Threat Level: green Handler on Duty: Jim Clausing

SANS ISC: Port 4444 (tcp/udp) Attack Activity - SANS Internet Storm Center Port 4444 (tcp/udp) Attack Activity


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Loading...
[get complete service list]
Port Information
Protocol Service Name
tcp metasploit Metasploit default listener
tcp CrackDown [trojan] CrackDown
tcp krb524 KRB524
tcp nv-video NV Video default
tcp Prosiak [trojan] Prosiak
tcp SwiftRemote [trojan] Swift Remote
udp krb524 krb524
udp nv-video NV Video default
tcp sophosfw Admin port for some Sophos Firewalls
Top IPs Scanning
TodayYesterday
185.222.210.130 (67)185.176.027.186 (152)
045.227.254.026 (51)081.022.045.089 (145)
005.188.161.050 (48)185.222.210.130 (118)
066.240.205.034 (22)045.227.254.026 (62)
141.098.011.017 (18)005.188.086.114 (46)
185.254.122.017 (17)138.099.216.027 (37)
104.152.052.031 (16)185.092.072.005 (26)
005.188.086.114 (15)194.028.112.049 (26)
185.176.027.186 (14)132.232.196.087 (23)
185.153.197.128 (11)066.240.205.034 (22)
User Comments
Submitted By Date
Comment
2007-08-11 14:29:19
ktorrent (UDP) (default)
Joel Esler 2003-12-17 17:39:44
This is port is a common return port for the rpc dcom.c buffer overflow. Also the return port in the msblast rpc worm.
2003-08-13 04:37:38
used by the msblast worm to bind a shell
Add a comment
CVE Links
CVE # Description