Solved

what port number does conflicker use?

Posted on 2009-03-31
9
1,767 Views
Last Modified: 2013-11-22
Who has any idea about the port number used by conflicker?
0
Comment
Question by:oandosupport
  • 2
  • 2
  • 2
  • +2
9 Comments
 
LVL 6

Expert Comment

by:Grizzly072000
ID: 24033283
Apparently, port numbers for connections are hashed from the IP address of each peer (See: http://mtc.sri.com/Conficker/)

http://en.wikipedia.org/wiki/Conficker

See https://wikis.uit.tufts.edu/confluence/display/Conficker/Conficker+Resource+Page for some tools.
0
 
LVL 18

Accepted Solution

by:
Rartemass earned 500 total points
ID: 24033717
The port used is generally between 1024 and 10000.
0
 
LVL 6

Expert Comment

by:Grizzly072000
ID: 24033808
For (obsolete) variants A and B only. See above article (http://en.wikipedia.org/wiki/Conficker)
0
 
LVL 16

Expert Comment

by:warturtle
ID: 24037130
Hello,

I am interested in finding out if you only need the port number for Conficker propogation or you want to remove it from your machine?? If you want to remove it, then you can use the Microsoft Malicious Software Removal Tool based at:

http://www.microsoft.com/security/malwareremove/default.mspx

Hope it helps.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 5

Expert Comment

by:bRvO
ID: 24037798
0
 
LVL 16

Expert Comment

by:warturtle
ID: 24288231
I don't know if the asker got the correct answer or if the question was more than what had been asked. Hard to tell because we never heard back from the asker. Its upto other experts to decide if they want to split points for time spent or refund points to asker.
0
 
LVL 18

Expert Comment

by:Rartemass
ID: 24291898
The links and advice provided by the experts could be useful for other people.
As the asker hasn't responded there is no knowing what comment provided his solution.

If giving points, the only fair way in this case would be to split between all contributing experts.

0
 

Author Closing Comment

by:oandosupport
ID: 31565036
Thank you
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now