Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Port 2222 (tcp/udp) Attack Activity - Internet Security | DShield

SANS Site Network

Current Site

Internet Storm Center

Other SANS Sites Help

Graduate Degree Programs

Security Training

Security Certification

Security Awareness Training

Penetration Testing

Industrial Control Systems

Cyber Defense Foundations

DFIR

Software Security

Government OnSite Training

Port 2222 (tcp/udp) Attack Activity

Log In or Sign Up for Free!

Loading...

Port Information
Protocol	Service	Name
tcp	AMD	[trojan] Rootshell left by AMD exploit
tcp	rockwell-csp2	Rockwell CSP2
udp	rockwell-csp2	Rockwell CSP2
UDP	[ICS] Ethernet/IP	[ICS] Ethernet/IP

[get complete service list]

Port diary mentions
URL
2222tcp Probe Increase

User Comments
Submitted By	Date
Comment
	2004-09-09 06:58:57
Microsoft Office under Apple Macintosh OS-X broadcasts (255.255.255.255) UDP to port 2222, supposedly to check if anyone else is using the same version? s/n? of Office.
	2004-07-01 16:26:45
Looks like Macs use this port for networking.

CVE Links
CVE #	Description