Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC Port Details:


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Graph

[show ascii data]
Graph Criteria
  • Start Date:
  • End Date:
  • Port:
  • Left Y Axis:
  • Right Y Axis:

Port Information

Protocol Service Name
tcp personal-agent Personal Agent
tcp ServeMe [trojan] ServeMe
udp personal-agent Personal Agent
udp rplay
[get complete service list]

User Comment

Submitted By Date
Comment
George 2013-09-11 12:14:55
Legitimate use of this port: Sun xFire servers (x4100, 4140, 4500, 4540) may use this port for out-of-band / ILOM remote control of the server with latest revisions of the ILOM firmware. However, this traffic would be sporadic and on an as-needed basis (hopefully people aren't using ILOM to log into servers for day-to-day work). One would also see HTTPS (443) traffic from the same IP's, to load the ILOM services pages and invoke the remote control functions.
2011-08-10 01:36:26
MS Dynamics CRM uses this port by default
Don Levinson 2004-09-08 06:30:35
We are seeing heavy target traffic on this port. Many of our machines are infected with bling.exe which is listed as non-malicious spyware, but it is acting like backdoor software from what I can see. Infection is seen with the files bling.exe and o. in the system32 directory on windows. Activity is TCP from an incrementing port on the infected PC to a fixed port of 5555 on the network target/master.
2003-08-21 19:33:01
Other programs that use port 5555: freeciv HP Omniback
Add a comment

CVE Links

CVE # Description