 http World Wide Web HTTP 全球信息网超文本传输协议 81 hosts2-ns HOSTS2 Name Server HOST2名称服务82 xfer XFER Utility 传输实用程序83 mit-ml-dev MIT ML Device 模块化智能终端ML设备84 ctf Common Trace Facility公用追踪设备85 mit-ml-dev MIT ML Device 模块化智能终端ML设备86 mfcobol Micro Focus CobolMicro Focus Cobol编程语言87 any private terminal link 预留给个人终端连接88 kerberos Kerberos Kerberros安全认证系统89 su-mit-tg SU/MIT Telnet Gateway SU/MIT终端仿真网关90 dnsix DNSIX Securit Attribute Token MapDNSIX 安全属性标记图91 mit-dov MIT Dover SpoolerMIT Dover假脱机92 npp Network Printing Protocol 网络打印协议93 dcp Device Control Protocol 设备控制协议94 objcall Tivoli Object Dispatcher Tivoli对象调度95 supdupSUPDUP96 dixie DIXIE Protocol Specification DIXIE协议规范97 swift-rvf(Swift Remote Virtural File Protocol)快速远程虚拟文件协议98 tacnews TAC NewsTAC新闻协议99 metagram metagram Relay100 newacct [unauthorized use]101=NIC Host Name Server102=ISO-TSAP103=Genesis Point-to-Point Trans Net104=ACR-NEMA Digital Imag. & Comm. 300105=Mailbox Name Nameserver106=3COM-TSMUX3com-tsmux107=Remote Telnet Service108=SNA Gateway Access Server109=Post Office Protocol - Version 2110=Post Office Protocol - Version 3111=SUN RPC112=McIDAS Data Transmission Protocol113=Authentication Service114=Audio News Multicast115=Simple File Transfer Protocol116=ANSA REX Notify117=UUCP Path Service118=SQL Servicessqlserv119=Network News Transfer Protocol120=CFDPTKTcfdptkt121=Encore Expedited Remote Pro.Call122=SMAKYNETsmakynet123=Network Time Protocol124=ANSA REX Trader125=Locus PC-Interface Net Map Ser126=Unisys Unitary Login127=Locus PC-Interface Conn Server128=GSS X License Verification129=Password Generator Protocol130=cisco FNATIVE131=cisco TNATIVE132=cisco SYSMAINT133=Statistics Service134=INGRES-NET Service135=Location Service136=PROFILE Naming System137=NETBIOS Name Service138=NETBIOS Datagram Service139=NETBIOS Session Service140=EMFIS Data Service141=EMFIS Control Service142=Britton-Lee IDM143=Interim Mail Access Protocol v2144=NewSnews145=UAAC Protocoluaac146=ISO-IP0iso-tp0147=ISO-IPiso-ip148=CRONUS-SUPPORT149=AED 512 Emulation Service150=SQL-NETsql-net151=HEMShems152=Background File Transfer Program153=SGMPsgmp154=NETSCnetsc-prod155=NETSCnetsc-dev156=SQL Service157=KNET/VM Command/Message Protocol158=PCMail Serverpcmail-srv159=NSS-Routingnss-routing160=SGMP-TRAPSsgmp-traps161=SNMP162=SNMP TRAP163=CMIP/TCP Manager164=CMIP/TCP Agent165=Xeroxxns-courier166=Sirius Systems167=NAMPnamp168=RSVDrsvd169=Send170=Network Postscript170=Network Postscript171=Network Innovations Multiplex172=Network Innovations CL/1173=Xyplexxyplex-mux174=MAILQ175=VMNET176=GENRAD-MUXgenrad-mux177=X Display Manager Control Protocol178=NextStep Window Server179=Border Gateway Protocol180=Intergraphris181=Unifyunify182=Unisys Audit SITP183=OCBinderocbinder184=OCServerocserver185=Remote-KIS186=KIS Protocolkis187=Application Communication Interface188=Plus Five401=Uninterruptible Power Supply402=Genie Protocol403=decapdecap404=ncednced405=ncldncld406=Interactive Mail Support Protocol407=Timbuktutimbuktu408=Prospero Resource Manager Sys. Man.409=Prospero Resource Manager Node Man.410=DECLadebug Remote Debug Protocol411=Remote MT Protocol412=Trap Convention Port413=SMSPsmsp414=InfoSeekinfoseek415=BNetbnet416=Silverplattersilverplatter417=Onmuxonmux418=Hyper-Ghyper-g419=Arielariel1420=SMPTEsmpte421=Arielariel2422=Arielariel3423=IBM Operations Planning and Control Start424=IBM Operations Planning and Control Track425=ICADicad-el426=smartsdpsmartsdp427=Server Location429=OCS_AMU430=UTMPSDutmpsd431=UTMPCDutmpcd432=IASDiasd433=NNSPnnsp434=MobileIP-Agent435=MobilIP-MN436=DNA-CMLdna-cml437=comscmcomscm439=dasp, Thomas Obermair440=sgcpsgcp441=decvms-sysmgtdecvms-sysmgt442=cvc_hostdcvc_hostd443=https444=Simple Network Paging Protocol445=Microsoft-DS446=DDM-RDBddm-rdb447=DDM-RFMddm-dfm448=DDM-BYTEddm-byte449=AS Server Mapper450=TServertserver512=exec, Remote process execution513=login, remote login514=cmd, exec with auto auth.514=syslog515=Printer spooler516=Unassigned517=talk519=unixtime520=extended file name server521=Unassigned522=Unassigned523=Unassigned524=Unassigned526=newdate530=rpc courier531=chatconference532=readnewsnetnews533=for emergency broadcasts539=Apertus Technologies Load Determination540=uucp541=uucp-rlogin542=Unassigned543=klogin544=kshell545=Unassigned546=Unassigned547=Unassigned548=Unassigned549=Unassigned550=new-who551=Unassigned552=Unassigned553=Unassigned554=Unassigned555=dsf556=remotefs557-559=rmonitor560=rmonitord561=dmonitor562=chcmd563=Unassigned564=plan 9 file service565=whoami566-569 Unassigned570=demonmeter571=udemonmeter572-599 Unassigned ipc server600=Sun IPC server607=nqs606=Cray Unified Resource Manager608=Sender-Initiated/Unsolicited File Transfer609=npmp-trapnpmp-trap610=npmp-localnpmp-local611=npmp-guinpmp-gui634=ginadginad666=Doom Id Software704=errlog copy/server daemon709=EntrustManager729=IBM NetView DM/6000 Server/Client730=IBM NetView DM/6000 send/tcp731=IBM NetView DM/6000 receive/tcp741=netGWnetgw742=Network based Rev. Cont. Sys.744=Flexible License Manager747=Fujitsu Device Control748=Russell Info Sci Calendar Manager749=kerberos administration751=pump752=qrh754=send758=nlogin759=con760=ns762=quotad763=cycleserv765=webster767=phonephonebook769=vid771=rtip772=cycleserv2774=acmaint_dbd775=acmaint_transd780=wpgs786=Concertconcert800=mdbs_daemon996=Central Point Software997=maitrd999=puprouter1023=Reserved 注册端口(Registered Ports):从1024到49151。它们松散地绑定于一些服务。也就是说有许多服务绑定于这些端口,这些端口同样用于许多其它目的。例如:许多系统处理动态端口从1024左右开始。1025=network blackjack1030=BBN IAD1031=BBN IAD1032=BBN IAD1067=Installation Bootstrap Proto. Serv.1068=Installation Bootstrap Proto. Cli.1080=SOCKS1083=Anasoft License Manager1084=Anasoft License Manager1155=Network File Access1222=SNI R&D network1248=hermes1346=Alta Analytics License Manager1347=multi media conferencing1347=multi media conferencing1348=multi media conferencing1349=Registration Network Protocol1350=Registration Network Protocol1351=Digital Tool Works (MIT)1352=/Lotus Notelotusnote1353=Relief Consulting1354=RightBrain Software1355=Intuitive Edge1356=CuillaMartin Company1357=Electronic PegBoard1358=CONNLCLIconnlcli1359=FTSRVftsrv1360=MIMERmimer1361=LinX1362=TimeFliestimeflies1363=Network DataMover Requester1364=Network DataMover Server1365=Network Software Associates1366=Novell NetWare Comm Service Platform1367=DCSdcs1368=ScreenCastscreencast1369=GlobalView to Unix Shell1370=Unix Shell to GlobalView1371=Fujitsu Config Protocol1372=Fujitsu Config Protocol1373=Chromagrafxchromagrafx1374=EPI Software Systems1375=Bytexbytex1376=IBM Person to Person Software1377=Cichlid License Manager1378=Elan License Manager1379=Integrity Solutions1380=Telesis Network License Manager1381=Apple Network License Manager1382=udt_os1383=GW Hannaway Network License Manager1384=Objective Solutions License Manager1385=Atex Publishing License Manager1386=CheckSum License Manager1387=Computer Aided Design Software Inc LM1388=Objective Solutions DataBase Cache1389=Document Manager1390=Storage Controller1391=Storage Access Server1392=Print Managericlpv-pm1393=Network Log Server1394=Network Log Client1395=PC Workstation Manager software1396=DVL Active Mail1397=Audio Active Mail1398=Video Active Mail1399=Cadkey License Manager1400=Cadkey Tablet Daemon1401=Goldleaf License Manager1402=Prospero Resource Manager1403=Prospero Resource Manager1404=Infinite Graphics License Manager1405=IBM Remote Execution Starter1406=NetLabs License Manager1407=DBSA License Manager1408=Sophia License Manager1409=Here License Manager1410=HiQ License Manager1411=AudioFileaf1412=InnoSysinnosys1413=Innosys-ACLinnosys-acl1414=IBM MQSeriesibm-mqseries1415=DBStardbstar1416=Novell LU6.2novell-lu6.21417=Timbuktu Service 1 Port1417=Timbuktu Service 1 Port1418=Timbuktu Service 2 Port1419=Timbuktu Service 3 Port1420=Timbuktu Service 4 Port1421=Gandalf License Manager1422=Autodesk License Manager1423=Essbase Arbor Software1424=Hybrid Encryption Protocol1425=Zion Software License Manager1426=Satellite-data Acquisition System 11427=mloadd monitoring tool1428=Informatik License Manager1429=Hypercom NMSnms1430=Hypercom TPDUtpdu1431=Reverse Gosip Transport1432=Blueberry Software License Manager1433=Microsoft-SQL-Server1434=Microsoft-SQL-Monitor1435=IBM CISCibm-cics1436=Satellite-data Acquisition System 21437=Tabulatabula1438=Eicon Security Agent/Server1439=Eicon X25/SNA Gateway1440=Eicon Service Location Protocol1441=Cadis License Management1442=Cadis License Management1443=Integrated Engineering Software1444=Marcam License Management1445=Proxima License Manager1446=Optical Research Associates License Manager1447=Applied Parallel Research LM1448=OpenConnect License Manager1449=PEportpeport1450=Tandem Distributed Workbench Facility1451=IBM Information Management1452=GTE Government Systems License Man1453=Genie License Manager1454=interHDL License Manager1454=interHDL License Manager1455=ESL License Manager1456=DCAdca1457=Valisys License Manager1458=Nichols Research Corp.1459=Proshare Notebook Application1460=Proshare Notebook Application1461=IBM Wireless LAN1462=World License Manager1463=Nucleusnucleus1464=MSL License Manager1465=Pipes Platform1466=Ocean Software License Manager1467=CSDMBASEcsdmbase1468=CSDMcsdm1469=Active Analysis Limited License Manager1470=Universal Analytics1471=csdmbasecsdmbase1472=csdmcsdm1473=OpenMathopenmath1474=Telefindertelefinder1475=Taligent License Manager1476=clvm-cfgclvm-cfg1477=ms-sna-server1478=ms-sna-base1479=dberegisterdberegister1480=PacerForumpacerforum1481=AIRSairs1482=Miteksys License Manager1483=AFS License Manager1484=Confluent License Manager1485=LANSourcelansource1486=nms_topo_serv1487=LocalInfoSrvr1488=DocStordocstor1489=dmdocbrokerdmdocbroker1490=insitu-confinsitu-conf1491=anynetgateway1492=stone-design-11493=netmap_lmnetmap_lm1494=icaica1495=cvccvc1496=liberty-lmliberty-lm1497=rfx-lmrfx-lm1498=Watcom-SQLwatcom-sql1499=Federico Heinz Consultora1500=VLSI License Manager1501=Satellite-data Acquisition System 31502=Shivashivadiscovery1503=Databeamimtc-mcs1504=EVB Software Engineering License Manager1505=Funk Software, Inc.1524=ingres1525=oracle1525=Prospero Directory Service non-priv1526=Prospero Data Access Prot non-priv1527=oracletlisrv1529=oraclecoauthor1600=issd1651=proshare conf audio1652=proshare conf video1653=proshare conf data1654=proshare conf request1655=proshare conf notify1661=netview-aix-1netview-aix-11662=netview-aix-2netview-aix-21663=netview-aix-3netview-aix-31664=netview-aix-4netview-aix-41665=netview-aix-5netview-aix-51666=netview-aix-6netview-aix-61986=cisco license management1987=cisco RSRB Priority 1 port1988=cisco RSRB Priority 2 port1989=cisco RSRB Priority 3 port1989=MHSnet systemmshnet1990=cisco STUN Priority 1 port1991=cisco STUN Priority 2 port1992=cisco STUN Priority 3 port1992=IPsendmsgipsendmsg1993=cisco SNMP TCP port1994=cisco serial tunnel port1995=cisco perf port1996=cisco Remote SRB port1997=cisco Gateway Discovery Protocol1998=cisco X.25 service (XOT)1999=cisco identification port2009=whosockami2010=pipe_server2011=raid2012=raid-ac2013=rad-am2015=raid-cs2016=bootserver2017=terminaldb2018=rellpack2019=about2019=xinupageserver2020=xinupageserver2021=xinuexpansion12021=down2022=xinuexpansion22023=xinuexpansion32023=xinuexpansion42024=xinuexpansion42025=xribs2026=scrabble2027=shadowserver2028=submitserver2039=device22032=blackboard2033=glogger2034=scoremgr2035=imsldoc2038=objectmanager2040=lam2041=interbase2042=isis2043=isis-bcast2044=primsl2045=cdfunc2047=dls2048=dls-monitor2065=Data Link Switch Read Port Number2067=Data Link Switch Write Port Number2201=Advanced Training System Program2500=Resource Tracking system server2501=Resource Tracking system client2564=HP 3000 NS/VT block mode telnet2784=world wide web - development3049=ccmail3264=ccmail, cc:mail/lotus3333=dec-notes3984=MAPPER network node manager3985=MAPPER TCP/IP server3986=MAPPER workstation server3421=Bull Apprise portmapper3900=Unidata UDT OS4132=NUTS Daemonnuts_dem4133=NUTS Bootp Server4343=UNICALL4444=KRB5244672=remote file access server5002=radio free ethernet5010=TelepathStarttelelpathstart5011=TelepathAttack5050=multimedia conference control tool5145=rmonitor_secure5190=aol, America-Online5300=HA cluster heartbeat5301=hacl-gs # HA cluster general services5302=HA cluster configuration5303=hacl-probe HA cluster probing5305=hacl-test6000-6063=x11 X Window System6111=sub-process HP SoftBench Sub-Process Control6141/=meta-corp meta Corporation License Manager6142=aspentec-lm Aspen Technology License Manager6143=watershed-lm Watershed License Manager6144=statsci1-lm StatSci License Manager - 16145=statsci2-lm StatSci License Manager - 26146=lonewolf-lm Lone Wolf Systems License Manager6147=montage-lm Montage License Manager7000=afs3-fileserver file server itself7001=afs3-callback callbacks to cache managers7002=afs3-prserver users & groups database7003=afs3-vlserver volume location database7004=afs3-kaserver AFS/Kerberos authentication service7005=afs3-volser volume managment server7006=afs3-errors error interpretation service7007=afs3-bos basic overseer process7008=afs3-update server-to-server updater7009=afs3-rmtsys remote cache manager service7010=ups-online onlinet uninterruptable power supplies7100=X Font Service7200=FODMS FLIP7626=冰河8010=Wingate8181=IMail9535=man(3)动态和/或私有端口(Dynamic and/or Private Ports):从49152到65535。理论上,不应为服务分配这些端口。实际上,机器通常从1024起分配动态端口。但也有例外:SUN的RPC端口从32768开始。 0 通常用于分析操作系统。这一方法能够工作是因为在一些系统中“0”是无效端口,当你试图使用一种通常的闭合端口连接它时将产生不同的结果。一种典型的扫描:使用IP地址为0.0.0.0,设置ACK位并在以太网层广播。
//注意:由于一些应用软件占用了部分端口,因此此文件中的部分端口被注释掉了(注释的字符为://)。 TCP1=TCP Port Service MultiplexerTCP2=DeathTCP5=Remote Job Entry,yoyoTCP7=EchoTCP11=SkunTCP12=BomberTCP16=SkunTCP17=SkunTCP18=消息传输协议,skunTCP19=SkunTCP20=FTP Data,AmandaTCP21=文件传输,Back Construction,Blade Runner,Doly Trojan,Fore,FTP trojan,Invisible FTP,Larva, WebEx,WinCrashTCP22=远程登录协议TCP23=远程登录(Telnet),Tiny Telnet Server (= TTS)TCP25=电子邮件(SMTP),Ajan,Antigen,Email Password Sender,Happy 99,Kuang2,ProMail trojan,Shtrilitz,Stealth,Tapiras,Terminator,WinPC,WinSpy,Haebu CocedaTCP27=AssasinTCP28=AmandaTCP29=MSG ICPTCP30=Agent 40421TCP31=Agent 31,Hackers Paradise,Masters Paradise,Agent 40421TCP37=Time,ADM wormTCP39=SubSARITCP41=DeepThroat,ForeplayTCP42=Host Name ServerTCP43=WHOISTCP44=ArcticTCP48=DRATTCP49=主机登录协议TCP50=DRATTCP51=IMP Logical Address Maintenance,Fuck Lamers BackdoorTCP52=MuSka52,SkunTCP53=DNS,Bonk (DOS Exploit)TCP54=MuSka52TCP58=DMSetupTCP59=DMSetupTCP63=whois++TCP64=Communications IntegratorTCP65=TACACS-Database ServiceTCP66=Oracle SQL*NET,AL-BarekiTCP67=Bootstrap Protocol ServerTCP68=Bootstrap Protocol ClientTCP69=W32.Evala.Worm,BackGate Kit,Nimda,Pasana,Storm,Storm worm,Theef,Worm.Cycle.aTCP70=Gopher服务,ADM wormTCP79=用户查询(Finger),Firehotcker,ADM wormTCP80=超文本服务器(Http),Executor,RingZeroTCP81=Chubo,Worm.Bbeagle.qTCP88=Kerberos krb5服务TCP99=Hidden PortTCP 102=消息传输代理TCP 108=SNA网关访问服务器TCP 109=Pop2TCP 110=电子邮件(Pop3),ProMailTCP 113=Kazimas, Auther IdnetTCP 115=简单文件传输协议TCP 118=SQL Services, Infector 1.4.2TCP 119=新闻组传输协议(Newsgroup(Nntp)), Happy 99TCP 121=JammerKiller, Bo jammerkillahTCP 123=网络时间协议(NTP),Net ControllerTCP 129=Password Generator ProtocolTCP 133=Infector 1.xTCP 135=微软DCE RPC end-point mapper服务TCP 137=微软Netbios Name服务(网上邻居传输文件使用)TCP 138=微软Netbios Name服务(网上邻居传输文件使用)TCP 139=微软Netbios Name服务(用于文件及打印机共享)TCP 142=NetTaxiTCP 143=IMAPTCP 146=FC Infector,InfectorTCP 150=NetBIOS Session ServiceTCP 156=SQL服务器TCP 161=SnmpTCP 162=Snmp-TrapTCP 170=A-TrojanTCP 177=X Display管理控制协议TCP 179=Border网关协议(BGP)TCP 190=网关访问控制协议(GACP)TCP 194=IrcTCP 197=目录定位服务(DLS)TCP 256=NirvanaTCP 315=The InvasorTCP 371=ClearCase版本管理软件TCP 389=Lightweight Directory Access Protocol (LDAP)TCP 396=Novell Netware over IPTCP 420=BreachTCP 421=TCP WrappersTCP 443=安全服务TCP 444=Simple Network Paging Protocol(SNPP)TCP 445=Microsoft-DSTCP 455=Fatal ConnectionsTCP 456=Hackers paradise,FuseSparkTCP 458=苹果公司QuickTimeTCP 513=GrloginTCP 514=RPC BackdoorTCP 531=Rasmin,Net666TCP 544=kerberos kshellTCP 546=DHCP ClientTCP 547=DHCP ServerTCP 548=Macintosh文件服务TCP 555=Ini-Killer,Phase Zero,Stealth SpyTCP 569=MSNTCP 605=SecretServiceTCP 606=Noknok8TCP 661=Noknok8TCP 666=Attack FTP,Satanz Backdoor,Back Construction,Dark Connection Inside 1.2TCP 667=Noknok7.2TCP 668=Noknok6TCP 669=DP trojanTCP 692=GayOLTCP 707=WelchiaTCP 777=AIM SpyTCP 808=RemoteControl,WinHoleTCP 815=Everyone DarlingTCP 901=Backdoor.DevilTCP 911=Dark ShadowTCP 993=IMAPTCP 999=DeepThroatTCP1000=Der SpaeherTCP1001=Silencer,WebEx,Der SpaeherTCP1003=BackDoorTCP1010=DolyTCP1011=DolyTCP1012=DolyTCP1015=DolyTCP1016=DolyTCP1020=VampireTCP1023=Worm.Sasser.eTCP1024=NetSpy.698(YAI)TCP1059=nimreg//TCP1025=NetSpy.698,Unused Windows Services Block//TCP1026=Unused Windows Services Block//TCP1027=Unused Windows Services Block//TCP1028=Unused Windows Services Block//TCP1029=Unused Windows Services Block//TCP1030=Unused Windows Services Block//TCP1033=Netspy//TCP1035=Multidropper//TCP1042=Bla//TCP1045=Rasmin//TCP1047=GateCrasher//TCP1050=MiniCommandTCP1069=Backdoor.TheefServer.202TCP1070=Voice,Psyber Stream Server,Streaming Audio TrojanTCP1080=Wingate,Worm.BugBear.B,Worm.Novarg.B//TCP1090=Xtreme, VDOLive//TCP1095=Rat//TCP1097=Rat//TCP1098=Rat//TCP1099=RatTCP1110=nfsd-keepaliveTCP1111=Backdoor.AIMVisionTCP1155=Network File Access//TCP1170=Psyber Stream Server,Streaming Audio trojan,Voice//TCP1200=NoBackO//TCP1201=NoBackO//TCP1207=Softwar//TCP1212=Nirvana,Visul Killer//TCP1234=Ultors//TCP1243=BackDoor-G, SubSeven, SubSeven Apocalypse//TCP1245=VooDoo Doll//TCP1269=Mavericks Matrix//TCP1313=Nirvana//TCP1349=BioNetTCP1433=Microsoft SQL服务//TCP1441=Remote Storm//TCP1492=FTP99CMP(BackOriffice.FTP)TCP1503=NetMeeting T.120//TCP1509=Psyber Streaming Server//TCP1600=Shivka-Burka//TCP1703=Exloiter 1.1TCP1720=NetMeeting H.233 call SetupTCP1731=NetMeeting音频调用控制//TCP1807=SpySender//TCP1966=Fake FTP 2000//TCP1976=Custom port//TCP1981=ShockraveTCP1990=stun-p1 cisco STUN Priority 1 portTCP1990=stun-p1 cisco STUN Priority 1 portTCP1991=stun-p2 cisco STUN Priority 2 portTCP1992=stun-p3 cisco STUN Priority 3 port,ipsendmsg IPsendmsgTCP1993=snmp-tcp-port cisco SNMP TCP portTCP1994=stun-port cisco serial tunnel portTCP1995=perf-port cisco perf portTCP1996=tr-rsrb-port cisco Remote SRB portTCP1997=gdp-port cisco Gateway Discovery ProtocolTCP1998=x25-svc-port cisco X.25 service (XOT)//TCP1999=BackDoor, TransScout//TCP2000=Der Spaeher,INsane Network//TCP2001=Transmisson scout//TCP2002=Transmisson scout//TCP2003=Transmisson scout//TCP2004=Transmisson scout//TCP2005=TTransmisson scoutTCP2011=cypressTCP2015=raid-cs//TCP2023=Ripper,Pass Ripper,Hack City Ripper ProTCP2049=NFS//TCP2115=Bugs//TCP2121=Nirvana//TCP2140=Deep Throat, The Invasor//TCP2155=Nirvana//TCP2208=RuX//TCP2255=Illusion Mailer//TCP2283=HVL Rat5//TCP2300=PC Explorer//TCP2311=Studio54TCP2556=Worm.Bbeagle.q//TCP2565=Striker//TCP2583=WinCrash//TCP2600=Digital RootBeer//TCP2716=Prayer TrojanTCP2745=Worm.BBeagle.k//TCP2773=Backdoor,SubSeven//TCP2774=SubSeven2.1&2.2//TCP2801=Phineas Phucker//TCP2989=Rat//TCP3024=WinCrash trojanTCP3127=Worm.NovargTCP3128=RingZero,Worm.Novarg.B//TCP3129=Masters Paradise//TCP3150=Deep Throat, The InvasorTCP3198=Worm.Novarg//TCP3210=SchoolBusTCP3332=Worm.Cycle.aTCP3333=ProsiakTCP3389=超级终端//TCP3456=Terror//TCP3459=Eclipse 2000//TCP3700=Portal of Doom//TCP3791=Eclypse//TCP3801=EclypseTCP3996=Portal of DoomTCP4000=腾讯QQ客户端TCP4060=Portal of DoomTCP4092=WinCrashTCP4242=VHMTCP4267=SubSeven2.1&2.2TCP4321=BoBoTCP4444=Prosiak,Swift remoteTCP4500=W32.HLLW.TufasTCP4567=File NailTCP4590=ICQTrojanTCP4899=Remote Administrator服务器TCP4950=ICQTrojanTCP5000=WindowsXP服务器,Blazer 5,Bubbel,Back Door Setup,Sockets de TroieTCP5001=Back Door Setup, Sockets de TroieTCP5002=cd00r,ShaftTCP5011=One of the Last Trojans (OOTLT)TCP5025=WM Remote KeyLoggerTCP5031=Firehotcker,Metropolitan,NetMetroTCP5032=MetropolitanTCP5190=ICQ QueryTCP5321=FirehotckerTCP5333=Backage Trojan Box 3TCP5343=WCratTCP5400=Blade Runner, BackConstruction1.2TCP5401=Blade Runner,Back ConstructionTCP5402=Blade Runner,Back ConstructionTCP5471=WinCrashTCP5512=Illusion MailerTCP5521=Illusion MailerTCP5550=Xtcp,INsane NetworkTCP5554=Worm.SasserTCP5555=ServeMeTCP5556=BO FacilTCP5557=BO FacilTCP5569=Robo-HackTCP5598=BackDoor 2.03TCP5631=PCAnyWhere dataTCP5632=PCAnyWhereTCP5637=PC CrasherTCP5638=PC CrasherTCP5698=BackDoorTCP5714=Wincrash3TCP5741=WinCrash3TCP5742=WinCrashTCP5760=Portmap Remote Root Linux ExploitTCP5880=Y3K RATTCP5881=Y3K RATTCP5882=Y3K RATTCP5888=Y3K RATTCP5889=Y3K RATTCP5900=WinVnc,Wise VGA广播端口TCP6000=Backdoor.ABTCP6006=Noknok8TCP6129=Dameware Nt Utilities服务器TCP6272=SecretServiceTCP6267=广外女生TCP6400=Backdoor.AB,The ThingTCP6500=Devil 1.03TCP6661=TemanTCP6666=TCPshell.cTCP6667=NT Remote Control,Wise 播放器接收端口TCP6668=Wise Video广播端口TCP6669=VampyreTCP6670=DeepThroatTCP6671=Deep Throat 3.0TCP6711=SubSevenTCP6712=SubSeven1.xTCP6713=SubSevenTCP6723=MstreamTCP6767=NT Remote ControlTCP6771=DeepThroatTCP6776=BackDoor-G,SubSeven,2000 CracksTCP6777=Worm.BBeagleTCP6789=Doly TrojanTCP6838=MstreamTCP6883=DeltaSourceTCP6912=Shit HeepTCP6939=IndoctrinationTCP6969=GateCrasher, Priority, IRC 3TCP6970=RealAudio,GateCrasherTCP7000=Remote Grab,NetMonitor,SubSeven1.xTCP7001=Freak88TCP7201=NetMonitorTCP7215=BackDoor-G, SubSevenTCP7001=Freak88,Freak2kTCP7300=NetMonitorTCP7301=NetMonitorTCP7306=NetMonitor,NetSpy 1.0TCP7307=NetMonitor, ProcSpyTCP7308=NetMonitor, X SpyTCP7323=Sygate服务器端TCP7424=Host ControlTCP7597=QazTCP7609=Snid X2TCP7626=冰河TCP7777=The ThingTCP7789=Back Door Setup, ICQKillerTCP7983=MstreamTCP8000=腾讯OICQ服务器端,XDMATCP8010=Wingate,LogfileTCP8080=WWW 代理,Ring Zero,Chubo,Worm.Novarg.BTCP8520=W32.Socay.WormTCP8787=BackOfrice 2000TCP8897=Hack Office,ArmageddonTCP8989=ReconTCP9000=NetministratorTCP9325=MstreamTCP9400=InCommand 1.0TCP9401=InCommand 1.0TCP9402=InCommand 1.0TCP9872=Portal of DoomTCP9873=Portal of DoomTCP9874=Portal of DoomTCP9875=Portal of DoomTCP9876=Cyber AttackerTCP9878=TransScoutTCP9989=Ini-KillerTCP9898=Worm.Win32.Dabber.aTCP9999=Prayer TrojanTCP 10067=Portal of DoomTCP 10080=Worm.Novarg.BTCP 10084=SyphillisTCP 10085=SyphillisTCP 10086=SyphillisTCP 10101=BrainSpyTCP 10167=Portal Of DoomTCP 10168=Worm.Supnot.78858.c,Worm.LovGate.TTCP 10520=Acid ShiversTCP 10607=Coma trojanTCP 10666=AmbushTCP 11000=Senna SpyTCP 11050=Host ControlTCP 11051=Host ControlTCP 11223=Progenic,Hack '99KeyLoggerTCP 11831=TROJ_LATINUS.SVRTCP 12076=Gjamer, MSH.104bTCP 12223=Hack'99 KeyLoggerTCP 12345=GabanBus, NetBus 1.6/1.7, Pie Bill Gates, X-billTCP 12346=GabanBus, NetBus 1.6/1.7, X-billTCP 12349=BioNetTCP 12361=Whack-a-moleTCP 12362=Whack-a-moleTCP 12363=Whack-a-moleTCP 12378=W32/Gibe@MMTCP 12456=NetBusTCP 12623=DUN ControlTCP 12624=ButtmanTCP 12631=WhackJob, WhackJob.NB1.7TCP 12701=Eclipse2000TCP 12754=MstreamTCP 13000=Senna SpyTCP 13010=Hacker BrazilTCP 13013=PsychwardTCP 13223=Tribal Voice的聊天程序PowWowTCP 13700=Kuang2 The VirusTCP 14456=SoleroTCP 14500=PC InvaderTCP 14501=PC InvaderTCP 14502=PC InvaderTCP 14503=PC InvaderTCP 15000=NetDaemon 1.0TCP 15092=Host ControlTCP 15104=MstreamTCP 16484=MosuckerTCP 16660=Stacheldraht (DDoS)TCP 16772=ICQ RevengeTCP 16959=PriorityTCP 16969=PriorityTCP 17027=提供广告服务的Conducent"adbot"共享软件TCP 17166=MosaicTCP 17300=Kuang2 The VirusTCP 17490=CrazyNetTCP 17500=CrazyNetTCP 17569=Infector 1.4.x + 1.6.xTCP 17777=NephronTCP 18753=Shaft (DDoS)TCP 19191=蓝色火焰TCP 19864=ICQ RevengeTCP 20000=Millennium II (GrilFriend)TCP 20001=Millennium II (GrilFriend)TCP 20002=AcidkoRTCP 20034=NetBus 2 ProTCP 20168=LovgateTCP 20203=Logged,ChupacabraTCP 20331=BlaTCP 20432=Shaft (DDoS)TCP 20808=Worm.LovGate.v.QQTCP 21544=Schwindler 1.82,GirlFriendTCP 21554=Schwindler 1.82,GirlFriend,Exloiter 1.0.1.2TCP 22222=Prosiak,RuX Uploader 2.0TCP 22784=Backdoor.IntruzzoTCP 23432=Asylum 0.1.3TCP 23456=Evil FTP, Ugly FTP, WhackJobTCP 23476=Donald DickTCP 23477=Donald DickTCP 23777=INet SpyTCP 26274=DeltaTCP 26681=Spy VoiceTCP 27374=Sub Seven 2.0+, Backdoor.BasteTCP 27444=Tribal Flood Network,TrinooTCP 27665=Tribal Flood Network,TrinooTCP 29431=Hack AttackTCP 29432=Hack AttackTCP 29104=Host ControlTCP 29559=TROJ_LATINUS.SVRTCP 29891=The UnexplainedTCP 30001=Terr0r32TCP 30003=Death,Lamers DeathTCP 30029=AOL trojanTCP 30100=NetSphere 1.27a,NetSphere 1.31TCP 30101=NetSphere 1.31,NetSphere 1.27aTCP 30102=NetSphere 1.27a,NetSphere 1.31TCP 30103=NetSphere 1.31TCP 30303=Sockets de TroieTCP 30947=IntruseTCP 30999=Kuang2TCP 21335=Tribal Flood Network,TrinooTCP 31336=Bo WhackTCP 31337=Baron Night,BO client,BO2,Bo Facil,BackFire,Back Orifice,DeepBO,Freak2k,NetSpyTCP 31338=NetSpy,Back Orifice,DeepBOTCP 31339=NetSpy DKTCP 31554=SchwindlerTCP 31666=BOWhackTCP 31778=Hack AttackTCP 31785=Hack AttackTCP 31787=Hack AttackTCP 31789=Hack AttackTCP 31791=Hack AttackTCP 31792=Hack AttackTCP 32100=PeanutBrittleTCP 32418=Acid BatteryTCP 33333=Prosiak,Blakharaz 1.0TCP 33577=Son Of PsychwardTCP 33777=Son Of PsychwardTCP 33911=Spirit 2001aTCP 34324=BigGluck,TN,Tiny Telnet ServerTCP 34555=Trin00 (Windows) (DDoS)TCP 35555=Trin00 (Windows) (DDoS)TCP 36794=Worm.Bugbear-ATCP 37651=YATTCP 40412=The SpyTCP 40421=Agent 40421,Masters Paradise.96TCP 40422=Masters ParadiseTCP 40423=Masters Paradise.97TCP 40425=Masters ParadiseTCP 40426=Masters Paradise 3.xTCP 41666=Remote BootTCP 43210=Schoolbus 1.6/2.0TCP 44444=Delta SourceTCP 44445=HappypigTCP 47252=ProsiakTCP 47262=DeltaTCP 47878=BirdSpy2TCP 49301=Online KeyloggerTCP 50505=Sockets de TroieTCP 50766=Fore, SchwindlerTCP 51966=CafeIniTCP 53001=Remote Windows ShutdownTCP 53217=Acid Battery 2000TCP 54283=Back Door-G, Sub7TCP 54320=Back Orifice 2000,SheepTCP 54321=School Bus .69-1.11,Sheep, BO2KTCP 57341=NetRaiderTCP 58008=BackDoor.TronTCP 58009=BackDoor.TronTCP 58339=ButtFunnelTCP 59211=BackDoor.DuckToyTCP 60000=Deep ThroatTCP 60068=Xzip 6000068TCP 60411=ConnectionTCP 60606=TROJ_BCKDOR.G2.ATCP 61466=TelecommandoTCP 61603=Bunker-killTCP 63485=Bunker-killTCP 65000=Devil, DDoSTCP 65432=Th3tr41t0r, The TraitorTCP 65530=TROJ_WINMITE.10TCP 65535=RC,Adore Worm/LinuxTCP 69123=ShitHeepTCP 88798=Armageddon,Hack OfficeUDP 1=Sockets des TroieUDP 9=ChargenUDP19=ChargenUDP69=PasanaUDP80=PenroxUDP 371=ClearCase版本管理软件UDP 445=公共Internet文件系统(CIFS)UDP 500=Internet密钥交换UDP1025=Maverick's Matrix 1.2 - 2.0UDP1026=Remote Explorer 2000UDP1027=UC聊天软件,Trojan.Huigezi.eUDP1028=KiLo,SubSARIUDP1029=SubSARIUDP1031=XotUDP1032=Akosch4UDP1104=RexxRaveUDP1111=DaodanUDP1116=LurkerUDP1122=Last 2000,SingularityUDP1183=Cyn,SweetHeartUDP1200=NoBackOUDP1201=NoBackOUDP1342=BLA trojanUDP1344=PtakksUDP1349=BO dllUDP1561=MuSka52UDP1772=NetControleUDP1978=SlapperUDP1985=Black DiverUDP2000=A-trojan,Fear,Force,GOTHIC Intruder,Last 2000,Real 2000UDP2001=ScalperUDP2002=SlapperUDP2015=raid-csUDP2018=rellpackUDP2130=Mini BackLashUDP2140=Deep Throat,Foreplay,The InvasorUDP2222=SweetHeart, WayUDP2339=Voice SpyUDP2702=Black DiverUDP2989=RATUDP3150=Deep ThroatUDP3215=XHXUDP3333=DaodanUDP3801=EclypseUDP3996=Remote AnythingUDP4128=RedShadUDP4156=SlapperUDP4500=sae-urnUDP5419=DarkSkyUDP5503=Remote Shell TrojanUDP5555=DaodanUDP5882=Y3K RATUDP5888=Y3K RATUDP6112=Battle.net GameUDP6666=KiLoUDP6667=KiLoUDP6766=KiLoUDP6767=KiLo,UandMeUDP6838=Mstream Agent-handlerUDP7028=未知木马UDP7424=Host ControlUDP7788=SingularityUDP7983=MStream handler-agentUDP8012=PtakksUDP8090=Aphex's Remote Packet SnifferUDP8127=9_119,ChonkerUDP8488=KiLoUDP8489=KiLoUDP8787=BackOrifice 2000UDP8879=BackOrifice 2000UDP9325=MStream Agent-handlerUDP 10000=XHXUDP 10067=Portal of DoomUDP 10084=SyphillisUDP 10100=SlapperUDP 10167=Portal of DoomUDP 10498=MstreamUDP 10666=AmbushUDP 11225=CynUDP 12321=ProtossUDP 12345=BlueIce 2000UDP 12378=W32/Gibe@MMUDP 12623=ButtMan,DUN ControlUDP 15210=UDP remote shell backdoor serverUDP 15486=KiLoUDP 16514=KiLoUDP 16515=KiLoUDP 18753=Shaft handler to AgentUDP 20433=ShaftUDP 21554=GirlFriendUDP 22784=Backdoor.IntruzzoUDP 23476=Donald DickUDP 25123=MOTDUDP 26274=Delta SourceUDP 26374=Sub-7 2.1UDP 26444=Trin00/TFN2KUDP 26573=Sub-7 2.1UDP 27184=Alvgus trojan 2000UDP 27444=TrinooUDP 29589=KiLoUDP 29891=The UnexplainedUDP 30103=NetSphereUDP 31320=Little WitchUDP 31335=Trin00 DoS AttackUDP 31337=Baron Night, BO client, BO2, Bo Facil, BackFire, Back Orifice, DeepBOUDP 31338=Back Orifice, NetSpy DK, DeepBOUDP 31339=Little WitchUDP 31340=Little WitchUDP 31416=LithiumUDP 31787=Hack aTackUDP 31789=Hack aTackUDP 31790=Hack aTackUDP 31791=Hack aTackUDP 33390=未知木马UDP 34555=TrinooUDP 35555=TrinooUDP 43720=KiLoUDP 44014=IaniUDP 44767=School BusUDP 46666=TaskmanUDP 47262=Delta SourceUDP 47785=KiLoUDP 49301=OnLine keyLoggerUDP 49683=FensterUDP 49698=KiLoUDP 52901=OmegaUDP 54320=Back OrificeUDP 54321=Back Orifice 2000UDP 54341=NetRaider TrojanUDP 61746=KiLOUDP 61747=KiLOUDP 61748=KiLO UDP 65432=The Traitor
按照端口号的大小分类,可分为如下几类 :(1)公认端口(WellKnownPorts):从0到1023,它们紧密绑定(binding)于一些服务。通常这些端口的通讯明确表明了某种服务的协议。例如:80端口实际上总是HTTP通讯。(2)注册端口(RegisteredPorts):从1024到49151。它们松散地绑定于一些服务。也就是说有许多服务绑定于这些端口,这些端口同样用于许多其它目的。例如:许多系统处理动态端口从1024左右开始。(3)动态和/或私有端口(Dynamicand/orPrivatePorts):从49152到65535。理论上,不应为服务分配这些端口。实际上,机器通常从1024起分配动态端口。但也有例外:SUN的RPC端口从32768开始。各种服务常用端口号:1,HTTP协议代理服务器常用端口号:80/8080/3128/8081/90982,SOCKS代理协议服务器常用端口号:10803,FTP(文件传输)协议代理服务器常用端口号:214,Telnet(远程登录)协议代理服务器常用端口号:235,HTTP服务器,默认端口号为80/tcp(木马Executor开放此端口)6,HTTPS(securely transferring web pages)服务器,默认端口号为443/tcp 443/udp7,Telnet(不安全的文本传送),默认端口号为23/tcp(木马Tiny Telnet Server所开放的端口)8,FTP,默认的端口号为21/tcp(木马Doly Trojan、Fore、Invisible FTP、WebEx、WinCrash和Blade Runner所开放的端口)9,TFTP(Trivial File Transfer Protocol),默认端口号为69/udp10,SSH(安全登录)、SCP(文件传输)、端口号重定向,默认的端口号为22/tcp11,SMTP Simple Mail Transfer Protocol(E-mail),默认端口号为25/tcp(木马Antigen、Email Password Sender、Haebu Coceda、Shtrilitz Stealth、WinPC、WinSpy都开放这个端口)12,POP3 Post Office Protocol(E-mail),默认端口号为110/tcp13,Webshpere应用程序,默认端口号为908014,webshpere管理工具,默认端口号909015,JBOSS,默认端口号为808016,TOMCAT,默认端口号为808017,WIN2003远程登录,默认端口号为338918,Symantec AV/Filter for MSE,默认端口号为 808119,Oracle 数据库,默认的端口号为152120,ORACLE EMCTL,默认的端口号为115821,Oracle XDB(XML 数据库),默认的端口号为808022,Oracle XDB FTP服务,默认的端口号为210023,MS SQL*SERVER数据库server,默认的端口号为1433/tcp 1433/udp24,MS SQL*SERVER数据库monitor,默认的端口号为1434/tcp 1434/udp
1 tcpmux TCP Port Service Multiplexer 传输控制协议端口服务多路开关选择器 2 compressnet Management Utility compressnet 管理实用程序3 compressnet Compression Process 压缩进程5 rje Remote Job Entry 远程作业登录7 echo Echo 回显9 discard Discard 丢弃11 systat Active Users 在线用户13 daytime Daytime时间17 qotd Quote of the Day每日引用18 msp Message Send Protocol消息发送协议19 chargen Character Generator 字符发生器20 ftp-data File Transfer[Default Data]文件传输协议(默认数据口)21 ftp File Transfer[Control]文件传输协议(控制)22 ssh SSH Remote Login Protocol SSH远程登录协议23 telnet Telnet 终端仿真协议24 any private mail system预留给个人用邮件系统25 smtp Simple Mail Transfer简单邮件发送协议27 nsw-fe NSW User System FENSW 用户系统现场工程师29 msg-icp MSG ICPMSG ICP31 msg-auth MSG Authentication MSG验证33 dsp Display Support Protocol 显示支持协议35 any private printer server 预留给个人打印机服务37 time Time 时间38 rap Route Access Protocol路由访问协议39 rlp Resource Location Protocol 资源定位协议41 graphics Graphics 图形42 nameserver WINS Host Name Server WINS 主机名服务43 nicname Who Is "绰号" who is服务44 mpm-flags MPM FLAGS Protocol MPM(消息处理模块)标志协议45 mpm Message Processing Module [recv]消息处理模块46 mpm-snd MPM [default send]消息处理模块(默认发送口)47 ni-ftp NI FTP NI FTP48 auditd Digital Audit Daemon 数码音频后台服务49 tacacs Login Host Protocol (TACACS)TACACS登录主机协议50 re-mail-ck Remote Mail Checking Protocol远程邮件检查协议[未结束]51 la-maint IMP Logical Address MaintenanceIMP(接口信息处理机)逻辑地址维护52 xns-time XNS Time Protocol施乐网络服务系统时间协议53 domain Domain Name Server域名服务器54 xns-ch XNS Clearinghouse 施乐网络服务系统票据交换 55 isi-gl ISI Graphics Language ISI图形语言56 xns-auth XNS Authentication 施乐网络服务系统验证57 ? any private terminal access 预留个人用终端访问58 xns-mail XNS Mail 施乐网络服务系统邮件59 any private file service预留个人文件服务60 Unassigned未定义61 ni-mail NI MAILNI邮件?62 acas ACA Services 异步通讯适配器服务63 whois+ whois+WHOIS+64 covia Communications Integrator (CI)通讯接口65 tacacs-ds TACACS-Database Service TACACS数据库服务66 sql*net Oracle SQL*NETOracle SQL*NET67 bootps Bootstrap Protocol Server 引导程序协议服务端68 bootpc Bootstrap Protocol Client 引导程序协议客户端69 tftp Trivial File Transfer小型文件传输协议70 gopher Gopher 信息检索协议71 netrjs-1 Remote Job Service 远程作业服务72 netrjs-2 Remote Job Service 远程作业服务73 netrjs-3 Remote Job Service 远程作业服务74 netrjs-4 Remote Job Service 远程作业服务75 any private dial out service 预留给个人拨出服务76 deos Distributed External Object Store 分布式外部对象存储77 any private RJE service 预留给个人远程作业输入服务78 vettcp vettcp 修正TCP?79 finger Finger 查询远程主机在线用户等信息80 http World Wide Web HTTP 全球信息网超文本传输协议 81 hosts2-ns HOSTS2 Name Server HOST2名称服务82 xfer XFER Utility 传输实用程序83 mit-ml-dev MIT ML Device 模块化智能终端ML设备84 ctf Common Trace Facility公用追踪设备85 mit-ml-dev MIT ML Device 模块化智能终端ML设备86 mfcobol Micro Focus CobolMicro Focus Cobol编程语言87 any private terminal link 预留给个人终端连接88 kerberos Kerberos Kerberros安全认证系统89 su-mit-tg SU/MIT Telnet Gateway SU/MIT终端仿真网关90 dnsix DNSIX Securit Attribute Token MapDNSIX 安全属性标记图91 mit-dov MIT Dover SpoolerMIT Dover假脱机92 npp Network Printing Protocol 网络打印协议93 dcp Device Control Protocol 设备控制协议94 objcall Tivoli Object Dispatcher Tivoli对象调度95 supdupSUPDUP96 dixie DIXIE Protocol Specification DIXIE协议规范97 swift-rvf(Swift Remote Virtural File Protocol)快速远程虚拟文件协议98 tacnews TAC NewsTAC新闻协议99 metagram metagram Relay100 newacct [unauthorized use]101=NIC Host Name Server102=ISO-TSAP103=Genesis Point-to-Point Trans Net104=ACR-NEMA Digital Imag. & Comm. 300105=Mailbox Name Nameserver106=3COM-TSMUX3com-tsmux107=Remote Telnet Service108=SNA Gateway Access Server109=Post Office Protocol - Version 2110=Post Office Protocol - Version 3111=SUN RPC112=McIDAS Data Transmission Protocol113=Authentication Service114=Audio News Multicast115=Simple File Transfer Protocol116=ANSA REX Notify117=UUCP Path Service118=SQL Servicessqlserv119=Network News Transfer Protocol120=CFDPTKTcfdptkt121=Encore Expedited Remote Pro.Call122=SMAKYNETsmakynet123=Network Time Protocol124=ANSA REX Trader125=Locus PC-Interface Net Map Ser126=Unisys Unitary Login127=Locus PC-Interface Conn Server128=GSS X License Verification129=Password Generator Protocol130=cisco FNATIVE131=cisco TNATIVE132=cisco SYSMAINT133=Statistics Service134=INGRES-NET Service135=Location Service136=PROFILE Naming System137=NETBIOS Name Service138=NETBIOS Datagram Service139=NETBIOS Session Service140=EMFIS Data Service141=EMFIS Control Service142=Britton-Lee IDM143=Interim Mail Access Protocol v2144=NewSnews145=UAAC Protocoluaac146=ISO-IP0iso-tp0147=ISO-IPiso-ip148=CRONUS-SUPPORT149=AED 512 Emulation Service150=SQL-NETsql-net151=HEMShems152=Background File Transfer Program153=SGMPsgmp154=NETSCnetsc-prod155=NETSCnetsc-dev156=SQL Service157=KNET/VM Command/Message Protocol158=PCMail Serverpcmail-srv159=NSS-Routingnss-routing160=SGMP-TRAPSsgmp-traps161=SNMP162=SNMP TRAP163=CMIP/TCP Manager164=CMIP/TCP Agent165=Xeroxxns-courier166=Sirius Systems167=NAMPnamp168=RSVDrsvd169=Send170=Network Postscript170=Network Postscript171=Network Innovations Multiplex172=Network Innovations CL/1173=Xyplexxyplex-mux174=MAILQ175=VMNET176=GENRAD-MUXgenrad-mux177=X Display Manager Control Protocol178=NextStep Window Server179=Border Gateway Protocol180=Intergraphris181=Unifyunify182=Unisys Audit SITP183=OCBinderocbinder184=OCServerocserver185=Remote-KIS186=KIS Protocolkis187=Application Communication Interface188=Plus Five401=Uninterruptible Power Supply402=Genie Protocol403=decapdecap404=ncednced405=ncldncld406=Interactive Mail Support Protocol407=Timbuktutimbuktu408=Prospero Resource Manager Sys. Man.409=Prospero Resource Manager Node Man.410=DECLadebug Remote Debug Protocol411=Remote MT Protocol412=Trap Convention Port413=SMSPsmsp414=InfoSeekinfoseek415=BNetbnet416=Silverplattersilverplatter417=Onmuxonmux418=Hyper-Ghyper-g419=Arielariel1420=SMPTEsmpte421=Arielariel2422=Arielariel3423=IBM Operations Planning and Control Start424=IBM Operations Planning and Control Track425=ICADicad-el426=smartsdpsmartsdp427=Server Location429=OCS_AMU430=UTMPSDutmpsd431=UTMPCDutmpcd432=IASDiasd433=NNSPnnsp434=MobileIP-Agent435=MobilIP-MN436=DNA-CMLdna-cml437=comscmcomscm439=dasp, Thomas Obermair440=sgcpsgcp441=decvms-sysmgtdecvms-sysmgt442=cvc_hostdcvc_hostd443=https444=Simple Network Paging Protocol445=Microsoft-DS446=DDM-RDBddm-rdb447=DDM-RFMddm-dfm448=DDM-BYTEddm-byte449=AS Server Mapper450=TServertserver512=exec, Remote process execution513=login, remote login514=cmd, exec with auto auth.514=syslog515=Printer spooler516=Unassigned517=talk519=unixtime520=extended file name server521=Unassigned522=Unassigned523=Unassigned524=Unassigned526=newdate530=rpc courier531=chatconference532=readnewsnetnews533=for emergency broadcasts539=Apertus Technologies Load Determination540=uucp541=uucp-rlogin542=Unassigned543=klogin544=kshell545=Unassigned546=Unassigned547=Unassigned548=Unassigned549=Unassigned550=new-who551=Unassigned552=Unassigned553=Unassigned554=Unassigned555=dsf556=remotefs557-559=rmonitor560=rmonitord561=dmonitor562=chcmd563=Unassigned564=plan 9 file service565=whoami566-569 Unassigned570=demonmeter571=udemonmeter572-599 Unassigned ipc server600=Sun IPC server607=nqs606=Cray Unified Resource Manager608=Sender-Initiated/Unsolicited File Transfer609=npmp-trapnpmp-trap610=npmp-localnpmp-local611=npmp-guinpmp-gui634=ginadginad666=Doom Id Software704=errlog copy/server daemon709=EntrustManager729=IBM NetView DM/6000 Server/Client730=IBM NetView DM/6000 send/tcp731=IBM NetView DM/6000 receive/tcp741=netGWnetgw742=Network based Rev. Cont. Sys.744=Flexible License Manager747=Fujitsu Device Control748=Russell Info Sci Calendar Manager749=kerberos administration751=pump752=qrh754=send758=nlogin759=con760=ns762=quotad763=cycleserv765=webster767=phonephonebook769=vid771=rtip772=cycleserv2774=acmaint_dbd775=acmaint_transd780=wpgs786=Concertconcert800=mdbs_daemon996=Central Point Software997=maitrd999=puprouter1023=Reserved 注册端口(Registered Ports):从1024到49151。它们松散地绑定于一些服务。也就是说有许多服务绑定于这些端口,这些端口同样用于许多其它目的。例如:许多系统处理动态端口从1024左右开始。1025=network blackjack1030=BBN IAD1031=BBN IAD1032=BBN IAD1067=Installation Bootstrap Proto. Serv.1068=Installation Bootstrap Proto. Cli.1080=SOCKS1083=Anasoft License Manager1084=Anasoft License Manager1155=Network File Access1222=SNI R&D network1248=hermes1346=Alta Analytics License Manager1347=multi media conferencing1347=multi media conferencing1348=multi media conferencing1349=Registration Network Protocol1350=Registration Network Protocol1351=Digital Tool Works (MIT)1352=/Lotus Notelotusnote1353=Relief Consulting1354=RightBrain Software1355=Intuitive Edge1356=CuillaMartin Company1357=Electronic PegBoard1358=CONNLCLIconnlcli1359=FTSRVftsrv1360=MIMERmimer1361=LinX1362=TimeFliestimeflies1363=Network DataMover Requester1364=Network DataMover Server1365=Network Software Associates1366=Novell NetWare Comm Service Platform1367=DCSdcs1368=ScreenCastscreencast1369=GlobalView to Unix Shell1370=Unix Shell to GlobalView1371=Fujitsu Config Protocol1372=Fujitsu Config Protocol1373=Chromagrafxchromagrafx1374=EPI Software Systems1375=Bytexbytex1376=IBM Person to Person Software1377=Cichlid License Manager1378=Elan License Manager1379=Integrity Solutions1380=Telesis Network License Manager1381=Apple Network License Manager1382=udt_os1383=GW Hannaway Network License Manager1384=Objective Solutions License Manager1385=Atex Publishing License Manager1386=CheckSum License Manager1387=Computer Aided Design Software Inc LM1388=Objective Solutions DataBase Cache1389=Document Manager1390=Storage Controller1391=Storage Access Server1392=Print Managericlpv-pm1393=Network Log Server1394=Network Log Client1395=PC Workstation Manager software1396=DVL Active Mail1397=Audio Active Mail1398=Video Active Mail1399=Cadkey License Manager1400=Cadkey Tablet Daemon1401=Goldleaf License Manager1402=Prospero Resource Manager1403=Prospero Resource Manager1404=Infinite Graphics License Manager1405=IBM Remote Execution Starter1406=NetLabs License Manager1407=DBSA License Manager1408=Sophia License Manager1409=Here License Manager1410=HiQ License Manager1411=AudioFileaf1412=InnoSysinnosys1413=Innosys-ACLinnosys-acl1414=IBM MQSeriesibm-mqseries1415=DBStardbstar1416=Novell LU6.2novell-lu6.21417=Timbuktu Service 1 Port1417=Timbuktu Service 1 Port1418=Timbuktu Service 2 Port1419=Timbuktu Service 3 Port1420=Timbuktu Service 4 Port1421=Gandalf License Manager1422=Autodesk License Manager1423=Essbase Arbor Software1424=Hybrid Encryption Protocol1425=Zion Software License Manager1426=Satellite-data Acquisition System 11427=mloadd monitoring tool1428=Informatik License Manager1429=Hypercom NMSnms1430=Hypercom TPDUtpdu1431=Reverse Gosip Transport1432=Blueberry Software License Manager1433=Microsoft-SQL-Server1434=Microsoft-SQL-Monitor1435=IBM CISCibm-cics1436=Satellite-data Acquisition System 21437=Tabulatabula1438=Eicon Security Agent/Server1439=Eicon X25/SNA Gateway1440=Eicon Service Location Protocol1441=Cadis License Management1442=Cadis License Management1443=Integrated Engineering Software1444=Marcam License Management1445=Proxima License Manager1446=Optical Research Associates License Manager1447=Applied Parallel Research LM1448=OpenConnect License Manager1449=PEportpeport1450=Tandem Distributed Workbench Facility1451=IBM Information Management1452=GTE Government Systems License Man1453=Genie License Manager1454=interHDL License Manager1454=interHDL License Manager1455=ESL License Manager1456=DCAdca1457=Valisys License Manager1458=Nichols Research Corp.1459=Proshare Notebook Application1460=Proshare Notebook Application1461=IBM Wireless LAN1462=World License Manager1463=Nucleusnucleus1464=MSL License Manager1465=Pipes Platform1466=Ocean Software License Manager1467=CSDMBASEcsdmbase1468=CSDMcsdm1469=Active Analysis Limited License Manager1470=Universal Analytics1471=csdmbasecsdmbase1472=csdmcsdm1473=OpenMathopenmath1474=Telefindertelefinder1475=Taligent License Manager1476=clvm-cfgclvm-cfg1477=ms-sna-server1478=ms-sna-base1479=dberegisterdberegister1480=PacerForumpacerforum1481=AIRSairs1482=Miteksys License Manager1483=AFS License Manager1484=Confluent License Manager1485=LANSourcelansource1486=nms_topo_serv1487=LocalInfoSrvr1488=DocStordocstor1489=dmdocbrokerdmdocbroker1490=insitu-confinsitu-conf1491=anynetgateway1492=stone-design-11493=netmap_lmnetmap_lm1494=icaica1495=cvccvc1496=liberty-lmliberty-lm1497=rfx-lmrfx-lm1498=Watcom-SQLwatcom-sql1499=Federico Heinz Consultora1500=VLSI License Manager1501=Satellite-data Acquisition System 31502=Shivashivadiscovery1503=Databeamimtc-mcs1504=EVB Software Engineering License Manager1505=Funk Software, Inc.1524=ingres1525=oracle1525=Prospero Directory Service non-priv1526=Prospero Data Access Prot non-priv1527=oracletlisrv1529=oraclecoauthor1600=issd1651=proshare conf audio1652=proshare conf video1653=proshare conf data1654=proshare conf request1655=proshare conf notify1661=netview-aix-1netview-aix-11662=netview-aix-2netview-aix-21663=netview-aix-3netview-aix-31664=netview-aix-4netview-aix-41665=netview-aix-5netview-aix-51666=netview-aix-6netview-aix-61986=cisco license management1987=cisco RSRB Priority 1 port1988=cisco RSRB Priority 2 port1989=cisco RSRB Priority 3 port1989=MHSnet systemmshnet1990=cisco STUN Priority 1 port1991=cisco STUN Priority 2 port1992=cisco STUN Priority 3 port1992=IPsendmsgipsendmsg1993=cisco SNMP TCP port1994=cisco serial tunnel port1995=cisco perf port1996=cisco Remote SRB port1997=cisco Gateway Discovery Protocol1998=cisco X.25 service (XOT)1999=cisco identification port2009=whosockami2010=pipe_server2011=raid2012=raid-ac2013=rad-am2015=raid-cs2016=bootserver2017=terminaldb2018=rellpack2019=about2019=xinupageserver2020=xinupageserver2021=xinuexpansion12021=down2022=xinuexpansion22023=xinuexpansion32023=xinuexpansion42024=xinuexpansion42025=xribs2026=scrabble2027=shadowserver2028=submitserver2039=device22032=blackboard2033=glogger2034=scoremgr2035=imsldoc2038=objectmanager2040=lam2041=interbase2042=isis2043=isis-bcast2044=primsl2045=cdfunc2047=dls2048=dls-monitor2065=Data Link Switch Read Port Number2067=Data Link Switch Write Port Number2201=Advanced Training System Program2500=Resource Tracking system server2501=Resource Tracking system client2564=HP 3000 NS/VT block mode telnet2784=world wide web - development3049=ccmail3264=ccmail, cc:mail/lotus3333=dec-notes3984=MAPPER network node manager3985=MAPPER TCP/IP server3986=MAPPER workstation server3421=Bull Apprise portmapper3900=Unidata UDT OS4132=NUTS Daemonnuts_dem4133=NUTS Bootp Server4343=UNICALL4444=KRB5244672=remote file access server5002=radio free ethernet5010=TelepathStarttelelpathstart5011=TelepathAttack5050=multimedia conference control tool5145=rmonitor_secure5190=aol, America-Online5300=HA cluster heartbeat5301=hacl-gs # HA cluster general services5302=HA cluster configuration5303=hacl-probe HA cluster probing5305=hacl-test6000-6063=x11 X Window System6111=sub-process HP SoftBench Sub-Process Control6141/=meta-corp meta Corporation License Manager6142=aspentec-lm Aspen Technology License Manager6143=watershed-lm Watershed License Manager6144=statsci1-lm StatSci License Manager - 16145=statsci2-lm StatSci License Manager - 26146=lonewolf-lm Lone Wolf Systems License Manager6147=montage-lm Montage License Manager7000=afs3-fileserver file server itself7001=afs3-callback callbacks to cache managers7002=afs3-prserver users & groups database7003=afs3-vlserver volume location database7004=afs3-kaserver AFS/Kerberos authentication service7005=afs3-volser volume managment server7006=afs3-errors error interpretation service7007=afs3-bos basic overseer process7008=afs3-update server-to-server updater7009=afs3-rmtsys remote cache manager service7010=ups-online onlinet uninterruptable power supplies7100=X Font Service7200=FODMS FLIP7626=冰河8010=Wingate8181=IMail9535=man(3)动态和/或私有端口(Dynamic and/or Private Ports):从49152到65535。理论上,不应为服务分配这些端口。实际上,机器通常从1024起分配动态端口。但也有例外:SUN的RPC端口从32768开始。 0 通常用于分析操作系统。这一方法能够工作是因为在一些系统中“0”是无效端口,当你试图使用一种通常的闭合端口连接它时将产生不同的结果。一种典型的扫描:使用IP地址为0.0.0.0,设置ACK位并在以太网层广播。
//注意:由于一些应用软件占用了部分端口,因此此文件中的部分端口被注释掉了(注释的字符为://)。 TCP1=TCP Port Service MultiplexerTCP2=DeathTCP5=Remote Job Entry,yoyoTCP7=EchoTCP11=SkunTCP12=BomberTCP16=SkunTCP17=SkunTCP18=消息传输协议,skunTCP19=SkunTCP20=FTP Data,AmandaTCP21=文件传输,Back Construction,Blade Runner,Doly Trojan,Fore,FTP trojan,Invisible FTP,Larva, WebEx,WinCrashTCP22=远程登录协议TCP23=远程登录(Telnet),Tiny Telnet Server (= TTS)TCP25=电子邮件(SMTP),Ajan,Antigen,Email Password Sender,Happy 99,Kuang2,ProMail trojan,Shtrilitz,Stealth,Tapiras,Terminator,WinPC,WinSpy,Haebu CocedaTCP27=AssasinTCP28=AmandaTCP29=MSG ICPTCP30=Agent 40421TCP31=Agent 31,Hackers Paradise,Masters Paradise,Agent 40421TCP37=Time,ADM wormTCP39=SubSARITCP41=DeepThroat,ForeplayTCP42=Host Name ServerTCP43=WHOISTCP44=ArcticTCP48=DRATTCP49=主机登录协议TCP50=DRATTCP51=IMP Logical Address Maintenance,Fuck Lamers BackdoorTCP52=MuSka52,SkunTCP53=DNS,Bonk (DOS Exploit)TCP54=MuSka52TCP58=DMSetupTCP59=DMSetupTCP63=whois++TCP64=Communications IntegratorTCP65=TACACS-Database ServiceTCP66=Oracle SQL*NET,AL-BarekiTCP67=Bootstrap Protocol ServerTCP68=Bootstrap Protocol ClientTCP69=W32.Evala.Worm,BackGate Kit,Nimda,Pasana,Storm,Storm worm,Theef,Worm.Cycle.aTCP70=Gopher服务,ADM wormTCP79=用户查询(Finger),Firehotcker,ADM wormTCP80=超文本服务器(Http),Executor,RingZeroTCP81=Chubo,Worm.Bbeagle.qTCP88=Kerberos krb5服务TCP99=Hidden PortTCP 102=消息传输代理TCP 108=SNA网关访问服务器TCP 109=Pop2TCP 110=电子邮件(Pop3),ProMailTCP 113=Kazimas, Auther IdnetTCP 115=简单文件传输协议TCP 118=SQL Services, Infector 1.4.2TCP 119=新闻组传输协议(Newsgroup(Nntp)), Happy 99TCP 121=JammerKiller, Bo jammerkillahTCP 123=网络时间协议(NTP),Net ControllerTCP 129=Password Generator ProtocolTCP 133=Infector 1.xTCP 135=微软DCE RPC end-point mapper服务TCP 137=微软Netbios Name服务(网上邻居传输文件使用)TCP 138=微软Netbios Name服务(网上邻居传输文件使用)TCP 139=微软Netbios Name服务(用于文件及打印机共享)TCP 142=NetTaxiTCP 143=IMAPTCP 146=FC Infector,InfectorTCP 150=NetBIOS Session ServiceTCP 156=SQL服务器TCP 161=SnmpTCP 162=Snmp-TrapTCP 170=A-TrojanTCP 177=X Display管理控制协议TCP 179=Border网关协议(BGP)TCP 190=网关访问控制协议(GACP)TCP 194=IrcTCP 197=目录定位服务(DLS)TCP 256=NirvanaTCP 315=The InvasorTCP 371=ClearCase版本管理软件TCP 389=Lightweight Directory Access Protocol (LDAP)TCP 396=Novell Netware over IPTCP 420=BreachTCP 421=TCP WrappersTCP 443=安全服务TCP 444=Simple Network Paging Protocol(SNPP)TCP 445=Microsoft-DSTCP 455=Fatal ConnectionsTCP 456=Hackers paradise,FuseSparkTCP 458=苹果公司QuickTimeTCP 513=GrloginTCP 514=RPC BackdoorTCP 531=Rasmin,Net666TCP 544=kerberos kshellTCP 546=DHCP ClientTCP 547=DHCP ServerTCP 548=Macintosh文件服务TCP 555=Ini-Killer,Phase Zero,Stealth SpyTCP 569=MSNTCP 605=SecretServiceTCP 606=Noknok8TCP 661=Noknok8TCP 666=Attack FTP,Satanz Backdoor,Back Construction,Dark Connection Inside 1.2TCP 667=Noknok7.2TCP 668=Noknok6TCP 669=DP trojanTCP 692=GayOLTCP 707=WelchiaTCP 777=AIM SpyTCP 808=RemoteControl,WinHoleTCP 815=Everyone DarlingTCP 901=Backdoor.DevilTCP 911=Dark ShadowTCP 993=IMAPTCP 999=DeepThroatTCP1000=Der SpaeherTCP1001=Silencer,WebEx,Der SpaeherTCP1003=BackDoorTCP1010=DolyTCP1011=DolyTCP1012=DolyTCP1015=DolyTCP1016=DolyTCP1020=VampireTCP1023=Worm.Sasser.eTCP1024=NetSpy.698(YAI)TCP1059=nimreg//TCP1025=NetSpy.698,Unused Windows Services Block//TCP1026=Unused Windows Services Block//TCP1027=Unused Windows Services Block//TCP1028=Unused Windows Services Block//TCP1029=Unused Windows Services Block//TCP1030=Unused Windows Services Block//TCP1033=Netspy//TCP1035=Multidropper//TCP1042=Bla//TCP1045=Rasmin//TCP1047=GateCrasher//TCP1050=MiniCommandTCP1069=Backdoor.TheefServer.202TCP1070=Voice,Psyber Stream Server,Streaming Audio TrojanTCP1080=Wingate,Worm.BugBear.B,Worm.Novarg.B//TCP1090=Xtreme, VDOLive//TCP1095=Rat//TCP1097=Rat//TCP1098=Rat//TCP1099=RatTCP1110=nfsd-keepaliveTCP1111=Backdoor.AIMVisionTCP1155=Network File Access//TCP1170=Psyber Stream Server,Streaming Audio trojan,Voice//TCP1200=NoBackO//TCP1201=NoBackO//TCP1207=Softwar//TCP1212=Nirvana,Visul Killer//TCP1234=Ultors//TCP1243=BackDoor-G, SubSeven, SubSeven Apocalypse//TCP1245=VooDoo Doll//TCP1269=Mavericks Matrix//TCP1313=Nirvana//TCP1349=BioNetTCP1433=Microsoft SQL服务//TCP1441=Remote Storm//TCP1492=FTP99CMP(BackOriffice.FTP)TCP1503=NetMeeting T.120//TCP1509=Psyber Streaming Server//TCP1600=Shivka-Burka//TCP1703=Exloiter 1.1TCP1720=NetMeeting H.233 call SetupTCP1731=NetMeeting音频调用控制//TCP1807=SpySender//TCP1966=Fake FTP 2000//TCP1976=Custom port//TCP1981=ShockraveTCP1990=stun-p1 cisco STUN Priority 1 portTCP1990=stun-p1 cisco STUN Priority 1 portTCP1991=stun-p2 cisco STUN Priority 2 portTCP1992=stun-p3 cisco STUN Priority 3 port,ipsendmsg IPsendmsgTCP1993=snmp-tcp-port cisco SNMP TCP portTCP1994=stun-port cisco serial tunnel portTCP1995=perf-port cisco perf portTCP1996=tr-rsrb-port cisco Remote SRB portTCP1997=gdp-port cisco Gateway Discovery ProtocolTCP1998=x25-svc-port cisco X.25 service (XOT)//TCP1999=BackDoor, TransScout//TCP2000=Der Spaeher,INsane Network//TCP2001=Transmisson scout//TCP2002=Transmisson scout//TCP2003=Transmisson scout//TCP2004=Transmisson scout//TCP2005=TTransmisson scoutTCP2011=cypressTCP2015=raid-cs//TCP2023=Ripper,Pass Ripper,Hack City Ripper ProTCP2049=NFS//TCP2115=Bugs//TCP2121=Nirvana//TCP2140=Deep Throat, The Invasor//TCP2155=Nirvana//TCP2208=RuX//TCP2255=Illusion Mailer//TCP2283=HVL Rat5//TCP2300=PC Explorer//TCP2311=Studio54TCP2556=Worm.Bbeagle.q//TCP2565=Striker//TCP2583=WinCrash//TCP2600=Digital RootBeer//TCP2716=Prayer TrojanTCP2745=Worm.BBeagle.k//TCP2773=Backdoor,SubSeven//TCP2774=SubSeven2.1&2.2//TCP2801=Phineas Phucker//TCP2989=Rat//TCP3024=WinCrash trojanTCP3127=Worm.NovargTCP3128=RingZero,Worm.Novarg.B//TCP3129=Masters Paradise//TCP3150=Deep Throat, The InvasorTCP3198=Worm.Novarg//TCP3210=SchoolBusTCP3332=Worm.Cycle.aTCP3333=ProsiakTCP3389=超级终端//TCP3456=Terror//TCP3459=Eclipse 2000//TCP3700=Portal of Doom//TCP3791=Eclypse//TCP3801=EclypseTCP3996=Portal of DoomTCP4000=腾讯QQ客户端TCP4060=Portal of DoomTCP4092=WinCrashTCP4242=VHMTCP4267=SubSeven2.1&2.2TCP4321=BoBoTCP4444=Prosiak,Swift remoteTCP4500=W32.HLLW.TufasTCP4567=File NailTCP4590=ICQTrojanTCP4899=Remote Administrator服务器TCP4950=ICQTrojanTCP5000=WindowsXP服务器,Blazer 5,Bubbel,Back Door Setup,Sockets de TroieTCP5001=Back Door Setup, Sockets de TroieTCP5002=cd00r,ShaftTCP5011=One of the Last Trojans (OOTLT)TCP5025=WM Remote KeyLoggerTCP5031=Firehotcker,Metropolitan,NetMetroTCP5032=MetropolitanTCP5190=ICQ QueryTCP5321=FirehotckerTCP5333=Backage Trojan Box 3TCP5343=WCratTCP5400=Blade Runner, BackConstruction1.2TCP5401=Blade Runner,Back ConstructionTCP5402=Blade Runner,Back ConstructionTCP5471=WinCrashTCP5512=Illusion MailerTCP5521=Illusion MailerTCP5550=Xtcp,INsane NetworkTCP5554=Worm.SasserTCP5555=ServeMeTCP5556=BO FacilTCP5557=BO FacilTCP5569=Robo-HackTCP5598=BackDoor 2.03TCP5631=PCAnyWhere dataTCP5632=PCAnyWhereTCP5637=PC CrasherTCP5638=PC CrasherTCP5698=BackDoorTCP5714=Wincrash3TCP5741=WinCrash3TCP5742=WinCrashTCP5760=Portmap Remote Root Linux ExploitTCP5880=Y3K RATTCP5881=Y3K RATTCP5882=Y3K RATTCP5888=Y3K RATTCP5889=Y3K RATTCP5900=WinVnc,Wise VGA广播端口TCP6000=Backdoor.ABTCP6006=Noknok8TCP6129=Dameware Nt Utilities服务器TCP6272=SecretServiceTCP6267=广外女生TCP6400=Backdoor.AB,The ThingTCP6500=Devil 1.03TCP6661=TemanTCP6666=TCPshell.cTCP6667=NT Remote Control,Wise 播放器接收端口TCP6668=Wise Video广播端口TCP6669=VampyreTCP6670=DeepThroatTCP6671=Deep Throat 3.0TCP6711=SubSevenTCP6712=SubSeven1.xTCP6713=SubSevenTCP6723=MstreamTCP6767=NT Remote ControlTCP6771=DeepThroatTCP6776=BackDoor-G,SubSeven,2000 CracksTCP6777=Worm.BBeagleTCP6789=Doly TrojanTCP6838=MstreamTCP6883=DeltaSourceTCP6912=Shit HeepTCP6939=IndoctrinationTCP6969=GateCrasher, Priority, IRC 3TCP6970=RealAudio,GateCrasherTCP7000=Remote Grab,NetMonitor,SubSeven1.xTCP7001=Freak88TCP7201=NetMonitorTCP7215=BackDoor-G, SubSevenTCP7001=Freak88,Freak2kTCP7300=NetMonitorTCP7301=NetMonitorTCP7306=NetMonitor,NetSpy 1.0TCP7307=NetMonitor, ProcSpyTCP7308=NetMonitor, X SpyTCP7323=Sygate服务器端TCP7424=Host ControlTCP7597=QazTCP7609=Snid X2TCP7626=冰河TCP7777=The ThingTCP7789=Back Door Setup, ICQKillerTCP7983=MstreamTCP8000=腾讯OICQ服务器端,XDMATCP8010=Wingate,LogfileTCP8080=WWW 代理,Ring Zero,Chubo,Worm.Novarg.BTCP8520=W32.Socay.WormTCP8787=BackOfrice 2000TCP8897=Hack Office,ArmageddonTCP8989=ReconTCP9000=NetministratorTCP9325=MstreamTCP9400=InCommand 1.0TCP9401=InCommand 1.0TCP9402=InCommand 1.0TCP9872=Portal of DoomTCP9873=Portal of DoomTCP9874=Portal of DoomTCP9875=Portal of DoomTCP9876=Cyber AttackerTCP9878=TransScoutTCP9989=Ini-KillerTCP9898=Worm.Win32.Dabber.aTCP9999=Prayer TrojanTCP 10067=Portal of DoomTCP 10080=Worm.Novarg.BTCP 10084=SyphillisTCP 10085=SyphillisTCP 10086=SyphillisTCP 10101=BrainSpyTCP 10167=Portal Of DoomTCP 10168=Worm.Supnot.78858.c,Worm.LovGate.TTCP 10520=Acid ShiversTCP 10607=Coma trojanTCP 10666=AmbushTCP 11000=Senna SpyTCP 11050=Host ControlTCP 11051=Host ControlTCP 11223=Progenic,Hack '99KeyLoggerTCP 11831=TROJ_LATINUS.SVRTCP 12076=Gjamer, MSH.104bTCP 12223=Hack'99 KeyLoggerTCP 12345=GabanBus, NetBus 1.6/1.7, Pie Bill Gates, X-billTCP 12346=GabanBus, NetBus 1.6/1.7, X-billTCP 12349=BioNetTCP 12361=Whack-a-moleTCP 12362=Whack-a-moleTCP 12363=Whack-a-moleTCP 12378=W32/Gibe@MMTCP 12456=NetBusTCP 12623=DUN ControlTCP 12624=ButtmanTCP 12631=WhackJob, WhackJob.NB1.7TCP 12701=Eclipse2000TCP 12754=MstreamTCP 13000=Senna SpyTCP 13010=Hacker BrazilTCP 13013=PsychwardTCP 13223=Tribal Voice的聊天程序PowWowTCP 13700=Kuang2 The VirusTCP 14456=SoleroTCP 14500=PC InvaderTCP 14501=PC InvaderTCP 14502=PC InvaderTCP 14503=PC InvaderTCP 15000=NetDaemon 1.0TCP 15092=Host ControlTCP 15104=MstreamTCP 16484=MosuckerTCP 16660=Stacheldraht (DDoS)TCP 16772=ICQ RevengeTCP 16959=PriorityTCP 16969=PriorityTCP 17027=提供广告服务的Conducent"adbot"共享软件TCP 17166=MosaicTCP 17300=Kuang2 The VirusTCP 17490=CrazyNetTCP 17500=CrazyNetTCP 17569=Infector 1.4.x + 1.6.xTCP 17777=NephronTCP 18753=Shaft (DDoS)TCP 19191=蓝色火焰TCP 19864=ICQ RevengeTCP 20000=Millennium II (GrilFriend)TCP 20001=Millennium II (GrilFriend)TCP 20002=AcidkoRTCP 20034=NetBus 2 ProTCP 20168=LovgateTCP 20203=Logged,ChupacabraTCP 20331=BlaTCP 20432=Shaft (DDoS)TCP 20808=Worm.LovGate.v.QQTCP 21544=Schwindler 1.82,GirlFriendTCP 21554=Schwindler 1.82,GirlFriend,Exloiter 1.0.1.2TCP 22222=Prosiak,RuX Uploader 2.0TCP 22784=Backdoor.IntruzzoTCP 23432=Asylum 0.1.3TCP 23456=Evil FTP, Ugly FTP, WhackJobTCP 23476=Donald DickTCP 23477=Donald DickTCP 23777=INet SpyTCP 26274=DeltaTCP 26681=Spy VoiceTCP 27374=Sub Seven 2.0+, Backdoor.BasteTCP 27444=Tribal Flood Network,TrinooTCP 27665=Tribal Flood Network,TrinooTCP 29431=Hack AttackTCP 29432=Hack AttackTCP 29104=Host ControlTCP 29559=TROJ_LATINUS.SVRTCP 29891=The UnexplainedTCP 30001=Terr0r32TCP 30003=Death,Lamers DeathTCP 30029=AOL trojanTCP 30100=NetSphere 1.27a,NetSphere 1.31TCP 30101=NetSphere 1.31,NetSphere 1.27aTCP 30102=NetSphere 1.27a,NetSphere 1.31TCP 30103=NetSphere 1.31TCP 30303=Sockets de TroieTCP 30947=IntruseTCP 30999=Kuang2TCP 21335=Tribal Flood Network,TrinooTCP 31336=Bo WhackTCP 31337=Baron Night,BO client,BO2,Bo Facil,BackFire,Back Orifice,DeepBO,Freak2k,NetSpyTCP 31338=NetSpy,Back Orifice,DeepBOTCP 31339=NetSpy DKTCP 31554=SchwindlerTCP 31666=BOWhackTCP 31778=Hack AttackTCP 31785=Hack AttackTCP 31787=Hack AttackTCP 31789=Hack AttackTCP 31791=Hack AttackTCP 31792=Hack AttackTCP 32100=PeanutBrittleTCP 32418=Acid BatteryTCP 33333=Prosiak,Blakharaz 1.0TCP 33577=Son Of PsychwardTCP 33777=Son Of PsychwardTCP 33911=Spirit 2001aTCP 34324=BigGluck,TN,Tiny Telnet ServerTCP 34555=Trin00 (Windows) (DDoS)TCP 35555=Trin00 (Windows) (DDoS)TCP 36794=Worm.Bugbear-ATCP 37651=YATTCP 40412=The SpyTCP 40421=Agent 40421,Masters Paradise.96TCP 40422=Masters ParadiseTCP 40423=Masters Paradise.97TCP 40425=Masters ParadiseTCP 40426=Masters Paradise 3.xTCP 41666=Remote BootTCP 43210=Schoolbus 1.6/2.0TCP 44444=Delta SourceTCP 44445=HappypigTCP 47252=ProsiakTCP 47262=DeltaTCP 47878=BirdSpy2TCP 49301=Online KeyloggerTCP 50505=Sockets de TroieTCP 50766=Fore, SchwindlerTCP 51966=CafeIniTCP 53001=Remote Windows ShutdownTCP 53217=Acid Battery 2000TCP 54283=Back Door-G, Sub7TCP 54320=Back Orifice 2000,SheepTCP 54321=School Bus .69-1.11,Sheep, BO2KTCP 57341=NetRaiderTCP 58008=BackDoor.TronTCP 58009=BackDoor.TronTCP 58339=ButtFunnelTCP 59211=BackDoor.DuckToyTCP 60000=Deep ThroatTCP 60068=Xzip 6000068TCP 60411=ConnectionTCP 60606=TROJ_BCKDOR.G2.ATCP 61466=TelecommandoTCP 61603=Bunker-killTCP 63485=Bunker-killTCP 65000=Devil, DDoSTCP 65432=Th3tr41t0r, The TraitorTCP 65530=TROJ_WINMITE.10TCP 65535=RC,Adore Worm/LinuxTCP 69123=ShitHeepTCP 88798=Armageddon,Hack OfficeUDP 1=Sockets des TroieUDP 9=ChargenUDP19=ChargenUDP69=PasanaUDP80=PenroxUDP 371=ClearCase版本管理软件UDP 445=公共Internet文件系统(CIFS)UDP 500=Internet密钥交换UDP1025=Maverick's Matrix 1.2 - 2.0UDP1026=Remote Explorer 2000UDP1027=UC聊天软件,Trojan.Huigezi.eUDP1028=KiLo,SubSARIUDP1029=SubSARIUDP1031=XotUDP1032=Akosch4UDP1104=RexxRaveUDP1111=DaodanUDP1116=LurkerUDP1122=Last 2000,SingularityUDP1183=Cyn,SweetHeartUDP1200=NoBackOUDP1201=NoBackOUDP1342=BLA trojanUDP1344=PtakksUDP1349=BO dllUDP1561=MuSka52UDP1772=NetControleUDP1978=SlapperUDP1985=Black DiverUDP2000=A-trojan,Fear,Force,GOTHIC Intruder,Last 2000,Real 2000UDP2001=ScalperUDP2002=SlapperUDP2015=raid-csUDP2018=rellpackUDP2130=Mini BackLashUDP2140=Deep Throat,Foreplay,The InvasorUDP2222=SweetHeart, WayUDP2339=Voice SpyUDP2702=Black DiverUDP2989=RATUDP3150=Deep ThroatUDP3215=XHXUDP3333=DaodanUDP3801=EclypseUDP3996=Remote AnythingUDP4128=RedShadUDP4156=SlapperUDP4500=sae-urnUDP5419=DarkSkyUDP5503=Remote Shell TrojanUDP5555=DaodanUDP5882=Y3K RATUDP5888=Y3K RATUDP6112=Battle.net GameUDP6666=KiLoUDP6667=KiLoUDP6766=KiLoUDP6767=KiLo,UandMeUDP6838=Mstream Agent-handlerUDP7028=未知木马UDP7424=Host ControlUDP7788=SingularityUDP7983=MStream handler-agentUDP8012=PtakksUDP8090=Aphex's Remote Packet SnifferUDP8127=9_119,ChonkerUDP8488=KiLoUDP8489=KiLoUDP8787=BackOrifice 2000UDP8879=BackOrifice 2000UDP9325=MStream Agent-handlerUDP 10000=XHXUDP 10067=Portal of DoomUDP 10084=SyphillisUDP 10100=SlapperUDP 10167=Portal of DoomUDP 10498=MstreamUDP 10666=AmbushUDP 11225=CynUDP 12321=ProtossUDP 12345=BlueIce 2000UDP 12378=W32/Gibe@MMUDP 12623=ButtMan,DUN ControlUDP 15210=UDP remote shell backdoor serverUDP 15486=KiLoUDP 16514=KiLoUDP 16515=KiLoUDP 18753=Shaft handler to AgentUDP 20433=ShaftUDP 21554=GirlFriendUDP 22784=Backdoor.IntruzzoUDP 23476=Donald DickUDP 25123=MOTDUDP 26274=Delta SourceUDP 26374=Sub-7 2.1UDP 26444=Trin00/TFN2KUDP 26573=Sub-7 2.1UDP 27184=Alvgus trojan 2000UDP 27444=TrinooUDP 29589=KiLoUDP 29891=The UnexplainedUDP 30103=NetSphereUDP 31320=Little WitchUDP 31335=Trin00 DoS AttackUDP 31337=Baron Night, BO client, BO2, Bo Facil, BackFire, Back Orifice, DeepBOUDP 31338=Back Orifice, NetSpy DK, DeepBOUDP 31339=Little WitchUDP 31340=Little WitchUDP 31416=LithiumUDP 31787=Hack aTackUDP 31789=Hack aTackUDP 31790=Hack aTackUDP 31791=Hack aTackUDP 33390=未知木马UDP 34555=TrinooUDP 35555=TrinooUDP 43720=KiLoUDP 44014=IaniUDP 44767=School BusUDP 46666=TaskmanUDP 47262=Delta SourceUDP 47785=KiLoUDP 49301=OnLine keyLoggerUDP 49683=FensterUDP 49698=KiLoUDP 52901=OmegaUDP 54320=Back OrificeUDP 54321=Back Orifice 2000UDP 54341=NetRaider TrojanUDP 61746=KiLOUDP 61747=KiLOUDP 61748=KiLO UDP 65432=The Traitor
本文由 在线网速测试 整理编辑,转载请注明出处。
