Port 8080 Details

known port assignments and vulnerabilities

threat/application/port search:

Port(s)	Protocol	Service	Details	Source
8080	tcp	http	Hyper Text Transfer Protocol (HTTP) - alternative ports used for web traffic. See also TCP ports 80, 81. Some broadband routers run a web server on port 8080 for remote management. WAN Administration can (and should, in most cases) be disabled using the Web Admin interface. If you're not running web services, keep in mind that some trojans also use these ports: Reverse WWW Tunnel Backdoor - remote access/tunneling software coded in Perl, uses ports 80, 3128, 8080. Works on Unix, Linux, Solaris, AIX and OpenBSD. RingZero (a.k.a. Ring0, Trojan.PSW.Ring, RingZero.gen, Ring) - uses ports 80, 3128, 8080. Affects Windows 9x. Screen Cutter (a.k.a. Backdoor.Screencut) - uses ports 80, 8080. Mydoom.B (2004.01.28) - mass-mailing worm that opens a backdoor into the system. The backdoor makes use of TCP ports 80, 1080, 3128, 8080, and 10080. W32.Spybot.OFN (2005.04.29) - network-aware worm with DDoS and backdoor capabilities. Spreads through network shares and exploiting multiple vulnerabilities. It ay be downloaded by W32.Kelvir variants. Opens a backdoor on port 8080/tcp. Also exploits vulnerabilities on ports 445 and 1433. W32.Zotob.C@mm (2005.08.16) - a mass-mailing worm that opens a backdoor and exploits the MS Plug and Play Buffer Overflow vulnerability (MS Security Bulletin [MS05-039]) on port 445/tcp. It connects to IRC servers and listens for remote commands on port 8080/tcp. It also opens an FTP server on port 33333/tcp. Note: Same ports are used by the W32.Zotob.A and W32.Zotob.B variants of the worm as well. W32.Zotob.E(2005.08.16) - a worm that opens a backdoor and exploits the MS Plug and Play Buffer Overflow vulnerability (MS Security Bulletin [MS05-039]) on port 445/tcp. It runs and spreads using all current Windows versions, but only infects Windows 2000. The worm connects to IRC servers and listens for remote commands on port 8080/tcp. It opens port 69/udp to initiate TFTP transfers. It also opens a backdoor on remote compromised computers on port 8594/tcp. Backdoor.Naninf.D (2006.02.01) Backdoor.Naninf.C (2006.01.31) W32.Rinbot.A (2007.03.02) - a worm that opens a back door, copies itself to IPC$ shares, connects to an IRC server, and awauts commands on port 8080/tcp. Android.Acnetdoor (2012.05.16) - opens a backdoor on Android devices	SG
8080	udp	trojans	Backdoor.Tjserv.D (2005.10.04) - a backdoor trojan that acts as a HTTP and SOCKS4/5 proxy. Opens a backdoor and listens for remote commands on port 8080/udp. Also opens a HTTP, SOCKS4 and SOCKS5 proxy on port 52179/tcp.	SG
8080	tcp		HTTP alternate (http_alt) - commonly used for Web proxy and caching server, or for running a Web server as a non-root user (official)	Wikipedia
8080	tcp		Apache Tomcat (unofficial)	Wikipedia
8080	udp		FilePhile Master/Relay (unofficial)	Wikipedia
8080	tcp	trojan	Reverse WWW Tunnel Backdoor , RingZero, Screen Cutter	Trojans
8080	tcp,udp	http-alt	HTTP Alternate (see port 80)	IANA
1099,5000-5001,8080	tcp	applications	DINA RMC	Portforward
8080	tcp,udp	applications	EvoCam	Portforward
8080	tcp	applications	Pirate Radio	Portforward
8080	tcp	applications	Pirate Radio	Portforward
7777,8080,8777,9777,27900	tcp	applications	Unreal Tournament	Portforward
8080,8090	tcp	applications	WebcamXP	Portforward
8080,8888	tcp	applications	X10 Multiview	Portforward
8080	tcp	http-proxy	Common HTTP proxy/second web server port	Nmap
8080	tcp	BrownOrifice	[trojan] Brown Orifice	Neophasis
8080	tcp	Genericbackdoor	[trojan] Generic backdoor	Neophasis
8080	tcp	RemoConChubo	[trojan] RemoConChubo	Neophasis
8080	tcp	ReverseWWWTunnel	[trojan] Reverse WWW Tunnel Backdoor	Neophasis
8080	tcp	RingZero	[trojan] RingZero	Neophasis
8080	tcp	threat	Brown Orifice	Bekkoame
8080	tcp	threat	Feutel	Bekkoame
8080	tcp	threat	Haxdoor	Bekkoame
8080	tcp	threat	Hesive	Bekkoame
8080	tcp	threat	Mydoom	Bekkoame
8080	tcp	threat	Naninf	Bekkoame
8080	tcp	threat	Nemog	Bekkoame
8080	tcp	threat	Reverse WWW Tunnel Backdoor	Bekkoame
8080	tcp	threat	RingZero	Bekkoame
8080	tcp	threat	Ryknos	Bekkoame
8080	tcp	threat	Tjserv	Bekkoame
8080	tcp	threat	W32.Kelvir	Bekkoame
8080	tcp	threat	W32.Mytob	Bekkoame
8080	tcp	threat	W32.Opanki	Bekkoame
8080	tcp	threat	W32.Picrate	Bekkoame
8080	tcp	threat	W32.Spybot	Bekkoame
8080	tcp	threat	W32.Zotob	Bekkoame
8080	tcp	threat	Webus	Bekkoame

38 records found

SG security scan: port 8080

jump to:

Related ports: 80 445 591 3128 8008 8009 8081 8443 8594 33333 52179

« back to SG Ports

External Resources
SANS Internet Storm Center: port 8080
tantalo.net port assignments: port 8080
GRC: port 8080

Notes:
Well Known Ports: 0 through 1023.
Registered Ports: 1024 through 49151.
Dynamic/Private : 49152 through 65535.

TCP ports use the Transmission Control Protocol. TCP is the most commonly used protocol on the Internet and any TCP/IP network. Whereas the IP protocol deals only with packets, TCP enables two hosts to establish a connection and exchange streams of data. TCP guarantees delivery of data and that packets will be delivered in the same order in which they were sent. Guaranteed communication/delivery is the key difference between TCP and UDP.

UDP ports use the Datagram Protocol, a communications protocol for the Internet network, transport, and session layers. Like TCP (Transmission Control Protocol), UDP is used with IP (the Internet Protocol) and makes possible the transmission of datagrams from one computer to applications on another computer, but unlike TCP, UDP is connectionless and does not guarantee reliable communication; it's up to the application that received the message to process any errors and verify correct delivery. UDP is often used with time-sensitive applications, such as audio/video streaming, where dropping some packets is preferable to waiting for delayed data.

Please use the "Add Comment" button below to provide additional information or comments about port 8080.

No user reviews/comments yet

rate: avg: