BlackHole 1.7.6 backdoor?

[nickU]

Hello,
I have install an original (got it from this forum) BlackHole 1.7.6 on my Vu+ Ultimo. I'm not using any emulator or cardshering service, is nothing to share in Oz land.
Running a port scanner on my Ultimo, I discovered that 31335 and 31337 ports are open.
These port are well known being used by Trojan programs.
31335 port is used by trinoo or trin00 Trojan for ddos atacks.
31337 port used by elite hacking group and by back orifice malware.
My questions are:
Did anybody else having the same issue?
How can I find out what daemon is using these ports and block them?
Is there any rootkit application that could check the Vu file system?
Thanks

 

[Matrix10]

Old story ...
As far as I know.
This ports are open in all images and boxis for streaming e.t.c

And the mipsel and Linux architecture is determined very vulnerable to trojans from Windows

 

[nickU]

Well, in this case I'll stick to original image, those ports are not open...
Streaming on these ports? I doubt it.

Thanks

 

[Matrix10]

Please Do not talk nonsense ,before you visit other forums and see posts that are several years old,
and yes you better use orginal image.

Block ports in the router .

 

[Matrix10]

Use google search

and search for >>> 31335 dreambox

TCP ports used by the Dreambox31335 stream sec
31336 Stream ac pes
31337 Stream ps
31338 stream pes
31339 stream ts
31340 udpstreampes
31341 udpstreampes
31342 streamts -tsfile
31343 streampes

The ports 31335-31341 are used for Video-/Audio-Streams to the outside world to make available.

Completely normal, with VLC you can watch or listen to the stream .

 

[Dani]

Plenty to share in Oz

 

[Matrix10]

Plenty to share in Oz

Pls read forum rules .No shares here.