Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Port 20000 (tcp/udp) Attack Activity - Internet Security | DShield Port 20000 (tcp/udp) Attack Activity

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Port Information
Protocol Service Name
tcp Millenium [trojan] Millenium
udp dnp DNP
[get complete service list]
Port diary mentions
Port 20000TCP Activity
User Comments
Submitted By Date
2012-09-12 13:17:33
This port is also used for communications in SCADA systems
Steve 2010-01-05 14:45:06
I have large amounts of UDP traffic on port 20000 that is being identified and Mariposa C&C traffic
Randy 2008-12-11 01:21:34
Port 20000 and 20001 are used as standard ports by Autonomy ( its DiSH service.
Mark FAbro 2008-12-11 01:18:50
Has anyone REALLY spent time recently doing analysy on the traffic? Abeline still has this tracking as in the top 10.
2007-12-07 16:02:31
This is the default port used by Usermin. Older versions are vulnerable to the same arbitrary file disclosure bug as Webmin; consult BID 18744 (CVE-2006-3392).
2007-02-12 12:19:37
I use this port for bittorrent, so packet analysis is needed.
Sean McBride and Ray Fink 2007-01-10 20:02:26
Port 20000 is also the default port for Usermin servers
Add a comment
CVE Links
CVE # Description