Ports commonly used by Trojans

Ports used by Trojans

Understanding a Port?

In the TCP/IP protocol stack, messages associated with the common application protocols that most of us are familiar with — such as HTTP for the Web; SMTP, POP, and IMAP for e-mail; Telnet and SSH for remote logon; and FTP for file transfers — operate over the Transmission Control Protocol (TCP) or User Datagram Protocol (UDP); TCP and UDP messages, in turn, are carried inside Internet Protocol (IP) packets. The primary difference between TCP and UDP is that TCP is connection-oriented and UDP is connectionless. When using TCP, then, two hosts must first establish a logical connection before they can exchange data (analogous to establishing a telephone connection) while hosts using UDP do not require a logical connection before the exchange of information (analogous to sending a letter through the postal service).

Both TCP and UDP employ port numbers to identify the higher layer applications at the hosts that are communicating with each other. End-to-end data communications on the Internet, in fact, are uniquely identified by the source and destination host IP addresses and the source and destination TCP/UDP port numbers.

TCP/IP applications generally employ a client/server model, exemplified by the relationship between your Web client software (i.e., the browser) and a Web server; the user "points" their browser at the Web server which is usually listening on port 80. Port numbers can take on a value between 1 and 65535, with server applications generally being assigned a value below 1024.

Are you aware that many of these ports are used by Trojans?
If you were not, you would want to know which ones are most commonly used by Trojans..
You can find listing of some common trojan ports here.