Access attempts to services as reported through the Learn More Web site, 1/1/01 - 3/31/01.
Service | Port | Count |
Remote Procedure Call (RPC) | 111 | 3689 |
Sub7 | 27374 | 3296 |
File Transfer Protocol (FTP) | 21 | 2074 |
Domain Name System (DNS) | 53 | 1303 |
Web Sharing | 80 | 1217 |
Authentication Server (AUTH) | 113 | 934 |
Wingate/WebSTAR | 1080 | 894 |
Gnutella | 6346 | 854 |
Sub7 | 1243 | 729 |
Netbus | 12345 | 602 |
telnet | 23 | 557 |
Line Printer Daemon Protocol (LPR) | 515 | 366 |
day-to-day | 49152 | 292 |
Napster | 6699 | 289 |
Network News Transfer Protocol (NNTP) | 119 | 272 |
Windows file sharing | 139 | 225 |
File Sharing over TCP/IP (ShareWay IP) | 548 | 221 |
Web/proxy | 8080 | 203 |
Simple Mail Transfer Protocol (SMTP) | 25 | 187 |
Program Linking over TCP/IP | 3031 | 119 |
linuxconf | 98 | 98 |
unknown | 2002 | 92 |
Hotline/VNC | 5500 | 92 |
Unix trojan horse | 9704 | 88 |
Post Office Protocol (POP) | 110 | 87 |
unknown | 11111 | 86 |
Dynamic Host Configuration Protocol (DHCP) | 68 | 73 |
squid cache | 3128 | 72 |
day-to-day | 49153 | 71 |
POP2 | 109 | 69 |
Shiva Telnet | 2048 | 61 |
Windows 2000 sharing | 445 | 55 |
AOL Instant Messenger | 5190 | 55 |
Service Location Protocol (SLP) | 427 | 52 |
phAse Zero trojan | 555 | 49 |
Carracho | 6701 | 49 |
unknown | 524 | 44 |
Internet Relay Chat (IRC) | 6667 | 43 |
Network Time Protocol (NTP) | 123 | 42 |
Network File System (NFS) | 2049 | 42 |
unknown | 4662 | 41 |
unknown | 6700 | 41 |
Finger | 79 | 40 |
Napster | 8875 | 40 |
Internet Message Access Protocol (IMAP) | 143 | 39 |
unknown | 20034 | 37 |
MS RPC | 135 | 31 |
RemotelyAnywhere | 2000 | 30 |
Timbuktu (v5.2 or later) | 407 | 26 |
unknown | 1214 | 24 |
Unix trojan horse | 1234 | 24 |
ssh/pcanywhere | 22 | 22 |
Windows Name Service | 137 | 21 |
SGI | 1 | 20 |
unknown | 7 | 17 |
unknown | 1024 | 17 |
Secure Sockets Layer (SSL) | 443 | 10 |
Other >49153 | >49153 | 1202 |
Misc. <49152 | <49152 | 2136 |