Saturday, December 29, 2007

net start yourservice and you receive: Error 1083?

it can have many issues, but one of them - like mine, was that i had the base class: ServiceBase in a different Assembly (dll). Once I moved them to the Windows Service Project everything runs well :-)

My Error was like:

Error 1083: The executable program that this service is configured to run in does not
implement the service.

with the small change everything was fixed.

Thursday, December 27, 2007

Hardest game ever?

take yourself the 8 min to watch this:

A very frustrating Japanese Mario-like game!!

Wednesday, December 26, 2007

indeXus.Net Shared Cache V1 is available

I finally have released the first version of indeXus.Net Shared Cache which is available at:

indeXus.Net SharedCache is a high-performance, distributed caching system. Although application-neutral, it's commonly used to speed up dynamic Web applications by alleviating database load.

indeXus.Net SharedCache runs as a distributed windows service on every web and / or application server farm to cache data objects in memory out of process. Your stored objects can be accessed from any of your servers in your farm. It would be great if you help me to make it public through usage and blog entries. The release notes are available at the following location:

for any queries about sharedcache please use the following email:
sharedcache [AT] indeXus [DOT] Net

Saturday, December 22, 2007

a simple und strightforward way to sort generic List

Sorting in general with generic list is quite easy if the developer knows how to do the sorting. With simple anonymous methods, as well the little known Comparsion delegate.

In one of my previous posts (caching cleanup strategy) I described a specific problem I have to solve for SharedCache, the .Net caching solution for distributed cache: /

The following example here is just partly, the full code will be available within a few day's on CodePlex - upon my next hugh checkin .... people i'm a bit afraid to check it in sometimes it has so many new features ;-) - that i say as a person which preferres the way of: make small steps your reach your target faster!!!!

a simple sample class (a full formatted working class sample from my project):

   1:      public class Cleanup : IComparable<Cleanup>
   2:      {
   3:          string yourProperty = string.Empty;
   4:          public enum SortingOrder
   5:          {
   6:              /// <summary>
   7:              /// ascending sorting order
   8:              /// </summary>
   9:              Asc,
  10:              /// <summary>
  11:              /// descending sorting order
  12:              /// </summary>
  13:              Desc
  14:          }
  15:          public int CompareTo(Cleanup other)
  16:          {
  17:              return this.yourProperty.CompareTo(other.yourProperty);
  18:          }
  19:          public static Comparison<Cleanup> CacheItemPriority =
  20:              delegate(Cleanup cu1, Cleanup cu2)
  21:              {
  22:                  if (Cleanup.Sorting == SortingOrder.Asc)
  23:                  {
  24:                      return cu1.yourProperty.CompareTo(cu2.yourProperty);
  25:                  }
  26:                  else
  27:                  {
  28:                      return cu2.yourProperty.CompareTo(cu1.yourProperty);
  29:                  }
  30:              };
  31:      }
Once you have defined your class, you are able to sort it like need, with Ascending and Descending sortings
the sample you find also formatted at here:
   1:      public class CacheCleanup
   2:      {
   3:          public CacheCleanup()
   4:          { 
   5:              List<Cleanup> coll = new List<Cleanup>();
   6:              coll.Add(new Cleanup(IndexusMessage.CacheItemPriority.Normal, new TimeSpan(0, 1, 7), 1, new DateTime(2007, 12, 28, 14, 12, 12), 21232, 90));
   7:              coll.Add(new Cleanup(IndexusMessage.CacheItemPriority.AboveNormal, new TimeSpan(0, 15, 7), 2, new DateTime(2007, 12, 28, 14, 12, 14), 22232, 190));
   8:              coll.Add(new Cleanup(IndexusMessage.CacheItemPriority.BelowNormal, new TimeSpan(0, 18, 7), 3, new DateTime(2007, 12, 28, 14, 12, 40), 23232, 88));
   9:              coll.Add(new Cleanup(IndexusMessage.CacheItemPriority.High, new TimeSpan(0, 8, 7), 4, new DateTime(2007, 12, 28, 14, 12, 16), 21552, 22));
  10:              coll.Add(new Cleanup(IndexusMessage.CacheItemPriority.Low, new TimeSpan(0, 9, 7), 5, new DateTime(2007, 12, 28, 14, 12, 17), 21252, 1));
  11:              coll.Add(new Cleanup(IndexusMessage.CacheItemPriority.NotRemovable, new TimeSpan(0, 22, 7), 6, new DateTime(2007, 12, 28, 14, 12, 19), 212332, 5));
  12:              coll.Add(new Cleanup(IndexusMessage.CacheItemPriority.AboveNormal, new TimeSpan(0, 41, 7), 7, new DateTime(2007, 12, 28, 14, 12, 22), 211232, 55));
  13:              coll.Add(new Cleanup(IndexusMessage.CacheItemPriority.BelowNormal, new TimeSpan(0, 58, 7), 8, new DateTime(2007, 12, 28, 14, 12, 21), 22532, 25));
  15:              Console.WriteLine(@"Without Sorting");
  16:              foreach (Cleanup c in coll)
  17:              {
  18:                  Console.WriteLine(c.ToString());
  19:              }
  21:              Cleanup.Sorting = Cleanup.SortingOrder.Asc;
  22:              coll.Sort(Cleanup.CacheItemPriority);
  23:              Console.WriteLine(@"Normal Sorting");
  24:              foreach (Cleanup c in coll)
  25:              {
  26:                  Console.WriteLine(c.ToString());
  27:              }
  29:              Cleanup.Sorting = Cleanup.SortingOrder.Desc;
  30:              coll.Sort(Cleanup.CacheItemPriority);
  31:              Console.WriteLine(@"Reverse Sorting");
  32:              foreach (Cleanup c in coll)
  33:              {
  34:                  Console.WriteLine(c.ToString());
  35:              }
  36:          }
  37:      }

it's couldn't be easier :-)

Thursday, December 20, 2007

caching cleanup strategy

As many of the blog readers know, I develop in my spare time a .net caching component which is available under: or This component aims to be a high-performance, distributed memory object caching system, generic in nature, but intended to speeding up dynamic web and / or win applications by alleviating database load.

now since some different websites are using the cache (thanks for all your feedback's and inputs) the issue comes up to selectively purges items to free system memory.

Here are some options which I would love to hear your feedback's about them and about what you would need for your personal usage:

  • CacheItemPriority: A new option will be created where objects which are added to the cache receives a priority attribute.
  • LRU: Least Recent Used: The objects with the oldest requests will be deleted- LFU: Least Frequently Used: Means the object's witch are used less will be deleted from the cache / if all objects are used in same frequency the objects will be used in a randomized order
  • Pitkow/Recker: Like LRU, but if they used on same day they will not be deleted
  • Timebased: The objects with the smallest time left in the cache will be deleted, in case all objects are used with max time, they will be deleted randomized
  • SIZE: Delete always biggest objects until it received the size of FillFactor
  • Lowest-Latency-First: Delete smallest objects until configured FillFactor reached. in the app settings the customer will be able to define his cleaning strategy type as a key.
  • Hybrid: Makes a combination between several parameters: TimeTaken, Amount of Requests, Size, Cache Life Timeeach parameter receives a number between 1 - n and those with the highest / lowest numbers will be deleted until configured FillFactory reached.

I would love to receive your feedback's and inputs about it.

Tuesday, December 18, 2007

Hashtable != Dictionary

A Dictionary is closely related to a HashTable. There are many subtle differences between them, but one important difference is that a Dictionary is generally faster than a Hashtable for storing data. The reason is that a Dictionary takes strongly-typed values as its input, so you do not suffer the performance impact of storing generic Objects and boxing/unboxing them into the proper types during use.

this has been copied from the following link:

thanks to the author for sharing this great article!

Friday, December 14, 2007

Oracle Performance - Part 3

Enterprise Manager (and / or GridView)


  • Great tool for developers and dba's
  • very easy to use to prevent of hint-sytaxt failers
  • makes easy usage of init.ora tuning parameters


  • within the execution plan only expected rows are displayed

Oracle Performance - Part 2

Data-Dictonary / Tables / Views and more

  • v$ - Views are like "Dynamic Performance Views"
  • Not all of them are relevant for tuning
  • they are a part of the SYS

Checkout the Oracle ref. books, within the Database Performance Guide and reference book, they describe the most important views


Usually you measure CPU, Elapsed Time, I/O und access at the SGA

Possibilities for analyses:

  • statspack
  • dv-review / tuning package
  • enterprise manager

  1. Instance information are retrived from: SELECT * FROM V$SYSSTAT
  2. Session information are retrived from: SELECT * FROM V$SESSTAT
  3. My sessions information is retrived from: SELECT * FROM V$MYSTAT
  4. Events are retrieved from : SELECT * FROM V$EVENT_NAME


  1. SELECT statsitic, st.VALUE, se.username from v$sesstat st, v$statname n, v$session se WHERE st.statistic#=n.statistic# and st.sid = se.sid and se.username=''your_username'
  2. Wait - Statistics -> SELECT * FROM v$waitstat;
  3. Show the wait of your actuall session: SELECT sid, event, p1text, p1, p2text, p2, seconds_in_wait sek , state from v$session_wait where sid=YOUR_ID

Possibles values for the value state:

  • WAITING - session is waiting
  • WAITED UNKNOWN TIME - duration of waiting is unknown (TIMED_STATISTICS)
  • WAITED SHORT TIME - last wait was lower then 0.01 sec.
  • WAITED KNOWN TIME - duration of last wait


it display the history of your session, and some new col. are displayed which are making life easier to identify BLOCKING_SESSION, BLOKING_SESSION_SERIAL and some more specific data.

the above described views are a part of the diagnostic pack. before you gone use them, please check your license pack there are some hints! oracle is getting warster then MS, they even deliver everything and install it directly but you're not allowed to use it... so check your lic. package.

Oracle Performance

Performance != Performance

Parameter tuning is one of the more important issues - inti.ora / spfile.ora but dont forget its just a part of it and should not be weight to heavy. Instance tuning is mostly just between 10% - 20% of it.

do not forget about all the other parts:

  • Datamodel
  • correct indexing
  • sql optimizing
  • application optimizing - which is in 90% of the cases the issue
  • operating system / hard ware optimizing (CPU's, RAM, DISC's, Network)
  • usage of actuall versions

how to start:

one of the most important issues do it slowly and step by step. Many times it easier to identify if you change one parameter at the time instead of several together. The worst case, you never know which change have done the work in the end.

Define yourself a clear defined target, its 50% of the work when you can reach your targets. Measuring is not less important, otherwise you have no idea how to compare, right?

Make yourself cycles:

  1. tune business rules
  2. tune data design
  3. tune application design
  4. tune logical structure
  5. tune database operations
  6. tune access path
  7. tune memory allocations
  8. tune I/O and physically structure
  9. tune resource constention
  10. tune underlyding platforms

Many times its not a single job, you will have to contact developers / DBA / System Managers / Management / Network People etc., all of them can be a decision maker within changes you need to make - create yourself a plan and check it toghether with all different departments.

Tuesday, July 24, 2007

How To: Shrink Sql Server 2005 Log Files

Shrink Sql Server 2005 Log Files

use YourDbName
backup log YourDbName with truncate_only

if you copy your databases, names are not always the same! based on how do you copy it it still has the same name like the source database.. keep attention when you run it - then it shrinks e.g. 130 GB -> 22 MB .... many information goes away.



today i done some researches and I found the following thread:

after some analyzing and test runs the follwoing solution worked for me:

DBName nvarchar(128),
DBLogicalName nvarchar(128)
SELECT DBName, DBLogicalName
FROM sys.databases db join sys.master_files mf
on db.database_id = mf.database_id
WHERE not in ('master', 'tempdb', 'model', 'msdb',
'distribution') AND type_desc LIKE 'log'

DECLARE @VarDBLogicalName nvarchar(128)
DECLARE @VarDBName nvarchar(128)
DECLARE @VarRowCount int

SELECT top 1 @VarDBName = DBName, @VarDBLogicalName = DBLogicalName
FROM #TDatabases
SET @VarRowCount = @@rowcount
WHILE @VarRowCount <> 0
EXEC(' use ' + @VarDBName + ' backup log '+ @VarDBName + ' with no_log
dbcc shrinkfile(''' + @VarDBLogicalName + ''', TRUNCATEONLY) WITH
FROM #TDatabases
WHERE DBName = @VarDBName
SELECT top 1 @VarDBName = DBName, @VarDBLogicalName =
FROM #TDatabases
SET @VarRowCount = @@ROWCOUNT
DROP TABLE #TDatabases

(otherwise search at google for: "osql shrink all db" in it doesn't fit your needs)

the above script you put now simply into a *.sql file (e.g.: shrinkalldatabases.sql).

now you need to create a second, which is simply a batch file (e.g.:startshrink.cmd) : *.bat or *.cmd. Into this file you write the following command:

osql -E -i shrinkalldatabases.sql -o result.txt

more info about osql you can find here:

all needed parameters are the following:

-E -> authentication
-i -> input file
-o -> output file

once you add it now to run once a week you have no further problems with your sql db sizes :-)

to have a small history and some additional information, here how I have created my *.cmd file:

@echo start: %date% %time% >> result.log
osql -E -i shrinkalldatabases.sql >> result.log
@echo end: %date% %time% >> result.log

enjoy it.

Sunday, July 22, 2007

Add/Remove Programs list are missing Change and Remove buttons

in resolution which i found at the following link, not all my programms appeard:

so i had to download : and then i could finally remove all my programs.

update: founded also a nice tool which shows exactly what kind of software you have installed: (you can do a lot, in case of very big AD's it's maybe not the right choice 5500++ Clients..)

Saturday, July 21, 2007

Windows Forms: "Cannot access a disposed object"

Well, good question what to do ... within forms i'm using normally a regular singleton factory after I received the following exception: "Cannot access a disposed object" I extended my code to the following:

#region Property: NetworkOverview
private NetworkOverview networkOverview ;

/// Gets/sets the NetworkOverview

public NetworkOverview NetworkOverview
get {
if (this.networkOverview == null)
this.networkOverview = new NetworkOverview();
if (this.networkOverview != null && this.networkOverview.IsDisposed)
this.networkOverview = null;
this.networkOverview = new NetworkOverview();

return this.networkOverview ;

Wednesday, July 11, 2007

How To: update within app.config file a key

today I had the pleasure to write a Setup for my project indeXus.Net Shared Cache (available on Codeplex). While others will install this WinService on various Hosts I needed a way how I can take the administration effort from the user.

In my case I had to update an appSettings Key within various *.config files and backup them into an Application Data Folder.

The solution seems to be very easy after I found all tricks....

15 static string path = Path.GetDirectoryName(Assembly.GetExecutingAssembly().CodeBase).Replace(@"file:\", "");
16 static string appPath = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + @"\MergeSystem\backup";

(thanks here to atif) some more coding between....

70 ///

71 /// Evaluates the and update machine IP within all Config files
72 ///

73 private static void EvaluateAndUpdateMachineIP()
74 {
75 IPHostEntry localMachineInfo = Dns.GetHostEntry(Dns.GetHostName());
76 DirectoryInfo dir = new DirectoryInfo(path);
77 foreach (FileInfo fi in dir.GetFiles("*.config"))
78 {
79 ExeConfigurationFileMap map = new ExeConfigurationFileMap();
80 map.ExeConfigFilename = fi.Name;
82 //Configuration config = ConfigurationManager.OpenExeConfiguration(fi.FullName);
83 Configuration config = ConfigurationManager.OpenMappedExeConfiguration(map, ConfigurationUserLevel.None);
84 if(config.AppSettings != null && config.AppSettings.Settings != null)
85 {
86 if(config.AppSettings.Settings[WinServiceCommon.Constants.ConfigServiceCacheIpAddress] != null)
87 {
88 config.AppSettings.Settings[WinServiceCommon.Constants.ConfigServiceCacheIpAddress].Value = localMachineInfo.AddressList[0].ToString();
89 config.Save(ConfigurationSaveMode.Modified);
90 ConfigurationManager.RefreshSection("appSettings");
91 }
92 }
93 }
94 }

Monday, July 09, 2007

override ToString() with reflection

because i wanted to have a simple way to print my objects I adapted the following way to create my ToString() method within my objects:

(please not, do not use reflection within high performance environment)

#region Override Methods
/// <summary>
/// Returns a <see cref="T:System.String"></see> that represents the current <see cref="T:System.Object"></see>.
/// </summary>
/// <returns>
/// A <see cref="T:System.String"></see> that represents the current <see cref="T:System.Object"></see>.
/// </returns>

public override string ToString()
StringBuilder sb = new StringBuilder();
#region Start Logging
Log.Debug("Entering method: " + ((object)MethodBase.GetCurrentMethod()).ToString());
sb.Append("Entering method: " + ((object)MethodBase.GetCurrentMethod()).ToString() + Environment.NewLine);
#endregion Start Logging

#region Override ToString() default with reflection

Type t = this.GetType();
PropertyInfo[] pis = t.GetProperties();
for (int i = 0; i < pis.Length; i++)
PropertyInfo pi = (PropertyInfo)pis.GetValue(i);
"{0}: {1}",
pi.GetValue(this, new object[] { })
sb.AppendFormat("{0}: {1}" + Environment.NewLine, pi.Name, pi.GetValue(this, new object[] { }));
catch (Exception ex)
BEShared.Utility.Log.Error("Could not log property. Ex. Message: " + ex.Message);
#endregion Override ToString() default with reflection

return sb.ToString();

#endregion Override Methods

Thursday, May 31, 2007

JavaScript setAttribute vs IE thanks mate you saved me hours of work :-)

short version:

IE seems to have a problem while you use per JavaScript the function setAttribute for the onClick event.

as justin mention, here the solution:

document.getElementById('YourEle').setAttribute('onClick', "myFunc(null);");
/*IE6/7 ISSUE!!!*/
document.getElementById('YourEle').onclick = function() {myFunc(null);};

Monday, April 23, 2007

how to: prevent concurrent updates on Oracle 10 Database and up

some time ago I had to verify on an Oracle Database 10 that concurrent updates are not possible. The answare to fix this issue were very simple: just use a new functionlity of Oracle 10 (SQL Server support this since years): ORA_ROWSCN

here a small example:

End triggerName;

Notice: in Oracle this is a hidden field.

Wednesday, March 21, 2007

Developing SEO friendly URLs with ASP NET 2.0

very simple and clear overview how to develope it.

Wednesday, March 14, 2007

surprise: int.TryParse(xx,yy)

I really get surprised about the following behaviour:

when I've tried to use the follwoing line of code:

if(!int.TryParse(row["myRowName"] as string, out myDefinedInt))

tryParse always returned me false and I assinged a default value. After making sure that all my rows have values for myRowName I were confused.

a friend suggested to use row["myRowName"].ToString() and voila it worked like i wanted.

I didn't really figured out why that happens, then in none of my cases the value were empty that my expression as string would return null.

here a bit more code:

DataSet data = DataReader.GetData();
DataTable tab = data.Tables["MyTableName"];
DataView view = tab.DefaultView;

view.RowFilter = "RowNameA LIKE '%" + valA + "%' AND RowNameB LIKE '%" + valB + "%'";

if (view.Count > 0)
Data.MyDataObject item;
foreach (DataRowView row in view)
item = new Data.MyDataObject();
item.SomeValue1 = row["SomeValue1"] as string;
item.SomeValue2 = row["SomeValue2"] as string;
int outData = -1;
if (!int.TryParse(row["SomeValue3"].ToString(), out outData))
item.SomeValue3 = 40;
item.SomeValue3 = outData;

etc ... etc ... etc ...

Thanks to richi (Y)

Saturday, March 10, 2007

How To: Implement your email sending with the asp:PasswordRecovery control

after a while i finally figured out what i have missed to prevent emails to sent twice - once over the control and once over my own logic.



Code Behind:

protected void PasswordRecovery_SendingMail(object sender, MailMessageEventArgs e)
e.Cancel = true;

.. here my own logic starts.

in the web.config file you need minimum the following configuration:

  <smtp from="your email address">

.. evoila.. that's all - happy email sending.

Monday, February 26, 2007

How To: Read Profile outside of ASP.NET

first of all thanks to daniel larson with his blog entry :-)

in case you're using your own classes and not just properties then here a small overview what you need to do:

namespace YourNameSpace.Profile.Extension

/// UserAddress contains the users address information,
/// this class is used in the profile .net 2.0 approach

public class UserAddress
public UserAddress() { }

#region Property: Street
private string street;

/// Gets/sets the Street

public string Street
get { return this.street; }

set { this.street = value; }

... all you other stuff ....

the web.config looks like this:

<add name="UserAddress" type="YourNameSpace.Profile.Extension.UserAddress" serializeAs="Xml"/>

and finally in your code you run the following code lines:

ProfileBase profile = ProfileBase.Create(data.Login);

string street = (profile.GetPropertyValue("UserAddress") as Profile.UserAddress).Street;

Saturday, February 24, 2007

Merge your search - www.indeXus.Net

the slogen of is simple: Merge your search!

the idea is the simple I need to get this slogen in high ranking on search engines hopefully you're gone help me with a simple link to my applicaiton indeXus.Net

Merge your Search

<a href="http://www.indeXus.Net">Merge your Search</a>

if you like to help me to populate it with an image then use the foolowing one:

Merge your Search

<a href="http://www.indeXus.Net"><img id="BLOGGER_PHOTO_ID_5035032210216947218" style="FLOAT: left; MARGIN: 0px 10px 10px 0px; CURSOR: hand" alt="Merge your Search" src="" border="0" /></a>

thanks in advance.

Monday, February 19, 2007

How To: Execute a Batch file within Winform

just some code, I don't think there is to much to explain.

Copy & Paste it:

string path = Path.GetDirectoryName(Assembly.GetExecutingAssembly().CodeBase).Replace(@"file:\", "");
// get some key from the config file.
string serviceIp = COM.Handler.Config.GetStringValueFromConfigByKey("IpAddress");
string vars = " " + serviceIp;

Process proc = new Process();
// attach the file
proc.StartInfo.FileName = @"YourBatchFile.cmd";
// pass arguments
proc.StartInfo.Arguments = vars;
// hidden run
proc.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
// no need in my case for show errors.
proc.StartInfo.ErrorDialog = false;
// set the running path
proc.StartInfo.WorkingDirectory = path;
// start the process
// wait until its done
// any other number then 0 means it is an error.
if (proc.ExitCode != 0)
MessageBox.Show("Error executing in YourBatchFile.cmd", "Error", MessageBoxButtons.OK,MessageBoxIcon.Error);

hope this helps.

Sunday, February 04, 2007

.NET Application Performance and Scalability: Threading Explained

another extract from: ScaleNet

Threading Explained
ASP.NET processes requests by using threads from the .NET thread pool. The thread
pool maintains a pool of threads that have already incurred the thread initialization
costs. Therefore, these threads are easy to reuse. The .NET thread pool is also self tuning.

It monitors CPU and other resource utilization, and it adds new threads or
trims the thread pool size as needed. You should generally avoid creating threads
manually to perform work. Instead, use threads from the thread pool. At the same
time, it is important to ensure that your application does not perform lengthy
blocking operations that could quickly lead to thread pool starvation and rejected
HTTP requests.

Formula for Reducing Contention
The formula for reducing contention can give you a good empirical start for tuning
the ASP.NET thread pool. Consider using the Microsoft product group-recommended
settings that are shown in Table 6.1 if the following conditions are true:
● You have available CPU.
● Your application performs I/O bound operations such as calling a Web method or
accessing the file system.
● The ASP.NET Applications/Requests in Application Queue performance counter
indicates that you have queued requests.
280 Improving .NET Application Performance and Scalability

Table 6.1: Recommended Threading Settings for Reducing Contention
Configuration setting Default value (.NET Framework 1.1) Recommended value

maxconnection 2 12 * #CPUs
maxIoThreads 20 100
maxWorkerThreads 20 100
minFreeThreads 8 88 * #CPUs
minLocalRequestFreeThreads 4 76 * #CPUs

To address this issue, you need to configure the following items in the
Machine.config file. Apply the recommended changes that are described in the
following section, across the settings and not in isolation. For a detailed description of each of these settings, see “Thread Pool Attributes” in Chapter 17, “Tuning .NET Application Performance.”

● Set maxconnection to 12 * # of CPUs. This setting controls the maximum number
of outgoing HTTP connections that you can initiate from a client. In this case,
ASP.NET is the client. Set maxconnection to 12 * # of CPUs.

● Set maxIoThreads to 100. This setting controls the maximum number of I/O
threads in the .NET thread pool. This number is automatically multiplied by the
number of available CPUs. Set maxloThreads to 100.

● Set maxWorkerThreads to 100. This setting controls the maximum number of
worker threads in the thread pool. This number is then automatically multiplied
by the number of available CPUs. Set maxWorkerThreads to 100.

● Set minFreeThreads to 88 * # of CPUs. This setting is used by the worker process
to queue all the incoming requests if the number of available threads in the thread
pool falls below the value for this setting. This setting effectively limits the number of requests that can run concurrently to maxWorkerThreads — minFreeThreads.
Set minFreeThreads to 88 * # of CPUs. This limits the number of concurrent
requests to 12 (assuming maxWorkerThreads is 100).

● Set minLocalRequestFreeThreads to 76 * # of CPUs. This setting is used by the
worker process to queue requests from localhost (where a Web application sends
requests to a local Web service) if the number of available threads in the thread
pool falls below this number. This setting is similar to minFreeThreads but it only
applies to localhost requests from the local computer. Set
minLocalRequestFreeThreads to 76 * # of CPUs.

Note: The recommendations that are provided in this section are not rules. They are a starting point. Test to determine the appropriate settings for your scenario. If you move your application to a new computer, ensure that you recalculate and reconfigure the settings based on the number of CPUs in the new computer.
Chapter 6: Improving ASP.NET Performance 281 If your ASPX Web page makes multiple calls to Web services on a per-request basis, apply the recommendations.

The recommendation to limit the ASP.NET runtime to 12 threads for handling
incoming requests is most applicable for quick-running operations. The limit also
reduces the number of context switches. If your application makes long-running
calls, first consider the design alternatives presented in the “Avoid Blocking on Long-Running Tasks” section. If the alternative designs cannot be applied in your scenario, start with 100 maxWorkerThreads, and keep the defaults for minFreeThreads. This ensures that requests are not serialized in this particular scenario. Next, if you see high CPU utilization and context-switching when you test your application, test by reducing maxWorkerThreads or by increasing minFreeThreads.

The following occurs if the formula has worked:
● CPU utilization increases.

● Throughput increases according to the ASP.NET Applications\Requests/Sec
performance counter.

● Requests in the application queue decrease according to the ASP.NET
Applications/Requests in Application Queue performance counter. If using the recommended settings does not improve your application performance, you may have a CPU bound scenario. By adding more threads you increase thread context switching. For more information, see “ASP.NET Tuning” in Chapter 17, “Tuning .NET Application Performance.”

More Information
For more information, see Knowledge Base article 821268, “PRB: Contention, Poor
Performance, and Deadlocks When You Make Web Service Requests from ASP.NET
Applications,” at;en-us;821268.

Threading Guidelines
This section discusses guidelines that you can use to help improve threading
efficiency in ASP.NET. The guidelines include the following:

● Tune the thread pool by using the formula to reduce contention.

● Consider minIoThreads and minWorkerThreads for burst load.

● Do not create threads on a per-request basis.

● Avoid blocking threads.

● Avoid asynchronous calls unless you have additional parallel work.

282 Improving .NET Application Performance and Scalability
Tune the Thread Pool by Using the Formula to Reduce Contention
If you have available CPU and if requests are queued, configure the ASP.NET
thread pool. For more information about how to do this, see “Formula for Reducing
Contention” in the preceding “Threading Explained” section. The recommendations
in “Threading Explained” are a starting point.

When your application uses the common language runtime (CLR) thread pool,
it is important to tune the thread pool correctly. Otherwise, you may experience
contention issues, performance problems, or possible deadlocks. Your application
may be using the CLR thread pool if the following conditions are true:

● Your application makes Web service calls.

● Your application uses the WebRequest or HttpWebRequest classes to make outgoing Web requests.

● Your application explicitly queues work to the thread pool by calling the
QueueUserWorkItem method.

More Information

For more information, see Knowledge Base article 821268, “PRB: Contention, Poor
Performance, and Deadlocks When You Make Web Service Requests from ASP.NET
Applications,” at;en-us;821268.

Consider minIoThreads and minWorkerThreads for Burst Load
If your application experiences burst loads where there are prolonged periods of
inactivity between the burst loads, the thread pool may not have enough time to
reach the optimal level of threads. A burst load occurs when a large number of users
connect to your application suddenly and at the same time. The minIoThreads and
minWorkerThreads settings enable you to configure a minimum number of worker
threads and I/O threads for load conditions.

At the time of this writing, you need a supported fix to configure these settings.
For more information, see the following Knowledge Base articles:

● 810259, “FIX: SetMinThreads and GetMinThreads API Added to Common
Language Runtime ThreadPool Class,” at

● 827419, “PRB: Sudden Requirement for a Larger Number of Threads from
the ThreadPool Class May Result in Slow Computer Response Time,” at;en-us;827419
Chapter 6: Improving ASP.NET Performance 283

Do Not Create Threads on a Per-Request Basis
Creating threads is an expensive operation that requires initialization of both
managed and unmanaged resources. You should avoid manually creating threads
on each client request for server-based applications such as ASP.NET applications
and Web services.

Consider using asynchronous calls if you have work that is not CPU bound that
can run in parallel with the call. For example, this might include disk I/O bound
or network I/O bound operations such as reading or writing files, or making calls
to another Web method.

You can use the infrastructure provided by the .NET Framework to perform
asynchronous operations by calling the Beginsynchronous and Endsynchronous
methods (where synchronous represents the synchronous method name). If this
asynchronous calling pattern is not an option, then consider using threads from the
CLR thread pool. The following code fragment shows how you queue a method to
run on a separate thread from the thread pool.

WaitCallback methodTarget = new WaitCallback(myClass.UpdateCache);
bool isQueued = ThreadPool.QueueUserWorkItem(methodTarget);

Avoid Blocking Threads
Any operation that you perform from an ASP.NET page that causes the current
request thread to block means that one less worker thread from the thread pool is
available to service other ASP.NET requests. Avoid blocking threads.
Avoid Asynchronous Calls Unless You Have Additional Parallel Work
Make asynchronous calls from your Web application only when your application
has additional parallel work to perform while it waits for the completion of the
asynchronous calls, and the work performed by the asynchronous call is not CPU
bound. Internally, the asynchronous calls use a worker thread from the thread pool;
in effect, you are using additional threads.
At the same time that you make asynchronous I/O calls, such as calling a Web
method or performing file operations, the thread that makes the call is released so
that it can perform additional work, such as making other asynchronous calls or
performing other parallel tasks. You can then wait for completion of all of those tasks.

Making several asynchronous calls that are not CPU bound and then letting them run
simultaneously can improve throughput. 284 Improving .NET Application Performance and Scalability

More Information
For more information about ASP.NET threading and asynchronous communication,
see “ASP.NET Pipeline: Use Threads and Build Asynchronous Handlers in Your
Server-Side Web Code” at

Avoid Blocking on Long-Running Tasks

Extract from: Scale Net

Avoid Blocking on Long-Running Tasks

If you run long-running or blocking operations, consider using the following
asynchronous mechanisms to free the Web server to process other incoming requests:
● Use asynchronous calls to invoke Web services or remote objects when there is an
opportunity to perform additional parallel processing while the Web service call
proceeds. Where possible, avoid synchronous (blocking) calls to Web services
because outgoing Web service calls are made by using threads from the ASP.NET
thread pool. Blocking calls reduce the number of available threads for processing
other incoming requests.
For more information, see “Avoid Asynchronous Calls Unless You Have
Additional Parallel Work” later in this chapter.
● Consider using the OneWay attribute on Web methods or remote object methods
if you do not need a response. This “fire and forget” model allows the Web server
to make the call and continue processing immediately. This choice may be an
appropriate design choice for some scenarios.
● Queue work, and then poll for completion from the client. This permits the Web
server to invoke code and then let the Web client poll the server to confirm that
the work is complete.
More Information
For more information about how to implement these mechanisms, see “Threading
Guidelines” later in this chapter.

Reduce Round Trips

extracted from:

Reduce Round Trips
Use the following techniques and features in ASP.NET to minimize the number of
round trips between a Web server and a browser, and between a Web server and a
downstream system:
● HttpResponse.IsClientConnected. Consider using the
HttpResponse.IsClientConnected property to verify if the client is still connected
before processing a request and performing expensive server-side operations.
However, this call may need to go out of process on IIS 5.0 and can be very
expensive. If you use it, measure whether it actually benefits your scenario.

● Caching. If your application is fetching, transforming, and rendering data that is
static or nearly static, you can avoid redundant hits by using caching.

● Output buffering. Reduce roundtrips when possible by buffering your output.
This approach batches work on the server and avoids chatty communication with
the client. The downside is that the client does not see any rendering of the page
until it is complete. You can use the Response.Flush method. This method sends
output up to that point to the client. Note that clients that connect over slow
networks where buffering is turned off, affect the response time of your server.
The response time of your server is affected because your server needs to wait for
acknowledgements from the client. The acknowledgements from the client occur
after the client receives all the content from the server.

● Server.Transfer. Where possible, use the Server.Transfer method instead of the
Response.Redirect method. Response.Redirect sends a response header to the
client that causes the client to send a new request to the redirected server by using
the new URL. Server.Transfer avoids this level of indirection by simply making a
server-side call.
You cannot always just replace Response.Redirect calls with Server.Transfer calls
because Server.Transfer uses a new handler during the handler phase of request
processing. If you need authentication and authorization checks during
redirection, use Response.Redirect instead of Server.Transfer because the two
mechanisms are not equivalent. When you use Response.Redirect, ensure you use
the overloaded method that accepts a Boolean second parameter, and pass a value
of false to ensure an internal exception is not raised.
Also note that you can only use Server.Transfer to transfer control to pages in the
same application. To transfer to pages in other applications, you must use

More Information
For more information, see Knowledge Base article 312629, “PRB:
ThreadAbortException Occurs If You Use Response.End, Response.Redirect, or
Server.Transfer,” at;en-us;312629.

Thursday, February 01, 2007

"Creating Even More Exceptional Exceptions" from Jeff Atwood

Today i found a very nice blog entry, only sickness its ;-) (sorry jeff)

to original can be found here

thanks jeff for the nice idea.

here the same in C#

using System;
using System.Collections;
using System.Collections.Generic;
using System.Text;
using System.Text.RegularExpressions;
using System.IO;
using System.Reflection;
using System.Configuration;

namespace ExceptionalExceptions
class Program
static void Main(string[] args)
Console.WriteLine("Started ...");


private static void ReflectionSearch(string strPattern)
Assembly a;
ArrayList al = new ArrayList();
SortedList sl = new SortedList();

foreach(string strAssemblyName in DefaultAssemblyList())
a = Assembly.Load(strAssemblyName);
foreach(Module m in a.GetModules())
foreach(Type t in m.GetTypes())
string full = t.FullName;
if(Regex.IsMatch(full, strPattern, RegexOptions.IgnoreCase))
sl.Add(full, null);

foreach(DictionaryEntry de in sl)
Console.WriteLine(sl.Count.ToString() + " matches for " + strPattern);


private static ArrayList DefaultAssemblyList()
ArrayList result = new ArrayList();

result.Add("System.Windows.Forms, Version=, Culture=neutral, PublicKeyToken=B77A5C561934E089");
result.Add("System.Data.SqlXml, Version=, Culture=neutral, PublicKeyToken=B77A5C561934E089");
result.Add("System.Deployment, Version=, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A");
result.Add("System.DirectoryServices, Version=, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A");
result.Add("System.DirectoryServices.Protocols, Version=, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A");
result.Add("System.Runtime.Serialization.Formatters.Soap, Version=, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A");
result.Add("System.Transactions, Version=, Culture=neutral, PublicKeyToken=B77A5C561934E089");
result.Add("System.Web.RegularExpressions, Version=, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A");
result.Add("System.ServiceProcess, Version=, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A");
result.Add("System.Runtime.Remoting, Version=, Culture=neutral, PublicKeyToken=B77A5C561934E089");
result.Add("System.Configuration.Install, Version=, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A");
result.Add("System.Configuration, Version=, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A");
result.Add("System.Data, Version=, Culture=neutral, PublicKeyToken=B77A5C561934E089");
result.Add("System, Version=, Culture=neutral, PublicKeyToken=B77A5C561934E089");
result.Add("System.EnterpriseServices, Version=, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A");
result.Add("System.Web, Version=, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A");
result.Add("System.Web.Services, Version=, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A");
result.Add("System.Xml, Version=, Culture=neutral, PublicKeyToken=B77A5C561934E089");
result.Add("System.Web.Mobile, Version=, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A");

return result;

Monday, January 29, 2007

Windows TCP Error Codes (Winsock Error Codes)

Permission denied.
An attempt was made to access a socket in a way forbidden by its access permissions. An example is using a broadcast address for sendto without broadcast permission being set using setsockopt(SO_BROADCAST).

Address already in use.
Only one usage of each socket address (protocol/IP address/port) is normally permitted. This error occurs if an application attempts to bind a socket to an IP address/port that has already been used for an existing socket, or a socket that wasn't closed properly, or one that is still in the process of closing. For server applications that need to bind multiple sockets to the same port number, consider using setsockopt(SO_REUSEADDR). Client applications usually need not call bind at all - connectwill choose an unused port automatically.

Cannot assign requested address.
The requested address is not valid in its context. Normally results from an attempt to bind to an address that is not valid for the local machine, or connect/sendtoan address or port that is not valid for a remote machine (e.g. port 0).

Address family not supported by protocol family.
An address incompatible with the requested protocol was used. All sockets are created with an associated "address family" (i.e. AF_INET for Internet Protocols) and a generic protocol type (i.e. SOCK_STREAM). This error will be returned if an incorrect protocol is explicitly requested in the socket call, or if an address of the wrong family is used for a socket, e.g. in sendto.

Operation already in progress.
An operation was attempted on a non-blocking socket that already had an operation in progress - i.e. calling connecta second time on a non-blocking socket that is already connecting, or canceling an asynchronous request (WSAAsyncGetXbyY) that has already been canceled or completed.

Software caused connection abort.
An established connection was aborted by the software in your host machine, possibly due to a data transmission timeout or protocol error.

Connection refused.
No connection could be made because the target machine actively refused it. This usually results from trying to connect to a service that is inactive on the foreign host - i.e. one with no server application running.

Connection reset by peer.
A existing connection was forcibly closed by the remote host. This normally results if the peer application on the remote host is suddenly stopped, the host is rebooted, or the remote host used a "hard close" (see setsockopt for more information on the SO_LINGERoption on the remote socket.)

Destination address required.
A required address was omitted from an operation on a socket. For example, this error will be returned if sendtois called with the remote address of ADDR_ANY.

Bad address.
The system detected an invalid pointer address in attempting to use a pointer argument of a call. This error occurs if an application passes an invalid pointer value, or if the length of the buffer is too small. For instance, if the length of an argument which is a struct sockaddr is smaller than sizeof(struct sockaddr).

Host is down.
A socket operation failed because the destination host was down. A socket operation encountered a dead host. Networking activity on the local host has not been initiated. These conditions are more likely to be indicated by the error WSAETIMEDOUT.

No route to host.
A socket operation was attempted to an unreachable host. See WSAENETUNREACH

Operation now in progress.
A blocking operation is currently executing. Windows Sockets only allows a single blocking operation to be outstanding per task (or thread), and if any other function call is made (whether or not it references that or any other socket) the function fails with the WSAEINPROGRESS error.

Interrupted function call.
A blocking operation was interrupted by a call to WSACancelBlockingCall.

Invalid argument.
Some invalid argument was supplied (for example, specifying an invalid level to the setsockopt function). In some instances, it also refers to the current state of the socket - for instance, calling accept on a socket that is not listening.

Socket is already connected.
A connect request was made on an already connected socket. Some implementations also return this error if sendto is called on a connected SOCK_DGRAM socket (For SOCK_STREAM sockets, the to parameter in sendtois ignored), although other implementations treat this as a legal occurrence.

Too many open files.
Too many open sockets. Each implementation may have a maximum number of socket handles available, either globally, per process or per thread.

Message too long.
A message sent on a datagram socket was larger than the internal message buffer or some other network limit, or the buffer used to receive a datagram into was smaller than the datagram itself.

Network is down.
A socket operation encountered a dead network. This could indicate a serious failure of the network system (i.e. the protocol stack that the WinSock DLL runs over), the network interface, or the local network itself.

Network dropped connection on reset.
The host you were connected to crashed and rebooted. May also be returned by setsockoptif an attempt is made to set SO_KEEPALIVE on a connection that has already failed.

Network is unreachable.
A socket operation was attempted to an unreachable network. This usually means the local software knows no route to reach the remote host.

No buffer space available.
An operation on a socket could not be performed because the system lacked sufficient buffer space or because a queue was full.

Bad protocol option.
An unknown, invalid or unsupported option or level was specified in a getsockopt or setsockoptcall.

Socket is not connected.
A request to send or receive data was disallowed because the socket is not connected and (when sending on a datagram socket using sendto) no address was supplied. Any other type of operation might also return this error - for example, setsockoptsetting SO_KEEPALIVE if the connection has been reset.

Socket operation on non-socket.
An operation was attempted on something that is not a socket. Either the socket handle parameter did not reference a valid socket, or for select, a member of an fd_set was not valid.

Operation not supported.
The attempted operation is not supported for the type of object referenced. Usually this occurs when a socket descriptor to a socket that cannot support this operation, for example, trying to accept a connection on a datagram socket.

Protocol family not supported.
The protocol family has not been configured into the system or no implementation for it exists. Has a slightly different meaning to WSAEAFNOSUPPORT, but is interchangeable in most cases, and all Windows Sockets functions that return one of these specify WSAEAFNOSUPPORT.

Too many processes.
A Windows Sockets implementation may have a limit on the number of applications that may use it simultaneously. WSAStartupmay fail with this error if the limit has been reached.

Protocol not supported.
The requested protocol has not been configured into the system, or no implementation for it exists. For example, a socketcall requests a SOCK_DGRAM socket, but specifies a stream protocol.

Protocol wrong type for socket.
A protocol was specified in the socketfunction call that does not support the semantics of the socket type requested. For example, the ARPA Internet UDP protocol cannot be specified with a socket type of SOCK_STREAM.

Cannot send after socket shutdown.
A request to send or receive data was disallowed because the socket had already been shut down in that direction with a previous shutdown call. By calling shutdowna partial close of a socket is requested, which is a signal that sending or receiving or both has been discontinued.

Socket type not supported.
The support for the specified socket type does not exist in this address family. For example, the optional type SOCK_RAW might be selected in a socketcall, and the implementation does not support SOCK_RAW sockets at all.

Connection timed out.
A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

Resource temporarily unavailable.
This error is returned from operations on non-blocking sockets that cannot be completed immediately, for example recv when no data is queued to be read from the socket. It is a non-fatal error, and the operation should be retried later. It is normal for WSAEWOULDBLOCK to be reported as the result from calling connecton a non-blocking SOCK_STREAM socket, since some time must elapse for the connection to be established.

Host not found.
No such host is known. The name is not an official hostname or alias, or it cannot be found in the database(s) being queried. This error may also be returned for protocol and service queries, and means the specified name could not be found in the relevant database.

(OS dependent)
Specified event object handle is invalid.
An application attempts to use an event object, but the specified handle is not valid.

(OS dependent)
One or more parameters are invalid.
An application used a Windows Sockets function which directly maps to a Win32 function. The Win32 function is indicating a problem with one or more parameters.

(OS dependent)
Invalid procedure table from service provider.
A service provider returned a bogus proc table to WS2_32.DLL. (Usually caused by one or more of the function pointers being NULL.)

(OS dependent)
Invalid service provider version number.
A service provider returned a version number other than 2.0.

(OS dependent)
Overlapped operations will complete later.
The application has initiated an overlapped operation which cannot be completed immediately. A completion indication will be given at a later time when the operation has been completed.

(OS dependent)
Overlapped I/O event object not in signaled state.
The application has tried to determine the status of an overlapped operation which is not yet completed. Applications that use WSAWaitForMultipleEventsin a polling mode to determine when an overlapped operation has completed will get this error code until the operation is complete.

(OS dependent)
Insufficient memory available.
An application used a Windows Sockets function which directly maps to a Win32 function. The Win32 function is indicating a lack of required memory resources.

Successful WSAStartup not yet performed.
Either the application hasn't called WSAStartup, or WSAStartup failed. The application may be accessing a socket which the current active task does not own (i.e. trying to share a socket between tasks), or WSACleanuphas been called too many times.

Valid name, no data record of requested type.
The requested name is valid and was found in the database, but it does not have the correct associated data being resolved for. The usual example for this is a hostname -> address translation attempt (using gethostbyname or WSAAsyncGetHostByName) which uses the DNS (Domain Name Server), and an MX record is returned but no A record - indicating the host itself exists, but is not directly reachable.

This is a non-recoverable error.
This indicates some sort of non-recoverable error occurred during a database lookup. This may be because the database files (e.g. BSD-compatible HOSTS, SERVICES or PROTOCOLS files) could not be found, or a DNS request was returned by the server with a severe error.

(OS dependent)
Unable to initialize a service provider.
Either a service provider's DLL could not be loaded (LoadLibrary failed) or the provider's WSPStartup/NSPStartupfunction failed.

(OS dependent)
System call failure.
Returned when a system call that should never fail does. For example, if a call to WaitForMultipleObjectsfails or one of the registry functions fails trying to manipulate theprotocol/namespace catalogs.

Network subsystem is unavailable.
This error is returned by WSAStartup if the Windows Sockets implementation cannot function at this time because the underlying system it uses to provide network services is currently unavailable. Users should check:

that the WINSOCK.DLL file is in the current path,
that the WINSOCK.DLL file is from the same vendor as the underlying protocol stack. They cannot be mixed and matched (WinSock DLLs must be supplied by the same vendor that provided the underlying protocol stack).
that they are not trying to use more than one Windows Sockets implementation simultaneously. If there is more than one WINSOCK DLL on your system, be sure the first one in the path is appropriate for the network subsystem currently loaded.
the Windows Sockets implementation documentation to be sure all necessary components are currently installed and configured correctly.
Non-authoritative host not found.
This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server. A retry at some time later may be successful.

WINSOCK.DLL version out of range.
The current Windows Sockets implementation does not support the Windows Sockets specification version requested by the application. Check that no old WINSOCK.DLL files are being accessed, or contact the stack vendor to see if an updated WINSOCK.DLL exists.

Graceful shutdown in progress.
Returned by recv, WSARecvto indicate the remote party has initiated a graceful shutdown sequence.

(OS dependent)
Overlapped operation aborted.
An overlapped operation was canceled due to the closure of the socket, or the execution of the SIO_FLUSH command in WSAIoctl.

Saturday, January 27, 2007

A list with known port numbers of Trojan's

Port No. Port Name Description
1 UDP Sockets de Troie
2 TCP Death
15 TCP B2
20 TCP Senna Spy FTP Server
21 TCP Back Construction
21 TCP Blade Runner
21 TCP Cattivik FTP Server
21 TCP CC Invader
21 TCP Dark FTP
21 TCP Doly Trojan
21 TCP Fore
21 TCP FreddyK
21 TCP Invisible FTP
21 TCP Juggernaut 42
21 TCP Larva
21 TCP MotIv FTP
21 TCP Net Administrator
21 TCP Ramen
21 TCP RTB 666
21 TCP Senna Spy FTP Server
21 TCP The Flu
21 TCP Traitor 21
21 TCP WebEx
21 TCP WinCrash
22 TCP Adore sshd
22 TCP Shaft
23 TCP ADM Worm
23 TCP Fire HacKer
23 TCP My Very Own Trojan
23 TCP RTB 666
23 TCP Telnet Pro
23 TCP Tiny Telnet Server / TTS
23 TCP Truva Atl
25 TCP Ajan
25 TCP Antigen
25 TCP Barok
25 TCP Email Password Sender / EPS
25 TCP Gip
25 TCP Gris
25 TCP Haebu Coceda
25 TCP Happy99
25 TCP Hpteam mail
25 TCP Hybris
25 TCP I love you
25 TCP Kuang2
25 TCP Magic Horse
25 TCP MBT / Mail Bombing Trojan
25 TCP Moscow Email Trojan
25 TCP Naebi
25 TCP NewApt Worm
25 TCP ProMail Trojan
25 TCP Shtirlitz
25 TCP Stealth
25 TCP Stukach
25 TCP Tapiras
25 TCP Terminator
25 TCP WinPC
25 TCP WinSpy
28 TCP Amanda
30 TCP Agent 40421
31 TCP Agent 31
31 TCP Hackers Paradise
31 TCP Masters Paradise
41 TCP Deep Throat
41 TCP Foreplay
44 TCP Arctic
53 TCP ADM Worm
53 TCP Lion
58 TCP DMSetup
59 TCP DMSetup
68 TCP Subseven 1.0
69 TCP BackGate
69 TCP Evala Worm
70 TCP Evala Worm
79 TCP Firehotcker
80 TCP 711 Trojan / Seven Eleven
80 TCP AckCmd
80 TCP Back End
80 TCP Back Orifice 2000 Plug-Ins
80 TCP Cafeini
80 TCP CGI Backdoor
80 TCP Executor
80 TCP God Message
80 TCP God Message 4 Creator
80 TCP Hooker
80 TCP IISworm
80 TCP Noob
80 TCP Ramen
80 TCP Reverse WWW Tunnel Backdoor
80 TCP RingZero
80 TCP RTB 666
80 TCP Seeker
80 TCP WAN Remote
80 TCP Web Server CT
80 TCP WebDownloader
81 TCP RemoConChubo
90 TCP Hidden Port 2.0
99 TCP Hidden Port
99 TCP Mandragore
110 TCP ProMail Trojan
113 TCP Invisible Identd Deamon
113 TCP Kazimas
119 TCP Happy99
121 TCP Attack Bot
121 TCP God Message
121 TCP Jammer Killah
123 TCP Net Controller
133 TCP Farnaz
137 TCP Chode
137 TCP Netbios name (DoS attack)
137 UDP Msinit
137 UDP Netbios name (DoS attack)
137 UDP Qaz
138 TCP Chode
139 TCP Chode
139 TCP God Message Worm
139 TCP Msinit
139 TCP Netbios session (DoS attack)
139 TCP Netlog
139 TCP Network
139 TCP Qaz
139 TCP Sadmind
139 TCP SMB Relay
139 UDP Netbios session (DoS attack)
142 TCP NetTaxi 1.8
146 TCP Infector
146 TCP Intruder
146 UDP Infector
166 TCP NokNok
170 TCP A-Trojan
171 TCP A-Trojan 2.0
334 TCP Backage
411 TCP Backage
413 TCP Coma
420 TCP Breach
420 TCP Incognito
421 TCP CP Wrappers Trojan
455 TCP Fatal Connections
456 TCP Hackers Paradise
511 TCP T0rn Rootkit
513 TCP Grlogin
514 TCP RPC Backdoor
515 TCP lpdw0rm
515 TCP Ramen
531 TCP Net666
531 TCP Rasmin
555 TCP 711 Trojan / Seven Eleven
555 TCP Ini-Killer
555 TCP Net Administrator
555 TCP Phase Zero / Phase-0
555 TCP Phaze
555 TCP Stealth Spy
600 TCP Sadmind
605 TCP Secret Service
661 TCP NokNok
666 TCP Attack FTP
666 TCP Back Construction
666 TCP BLA Trojan
666 TCP Cain & Abel
666 TCP lpdw0rm
666 TCP NokNok
666 TCP Satans Back Door / SBD
666 TCP ServU
666 TCP Shadow Phyre
666 TCP th3r1pp3rz / Therippers / Ripper
667 TCP SniperNet
668 TCP th3r1pp3rz / Therippers / Ripper
669 TCP DP Trojan
692 TCP GayOL
777 TCP AIM Spy Application
777 TCP Undetected
785 TCP NetworkTerrorist
808 TCP WinHole
901 TCP Backdoor.Devil
902 TCP Backdoor.Devil
911 TCP Dark Shadow
911 TCP Dark Shadow
999 TCP Chat Power
999 TCP DeepThroat
999 TCP Foreplay
999 TCP WinSatan
1000 TCP Connecter
1000 TCP Der Späher / Der Spaeher
1000 TCP Direct Connection
1001 TCP Anti Denial
1001 TCP Der Späher / Der Spaeher
1001 TCP Le Guardien
1001 TCP Silencer
1001 TCP Theef
1001 TCP WebEx
1005 TCP Theef
1008 TCP Lion
1010 TCP Doly Trojan
1011 TCP Doly Trojan
1012 TCP Doly Trojan
1015 TCP Doly Trojan
1016 TCP Doly Trojan
1020 TCP Vampire
1024 TCP Jade
1024 TCP Latinus
1024 TCP NetSpy
1024 TCP Remote Administration Tool / RAT
1025 TCP Fraggle Rock
1025 TCP md5 Backdoor
1025 TCP NetSpy
1025 TCP Remote Storm
1025 UDP Maverick's Matrix 1.2 - 2.0
1025 UDP Remote Storm
1027 TCP ICQ
1029 TCP ICQ
1031 TCP Xanadu
1032 TCP ICQ
1033 TCP NetSpy
1034 TCP Backdoor.Systec
1035 TCP Multidropper
1042 TCP BLA Trojan
1042 UDP BLA Trojan
1045 TCP Rasmin
1049 TCP /sbin/initd
1050 TCP MiniCommand
1053 TCP The Thief
1054 TCP AckCmd
1080 TCP SubSeven 2.2
1080 TCP WinHole
1081 TCP WinHole
1082 TCP WinHole
1083 TCP WinHole
1090 TCP Xtreme
1095 TCP Remote Administration Tool / RAT
1097 TCP Remote Administration Tool / RAT
1098 TCP Remote Administration Tool / RAT
1099 TCP Blood Fest Evolution
1099 TCP Remote Administration Tool / RAT
1104 UDP RexxRave
1130 TCP NokNok
1130 UDP NokNok
1150 TCP Orion
1151 TCP Orion
1170 TCP Psyber Stream Server / PSS
1170 TCP Streaming Audio Server / Voice Streaming Audio
1174 TCP DaCryptic
1180 TCP Unin68
1200 UDP NoBackO
1201 UDP NoBackO
1207 TCP SoftWAR
1208 TCP Infector
1212 TCP Kaos
1234 TCP SubSeven Java client
1234 TCP Ultors Trojan
1243 TCP BackDoor-G
1243 TCP SubSeven
1243 TCP SubSeven Apocalypse
1243 TCP Tiles
1245 TCP VooDoo Doll
1255 TCP Scarab
1256 TCP Project nEXT
1256 TCP RexxRave
1269 TCP Matrix / Maverick's Matrix
1272 TCP The Matrix
1313 TCP NETrojan
1337 TCP Shadyshell
1338 TCP Millennium Worm
1349 TCP BO dll
1349 UDP BackOrifice DLL Comm
1386 TCP Dagger
1394 TCP Backdoor G-1
1394 TCP GoFriller
1441 TCP Remote Storm
1466 TCP Net Metropolitan
1480 TCP RemoteHack
1505 TCP FunkProxy
1505 UDP FunkProxy
1509 TCP Psyber Streaming Server
1524 TCP Trinoo
1568 TCP Remote Hack
1600 TCP Direct Connection
1600 TCP Shivka Burka
1601 TCP Direct Connection
1602 TCP Direct Connection
1604 TCP ICA Browser
1604 UDP ICA Browser
1703 TCP Exploiter
1722 TCP Backdoor.NetControle
1722 UDP Backdoor.NetControle
1777 TCP Scarab
1784 TCP Snid
1807 TCP SpySender
1826 TCP Glacier
1966 TCP Fake FTP
1967 TCP For Your Eyes Only / FYEO
1967 TCP WM FTP Server
1969 TCP OpC BO
1981 TCP Bowl
1981 TCP Shockrave
1991 TCP PitFall
1999 TCP Back Door
1999 TCP SubSeven
1999 TCP TransmissionScout / TransScout
2000 TCP A-Trojan 2.0
2000 TCP Der Späher / Der Spaeher
2000 TCP Insane Network
2000 TCP Last 2000
2000 TCP Remote Explorer 2000
2000 TCP Senna Spy Trojan Generator
2001 TCP Der Späher / Der Spaeher
2001 TCP Trojan Cow
2002 TCP TransmissionScout / TransScout
2003 TCP TransmissionScout / TransScout
2003 TCP TransmissionScout / TransScout
2003 TCP TransmissionScout / TransScout
2004 TCP TransmissionScout / TransScout
2005 TCP TransmissionScout / TransScout
2023 TCP Ripper
2023 TCP Ripper Pro
2040 TCP Inferno Uploader
2080 TCP WinHole
2115 TCP Bugs
2130 UDP Mini Backlash
2140 TCP The Invasor
2140 UDP Deep Throat
2140 UDP Foreplay
2155 TCP Illusion Mailer
2255 TCP Nirvana
2283 TCP HLV Rat5
2300 TCP Xplorer
2311 TCP Studio 54
2330 TCP IRC Contact
2331 TCP IRC Contact
2332 TCP IRC Contact
2333 TCP IRC Contact
2334 TCP IRC Contact
2335 TCP IRC Contact
2336 TCP IRC Contact
2337 TCP IRC Contact
2338 TCP IRC Contact
2339 TCP IRC Contact
2339 TCP Voice Spy
2339 UDP Voice Spy
2345 TCP Doly Trojan
2400 TCP Portd
2555 TCP Lion
2555 TCP T0rn Rootkit
2565 TCP Striker Trojan
2583 TCP WinCrash
2589 TCP Dagger
2600 TCP Digital RootBeer
2702 TCP Black Diver
2716 TCP The Prayer 1.2
2716 TCP The Prayer 1.3
2721 TCP Phase Zero
2773 TCP SubSeven
2773 TCP SubSeven 2.1 Gold
2774 TCP SubSeven
2774 TCP SubSeven 2.1 Gold
2801 TCP Phineas Phucker
2929 TCP Konik
2989 TCP Remote Administration Tool / RAT
2989 UDP Remote Administration Tool / RAT
3000 TCP InetSpy
3000 TCP Remote Shut
3024 TCP WinCrash
3028 TCP Ring Zero
3031 TCP Microspy
3128 TCP Masters Paradise
3128 TCP Reverse WWW Tunnel Backdoor
3128 TCP RingZero / Ring0
3128 UDP Masters Paradise
3129 TCP Masters Paradise
3129 UDP Masters Paradise
3131 TCP SubSARI
3150 TCP Deep Throat 1.0
3150 TCP Deep Throat 1.1
3150 TCP Deep Throat 2.0
3150 TCP Deep Throat 3.0
3150 TCP Deep Throat 3.1
3150 TCP The Invasor
3150 UDP Foreplay
3150 UDP Mini Backlash
3212 TCP Maverick's Matrix 1.2b
3332 TCP Q0 BackDoor
3333 TCP Daodan
3333 UDP Daodan
3456 TCP Terror Trojan
3459 TCP Eclipse 2000
3459 TCP Sanctuary
3586 TCP Snid
3700 TCP Portal of Doom
3723 TCP Mantis
3777 TCP PsychWard
3791 TCP Eclypse
3791 TCP Total Solar Eclypse
3800 TCP Total Solar Eclypse
3800 UDP Total Solar Eclypse
3801 TCP Eclypse
3801 TCP Total Solar Eclypse
3801 UDP Total Solar Eclypse
4000 TCP Connect-Back Backdoor
4000 TCP SkyDance
4092 TCP WinCrash
4100 TCP Watchguard Firebox (admin DoS Exploit)
4201 TCP War Trojan
4242 TCP Virtual Hacking Machine / VHM
4321 TCP BoBo
4444 TCP CrackDown
4444 TCP Prosiak
4444 TCP Swift Remote
4488 TCP Event Horizon
4523 TCP Celine
4545 TCP Internal Revise
4545 TCP Remote Revise
4567 TCP File Nail
4590 TCP ICQ Trojan
4653 TCP Cero
4666 TCP Mneah
4950 TCP ICQ Trogen (Lm)
5000 TCP Back Door Setup
5000 TCP BioNet Lite
5000 TCP Blakharaz
5000 TCP Blazer5
5000 TCP Bubbel
5000 TCP ICKiller
5000 TCP Ra1d
5000 TCP Sockets de Troie
5001 TCP Back Door Setup
5001 TCP Blakharaz
5001 TCP Sockets de Troie
5002 TCP cd00r
5002 TCP Linux Rootkit IV / Linux Rootkit 4
5002 TCP Shaft
5005 TCP Aladino
5010 TCP Solo
5011 TCP modified
5011 TCP One of the Last Trojans / OOTLT
5011 TCP One of the Last Trojans / OOTLT
5025 TCP WM Remote KeyLogger
5031 TCP Net Metropolitan
5032 TCP Net Metropolitan
5151 TCP OptixLite
5190 TCP MBomber
5321 TCP Firehotcker
5333 TCP Backage
5333 TCP NetDemon
5343 TCP WC Remote Administration Tool / wCrat
5400 TCP Back Construction
5400 TCP Blade Runner
5400 TCP Deep Throat
5401 TCP Back Construction
5401 TCP Blade Runner
5401 TCP Mneah
5402 TCP Back Construction
5402 TCP Blade Runner
5402 TCP Mneah
5512 TCP Illusion Mailer
5512 TCP X TCP
5521 TCP Illusion Mailer
5534 TCP The Flu
5550 TCP X TCP
5555 TCP Noxcape
5555 TCP ServeMe
5555 UDP Daodan
5556 TCP BO Facil
5557 TCP BO Facil
5569 TCP Robo-Hack
5637 TCP PC Crasher
5638 TCP PC Crasher
5714 TCP WinCrash
5741 TCP WinCrash
5742 TCP WinCrash
5760 TCP Portmap Remote Root Linux Exploit
5802 TCP Y3K Rat
5810 TCP Y3K Rat
5858 TCP Y3K Rat
5873 TCP SubSeven 2.2
5880 TCP Y3K Rat
5881 TCP Y3K Rat
5881 UDP Y3K Rat
5882 TCP Y3K Rat
5882 UDP Y3K Rat
5883 TCP Y3K Rat
5883 UDP Y3K Rat
5884 TCP Y3K Rat
5884 UDP Y3K Rat
5885 TCP Y3K Rat
5885 UDP Y3K Rat
5886 TCP Y3K Rat
5886 UDP Y3K Rat
5887 TCP Y3K Rat
5887 UDP Y3K Rat
5888 TCP Y3K Rat
5888 UDP Y3K Rat
5889 TCP Y3K Rat
5890 TCP Y3K Rat
6000 TCP The Thing
6006 TCP Bad Blood
6272 TCP Secret Service
6400 TCP The Thing
6660 TCP LameSpy
6661 TCP TEMan
6661 TCP Weia-Meia
6666 TCP Dark Connection Inside
6666 TCP NetBus Worm
6667 TCP Dark FTP
6667 TCP EGO
6667 TCP Maniac rootkit
6667 TCP Moses
6667 TCP ScheduleAgent
6667 TCP SubSeven
6667 TCP Subseven 2.1.4 DefCon 8
6667 TCP The Thing (modified)
6667 TCP Trinity
6667 TCP WinSatan
6669 TCP Host Control
6669 TCP Vampire
6670 TCP BackWeb Server
6670 TCP Deep Throat
6670 TCP Foreplay
6670 TCP WinNuke eXtreame
6711 TCP BackDoor-G
6711 TCP NokNok
6711 TCP SubSARI
6711 TCP SubSeven
6711 TCP VP Killer
6712 TCP Funny Trojan
6712 TCP SubSeven
6713 TCP SubSeven
6723 TCP Mstream attack-handler
6767 TCP UandMe
6771 TCP Deep Throat
6771 TCP Foreplay
6776 TCP 2000 Cracks
6776 TCP BackDoor-G
6776 TCP SubSeven
6776 TCP VP Killer
6789 TCP Doly
6838 UDP Mstream agent-handler
6883 TCP Delta Source DarkStar (???)
6912 TCP Shit Heap
6939 TCP Indoctrination
6969 TCP 2000 Cracks
6969 TCP Danton
6969 TCP GateCrasher
6969 TCP IRC 3
6969 TCP Net Controller
6969 TCP Priority
6970 TCP Danton
6970 TCP GateCrasher
7000 TCP Exploit Translation Server
7000 TCP Kazimas
7000 TCP Remote Grab
7000 TCP SubSeven
7000 TCP SubSeven 2.1 Gold
7001 TCP Freak2k
7001 TCP Freak88
7001 TCP NetSnooper Gold
7028 TCP Unknown Trojan
7028 UDP Unknown Trojan
7158 TCP Lohoboyshik
7215 TCP SubSeven
7215 TCP SubSeven 2.1 Gold
7300 TCP Coced
7300 TCP NetMonitor
7301 TCP Coced
7301 TCP NetMonitor
7306 TCP NetMonitor
7306 TCP NetSpy
7307 TCP NetMonitor
7307 TCP Remote Process Monitor
7308 TCP NetMonitor
7308 TCP X Spy
7410 TCP Phoenix
7424 TCP Host Control
7424 UDP Host Control
7511 TCP Genue
7597 TCP Qaz
7609 TCP Snid
7614 TCP Backdoor.GRM
7626 TCP Binghe
7626 TCP Glacier
7626 TCP Hyne
7718 TCP Glacier
7777 TCP God Message
7777 TCP The Thing (modified)
7777 TCP Tini
7788 TCP Last
7788 TCP Matrix
7789 TCP Back Door Setup
7789 TCP ICKiller
7789 TCP Mozilla
7826 TCP Oblivion / Mini Oblivion
7887 TCP SmallFun
7891 TCP Revenger
7891 TCP The ReVeNgEr
7983 TCP Mstream handler-agent
8012 TCP BackDoor-KL
8012 TCP Ptakks
8080 TCP Brown Orifice
8080 TCP Generic Backdoor
8080 TCP RemoConChubo
8080 TCP Reverse WWW Tunnel Backdoor
8080 TCP Ring Zero
8685 TCP Unin68
8720 TCP Connection
8787 TCP Back Orifice 2000
8812 TCP FraggleRock Lite
8899 TCP Last
8988 TCP BacHack
8989 TCP Rcon
8989 TCP Recon
8989 TCP Xcon
9000 TCP Netministrator
9325 UDP Mstream agent-handler
9400 TCP InCommand
9696 TCP Danton
9697 TCP Danton
9870 TCP Remote Computer Control Center / R3C
9872 TCP Portal of Doom
9873 TCP Portal of Doom
9874 TCP Portal of Doom
9875 TCP Portal of Doom
9876 TCP Cyber Attacker
9876 TCP Rux
9878 TCP TransmissionScout / TransScout
9989 TCP Ini-Killer
9999 TCP ForcedEntry
9999 TCP Infra
9999 TCP The Prayer
9999 TCP The Prayer / Prayer
10000 TCP OpwinTRojan
10005 TCP OpwinTRojan
10008 TCP Cheese Worm
10008 TCP Lion
10013 TCP Amanda
10067 UDP Portal of Doom
10085 TCP Syphillis
10086 TCP Syphillis
10100 TCP Control Total
10100 TCP GiFt Trojan
10101 TCP BrainSpy
10101 TCP Silencer / NewSilencer
10167 UDP Portal of Doom
10498 UDP Mstream handler-agent
10520 TCP Acid Shivers
10528 TCP Host Control
10607 TCP Coma
10666 UDP Ambush
11000 TCP Senna Spy Trojan Generator
11011 TCP Amanda
11050 TCP Host Control
11051 TCP Host Control
11223 TCP Progenic Trojan
11223 TCP Secret Agent
11225 TCP Cyn
11225 UDP Cyn
11306 TCP NokNok
11306 UDP NokNok
11831 TCP Latinus Server / Latinus
11991 TCP Pitfall Surprise
12076 TCP Gjamer
12223 TCP Hack'99 KeyLogger
12310 TCP PreCursor
12345 TCP Adore sshd
12345 TCP Ashley
12345 TCP cron / crontab
12345 TCP Fat Bitch Trojan
12345 TCP GabanBus
12345 TCP icmp_client.c
12345 TCP icmp_pipe.c
12345 TCP Mypic
12345 TCP NetBus
12345 TCP NetBus Toy
12345 TCP NetBus Worm
12345 TCP Pie Bill Gates
12345 TCP Ultor's Trojan
12345 TCP ValvNet
12345 TCP Whack Job
12345 TCP X-bill
12346 TCP Fat Bitch Trojan
12346 TCP GabanBus
12346 TCP NetBus
12346 TCP X-bill
12348 TCP BioNet
12349 TCP BioNet
12349 TCP Webhead
12361 TCP Whack-a-mole
12362 TCP Whack-a-mole
12363 TCP Whack-a-mole
12456 TCP NetBus
12478 TCP Bionet
12623 UDP DUN Control
12624 TCP ButtMan
12631 TCP Whack Job
12701 TCP Eclypse
12754 TCP Mstream attack-handler
12904 TCP Akropolis
13000 TCP Senna Spy Trojan Generator
13000 TCP Senna Spy Trojan Generator
13010 TCP BitchController
13010 TCP Hacker Brasil / HBR
13013 TCP PsychWard
13014 TCP PsychWard
13223 TCP Hack'99 KeyLogger
13473 TCP Chupacabra
13700 TCP Kuang2 The Virus
14286 TCP Hell Driver
14500 TCP PC Invader
14501 TCP PC Invader
14502 TCP PC Invader
14503 TCP PC Invader
14504 TCP PC Invader
15000 TCP NetDemon
15092 TCP Host Control
15104 TCP Mstream attack-handler
15382 TCP SubZero
15858 TCP CDK
16484 TCP Mosucker
16660 TCP Stacheldraht
16772 TCP ICQ Revenge
16959 TCP SubSeven
16959 TCP Subseven 2.1.4 DefCon 8
16969 TCP Priority
16969 TCP Progenic
16982 TCP AcidShiver
17166 TCP Mosaic
17300 TCP Kuang2 The Virus
17449 TCP Kid Terror
17499 TCP CrazzyNet
17500 TCP CrazzyNet
17569 TCP Infector
17593 TCP AudioDoor
17777 TCP Nephron
18667 TCP Knark
18753 UDP Shaft
19864 TCP ICQ Revenge
20000 TCP Millenium
20001 TCP Insect
20001 TCP Millenium
20001 TCP Millenium (Lm)
20002 TCP AcidkoR
20005 TCP Mosucker
20023 TCP VP Killer
20034 TCP NetBus 2.0 Pro
20034 TCP NetBus 2.0 Pro Hidden
20034 TCP NetRex
20034 TCP Whack Job
20203 TCP Chupacabra
20331 TCP BLA Trojan
20432 TCP Shaft client to handlers
20433 UDP Shaft agent to handlers
21212 TCP Schwindler
21544 TCP GirlFriend
21544 TCP Kid Terror
21544 TCP Matrix
21544 UDP GirlFriend
21554 TCP Exploiter
21554 TCP FreddyK
21554 TCP Kid Terror
21554 TCP Schwindler
21554 TCP Winsp00fer
21579 TCP Breach
21684 TCP Intruse
21957 TCP Latinus
22068 TCP Acid Shiver
22222 TCP Donald Dick
22222 TCP Prosiak
22222 TCP Ruler
22222 TCP RUX The TIc.K
22222 TCP RUX The TIc.K
22456 TCP Bla
22457 TCP Bla
22784 TCP Backdoor-ADM
22845 TCP Breach
22847 TCP Breach
23005 TCP NetTrash
23005 TCP Olive
23005 TCP Oxon
23006 TCP NetTrash
23023 TCP Logged
23032 TCP Amanda
23321 TCP Konik
23432 TCP Asylum
23432 TCP Mini Asylum
23456 TCP Evil FTP
23456 TCP Ugly FTP
23456 TCP Whack Job
23476 TCP Donald Dick
23476 UDP Donald Dick
23477 TCP Donald Dick
23777 TCP InetSpy
24000 TCP Infector
24289 TCP Latinus
25123 TCP Goy'Z Trojan
25386 TCP MoonPie
25555 TCP FreddyK
25556 TCP FreddyK
25685 TCP MoonPie
25686 TCP MoonPie
25982 TCP MoonPie
26274 UDP Delta Source
26681 TCP Voice Spy
27160 TCP MoonPie
27374 TCP Bad Blood
27374 TCP EGO
27374 TCP Fake SubSeven
27374 TCP Lion
27374 TCP Ramen
27374 TCP Seeker
27374 TCP SubSeven
27374 TCP SubSeven 2.1 Gold
27374 TCP Subseven 2.1.4 DefCon 8
27374 TCP SubSeven 2.2
27374 TCP SubSeven Muie
27374 TCP The Saint
27374 TCP Ttfloader
27374 TCP Webhead
27444 UDP Trinoo / Trin00 / TFN2K (DoS attack)
27573 TCP SubSeven
27665 TCP Trinoo / Trin00 / TFN2K (DoS attack)
28429 TCP Hack'a'Tack
28430 TCP Hack'a'Tack
28431 TCP Hack'a'Tack
28431 UDP Hack'a'Tack
28432 TCP Hack'a'Tack
28432 UDP Hack'a'Tack
28433 TCP Hack'a'Tack
28433 UDP Hack'a'Tack
28434 TCP Hack'a'Tack
28434 UDP Hack'a'Tack
28435 TCP Hack'a'Tack
28435 UDP Hack'a'Tack
28436 TCP Hack'a'Tack
28436 UDP Hack'a'Tack
28678 TCP Exploiter
29104 TCP NetTrojan
29292 TCP BackGate
29369 TCP ovasOn
29559 TCP Latinus
29891 TCP The Unexplained
30000 TCP Infector
30001 TCP ErrOr32
30003 TCP Lamers Death
30005 TCP Backdoor JZ
30029 TCP AOL Trojan
30100 TCP NetSphere
30101 TCP NetSphere
30102 TCP NetSphere
30103 TCP NetSphere
30103 UDP NetSphere
30133 TCP NetSphere Final
30303 TCP Sockets de Troie
30700 TCP Mantis
30947 TCP Intruse
30999 TCP Kuang2
31221 TCP Knark
31320 TCP LittleWitch
31320 UDP LittleWitch
31335 TCP Trinoo / Trin00 (DoS attack)
31336 TCP BO Whack
31336 TCP Butt Funnel
31337 TCP ADM Worm
31337 TCP Back Fire
31337 TCP Back Orifice (Lm)
31337 TCP Back Orifice 1.20 patches
31337 TCP Back Orifice russian
31337 TCP Baron Night
31337 TCP Beeone
31337 TCP bindshell
31337 TCP BO client
31337 TCP BO Facil
31337 TCP BO spy
31337 TCP BO2
31337 TCP cron / crontab
31337 TCP Freak2k
31337 TCP Freak88
31337 TCP Gummo
31337 TCP icmp_pipe.c
31337 TCP Khaled
31337 TCP Linux Rootkit IV / Linux Rootkit 4
31337 TCP Netpatch
31337 TCP OPC
31337 TCP Sm4ck
31337 TCP Sockdmini
31337 UDP Back Orifice
31337 UDP Deep BO
31337 UDP OPC
31338 TCP Back Orifice
31338 TCP Butt Funnel
31338 TCP NetSpy (DK)
31338 UDP Deep BO
31338 UDP NetSpy (DK)
31339 TCP NetSpy (DK)
31339 TCP NetSpy (DK)
31557 TCP Xanadu
31666 TCP BOWhack
31745 TCP BuschTrommel
31785 TCP Hack'a'Tack
31787 TCP Hack'a'Tack
31787 UDP Hack'a'Tack
31788 TCP Hack'a'Tack
31789 UDP Hack'a'Tack
31790 TCP Hack'a'Tack
31790 UDP Hack'a'Tack
31791 TCP Hack'a'Tack
31791 UDP Hack'a'Tack
31792 TCP Hack'a'Tack
32001 TCP Donald Dick
32100 TCP Peanut Brittle
32100 TCP Project nEXT
32418 TCP Acid Battery
32791 TCP Acropolis / Akropolis
33270 TCP Trinity
33333 TCP Blakharaz
33333 TCP Prosiak
33390 UDP Unknown Trojan
33567 TCP Lion
33567 TCP T0rn Rootkit
33568 TCP Lion
33568 TCP T0rn Rootkit
33577 TCP Son of PsychWard
33777 TCP Son of PsychWard
33911 TCP Spirit 2000
33911 TCP Spirit 2001
34324 TCP Big Gluck / TN
34324 TCP TelnetServer
34324 TCP TN
34444 TCP Donald Dick
34555 UDP Trinoo (for Windows)
34763 TCP Infector
35000 TCP Infector
35555 UDP Trinoo (for Windows)
36794 TCP BugBear
37237 TCP Mantis
37266 TCP The Killer Trojan
37651 TCP Yet Another Trojan / YAT
38741 TCP CyberSpy
39507 TCP Busters
40412 TCP The Spy
40421 TCP Agent 40421
40421 TCP Master's Paradise
40422 TCP Master's Paradise
40423 TCP Master's Paradise
40425 TCP Master's Paradise
40426 TCP Master's Paradise
40999 TCP Diems Mutter
41337 TCP Storm
41666 TCP Remote Boot Tool / RBT
41666 TCP Remote Boot Tool / RBT
43210 TCP Master's Paradise
44444 TCP Prosiak
44575 TCP Exploiter
44767 UDP School Bus
45559 TCP Maniac rootkit
45673 TCP Acropolis / Akropolis
47017 TCP T0rn Rootkit
47252 UDP Delta Source
47262 UDP Delta Source
48004 TCP Fraggle Rock
48006 TCP Fraggle Rock
49000 TCP Fraggle Rock
49301 TCP OnLine KeyLogger
49683 TCP HolzPferd
49683 UDP HolzPferd
50000 TCP SubSARI
50130 TCP Enterprise
50505 TCP Sockets de Troie
50766 TCP Fore
50766 TCP Schwindler
50767 TCP Fore
51966 TCP Cafeini
52317 TCP Acid Battery 2000
53001 TCP Remote Windows Shutdown / RWS
54283 TCP SubSeven
54283 TCP SubSeven 2.1 Gold
54320 TCP Back Orifice 2000
54321 TCP Back Orifice 2000
54321 TCP PC Invader
54321 TCP School Bus
55165 TCP File Manager Trojan
55165 TCP File Manager Trojan
55165 TCP WM Trojan Generator
55166 TCP WM Trojan Generator
57341 TCP NetRaider
57922 TCP Bionet
58008 TCP Tron
58009 TCP Tron
58339 TCP Butt Funnel
59211 TCP Duck Toy
60000 TCP Deep Throat
60000 TCP Foreplay
60000 TCP Mini Backlash
60000 TCP Sockets de Troie
60000 UDP Mini Backlash
60001 TCP Trinity
60008 TCP Lion
60008 TCP T0rn Rootkit
60068 TCP Xzip 6000068
60411 TCP Connection
61348 TCP Bunker-Hill
61466 TCP TeleCommando
61603 TCP Bunker-Hill
63485 TCP Bunker-Hill
63536 TCP Insane Network
64101 TCP Taskman
65000 TCP Devil
65000 TCP Sockets de Troie
65000 TCP Stacheldraht
65390 TCP Eclypse
65421 TCP Jade
65432 TCP The Traitor / th3tr41t0r
65432 UDP The Traitor / th3tr41t0r
65530 TCP Windows Mite
65534 TCP /sbin/initd
65535 TCP Adore Worm
65535 TCP RC1 Trojan
65535 TCP Sins

Shared Cache - .Net Caching made easy

All information about Shared Cache is available here: Its free and easy to use, we provide all sources at codeplex.

Facebook Badge