TCP Port 65506
Used as a Spam email relay.
With the recent outbreak of myDoom a number of systems were infected with
viruses (Agobot for example) via upload and execution to TCP port 3127.
These virus would then install a proxy on TCP port 65506 which was then used to
relay email spam.
Outbound scans especially if occurring in volume should be considered an indication of a
possible infection or compromise on the source computer and should be
PortPeeker Capture of 65506 scans and
email relay attempts
Page last updated on
March 12, 2004