Identify the remote server’s port number by decoding the packet?

Jason’s Web server was attacked by a trojan virus. He runs protocol analyzer and notices that the
trojan communicates to a remote server on the Internet. Shown below is the standard “hexdump”
representation of the network packet, before being decoded. Jason wants to identify the trojan by
looking at the destination port number and mapping to a trojan-port number database on the
Internet. Identify the remote server’s port number by decoding the packet?

Jason’s Web server was attacked by a trojan virus. He runs protocol analyzer and notices that the
trojan communicates to a remote server on the Internet. Shown below is the standard “hexdump”
representation of the network packet, before being decoded. Jason wants to identify the trojan by
looking at the destination port number and mapping to a trojan-port number database on the
Internet. Identify the remote server’s port number by decoding the packet?

A.
Port 1890 (Net-Devil Trojan)

B.
Port 1786 (Net-Devil Trojan)

C.
Port 1909 (Net-Devil Trojan)

D.
Port 6667 (Net-Devil Trojan)

Explanation:
From trace,0x1A0B is 6667,IRC Relay Chat,which is one port used. Other ports are
in the 900’s.

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *