Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Port 2000 (tcp/udp) Attack Activity - Internet Security | DShield Port 2000 (tcp/udp) Attack Activity

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Port Information
Protocol Service Name
tcp callbook callbook
tcp DerSpäher [trojan] Der Späher / Der Spaeher
tcp DerSpherDerSpaeher [trojan] Der Späher / Der Spaeher
tcp InsaneNetwork [trojan] Insane Network
tcp Last2000 [trojan] Last 2000
tcp RemoteExplorer2000 [trojan] Remote Explorer 2000
tcp SennaSpyTrojanGenerator [trojan] Senna Spy Trojan Generator
udp callbook callbook
[get complete service list]
Port diary mentions
Port 2000 spike; New IIS PCT exploit?; Following the bouncing MS patches
User Comments
Submitted By Date
2015-11-08 03:30:42
Looks like YouDao or (which owns YouDao) uses port 2000 for an unknown piece of software
Crispin Harris 2010-10-27 18:37:05
According the Wikipedia, this was also used for Cisco Skinny (SCCP) VoIP services
2007-01-10 17:30:56 uses port 2000 for their GED server/workstation
SkitZZ 2004-11-09 18:02:45
don't know if your aware or not but a week or so ago there was a buffer-overflow vulnerability found in ShixxNOTE which runs on port 2000.
George Ascione, LightHouse Hosting 2004-11-09 18:02:39
We recently evaluated a copy of RemotelyAnywhere. That software service listens on port 2000 by default. I don't know of anything in particular that may link the increase to this but RemotelyAnywhere when installed with the defaults will be out there listening on this port.
Gary Weichbrodt 2004-11-09 18:02:29
P2P Radio uses this port as well.
Add a comment
CVE Links
CVE # Description