The most frequently used ports are those used for http connections (80), e-mail (110 and 25), FTP transfers (21), accessing NNTP newsgroups (119) or IRC chats (194). All ports between 0 and 1,023 are registered for standard services, and those between 1,024 and 49,151 are assigned to non-standard, but recognized functions. Ports from 49,152 to 65,535 however, are dynamic and can be used for a variety of functions, which can unfortunately include the notorious activities of Trojans. If you notice that one of these ports is open, it is time to start worrying as someone else may be accessing your system. The web page http://www.iana.org/assignments/port-numbers has a complete list of these ports.

The ports used by Trojans and other malware tend to vary greatly. In fact there are so many that it would be virtually impossible to list them all here. Your antivirus vendor should be able to help you determine whether a connection has been made by an e-mail program or Trojan trying to enter your machine.


If you suspect that someone or something is connected to your PC without your consent, you should immediately disconnect. Another solution, although not without risks, is to try to enter the machine that is trying to attack you. However, a safer option is just to disconnect, scan your entire system with your antivirus and then reconnect.