Since a DirtJumper botnet can be used for DDoS attacks
on arbitrary services relying on the network protocol
TCP, we parsed the victim URLs to extract destination
ports. Similar to a web browser, the DirtJumper bot
interprets the absence of a port in the URL as destination
port 80, the standard port for HTTP-based services.
Table 4 shows the distribution of the attacked ports and
well-known services associated with these ports.