![]() ![]() Cridex or Bugat) trojan used to commit e-banking fraud uses ports 8080 tcp and 7779/tcp to run a nginx proxy and communicate with the botnet C&C server.Ī non-privileged user of the Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could perform a persistent Cross-Site Scripting (XSS) attack, potentially resulting in obtaining administrative permissions. See Also, , Īndroid.Acnetdoor (2012.05.16) - opens a backdoor on Android devicesįeodo/Geodo (a.k.a. (2007.03.02) - a worm that opens a back door, copies itself to IPC shares, connects to an IRC server, and awaits commands on port 8080/tcp. It opens port 69/udp to initiate TFTP transfers. The worm connects to IRC servers and listens for remote commands on port 8080/tcp. It runs and spreads using all current Windows versions, but only infects Windows 2000. (2005.08.16) - a worm that opens a backdoor and exploits the MS Plug and Play Buffer Overflow vulnerability (MS Security Bulletin ) on port 445/tcp. ![]() Note: Same ports are used by the and variants of the worm as well. It also opens an FTP server on port 33333/tcp. It connects to IRC servers and listens for remote commands on port 8080/tcp. Also exploits vulnerabilities on ports 445 and (2005.08.16) - a mass-mailing worm that opens a backdoor and exploits the MS Plug and Play Buffer Overflow vulnerability (MS Security Bulletin ) on port 445/tcp. It ay be downloaded by W32.Kelvir variants. Spreads through network shares and exploiting multiple vulnerabilities. ![]() (2005.04.29) - network-aware worm with DDoS and backdoor capabilities. Backdoor.Screencut) - uses ports 80, (2004.01.28) - mass-mailing worm that opens a backdoor into the system. If you're not running web services, keep in mind that some trojans also use these ports: Splunk (big data analysis software) uses the following ports by default:Ĩ000 - web port (clients accessing the Splunk search page)Ĩ089 - management port (splunkd, aslo used by deployment server) Ubiquiti UniFi Controller uses these ports:Ĩ080 tcp - http port for UAP to inform controllerĨ443 tcp - https port for controller GUI/APIĨ880 tcp - http portal redirect port (may also use ports 8881, 8882)ģ478 udp - STUN port (should be open at firewall) WAN Administration can (and should, in most cases) be disabled using routers web-based administration interface. Some broadband routers run a web server on port 8080 for remote management. It can also be used for HTTP Web Proxies. Using a VPN instead can significantly help this situation, but can be annoying if you still want to sometimes access your local network from the same machine.īut in general, these are the types of information leaks you want to understand and mitigate.Common alternative HTTP port used for web traffic. So your ISP may not know what traffic was sent to your proxy, but seeing the DNS lookup immediately followed by a burst of traffic starts to paint a picture. So in that configuration it's possible that when you need to resolve the hostname of a tracker you're using, the DNS lookup could go out your regular connection and the torrent traffic would go through your proxy. For example, if you're only using a SOCKS proxy in uTorrent and not the VPN, your computer still needs to do DNS resolution. Your ISP can't, but your SOCKS proxy provider would have the potential to, if you aren't encrypting the traffic (which would be coming out of your proxy provider as an endpoint).Īlso, people generally regard VPN as more secure than SOCKS proxies and this is generally true. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |