Port 10000 - 12999 Last Update:

port 1 - 99
port 100 - 199
port 200 - 299
port 300 - 399
port 400 - 499
port 500 - 599
port 600 - 699
port 700 - 1023
port 1024 - 1199
port 1200 - 1299
port 1300 - 1399
port 1400 - 1499
port 1500 - 1599
port 1600 - 1699
port 1700 - 1799
port 1800 - 1899
port 1900 - 1999
port 2000 - 2099
port 2100 - 2299 up
port 2300 - 2399
port 2400 - 2499
port 2500 - 2599
port 2600 - 2699
port 2700 - 2799
port 2800 - 2899
port 2900 - 2999
port 3000 - 3099
port 3100 - 3199
port 3200 - 3299
port 3300 - 3399
port 3400 - 3499
port 3500 - 3599
port 3600 - 3699
port 3700 - 3999
port 4000 - 4999 up
port 5000 - 5399
port 5400 - 5999
port 6000 - 6999
port 7000 - 7999 up
port 8000 - 8999
port 9000 - 9999
port 10000 - 12999 up
port 13000 - 19999
port 20000 - 29999
port 30000 - 39999
port 40000 -

http://www.iana.org/
assignments/port-numbers
(2004/12/15)

History
Port No.ProtocolServiceDescription
10000tcp/udpndmpNetwork Data Management Protocol
10000 tcp # OpwinTRojan, W32.Dumaru, Nibu
10001tcp/udpscp-configSCP Configuration Port
10001-10002 tcp/udp # Zdemon
10002-10006tcp/udp#Unassigned
10005 tcp # OpwinTRojan
10007tcp/udpmvs-capacityMVS Capacity
10008tcp/udpoctopusOctopus Multiplexer
10008 tcp/udp # cheese worm
In early year 2001, many exploit scripts
for DNS TSIG name overflow would place
a root shell on this port.
In mid-2001, a worm was created that
enters the system via this port (left behind
by some other attacker), then starts
scanning other machines from this port.
10008-10079tcp/udp#Unassigned
10067 udp # Portal of Doom
10080tcp/udpamandaAmanda
10080 tcp # Mydoom
10081-10099tcp/udp#Unassigned
10085-10086 tcp # Syphillis
10100tcp/udpitap-ddtpVERITAS ITAP DDTP
10100 tcp # Control Total, Gift trojan
10100 udp # Trojan.Dasda
10101tcp/udpezmeeting-2eZproxy
10101 tcp # BrainSpy, Silencer
10102tcp/udpezproxy-2eZmeeting
10103tcp/udpezrelayeZrelay
10104-10106tcp/udp#Unassigned
10104 udp # Lowtaper
10107tcp/udpbctp-serverVERITAS BCTP, server
10108-10112tcp/udp#Unassigned
10113tcp/udpnetiq-endpointNetIQ Endpoint
10114tcp/udpnetiq-qcheckNetIQ Qcheck
10115tcp/udpnetiq-endptNetIQ Endpoint
10116tcp/udpnetiq-voipaNetIQ VoIP Assessor
10117-10127tcp/udp#Unassigned
10128tcp/udpbmc-perf-sdBMC-PERFORM-SERVICE DAEMON
10129-10251tcp/udp#Unassigned
10167 udp # Portal of Doom
10168 tcp/udp # Lovgate
10252tcp/udpapollo-relayApollo Relay Port
10253-10259tcp/udp#Unassigned
10260tcp/udpaxis-wimp-portAxis WIMP Port
10261-10287tcp/udp#Unassigned
10288tcp/udpblocksBlocks
10289-10989tcp/udp#Unassigned
10520 tcp # Acid Shivers
10528 tcp # Host Control
10607 tcp # Coma
10666 udp # Ambush, Roxrat
10752 tcp/udp # Backdoor. One of the many Linux
mountd (port 635) exploits installs
its backdoor at this port. Origin???
10751 = 0x2a00, where 0x2a = 42
(proposed by Darren Reed)
The bx.c IRC exploit puts a root shell
backdoor listening at this port.
The ADM named v3 attack puts a
shell at this port.
10888 udp # Webus
10990tcp/udprmiauxAuxiliary RMI Port
10991-10999tcp/udp#Unassigned
11000tcp/udpirisaIRISA
11000 tcp # Senna Spy Trojan Generator
11001tcp/udpmetasysMetasys
11002-11110tcp/udp#Unassigned
11050-11051 tcp # Host Control
11111tcp/udpvceViral Computing Environment (VCE)
11112-11200tcp/udp#Unassigned
11142 tcp # SubSeven
11201tcp/udpsmsqpsmsqp
11202-11318tcp/udp#Unassigned
11223 tcp # Progenic trojan, Secret Agent
11311 tcp # Carufax
11319tcp/udpimipIMIP
11320tcp/udpimip-channelsIMIP Channels Port
11321tcp/udparena-serverArena Server Listen
11322-11366tcp/udp#Unassigned
11367tcp/udpatm-uhasATM UHAS
11368-11370tcp/udp#Unassigned
11371tcp/udphkpOpenPGP HTTP Keyserver
11372-11599tcp/udp#Unassigned
11600tcp/udptempest-portTempest Protocol Port
11601-11719tcp/udp#Unassigned
11720tcp/udph323callsigalth323 Call Signal Alternate
11721-11750tcp/udp#Unassigned
11751tcp/udpintrepid-sslIntrepid SSL
11752-11966tcp/udp#Unassigned
11831 tcp/udp # Antilam
11967tcp/udpsysinfo-spSysInfo Service Protocol
11968-11999tcp/udp#Unassigned
12000tcp/udpentextxidIBM Enterprise Extender SNA
XID Exchange
12001tcp/udpentextnetwkIBM Enterprise Extender SNA
COS Network Priority
12002tcp/udpentexthighIBM Enterprise Extender SNA
COS High Priority
12003tcp/udpentextmedIBM Enterprise Extender SNA
COS Medium Priority
12004tcp/udpentextlowIBM Enterprise Extender SNA
COS Low Priority
12005tcp/udpdbisamserver1DBISAM Database Server - Regular
12006tcp/udpdbisamserver2DBISAM Database Server - Admin
12007tcp/udpaccuracerAccuracer Database System ・Server
12008tcp/udpaccuracer-dbmsAccuracer Database System ・Admin
12009-12108tcp/udp#Unassigned
12065 tcp # Berbew
12076 tcp # Gjamer
12109tcp/udprets-sslRETS over SSL
12110-12171tcp/udp#Unassigned
12121 tcp # Balkart
12172tcp/udphivepHiveP
12173-12299tcp/udp#Unassigned
12223 tcp # HackL99 KeyLogger
12300tcp/udplinogridengineLinoGrid Engine
12301-12344tcp/udp#Unassigned
12321 tcp # Roxe
12345tcp/udpitalkItalk Chat System
12345 tcp/udp # Notice how this port is the sequence of
numbers "1 2 3 4 5". This is common
chosen whenever somebody is asked to
configure a port number. It is likewise
chosen by programmers when creating
default port numbers for their products.
One very famous such uses is with NetBus.

Trend Micro's OfficeScan products use
this port.

Ashley, cron / crontab, Fat Bitch trojan,
GabanBus, icmp_client.c, icmp_pipe.c,
Mypic, NetBus, NetBus Toy, NetBus worm,
Pie Bill Gates, Whack Job, X-bill, Amitis
12346-12752tcp/udp#Unassigned
12346 tcp/udp # Fat Bitch trojan, GabanBus, NetBus, X-bill
12349 tcp # BioNet
12361-12363 tcp # Whack-a-mole
12623 udp # DUN Control
12646 tcp # ButtMan
12631 tcp # Whack Job
12753tcp/udptsaftsaf port
12754-12999tcp/udp#Unassigned
12754 tcp # Mstream