| Port(s) |
Protocol |
Service |
Scan level |
Description |
| 1415 |
tcp |
trojans |
Premium scan |
Last 2000, Singularity |
| 1417 |
tcp,udp |
applications |
not scanned |
Timbuktu Pro Windows
The authentication protocol in Timbuktu Pro 2.0b650 allows remote attackers to cause a denial of service via connections to port 407 and 1417.
References: [CVE-2000-0142]
Timbuktu Service 1 Port (IANA official) |
| 1418 |
tcp,udp |
applications |
not scanned |
Timbuktu Pro Windows |
| 1419 |
tcp,udp |
applications |
not scanned |
Timbuktu Pro Windows |
| 1420 |
tcp,udp |
applications |
not scanned |
Timbuktu Pro Windows |
| 1431 |
tcp,udp |
rgtp |
not scanned |
IANA registered for: Reverse Gossip Transport |
| 1433 |
tcp |
ms-sql-s |
Members scan |
Microsoft SQL Server.
Vulnerabilities: Check CERT advisories CA-2002-22 - multiple vulnerabilities, CA-2003-04 MS SQL Server Worm. See also Microsoft Security Bulletin [MS02-061].
The Gaobot family of worms also exploit this port.
IBM License Metric Tool ports
1433 TCP - SQL server connection
9081 TCP - HTTPS web browser connections to server
50000 TCP - DB2 server connection
52311 TCP - BigFix clients and console connect to the server
Digispid.B.Worm [Symantec-2002-052108-5430-99] (2002.05.21) - worm that spreads to computers running MS SQL server and have blank SQL admin password. Uses port 1433/tcp.
W32.Kelvir.R [Symantec-2005-041214-1218-99] (2005.04.12) - worm that spreads through MSN messenger and drops a variant of W32.Spybot.Worm. It spreads using several known MS vulnerabilities, including MS security Bulletin [MS02-061] Microsoft SQL Server 2000 or MSDE 2000 audit using port 1434/udp.
Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, a.k.a. the "Hello" overflow.
References: [CVE-2002-1123], [BID-5411]
The database server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a request to TCP port 1433.
References: [CVE-2014-4684]
|
| 1434 |
tcp,udp |
ms-sql-s |
Premium scan |
Microsoft SQL Server.
Vulnerabilities: Check CERT advisories CA-2002-22 - multiple vulnerabilities, CA-2003-04 MS SQL Server Worm. The Gaobot family of worms also exploit this port.
See also: Microsoft Security Bulletin [MS02-061].
Digispid.B.Worm [Symantec-2002-052108-5430-99] (2002.05.21) - worm that spreads to computers running MS SQL server and have blank SQL admin password. Uses port 1433/tcp.
W32.Kelvir.R [Symantec-2005-041214-1218-99] (2005.04.12) - worm that spreads through MSN messenger and drops a variant of W32.Spybot.Worm. It spreads using several known MS vulnerabilities, including MS security Bulletin [MS02-061] Microsoft SQL Server 2000 or MSDE 2000 audit using port 1434/udp.
Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components (MDAC) 2.5 through 2.7 allows remote attackers to execute arbitrary code via a long response to a broadcast request to UDP port 1434.
References: [CVE-2003-0353] [BID-8455]
A vulnerability has been identified in SIMATIC IT UADM (All versions < V1.3). An authenticated remote attacker with network access to port 1434/tcp of SIMATIC IT UADM could potentially recover a password that can be used to gain read and write access to the related TeamCenter station. The security vulnerability could be exploited only if the attacker is authenticated. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises the confidentiality of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.
References: [CVE-2019-13929], [XFDB-168664] |
| 1437 |
tcp,udp |
applications |
not scanned |
Kohan Immortal Sovereigns |
| 1441 |
tcp |
trojan |
Premium scan |
RemoteStorm trojan |
| 1443 |
tcp,udp |
ies-lm |
not scanned |
Integrated Engineering Software (IANA official)
Siemens SIMATIC WinCC and PCS7 could allow a remote authenticated attacker to gain elevated privileges on the system, caused by an error in the Database Server. By sending a specially-crafted command to TCP port 1443, an attacker could exploit this vulnerability to gain elevated privileges on the system.
References: [CVE-2014-4684] [BID-68880] |
| 1444 |
tcp |
trojans |
Premium scan |
Backdoor.Homutex [Symantec-2005-071512-0035-99] (2005.07.15) - a trojan with backdoor capabilities. Opens a backdoor and listens for remote commands on port 1444/tcp. Also attempts to sends information about the infected computer on port 1443/tcp. |
| 1451 |
tcp,udp |
games |
not scanned |
Action PC Football 2006 (APF2006) game ports: 1451-1454, 32019 TCP |
| 1452 |
tcp |
games |
not scanned |
Action PC Baseball 2017 game
Action PC Football 2006 game ports: 1451-1454, 32019 TCP |
| 1453 |
tcp |
games |
not scanned |
Action PC Football 2006 (APF2006) game ports: 1451-1454, 32019 TCP
Genie License Manager (IANA official) |
| 1454 |
tcp |
games |
not scanned |
Action PC Football 2006 (APF2006) game ports: 1451-1454, 32019 TCP
interHDL License Manager (IANA registered) |
| 1459 |
tcp,udp |
proshare1 |
not scanned |
Prosahre Notebook Application |
| 1460 |
tcp,udp |
proshare2 |
not scanned |
Proshare Notebook Application |
| 1470 |
tcp,udp |
uaiact |
not scanned |
Solarwinds Kiwi Log Server uses port 1470 (TCP).
IANA registered for: Universal Analytics. |
| 1476 |
tcp,udp |
applications |
not scanned |
Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to TCP port 1701 in JBoss 3.2.1, and port 1476 in JBoss 3.0.8.
References: [CVE-2003-0845], [BID-8773] |
| 1477 |
tcp |
applications |
not scanned |
Microsoft Host Integration Server is vulnerable to a denial of service, caused by the improper processing of malicious network traffic by the snabase.exe service. By sending a specially-crafted packet to TCP ports 1477 and 1478 or UDP port 1478, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.
References: [CVE-2011-2007]
Port is also IANA registered for ms-sna-server |
| 1478 |
tcp,udp |
applications |
not scanned |
Microsoft Host Integration Server is vulnerable to a denial of service, caused by the improper processing of malicious network traffic by the snabase.exe service. By sending a specially-crafted packet to TCP ports 1477 and 1478 or UDP port 1478, a remote attacker could exploit this vulnerability to cause the application to stop responding.
References: [CVE-2011-2008]
Port is also IANA registered for ms-sna-base |
| 1480 |
tcp |
trojan |
Premium scan |
RemoteHack |
| 1481 |
tcp,udp |
airs |
not scanned |
AIRS data interchange |
| 1490 |
tcp |
applications |
not scanned |
VocalTec Internet Phone |
| 1492 |
tcp |
trojans |
Premium scan |
CivNet game
FTP99CMP - remote access trojan, 05.1999. Runs an FTP server on port 1492.
Back.Orifice.FTP also uses port 1492.
Backdoor.Win32.FTP99 / Authentication Bypass Race Condition - the malware listens on TCP port 1492. Credentials are stored in cleartext in "Serv-u.ini" file under "C:\Program Files (x86)\My Paquet archive" with a blank password. Third-party attackers who can reach the system before a password has been set can logon by just supplying the username "HACKCITY".
References: [MVID-2022-0465]
Backdoor.Win32.FTP99 / Port Bounce Scan (MITM) - the malware listens on TCP port 1492. Third-party intruders who successfully logon can abuse the backdoor FTP server as a man-in-the-middle machine allowing PORT Command bounce scan attacks using Nmap. This vulnerability allows remote attackers to abuse your system and discreetly conduct network port scanning. Victims will then think these scans are originating from the infected system running the afflicted malware FTP Server and not you.
References: [MVID-2022-0466] |
| 1494 |
tcp |
citrix |
not scanned |
Citrix NetScaler gateway XendDesktop/Virtual Desktop uses port 1494 TCP/UDP for access to applications and virtual desktops by ICA/HDX.
Citrix WinFrame, also uses port 1604 UDP. |
| 1500 |
tcp |
applications |
not scanned |
NetGuard GuardianPro firewall (NT4-based) Remote Management
IBM Tivoli Storage Manager (TSM) is vulnerable to a buffer overflow, caused by improper bounds checking by the SmExecuteWdsfSession() function. By sending a specially-crafted string to TCP port 1500 during a login attempt, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the TSM service to crash .
References: [CVE-2006-5855], [BID-21440]
Backdoor.Win32.Levelone.a / Remote Stack Buffer Overflow - the malware listens on Port 1500, sending a specially crafted HTTP TRACE request causes a buffer overflow and overwrites EIP with our payload. If testing you need delete the executable in order to run the malware again, c:\>del \Windows\SysWOW64\dllvector.exe. Packed with UPX so just upx -d to unpack.
References: [MVID-2021-0020]
VLSI License Manager (IANA official) |
| 1501 |
udp |
applications |
not scanned |
NetGuard GuardianPro firewall (NT4-based) Authentication Client |
| 1503 |
tcp |
Netmeeting |
not scanned |
T.120 communication protocols used for teleconferencing, videoconferencing and data sharing. Windows Live Messenger, NetMeeting with H323, CU-SeeMe-CUworld.
Databeam (IANA official) |
| 1505 |
tcp |
trojan |
Premium scan |
FunkProxy |
| 1509 |
tcp |
trojans |
Premium scan |
Psyber Streaming Server (PSS) - remote access trojan, uses ports 1170, 1509, 4000. |
| 1510 |
tcp |
games |
not scanned |
Nascar 3 |
| 1512 |
tcp,udp |
wins |
not scanned |
IANA registered for: Microsoft's Windows Internet Name Service (WINS) |
| 1513 |
tcp,udp |
fujitsu-dtc |
not scanned |
Garena Gaming Client
IANA registered for: Fujitsu Systems Business of America Inc |
| 1514 |
tcp,udp |
fujitsu-dtcns |
not scanned |
Fujitsu Systems Business of America Inc |
| 1517 |
tcp,udp |
vpac |
not scanned |
Valmet DNA could allow a remote attacker to execute arbitrary code on the system, caused by a command injection vulnerability in the Valmet DNA service when it is listening on TCP port 1517. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute code with SYSTEM privileges.
References: [XFDB-220353], [CVE-2021-26726]
Virtual Places Audio control (IANA official)
|
| 1521 |
tcp |
oracle |
not scanned |
Oracle database default listener. Oracle Database Management uses the following ports:
1521 TCP - Oracle SQL Net Listener and Data Guard
1832 TCP - Oracle Enterprise Management Agent HTTP (range 1830-1849)
49896 TCP - Oracle Clusterware (CRS daemon)
Transparent Network Substrate (TNS) Listener in Oracle 9i 9.0.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a single malformed TCP packet to port 1521.
References: [CVE-2002-0509], [BID-4391]
Port is also IANA registered for nCube License Manager |
| 1524 |
tcp |
backdoor |
Premium scan |
Many attack scripts install a backdoor shell at this port (especially those against Sun systems via holes in sendmail and RPC services like statd, ttdbserver, and cmsd). Connections to port 600/pcserver also have this problem. [Cert IN-99-04]
Trin00 (DDoS) trojan horse also uses port 1524 (TCP).
IANA registered for: ingres (TCP/UDP) |
| 1525 |
tcp,udp |
orasrv |
not scanned |
Oracle
Archie, Prospero trojans also use this port (TCP). |
| 1526 |
tcp |
|
not scanned |
Oracle database common alternative for listener |
| 1527 |
tcp,udp |
tlisrv |
not scanned |
Apache Derby Network Server default port
IANA registered for: Oracle |
| 1528 |
tcp,udp,sctp |
norp |
not scanned |
Not Only a Routeing Protocol (IANA official) |
| 1530 |
tcp |
applications |
not scanned |
The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows remote attackers to cause a denial of service (crash) via a packet with a large data size to TCP port 1530.
References: [CVE-2011-0514]
Port also IANA registered for rap-service |
| 1533 |
tcp |
trojans |
Premium scan |
Backdoor.Miffice [Symantec-2002-082617-0523-99] (2002.08.26) - remote access trojan. Affects all current Windows versions.
IBM Lotus Sametime is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the Community Services Multiplexer service (StMux.exe). By sending an overly long HTTP request to TCP port 1533, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
References: [CVE-2008-2499], [BID-29328]
Port is also registered with IANA for: Virtual Places Software |
| 1534 |
tcp |
trojan |
Premium scan |
Bizex.Worm
The Eclipse TCF debug interface in JasMiner-X4-Server-20220621-090907 and below is open on port 1534. This issue allows unauthenticated attackers to gain root privileges on the affected device and access sensitive data or execute arbitrary commands.
References: [CVE-2022-36601] |
| 1534 |
udp |
applications |
not scanned |
Eclipse Target Communication Framework |
| 1540 |
tcp,udp |
rds |
not scanned |
1C:Enterprise server agent (ragent)
IANA registered for: rds |
| 1541 |
tcp,udp |
rds2 |
not scanned |
1C:Enterprise master cluster manager (rmngr)
IANA registered for: rds2 |
| 1542 |
tcp,udp |
gridgen-elmd |
not scanned |
1C:Enterprise configuration repository server
IANA registered for: gridgen-elmd |
| 1545 |
tcp,udp |
vistium-share |
not scanned |
1C:Enterprise cluster administration server (RAS)
IANA registered for: vistium-share |
| 1547 |
tcp,udp |
applications |
not scanned |
Laplink |
| 1550 |
tcp,udp |
3m-image-lm |
not scanned |
Gadu-Gadu (direct client-to-client)
IANA registered for: Image Storage license manager 3M Company |
| 1556 |
tcp,udp |
veritas |
not scanned |
Port used by Veritas PBX (Private Branch Exchange) Service
Veritas uses the following ports:
1556 - Veritas PBX Service
2821 - VxSS Authentication Service
4032 - VxSS Authorization Service
13724 - Veritas NetBackup Network Service
13783 - nbatd
13722 - nbazd
|
| 1558 |
tcp,udp |
xingmpeg |
not scanned |
Xing StreamWorks |
| 1560 |
tcp |
trojans |
Premium scan |
Big Gluck, Duddie |
| 1561 |
udp |
trojan |
not scanned |
MuSka52 |
| 1568 |
tcp |
trojan |
Premium scan |
Remote Hack |
| 1580 |
tcp,udp |
tn-tl-r1 |
not scanned |
Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 1580 or port 1581.
References: [CVE-2002-0541] [BID-4500] [BID-4492]
tn-tl-r1 / tn-tl-r1 (IANA official) |
| 1581 |
tcp,udp |
applications |
not scanned |
Cross-site scripting (XSS) vulnerability in the CAD service in IBM Tivoli Storage Manager (TSM) Client 5.3.5.3 and 5.4.1.2 for Windows allows remote attackers to inject arbitrary web script or HTML via HTTP requests to port 1581, which generate log entries in a dsmerror.log file that is accessible through a certain web interface.
References: [CVE-2007-4348] [BID-26221]
Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 1580 or port 1581.
References: [CVE-2002-0541] [BID-4500] [BID-4492]
Port also IANA registered for MIL-2045-47001. |
| 1582 |
tcp,udp |
msims |
not scanned |
IANA registered for: MSIMS
IBM Tivoli Storage Manager server web interface[121] also uses this port (TCP). |
| 1583 |
tcp |
applications |
not scanned |
Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 allows remote attackers to execute arbitrary code via crafted traffic to TCP port 1583. The overflow occurs after Server-Client encryption-key exchange. The issue results from an integer underflow that leads to a zero-byte allocation. The _srvLnaConnectMP1 function is affected.
References: [CVE-2017-11757]
IBM Tivoli Storage Manager server web interface[121] and Pervasive PSQL also use this port. |
| 1584 |
tcp |
applications |
not scanned |
Dialpad |
| 1585 |
tcp |
applications |
not scanned |
Dialpad |
| 1589 |
tcp,udp |
vqp |
not scanned |
IANA registered for: VQP |
| 1590 |
tcp,udp |
gemini-lm |
not scanned |
GE Smallworld Datastore Server (SWMFS/Smallworld Master Filesystem) uses port 1590 (TCP).
IANA registered for: gemini-lm. |
| 1599 |
tcp |
simbaservices |
not scanned |
Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599.
References: [CVE-2014-3693]
IANA registered for: simbaservices
|
| 1600 |
tcp |
trojans |
Premium scan |
Port used by some trojans: Shiva Burka, Backdoor.DirectConnection (remote access trojan, uses ports 1000, 1600-1602) |
| 1601 |
tcp |
trojan |
Premium scan |
Direct Connection |
| 1602 |
tcp |
trojan |
Premium scan |
Direct Connection |
| 1604 |
udp |
citrix |
not scanned |
Citrix WinFrame uses port 1604 UDP and port 1494 TCP.
DarkComet RAT (Remote Administration Tool) uses port 1604 (both TCP and UDP) by default.
|
| 1604 |
tcp |
rat |
Premium scan |
DarkComet RAT (Remote Administration Tool) uses port 1604 (both TCP and UDP) by default.
ICA Browser |
| 1609 |
tcp |
amp |
not scanned |
Numara Asset Manager Platform (AMP) uses the following ports:
1610 - primary AMP port
1611 - communication between console and master server
Other optional ports used by AMP:
1609 - used to calculate available bandwidth for transfer windows
1612 - used by the application kiosk feature
2500 - used for multicast data transfers to agents
5400 - used for remote control only
22,23,25,135-139,445 - used for auto discovery, SSH remote inventory scans, SMB remote inventory
161 - SNMP remote inventory scan
67-69 - relays can be used to avoid opening ports over the wan
|
| 1610 |
tcp |
amp |
not scanned |
Numara Asset Manager Platform (AMP) uses the following ports:
1610 - primary AMP port
1611 - communication between console and master server
Other optional ports used by AMP:
1609 - used to calculate available bandwidth for transfer windows
1612 - used by the application kiosk feature
2500 - used for multicast data transfers to agents
5400 - used for remote control only
22,23,25,135-139,445 - used for auto discovery, SSH remote inventory scans, SMB remote inventory
161 - SNMP remote inventory scan
67-69 - relays can be used to avoid opening ports over the wan
|
| 1611 |
tcp |
applications |
not scanned |
Numara Asset Manager Platform (AMP) uses the following ports:
1610 - primary AMP port
1611 - communication between console and master server
Other optional ports used by AMP:
1609 - used to calculate available bandwidth for transfer windows
1612 - used by the application kiosk feature
2500 - used for multicast data transfers to agents
5400 - used for remote control only
22,23,25,135-139,445 - used for auto discovery, SSH remote inventory scans, SMB remote inventory
161 - SNMP remote inventory scan
67-69 - relays can be used to avoid opening ports over the wan
Port also used by: Black and White game |
| 1612 |
tcp,udp |
appliactions |
not scanned |
Numara Asset Manager Platform (AMP) uses the following ports:
1610 - primary AMP port
1611 - communication between console and master server
Other optional ports used by AMP:
1609 - used to calculate available bandwidth for transfer windows
1612 - used by the application kiosk feature
2500 - used for multicast data transfers to agents
5400 - used for remote control only
22,23,25,135-139,445 - used for auto discovery, SSH remote inventory scans, SMB remote inventory
161 - SNMP remote inventory scan
67-69 - relays can be used to avoid opening ports over the wan
Port also used by:
NetBill Transaction Server
Video game Black and White (TCP) |
| 1613 |
tcp,udp |
netbill-keyrep |
not scanned |
NetBill Key Repository |
| 1614 |
tcp,udp |
netbill-cred |
not scanned |
NetBill Credential Server |
| 1615 |
tcp,udp |
netbill-auth |
not scanned |
NetBill Authorization Server |
| 1616 |
tcp,udp |
netbill-prod |
not scanned |
NetBill Product Server |
| 1621 |
tcp,udp |
softdataphone |
not scanned |
A security issue has been reported in Cisco Mobility Services Engine, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the Oracle SSL service misconfiguration and can exploited to bypass the authentication mechanism by connecting to an unprotected port (1621).
References: [CVE-2013-3469], [SECUNIA-54709]
IANA registered for softdataphone |
| 1626 |
tcp,udp |
applications |
not scanned |
Robot Rage, Street Fighter Online, Shockwave, iSketch (TCP) |
| 1627 |
tcp |
applications |
not scanned |
iSketch |
| 1630 |
udp |
games |
not scanned |
Europa Universalis III: In Nomine uses ports 1630-1638, developer: Paradox Interactive |
| 1634 |
tcp |
trojan |
Premium scan |
NetCrack |
| 1638 |
udp |
games |
not scanned |
Europa Universalis III: In Nomine uses ports 1630-1638, developer: Paradox Interactive |
| 1639 |
tcp |
trojans |
Members scan |
W32.Bofra.E@mm [Symantec-2004-111213-5143-99] (2004.11.12) - a mass-mailing worm that exploits the MS Internet Explorer IFRAME vulnerability [BID-11515]. Affects all current Windows versions.
Runs as an HTTP server on port 1639/tcp, Attempts to connect to IRC servers on port 6667/tcp.
W32.Bofra.C@mm [Symantec-2004-111113-3948-99] (2004.11.11) - another variant of the Bofra worm. It opens ports 1639/tcp and 1640/tcp for listening, opens an ident daemon on port 113/tcp, connects to IRC servers on port 6667/tcp.
W32.Bofra.A@mm [Symantec-2004-110916-0038-99] (2004.11.08).
W32.Bofra.D@mm [Symantec-2004-110911-3939-99] (2004.11.09). |
| 1640 |
tcp |
trojans |
Premium scan |
W32.Bofra.C@mm [Symantec-2004-111113-3948-99] (2004.11.11) - mass-mailing worm that exploits the MS Internet Explorer IFRAME Vulnerability [BID-11515]. Also spreads by sending email to addresses found on the infected computer. It can affect all current Windows versions.
It opens ports 1639/tcp and 1640/tcp for listening, opens an ident daemon on port 113/tcp, connects to IRC servers on port 6667/tcp. |
| 1641 |
tcp,udp |
invision |
not scanned |
The Synel SY-780/A Time & Attendance terminal allows remote attackers to cause a denial of service (device hang) via network traffic to port (1) 1641, (2) 3734, or (3) 3735.
References: [CVE-2012-2970]
InVision (IANA official) |
| 1645 |
udp |
RADIUS |
not scanned |
RADIUS (Remote Authentication Dial-In User Service, RFC 2865 and RFC 2866) is a freely available distributed security system developed by Lucent Technologies InterNetworking Systems. Lucent has worked with the IETF (Internet Engineering Task Force) to define RADIUS as an interoperable method for distributed security on the Internet. RADIUS was designed based on a previous recommendation from the IETF's Network Access Server Working Requirements Group.
Uses UDP ports 1645 & 1646, or 1812 & 1813.
A vulnerability has been reported in Cisco Secure Access Control Server, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error when parsing EAP-FAST user identities and can be exploited to execute arbitrary commands via specially crafted packets sent to UDP port 1645 or 1812.
References: [CVE-2013-3466], [SECUNIA-54610] |
| 1646 |
udp |
RADIUS |
not scanned |
RADIUS (Remote Authentication Dial-In User Service, RFC 2865 and RFC 2866 ) is a freely available distributed security system developed by Lucent Technologies InterNetworking Systems. Lucent has worked with the IETF (Internet Engineering Task Force) to define RADIUS as an interoperable method for distributed security on the Internet. RADIUS was designed based on a previous recommendation from the IETF's Network Access Server Working Requirements Group.
Uses UDP ports 1645 & 1646, or 1812 & 1813. |
| 1649 |
tcp |
applications |
not scanned |
IP Failover |
| 1661 |
tcp,udp |
netview-aix-1 |
not scanned |
netview-aix-1 |
| 1662 |
tcp,udp |
netview-aix-2 |
not scanned |
netview-aix-2 |
| 1663 |
tcp,udp |
netview-aix-3 |
not scanned |
netview-aix-3 |
| 1664 |
tcp,udp |
netview-aix-4 |
not scanned |
netview-aix-4 |
| 1665 |
tcp,udp |
netview-aix-5 |
not scanned |
netview-aix-5 |
| 1666 |
tcp,udp |
netview-aix-6 |
not scanned |
Perforce uses port 1666 (TCP).
IANA registered for: netview-aix-6. |
| 1667 |
tcp,udp |
netview-aix-7 |
not scanned |
netview-aix-7 |
| 1668 |
tcp,udp |
netview-aix-8 |
not scanned |
netview-aix-8 |
