Warning!!! Warning!!! Warning!!!
If you are using Windows 95 or Windows 98, adding too many ports in Nuke Nabber may cause certain problems. This is not the case if you are running Windows NT.
Since this warning has always been shown on the bottom of this page, but is still being ignored by many people who keep sending email about problems they are experiencing it seems necessary to once again state....
Do NOT ... repeat ... do NOT add ALL the ports that are listed on this page if you are using Windows 95 or Windows 98!! Any email sent with regard to this issue to myself or the author of Nuke Nabber will not be answered.
This page was updated on: October 3rd, 1999
An * indicates a port that was added since the last major update of this page on September 13th, 1999
| Port # 1 | Protocol | Information | Default - NN 2.9b |
| 0 | ICMP | Click attack | Yes |
| 19 | UDP | Chargen | Yes |
| 21 | TCP | Detects if someone is trying to FTP to you. | No |
| 23 | TCP | Detects if someone is trying to Telnet to you. | No |
| 25 * | TCP | Several trojans use this port. | No |
| 31 * | TCP | Agent 31, Hacker's Paradise, Master's Paradise | No |
| 41 * | TCP | Deep Throat | No |
| 53 | TCP | DNS | Yes |
| 58 * | TCP | DM Setup | No |
| 80 * | TCP | Executor | No |
| 110 * | TCP | ProMail Trojan | No |
| 121 * | TCP | Jammer Killah | No |
| 129 | TCP | Password Generator Protocol | Yes |
| 137 | TCP | Netbios name (DoS attacks) | Yes |
| 138 | TCP | Netbios datagram (DoS attacks) | Yes |
| 139 | TCP | Netbios session (DoS attacks) | Yes |
| 456 * | TCP | Hacker's Paradise | No |
| 555 | TCP | Stealth Spy, Phaze | No |
| 666 | TCP | Attack FTP | No |
| 1001 * | TCP | Silencer, WebEx | No |
| 1011 * | TCP | Doly Trojan | No |
| 1012 * | TCP | Doly Trojan | No |
| 1024 * | TCP | NetSpy | No |
| 1027 | TCP | ICQ | Yes |
| 1029 | TCP | ICQ | Yes |
| 1032 | TCP | ICQ | Yes |
| 1080 | TCP | Used to detect Wingate sniffers. | Yes |
| 1170 * | TCP | Voice Streaming Audio | No |
| 1243 | TCP | Sub Seven | No |
| 1245 * | TCP | VooDoo Doll | No |
| 1492 * | TCP | FTP99CMP | No |
| 1981 | TCP | Shockrave | No |
| 1999 * | TCP | BackDoor | No |
| 2001 * | TCP | Trojan Cow | No |
| 2023 * | TCP | Ripper | No |
| 2115 * | TCP | Bugs | No |
| 2140 * | TCP | Deep Throat | No |
| 2140 | UDP | Deep Throat | No |
| 2565 * | TCP | Striker | No |
| 2583 * | TCP | WinCrash | No |
| 2801 * | TCP | Phineas Phucker | No |
| 2989 | UDP | Rat | No |
| 3024 * | TCP | WinCrash | No |
| 3129 * | TCP | Master's Paradise | No |
| 3150 * | TCP | Deep Throat | No |
| 3150 | UDP | Deep Throat | No |
| 3389 3 * | TCP | See footnote 3 at the bottom of this table. | No |
| 3700 * | TCP | Portal of Doom | No |
| 4092 * | TCP | WinCrash | No |
| 4590 * | TCP | ICQ Trojan | No |
| 5000 2 | TCP | Detects & blocks Sokets de Trois v1. | Yes |
| 5001 | TCP | Detects & blocks Sokets de Trois v1. | Yes |
| 5400 * | TCP | Blade Runner | No |
| 5401 * | TCP | Blade Runner | No |
| 5402 * | TCP | Blade Runner | No |
| 5569 * | TCP | Robo-Hack | No |
| 5742 * | TCP | WinCrash | No |
| 6400 * | TCP | The Thing | No |
| 6670 * | TCP | Deep Throat | No |
| 6711 | TCP | Sub Seven | No |
| 6712 * | TCP | Sub Seven | No |
| 6713 * | TCP | Sub Seven | No |
| 6771 * | TCP | Deep Throat | No |
| 6776 | TCP | Sub Seven | No |
| 6939 * | TCP | Indoctrination | No |
| 6969 | TCP | Gate Crasher, Priority | No |
| 6970 * | TCP | Gate Crasher | No |
| 7000 * | TCP | Remote Grab | No |
| 7300 | TCP | Net Monitor | No |
| 7301 | TCP | Net Monitor | No |
| 7306 * | TCP | Net Monitor | No |
| 7307 * | TCP | Net Monitor | No |
| 7308 * | TCP | Net Monitor | No |
| 7789 * | TCP | ICKiller | No |
| 9872 * | TCP | Portal of Doom | No |
| 9873 * | TCP | Portal of Doom | No |
| 9874 * | TCP | Portal of Doom | No |
| 9875 * | TCP | Portal of Doom | No |
| 9989 * | TCP | iNi-Killer | No |
| 10067 * | TCP | Portal of Doom | No |
| 10067 | UDP | Portal of Doom | No |
| 10167 * | TCP | Portal of Doom | No |
| 10167 | UDP | Portal of Doom | No |
| 10520 * | TCP | Acid Shivers | No |
| 10607 * | TCP | Coma | No |
| 11000 * | TCP | Senna Spy | No |
| 11223 * | TCP | Progenic Trojan | No |
| 12076 | TCP | GJamer | No |
| 12223 * | TCP | Hack'99, KeyLogger | No |
| 12345 | TCP | Netbus, Ultor's Telnet Trojan | No |
| 12346 | TCP | Netbus | No |
| 12456 * | TCP | NetBus | No |
| 13000 * | TCP | Senna Spy | No |
| 16969 * | TCP | Priority | No |
| 20000 | TCP | Millennium | No |
| 20001 | TCP | Millennium | No |
| 20034 * | TCP | NetBus 2 Pro | No |
| 21554 | TCP | GirlFriend | No |
| 22222 * | TCP | Prosiak | No |
| 23456 | TCP | EvilFTP, UglyFTP | No |
| 26274 * | TCP | Delta Source | No |
| 26274 * | UDP | Delta Source | No |
| 29891 * | TCP | The Unexplained | No |
| 30100 | TCP | NetSphere | No |
| 30101 * | TCP | NetSphere | No |
| 30102 | TCP | NetSphere | No |
| 30303 * | TCP | Sockets de Troie | No |
| 31337 | UDP | Backorifice (BO) | No |
| 31337 | TCP | Netpatch | No |
| 31338 * | TCP | NetSpy DK | No |
| 31338 | UDP | Deep BO | No |
| 31339 * | TCP | NetSpy DK | No |
| 31785 | TCP | Hack'a'Tack | No |
| 31789 | UDP | Hack'a'Tack | No |
| 31791 | UDP | Hack'a'Tack | No |
| 33333 * | TCP | Prosiak | No |
| 40421 | TCP | Master's Paradise - Hacked | No |
| 40412 * | TCP | The Spy | No |
| 40422 | TCP | Master's Paradise - Hacked | No |
| 40423 | TCP | Master's Paradise - Hacked | No |
| 40425 | TCP | Master's Paradise - Hacked | No |
| 40426 * | TCP | Master's Paradise | No |
| 47252 * | TCP | Delta Source | No |
| 47262 * | UDP | Delta Source | No |
| 50505 | TCP | Detects & blocks Sokets de Trois v2. | No |
| 50776 * | TCP | Fore | No |
| 53001 * | TCP | Remote Windows Shutdown | No |
| 54320 | TCP | Back Orifice 2000 | No |
| 54320 * | UDP | Back Orifice | No |
| 54321 * | TCP | School Bus, Back Orifice | No |
| 54321 | UDP | Back Orifice 2000 | No |
| 60000 * | TCP | Deep Throat | No |
| 61466 * | TCP | Telecommando | No |
| 65000 | TCP | Devil | No |
| 1 | If you are using Windows 95 or Windows 98, adding too many ports in Nuke Nabber may cause certain problems. This is not the case if you are running Windows NT. |
| 2 | If you are having problems connecting to IRC servers, remove port 5000. |
| 3 | Windows NT is vulnerable to a Terminal Server Attack through port 3389 (tcp). This denial of service attack affects the CPU/GDI Resources and eventually crashes the machine. It only affects Windows NT Workstation and Server. You must use the post service pack 5 patch to fix it. |
Click here for more information or if you have questions about NukeNabber.
Prepared by: ladyann@la-magic.com
This page was updated on: October 3rd, 1999
Page design & maintenance courtesy of
The Page Boutique
