TCP Port 2535
Link Logger Home ZyXel Banner Binary Visions
Netgear
LinkSYS
Router

TCP 2535
Link Logger for Windows
Home Home Product Info Product Info Download Download/Purchase Support Support  
Link Logger for Windows

NewsLatest News

Screen ShotsScreenshots

Customer CommentsFeedback

Common ScansScans

Additional ResourcesResources

TCP Port 2535

Common Use

Used by a number of the Bagle / Beagle viruses as a backdoor port.

Inbound Traffic

Bagle is mass-mailing email that besides using your address book, and other information on your computer to email copies of itself too, opens a backdoor on port 2535 which allows a hacker to upload a file and execute it automatically.  Bagle also attempts to contact a number of web sites informing them of the infection.  TCP port 2535 should be blocked by your firewall.

Outbound Traffic

Outbound scans especially if occurring in volume should be considered an indication of a possible infection or compromise on the source computer and should be investigated immediately.

Additional Information

PortPeeker TCP Port 2535 Capture

US-CERT Current Activity

Symantec Beagle.W write up

F-Secure Bagle.Y write up

 

Page last updated on May 10, 2004