Turbo_C++_for_Windows.zip
Monday, July 30, 2012
Themes
- Bubbles.themepack
- Lamborghini_Theme.themepack
setup-vgirl-us_ajbtnJU.exe
Kinect Disneyland Adventures.themepack
Ebooks
How to set up a server with Apache , PHP , MySQL , Perl , phpMyAdmin
How to set up a server with Apache , PHP , MySQL , Perl , phpMyAdmin
=====
Let's start by installing apache (http server) . you can download the
apache installer on www.apache.org . download the verion you like ,
even thought , in win systems i recomand verion 2 (this tutorials is
for apache 2) . here is a link for it :
Code:
http://apache.mirror.nedlinux.nl/dist/httpd/binaries/win32/apache_2.0.52-win32-x86-no_ssl.msi
for a faster mirror , visit http://httpd.apache.org/download.cgi .
After downloading the file (.msi installer) , run it . The installation wizard
is a next , next , finish 'work' ... The installer will ask you some details like
your server name , your server adress and the admin's mail adress . if
you have a domain name or a hostname , enter the info's like this :
Code:
Server Name : your_domain.org
Server Adress : www.your-domain.org
Admin Email : admin@yourdomain.org
if you don't have one , you should get on e free at :
Code:
http://www.no-ip.org/
Check the 'Run as a service for all users on port 8080' option and click
next , finish to fiinish the instllation . Advice : Install it in c: (he creates
a folder for it , don't worry) to make sure you configure it easyer .
If you are finished , open up a browser and write in the adress bar :
Code:
http://localhost/
If you will see a 'Test Page for Apache Installation' , everything works .
=====
Let's install PHP . download the archives from www.php.net . Here is a
direct link for verion 4.3.9 :
Code:
http://nl.php.net/get/php-4.3.9-Win32.zip/from/this/mirror
Make sure you download the archive and not the installer . Ok! after
downloading it , extract the archive in c:/php (this is to simplify paths) .
Now , open up c:/apache/conf/httpd.conf and search for this line :
Code:
#LoadModule ssl_module modules/mod_ssl.so
under that line , add this :
Code:
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule php4_module "c:/php/sapi/php4apache2.dll"
AddType application/x-httpd-php .php
AddType application/x-httpd-php .php3
AddType application/x-httpd-php .php4
Now search for this line :
Code:
<Directory "C:/Apache2/htdocs">
Change :
Code:
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
into :
Code:
Options Indexes Includes FollowSymLinks MultiViews ExecCGI
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
This will allow .htaccess support on your server and make sure you can
see the content of a folder without getting a 403 forbidden error .
Now search for :
Code:
DirectoryIndex index.html index.var.html
and change it into :
Code:
DirectoryIndex index.html index.php
Save the file and restart apache . (you can restart it by pressing the
Restart apache server shortcut in the start menu or by writing :
Code:
net apache restart
in a command prompt window . Ok!
you have php working for your server icon_wink.gif . Now let's configure php and
make sure it really works ! Open up c:/php/php.ini (php.ini-dist renamed)
and search for this paragraph :
Code:
max_execution_time = 60 ; Maximum execution time of each script, in seconds
max_input_time = 60 ; Maximum amount of time each script may spend parsing request data
memory_limit = 5M ; Maximum amount of memory a script may consume (8MB)
you should change this to whatever you want . here is an option i use :
Code:
max_execution_time = 300 ; Maximum execution time of each script, in seconds
max_input_time = 300 ; Maximum amount of time each script may spend parsing request data
memory_limit = 5M ; Maximum amount of memory a script may consume (8MB)
Now search for :
Code:
register_globals = Off
and change it into :
Code:
register_globals = On
Search for :
Code:
extension_dir = ".\"
and change it into :
Code:
extension_dir = "c:/php/extensions"
assuming you have installed php in c: ...
Search for :
Code:
;Windows Extensions
;Note that MySQL and ODBC support is now built in, so no dll is needed for it.
and uncomment (delete the ; in the front) the following modules :
Code:
extension=php_bz2.dll
extension=php_db.dll
extension=php_gd2.dll
extension=php_java.dll
extension=php_msql.dll
extension=php_pdf.dll
extension=php_pgsql.dll
extension=php_sockets.dll
Ok! now let's change the smtp settings (this is good icon_smile.gif for you mail()
function . you need this !!!) Search for :
Code:
[mail function]
; For Win32 only.
SMTP =
smtp_port = 25
; For Win32 only.
;sendmail_from =
and change to :
Code:
[mail function]
; For Win32 only.
SMTP = mail.isp.org
smtp_port = 25
; For Win32 only.
sendmail_from = mail@your_domain.org
if you don't have a mail server or :
Code:
[mail function]
; For Win32 only.
SMTP = localhost
smtp_port = 25
; For Win32 only.
sendmail_from = mail@your_domain.org
if you have a mail server ...
Save the files . Now let's finalize the php installation . copy all the dll's
from c:/php/dlls into c:/windows/system32 . copy c:/php/php4ts.dll into
c:/windows/system32/ and copy php.ini from your folder php into
windows and system32 folder . restart apache . open up notepad and
add this into the file :
Code:
<?php
phpinfo();
?>
save this file in your htdocs folder (c:/apache/htdocs) as info.php and
open up a browser . in the adress bar write :
Code:
http://localhost/info.php
you should see php's configuration in a table . a looong file icon_smile.gif
you can optionaly install zend optimizer . i am using it ... it doesn't
needs a tutorial . to install the PEAR modules for php , just run the
go-pear batch from the php folder and 2click the reg file to finish the
instllation .
=====
let's install mysql . download mysql from http://www.mysql.com/ .
this tutorial applyes to verion 4.0.* ... i don't recomand using mysql
4.1 . here is a direct link :
Code:
http://dev.mysql.com/get/Downloads/MySQL-4.0/mysql-4.0.22-win.zip/from/http://mysql.proserve.nl/
after downloading , extract the arhive somewhere and run the setup.exe .
install mysql in c:/mysql and complete the installation . open up command
prompt and write this :
Code:
cd mysql
cd bin
mysqld-max-nt --install
this will install mysql as a service . recomended . now you would probably
consider downloading mysql control center . a gui tool to administrate the
server in a graphical mode . here is a link :
Code:
http://dev.mysql.com/get/Downloads/MySQLCC/mysqlcc-0.9.4-win32.zip/from/http://mysql.proserve.nl/
install it like any other program and run the shortcut in the desktop . a
window will pop-up . it will ask you to add a new connection . here are the
info's you need to fill in :
Code:
name : localhost or main or whatever :)
host : localhost
user : root
pass :
click add , expand the databases menu and delete databse text . now
expand the users menu and delete all users except root@localhost . right
click it and select edit user . change it's password to whatever you want icon_smile.gif
now right click the server and select edit . change the password to the
pass you chosed for user root . as easy as that . mysql is installed !
=====
phpMyADmin . you can download it from http://www.phpmyadmin.net/ .
i recommend using verion 2.5.1 pl1 . the last verion is still bugy icon_smile.gif
download , unzip the contecnt into a folder in htdocs (phpMyAdmin) and
open up config.inc.php with a text editor .
search for :
Code:
$cfg['PmaAbsoluteUri'] = '';
change it to your phpmyadmin url . eg. :
Code:
$cfg['PmaAbsoluteUri'] = http://www.your_domain.org/phpMyAdmin/';
now search for :
Code:
$cfg['blowfish_secret'] = '';
and change it to your mysql root password like this :
Code:
$cfg['blowfish_secret'] = 'password';
now search for :
Code:
$cfg['Servers'][$i]['auth_type'] = 'config';
and change it to :
Code:
$cfg['Servers'][$i]['auth_type'] = 'cookie';
save and exit . that's it ! phpMyAdmin works icon_wink.gif
=====
Perl . Optioanl for your server , very usefull . i recomend you to install
it . you can download it from http://www.activestate.com/ . here is a
direct link :
Code:
http://downloads.activestate.com/ActivePerl/Windows/5.8/ActivePerl-5.8.4.810-MSWin32-x86.msi
download , install and you are ready . put your perl scripts in the /cgi-bin/
folder (c:/apache/cgi-bin) .
=====
Hope this helped , you're welcome . No , you don't need to pay
=====
Let's start by installing apache (http server) . you can download the
apache installer on www.apache.org . download the verion you like ,
even thought , in win systems i recomand verion 2 (this tutorials is
for apache 2) . here is a link for it :
Code:
http://apache.mirror.nedlinux.nl/dist/httpd/binaries/win32/apache_2.0.52-win32-x86-no_ssl.msi
for a faster mirror , visit http://httpd.apache.org/download.cgi .
After downloading the file (.msi installer) , run it . The installation wizard
is a next , next , finish 'work' ... The installer will ask you some details like
your server name , your server adress and the admin's mail adress . if
you have a domain name or a hostname , enter the info's like this :
Code:
Server Name : your_domain.org
Server Adress : www.your-domain.org
Admin Email : admin@yourdomain.org
if you don't have one , you should get on e free at :
Code:
http://www.no-ip.org/
Check the 'Run as a service for all users on port 8080' option and click
next , finish to fiinish the instllation . Advice : Install it in c: (he creates
a folder for it , don't worry) to make sure you configure it easyer .
If you are finished , open up a browser and write in the adress bar :
Code:
http://localhost/
If you will see a 'Test Page for Apache Installation' , everything works .
=====
Let's install PHP . download the archives from www.php.net . Here is a
direct link for verion 4.3.9 :
Code:
http://nl.php.net/get/php-4.3.9-Win32.zip/from/this/mirror
Make sure you download the archive and not the installer . Ok! after
downloading it , extract the archive in c:/php (this is to simplify paths) .
Now , open up c:/apache/conf/httpd.conf and search for this line :
Code:
#LoadModule ssl_module modules/mod_ssl.so
under that line , add this :
Code:
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule php4_module "c:/php/sapi/php4apache2.dll"
AddType application/x-httpd-php .php
AddType application/x-httpd-php .php3
AddType application/x-httpd-php .php4
Now search for this line :
Code:
<Directory "C:/Apache2/htdocs">
Change :
Code:
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
into :
Code:
Options Indexes Includes FollowSymLinks MultiViews ExecCGI
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
This will allow .htaccess support on your server and make sure you can
see the content of a folder without getting a 403 forbidden error .
Now search for :
Code:
DirectoryIndex index.html index.var.html
and change it into :
Code:
DirectoryIndex index.html index.php
Save the file and restart apache . (you can restart it by pressing the
Restart apache server shortcut in the start menu or by writing :
Code:
net apache restart
in a command prompt window . Ok!
you have php working for your server icon_wink.gif . Now let's configure php and
make sure it really works ! Open up c:/php/php.ini (php.ini-dist renamed)
and search for this paragraph :
Code:
max_execution_time = 60 ; Maximum execution time of each script, in seconds
max_input_time = 60 ; Maximum amount of time each script may spend parsing request data
memory_limit = 5M ; Maximum amount of memory a script may consume (8MB)
you should change this to whatever you want . here is an option i use :
Code:
max_execution_time = 300 ; Maximum execution time of each script, in seconds
max_input_time = 300 ; Maximum amount of time each script may spend parsing request data
memory_limit = 5M ; Maximum amount of memory a script may consume (8MB)
Now search for :
Code:
register_globals = Off
and change it into :
Code:
register_globals = On
Search for :
Code:
extension_dir = ".\"
and change it into :
Code:
extension_dir = "c:/php/extensions"
assuming you have installed php in c: ...
Search for :
Code:
;Windows Extensions
;Note that MySQL and ODBC support is now built in, so no dll is needed for it.
and uncomment (delete the ; in the front) the following modules :
Code:
extension=php_bz2.dll
extension=php_db.dll
extension=php_gd2.dll
extension=php_java.dll
extension=php_msql.dll
extension=php_pdf.dll
extension=php_pgsql.dll
extension=php_sockets.dll
Ok! now let's change the smtp settings (this is good icon_smile.gif for you mail()
function . you need this !!!) Search for :
Code:
[mail function]
; For Win32 only.
SMTP =
smtp_port = 25
; For Win32 only.
;sendmail_from =
and change to :
Code:
[mail function]
; For Win32 only.
SMTP = mail.isp.org
smtp_port = 25
; For Win32 only.
sendmail_from = mail@your_domain.org
if you don't have a mail server or :
Code:
[mail function]
; For Win32 only.
SMTP = localhost
smtp_port = 25
; For Win32 only.
sendmail_from = mail@your_domain.org
if you have a mail server ...
Save the files . Now let's finalize the php installation . copy all the dll's
from c:/php/dlls into c:/windows/system32 . copy c:/php/php4ts.dll into
c:/windows/system32/ and copy php.ini from your folder php into
windows and system32 folder . restart apache . open up notepad and
add this into the file :
Code:
<?php
phpinfo();
?>
save this file in your htdocs folder (c:/apache/htdocs) as info.php and
open up a browser . in the adress bar write :
Code:
http://localhost/info.php
you should see php's configuration in a table . a looong file icon_smile.gif
you can optionaly install zend optimizer . i am using it ... it doesn't
needs a tutorial . to install the PEAR modules for php , just run the
go-pear batch from the php folder and 2click the reg file to finish the
instllation .
=====
let's install mysql . download mysql from http://www.mysql.com/ .
this tutorial applyes to verion 4.0.* ... i don't recomand using mysql
4.1 . here is a direct link :
Code:
http://dev.mysql.com/get/Downloads/MySQL-4.0/mysql-4.0.22-win.zip/from/http://mysql.proserve.nl/
after downloading , extract the arhive somewhere and run the setup.exe .
install mysql in c:/mysql and complete the installation . open up command
prompt and write this :
Code:
cd mysql
cd bin
mysqld-max-nt --install
this will install mysql as a service . recomended . now you would probably
consider downloading mysql control center . a gui tool to administrate the
server in a graphical mode . here is a link :
Code:
http://dev.mysql.com/get/Downloads/MySQLCC/mysqlcc-0.9.4-win32.zip/from/http://mysql.proserve.nl/
install it like any other program and run the shortcut in the desktop . a
window will pop-up . it will ask you to add a new connection . here are the
info's you need to fill in :
Code:
name : localhost or main or whatever :)
host : localhost
user : root
pass :
click add , expand the databases menu and delete databse text . now
expand the users menu and delete all users except root@localhost . right
click it and select edit user . change it's password to whatever you want icon_smile.gif
now right click the server and select edit . change the password to the
pass you chosed for user root . as easy as that . mysql is installed !
=====
phpMyADmin . you can download it from http://www.phpmyadmin.net/ .
i recommend using verion 2.5.1 pl1 . the last verion is still bugy icon_smile.gif
download , unzip the contecnt into a folder in htdocs (phpMyAdmin) and
open up config.inc.php with a text editor .
search for :
Code:
$cfg['PmaAbsoluteUri'] = '';
change it to your phpmyadmin url . eg. :
Code:
$cfg['PmaAbsoluteUri'] = http://www.your_domain.org/phpMyAdmin/';
now search for :
Code:
$cfg['blowfish_secret'] = '';
and change it to your mysql root password like this :
Code:
$cfg['blowfish_secret'] = 'password';
now search for :
Code:
$cfg['Servers'][$i]['auth_type'] = 'config';
and change it to :
Code:
$cfg['Servers'][$i]['auth_type'] = 'cookie';
save and exit . that's it ! phpMyAdmin works icon_wink.gif
=====
Perl . Optioanl for your server , very usefull . i recomend you to install
it . you can download it from http://www.activestate.com/ . here is a
direct link :
Code:
http://downloads.activestate.com/ActivePerl/Windows/5.8/ActivePerl-5.8.4.810-MSWin32-x86.msi
download , install and you are ready . put your perl scripts in the /cgi-bin/
folder (c:/apache/cgi-bin) .
=====
Hope this helped , you're welcome . No , you don't need to pay
How to setup a http server running from your computer
How to set up a http server running from your computer
(Either you can set up a basic server which means you stop at step... or if you want to make a server with free address you can continue after that step)
1. We are going to use a program called hfs i like the beta version (2) you will need to download this program.
Go to www.rejetto.com/temp/hfs2.0beta23.zip
2. Make a folder where you wish to run it from for example C:/Program files/hfs or C:/Documents and settins/Username/My documents/Hfs
3. Move the downloaded zip file into that folder and extract it.
4. Delete the zip file and KEEP THE OTHER FILES!!!!!
user posted image
5. Run the program and it will come up with a screen that looks like this
user posted image
6. Click the button that says easy mode (this turns it into expert mode which basicly means you have all the options)
7. Where it says port change the port to 80 (this can clash with some programs like webcam on msn and maybe others im not sure) ((the port you choose doesnt really matter 80 is just easier))
8. How to turn on port forwarding. (ONLY for people with routers) ((this varies depending on which make of router you have but for my router sweex i will tell you how its done))
Go to internet explorer or mozzilla firefox. Type into the address bar 192.168.2.1 with nothing in else. A window will come up asking you for username and password by default this is admin and 1234 it will only be different if you have changed it.
9. This window should then show up.
user posted image
Click general setup then you will see this window
user posted image
Click NAT then port forwarding
You should now see this
user posted image
In private ip you need to post your computers local network address like for example 192.168.1.1 or 192.168.1.2 it depends. If you do not know how to do this here is how its found out
Click start>run>cmd type in the command line ipconfig
wait
some information will come up looking like this
user posted image
That is your computers local network address.
So going back to
user posted image
Now go back to hfs and you must enter your ip (not your local address but your ip) here
user posted image
Keep the http:// in front of your ip.
This is essentially now your server. Make sure it is on and you can go and visit it at http://yourip:port/
To add files simply drag and drop them in. Then click virtual folder.
That was if you do not want a personal address you can make it personal like mine http://randomshitfromtimmy.no-ip.org very easily.
All you have to do is go to www.no-ip.com
Make a username
Log in
Click add on the left hand side
Make a hostname (mine is randomshitfromtimmy)
Click port 80 redirect
Enter your ip in the ip address field
And choose the port you wish to forward (this is either 80 or the other one that you chose)
Click add redirect.
Now you have a fully working hfs system.It runs of you bandwidth so if lots of people are downloading you will find your net goes slowly so remeber to set limits.
(below is a pic of a set up hfs working) Ips blurred for privacy.
(Either you can set up a basic server which means you stop at step... or if you want to make a server with free address you can continue after that step)
1. We are going to use a program called hfs i like the beta version (2) you will need to download this program.
Go to www.rejetto.com/temp/hfs2.0beta23.zip
2. Make a folder where you wish to run it from for example C:/Program files/hfs or C:/Documents and settins/Username/My documents/Hfs
3. Move the downloaded zip file into that folder and extract it.
4. Delete the zip file and KEEP THE OTHER FILES!!!!!
user posted image
5. Run the program and it will come up with a screen that looks like this
user posted image
6. Click the button that says easy mode (this turns it into expert mode which basicly means you have all the options)
7. Where it says port change the port to 80 (this can clash with some programs like webcam on msn and maybe others im not sure) ((the port you choose doesnt really matter 80 is just easier))
8. How to turn on port forwarding. (ONLY for people with routers) ((this varies depending on which make of router you have but for my router sweex i will tell you how its done))
Go to internet explorer or mozzilla firefox. Type into the address bar 192.168.2.1 with nothing in else. A window will come up asking you for username and password by default this is admin and 1234 it will only be different if you have changed it.
9. This window should then show up.
user posted image
Click general setup then you will see this window
user posted image
Click NAT then port forwarding
You should now see this
user posted image
In private ip you need to post your computers local network address like for example 192.168.1.1 or 192.168.1.2 it depends. If you do not know how to do this here is how its found out
Click start>run>cmd type in the command line ipconfig
wait
some information will come up looking like this
user posted image
That is your computers local network address.
So going back to
user posted image
Now go back to hfs and you must enter your ip (not your local address but your ip) here
user posted image
Keep the http:// in front of your ip.
This is essentially now your server. Make sure it is on and you can go and visit it at http://yourip:port/
To add files simply drag and drop them in. Then click virtual folder.
That was if you do not want a personal address you can make it personal like mine http://randomshitfromtimmy.no-ip.org very easily.
All you have to do is go to www.no-ip.com
Make a username
Log in
Click add on the left hand side
Make a hostname (mine is randomshitfromtimmy)
Click port 80 redirect
Enter your ip in the ip address field
And choose the port you wish to forward (this is either 80 or the other one that you chose)
Click add redirect.
Now you have a fully working hfs system.It runs of you bandwidth so if lots of people are downloading you will find your net goes slowly so remeber to set limits.
(below is a pic of a set up hfs working) Ips blurred for privacy.
How To Make Your Own Radio Station
How To Make Your Own Radio Station
Must HAVE Winamp (Any Version)
First, things First your speed has to be at least 256/64 kbps (which means Dial-up users, will have alot of latency, just dnt bother)
Second, your going to have to have a domain, an updated one with the current i.p active. (Could be anything e.g. My sig)
Now, Your gonna have to download the Shoutcast Files.
Go to www.shoutcast.com to get the files.
Ok After downloading these, installing Both of them in any order i dnt care. Go to START>PROGRAM FILES>SHOUTcast DNAS>EDIT SHOUTCAST DNS CONFIG.
Ok your gonna have to Configure it:
Go Down and where it says password: change (that means your gonna have to change it to whatever, make sure u remember)
The Portbase: change it to whatever port you want it
Maxusers: (lets be realistic here, dnt put in 10000, like NXS's radio station) your bandwidth has to be extremely good, if your cable, 50 user max is ok, ADSL should stay below 10 users, and T1 connections should do whatever tickles there fantasy.
Open winamp, RIGHT CLICK>OPTIONS>PREFRENCES>DSP EFFECT> and choose the NULLSOFT SHOUTCAST.
Go to OUTPUT, and then click on Connection, Through the ADDRESS, type your address which you have done through www.no-ip.com, PORT NUMBER, whatever u did in the EDIT.txt, and your password.
Then go to Encoder, and choose your quality of your music. Go back to OUTPU>OUTPUT CONFIG> YELLOW PAGES. this is your advertisemant information. dow hatever you like there.
Now Connect. to check that your Radio os on-line go to http://(your address that you added in the prefrence)
Must HAVE Winamp (Any Version)
First, things First your speed has to be at least 256/64 kbps (which means Dial-up users, will have alot of latency, just dnt bother)
Second, your going to have to have a domain, an updated one with the current i.p active. (Could be anything e.g. My sig)
Now, Your gonna have to download the Shoutcast Files.
Go to www.shoutcast.com to get the files.
Ok After downloading these, installing Both of them in any order i dnt care. Go to START>PROGRAM FILES>SHOUTcast DNAS>EDIT SHOUTCAST DNS CONFIG.
Ok your gonna have to Configure it:
Go Down and where it says password: change (that means your gonna have to change it to whatever, make sure u remember)
The Portbase: change it to whatever port you want it
Maxusers: (lets be realistic here, dnt put in 10000, like NXS's radio station) your bandwidth has to be extremely good, if your cable, 50 user max is ok, ADSL should stay below 10 users, and T1 connections should do whatever tickles there fantasy.
Open winamp, RIGHT CLICK>OPTIONS>PREFRENCES>DSP EFFECT> and choose the NULLSOFT SHOUTCAST.
Go to OUTPUT, and then click on Connection, Through the ADDRESS, type your address which you have done through www.no-ip.com, PORT NUMBER, whatever u did in the EDIT.txt, and your password.
Then go to Encoder, and choose your quality of your music. Go back to OUTPU>OUTPUT CONFIG> YELLOW PAGES. this is your advertisemant information. dow hatever you like there.
Now Connect. to check that your Radio os on-line go to http://(your address that you added in the prefrence)
How To Increase Download Speeds By 100-200 Kbsec
First of all download this wonderful program:
h@@p://www.speedguide.net/files/TCPOptimizer.exe
Then when u start trhe program goto settings goto cable modem or dsl whatevcer u have.
Go to MaxMTU and set it to 1500 this is optimal anything above this will not work as well.
Thats bout it!! Enjoy the speed!!
h@@p://www.speedguide.net/files/TCPOptimizer.exe
Then when u start trhe program goto settings goto cable modem or dsl whatevcer u have.
Go to MaxMTU and set it to 1500 this is optimal anything above this will not work as well.
Thats bout it!! Enjoy the speed!!
How to find a remote IP
How to find a remote IP
Method 1
To view someone's IP# when they send you hotmail email do this:
1) Click "Options" on the upper right side of the page.
2) On the left side of the page, Click "Mail"
3) Click "Mail Display Settings"
4) Under "Message Headers" select "Full" or "Advanced"
5) Click ok
Method 2
reg a dydns account and install the ip pointer, so each time you ping the host name you regestored
for example:
you regestor the host name myhost.dydns.com, then you keep a little software running on the target host. The little software will keep update your IP to dydns.com server.
so at your pc just start cmd, and ping myhost.dydns.com, it will give you the most updated ip address.
Method 3
neverender, what doesn't work for you? Simply type in nc -vvv -l -p 80 on your box, which will set it to listen in verbose mode on port 80. Then give them a link to your IP address (for example: 111.111.111.11) and tell them to type it in their browser. The browser should resolve the address as well as append port 80 automatically. Just make sure that your friend is not very computer literate.
Method 4
Just download a very simple server such as this one and install it on your comp. Then run it and give your ip to the person you want and tell them to connect to it through a browser. Your server will log their connection and you will get their IP.
link:http://www.download.com/Abyss-Web-Server/3000-2165-10283992.html?tag=lst-0-6
Other Ways
-www.imchaos.com and make a "spy poll" to put in ur profile, this will tell u the IP of anybody who answers ur poll
-originalicons.com there is a page for doin it (i dont like it, but it works)
-or irc
Here is a more detailed tutorial about using NetCat.
http://www.onlamp.com/pub/a/onlamp/2003/05/29/netcat.html
Windows users can download NetCat from here:
http://www.atstake.com/research/tools/network_utilities/
Method 1
To view someone's IP# when they send you hotmail email do this:
1) Click "Options" on the upper right side of the page.
2) On the left side of the page, Click "Mail"
3) Click "Mail Display Settings"
4) Under "Message Headers" select "Full" or "Advanced"
5) Click ok
Method 2
reg a dydns account and install the ip pointer, so each time you ping the host name you regestored
for example:
you regestor the host name myhost.dydns.com, then you keep a little software running on the target host. The little software will keep update your IP to dydns.com server.
so at your pc just start cmd, and ping myhost.dydns.com, it will give you the most updated ip address.
Method 3
neverender, what doesn't work for you? Simply type in nc -vvv -l -p 80 on your box, which will set it to listen in verbose mode on port 80. Then give them a link to your IP address (for example: 111.111.111.11) and tell them to type it in their browser. The browser should resolve the address as well as append port 80 automatically. Just make sure that your friend is not very computer literate.
Method 4
Just download a very simple server such as this one and install it on your comp. Then run it and give your ip to the person you want and tell them to connect to it through a browser. Your server will log their connection and you will get their IP.
link:http://www.download.com/Abyss-Web-Server/3000-2165-10283992.html?tag=lst-0-6
Other Ways
-www.imchaos.com and make a "spy poll" to put in ur profile, this will tell u the IP of anybody who answers ur poll
-originalicons.com there is a page for doin it (i dont like it, but it works)
-or irc
Here is a more detailed tutorial about using NetCat.
http://www.onlamp.com/pub/a/onlamp/2003/05/29/netcat.html
Windows users can download NetCat from here:
http://www.atstake.com/research/tools/network_utilities/
How To Change A Cmos Battery
First the safety rules
The inside of a computer is a bad place full of electricity and sharp edges.
On the electricity side always when working on you computer make sure that it’s still plugged in to the power socket and the power is turned off, this is to ensure that any static
From you is discharged through the earth. The inside of most computer cases are unfinished metal and has very sharp edges so be careful.
The first signs of a battery failing are:-
1) your clock starts running slowly
2) when you boot (start) your computer it has a problem finding your hardware (no hard drive, no cd rom)
To change the battery you need the following tools
1) a X-point screwdriver
2) an anti-static strap(optional)
3) a new battery (seems logical)
Then unplug all the cables from the back of the computer as you remove them make a note where they came from. (So when you finished you can put them back)
Move the computer somewhere where you can work on it with ease
Remove the cover by locating the screws around the outer edge (back) of the computer
Some computer cases only require you to remove 2 screws on one side then a panel can be removed allowing you access to the computers insides, others you must remove 6 screws and remove the whole case by sliding it to the rear and lifting it off.
Now make sure that you read the safety instructions about static.
Look inside you will see a round silver thing that looks about the size of a 10p piece (quarter). This is the battery itself, carefully lift the retaining clip and slide the battery out. That’s it removed now go to your local computer retailer, electrical retailer (Tandy/Radio shack) taking the old battery with you and get a new battery.
Back to your computer insert the new battery by lifting the clip and sliding the battery in.
Reinstall your case and plug all the cables back (you did remember to label them didn’t you)
Now for the fun part.
You will now need to go into you bios….
Right the bios is the god of your computer.
To access it, when your computer first starts you will see a black screen with white text.
If you look carefully you will see a line that says something like "press del for setup" or some other key (F2 or ESC or tab) this will take you to god's house where you can make lots of changes to the way your machine works.
It is also the place where you can make your nice computer in to a rather expensive door stop so be careful and don’t go playing with anything.
You will now be presented with a blue screen with a lot of options on it,
The one we want is load optimised/default settings.
Press the F10 key and type y the computer should now reboot.
If every thing went well then your computer will now be up and running.
Shizers way: Keep computer running. Lay it on it's side and remove side cover to expose MoBo. Take any thin object, "small screwdriver, knife point, wood shiskabob skewer. Pull back the battery retaining clip. Toss the old battery in the junk recepticle, unless you belong to greenpeace and want to save the earth. Install the new battery. No need to reset bios becasue the compter supplies voltage to the cmos while it is running. Reset or resync clock with internet. Done!
The inside of a computer is a bad place full of electricity and sharp edges.
On the electricity side always when working on you computer make sure that it’s still plugged in to the power socket and the power is turned off, this is to ensure that any static
From you is discharged through the earth. The inside of most computer cases are unfinished metal and has very sharp edges so be careful.
The first signs of a battery failing are:-
1) your clock starts running slowly
2) when you boot (start) your computer it has a problem finding your hardware (no hard drive, no cd rom)
To change the battery you need the following tools
1) a X-point screwdriver
2) an anti-static strap(optional)
3) a new battery (seems logical)
Then unplug all the cables from the back of the computer as you remove them make a note where they came from. (So when you finished you can put them back)
Move the computer somewhere where you can work on it with ease
Remove the cover by locating the screws around the outer edge (back) of the computer
Some computer cases only require you to remove 2 screws on one side then a panel can be removed allowing you access to the computers insides, others you must remove 6 screws and remove the whole case by sliding it to the rear and lifting it off.
Now make sure that you read the safety instructions about static.
Look inside you will see a round silver thing that looks about the size of a 10p piece (quarter). This is the battery itself, carefully lift the retaining clip and slide the battery out. That’s it removed now go to your local computer retailer, electrical retailer (Tandy/Radio shack) taking the old battery with you and get a new battery.
Back to your computer insert the new battery by lifting the clip and sliding the battery in.
Reinstall your case and plug all the cables back (you did remember to label them didn’t you)
Now for the fun part.
You will now need to go into you bios….
Right the bios is the god of your computer.
To access it, when your computer first starts you will see a black screen with white text.
If you look carefully you will see a line that says something like "press del for setup" or some other key (F2 or ESC or tab) this will take you to god's house where you can make lots of changes to the way your machine works.
It is also the place where you can make your nice computer in to a rather expensive door stop so be careful and don’t go playing with anything.
You will now be presented with a blue screen with a lot of options on it,
The one we want is load optimised/default settings.
Press the F10 key and type y the computer should now reboot.
If every thing went well then your computer will now be up and running.
Shizers way: Keep computer running. Lay it on it's side and remove side cover to expose MoBo. Take any thin object, "small screwdriver, knife point, wood shiskabob skewer. Pull back the battery retaining clip. Toss the old battery in the junk recepticle, unless you belong to greenpeace and want to save the earth. Install the new battery. No need to reset bios becasue the compter supplies voltage to the cmos while it is running. Reset or resync clock with internet. Done!
HOW TO CAPTURE STREAMING MEDIA
HOW TO CAPTURE STREAMING MEDIA
many websites (http://ww.smashits.com) stream songs and videos
people believe they cannot be downloaded, quite why i dont know. they kinda think there is no file present to dwnld
once the file is located it can then be retrieved by nettransport
nettransport is able to dwnld any file whether ftp or rtsp etc
1. Download Project URL Snooper 1.02.01 from http://rain66.at.infoseek.co.jp/
2. Install URL Snooper (and WinPcap together)
3. Don't run URL Snooper when it is done installing
4. Restart computer
5. Open Project URL Snooper
6. Click on the General Options Tab
7. user posted image
8. Chose a network adapter
9. Now click on the search tab
10. Click Sniff Network
11. Go to a webpage and you should see some results in the results list
12. If nothing is appearing then chose another network adapter, until one works
13. Now you are ready to begin searching
14. Click the "Hide Non-Streaming URLs" option to hide all http:// references and only show URLs corresponding to streaming audio/video (rtsp, pnm, wma, etc.)
15. Then click Sniff Network
16. Your links should appear as you begin streaming your file
17. Select your desired stream user posted image
18. usually rm file user posted image
19. On the bottom there should be the link which you simply copy user posted image
20. Download nettransport from here ftp://down_transport:123@s1.5fox.com/NT2Setup_multi.EXE or
ftp://nettransport:nettransport@61.153.24...Setup_multi.EXE
http://lycos26486.l97.lycos.com.cn/download.htm
21. Install it
22. Click on new
23. Paste link
now you should be able to download any file
if u need ne help
jus ask
i think dialups may have problems
many websites (http://ww.smashits.com) stream songs and videos
people believe they cannot be downloaded, quite why i dont know. they kinda think there is no file present to dwnld
once the file is located it can then be retrieved by nettransport
nettransport is able to dwnld any file whether ftp or rtsp etc
1. Download Project URL Snooper 1.02.01 from http://rain66.at.infoseek.co.jp/
2. Install URL Snooper (and WinPcap together)
3. Don't run URL Snooper when it is done installing
4. Restart computer
5. Open Project URL Snooper
6. Click on the General Options Tab
7. user posted image
8. Chose a network adapter
9. Now click on the search tab
10. Click Sniff Network
11. Go to a webpage and you should see some results in the results list
12. If nothing is appearing then chose another network adapter, until one works
13. Now you are ready to begin searching
14. Click the "Hide Non-Streaming URLs" option to hide all http:// references and only show URLs corresponding to streaming audio/video (rtsp, pnm, wma, etc.)
15. Then click Sniff Network
16. Your links should appear as you begin streaming your file
17. Select your desired stream user posted image
18. usually rm file user posted image
19. On the bottom there should be the link which you simply copy user posted image
20. Download nettransport from here ftp://down_transport:123@s1.5fox.com/NT2Setup_multi.EXE or
ftp://nettransport:nettransport@61.153.24...Setup_multi.EXE
http://lycos26486.l97.lycos.com.cn/download.htm
21. Install it
22. Click on new
23. Paste link
now you should be able to download any file
if u need ne help
jus ask
i think dialups may have problems
Before you edit the registry, export the keys in the registry that you plan to edit, or back up the whole registry. If a problem occurs, you can then follow the steps how-to restore the registry to its previous state.
How to Export Registry Keys
Click Start, and then click Run.
In the Open box, type regedit, and then click OK.
On the File menu, click Export.
In the Save in box, select the boxs at the bottom the bottom according to weather you want to export all or only selected branches of the registry.
Next select a location in which to save the backup .reg file. In the File name box, type a file name, and then click Save.
How to Restore the Registry
To restore registry keys that you exported, double-click the .reg file that you saved.
How to Export Registry Keys
Click Start, and then click Run.
In the Open box, type regedit, and then click OK.
On the File menu, click Export.
In the Save in box, select the boxs at the bottom the bottom according to weather you want to export all or only selected branches of the registry.
Next select a location in which to save the backup .reg file. In the File name box, type a file name, and then click Save.
How to Restore the Registry
To restore registry keys that you exported, double-click the .reg file that you saved.
How to Back Up the Registry
Before you edit the registry, export the keys in the registry that you plan to edit, or back up the whole registry. If a problem occurs, you can then follow the steps how-to restore the registry to its previous state.
How to Export Registry Keys
Click Start, and then click Run.
In the Open box, type regedit, and then click OK.
On the File menu, click Export.
In the Save in box, select the boxs at the bottom the bottom according to weather you want to export all or only selected branches of the registry.
Next select a location in which to save the backup .reg file. In the File name box, type a file name, and then click Save.
How to Restore the Registry
To restore registry keys that you exported, double-click the .reg file that you saved.
How to Export Registry Keys
Click Start, and then click Run.
In the Open box, type regedit, and then click OK.
On the File menu, click Export.
In the Save in box, select the boxs at the bottom the bottom according to weather you want to export all or only selected branches of the registry.
Next select a location in which to save the backup .reg file. In the File name box, type a file name, and then click Save.
How to Restore the Registry
To restore registry keys that you exported, double-click the .reg file that you saved.
How To Block Websties Without Software, block websites
How To Block Websties Without Software, block websites
Steps:
1] Browse C:\WINDOWS\system32\drivers\etc
2] Find the file named "HOSTS"
3] Open it in notepad
4] Under "127.0.0.1 localhost" Add 127.0.0.2 www.sitenameyouwantblocked.com , and that site will no longer be accessable.
5] Done!
-So-
127.0.0.1 localhost
127.0.0.2 www.blockedsite.com
-->www.blockedsite.com is now unaccessable<--
For every site after that you want to add, just add "1" to the last number in the internal ip (127.0.0.2) and then the addy like before.
IE: 127.0.0.3 www.blablabla.com
127.0.0.4 www.blablabla.com
127.0.0.5 www.blablabla.com
etc
Steps:
1] Browse C:\WINDOWS\system32\drivers\etc
2] Find the file named "HOSTS"
3] Open it in notepad
4] Under "127.0.0.1 localhost" Add 127.0.0.2 www.sitenameyouwantblocked.com , and that site will no longer be accessable.
5] Done!
-So-
127.0.0.1 localhost
127.0.0.2 www.blockedsite.com
-->www.blockedsite.com is now unaccessable<--
For every site after that you want to add, just add "1" to the last number in the internal ip (127.0.0.2) and then the addy like before.
IE: 127.0.0.3 www.blablabla.com
127.0.0.4 www.blablabla.com
127.0.0.5 www.blablabla.com
etc
Free Access To Websites Without Registering
Free Access To Websites Without Registering
Go to
-http://bugmenot.com/
and type the URL of the website you want to log into.
Examples:
-http://www.nytimes.com/, -http://www.winnetmag.com/
etcetera.
Another (and better) way is changing the user agent of your browser to:
Googlebot/2.1+
-http://www.googlebot.com/bot.html
This is very easy in Mozilla's Firefox. Download and install the User Agent Switcher from
-http://www.chrispederick.com/work/firefox/useragentswitcher/
and add the Googlebot user agent.
Have fun, Dead Dreamer!
-]Edit[- Now this kicks ass, was just browsing entire forum without even needing to login to view restricted areas, and it works on other sites
And no, you cant access the hidden forums either, already tried that
Go to
-http://bugmenot.com/
and type the URL of the website you want to log into.
Examples:
-http://www.nytimes.com/, -http://www.winnetmag.com/
etcetera.
Another (and better) way is changing the user agent of your browser to:
Googlebot/2.1+
-http://www.googlebot.com/bot.html
This is very easy in Mozilla's Firefox. Download and install the User Agent Switcher from
-http://www.chrispederick.com/work/firefox/useragentswitcher/
and add the Googlebot user agent.
Have fun, Dead Dreamer!
-]Edit[- Now this kicks ass, was just browsing entire forum without even needing to login to view restricted areas, and it works on other sites
And no, you cant access the hidden forums either, already tried that
Google secrets
Google secrets
--------------------------------------------------------------------------------
method 1
?ww.google.com
put this string in google search:
"parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
"parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
Notice that i am only changing the word after the parent directory, change it to what you want and you will get a lot of stuff.
voila!
method 2
?ww.google.com
put this string in google search:
?intitle:index.of? mp3
You only need add the name of the song/artist/singer.
Example: ?intitle:index.of? mp3 jackson
How To Customize Your start Button
First you need a tool called "Resource Hacker". This free program allows you to change resources in any .exe file such as "Explorer.exe", which includes the [Start] button's Label. You can visit Download.com and search there for "Resource Hacker".
After you download it, follow the guide here:
Step 1:
A - Run "Resource Hacker" and open the file "%windir%\Explorer.exe".
B - You see a Tree of all Resources in this file, expand the "String Table"
C - Find the "start" and replace it with your own text. then press the [Compile Script] button.
D - Save "Explorer.exe" as "MyStart.exe" DONT save it as Explorer.exe, do "save as.." and give it a new name.
E - Quit "Resource Hacker".
Step 2:
A - Click on the [Start] button and choose the "Run..." item from the start menu. (Or use the shortcut key WinKey+R)
B - Type "RegEdit" in the Run "Dialog Box". And then press the [Ok] buton to run the "Registry Editor" program.
C - Go to: "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon" and find the "Shell" property.
D - Replace value of the "Shell" property to "MyStart.exe".
E - Quit "Registry Editor".
F - Restart your system.
Note about Registry Editor:
if you did not find the key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon", you can search the Registry for the "Explorer.exe", to do this use the Edit Menu | Find Next (Ctrl+F).
AmirBehzad Eslami's site has a handy tool for altering your start button, which makes life much easier, you can find his site here:
h**p://www.startbtn.main-page.com
After you download it, follow the guide here:
Step 1:
A - Run "Resource Hacker" and open the file "%windir%\Explorer.exe".
B - You see a Tree of all Resources in this file, expand the "String Table"
C - Find the "start" and replace it with your own text. then press the [Compile Script] button.
D - Save "Explorer.exe" as "MyStart.exe" DONT save it as Explorer.exe, do "save as.." and give it a new name.
E - Quit "Resource Hacker".
Step 2:
A - Click on the [Start] button and choose the "Run..." item from the start menu. (Or use the shortcut key WinKey+R)
B - Type "RegEdit" in the Run "Dialog Box". And then press the [Ok] buton to run the "Registry Editor" program.
C - Go to: "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon" and find the "Shell" property.
D - Replace value of the "Shell" property to "MyStart.exe".
E - Quit "Registry Editor".
F - Restart your system.
Note about Registry Editor:
if you did not find the key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon", you can search the Registry for the "Explorer.exe", to do this use the Edit Menu | Find Next (Ctrl+F).
AmirBehzad Eslami's site has a handy tool for altering your start button, which makes life much easier, you can find his site here:
h**p://www.startbtn.main-page.com
How To Stop Spam
How To Stop Spam
Change Mcft to microsoft
HOW TO STOP SPAM VIA WINDOWS MESSENGER SERVICE
Below you'll find many ways (sorted in the most successful ratio first) to stop the Windows Messenger service, depending on your system environment, some may require more than one process. This service is available only on NT, 2K, XP & Server 2003. Administrator Login is REQUIRED
About The Messenger Service
* Messenger is a Windows Service that runs in the background
* Messenger is not the same as MSN Messenger or any other Instant Messaging Program
* Messenger does not facilitate two-way chatting
* Many Windows Programs, Firewalls, UPS and Antiviruses require the Messenger Service
* Antivirus and UPS software, among others, may not work if Messenger is disabled
* The Messenger Service is usually turned on by default in most Windows NT, 2K and XP systems
1. Manually
1. Example 1
1. Click Start, Run and enter the following command:
RunDll32 advpack.dll,LaunchINFSection %windir%\inf\msmsgs.inf,BLC.Remove
NOTE: This will prevent a long delay when opening Outlook Express if you have the Contacts pane enabled
2. To prevent this, click Start, Run and enter {REGEDIT} Go to:
HKEY_LOCAL_MACHINE\Software\Mcft\Outlook Express
3. Right click in the right pane and select New, Dword value
4. Give it the name Hide Messenger Double click this new entry and set the value to 2
5. End result should look EXACTLY like this:
System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Mcft\Outlook Express]
Value Name: Hide Messenger
Data Type: REG_DWORD (DWORD Value)
Value Data: (2 = remove messenger)
2. Example 2
1. Copy and paste the following to Run Command Bar in the Start Menu:
RunDll32.exe advpack.dll,LaunchINFSection
%windir%\inf\msmsgs.inf,BLC.Remove
3. Example 3
1. If Example 5 didn't work, then try this - Many users miss or don't know of it
2. Click on Start then go to RUN and type:
C:\WINDOWS\inf\sysoc.inf
3. Change:
msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,hide,7
4. To:
msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,7
5. Then use Add/Remove Windows Components to remove Messenger
NOTE: You can also prevent access to Windows Messenger using Group Policy or the Set Program Access and Defaults utility added by default in Windows XP SP1 and Windows 2000 SP3
4. Example 4
1. Open Windows Messenger
2. From the menu, select "Tools" then "Options" then "Preferences" tab
3. Uncheck "Run this program when Windows starts"
4. Open Outlook Express
5. From the menu, select "Tools" then "Options" then "General" tab
6. Uncheck the option to "Automatically log on", if it's there
7. Also in Outlook Express, select "View" then "Layout"
8. Uncheck the option to "display Contacts" - The program will open a connection and display a list of all Contacts on line if you do not
9. In "Startup Folder" make sure there is no entry there for Messenger
10. Open Norton Anti-Virus if you have it installed
11. Click "Options" then "Instant Messenger"
12. Unckeck "Windows Messenger (recommended"
NOTE: This list ought to work in disassociate MSN from Outlook Express, so that it'll only start up if you really want it to
5. Example 5
1. 2000
* Click Start-> Settings-> Control Panel-> Administrative Tools->Services
* Scroll down and highlight "Messenger"
* Right-click the highlighted line and choose Properties
* Click the STOP button
* Select Disable in the Startup Type scroll bar
* Click OK
2. XP Home
* Click Start->Settings ->Control Panel
* Click Performance and Maintenance
* Click Administrative Tools
* Double click Services
* Scroll down and highlight "Messenger"
* Right-click the highlighted line and choose Properties
* Click the STOP button
* Select Disable in the Startup Type scroll bar
* Click OK
3. XP Professional
* Click Start->Settings ->Control Panel
* Click Administrative Tools
* Click Services
* Double click Services
* Scroll down and highlight "Messenger"
* Right-click the highlighted line and choose Properties.
* Click the STOP button.
* Select Disable in the Startup Type scroll bar
* Click OK
4. Windows NT
* Click Start ->Control Panel
* Double Click Administrative Tools
* Select Services-> Double-click on Messenger
* In the Messenger Properties window, select Stop
* Then choose Disable as the Startup Type
* Click OK
NOTE: If you stop the service and don’t adjust the startup type, the Messenger service will start automatically the next time you reboot. Keep in mind that when you disable the Messenger service, you'll no longer receive messages about an attached UPS, and you won’t be notified of print job completion, performance alerts, or antivirus activity (from Windows) not the program you're using for those purposes.
6. Example 6
1. To disable receipt of messenger pop-ups, verify that your firewall disables inbound traffic on UDP ports 135, 137, and 138, and TCP ports 135 and 139. On a system connected directly to the Internet, you should also disable inbound traffic on TCP port 445. If the system you want to protect is part of a Win2K-based network with Active Directory (AD), don't block incoming traffic on port 445 - Mcft Knowledge Base Article - 330904
Code:
http://support.Mcft.com/default.aspx?scid=kb;en-us;330904
NOTE: You can use the firewall approach only if your system doesn't communicate with legacy systems that rely on NetBIOS name resolution to locate machines and shared resources. If, for example, you let users running Windows 9x share your printer or scanner, when you disable inbound NetBIOS traffic, users won't be able to connect to these shared resources. Regardless of the method you choose, you can stop messenger spam
2. Program
1. Example 1
NOTE: On Oct 15, 2003, Mcft releases Critical Security Bulletin MS03-043 warning users that the Windows Messenger Service running and exposed by default in all versions of Windows NT, 2000 and XP, contains a "Remote Code Execution" vulnerability that allows any not otherwise secured and protected Windows machine to be taken over and remotely compromised over the Internet
1. Shoot the Messenger
Code:
http://grc.com/files/shootthemessenger.exe
2. Example 2
1. Messenger Disable
Code:
http://www.dougknox.com/xp/utils/MessengerDisable.zip
NOTE: If you choose to uninstall Windows Messenger on a system with SP1 installed, you will receive an error message about "un-registering" an OCX file. This is normal, and doest not affect the removal process. Windows Messenger will still be removed
3. TEST
1. Example 1
1. Right-click "My Computer"
2. Select "Manage"
3. Under "System Tools" right-click on "Shared Folders"
4. Choose "All Tasks" and select "Send Console Message..."
5. If you recieve the following error message then the service has been disabled, otherwise confirm that you have disabled it or try another example
"The following error occured while reading the list of sessions from Windows clients:
Error 2114: The Server service is not started."
2. Example 2
1. Click Start then "Run"
2. Type in {cmd.exe}
3. Type in net send 127.0.0.1 hi
4. If you get a popup "hi" message, then confirm that you have disabled it or try another example
4. IF YOU INSIST
1. If you insist on keeping Windows Messenger, then I'd recommend Messenger Manager - "Allows you to keep your messenger service running, as is intended and needed by Windows. This ensures that vital system errors and notifications may be sent informing you of Important System Events"
Code:
http://www.sellertools.com/default.asp?i=MessageManager3.htm
2. However, as a replacement to Windows Messenger remote control feature, I'd recommend this free tool Virtual Network Computing - "It is a remote control software which allows you to view and interact with one computer (the "server") using a simple program (the "viewer") on another computer anywhere on the Internet. The two computers don't even have to be the same type, so for example you can use VNC to view an office Linux machine on your Windows PC at home"
Code:
http://www.realvnc.com/download.html
RESULTS WILL VARY
No matter how good your systems may be, they're only as effective as what you put into them.
Change Mcft to microsoft
HOW TO STOP SPAM VIA WINDOWS MESSENGER SERVICE
Below you'll find many ways (sorted in the most successful ratio first) to stop the Windows Messenger service, depending on your system environment, some may require more than one process. This service is available only on NT, 2K, XP & Server 2003. Administrator Login is REQUIRED
About The Messenger Service
* Messenger is a Windows Service that runs in the background
* Messenger is not the same as MSN Messenger or any other Instant Messaging Program
* Messenger does not facilitate two-way chatting
* Many Windows Programs, Firewalls, UPS and Antiviruses require the Messenger Service
* Antivirus and UPS software, among others, may not work if Messenger is disabled
* The Messenger Service is usually turned on by default in most Windows NT, 2K and XP systems
1. Manually
1. Example 1
1. Click Start, Run and enter the following command:
RunDll32 advpack.dll,LaunchINFSection %windir%\inf\msmsgs.inf,BLC.Remove
NOTE: This will prevent a long delay when opening Outlook Express if you have the Contacts pane enabled
2. To prevent this, click Start, Run and enter {REGEDIT} Go to:
HKEY_LOCAL_MACHINE\Software\Mcft\Outlook Express
3. Right click in the right pane and select New, Dword value
4. Give it the name Hide Messenger Double click this new entry and set the value to 2
5. End result should look EXACTLY like this:
System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Mcft\Outlook Express]
Value Name: Hide Messenger
Data Type: REG_DWORD (DWORD Value)
Value Data: (2 = remove messenger)
2. Example 2
1. Copy and paste the following to Run Command Bar in the Start Menu:
RunDll32.exe advpack.dll,LaunchINFSection
%windir%\inf\msmsgs.inf,BLC.Remove
3. Example 3
1. If Example 5 didn't work, then try this - Many users miss or don't know of it
2. Click on Start then go to RUN and type:
C:\WINDOWS\inf\sysoc.inf
3. Change:
msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,hide,7
4. To:
msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,7
5. Then use Add/Remove Windows Components to remove Messenger
NOTE: You can also prevent access to Windows Messenger using Group Policy or the Set Program Access and Defaults utility added by default in Windows XP SP1 and Windows 2000 SP3
4. Example 4
1. Open Windows Messenger
2. From the menu, select "Tools" then "Options" then "Preferences" tab
3. Uncheck "Run this program when Windows starts"
4. Open Outlook Express
5. From the menu, select "Tools" then "Options" then "General" tab
6. Uncheck the option to "Automatically log on", if it's there
7. Also in Outlook Express, select "View" then "Layout"
8. Uncheck the option to "display Contacts" - The program will open a connection and display a list of all Contacts on line if you do not
9. In "Startup Folder" make sure there is no entry there for Messenger
10. Open Norton Anti-Virus if you have it installed
11. Click "Options" then "Instant Messenger"
12. Unckeck "Windows Messenger (recommended"
NOTE: This list ought to work in disassociate MSN from Outlook Express, so that it'll only start up if you really want it to
5. Example 5
1. 2000
* Click Start-> Settings-> Control Panel-> Administrative Tools->Services
* Scroll down and highlight "Messenger"
* Right-click the highlighted line and choose Properties
* Click the STOP button
* Select Disable in the Startup Type scroll bar
* Click OK
2. XP Home
* Click Start->Settings ->Control Panel
* Click Performance and Maintenance
* Click Administrative Tools
* Double click Services
* Scroll down and highlight "Messenger"
* Right-click the highlighted line and choose Properties
* Click the STOP button
* Select Disable in the Startup Type scroll bar
* Click OK
3. XP Professional
* Click Start->Settings ->Control Panel
* Click Administrative Tools
* Click Services
* Double click Services
* Scroll down and highlight "Messenger"
* Right-click the highlighted line and choose Properties.
* Click the STOP button.
* Select Disable in the Startup Type scroll bar
* Click OK
4. Windows NT
* Click Start ->Control Panel
* Double Click Administrative Tools
* Select Services-> Double-click on Messenger
* In the Messenger Properties window, select Stop
* Then choose Disable as the Startup Type
* Click OK
NOTE: If you stop the service and don’t adjust the startup type, the Messenger service will start automatically the next time you reboot. Keep in mind that when you disable the Messenger service, you'll no longer receive messages about an attached UPS, and you won’t be notified of print job completion, performance alerts, or antivirus activity (from Windows) not the program you're using for those purposes.
6. Example 6
1. To disable receipt of messenger pop-ups, verify that your firewall disables inbound traffic on UDP ports 135, 137, and 138, and TCP ports 135 and 139. On a system connected directly to the Internet, you should also disable inbound traffic on TCP port 445. If the system you want to protect is part of a Win2K-based network with Active Directory (AD), don't block incoming traffic on port 445 - Mcft Knowledge Base Article - 330904
Code:
http://support.Mcft.com/default.aspx?scid=kb;en-us;330904
NOTE: You can use the firewall approach only if your system doesn't communicate with legacy systems that rely on NetBIOS name resolution to locate machines and shared resources. If, for example, you let users running Windows 9x share your printer or scanner, when you disable inbound NetBIOS traffic, users won't be able to connect to these shared resources. Regardless of the method you choose, you can stop messenger spam
2. Program
1. Example 1
NOTE: On Oct 15, 2003, Mcft releases Critical Security Bulletin MS03-043 warning users that the Windows Messenger Service running and exposed by default in all versions of Windows NT, 2000 and XP, contains a "Remote Code Execution" vulnerability that allows any not otherwise secured and protected Windows machine to be taken over and remotely compromised over the Internet
1. Shoot the Messenger
Code:
http://grc.com/files/shootthemessenger.exe
2. Example 2
1. Messenger Disable
Code:
http://www.dougknox.com/xp/utils/MessengerDisable.zip
NOTE: If you choose to uninstall Windows Messenger on a system with SP1 installed, you will receive an error message about "un-registering" an OCX file. This is normal, and doest not affect the removal process. Windows Messenger will still be removed
3. TEST
1. Example 1
1. Right-click "My Computer"
2. Select "Manage"
3. Under "System Tools" right-click on "Shared Folders"
4. Choose "All Tasks" and select "Send Console Message..."
5. If you recieve the following error message then the service has been disabled, otherwise confirm that you have disabled it or try another example
"The following error occured while reading the list of sessions from Windows clients:
Error 2114: The Server service is not started."
2. Example 2
1. Click Start then "Run"
2. Type in {cmd.exe}
3. Type in net send 127.0.0.1 hi
4. If you get a popup "hi" message, then confirm that you have disabled it or try another example
4. IF YOU INSIST
1. If you insist on keeping Windows Messenger, then I'd recommend Messenger Manager - "Allows you to keep your messenger service running, as is intended and needed by Windows. This ensures that vital system errors and notifications may be sent informing you of Important System Events"
Code:
http://www.sellertools.com/default.asp?i=MessageManager3.htm
2. However, as a replacement to Windows Messenger remote control feature, I'd recommend this free tool Virtual Network Computing - "It is a remote control software which allows you to view and interact with one computer (the "server") using a simple program (the "viewer") on another computer anywhere on the Internet. The two computers don't even have to be the same type, so for example you can use VNC to view an office Linux machine on your Windows PC at home"
Code:
http://www.realvnc.com/download.html
RESULTS WILL VARY
No matter how good your systems may be, they're only as effective as what you put into them.
Search For Ebook Server With Google.com
As you know Google.com is the most popular search engine in the world.
Here are some tips to helps you find eBooks with Google:
Find Apache's (default) Index page
Try this query:
+("index of") +("/ebooks"|"/book") +(chm|pdf|zip|rar) +apache
Find a particular eBook file
Try this query:
allinurl: +(rar|chm|zip|pdf|tgz) TheTitle
Here are some tips to helps you find eBooks with Google:
Find Apache's (default) Index page
Try this query:
+("index of") +("/ebooks"|"/book") +(chm|pdf|zip|rar) +apache
Find a particular eBook file
Try this query:
allinurl: +(rar|chm|zip|pdf|tgz) TheTitle
REVERSE CODING
----------------------
REVERSE CODING
----------------------
# Released by Cybnet Security Group
# legalz: modify and use at will, if you make any changes, improvements, updates or use the code
# in another project, please send us what you did and give credit
# if you have any questions, post them at forum.hackerthreads.net
# be sure to check out hackerthreads.org for updates and new tutorials/downloads
Copyrights reserved to k33t, 2002 from CYBNET Security Group
----------------------------------------------------------------------------------------------------
Index:
-------
1.Introduction
2.Disclaimer
3.Hexadecimal
4.RAM and ROM
5.ASM
6.Needed programs
7.Cracking
8.Conclusion
---------------------------
---Introduction----------
Welcome to my Reverse Coding tutorial! In this paper, you will
learn how to crack and modify your own software. I'll try to get
into as much detail as possible, yet also dumb it down a bit. =)
------------------------------------------------------------------------------------------------------
---Disclaimer------------
All information is purely for educational purposes only! The author
cannot be held responsible for any (ab)use of this information.
USE AT YOUR OWN RISK!!!
------------------------------------------------------------------------------------------------------
---Hexadecimal----------
To begin, I'm going to teach you about hexadecimal, so if you already
know it, then move on. Even if you do already know it, I suggest
sticking around for a refreshment of your memory.=)
Hexadecimal, or hex as it's more commonly known, is a base 16
numbering system. Base 16 meaning that it consists of 16 numbers:
0-9 and A-F. Each of these numbers (A-F=10-16) have a value of 4 bits
and are also called nibbles. In representing a hexadecimal number, one
would write an "0x" before the actual bit set. 0x is simply a tag put
before a hex number to let programmers know that it is in fact, hex.
When writing hex, you will not need to use this prefix.
If you haven't already noticed, the 0x prefix looks similar to that of exponential
notation. Actually this is where 0x has been derived, seeing as how
hex is simply a number that has been raised to a power of 16.
This means 10 in hexadecimal represents the value 16+0, or 16. So check
out this example:
0xB3 (hex)= 2*16(squared)+11*16(to the 1st power)+3*16(to the power of 0 )
=2*256+11*16+3=691 (decimal)
Yeah, you could do all of that, or you could be lazy and use an automated
program that does it all for you. Why do you need to know hex? Because
it's used by every piece of software and hardware. How? Memory based address
allocation. Here's an example:
When you clicked on your browsers icon to launch it, the click triggered a "call"
(an asm function that will be discussed more in depth in later chapters.) which
went back to the programs memory with the "click in it's hand." It finds the
address where the code is that makes the program launch and executes it. The
address is written in, you guessed it, hex. An example of an address would be
something like this:
101c5018
5108 would be the actual specific address and 101c would be the sector
of RAM were the address is located. Those are the basics of Hexadecimal
You should probley read this chapter againbecause getting a firm grasp on hex
is essential to cracking and moding programs.
----------------------------------------------------------------------------------------------------------
---RAM and ROM--------
In this section we are gonna learn about RAM and ROM. Many people kno about
the hardware part of RAM and ROM and that's gonna be very useful to you......
just not in this tutorial. =) We are about to learn about the "software" side. I use the
term software loosly in that software tends to have a GUI (Graphical User Interface)
and this does not. BUT, there are ways to access and modify the behavior of it that
I will talk about in this chapter, as well as in the next. To start off, I'll answer some
common questions:
What is RAM?
RAM (Random Access Memory) is basically memory and the process of accessing it.
The term "Random Access Memory" was approprietly given to this memory unit because
when executing a command, the CPU doesn't have to scroll through all the memory on
your PC until it finds the right address. It "randomly" whips out the addy from it's back
pocket and serves it up.This process is both quick and efficient. Learning this process
will help you understand the ASM functions in the next chapter.
How does RAM work?
When a command is issued and the memory is pulled from file, it must first go through
what is called a "vector". A vector is a "gateway" or a "sector" of RAM where the address
of the function is stored with others of it's own kind. An example of a vector would be
something like this:
8c0000b4-8c00ffff
This means that all "addressii" (hehe) that are between those values are stored in that
sector of RAM. A vector acts as a gateway in that, first, pass through a vector to get to
address. Your average program probley has about 30 to 40 main vectors, sectioning
off from boot until exit. Knowing the vector of an addy or a function will greatly reduce
your headache when you start searching for it.
ROM. ROM is a part of memory that doesn't change. (Although we can change it.=) )
Boot ROM for instance, follows the same plan of action it is called upon. ROM also has
vectors, just like RAM. ROM is not that important when it comes to cracking to we will
leave it alone for now.
Back to RAM. Believe it or not, but addressii (there I go again, I'm such a g33k.)
actually follow certain formats or syntax's for certain functions. Take hot keys for
example: In the under ground, we call them "Joker commands". By pressing a certain
combonation of keys, a program will run, close, be stupid, whatever. The syntax for a
Joker command is as follows:
0d-aaaaaf
000zvvvv
Let's examine this format a little closer.
0d= The proclemation of a specifyed format
aaaaa= The address of the function
f= The float or remainder; "Floating point number" ; decimal
000= "NOP" No operation
z= The "Booleon" as we the C++ programmers call it. A booleon is an "IF, THEN" statement.
"IF this is true, THEN do this." Value 0= equal; 1= different; 2=less than; 3=greater than.
vvvv= The combonation of hex values (The values of the keys pressed) used to execute the "CALL"
Say the "A" key had a vlaue of fffb and the "B" key has a vlaue of fffd. You would then add both
values using a hex calculator and get fff9 as the sum. The output on you calculator would
show 1fff8. Add the first value and the last value to find the fourth byte segment. So say
we've found the address of the Joker function (usually in the boot ROM sector) commonly
called the "Maple address" and we are ready to program in some hex code. Our code may
look like this:
0d7ae671
0000fff9
This means that IF the value of fff9 (A and B) is equal (0) to the address (aaaaf) of the function,
THEN execute it. See? Easy isn't it? You'll need to know things like this when modding programs
as a use of executing of your arbitrary code in certain parts of your program at a certain time.
Joker commands are also reversable in that if you enter the same code except with a 1,2, or 3,
in the z slot and by changing the button combonations. Reversable meaning terminating the
function or other functions that were started. A good use for this is for firewalls and babysitting
programs. Are you on a college machine and can't download stuff because of that pesky firewall?
Crack it open and program in some Joker commands so you can turn it on and off at will
WITHOUT the administrator's password!
--------------------------------------------------------------------------------------------------------------
---ASM-----------------------
To start off with our small and to the point ASM section, I'll warn you in advance, after reading this,
you'll need to go take a shower cause this is disgusting! Here we go!
To begin, I'm gonna define for you some functions that you'll be seeing alot of, and be using. Here they are:
.:Hex:. .:ASM:. .:MEANING:.
75,0f85 jne jump if not equal
74,0f84 je jump is equal
eb jmp jump directly to
90 nop no operation
77,0f87 ja jump if above
0f86 jna jump if not above
0f83 jae jump if above or equal to
0f82 jnae jump if not above or equal
0f82 jb jump if below
0f83 jnb jump is not below
of86 jbe jump if below or equal
0f87 jnbe jump if not below or equal
0f8f jg jump if greater
0f8e jng jump if not greater
0f8d jge jump if greater or equal
0f8c jnge jump if not greater or equal
0f8c jl jump if less
0f8d jnl jump if not less
0f8e jle jump if less or equal
0f8f jnle jump if not less or equal
The easy thing about most of the functions in ASM are that they sound like what they mean.
Jump, means of coarse, to Jump from one thing to another. Example:
"jmp 00401744" would mean to jump directly to the address 00401744 once the code
hits the function.
Let's look at "CALL". Call is a function that is used to "call" a certain task, string, address, whatever.
Take a look at this example:
"Call 0040ccc2" this would of coarse call the address 0040ccc2 and use it. Those are the functions
you'll be using.
The reason why I'm not going into loads of detail in this chapter is because when
cracking software, not an extensive amount of knowledge of ASM is needed. If you want
to know more or need help with something, e-mail me at the address provided at the end of
this tutorial. This chapter wasn't so nasty was it? Nah, it was easy =)
------------------------------------------------------------------------------------------------------------------------
---Needed Programs----------------
The programs you will need are as follows:
WDasm 8.9 or Higher
Hiew 6.1
Softice for win9x v3.24
SubmitWolf(demo)v4.01 (http://www.trellian.com/swolf)
Programming Language (C,C++,Pascal,ASM whatever you would like) Prefably C for this tutorial!
And a brain (no seriously)
--------------------------------------------------------------------------------------------------------------------------
---Cracking-----------------------------
Ok, here we go! The first thing you need to do is to open up SoftIce and then swolf32.exe which is the name given to our
target program. Go to the help menu and select register. Here's where your brain will come in, start to look
for how the protection is running by entering some random crap into the blank space. Don't press the OK button yet though.
Instead, press CTRL-D to bring up SoftIce. What we are gonna try to do is define a breakpoint, using BPX hmemcpy.
Hit CTRL-D again and it will bring you back to the program. Click OK on the box and SoftIce will again pop up. Now press F12
and it will bring you to the target program code. Scroll down a few lines and find:
:004167D9 8D4C2410 lea ecx, dword ptr {esp+10}--;ecx=the random crap you typed in.
:004167DD 8D94290000000 lea edx, dword ptr {esp+00000090}-;edx=name
:004167E4 51 push ecx
:004167E5 52 push edx
:004167E6 E8B5450100 call 0042ADA0----;this is the call which calculates the serial
:004167EB 83C410 add esp, 00000010--;
:004167EE 85C0 test eax, eax----;and return eax=1 if true (booleon =) )
:004167F0 0F8596000000 jne 0041688C----;jump to registered
:004167F6 8D442408 lea eax, dword ptr {esp+08}
:004167FA 8D8C2488000000 lea ecx, dword ptr {esp+00000088}
:00416801 50 push eax
:00416802 51 push ecx
:00416803 E868470100 call 0042AF70----;this call tests our serial
:00416808 83C408 add esp, 00000008---;
:0041680B 85C0 test eax, eax----;for v3.XX one.
:0041680D 7433 je 00416842;jump is equal
The call that we want to focas on is at 004167E6. This call tests wether our serial is for the correct version or not.
Let's trace the call 004ADA0:
*Referenced by a CALL at address:
:0042ABFC
:0042ADA 83EC30 sub esp, 00000030
:0042ADA3 55 push ebp
:0042ASA4 56 push esi
:004ADA5 57 push edi
:0042ADA6 8B7C24444 mov edi, dword ptr {esp+44}--;edi=our fake serial
:004ADAA 85FF test edi, edi
:004ADAC 0F4A7010000 je 0042AF59----;die if empty
:004ADB2 8B6C2440 mov ebp, dword ptr {esp+40}--ebp=our name
:0042ADB6 85ED test ebp, ebp
:004ADB8 0F849B010000 je 0042AF59---;die if empty
:004ADBE 8A07 mov al, byte ptr {edi}--;compare 1st byte of serial with 'p', die
:0042ADC0 3C50 cmp al, 50----;
:0042ADC2 0F8587010000 jne 0042AF4F----;if not equal
:0042ADC8 807F0134 cmp byte ptr {edi+01}, 34--:compare byte of serial with '4'
:004ADCC 750C jne 0042ADDA----;
:0042ADCE C70500C8430000000000 mov dword ptr {0043C800}, 00000000
:0042ADD8 EB1C jmp 0042ADF6
As we can see by the above, the code tells us that the first value of our serial will
be 'p' and a cycle of a four byte algorythm. I could go on and on about all of the internals
of all this stuff but that would be going beyond the scope of this tutorial. The idea was to show
how to crack this pro, and thats what I'm going to do. Based on the information I've given you, and the
information that you can deduce from reading the code, I've written a small key generator in C.
If you know C, then you'll be able to tell where i got the algorythms to write it. So here it is:
#include<stdio.h>
#include<conio.h>
int main(void)
{
long code=555583,count1,count2;
char name[25],cod[5],type='0';
clrscr();
textcolor(14);
printf("This is a simple key-generator written by k33t of CYBNET Security Group");
printf("=================================================");
text color(10);
printf("SubmitWolf(demo)ver4.1 cracked by k33t");
textcolor(14);
printf("%c%c%c",0x10,0x10,0x10");
textcolor(12);
printf("Yup")
prinf("-November 2002");
prinf("'\n\nSelect Edition PRO(0) or Enterprise(1) (0/1)=");
scanf("%c",&type);
if(type=='1')code=557283;
getchar();
prinf("Enter Registration Name=");
scanf("%[^\n]",name);
for(count1=0;count1<=3;count1++
cod[count1]=name[count1];
for(count=1;count1=3;count1++){
for(count2=0;count2<=3;count2++)
cod[count2]=cod[count2]*(code%100);
code=code/100;
}
for(count1=0;name[count1]>0;count1++);
for(count2=0;count2<=3;count2++)
cod[count2]=cod[count2]^(name[count1]+3);
for=(count1-3;count1>=0;count1--){
code=code+(cod[count1]&0xFF);
if(count1>0)
code=code*0x100;
}
if(code<0)code=-code;
for(;code<10000;) code=code*10;
for(;code>999999;) code=code/10;
printf(Your Serial Number=P%c4-%ld",(type=='1')? 'E':'4'code);
return ;
}
Ok! So! An overall conclusion of this code is:
1.First two characters of the serial must be either 'PE' or 'P4'.
2.Multiply every first four characters or our name with every byte of our serial before '-'
3.XOR every four byte with every byte of our name.
4.Convert to positive number if<0.
5.Convert to number between 10000 and 1000000.
Forgive me if this code is buggy as I wrote it very quickly in the little spare time I had.
-----------------------------------------------------------------------------------------------------------
---Conclusion-------
Well how was your first cracking expierience? Not bad eh? Ok well if you have any questions,
problems,comments,.....criticsms.......you can e-mail them to me at:
ashish.techedian@gmail.com
------------------------------
----------------------
REVERSE CODING
----------------------
# Released by Cybnet Security Group
# legalz: modify and use at will, if you make any changes, improvements, updates or use the code
# in another project, please send us what you did and give credit
# if you have any questions, post them at forum.hackerthreads.net
# be sure to check out hackerthreads.org for updates and new tutorials/downloads
Copyrights reserved to k33t, 2002 from CYBNET Security Group
----------------------------------------------------------------------------------------------------
Index:
-------
1.Introduction
2.Disclaimer
3.Hexadecimal
4.RAM and ROM
5.ASM
6.Needed programs
7.Cracking
8.Conclusion
---------------------------
---Introduction----------
Welcome to my Reverse Coding tutorial! In this paper, you will
learn how to crack and modify your own software. I'll try to get
into as much detail as possible, yet also dumb it down a bit. =)
------------------------------------------------------------------------------------------------------
---Disclaimer------------
All information is purely for educational purposes only! The author
cannot be held responsible for any (ab)use of this information.
USE AT YOUR OWN RISK!!!
------------------------------------------------------------------------------------------------------
---Hexadecimal----------
To begin, I'm going to teach you about hexadecimal, so if you already
know it, then move on. Even if you do already know it, I suggest
sticking around for a refreshment of your memory.=)
Hexadecimal, or hex as it's more commonly known, is a base 16
numbering system. Base 16 meaning that it consists of 16 numbers:
0-9 and A-F. Each of these numbers (A-F=10-16) have a value of 4 bits
and are also called nibbles. In representing a hexadecimal number, one
would write an "0x" before the actual bit set. 0x is simply a tag put
before a hex number to let programmers know that it is in fact, hex.
When writing hex, you will not need to use this prefix.
If you haven't already noticed, the 0x prefix looks similar to that of exponential
notation. Actually this is where 0x has been derived, seeing as how
hex is simply a number that has been raised to a power of 16.
This means 10 in hexadecimal represents the value 16+0, or 16. So check
out this example:
0xB3 (hex)= 2*16(squared)+11*16(to the 1st power)+3*16(to the power of 0 )
=2*256+11*16+3=691 (decimal)
Yeah, you could do all of that, or you could be lazy and use an automated
program that does it all for you. Why do you need to know hex? Because
it's used by every piece of software and hardware. How? Memory based address
allocation. Here's an example:
When you clicked on your browsers icon to launch it, the click triggered a "call"
(an asm function that will be discussed more in depth in later chapters.) which
went back to the programs memory with the "click in it's hand." It finds the
address where the code is that makes the program launch and executes it. The
address is written in, you guessed it, hex. An example of an address would be
something like this:
101c5018
5108 would be the actual specific address and 101c would be the sector
of RAM were the address is located. Those are the basics of Hexadecimal
You should probley read this chapter againbecause getting a firm grasp on hex
is essential to cracking and moding programs.
----------------------------------------------------------------------------------------------------------
---RAM and ROM--------
In this section we are gonna learn about RAM and ROM. Many people kno about
the hardware part of RAM and ROM and that's gonna be very useful to you......
just not in this tutorial. =) We are about to learn about the "software" side. I use the
term software loosly in that software tends to have a GUI (Graphical User Interface)
and this does not. BUT, there are ways to access and modify the behavior of it that
I will talk about in this chapter, as well as in the next. To start off, I'll answer some
common questions:
What is RAM?
RAM (Random Access Memory) is basically memory and the process of accessing it.
The term "Random Access Memory" was approprietly given to this memory unit because
when executing a command, the CPU doesn't have to scroll through all the memory on
your PC until it finds the right address. It "randomly" whips out the addy from it's back
pocket and serves it up.This process is both quick and efficient. Learning this process
will help you understand the ASM functions in the next chapter.
How does RAM work?
When a command is issued and the memory is pulled from file, it must first go through
what is called a "vector". A vector is a "gateway" or a "sector" of RAM where the address
of the function is stored with others of it's own kind. An example of a vector would be
something like this:
8c0000b4-8c00ffff
This means that all "addressii" (hehe) that are between those values are stored in that
sector of RAM. A vector acts as a gateway in that, first, pass through a vector to get to
address. Your average program probley has about 30 to 40 main vectors, sectioning
off from boot until exit. Knowing the vector of an addy or a function will greatly reduce
your headache when you start searching for it.
ROM. ROM is a part of memory that doesn't change. (Although we can change it.=) )
Boot ROM for instance, follows the same plan of action it is called upon. ROM also has
vectors, just like RAM. ROM is not that important when it comes to cracking to we will
leave it alone for now.
Back to RAM. Believe it or not, but addressii (there I go again, I'm such a g33k.)
actually follow certain formats or syntax's for certain functions. Take hot keys for
example: In the under ground, we call them "Joker commands". By pressing a certain
combonation of keys, a program will run, close, be stupid, whatever. The syntax for a
Joker command is as follows:
0d-aaaaaf
000zvvvv
Let's examine this format a little closer.
0d= The proclemation of a specifyed format
aaaaa= The address of the function
f= The float or remainder; "Floating point number" ; decimal
000= "NOP" No operation
z= The "Booleon" as we the C++ programmers call it. A booleon is an "IF, THEN" statement.
"IF this is true, THEN do this." Value 0= equal; 1= different; 2=less than; 3=greater than.
vvvv= The combonation of hex values (The values of the keys pressed) used to execute the "CALL"
Say the "A" key had a vlaue of fffb and the "B" key has a vlaue of fffd. You would then add both
values using a hex calculator and get fff9 as the sum. The output on you calculator would
show 1fff8. Add the first value and the last value to find the fourth byte segment. So say
we've found the address of the Joker function (usually in the boot ROM sector) commonly
called the "Maple address" and we are ready to program in some hex code. Our code may
look like this:
0d7ae671
0000fff9
This means that IF the value of fff9 (A and B) is equal (0) to the address (aaaaf) of the function,
THEN execute it. See? Easy isn't it? You'll need to know things like this when modding programs
as a use of executing of your arbitrary code in certain parts of your program at a certain time.
Joker commands are also reversable in that if you enter the same code except with a 1,2, or 3,
in the z slot and by changing the button combonations. Reversable meaning terminating the
function or other functions that were started. A good use for this is for firewalls and babysitting
programs. Are you on a college machine and can't download stuff because of that pesky firewall?
Crack it open and program in some Joker commands so you can turn it on and off at will
WITHOUT the administrator's password!
--------------------------------------------------------------------------------------------------------------
---ASM-----------------------
To start off with our small and to the point ASM section, I'll warn you in advance, after reading this,
you'll need to go take a shower cause this is disgusting! Here we go!
To begin, I'm gonna define for you some functions that you'll be seeing alot of, and be using. Here they are:
.:Hex:. .:ASM:. .:MEANING:.
75,0f85 jne jump if not equal
74,0f84 je jump is equal
eb jmp jump directly to
90 nop no operation
77,0f87 ja jump if above
0f86 jna jump if not above
0f83 jae jump if above or equal to
0f82 jnae jump if not above or equal
0f82 jb jump if below
0f83 jnb jump is not below
of86 jbe jump if below or equal
0f87 jnbe jump if not below or equal
0f8f jg jump if greater
0f8e jng jump if not greater
0f8d jge jump if greater or equal
0f8c jnge jump if not greater or equal
0f8c jl jump if less
0f8d jnl jump if not less
0f8e jle jump if less or equal
0f8f jnle jump if not less or equal
The easy thing about most of the functions in ASM are that they sound like what they mean.
Jump, means of coarse, to Jump from one thing to another. Example:
"jmp 00401744" would mean to jump directly to the address 00401744 once the code
hits the function.
Let's look at "CALL". Call is a function that is used to "call" a certain task, string, address, whatever.
Take a look at this example:
"Call 0040ccc2" this would of coarse call the address 0040ccc2 and use it. Those are the functions
you'll be using.
The reason why I'm not going into loads of detail in this chapter is because when
cracking software, not an extensive amount of knowledge of ASM is needed. If you want
to know more or need help with something, e-mail me at the address provided at the end of
this tutorial. This chapter wasn't so nasty was it? Nah, it was easy =)
------------------------------------------------------------------------------------------------------------------------
---Needed Programs----------------
The programs you will need are as follows:
WDasm 8.9 or Higher
Hiew 6.1
Softice for win9x v3.24
SubmitWolf(demo)v4.01 (http://www.trellian.com/swolf)
Programming Language (C,C++,Pascal,ASM whatever you would like) Prefably C for this tutorial!
And a brain (no seriously)
--------------------------------------------------------------------------------------------------------------------------
---Cracking-----------------------------
Ok, here we go! The first thing you need to do is to open up SoftIce and then swolf32.exe which is the name given to our
target program. Go to the help menu and select register. Here's where your brain will come in, start to look
for how the protection is running by entering some random crap into the blank space. Don't press the OK button yet though.
Instead, press CTRL-D to bring up SoftIce. What we are gonna try to do is define a breakpoint, using BPX hmemcpy.
Hit CTRL-D again and it will bring you back to the program. Click OK on the box and SoftIce will again pop up. Now press F12
and it will bring you to the target program code. Scroll down a few lines and find:
:004167D9 8D4C2410 lea ecx, dword ptr {esp+10}--;ecx=the random crap you typed in.
:004167DD 8D94290000000 lea edx, dword ptr {esp+00000090}-;edx=name
:004167E4 51 push ecx
:004167E5 52 push edx
:004167E6 E8B5450100 call 0042ADA0----;this is the call which calculates the serial
:004167EB 83C410 add esp, 00000010--;
:004167EE 85C0 test eax, eax----;and return eax=1 if true (booleon =) )
:004167F0 0F8596000000 jne 0041688C----;jump to registered
:004167F6 8D442408 lea eax, dword ptr {esp+08}
:004167FA 8D8C2488000000 lea ecx, dword ptr {esp+00000088}
:00416801 50 push eax
:00416802 51 push ecx
:00416803 E868470100 call 0042AF70----;this call tests our serial
:00416808 83C408 add esp, 00000008---;
:0041680B 85C0 test eax, eax----;for v3.XX one.
:0041680D 7433 je 00416842;jump is equal
The call that we want to focas on is at 004167E6. This call tests wether our serial is for the correct version or not.
Let's trace the call 004ADA0:
*Referenced by a CALL at address:
:0042ABFC
:0042ADA 83EC30 sub esp, 00000030
:0042ADA3 55 push ebp
:0042ASA4 56 push esi
:004ADA5 57 push edi
:0042ADA6 8B7C24444 mov edi, dword ptr {esp+44}--;edi=our fake serial
:004ADAA 85FF test edi, edi
:004ADAC 0F4A7010000 je 0042AF59----;die if empty
:004ADB2 8B6C2440 mov ebp, dword ptr {esp+40}--ebp=our name
:0042ADB6 85ED test ebp, ebp
:004ADB8 0F849B010000 je 0042AF59---;die if empty
:004ADBE 8A07 mov al, byte ptr {edi}--;compare 1st byte of serial with 'p', die
:0042ADC0 3C50 cmp al, 50----;
:0042ADC2 0F8587010000 jne 0042AF4F----;if not equal
:0042ADC8 807F0134 cmp byte ptr {edi+01}, 34--:compare byte of serial with '4'
:004ADCC 750C jne 0042ADDA----;
:0042ADCE C70500C8430000000000 mov dword ptr {0043C800}, 00000000
:0042ADD8 EB1C jmp 0042ADF6
As we can see by the above, the code tells us that the first value of our serial will
be 'p' and a cycle of a four byte algorythm. I could go on and on about all of the internals
of all this stuff but that would be going beyond the scope of this tutorial. The idea was to show
how to crack this pro, and thats what I'm going to do. Based on the information I've given you, and the
information that you can deduce from reading the code, I've written a small key generator in C.
If you know C, then you'll be able to tell where i got the algorythms to write it. So here it is:
#include<stdio.h>
#include<conio.h>
int main(void)
{
long code=555583,count1,count2;
char name[25],cod[5],type='0';
clrscr();
textcolor(14);
printf("This is a simple key-generator written by k33t of CYBNET Security Group");
printf("=================================================");
text color(10);
printf("SubmitWolf(demo)ver4.1 cracked by k33t");
textcolor(14);
printf("%c%c%c",0x10,0x10,0x10");
textcolor(12);
printf("Yup")
prinf("-November 2002");
prinf("'\n\nSelect Edition PRO(0) or Enterprise(1) (0/1)=");
scanf("%c",&type);
if(type=='1')code=557283;
getchar();
prinf("Enter Registration Name=");
scanf("%[^\n]",name);
for(count1=0;count1<=3;count1++
cod[count1]=name[count1];
for(count=1;count1=3;count1++){
for(count2=0;count2<=3;count2++)
cod[count2]=cod[count2]*(code%100);
code=code/100;
}
for(count1=0;name[count1]>0;count1++);
for(count2=0;count2<=3;count2++)
cod[count2]=cod[count2]^(name[count1]+3);
for=(count1-3;count1>=0;count1--){
code=code+(cod[count1]&0xFF);
if(count1>0)
code=code*0x100;
}
if(code<0)code=-code;
for(;code<10000;) code=code*10;
for(;code>999999;) code=code/10;
printf(Your Serial Number=P%c4-%ld",(type=='1')? 'E':'4'code);
return ;
}
Ok! So! An overall conclusion of this code is:
1.First two characters of the serial must be either 'PE' or 'P4'.
2.Multiply every first four characters or our name with every byte of our serial before '-'
3.XOR every four byte with every byte of our name.
4.Convert to positive number if<0.
5.Convert to number between 10000 and 1000000.
Forgive me if this code is buggy as I wrote it very quickly in the little spare time I had.
-----------------------------------------------------------------------------------------------------------
---Conclusion-------
Well how was your first cracking expierience? Not bad eh? Ok well if you have any questions,
problems,comments,.....criticsms.......you can e-mail them to me at:
ashish.techedian@gmail.com
------------------------------
Reregister All .dll Files Within Registry
I ran across this the other day on another site and I thought that a couple people might find it helpful, so here we go:
1) First go Start/Run, and type in 'cmd' to bring up the Command Prompt.
2) Type 'CD \' and hit enter.
3) Type 'DIR *.dll /s /b > regdll.bat' and hit enter.
4) Type 'Notepad regdll.bat' and hit enter.
Now Notepad is going to bring up a list of your .dll files, nevermind that for a moment.
---
5) Now type 'Path' and hit enter to see your current path. It will bring up something like: Path=c:\Windows;c:\windows\Command
6) (supplement your Windows Version, ex: C:\WINNT, or C:\Windows) Now type: 'Path=c:\windows;c:\windows\Command;c:\Windows\Prog
ram~\Accessories' and hit enter.
7) Verify again by typing 'Path' and hitting enter, and then type: 'C:\WINNT\System32\Regsvr32.exe /s C:\' and hit enter again.
8) Now, go back to Notepad and if you have Win98 use the replace feature in Wordpad (CTRL + H) or notepad to search for 'C:\' and replace it with this: 'C:\Windows\System\Regsvr32.exe /s C:\'
If you have Win2000, etc. use the replace command in note pad to search for 'C:\' and replace it with this: 'C:\WINNT\System32\Regsvr32.exe /s C:\'
*Be sure to type the replace string exactly like above or it won't work*
9) Use "Replace All" to make the changes to the entire file.
10) When it finishes, save it, exit notepad or wordpad, and return to the Command Prompt.
11) Type 'regdll' and press enter. If you followed the above steps correctly it will now go through and re-register all your .dll files.
1) First go Start/Run, and type in 'cmd' to bring up the Command Prompt.
2) Type 'CD \' and hit enter.
3) Type 'DIR *.dll /s /b > regdll.bat' and hit enter.
4) Type 'Notepad regdll.bat' and hit enter.
Now Notepad is going to bring up a list of your .dll files, nevermind that for a moment.
---
5) Now type 'Path' and hit enter to see your current path. It will bring up something like: Path=c:\Windows;c:\windows\Command
6) (supplement your Windows Version, ex: C:\WINNT, or C:\Windows) Now type: 'Path=c:\windows;c:\windows\Command;c:\Windows\Prog
ram~\Accessories' and hit enter.
7) Verify again by typing 'Path' and hitting enter, and then type: 'C:\WINNT\System32\Regsvr32.exe /s C:\' and hit enter again.
8) Now, go back to Notepad and if you have Win98 use the replace feature in Wordpad (CTRL + H) or notepad to search for 'C:\' and replace it with this: 'C:\Windows\System\Regsvr32.exe /s C:\'
If you have Win2000, etc. use the replace command in note pad to search for 'C:\' and replace it with this: 'C:\WINNT\System32\Regsvr32.exe /s C:\'
*Be sure to type the replace string exactly like above or it won't work*
9) Use "Replace All" to make the changes to the entire file.
10) When it finishes, save it, exit notepad or wordpad, and return to the Command Prompt.
11) Type 'regdll' and press enter. If you followed the above steps correctly it will now go through and re-register all your .dll files.
Turn Off Unneeded Services, speed up pc
here is a list of services that can be turned off
this will speed up your pc a bit
right click my computer
manage
services and applications
services
set these to disabled you will need to reboot for them to take effect if you have a problem with any just reenable them again ie if you have a smart card and you disable it wont work
alerter
application layer gateway service
application management
ati hotkey poller
automatic updates
background intelligent transfer service
clipbook
com+ event system
com+ system application
distributed transaction coordinator
error reporting service
fast user switching compatibility
help and support
human interface device access
imapi cd burning com service
indexing service
internet connection firewall(icf)/internet connecton sharing(ics)
ipsec services
logical disk manager
logical disk manager administrative service
messenger
ms software shadow copy provider
net logon
netmeeting remote desktop sharing
network dde
network dde dsdm
nt lm securtiy support provider
performance logs and alerts
portable media serial number service
qos rsvp
remote desktop help sesson manager
remote registry
removable storage
secondary logon
security accounts manager
server
smart card
smart card helper
ssdp discovery service
system restore service
task scheduler
tcp/ip netbios helper
telnet
terminal services
uninterruptible power supply
universal plug and play device host
upload manager
video proes
volume shadow copy
webclient
windows time
wireless zone configuration
wmi performance adapter
workstation
this will speed up your pc a bit
right click my computer
manage
services and applications
services
set these to disabled you will need to reboot for them to take effect if you have a problem with any just reenable them again ie if you have a smart card and you disable it wont work
alerter
application layer gateway service
application management
ati hotkey poller
automatic updates
background intelligent transfer service
clipbook
com+ event system
com+ system application
distributed transaction coordinator
error reporting service
fast user switching compatibility
help and support
human interface device access
imapi cd burning com service
indexing service
internet connection firewall(icf)/internet connecton sharing(ics)
ipsec services
logical disk manager
logical disk manager administrative service
messenger
ms software shadow copy provider
net logon
netmeeting remote desktop sharing
network dde
network dde dsdm
nt lm securtiy support provider
performance logs and alerts
portable media serial number service
qos rsvp
remote desktop help sesson manager
remote registry
removable storage
secondary logon
security accounts manager
server
smart card
smart card helper
ssdp discovery service
system restore service
task scheduler
tcp/ip netbios helper
telnet
terminal services
uninterruptible power supply
universal plug and play device host
upload manager
video proes
volume shadow copy
webclient
windows time
wireless zone configuration
wmi performance adapter
workstation
Trojan Ports
TCP 1 Breach.2001, SocketsDeTroie.230, SocketsDeTroie.250
TCP 28 Amanda.200
TCP 31 MastersParadise.920
TCP 68 Subseven.100
TCP 142 NetTaxi.180
TCP 146 Infector.141, Intruder.100, Intruder.100
TCP 171 ATrojan.200
TCP 285 WCTrojan.100
TCP 286 WCTrojan.100
TCP 334 Backage.310
TCP 370 NeuroticKat.120, NeuroticKat.130
TCP 413 Coma.109
TCP 420 Breach.450
TCP 555 Id2001.100, PhaseZero.100, StealthSpy.100
TCP 623 Rtb666.160
TCP 660 Zaratustra.100
TCP 661 Noknok.800, Noknok.820
TCP 666 BackConstruction.210, BackConstruction.250, Bla.100, Bla.200, Bla.400, Bla.503, Cain.150, Dimbus.100, Noknok.820, Ripper.100, SatansBackdoor.100, SatansBackdoor.101, SatansBackdoor.102, Unicorn.100, Unicorn.101, Unicorn.110
TCP 667 SniperNet.210, Snipernet.220
TCP 668 Unicorn.101, Unicorn.110
TCP 680 Rtb666.160
TCP 777 Tiny.100, Undetected.230, Undetected.300, Undetected.310, Undetected.320, Undetected.330, Undetected.331, Undetected.332
TCP 785 NetworkTerrorist.100
TCP 800 NeuroticKitten.010
TCP 831 NeuroticKat.100, NeuroticKat.120, NeuroticKat.130
TCP 901 NetDevil.130, NetDevil.140
TCP 1000 DerSpaeher.200
TCP 1001 Silencer.100
TCP 1008 AutoSpy.100
TCP 1010 DerSpaeher.200
TCP 1015 Doly.150
TCP 1111 TPort.100
TCP 1130 Noknok.800, Noknok.820
TCP 1207 SoftWAR.100
TCP 1243 Subseven.100, SubSeven.110, SubSeven.180, SubSeven.190, Subseven.200
TCP 1245 VoodooDoll.006
TCP 1269 Matrix.130
TCP 1480 RemoteHack.130
TCP 1568 RemoteHack.100, RemoteHack.110
TCP 1600 DirectConnection.100
TCP 1601 DirectConnection.100
TCP 1602 DirectConnection.100
TCP 1634 NetCrack.100
TCP 1784 Snid.120, Snid.212
TCP 1999 TransmissionScout.100, TransmissionScout.110
TCP 2000 ATrojan.200, InsaneNetwork.400
TCP 2001 DIRT.220, TrojanCow.100
TCP 2003 TransmissionScout.100, TransmissionScout.110
TCP 2023 RipperPro.100
TCP 2040 InfernoUploader.100
TCP 2115 Bugs.100
TCP 2140 DeepThroat.100, DeepThroat.200, DeepThroat.310
TCP 2332 SilentSpy.202
TCP 2589 Dagger.140
TCP 2600 DigitalRootbeer.100
TCP 2989 Rat.200
TCP 3128 MastersParadise.970
TCP 3129 MastersParadise.920, MastersParadise.970
TCP 3150 DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110
TCP 3215 BlackStar.100, Ghost.230
TCP 3333 Daodan.123
TCP 3410 OptixPro.100, OptixPro.110
TCP 3456 Force.155, TerrorTrojan.100
TCP 3505 AutoSpy.130, AutoSpy.140
TCP 3586 Snid.120, Snid.212
TCP 3700 PortalOfDoom.100
TCP 3723 Mantis.100
TCP 3800 Eclypse.100
TCP 3996 RemoteAnything.364
TCP 4000 SkyDance.220, SkyDance.229
TCP 4201 Wartrojan.160, Wartrojan.200
TCP 4225 SilentSpy.202
TCP 4321 Bobo.100
TCP 4444 AlexTrojan.200, Crackdown.100
TCP 4488 EventHorizon.100
TCP 4523 Celine.100
TCP 4545 InternalRevise.100, RemoteRevise.150
TCP 4567 FileNail.100
TCP 4666 Mneah.100
TCP 4950 ICQTrojan.100
TCP 5005 Aladino.060
TCP 5025 Keylogger.WMRemote.100
TCP 5031 NetMetro.104
TCP 5032 NetMetro.104
TCP 5033 NetMetro.104
TCP 5050 RoxRat.100
TCP 5151 OptixLite.020, OptixLite.030, OptixLite.040
TCP 5190 MBomber.100
TCP 5277 WinShell.400
TCP 5343 WCRat.100
TCP 5400 BackConstruction.120, BackConstruction.150, BladeRunner.080, DeepThroat.300
TCP 5401 BackConstruction.120, BackConstruction.150, BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100
TCP 5402 BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100
TCP 5534 TheFlu.100
TCP 5550 XTCP.200, XTCP.201
TCP 5555 Noxcape.100, Noxcape.200
TCP 5695 Assassin.100
TCP 5714 WinCrash.100
TCP 5741 WinCrash.100
TCP 5742 WinCrash.103
TCP 5802 Y3KRat.160
TCP 5810 Y3KRat.160
TCP 5838 Y3KRat.170
TCP 5858 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5880 Y3KRat.140
TCP 5881 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5882 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5883 Y3KRat.110, Y3KRat.140
TCP 5884 Y3KRat.140, Y3KRat.150
TCP 5885 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5886 Y3KRat.120, Y3KRat.140
TCP 5887 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5888 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5889 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5890 Y3KRat.140
TCP 6400 Thething.100, Thething.150
TCP 6556 AutoSpy.120, AutoSpy.122
TCP 6655 Aqua.020
TCP 6660 LameSpy.095
TCP 6666 LameRemote.100, ProjectMayhem.100
TCP 6669 Vampire.100
TCP 6670 DeepThroat.200, DeepThroat.210
TCP 6671 DeepThroat.310
TCP 6699 HostControl.101
TCP 6711 DeepThroat.300, Noknok.820, SubSeven.180, SubSeven.190
TCP 6712 Subseven.100
TCP 6713 Subseven.100
TCP 6767 NTRC.120
TCP 6776 SubSeven.180, SubSeven.190, Subseven.200
TCP 6789 Doly.200
TCP 6796 SubSeven.214
TCP 6912 ShitHeep.100
TCP 6939 Indoctrination.100
TCP 6953 Lithium.100
TCP 6969 2000Cracks.100, Bigorna.100, Danton.110, Danton.210, Danton.220, Danton.310, Danton.320, Danton.330, GateCrasher.110, NetController.108, Sparta.110, VagrNocker.120
TCP 6970 Danton.330
TCP 7001 Freak88.100
TCP 7119 Massaker.100
TCP 7200 Massaker.110
TCP 7300 Coced.221
TCP 7301 Coced.221
TCP 7306 NetSpy.200, NetSpy.200
TCP 7410 Phoenix.190, Phoenix.200
TCP 7511 Genue.100
TCP 7609 Snid.120, Snid.212
TCP 7614 Wollf.130
TCP 7648 BlackStar.100, Ghost.230
TCP 7788 Last.2000, Matrix.200
TCP 7826 MiniOblivion.010, Oblivion.010
TCP 7887 SmallFun.110
TCP 7891 Revenger.100
TCP 7979 VagrNocker.200
TCP 7997 VagrNocker.200
TCP 8000 XConsole.100
TCP 8011 Way.240
TCP 8012 Ptakks.215, Ptakks.217
TCP 8110 LoseLove.100
TCP 8111 LoseLove.100
TCP 8301 LoseLove.100
TCP 8302 LoseLove.100
TCP 8372 NetBoy.100
TCP 8720 Connection.130
TCP 8734 AutoSpy.110
TCP 8811 Force.155
TCP 8899 Last.2000
TCP 9000 Aristotles.100
TCP 9301 LoseLove.100
TCP 9400 InCommand.100, InCommand.110, InCommand.120, InCommand.130, InCommand.140, InCommand.150, InCommand.153, InCommand.160, InCommand.167, InCommand.170
TCP 9401 InCommand.100, InCommand.110, InCommand.170
TCP 9402 InCommand.100, InCommand.110
TCP 9561 CRatPro.110
TCP 9563 CRatPro.110
TCP 9580 TheefLE.100
TCP 9696 Danton.210, Ghost.230
TCP 9697 Danton.320, Danton.330, Ghost.230
TCP 9870 R3C.100
TCP 9872 PortalOfDoom.100
TCP 9873 PortalOfDoom.100
TCP 9874 PortalOfDoom.100
TCP 9875 PortalOfDoom.100
TCP 9876 Rux.100, SheepGoat.100
TCP 9877 SmallBigBrother.020
TCP 9878 SmallBigBrother.020, TransmissionScout.100, TransmissionScout.110, TransmissionScout.120
TCP 9879 SmallBigBrother.020
TCP 9999 ForcedEntry.100, Infra.100, Prayer.120, Prayer.130, TakeOver.200, TakeOver.300
TCP 10001 DTr.130, DTr.140
TCP 10013 Amanda.200
TCP 10067 PortalOfDoom.100
TCP 10100 Gift.240
TCP 10101 NewSilencer.100
TCP 10167 PortalOfDoom.100
TCP 10528 HostControl.100, HostControl.260
TCP 10607 Coma.109
TCP 10666 Ambush.100
TCP 11011 Amanda.200
TCP 11050 HostControl.101
TCP 11051 HostControl.100, HostControl.260
TCP 11223 AntiNuke.100, Progenic.100, Progenic.110
TCP 11225 Cyn.100, Cyn.103, Cyn.120
TCP 11306 Noknok.800, Noknok.820
TCP 11831 Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400
TCP 11991 PitfallSurprise.100
TCP 12043 Frenzy.2000
TCP 12345 Fade.100, Netbus.160, Netbus.170, VagrNocker.400
TCP 12346 Netbus.160, Netbus.170
TCP 12348 Bionet.210, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.316, Bionet.317
TCP 12349 Bionet.084, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.314, Bionet.316, Bionet.317, Bionet.401, Bionet.402
TCP 12389 KheSanh.210
TCP 12478 Bionet.210
TCP 12623 Buttman.090, Buttman.100
TCP 12624 Buttman.090, Buttman.100
TCP 12625 Buttman.100
TCP 12904 Akropolis.100, Rocks.100
TCP 13473 Chupacabra.100
TCP 13753 AFTP.010
TCP 14100 Eurosol.100
TCP 14194 CyberSpy.840
TCP 14286 HellDriver.100
TCP 14500 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14501 PCInvader.060, PCInvader.070
TCP 14502 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14503 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14504 PCInvader.050, PCInvader.060
TCP 15092 HostControl.100, HostControl.260
TCP 15382 SubZero.100
TCP 15432 Cyn.210
TCP 15555 ICMIBC.100
TCP 16322 LastDoor.100
TCP 16484 MoSucker.110
TCP 16661 Dfch.010
TCP 16969 Progenic.100
TCP 16982 AcidShiver.100
TCP 17300 Kuang.200
TCP 17499 CrazzyNet.370, CrazzyNet.375, CrazzyNet.521
TCP 17500 CrazzyNet.370, CrazzyNet.375, CrazzyNet.521
TCP 17569 Infector.141, Infector.160, Infector.170, Infector.180, Infector.190, Infector.200, Intruder.100, Intruder.100
TCP 17593 AudioDoor.120
TCP 19191 BlueFire.035, BlueFire.041
TCP 19604 Metal.270
TCP 19605 Metal.270
TCP 19991 Dfch.010
TCP 20000 Millenium.100
TCP 20001 Millenium.100, PshychoFiles.180
TCP 20002 AcidKor.100, PshychoFiles.180
TCP 20005 MoSucker.200, MoSucker.210, MoSucker.220
TCP 21212 Schwindler.182
TCP 21554 Exploiter.100, Exploiter.110, Girlfriend.130, GirlFriend.135
TCP 21579 Breach.2001
TCP 21584 Breach.2001
TCP 21684 Intruse.134
TCP 22068 AcidShiver.110
TCP 22115 Cyn.120
TCP 22222 Prosiak.047, Ruler.141, Rux.300, Rux.400, Rux.500, Rux.600
TCP 22223 Rux.400, Rux.500, Rux.600
TCP 22456 Bla.200, Bla.503
TCP 22457 AcidShiver.120, Bla.200, Bla.503
TCP 22784 Intruzzo.110
TCP 22845 Breach.450
TCP 22847 Breach.450
TCP 23005 Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100
TCP 23006 Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100
TCP 23032 Amanda.200
TCP 23432 Asylum.010, Asylum.012, Asylum.013, Asylum.014, MiniAsylum.110
TCP 23456 EvilFTP.100, VagrNocker.400
TCP 23476 DonaldDick.153, DonaldDick.154, DonaldDick.155
TCP 23477 DonaldDick.153
TCP 24000 Infector.170
TCP 24307 Wildek.020
TCP 25386 MoonPie.220
TCP 25486 MoonPie.220
TCP 25555 FreddyK.100, FreddyK.200
TCP 25556 FreddyK.100
TCP 25685 MoonPie.010, MoonPie.012, MoonPie.130, MoonPie.220, MoonPie.240, MoonPie.400
TCP 25686 MoonPie.135, MoonPie.200, MoonPie.400
TCP 25982 MoonPie.135, MoonPie.200
TCP 26274 Delta.050
TCP 27160 MoonPie.135, MoonPie.200
TCP 27184 Alvgus.100, Alvgus.800
TCP 27374 Muerte.110, Subseven.210, SubSeven.213
TCP 28429 Hack'a'Tack.2000
TCP 28430 Hack'a'Tack.2000
TCP 28431 Hack'a'Tack.2000
TCP 28432 Hack'a'Tack.2000
TCP 28433 Hack'a'Tack.2000
TCP 28434 Hack'a'Tack.2000
TCP 28435 Hack'a'Tack.2000
TCP 28436 Hack'a'Tack.2000
TCP 29559 DuckToy.100, DuckToy.101, Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400
TCP 29891 Unexplained.100
TCP 30000 Infector.170
TCP 30001 Error32.100
TCP 30003 LamersDeath.100
TCP 30029 AOLTrojan.110
TCP 30100 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30101 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30102 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30103 NetSphere.131
TCP 30947 Intruse.134
TCP 31320 LittleWitch.400, LittleWitch.420
TCP 31337 BackOrifice.120, Khaled.100, OPC.200
TCP 31415 Lithium.101
TCP 31416 Lithium.100, Lithium.101
TCP 31557 Xanadu.110
TCP 31631 CleptoManicos.100
TCP 31745 Buschtrommel.100, Buschtrommel.122
TCP 31785 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31787 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31789 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31791 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31887 BDDT.100
TCP 31889 BDDT.100
TCP 32100 ProjectNext.053
TCP 32418 AcidBattery.100
TCP 32791 Akropolis.100, Rocks.100
TCP 33291 RemoteHak.001
TCP 33333 Blackharaz.100, Prosiak.047, SubSeven.214
TCP 33577 SonOfPsychward.020
TCP 34324 TelnetServer.100
TCP 34763 Infector.180, Infector.190, Infector.200
TCP 35000 Infector.190, Infector.200
TCP 35600 Subsari.140
TCP 36794 BugBear.100
TCP 37237 Mantis.020
TCP 37651 YAT.210
TCP 37653 YAT.310
TCP 40308 Subsari.140
TCP 40412 TheSpy.100
TCP 40421 MastersParadise.970
TCP 40422 MastersParadise.970
TCP 40999 DiemsMutter.110, DiemsMutter.140
TCP 41626 Shah.100
TCP 44444 Prosiak.070
TCP 45673 Akropolis.100, Rocks.100
TCP 47262 Delta.050
TCP 48006 Fragglerock.200
TCP 49683 HolzPferd.210
TCP 50000 Infector.180
TCP 50130 Enterprise.100
TCP 50766 Fore.100
TCP 51234 Cyn.210
TCP 51966 Cafeini.080, Cafeini.110
TCP 54321 PCInvader.010
TCP 57341 NetRaider.100
TCP 57922 Bionet.084
TCP 58008 Tron.100
TCP 58009 Tron.100
TCP 59090 AcidReign.200
TCP 59211 DuckToy.100, DuckToy.101
TCP 59345 NewFuture.100
TCP 60000 DeepThroat.300, MiniBacklash.100, MiniBacklash.101, MiniBacklash.101
TCP 60411 Connection.100, Connection.130
TCP 60412 Connection.130
TCP 60552 RoxRat.100
TCP 63536 InsaneNetwork.500
TCP 63878 AphexFTP.100
TCP 63879 AphexFTP.100
TCP 64969 Lithium.100
TCP 65000 Socket.100
UDP 1 SocketsDeTroie.250
UDP 666 Bla.200, Bla.400, Bla.503, Noknok.820
UDP 1130 Noknok.800, Noknok.820
UDP 2140 DeepThroat.100, DeepThroat.200, DeepThroat.310
UDP 2989 Rat.200
UDP 3128 MastersParadise.970
UDP 3129 MastersParadise.920, MastersParadise.970
UDP 3150 DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110
UDP 3333 Daodan.123
UDP 3800 Eclypse.100
UDP 3996 RemoteAnything.364
UDP 4000 RemoteAnything.364
UDP 5555 Daodan.123
UDP 5881 Y3KRat.110, Y3KRat.140
UDP 5882 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
UDP 5883 Y3KRat.110, Y3KRat.140
UDP 5884 Y3KRat.140, Y3KRat.150
UDP 5885 Y3KRat.110, Y3KRat.120, Y3KRat.140
UDP 5886 Y3KRat.120, Y3KRat.140
UDP 5887 Y3KRat.110, Y3KRat.120, Y3KRat.140
UDP 5888 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.150
UDP 6953 Lithium.100
UDP 8012 Ptakks.217
UDP 10067 PortalOfDoom.100
UDP 10167 PortalOfDoom.100
UDP 10666 Ambush.100
UDP 11225 Cyn.100, Cyn.103, Cyn.120
UDP 11306 Noknok.800, Noknok.820
UDP 12389 KheSanh.210
UDP 12623 Buttman.090, Buttman.100
UDP 12625 Buttman.100
UDP 14100 Eurosol.100
UDP 23476 DonaldDick.155
UDP 26274 Delta.050
UDP 27184 Alvgus.100
UDP 28431 Hack'a'Tack.2000
UDP 28432 Hack'a'Tack.2000
UDP 28433 Hack'a'Tack.2000
UDP 28434 Hack'a'Tack.2000
UDP 28435 Hack'a'Tack.2000
UDP 28436 Hack'a'Tack.2000
UDP 29891 Unexplained.100
UDP 30103 NetSphere.131
UDP 31320 LittleWitch.400, LittleWitch.420
UDP 31337 BackOrifice.120, OPC.200
UDP 31416 Lithium.100, Lithium.101
UDP 31789 Hack'a'Tack.100, Hack'a'Tack.112
UDP 31791 Hack'a'Tack.100, Hack'a'Tack.112
UDP 33333 Blackharaz.100
UDP 47262 Delta.050
UDP 49683 HolzPferd.210
UDP 60000 MiniBacklash.100
TCP 28 Amanda.200
TCP 31 MastersParadise.920
TCP 68 Subseven.100
TCP 142 NetTaxi.180
TCP 146 Infector.141, Intruder.100, Intruder.100
TCP 171 ATrojan.200
TCP 285 WCTrojan.100
TCP 286 WCTrojan.100
TCP 334 Backage.310
TCP 370 NeuroticKat.120, NeuroticKat.130
TCP 413 Coma.109
TCP 420 Breach.450
TCP 555 Id2001.100, PhaseZero.100, StealthSpy.100
TCP 623 Rtb666.160
TCP 660 Zaratustra.100
TCP 661 Noknok.800, Noknok.820
TCP 666 BackConstruction.210, BackConstruction.250, Bla.100, Bla.200, Bla.400, Bla.503, Cain.150, Dimbus.100, Noknok.820, Ripper.100, SatansBackdoor.100, SatansBackdoor.101, SatansBackdoor.102, Unicorn.100, Unicorn.101, Unicorn.110
TCP 667 SniperNet.210, Snipernet.220
TCP 668 Unicorn.101, Unicorn.110
TCP 680 Rtb666.160
TCP 777 Tiny.100, Undetected.230, Undetected.300, Undetected.310, Undetected.320, Undetected.330, Undetected.331, Undetected.332
TCP 785 NetworkTerrorist.100
TCP 800 NeuroticKitten.010
TCP 831 NeuroticKat.100, NeuroticKat.120, NeuroticKat.130
TCP 901 NetDevil.130, NetDevil.140
TCP 1000 DerSpaeher.200
TCP 1001 Silencer.100
TCP 1008 AutoSpy.100
TCP 1010 DerSpaeher.200
TCP 1015 Doly.150
TCP 1111 TPort.100
TCP 1130 Noknok.800, Noknok.820
TCP 1207 SoftWAR.100
TCP 1243 Subseven.100, SubSeven.110, SubSeven.180, SubSeven.190, Subseven.200
TCP 1245 VoodooDoll.006
TCP 1269 Matrix.130
TCP 1480 RemoteHack.130
TCP 1568 RemoteHack.100, RemoteHack.110
TCP 1600 DirectConnection.100
TCP 1601 DirectConnection.100
TCP 1602 DirectConnection.100
TCP 1634 NetCrack.100
TCP 1784 Snid.120, Snid.212
TCP 1999 TransmissionScout.100, TransmissionScout.110
TCP 2000 ATrojan.200, InsaneNetwork.400
TCP 2001 DIRT.220, TrojanCow.100
TCP 2003 TransmissionScout.100, TransmissionScout.110
TCP 2023 RipperPro.100
TCP 2040 InfernoUploader.100
TCP 2115 Bugs.100
TCP 2140 DeepThroat.100, DeepThroat.200, DeepThroat.310
TCP 2332 SilentSpy.202
TCP 2589 Dagger.140
TCP 2600 DigitalRootbeer.100
TCP 2989 Rat.200
TCP 3128 MastersParadise.970
TCP 3129 MastersParadise.920, MastersParadise.970
TCP 3150 DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110
TCP 3215 BlackStar.100, Ghost.230
TCP 3333 Daodan.123
TCP 3410 OptixPro.100, OptixPro.110
TCP 3456 Force.155, TerrorTrojan.100
TCP 3505 AutoSpy.130, AutoSpy.140
TCP 3586 Snid.120, Snid.212
TCP 3700 PortalOfDoom.100
TCP 3723 Mantis.100
TCP 3800 Eclypse.100
TCP 3996 RemoteAnything.364
TCP 4000 SkyDance.220, SkyDance.229
TCP 4201 Wartrojan.160, Wartrojan.200
TCP 4225 SilentSpy.202
TCP 4321 Bobo.100
TCP 4444 AlexTrojan.200, Crackdown.100
TCP 4488 EventHorizon.100
TCP 4523 Celine.100
TCP 4545 InternalRevise.100, RemoteRevise.150
TCP 4567 FileNail.100
TCP 4666 Mneah.100
TCP 4950 ICQTrojan.100
TCP 5005 Aladino.060
TCP 5025 Keylogger.WMRemote.100
TCP 5031 NetMetro.104
TCP 5032 NetMetro.104
TCP 5033 NetMetro.104
TCP 5050 RoxRat.100
TCP 5151 OptixLite.020, OptixLite.030, OptixLite.040
TCP 5190 MBomber.100
TCP 5277 WinShell.400
TCP 5343 WCRat.100
TCP 5400 BackConstruction.120, BackConstruction.150, BladeRunner.080, DeepThroat.300
TCP 5401 BackConstruction.120, BackConstruction.150, BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100
TCP 5402 BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100
TCP 5534 TheFlu.100
TCP 5550 XTCP.200, XTCP.201
TCP 5555 Noxcape.100, Noxcape.200
TCP 5695 Assassin.100
TCP 5714 WinCrash.100
TCP 5741 WinCrash.100
TCP 5742 WinCrash.103
TCP 5802 Y3KRat.160
TCP 5810 Y3KRat.160
TCP 5838 Y3KRat.170
TCP 5858 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5880 Y3KRat.140
TCP 5881 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5882 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5883 Y3KRat.110, Y3KRat.140
TCP 5884 Y3KRat.140, Y3KRat.150
TCP 5885 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5886 Y3KRat.120, Y3KRat.140
TCP 5887 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5888 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5889 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5890 Y3KRat.140
TCP 6400 Thething.100, Thething.150
TCP 6556 AutoSpy.120, AutoSpy.122
TCP 6655 Aqua.020
TCP 6660 LameSpy.095
TCP 6666 LameRemote.100, ProjectMayhem.100
TCP 6669 Vampire.100
TCP 6670 DeepThroat.200, DeepThroat.210
TCP 6671 DeepThroat.310
TCP 6699 HostControl.101
TCP 6711 DeepThroat.300, Noknok.820, SubSeven.180, SubSeven.190
TCP 6712 Subseven.100
TCP 6713 Subseven.100
TCP 6767 NTRC.120
TCP 6776 SubSeven.180, SubSeven.190, Subseven.200
TCP 6789 Doly.200
TCP 6796 SubSeven.214
TCP 6912 ShitHeep.100
TCP 6939 Indoctrination.100
TCP 6953 Lithium.100
TCP 6969 2000Cracks.100, Bigorna.100, Danton.110, Danton.210, Danton.220, Danton.310, Danton.320, Danton.330, GateCrasher.110, NetController.108, Sparta.110, VagrNocker.120
TCP 6970 Danton.330
TCP 7001 Freak88.100
TCP 7119 Massaker.100
TCP 7200 Massaker.110
TCP 7300 Coced.221
TCP 7301 Coced.221
TCP 7306 NetSpy.200, NetSpy.200
TCP 7410 Phoenix.190, Phoenix.200
TCP 7511 Genue.100
TCP 7609 Snid.120, Snid.212
TCP 7614 Wollf.130
TCP 7648 BlackStar.100, Ghost.230
TCP 7788 Last.2000, Matrix.200
TCP 7826 MiniOblivion.010, Oblivion.010
TCP 7887 SmallFun.110
TCP 7891 Revenger.100
TCP 7979 VagrNocker.200
TCP 7997 VagrNocker.200
TCP 8000 XConsole.100
TCP 8011 Way.240
TCP 8012 Ptakks.215, Ptakks.217
TCP 8110 LoseLove.100
TCP 8111 LoseLove.100
TCP 8301 LoseLove.100
TCP 8302 LoseLove.100
TCP 8372 NetBoy.100
TCP 8720 Connection.130
TCP 8734 AutoSpy.110
TCP 8811 Force.155
TCP 8899 Last.2000
TCP 9000 Aristotles.100
TCP 9301 LoseLove.100
TCP 9400 InCommand.100, InCommand.110, InCommand.120, InCommand.130, InCommand.140, InCommand.150, InCommand.153, InCommand.160, InCommand.167, InCommand.170
TCP 9401 InCommand.100, InCommand.110, InCommand.170
TCP 9402 InCommand.100, InCommand.110
TCP 9561 CRatPro.110
TCP 9563 CRatPro.110
TCP 9580 TheefLE.100
TCP 9696 Danton.210, Ghost.230
TCP 9697 Danton.320, Danton.330, Ghost.230
TCP 9870 R3C.100
TCP 9872 PortalOfDoom.100
TCP 9873 PortalOfDoom.100
TCP 9874 PortalOfDoom.100
TCP 9875 PortalOfDoom.100
TCP 9876 Rux.100, SheepGoat.100
TCP 9877 SmallBigBrother.020
TCP 9878 SmallBigBrother.020, TransmissionScout.100, TransmissionScout.110, TransmissionScout.120
TCP 9879 SmallBigBrother.020
TCP 9999 ForcedEntry.100, Infra.100, Prayer.120, Prayer.130, TakeOver.200, TakeOver.300
TCP 10001 DTr.130, DTr.140
TCP 10013 Amanda.200
TCP 10067 PortalOfDoom.100
TCP 10100 Gift.240
TCP 10101 NewSilencer.100
TCP 10167 PortalOfDoom.100
TCP 10528 HostControl.100, HostControl.260
TCP 10607 Coma.109
TCP 10666 Ambush.100
TCP 11011 Amanda.200
TCP 11050 HostControl.101
TCP 11051 HostControl.100, HostControl.260
TCP 11223 AntiNuke.100, Progenic.100, Progenic.110
TCP 11225 Cyn.100, Cyn.103, Cyn.120
TCP 11306 Noknok.800, Noknok.820
TCP 11831 Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400
TCP 11991 PitfallSurprise.100
TCP 12043 Frenzy.2000
TCP 12345 Fade.100, Netbus.160, Netbus.170, VagrNocker.400
TCP 12346 Netbus.160, Netbus.170
TCP 12348 Bionet.210, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.316, Bionet.317
TCP 12349 Bionet.084, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.314, Bionet.316, Bionet.317, Bionet.401, Bionet.402
TCP 12389 KheSanh.210
TCP 12478 Bionet.210
TCP 12623 Buttman.090, Buttman.100
TCP 12624 Buttman.090, Buttman.100
TCP 12625 Buttman.100
TCP 12904 Akropolis.100, Rocks.100
TCP 13473 Chupacabra.100
TCP 13753 AFTP.010
TCP 14100 Eurosol.100
TCP 14194 CyberSpy.840
TCP 14286 HellDriver.100
TCP 14500 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14501 PCInvader.060, PCInvader.070
TCP 14502 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14503 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14504 PCInvader.050, PCInvader.060
TCP 15092 HostControl.100, HostControl.260
TCP 15382 SubZero.100
TCP 15432 Cyn.210
TCP 15555 ICMIBC.100
TCP 16322 LastDoor.100
TCP 16484 MoSucker.110
TCP 16661 Dfch.010
TCP 16969 Progenic.100
TCP 16982 AcidShiver.100
TCP 17300 Kuang.200
TCP 17499 CrazzyNet.370, CrazzyNet.375, CrazzyNet.521
TCP 17500 CrazzyNet.370, CrazzyNet.375, CrazzyNet.521
TCP 17569 Infector.141, Infector.160, Infector.170, Infector.180, Infector.190, Infector.200, Intruder.100, Intruder.100
TCP 17593 AudioDoor.120
TCP 19191 BlueFire.035, BlueFire.041
TCP 19604 Metal.270
TCP 19605 Metal.270
TCP 19991 Dfch.010
TCP 20000 Millenium.100
TCP 20001 Millenium.100, PshychoFiles.180
TCP 20002 AcidKor.100, PshychoFiles.180
TCP 20005 MoSucker.200, MoSucker.210, MoSucker.220
TCP 21212 Schwindler.182
TCP 21554 Exploiter.100, Exploiter.110, Girlfriend.130, GirlFriend.135
TCP 21579 Breach.2001
TCP 21584 Breach.2001
TCP 21684 Intruse.134
TCP 22068 AcidShiver.110
TCP 22115 Cyn.120
TCP 22222 Prosiak.047, Ruler.141, Rux.300, Rux.400, Rux.500, Rux.600
TCP 22223 Rux.400, Rux.500, Rux.600
TCP 22456 Bla.200, Bla.503
TCP 22457 AcidShiver.120, Bla.200, Bla.503
TCP 22784 Intruzzo.110
TCP 22845 Breach.450
TCP 22847 Breach.450
TCP 23005 Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100
TCP 23006 Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100
TCP 23032 Amanda.200
TCP 23432 Asylum.010, Asylum.012, Asylum.013, Asylum.014, MiniAsylum.110
TCP 23456 EvilFTP.100, VagrNocker.400
TCP 23476 DonaldDick.153, DonaldDick.154, DonaldDick.155
TCP 23477 DonaldDick.153
TCP 24000 Infector.170
TCP 24307 Wildek.020
TCP 25386 MoonPie.220
TCP 25486 MoonPie.220
TCP 25555 FreddyK.100, FreddyK.200
TCP 25556 FreddyK.100
TCP 25685 MoonPie.010, MoonPie.012, MoonPie.130, MoonPie.220, MoonPie.240, MoonPie.400
TCP 25686 MoonPie.135, MoonPie.200, MoonPie.400
TCP 25982 MoonPie.135, MoonPie.200
TCP 26274 Delta.050
TCP 27160 MoonPie.135, MoonPie.200
TCP 27184 Alvgus.100, Alvgus.800
TCP 27374 Muerte.110, Subseven.210, SubSeven.213
TCP 28429 Hack'a'Tack.2000
TCP 28430 Hack'a'Tack.2000
TCP 28431 Hack'a'Tack.2000
TCP 28432 Hack'a'Tack.2000
TCP 28433 Hack'a'Tack.2000
TCP 28434 Hack'a'Tack.2000
TCP 28435 Hack'a'Tack.2000
TCP 28436 Hack'a'Tack.2000
TCP 29559 DuckToy.100, DuckToy.101, Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400
TCP 29891 Unexplained.100
TCP 30000 Infector.170
TCP 30001 Error32.100
TCP 30003 LamersDeath.100
TCP 30029 AOLTrojan.110
TCP 30100 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30101 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30102 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30103 NetSphere.131
TCP 30947 Intruse.134
TCP 31320 LittleWitch.400, LittleWitch.420
TCP 31337 BackOrifice.120, Khaled.100, OPC.200
TCP 31415 Lithium.101
TCP 31416 Lithium.100, Lithium.101
TCP 31557 Xanadu.110
TCP 31631 CleptoManicos.100
TCP 31745 Buschtrommel.100, Buschtrommel.122
TCP 31785 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31787 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31789 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31791 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31887 BDDT.100
TCP 31889 BDDT.100
TCP 32100 ProjectNext.053
TCP 32418 AcidBattery.100
TCP 32791 Akropolis.100, Rocks.100
TCP 33291 RemoteHak.001
TCP 33333 Blackharaz.100, Prosiak.047, SubSeven.214
TCP 33577 SonOfPsychward.020
TCP 34324 TelnetServer.100
TCP 34763 Infector.180, Infector.190, Infector.200
TCP 35000 Infector.190, Infector.200
TCP 35600 Subsari.140
TCP 36794 BugBear.100
TCP 37237 Mantis.020
TCP 37651 YAT.210
TCP 37653 YAT.310
TCP 40308 Subsari.140
TCP 40412 TheSpy.100
TCP 40421 MastersParadise.970
TCP 40422 MastersParadise.970
TCP 40999 DiemsMutter.110, DiemsMutter.140
TCP 41626 Shah.100
TCP 44444 Prosiak.070
TCP 45673 Akropolis.100, Rocks.100
TCP 47262 Delta.050
TCP 48006 Fragglerock.200
TCP 49683 HolzPferd.210
TCP 50000 Infector.180
TCP 50130 Enterprise.100
TCP 50766 Fore.100
TCP 51234 Cyn.210
TCP 51966 Cafeini.080, Cafeini.110
TCP 54321 PCInvader.010
TCP 57341 NetRaider.100
TCP 57922 Bionet.084
TCP 58008 Tron.100
TCP 58009 Tron.100
TCP 59090 AcidReign.200
TCP 59211 DuckToy.100, DuckToy.101
TCP 59345 NewFuture.100
TCP 60000 DeepThroat.300, MiniBacklash.100, MiniBacklash.101, MiniBacklash.101
TCP 60411 Connection.100, Connection.130
TCP 60412 Connection.130
TCP 60552 RoxRat.100
TCP 63536 InsaneNetwork.500
TCP 63878 AphexFTP.100
TCP 63879 AphexFTP.100
TCP 64969 Lithium.100
TCP 65000 Socket.100
UDP 1 SocketsDeTroie.250
UDP 666 Bla.200, Bla.400, Bla.503, Noknok.820
UDP 1130 Noknok.800, Noknok.820
UDP 2140 DeepThroat.100, DeepThroat.200, DeepThroat.310
UDP 2989 Rat.200
UDP 3128 MastersParadise.970
UDP 3129 MastersParadise.920, MastersParadise.970
UDP 3150 DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110
UDP 3333 Daodan.123
UDP 3800 Eclypse.100
UDP 3996 RemoteAnything.364
UDP 4000 RemoteAnything.364
UDP 5555 Daodan.123
UDP 5881 Y3KRat.110, Y3KRat.140
UDP 5882 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
UDP 5883 Y3KRat.110, Y3KRat.140
UDP 5884 Y3KRat.140, Y3KRat.150
UDP 5885 Y3KRat.110, Y3KRat.120, Y3KRat.140
UDP 5886 Y3KRat.120, Y3KRat.140
UDP 5887 Y3KRat.110, Y3KRat.120, Y3KRat.140
UDP 5888 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.150
UDP 6953 Lithium.100
UDP 8012 Ptakks.217
UDP 10067 PortalOfDoom.100
UDP 10167 PortalOfDoom.100
UDP 10666 Ambush.100
UDP 11225 Cyn.100, Cyn.103, Cyn.120
UDP 11306 Noknok.800, Noknok.820
UDP 12389 KheSanh.210
UDP 12623 Buttman.090, Buttman.100
UDP 12625 Buttman.100
UDP 14100 Eurosol.100
UDP 23476 DonaldDick.155
UDP 26274 Delta.050
UDP 27184 Alvgus.100
UDP 28431 Hack'a'Tack.2000
UDP 28432 Hack'a'Tack.2000
UDP 28433 Hack'a'Tack.2000
UDP 28434 Hack'a'Tack.2000
UDP 28435 Hack'a'Tack.2000
UDP 28436 Hack'a'Tack.2000
UDP 29891 Unexplained.100
UDP 30103 NetSphere.131
UDP 31320 LittleWitch.400, LittleWitch.420
UDP 31337 BackOrifice.120, OPC.200
UDP 31416 Lithium.100, Lithium.101
UDP 31789 Hack'a'Tack.100, Hack'a'Tack.112
UDP 31791 Hack'a'Tack.100, Hack'a'Tack.112
UDP 33333 Blackharaz.100
UDP 47262 Delta.050
UDP 49683 HolzPferd.210
UDP 60000 MiniBacklash.100
TCP 1 Breach.2001, SocketsDeTroie.230, SocketsDeTroie.250
TCP 28 Amanda.200
TCP 31 MastersParadise.920
TCP 68 Subseven.100
TCP 142 NetTaxi.180
TCP 146 Infector.141, Intruder.100, Intruder.100
TCP 171 ATrojan.200
TCP 285 WCTrojan.100
TCP 286 WCTrojan.100
TCP 334 Backage.310
TCP 370 NeuroticKat.120, NeuroticKat.130
TCP 413 Coma.109
TCP 420 Breach.450
TCP 555 Id2001.100, PhaseZero.100, StealthSpy.100
TCP 623 Rtb666.160
TCP 660 Zaratustra.100
TCP 661 Noknok.800, Noknok.820
TCP 666 BackConstruction.210, BackConstruction.250, Bla.100, Bla.200, Bla.400, Bla.503, Cain.150, Dimbus.100, Noknok.820, Ripper.100, SatansBackdoor.100, SatansBackdoor.101, SatansBackdoor.102, Unicorn.100, Unicorn.101, Unicorn.110
TCP 667 SniperNet.210, Snipernet.220
TCP 668 Unicorn.101, Unicorn.110
TCP 680 Rtb666.160
TCP 777 Tiny.100, Undetected.230, Undetected.300, Undetected.310, Undetected.320, Undetected.330, Undetected.331, Undetected.332
TCP 785 NetworkTerrorist.100
TCP 800 NeuroticKitten.010
TCP 831 NeuroticKat.100, NeuroticKat.120, NeuroticKat.130
TCP 901 NetDevil.130, NetDevil.140
TCP 1000 DerSpaeher.200
TCP 1001 Silencer.100
TCP 1008 AutoSpy.100
TCP 1010 DerSpaeher.200
TCP 1015 Doly.150
TCP 1111 TPort.100
TCP 1130 Noknok.800, Noknok.820
TCP 1207 SoftWAR.100
TCP 1243 Subseven.100, SubSeven.110, SubSeven.180, SubSeven.190, Subseven.200
TCP 1245 VoodooDoll.006
TCP 1269 Matrix.130
TCP 1480 RemoteHack.130
TCP 1568 RemoteHack.100, RemoteHack.110
TCP 1600 DirectConnection.100
TCP 1601 DirectConnection.100
TCP 1602 DirectConnection.100
TCP 1634 NetCrack.100
TCP 1784 Snid.120, Snid.212
TCP 1999 TransmissionScout.100, TransmissionScout.110
TCP 2000 ATrojan.200, InsaneNetwork.400
TCP 2001 DIRT.220, TrojanCow.100
TCP 2003 TransmissionScout.100, TransmissionScout.110
TCP 2023 RipperPro.100
TCP 2040 InfernoUploader.100
TCP 2115 Bugs.100
TCP 2140 DeepThroat.100, DeepThroat.200, DeepThroat.310
TCP 2332 SilentSpy.202
TCP 2589 Dagger.140
TCP 2600 DigitalRootbeer.100
TCP 2989 Rat.200
TCP 3128 MastersParadise.970
TCP 3129 MastersParadise.920, MastersParadise.970
TCP 3150 DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110
TCP 3215 BlackStar.100, Ghost.230
TCP 3333 Daodan.123
TCP 3410 OptixPro.100, OptixPro.110
TCP 3456 Force.155, TerrorTrojan.100
TCP 3505 AutoSpy.130, AutoSpy.140
TCP 3586 Snid.120, Snid.212
TCP 3700 PortalOfDoom.100
TCP 3723 Mantis.100
TCP 3800 Eclypse.100
TCP 3996 RemoteAnything.364
TCP 4000 SkyDance.220, SkyDance.229
TCP 4201 Wartrojan.160, Wartrojan.200
TCP 4225 SilentSpy.202
TCP 4321 Bobo.100
TCP 4444 AlexTrojan.200, Crackdown.100
TCP 4488 EventHorizon.100
TCP 4523 Celine.100
TCP 4545 InternalRevise.100, RemoteRevise.150
TCP 4567 FileNail.100
TCP 4666 Mneah.100
TCP 4950 ICQTrojan.100
TCP 5005 Aladino.060
TCP 5025 Keylogger.WMRemote.100
TCP 5031 NetMetro.104
TCP 5032 NetMetro.104
TCP 5033 NetMetro.104
TCP 5050 RoxRat.100
TCP 5151 OptixLite.020, OptixLite.030, OptixLite.040
TCP 5190 MBomber.100
TCP 5277 WinShell.400
TCP 5343 WCRat.100
TCP 5400 BackConstruction.120, BackConstruction.150, BladeRunner.080, DeepThroat.300
TCP 5401 BackConstruction.120, BackConstruction.150, BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100
TCP 5402 BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100
TCP 5534 TheFlu.100
TCP 5550 XTCP.200, XTCP.201
TCP 5555 Noxcape.100, Noxcape.200
TCP 5695 Assassin.100
TCP 5714 WinCrash.100
TCP 5741 WinCrash.100
TCP 5742 WinCrash.103
TCP 5802 Y3KRat.160
TCP 5810 Y3KRat.160
TCP 5838 Y3KRat.170
TCP 5858 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5880 Y3KRat.140
TCP 5881 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5882 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5883 Y3KRat.110, Y3KRat.140
TCP 5884 Y3KRat.140, Y3KRat.150
TCP 5885 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5886 Y3KRat.120, Y3KRat.140
TCP 5887 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5888 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5889 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5890 Y3KRat.140
TCP 6400 Thething.100, Thething.150
TCP 6556 AutoSpy.120, AutoSpy.122
TCP 6655 Aqua.020
TCP 6660 LameSpy.095
TCP 6666 LameRemote.100, ProjectMayhem.100
TCP 6669 Vampire.100
TCP 6670 DeepThroat.200, DeepThroat.210
TCP 6671 DeepThroat.310
TCP 6699 HostControl.101
TCP 6711 DeepThroat.300, Noknok.820, SubSeven.180, SubSeven.190
TCP 6712 Subseven.100
TCP 6713 Subseven.100
TCP 6767 NTRC.120
TCP 6776 SubSeven.180, SubSeven.190, Subseven.200
TCP 6789 Doly.200
TCP 6796 SubSeven.214
TCP 6912 ShitHeep.100
TCP 6939 Indoctrination.100
TCP 6953 Lithium.100
TCP 6969 2000Cracks.100, Bigorna.100, Danton.110, Danton.210, Danton.220, Danton.310, Danton.320, Danton.330, GateCrasher.110, NetController.108, Sparta.110, VagrNocker.120
TCP 6970 Danton.330
TCP 7001 Freak88.100
TCP 7119 Massaker.100
TCP 7200 Massaker.110
TCP 7300 Coced.221
TCP 7301 Coced.221
TCP 7306 NetSpy.200, NetSpy.200
TCP 7410 Phoenix.190, Phoenix.200
TCP 7511 Genue.100
TCP 7609 Snid.120, Snid.212
TCP 7614 Wollf.130
TCP 7648 BlackStar.100, Ghost.230
TCP 7788 Last.2000, Matrix.200
TCP 7826 MiniOblivion.010, Oblivion.010
TCP 7887 SmallFun.110
TCP 7891 Revenger.100
TCP 7979 VagrNocker.200
TCP 7997 VagrNocker.200
TCP 8000 XConsole.100
TCP 8011 Way.240
TCP 8012 Ptakks.215, Ptakks.217
TCP 8110 LoseLove.100
TCP 8111 LoseLove.100
TCP 8301 LoseLove.100
TCP 8302 LoseLove.100
TCP 8372 NetBoy.100
TCP 8720 Connection.130
TCP 8734 AutoSpy.110
TCP 8811 Force.155
TCP 8899 Last.2000
TCP 9000 Aristotles.100
TCP 9301 LoseLove.100
TCP 9400 InCommand.100, InCommand.110, InCommand.120, InCommand.130, InCommand.140, InCommand.150, InCommand.153, InCommand.160, InCommand.167, InCommand.170
TCP 9401 InCommand.100, InCommand.110, InCommand.170
TCP 9402 InCommand.100, InCommand.110
TCP 9561 CRatPro.110
TCP 9563 CRatPro.110
TCP 9580 TheefLE.100
TCP 9696 Danton.210, Ghost.230
TCP 9697 Danton.320, Danton.330, Ghost.230
TCP 9870 R3C.100
TCP 9872 PortalOfDoom.100
TCP 9873 PortalOfDoom.100
TCP 9874 PortalOfDoom.100
TCP 9875 PortalOfDoom.100
TCP 9876 Rux.100, SheepGoat.100
TCP 9877 SmallBigBrother.020
TCP 9878 SmallBigBrother.020, TransmissionScout.100, TransmissionScout.110, TransmissionScout.120
TCP 9879 SmallBigBrother.020
TCP 9999 ForcedEntry.100, Infra.100, Prayer.120, Prayer.130, TakeOver.200, TakeOver.300
TCP 10001 DTr.130, DTr.140
TCP 10013 Amanda.200
TCP 10067 PortalOfDoom.100
TCP 10100 Gift.240
TCP 10101 NewSilencer.100
TCP 10167 PortalOfDoom.100
TCP 10528 HostControl.100, HostControl.260
TCP 10607 Coma.109
TCP 10666 Ambush.100
TCP 11011 Amanda.200
TCP 11050 HostControl.101
TCP 11051 HostControl.100, HostControl.260
TCP 11223 AntiNuke.100, Progenic.100, Progenic.110
TCP 11225 Cyn.100, Cyn.103, Cyn.120
TCP 11306 Noknok.800, Noknok.820
TCP 11831 Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400
TCP 11991 PitfallSurprise.100
TCP 12043 Frenzy.2000
TCP 12345 Fade.100, Netbus.160, Netbus.170, VagrNocker.400
TCP 12346 Netbus.160, Netbus.170
TCP 12348 Bionet.210, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.316, Bionet.317
TCP 12349 Bionet.084, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.314, Bionet.316, Bionet.317, Bionet.401, Bionet.402
TCP 12389 KheSanh.210
TCP 12478 Bionet.210
TCP 12623 Buttman.090, Buttman.100
TCP 12624 Buttman.090, Buttman.100
TCP 12625 Buttman.100
TCP 12904 Akropolis.100, Rocks.100
TCP 13473 Chupacabra.100
TCP 13753 AFTP.010
TCP 14100 Eurosol.100
TCP 14194 CyberSpy.840
TCP 14286 HellDriver.100
TCP 14500 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14501 PCInvader.060, PCInvader.070
TCP 14502 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14503 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14504 PCInvader.050, PCInvader.060
TCP 15092 HostControl.100, HostControl.260
TCP 15382 SubZero.100
TCP 15432 Cyn.210
TCP 15555 ICMIBC.100
TCP 16322 LastDoor.100
TCP 16484 MoSucker.110
TCP 16661 Dfch.010
TCP 16969 Progenic.100
TCP 16982 AcidShiver.100
TCP 17300 Kuang.200
TCP 17499 CrazzyNet.370, CrazzyNet.375, CrazzyNet.521
TCP 17500 CrazzyNet.370, CrazzyNet.375, CrazzyNet.521
TCP 17569 Infector.141, Infector.160, Infector.170, Infector.180, Infector.190, Infector.200, Intruder.100, Intruder.100
TCP 17593 AudioDoor.120
TCP 19191 BlueFire.035, BlueFire.041
TCP 19604 Metal.270
TCP 19605 Metal.270
TCP 19991 Dfch.010
TCP 20000 Millenium.100
TCP 20001 Millenium.100, PshychoFiles.180
TCP 20002 AcidKor.100, PshychoFiles.180
TCP 20005 MoSucker.200, MoSucker.210, MoSucker.220
TCP 21212 Schwindler.182
TCP 21554 Exploiter.100, Exploiter.110, Girlfriend.130, GirlFriend.135
TCP 21579 Breach.2001
TCP 21584 Breach.2001
TCP 21684 Intruse.134
TCP 22068 AcidShiver.110
TCP 22115 Cyn.120
TCP 22222 Prosiak.047, Ruler.141, Rux.300, Rux.400, Rux.500, Rux.600
TCP 22223 Rux.400, Rux.500, Rux.600
TCP 22456 Bla.200, Bla.503
TCP 22457 AcidShiver.120, Bla.200, Bla.503
TCP 22784 Intruzzo.110
TCP 22845 Breach.450
TCP 22847 Breach.450
TCP 23005 Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100
TCP 23006 Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100
TCP 23032 Amanda.200
TCP 23432 Asylum.010, Asylum.012, Asylum.013, Asylum.014, MiniAsylum.110
TCP 23456 EvilFTP.100, VagrNocker.400
TCP 23476 DonaldDick.153, DonaldDick.154, DonaldDick.155
TCP 23477 DonaldDick.153
TCP 24000 Infector.170
TCP 24307 Wildek.020
TCP 25386 MoonPie.220
TCP 25486 MoonPie.220
TCP 25555 FreddyK.100, FreddyK.200
TCP 25556 FreddyK.100
TCP 25685 MoonPie.010, MoonPie.012, MoonPie.130, MoonPie.220, MoonPie.240, MoonPie.400
TCP 25686 MoonPie.135, MoonPie.200, MoonPie.400
TCP 25982 MoonPie.135, MoonPie.200
TCP 26274 Delta.050
TCP 27160 MoonPie.135, MoonPie.200
TCP 27184 Alvgus.100, Alvgus.800
TCP 27374 Muerte.110, Subseven.210, SubSeven.213
TCP 28429 Hack'a'Tack.2000
TCP 28430 Hack'a'Tack.2000
TCP 28431 Hack'a'Tack.2000
TCP 28432 Hack'a'Tack.2000
TCP 28433 Hack'a'Tack.2000
TCP 28434 Hack'a'Tack.2000
TCP 28435 Hack'a'Tack.2000
TCP 28436 Hack'a'Tack.2000
TCP 29559 DuckToy.100, DuckToy.101, Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400
TCP 29891 Unexplained.100
TCP 30000 Infector.170
TCP 30001 Error32.100
TCP 30003 LamersDeath.100
TCP 30029 AOLTrojan.110
TCP 30100 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30101 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30102 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30103 NetSphere.131
TCP 30947 Intruse.134
TCP 31320 LittleWitch.400, LittleWitch.420
TCP 31337 BackOrifice.120, Khaled.100, OPC.200
TCP 31415 Lithium.101
TCP 31416 Lithium.100, Lithium.101
TCP 31557 Xanadu.110
TCP 31631 CleptoManicos.100
TCP 31745 Buschtrommel.100, Buschtrommel.122
TCP 31785 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31787 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31789 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31791 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31887 BDDT.100
TCP 31889 BDDT.100
TCP 32100 ProjectNext.053
TCP 32418 AcidBattery.100
TCP 32791 Akropolis.100, Rocks.100
TCP 33291 RemoteHak.001
TCP 33333 Blackharaz.100, Prosiak.047, SubSeven.214
TCP 33577 SonOfPsychward.020
TCP 34324 TelnetServer.100
TCP 34763 Infector.180, Infector.190, Infector.200
TCP 35000 Infector.190, Infector.200
TCP 35600 Subsari.140
TCP 36794 BugBear.100
TCP 37237 Mantis.020
TCP 37651 YAT.210
TCP 37653 YAT.310
TCP 40308 Subsari.140
TCP 40412 TheSpy.100
TCP 40421 MastersParadise.970
TCP 40422 MastersParadise.970
TCP 40999 DiemsMutter.110, DiemsMutter.140
TCP 41626 Shah.100
TCP 44444 Prosiak.070
TCP 45673 Akropolis.100, Rocks.100
TCP 47262 Delta.050
TCP 48006 Fragglerock.200
TCP 49683 HolzPferd.210
TCP 50000 Infector.180
TCP 50130 Enterprise.100
TCP 50766 Fore.100
TCP 51234 Cyn.210
TCP 51966 Cafeini.080, Cafeini.110
TCP 54321 PCInvader.010
TCP 57341 NetRaider.100
TCP 57922 Bionet.084
TCP 58008 Tron.100
TCP 58009 Tron.100
TCP 59090 AcidReign.200
TCP 59211 DuckToy.100, DuckToy.101
TCP 59345 NewFuture.100
TCP 60000 DeepThroat.300, MiniBacklash.100, MiniBacklash.101, MiniBacklash.101
TCP 60411 Connection.100, Connection.130
TCP 60412 Connection.130
TCP 60552 RoxRat.100
TCP 63536 InsaneNetwork.500
TCP 63878 AphexFTP.100
TCP 63879 AphexFTP.100
TCP 64969 Lithium.100
TCP 65000 Socket.100
UDP 1 SocketsDeTroie.250
UDP 666 Bla.200, Bla.400, Bla.503, Noknok.820
UDP 1130 Noknok.800, Noknok.820
UDP 2140 DeepThroat.100, DeepThroat.200, DeepThroat.310
UDP 2989 Rat.200
UDP 3128 MastersParadise.970
UDP 3129 MastersParadise.920, MastersParadise.970
UDP 3150 DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110
UDP 3333 Daodan.123
UDP 3800 Eclypse.100
UDP 3996 RemoteAnything.364
UDP 4000 RemoteAnything.364
UDP 5555 Daodan.123
UDP 5881 Y3KRat.110, Y3KRat.140
UDP 5882 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
UDP 5883 Y3KRat.110, Y3KRat.140
UDP 5884 Y3KRat.140, Y3KRat.150
UDP 5885 Y3KRat.110, Y3KRat.120, Y3KRat.140
UDP 5886 Y3KRat.120, Y3KRat.140
UDP 5887 Y3KRat.110, Y3KRat.120, Y3KRat.140
UDP 5888 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.150
UDP 6953 Lithium.100
UDP 8012 Ptakks.217
UDP 10067 PortalOfDoom.100
UDP 10167 PortalOfDoom.100
UDP 10666 Ambush.100
UDP 11225 Cyn.100, Cyn.103, Cyn.120
UDP 11306 Noknok.800, Noknok.820
UDP 12389 KheSanh.210
UDP 12623 Buttman.090, Buttman.100
UDP 12625 Buttman.100
UDP 14100 Eurosol.100
UDP 23476 DonaldDick.155
UDP 26274 Delta.050
UDP 27184 Alvgus.100
UDP 28431 Hack'a'Tack.2000
UDP 28432 Hack'a'Tack.2000
UDP 28433 Hack'a'Tack.2000
UDP 28434 Hack'a'Tack.2000
UDP 28435 Hack'a'Tack.2000
UDP 28436 Hack'a'Tack.2000
UDP 29891 Unexplained.100
UDP 30103 NetSphere.131
UDP 31320 LittleWitch.400, LittleWitch.420
UDP 31337 BackOrifice.120, OPC.200
UDP 31416 Lithium.100, Lithium.101
UDP 31789 Hack'a'Tack.100, Hack'a'Tack.112
UDP 31791 Hack'a'Tack.100, Hack'a'Tack.112
UDP 33333 Blackharaz.100
UDP 47262 Delta.050
UDP 49683 HolzPferd.210
UDP 60000 MiniBacklash.100
TCP 28 Amanda.200
TCP 31 MastersParadise.920
TCP 68 Subseven.100
TCP 142 NetTaxi.180
TCP 146 Infector.141, Intruder.100, Intruder.100
TCP 171 ATrojan.200
TCP 285 WCTrojan.100
TCP 286 WCTrojan.100
TCP 334 Backage.310
TCP 370 NeuroticKat.120, NeuroticKat.130
TCP 413 Coma.109
TCP 420 Breach.450
TCP 555 Id2001.100, PhaseZero.100, StealthSpy.100
TCP 623 Rtb666.160
TCP 660 Zaratustra.100
TCP 661 Noknok.800, Noknok.820
TCP 666 BackConstruction.210, BackConstruction.250, Bla.100, Bla.200, Bla.400, Bla.503, Cain.150, Dimbus.100, Noknok.820, Ripper.100, SatansBackdoor.100, SatansBackdoor.101, SatansBackdoor.102, Unicorn.100, Unicorn.101, Unicorn.110
TCP 667 SniperNet.210, Snipernet.220
TCP 668 Unicorn.101, Unicorn.110
TCP 680 Rtb666.160
TCP 777 Tiny.100, Undetected.230, Undetected.300, Undetected.310, Undetected.320, Undetected.330, Undetected.331, Undetected.332
TCP 785 NetworkTerrorist.100
TCP 800 NeuroticKitten.010
TCP 831 NeuroticKat.100, NeuroticKat.120, NeuroticKat.130
TCP 901 NetDevil.130, NetDevil.140
TCP 1000 DerSpaeher.200
TCP 1001 Silencer.100
TCP 1008 AutoSpy.100
TCP 1010 DerSpaeher.200
TCP 1015 Doly.150
TCP 1111 TPort.100
TCP 1130 Noknok.800, Noknok.820
TCP 1207 SoftWAR.100
TCP 1243 Subseven.100, SubSeven.110, SubSeven.180, SubSeven.190, Subseven.200
TCP 1245 VoodooDoll.006
TCP 1269 Matrix.130
TCP 1480 RemoteHack.130
TCP 1568 RemoteHack.100, RemoteHack.110
TCP 1600 DirectConnection.100
TCP 1601 DirectConnection.100
TCP 1602 DirectConnection.100
TCP 1634 NetCrack.100
TCP 1784 Snid.120, Snid.212
TCP 1999 TransmissionScout.100, TransmissionScout.110
TCP 2000 ATrojan.200, InsaneNetwork.400
TCP 2001 DIRT.220, TrojanCow.100
TCP 2003 TransmissionScout.100, TransmissionScout.110
TCP 2023 RipperPro.100
TCP 2040 InfernoUploader.100
TCP 2115 Bugs.100
TCP 2140 DeepThroat.100, DeepThroat.200, DeepThroat.310
TCP 2332 SilentSpy.202
TCP 2589 Dagger.140
TCP 2600 DigitalRootbeer.100
TCP 2989 Rat.200
TCP 3128 MastersParadise.970
TCP 3129 MastersParadise.920, MastersParadise.970
TCP 3150 DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110
TCP 3215 BlackStar.100, Ghost.230
TCP 3333 Daodan.123
TCP 3410 OptixPro.100, OptixPro.110
TCP 3456 Force.155, TerrorTrojan.100
TCP 3505 AutoSpy.130, AutoSpy.140
TCP 3586 Snid.120, Snid.212
TCP 3700 PortalOfDoom.100
TCP 3723 Mantis.100
TCP 3800 Eclypse.100
TCP 3996 RemoteAnything.364
TCP 4000 SkyDance.220, SkyDance.229
TCP 4201 Wartrojan.160, Wartrojan.200
TCP 4225 SilentSpy.202
TCP 4321 Bobo.100
TCP 4444 AlexTrojan.200, Crackdown.100
TCP 4488 EventHorizon.100
TCP 4523 Celine.100
TCP 4545 InternalRevise.100, RemoteRevise.150
TCP 4567 FileNail.100
TCP 4666 Mneah.100
TCP 4950 ICQTrojan.100
TCP 5005 Aladino.060
TCP 5025 Keylogger.WMRemote.100
TCP 5031 NetMetro.104
TCP 5032 NetMetro.104
TCP 5033 NetMetro.104
TCP 5050 RoxRat.100
TCP 5151 OptixLite.020, OptixLite.030, OptixLite.040
TCP 5190 MBomber.100
TCP 5277 WinShell.400
TCP 5343 WCRat.100
TCP 5400 BackConstruction.120, BackConstruction.150, BladeRunner.080, DeepThroat.300
TCP 5401 BackConstruction.120, BackConstruction.150, BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100
TCP 5402 BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100
TCP 5534 TheFlu.100
TCP 5550 XTCP.200, XTCP.201
TCP 5555 Noxcape.100, Noxcape.200
TCP 5695 Assassin.100
TCP 5714 WinCrash.100
TCP 5741 WinCrash.100
TCP 5742 WinCrash.103
TCP 5802 Y3KRat.160
TCP 5810 Y3KRat.160
TCP 5838 Y3KRat.170
TCP 5858 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5880 Y3KRat.140
TCP 5881 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5882 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5883 Y3KRat.110, Y3KRat.140
TCP 5884 Y3KRat.140, Y3KRat.150
TCP 5885 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5886 Y3KRat.120, Y3KRat.140
TCP 5887 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5888 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5889 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5890 Y3KRat.140
TCP 6400 Thething.100, Thething.150
TCP 6556 AutoSpy.120, AutoSpy.122
TCP 6655 Aqua.020
TCP 6660 LameSpy.095
TCP 6666 LameRemote.100, ProjectMayhem.100
TCP 6669 Vampire.100
TCP 6670 DeepThroat.200, DeepThroat.210
TCP 6671 DeepThroat.310
TCP 6699 HostControl.101
TCP 6711 DeepThroat.300, Noknok.820, SubSeven.180, SubSeven.190
TCP 6712 Subseven.100
TCP 6713 Subseven.100
TCP 6767 NTRC.120
TCP 6776 SubSeven.180, SubSeven.190, Subseven.200
TCP 6789 Doly.200
TCP 6796 SubSeven.214
TCP 6912 ShitHeep.100
TCP 6939 Indoctrination.100
TCP 6953 Lithium.100
TCP 6969 2000Cracks.100, Bigorna.100, Danton.110, Danton.210, Danton.220, Danton.310, Danton.320, Danton.330, GateCrasher.110, NetController.108, Sparta.110, VagrNocker.120
TCP 6970 Danton.330
TCP 7001 Freak88.100
TCP 7119 Massaker.100
TCP 7200 Massaker.110
TCP 7300 Coced.221
TCP 7301 Coced.221
TCP 7306 NetSpy.200, NetSpy.200
TCP 7410 Phoenix.190, Phoenix.200
TCP 7511 Genue.100
TCP 7609 Snid.120, Snid.212
TCP 7614 Wollf.130
TCP 7648 BlackStar.100, Ghost.230
TCP 7788 Last.2000, Matrix.200
TCP 7826 MiniOblivion.010, Oblivion.010
TCP 7887 SmallFun.110
TCP 7891 Revenger.100
TCP 7979 VagrNocker.200
TCP 7997 VagrNocker.200
TCP 8000 XConsole.100
TCP 8011 Way.240
TCP 8012 Ptakks.215, Ptakks.217
TCP 8110 LoseLove.100
TCP 8111 LoseLove.100
TCP 8301 LoseLove.100
TCP 8302 LoseLove.100
TCP 8372 NetBoy.100
TCP 8720 Connection.130
TCP 8734 AutoSpy.110
TCP 8811 Force.155
TCP 8899 Last.2000
TCP 9000 Aristotles.100
TCP 9301 LoseLove.100
TCP 9400 InCommand.100, InCommand.110, InCommand.120, InCommand.130, InCommand.140, InCommand.150, InCommand.153, InCommand.160, InCommand.167, InCommand.170
TCP 9401 InCommand.100, InCommand.110, InCommand.170
TCP 9402 InCommand.100, InCommand.110
TCP 9561 CRatPro.110
TCP 9563 CRatPro.110
TCP 9580 TheefLE.100
TCP 9696 Danton.210, Ghost.230
TCP 9697 Danton.320, Danton.330, Ghost.230
TCP 9870 R3C.100
TCP 9872 PortalOfDoom.100
TCP 9873 PortalOfDoom.100
TCP 9874 PortalOfDoom.100
TCP 9875 PortalOfDoom.100
TCP 9876 Rux.100, SheepGoat.100
TCP 9877 SmallBigBrother.020
TCP 9878 SmallBigBrother.020, TransmissionScout.100, TransmissionScout.110, TransmissionScout.120
TCP 9879 SmallBigBrother.020
TCP 9999 ForcedEntry.100, Infra.100, Prayer.120, Prayer.130, TakeOver.200, TakeOver.300
TCP 10001 DTr.130, DTr.140
TCP 10013 Amanda.200
TCP 10067 PortalOfDoom.100
TCP 10100 Gift.240
TCP 10101 NewSilencer.100
TCP 10167 PortalOfDoom.100
TCP 10528 HostControl.100, HostControl.260
TCP 10607 Coma.109
TCP 10666 Ambush.100
TCP 11011 Amanda.200
TCP 11050 HostControl.101
TCP 11051 HostControl.100, HostControl.260
TCP 11223 AntiNuke.100, Progenic.100, Progenic.110
TCP 11225 Cyn.100, Cyn.103, Cyn.120
TCP 11306 Noknok.800, Noknok.820
TCP 11831 Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400
TCP 11991 PitfallSurprise.100
TCP 12043 Frenzy.2000
TCP 12345 Fade.100, Netbus.160, Netbus.170, VagrNocker.400
TCP 12346 Netbus.160, Netbus.170
TCP 12348 Bionet.210, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.316, Bionet.317
TCP 12349 Bionet.084, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.314, Bionet.316, Bionet.317, Bionet.401, Bionet.402
TCP 12389 KheSanh.210
TCP 12478 Bionet.210
TCP 12623 Buttman.090, Buttman.100
TCP 12624 Buttman.090, Buttman.100
TCP 12625 Buttman.100
TCP 12904 Akropolis.100, Rocks.100
TCP 13473 Chupacabra.100
TCP 13753 AFTP.010
TCP 14100 Eurosol.100
TCP 14194 CyberSpy.840
TCP 14286 HellDriver.100
TCP 14500 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14501 PCInvader.060, PCInvader.070
TCP 14502 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14503 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14504 PCInvader.050, PCInvader.060
TCP 15092 HostControl.100, HostControl.260
TCP 15382 SubZero.100
TCP 15432 Cyn.210
TCP 15555 ICMIBC.100
TCP 16322 LastDoor.100
TCP 16484 MoSucker.110
TCP 16661 Dfch.010
TCP 16969 Progenic.100
TCP 16982 AcidShiver.100
TCP 17300 Kuang.200
TCP 17499 CrazzyNet.370, CrazzyNet.375, CrazzyNet.521
TCP 17500 CrazzyNet.370, CrazzyNet.375, CrazzyNet.521
TCP 17569 Infector.141, Infector.160, Infector.170, Infector.180, Infector.190, Infector.200, Intruder.100, Intruder.100
TCP 17593 AudioDoor.120
TCP 19191 BlueFire.035, BlueFire.041
TCP 19604 Metal.270
TCP 19605 Metal.270
TCP 19991 Dfch.010
TCP 20000 Millenium.100
TCP 20001 Millenium.100, PshychoFiles.180
TCP 20002 AcidKor.100, PshychoFiles.180
TCP 20005 MoSucker.200, MoSucker.210, MoSucker.220
TCP 21212 Schwindler.182
TCP 21554 Exploiter.100, Exploiter.110, Girlfriend.130, GirlFriend.135
TCP 21579 Breach.2001
TCP 21584 Breach.2001
TCP 21684 Intruse.134
TCP 22068 AcidShiver.110
TCP 22115 Cyn.120
TCP 22222 Prosiak.047, Ruler.141, Rux.300, Rux.400, Rux.500, Rux.600
TCP 22223 Rux.400, Rux.500, Rux.600
TCP 22456 Bla.200, Bla.503
TCP 22457 AcidShiver.120, Bla.200, Bla.503
TCP 22784 Intruzzo.110
TCP 22845 Breach.450
TCP 22847 Breach.450
TCP 23005 Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100
TCP 23006 Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100
TCP 23032 Amanda.200
TCP 23432 Asylum.010, Asylum.012, Asylum.013, Asylum.014, MiniAsylum.110
TCP 23456 EvilFTP.100, VagrNocker.400
TCP 23476 DonaldDick.153, DonaldDick.154, DonaldDick.155
TCP 23477 DonaldDick.153
TCP 24000 Infector.170
TCP 24307 Wildek.020
TCP 25386 MoonPie.220
TCP 25486 MoonPie.220
TCP 25555 FreddyK.100, FreddyK.200
TCP 25556 FreddyK.100
TCP 25685 MoonPie.010, MoonPie.012, MoonPie.130, MoonPie.220, MoonPie.240, MoonPie.400
TCP 25686 MoonPie.135, MoonPie.200, MoonPie.400
TCP 25982 MoonPie.135, MoonPie.200
TCP 26274 Delta.050
TCP 27160 MoonPie.135, MoonPie.200
TCP 27184 Alvgus.100, Alvgus.800
TCP 27374 Muerte.110, Subseven.210, SubSeven.213
TCP 28429 Hack'a'Tack.2000
TCP 28430 Hack'a'Tack.2000
TCP 28431 Hack'a'Tack.2000
TCP 28432 Hack'a'Tack.2000
TCP 28433 Hack'a'Tack.2000
TCP 28434 Hack'a'Tack.2000
TCP 28435 Hack'a'Tack.2000
TCP 28436 Hack'a'Tack.2000
TCP 29559 DuckToy.100, DuckToy.101, Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400
TCP 29891 Unexplained.100
TCP 30000 Infector.170
TCP 30001 Error32.100
TCP 30003 LamersDeath.100
TCP 30029 AOLTrojan.110
TCP 30100 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30101 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30102 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30103 NetSphere.131
TCP 30947 Intruse.134
TCP 31320 LittleWitch.400, LittleWitch.420
TCP 31337 BackOrifice.120, Khaled.100, OPC.200
TCP 31415 Lithium.101
TCP 31416 Lithium.100, Lithium.101
TCP 31557 Xanadu.110
TCP 31631 CleptoManicos.100
TCP 31745 Buschtrommel.100, Buschtrommel.122
TCP 31785 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31787 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31789 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31791 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31887 BDDT.100
TCP 31889 BDDT.100
TCP 32100 ProjectNext.053
TCP 32418 AcidBattery.100
TCP 32791 Akropolis.100, Rocks.100
TCP 33291 RemoteHak.001
TCP 33333 Blackharaz.100, Prosiak.047, SubSeven.214
TCP 33577 SonOfPsychward.020
TCP 34324 TelnetServer.100
TCP 34763 Infector.180, Infector.190, Infector.200
TCP 35000 Infector.190, Infector.200
TCP 35600 Subsari.140
TCP 36794 BugBear.100
TCP 37237 Mantis.020
TCP 37651 YAT.210
TCP 37653 YAT.310
TCP 40308 Subsari.140
TCP 40412 TheSpy.100
TCP 40421 MastersParadise.970
TCP 40422 MastersParadise.970
TCP 40999 DiemsMutter.110, DiemsMutter.140
TCP 41626 Shah.100
TCP 44444 Prosiak.070
TCP 45673 Akropolis.100, Rocks.100
TCP 47262 Delta.050
TCP 48006 Fragglerock.200
TCP 49683 HolzPferd.210
TCP 50000 Infector.180
TCP 50130 Enterprise.100
TCP 50766 Fore.100
TCP 51234 Cyn.210
TCP 51966 Cafeini.080, Cafeini.110
TCP 54321 PCInvader.010
TCP 57341 NetRaider.100
TCP 57922 Bionet.084
TCP 58008 Tron.100
TCP 58009 Tron.100
TCP 59090 AcidReign.200
TCP 59211 DuckToy.100, DuckToy.101
TCP 59345 NewFuture.100
TCP 60000 DeepThroat.300, MiniBacklash.100, MiniBacklash.101, MiniBacklash.101
TCP 60411 Connection.100, Connection.130
TCP 60412 Connection.130
TCP 60552 RoxRat.100
TCP 63536 InsaneNetwork.500
TCP 63878 AphexFTP.100
TCP 63879 AphexFTP.100
TCP 64969 Lithium.100
TCP 65000 Socket.100
UDP 1 SocketsDeTroie.250
UDP 666 Bla.200, Bla.400, Bla.503, Noknok.820
UDP 1130 Noknok.800, Noknok.820
UDP 2140 DeepThroat.100, DeepThroat.200, DeepThroat.310
UDP 2989 Rat.200
UDP 3128 MastersParadise.970
UDP 3129 MastersParadise.920, MastersParadise.970
UDP 3150 DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110
UDP 3333 Daodan.123
UDP 3800 Eclypse.100
UDP 3996 RemoteAnything.364
UDP 4000 RemoteAnything.364
UDP 5555 Daodan.123
UDP 5881 Y3KRat.110, Y3KRat.140
UDP 5882 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
UDP 5883 Y3KRat.110, Y3KRat.140
UDP 5884 Y3KRat.140, Y3KRat.150
UDP 5885 Y3KRat.110, Y3KRat.120, Y3KRat.140
UDP 5886 Y3KRat.120, Y3KRat.140
UDP 5887 Y3KRat.110, Y3KRat.120, Y3KRat.140
UDP 5888 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.150
UDP 6953 Lithium.100
UDP 8012 Ptakks.217
UDP 10067 PortalOfDoom.100
UDP 10167 PortalOfDoom.100
UDP 10666 Ambush.100
UDP 11225 Cyn.100, Cyn.103, Cyn.120
UDP 11306 Noknok.800, Noknok.820
UDP 12389 KheSanh.210
UDP 12623 Buttman.090, Buttman.100
UDP 12625 Buttman.100
UDP 14100 Eurosol.100
UDP 23476 DonaldDick.155
UDP 26274 Delta.050
UDP 27184 Alvgus.100
UDP 28431 Hack'a'Tack.2000
UDP 28432 Hack'a'Tack.2000
UDP 28433 Hack'a'Tack.2000
UDP 28434 Hack'a'Tack.2000
UDP 28435 Hack'a'Tack.2000
UDP 28436 Hack'a'Tack.2000
UDP 29891 Unexplained.100
UDP 30103 NetSphere.131
UDP 31320 LittleWitch.400, LittleWitch.420
UDP 31337 BackOrifice.120, OPC.200
UDP 31416 Lithium.100, Lithium.101
UDP 31789 Hack'a'Tack.100, Hack'a'Tack.112
UDP 31791 Hack'a'Tack.100, Hack'a'Tack.112
UDP 33333 Blackharaz.100
UDP 47262 Delta.050
UDP 49683 HolzPferd.210
UDP 60000 MiniBacklash.100
Subscribe to:
Posts (Atom)
