RSS Element,demiblog Class,Language,Link,Title,Description
channel,,en_GB,http://tobyinkster.co.uk/article/nmap/,nmap-services,"====<br> <p>The following is an nmap-services file that can be used in conjuction with nmap to hunt for viruses on a network. It can&#8217;t find all viruses &#8212; only those ones that open a <span class=""caps"">TCP </span>or <span class=""caps"">UDP </span>port as a backdoor &#8212; so only use it as <strong>a small part</strong> of the overall defense for your network. I won&#8217;t bother explaining how to use it &#8212; if you don&#8217;t know how then you probably shouldn&#8217;t be using it. It could potentially be used for good or evil. I use it for the former.</p>  <pre># List of ports used by malware #<br> # Note: some of these have legitimate uses too. These are given<br> # as [bracketed] comments where known.<br> #<br> # Also, tonnes of trojans use common ports such as 21, 25, 80, etc.<br> # I have generally left these out as they&#8217;ll result in tonnes of<br> # false-positives.  <p>Blaster         69/udp  # [tftp]<br> Sobig          995/udp  #<br> Sobig          996/udp  #<br> Sobig          997/udp  #<br> Sobig          998/udp  #<br> Sobig          999/udp  #<br> MyDoom        1080/tcp  # bugbear, [some proxies]<br> Ultor        &#8230;</p>"