|
Port 25 Details
known port assignments
threat/application/port search:
| Port(s) |
Protocol |
Service |
Details |
Source |
| 25 |
tcp |
SMTP |
SMTP (Simple Mail Transfer Protocol). Many worms contain their own SMTP engine and use it to propagate by mass-mailing the payload, often also spoofing the "From: ..." field in emails. If you are not running a mail server that you're aware of, there is a possibility your system is infected.
List of some trojan horses/backdoors that use this port: Ajan, Antigen, Barok, Email Password Sender - EPS, EPS II, Gip, Gris, Happy99, Hpteam mail, Hybris, I love you, Kuang2, Magic Horse, MBT (Mail Bombing Trojan), Moscow Email trojan, Naebi, NewApt worm, ProMail trojan, Shtirlitz, Stealth, Tapiras, Terminator, WinPC, WinSpy
W32.Sober.I@mm (11.19.2004) - mass-mailing worm that uses its own SMTP engine. Affects all current Windows versions. Checks network connectivity by contacting a NTP server on port 37/tcp.
Trojan.Mitglieder.R (07.01.2005) - trojan with backdoor capabilities. It runs a SOCKS4 proxy server and periodically contacts websites with information about the compromised computer. Attempts to open a back door on port 9040/tcp. Might also initiate a SMTP spam relay server on port 25/tcp.
W32.Beagle.CX@mm (12.16.2005) - mass-mailing worm that uses its own SMTP engine to spread Trojan.Lodear.E. Also opens a backdoor on port 80/tcp and lowers security settings on the compromised computer.
Backdoor.Rustock (01.12.2006) - backdoor program that allows the compromised computer to be used as a proxy, uses rootkit techniques to hide its files and registry entries. |
SG |
| 25 |
tcp |
|
Simple Mail Transfer Protocol (SMTP) - used for e-mail routing between mail servers (official) |
Wikipedia |
| 25 |
tcp |
trojan |
Antigen, Barok, BSE, Email Password Sender , Gip, Laocoon, Magic Horse, MBT , Moscow Email trojan, Nimda, Shtirlitz, Stukach, Tapiras, WinPC |
Trojans |
| 25 |
tcp,udp |
smtp |
Simple Mail Transfer |
IANA |
| 25 |
tcp,udp |
applications |
SMTP |
Portforward |
| 25 |
tcp |
Ajan |
[trojan] Ajan |
Neophasis |
| 25 |
tcp |
Antigen |
[trojan] Antigen |
Neophasis |
| 25 |
tcp |
Barok |
[trojan] Barok |
Neophasis |
| 25 |
tcp |
BSE |
[trojan] BSE |
Neophasis |
| 25 |
tcp |
EmailPasswordSender |
[trojan] Email Password Sender - EPS |
Neophasis |
| 25 |
tcp |
EPSII |
[trojan] EPS II |
Neophasis |
| 25 |
tcp |
Gip |
[trojan] Gip |
Neophasis |
| 25 |
tcp |
Gris |
[trojan] Gris |
Neophasis |
| 25 |
tcp |
Happy99 |
[trojan] Happy99 |
Neophasis |
| 25 |
tcp |
Hpteammail |
[trojan] Hpteam mail |
Neophasis |
| 25 |
tcp |
Hybris |
[trojan] Hybris |
Neophasis |
| 25 |
tcp |
Iloveyou |
[trojan] I love you |
Neophasis |
| 25 |
tcp |
Kuang2 |
[trojan] Kuang2 |
Neophasis |
| 25 |
tcp |
MagicHorse |
[trojan] Magic Horse |
Neophasis |
| 25 |
tcp |
MBTMailBombingTrojan |
[trojan] MBT (Mail Bombing Trojan) |
Neophasis |
| 25 |
tcp |
MBT |
[trojan] MBT (Mail Bombing Trojan) |
Neophasis |
| 25 |
tcp |
MoscowEmailtrojan |
[trojan] Moscow Email trojan |
Neophasis |
| 25 |
tcp |
Naebi |
[trojan] Naebi |
Neophasis |
| 25 |
tcp |
NewAptworm |
[trojan] NewApt worm |
Neophasis |
| 25 |
tcp |
ProMailtrojan |
[trojan] ProMail trojan |
Neophasis |
| 25 |
tcp |
Shtirlitz |
[trojan] Shtirlitz |
Neophasis |
| 25 |
tcp |
Stealth |
[trojan] Stealth |
Neophasis |
| 25 |
tcp |
Stukach |
[trojan] Stukach |
Neophasis |
| 25 |
tcp |
Tapiras |
[trojan] Tapiras |
Neophasis |
| 25 |
tcp |
Terminator |
[trojan] Terminator |
Neophasis |
| 25 |
tcp |
WinPC |
[trojan] WinPC |
Neophasis |
| 25 |
tcp |
WinSpy |
[trojan] WinSpy |
Neophasis |
32 records found
« back to SG Ports
External Resources
SANS Internet Storm Center: port 25
tantalo.net port assignments: port 25
GRC: port 25
Notes:
Well Known Ports: 0 through 1023.
Registered Ports: 1024 through 49151.
Dynamic/Private : 49152 through 65535.
TCP ports use the Transmission Control Protocol. TCP is one of the main protocols in
TCP/IP networks. Whereas the IP protocol deals only with packets, TCP enables two hosts
to establish a connection and exchange streams of data. TCP guarantees delivery of data
and that packets will be delivered in the same order in which they were sent.
Guaranteed communication is the key difference between TCP and UDP.
UDP ports use the Datagram Protocol, a communications protocol for the Internet network,
transport, and session layers. Like TCP (Transmission Control Protocol),
UDP is used with IP (the Internet Protocol) and makes possible the transmission of datagrams
from one computer to applications on another computer, but unlike TCP, UDP is connectionless
and does not guarantee reliable communication; it's up to the application that received
the message to process any errors and verify correct delivery.
|
