Port 79 Details
known port assignments and vulnerabilities
threat/application/port search:
Port(s) |
Protocol |
Service |
Details |
Source |
79 |
tcp,udp |
Finger |
Finger
Finger Security Concerns: Provides key host info to attacker - Fingered host can be DOSd if hit with a recursive finger script till its memory and swap space fill. - Fingering clients can be DOSd if they finger a maliciously configured host (returns data overload - causing client to beep continually - etc.). - If fingering clients allow programmable keys - a maliciously configured host can return a finger response that maps a key to rm -rf /-. Disable on all host unless finger service is stubbed to only provide scripted data response (eg: system admin contact info - etc.).
Trojans that also use this port: ADM worm, Back Orifice 2000 (BO2K), CDK trojan (ports 79, 15858), Firehotcker (ports 79, 5321)
The legacy finger service (TCP port 79) is enabled by default on various older Lexmark devices.
References: [CVE-2019-10059] |
SG
|
79 |
tcp |
|
Finger protocol (official) |
Wikipedia
|
79 |
tcp |
trojan |
ADM worm, Firehotcker |
Trojans
|
79 |
tcp |
BO2KDataPort |
[trojan] Back Orifice 2000 (BO2K) Data Port |
Neophasis
|
79 |
tcp |
CDK |
[trojan] CDK |
Neophasis
|
79 |
tcp |
Firehotcker |
[trojan] Firehotcker |
Neophasis
|
79 |
tcp |
threat |
RAT:Firehotcker Requires VB CDK |
Bekkoame
|
79 |
tcp,udp |
finger |
Finger. Unauthorized use by some mail users (see [RFC4146] for details) |
IANA
|
|
8 records found
Related ports: 70 5321 15858
|