Port Scan Results
Please wait. A Port Scan requires from 5 seconds to 3 minutes to complete.Your screen will automatically scroll as your port scan results are displayed. This free port scan will test 22 of the 500 most commonly used communication ports on your computer/server.
Automatic Connection Analyzer
Your computer reported an IP address of 220.28.xxx.xxx, but your actual IP address is xxx.xxx.xxx.xxx.
There is a router, proxy, or firewall between you and the Internet. Your port scan results may reflect the security of your router, firewall or proxy instead of your computer.
| Program | Port | Status | Explanation |
| FTP | 21 | Stealth | File Transfer Protocol (FTP) allows users to transfer files to other computers over the Internet. A poorly configured FTP server allows hackers to copy your files, install trojan applications on your computer or obtain unauthorized remote command prompt access to your computer |
| SSH | 22 | Stealth | Secure Shell (SSH) uses encryption to secure information sent over a network. While it typically improves security there are numerous problems with older versions of SSH which may allow brute force attacks. |
| Telnet | 23 | Stealth | Telnet allows a remote user to access your computer and perform commands. It is suspectible to brute force attacks and clear text password sniffing. A computer is misconfigured if this port is open. Use SSH instead. |
| SMTP | 25 | Stealth | SMTP is used to send email. There are numerous vulnerabilities with SMTP such as unauthorized hard disk file access, username verification or SPAM email redirection. |
| DNS | 53 | Stealth | Domain Name Services are used to tell other computers what your IP address is. There are several exploits associated with this service. |
| Finger | 79 | Stealth | Finger provides information such as usernames and usage information. Turn this service off or block this port to stop others from gaining valuable system information. |
| HTTP | 80 | Open | World Wide Web services allow you to publish web pages to the Internet. There are hundreds of severe security vulnerabilities associated with this service. Keep your WWW server software updated. |
| POP3 | 110 | Stealth | Post Office Protocol(POP) software downloads email. Hackers may use weaknesses in POP to intercept your email, create fictitious mail accounts or gain remote access to your computer. |
| NetBIOS | 139 | Stealth | NetBIOS is used by Microsoft Windows and some UNIX/Linux programs to share files. If your hard disk is shared improperly (write access to everyone without authentication) you may be giving the world access to your hard disk. (Trojan files can be copied to your computer.) Make sure this port is closed and your hard drive shares are configured properly. |
| SNMP | 161 | Stealth | Simple Network Management Protocol (SNMP) port may allow a hacker to obtain information about your computer. There are also security vulnerabilities associated with this port. You should turn off this service if you don't need it. |
| SSL | 443 | Stealth | HTTP servers use Secure Sockets Layer (SSL) to encrypt data from web browsers. There are hundreds of severe security vulnerabilities associated with this service. Keep your WWW server software updated. |
| MS DS | 445 | Stealth | Microsoft Directory Services is used by Microsoft Networks for security authentication. Typically this port should not be exposed to the Internet. |
| Socks Proxy | 1080 | Stealth | An unsecured SOCKS Proxy may disqualify you from IRC server access. Make sure this port is closed. |
| KaZaA | 1214 | Stealth | KaZaA is a popular peer-to-peer file-sharing program with many known vulnerabilities and at least one known worm (Benjamin) targeting it. |
| UPnP | 5000 | Stealth | Universal Plug and Play allows your computer to automatically integrate with other network devices. There are known security vulnerabilities associated with this service |
| HTTP Proxy | 8080 | Stealth | HTTP Proxy provides a way for a hacker to pretend to be your computer. Others who may have been hacked may see your computer address and want you to justify why you hacked them. |
Trojan Port Scan Results for: 220.28.xxx.xxx
| Program | Port | Status | Trojans Common to Port |
| Trojan | 6776 | Stealth | 2000 Cracks, BackDoor-G, SubSeven, VP Killer |
| Trojan | 7000 | Stealth | Exploit Translation Server, Kazimas, Remote Grab, SubSeven, SubSeven 2.1 Gold |
| Trojan | 12345 | Stealth | Ashley, Cron/Crontab, Fat Bitch trojan, GabanBus, icmp_client.c, icmp_pipe.c, Mypic, NetBus, NetBus Toy, NetBus worm, Pie Bill Gates, Whack Job, X-bill |
| Trojan | 20034 | Stealth | NetBus 2.0 Pro, NetBus 2.0 Pro Hidden, NetRex, Whack Job |
| Trojan | 27374 | Stealth | Bad Blood, Ramen, Seeker, SubSeven, SubSeven 2.1 Gold, Subseven 2.1.4 DefCon 8, SubSeven Muie, Ttfloader |
| Trojan | 31337 | Stealth | Back Fire, Back Orifice 1.20 patches, Back Orifice (Lm), Back Orifice Russian, Baron Night, Beeone, BO client, BO Facil, BO spy, BO2, Cron/Crontab, Freak88, Freak2k, icmp_pipe.c, Sockdmini |
Stealth Test
With the help of the Stealth test you can
determine if your computer is visible to
the others on the Internet. You can also
use this test to determine if your firewall
is successful in making ports of your system
stealthed.
To determine if your system is visible to
the other on the Internet (or your firewall
stealthes your system) we will send the following
packets to TCP:1 port of your machine:
TCP ping packet
Description: An uniquely configured TCP packet
with the ACK flag set to a probable port
number
TCP NULL packet
Description: An uniquely configured TCP packet
that contain a sequence number but no flags
TCP FIN packet
Description: The TCP FIN scanning is able
to pass undetected through most personal
firewalls, packet filters, and scan detection
programs. The scan utilizes TCP packet with
the FIN flag set to a probable port number.
TCP XMAS packet
Description: The TCP packet with the URG,
PUSH(PSH) and FIN flags set to a probable
port number.
UDP packet
Description: An uniquely configured UDP packet
with empty datagram.
Each packet represents various scanning techniques
(i.e. TCP NULL packet represents TCP NULL
scanning technique). Most of the techniques
are widely used by the hackers. If your system
(or firewall) sends any response on any of
the packets, it will mean that system is
visible (non-stealthed) to the other on the
Internet.
In the results of the test you will see the
status(stealthed/non-stealthed) of each sent
packet so you can determine what technique
has tricked your system (firewall).
The test begins when you click on "Start
Test".
ATTENTION!
By clicking the button "Start Test"
you confirm your consent of the following
statements:
Your computer will be scanned and checked
by our scanner;
The results of your test will remain confidential
and will not be given to any third party;
The test does not give a sound basis for
legal claims of irreversible consequences
to your computer;
IP Address test
The test has determined your IP address to
be:
220.28.xxx.xxx
Please verify that this is your true IP address.
If the IP address determined by the test
is not your true IP address please cancel
the test as further results of the test would
be incorrect. Commonly the test fails to
determine your true IP address because of
you are connected to the Internet through
a proxy-server or your ISP uses Network Address
Translation (NAT) to share IP addresses.
If this is your true IP address click on
"Continue" to determine the settings
of the test.
Note:if your computer or ISP uses a corporate
firewall, ask your system administrator for
permission for further scanning of your IP.
The results of Stealth Test
We have sent following packets to TCP:1 port
of your machine:
TCP ping packet
TCP NULL packet
TCP FIN packet
TCP XMAS packet
UDP packet
Here is the description of possible results
on each sent packet:
"Stealthed" - Means that your system
(firewall) has successfuly passed the test
by not responding to the packet we have sent
to it.
"Non-stealthed" - Means that your
system (firewall) responded to the packet
we have sent to it. What is more important,
is that it also means that your computer
is visible to others on the Internet that
can be potentially dangerous.
| Packet' type | Status |
| TCP "ping" | stealthed |
| TCP NULL | stealthed |
| TCP FIN | stealthed |
| TCP XMAS | stealthed |
| UDP | stealthed |
Recommendation:
Your computer is invisible to the others
on the Internet!
Browser Test
This test will check if your browser reveals
any of your personal information. This might
be the sites you have visited, the region
you live in, who your Internet Service Provider
is, etc. The test will recommend specific
settings of your browser for you to change.
The test begins when you click on "Start
Test".
ATTENTION!
By clicking the button "Start Test"
you confirm your consent of the following
statements:
Your computer will be checked by our scanner;
The results of your test will remain confidential
and will not be given to any third party;
The test does not give a sound basis for
legal claims of irreversible consequences
to your computer;
IP Address test
The test has determined your IP address to
be:
220.28.xxx.xxx
Please verify that this is your true IP address.
If the IP address determined by the test
is not your true IP address please cancel
the test as further results of the test would
be incorrect. Commonly the test fails to
determine your true IP address because of
you are connected to the Internet through
a proxy-server or your ISP uses Network Address
Translation (NAT) to share IP addresses.
If this is your true IP address click on
"Continue" to determine the settings
of the test.
Note:if your computer or ISP uses a corporate
firewall, ask your system administrator for
permission for further scanning of your IP.
Results of the test:
Cookies check
Your computer does not save special
cookies on your hard drive
Recommendation
Your browser (or firewall) set to block cookies
so there is no risk to your privacy.
Referrer check
While visiting web sites your
browser reveals private information (called
'referrer') about previous sites you have
visited.
Recommendation
We advise you to get personal firewall software.
If you already have a firewall program adjust
it to block the distribution of such information
(referrer).
What is a referrer?
When you browse a web site, it can collect
various data about you, such as the Internet
address of your computer, your region, Operating
System, browser type, browser version, etc.
Your web browser automatically sends this
information each time it locates a new web
site. One of these data is the referrer,
which is the location of the last site you
visited. Sites keep track of this data, mostly
in a general way for statistical data and
marketing research. There is a growing concern
that online privacy is being infringed. To
safeguard your privacy we recommend getting
competent firewall software to block your
browser sending information about you and
your computer.
Trojans Test
This test will scan your system for most
dangerous and widespread Trojan horses. If
a Trojan is found on your computer the test
recommends actions to take.
The test will probe the ports used by the
Trojans and if a port is "open"
then your computer is infected.
The test begins when you click on "Start
Test".
ATTENTION!
By clicking the button "Start Test"
you confirm your consent of the following
statements:
Your computer will be scanned and checked
by our scanner;
The results of your test will remain confidential
and will not be given to any third party;
The test does not give a sound basis for
legal claims of irreversible consequences
to your computer;
IP Address test
The test has determined your IP address to
be:
220.28.xxx.xxx
Please verify that this is your true IP address.
If the IP address determined by the test
is not your true IP address please cancel
the test as further results of the test would
be incorrect. Commonly the test fails to
determine your true IP address because of
you are connected to the Internet through
a proxy-server or your ISP uses Network Address
Translation (NAT) to share IP addresses.
If this is your true IP address click on
"Continue" to determine the settings
of the test.
Note:if your computer or ISP uses a corporate
firewall, ask your system administrator for
permission for further scanning of your IP.
Results of the test
We have scanned your computer' ports used
by the most dangerous and widespread trojan
horses. Here is the description of possible
ports' statuses:
"Stealthed"(by a firewall) -Means
that your computer is invisible to others
on the Internet and protected by a firewall
or other similiar software;
"Closed" (non-stealthed) - means
that this port is closed, but your computer
is visible to others on the Internet that
can be potentially dangerous;
"Open" - Means that this port is
ready to establish (or has already established)
a connection with remote address. It also
means that your computer is vulnerable to
attacks and could have been already hacked
or infected by a trojan/backdoor;
| Trojan: | Port | Status |
| GiFt | 123 | stealthed |
| Infector | 146 | stealthed |
| RTB666 | 623 | stealthed |
| Net-Devil | 901 | stealthed |
| Net-Devil | 902 | stealthed |
| Net-Devil | 903 | stealthed |
| Subseven | 1243 | stealthed |
| Duddies Trojan | 1560 | stealthed |
| Duddies Trojan | 2001 | stealthed |
| Duddies Trojan | 2002 | stealthed |
| Theef | 2800 | stealthed |
| Theef | 3000 | stealthed |
| Theef | 3700 | stealthed |
| Optix | 5151 | stealthed |
| Subseven | 6776 | stealthed |
| Theef | 7000 | stealthed |
| Phoenix II | 7410 | stealthed |
| Ghost | 9696 | stealthed |
| GiFt | 10100 | stealthed |
| Host Control | 10528 | stealthed |
| Host Control | 11051 | stealthed |
| NetBus | 12345 | stealthed |
| NetBus | 12346 | stealthed |
| BioNet | 12348 | stealthed |
| BioNet | 12349 | stealthed |
| Host Control | 15094 | stealthed |
| Infector | 17569 | stealthed |
| NetBus | 20034 | stealthed |
| MoonPie | 25685 | stealthed |
| MoonPie | 25686 | stealthed |
| Subseven | 27374 | stealthed |
| BO | 31337 | stealthed |
| Infector | 34763 | stealthed |
| Infector | 35000 | stealthed |
All Trojans' ports we scanned are stealthed
(probably by a firewall). This means your
system is not infected by any of these Trojan
horses.
Recommendation:
The absence of a Trojan horse on your system
does not mean this problem cannot happen,
of course. Anti-virus and/or anti-Trojan
(we recommend Tauscan or PestPatrol) software
should be installed and used on your system.
If you already use this type of software
on your system, its virus definitions (virus
database) should regularly be updated.
We also recommend you to pass the Stealth
test to determine if your system is absolutely
stealthed and invisible to the others on
the Internet.
Advanced Port Scanner
The Advanced Port Scanner will test your
system for open ports that can be used in
attacks on your computer.
You can select which scanning technique will
be used during the test from the following:
TCP connect scanning (standard)
TCP SYN scanning
You can also select what ports of your system
you want to scan: desired ports or range
of ports, typical vulnerable and Trojan ports,
20 random ports or All ports
The test begins when you click on "Start
Test".
ATTENTION!
By clicking the button "Start Test"
you confirm your consent of the following
statements:
Your computer will be scanned and checked
by our scanner;
The results of your test will remain confidential
and will not be given to any third party;
The test does not give a sound basis for
legal claims of irreversible consequences
to your computer;
IP Address test
The test has determined your IP address to
be:
220.28.xxx.xxx
Please verify that this is your true IP address.
If the IP address determined by the test
is not your true IP address please cancel
the test as further results of the test would
be incorrect. Commonly the test fails to
determine your true IP address because of
you are connected to the Internet through
a proxy-server or your ISP uses Network Address
Translation (NAT) to share IP addresses.
If this is your true IP address click on
"Continue" to determine the settings
of the test.
Note:if your computer or ISP uses a corporate
firewall, ask your system administrator for
permission for further scanning of your IP.
Advanced Port Scanner Type
Before the start of the test select the technique
of scanning you want to perform and then
click on "Continue" button.
TCP connect scanning (standard)
Description: The most basic form of TCP scanning.
TCP SYN scanning
Description: This technique is also known
as "half-open" scanning, because
the scanner doesn't open a full TCP connection.
The scanner sends a SYN packet, as if it
is going to open a real connection and waits
for a response.
Advanced Port Scanner Settings
To start the test select the ports you want
to check and then click on "Continue"
button.
Scan typical vulnerable and Trojan ports
Scan desired ports and/or the range of ports.
Type in the port number and/or port range,
separated by commas (example: 14, 80, 200-240).
Scan 20 random ports
Results of Advanced Port Scanner
TCP CONNECT scanning (scanned in 19 seconds)
We have scanned your computer' ports used
by the most widespread trojan horses. Here
is the description of possible ports' statuses:
"Stealthed" (by a firewall) -Means
that your computer is invisible to others
on the Internet and protected by a firewall
or other similiar software;
"Closed" (non-stealthed) - means
that this port is closed, but your computer
is visible to others on the Internet that
can be potentially dangerous;
"Open" - Means that this port is
ready to establish (or has already established)
a connection with remote address. It also
means that your computer is vulnerable to
attacks and could have been already hacked
or infected by a trojan/backdoor;
| Port: | Status | Service | Description |
| 21 | stealthed | FTP | File Transfer Protocol is used to transfer files between computers |
| 23 | stealthed | TELNET | Telnet is used to remotely create a shell (dos prompt) |
| 135 | stealthed | RPC | Remote Procedure Call (RPC) is used in client/server applications based on MS Windows operating systems |
| 137 | stealthed | NETBIOS | Name Service NetBios is used to share files through your Network Neighborhood |
| 138 | stealthed | NETBIOS | Datagram Service NetBios is used to share files through your Network Neighborhood |
| 139 | stealthed | NETBIOS | Session Service NetBios is used to share files through your Network Neighborhood |
| 1080 | stealthed | SOCKS | PROXY Socks Proxy is an internet proxy service |
| 1243 | stealthed | SubSeven | SubSeven is one of the most widespread trojans |
| 3128 | stealthed | Masters | Paradise and RingZero Trojan horses |
| 12345 | stealthed | NetBus | NetBus is one of the most widespread trojans |
| 12348 | stealthed | BioNet | BioNet is one of the most widespread trojan |
| 27374 | stealthed | SubSeven | SubSeven is one of the most widespread trojans |
| 31337 | stealthed | Back Orifice | Back Orifice is one of the most widespread trojans |
| 80 | open | HTTP | HTTP web services publish web pages |
Recommendation:
It is urgent that you install personal firewall
software. If you have already installed and
are using a firewall, check if it is set
to make all the ports of your computer stealthed
(invisible).
If you have any problems adjusting your firewall,
get help from the firewall developer. If
the firewall is correctly set but fails this
test, replace the firewall software and redo
this test.
TCP SYN scanning
Description: This technique is also known
as "half-open" scanning, because
the scanner doesn't open a full TCP connection.
The scanner sends a SYN packet, as if it
is going to open a real connection and waits
for a response.
Advanced Port Scanner Settings
To start the test select the ports you want
to check and then click on "Continue"
button.
Scan typical vulnerable and Trojan ports
Scan desired ports and/or the range of ports.
Type in the port number and/or port range,
separated by commas (example: 14, 80, 200-240).
Scan 20 random ports
Results of Advanced Port Scanner
TCP SYN scanning (scanned in 37 seconds)
We have scanned your computer' ports used
by the most widespread trojan horses. Here
is the description of possible ports' statuses:
"Stealthed" (by a firewall) -Means
that your computer is invisible to others
on the Internet and protected by a firewall
or other similiar software;
"Closed" (non-stealthed) - means
that this port is closed, but your computer
is visible to others on the Internet that
can be potentially dangerous;
"Open" - Means that this port is
ready to establish (or has already established)
a connection with remote address. It also
means that your computer is vulnerable to
attacks and could have been already hacked
or infected by a trojan/backdoor;
| Port: | Status | Service | Description |
| 21 | stealthed | FTP | File Transfer Protocol is used to transfer files between computers |
| 23 | stealthed | TELNET | Telnet is used to remotely create a shell (dos prompt) |
| 135 | stealthed | RPC | Remote Procedure Call (RPC) is used in client/server applications based on MS Windows operating systems |
| 137 | stealthed | NETBIOS | Name Service NetBios is used to share files through your Network Neighborhood |
| 138 | stealthed | NETBIOS | Datagram Service NetBios is used to share files through your Network Neighborhood |
| 139 | stealthed | NETBIOS | Session Service NetBios is used to share files through your Network Neighborhood |
| 1080 | stealthed | SOCKS | PROXY Socks Proxy is an internet proxy service |
| 1243 | stealthed | SubSeven | SubSeven is one of the most widespread trojans |
| 3128 | stealthed | Masters | Paradise and RingZero Trojan horses |
| 12345 | stealthed | NetBus | NetBus is one of the most widespread trojans |
| 12348 | stealthed | BioNet | BioNet is one of the most widespread trojan |
| 27374 | stealthed | SubSeven | SubSeven is one of the most widespread trojans |
| 31337 | stealthed | Back Orifice | Back Orifice is one of the most widespread trojans |
| 80 | open | HTTP | HTTP web services publish web pages |
Recommendation:
It is urgent that you install personal firewall
software. If you have already installed and
are using a firewall, check if it is set
to make all the ports of your computer stealthed
(invisible).
If you have any problems adjusting your firewall,
get help from the firewall developer. If
the firewall is correctly set but fails this
test, replace the firewall software and redo
this test.
Exploits Test
This test will detect how vulnerable your
computer is to exploits attacks. This test
can be also used to test firewalls and routers
for stability and reactions to unexpected
packets. Most of the exploits are in fact
denial-of-service attacks and if your system
is unable to pass this examination following
actions can take place:
Some attacks may cause you computer to crash
(so-called "blue screen of death")
or reboot. So all unsaved data in open applications
at the time of the attack may be lost.
The attacks can also consume large amounts
of network bandwidth.
You computer may start operating very slowly
as the attacks may consume most or all of
the operating system's CPU resources.
Some attacks can break your Internet connection.
To learn more about exploits used in the
test click here.
The test is started by clicking on "Exploits
Test"
ATTENTION!
By clicking the button "Exploits Test"
you confirm your consent of the following
statements:
Your computer will be scanned and checked
by our tests;
The results of your test will remain confidential
and will not be given to any third party;
The test may cause your computer to hang
and necessitate the rebooting of your system;
The test does not give a sound basis for
legal claims of irreversible consequences
to your computer;
IP Address test
The test has determined your IP address to
be:
220.28.xxx.xxx
Please verify that this is your true IP address.
If the IP address determined by the test
is not your true IP address please cancel
the test as further results of the test would
be incorrect. Commonly the test fails to
determine your true IP address because of
you are connected to the Internet through
a proxy-server or your ISP uses Network Address
Translation (NAT) to share IP addresses.
If this is your true IP address click on
"Continue" to check for vulnerabilities
at this IP address.
Note: if your computer or ISP uses a corporate
firewall, ask your system administrator for
permission for further scanning of your IP.
Exploits Test Settings:
To start the test select the attacks below
and then click on "Exploits Test"
button.
The test may take up to 5 minutes depending
on speed of your Internet connection. If
your system is unable to pass this examination
the test should cause your computer to hang
and/or necessitate the rebooting of your
system. To learn more about the attacks used
in the test click here
Select all
igmpsyn
targa3
fawx
kod
ssping
jolt2
twinge
moyari13
nuke
teardrop
nestea
land
synk4
opentear
stream
stream2
rfpoison
rst_flip
redir
Results of the test:
Exploits test
Your system successfully defended itself
from this attack!