TCP Port 559
Link Logger Home ZyXel Banner Binary Visions
Netgear
LinkSYS
Router

TCP 559
Link Logger for Windows
Home Home Product Info Product Info Download Download/Purchase Support Support  
Link Logger for Windows

NewsLatest News

Screen ShotsScreenshots

Customer CommentsFeedback

Common ScansScans

Additional ResourcesResources

TCP Port 559

Common Use

Used as a spam proxy and as the backdoor port created by the Domwis trojan.

Inbound Traffic

Domwis is a trojan that allows hackers remote access to your computer, but we have also seen proxy scans on TCP port 559 which would indicate that unauthorized proxies might also be installed on 559 similar to TCP port 65506.  TCP port 559 should be blocked by your firewall by default.

Outbound Traffic

Outbound scans especially if occurring in volume should be considered an indication of a possible infection or compromise on the source computer and should be investigated immediately.

Additional Information

PortPeeker TCP Port 559 traffic Captures

Symantec Domwis Trojan write up

 

Page last updated on May 10, 2004