Appendix B
Ports and Protocol IDs
This appendix presents a list of Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports and Internet Protocol (IP) IDs that you should know. This appendix is not a comprehensive list of all available port and protocol IDs, but it does include the important ones that you should know.
Ports
There are a couple of reasons to know TCP and UDP port numbers. First, you often need to allow or deny certain ports when configuring a firewall or routers. Second, there are several ports that are commonly attacked and exploited that should be disabled whenever possible. You can keep up with commonly exploited ports by visiting the SANS Common Vulnerable Ports list, which is Appendix A of the SANS/FBI Top 20 List (http://www.sans.org/top20). Table B-1 lists the ports and related services that you should know.
Ports and Protocols | Services |
20 TCP | File Transfer Protocol (FTP) data port |
21 TCP | FTP control port |
22 TCP | Secure Shell (SSH) |
23 TCP | Telnet |
25 TCP | Simple Mail Transfer Protocol (SMTP) |
53 UDP | Domain Name Service (DNS) lookup |
53 TCP | DNS zone transfer |
67 UDP | Bootstrap protocol server; Dynamic Host Configuration Protocol (DHCP) server |
68 UDP | Bootstrap protocol client; DHCP client |
69 UDP | Trivial File Transfer Protocol (TFTP) |
80 TCP | Hypertext Transfer Protocol (HTTP) |
88 TCP | Kerberos |
109 TCP | Post Office Protocol (POP) version 2 |
110 TCP | POP version 3 |
111 TCP | Sun Remote Procedure Call (RPC) and Network File System (NFS) |
119 TCP | Network News Transfer Protocol (NNTP) |
123 TCP/UDP | Network Time Protocol (NTP) |
135 TCP | End point mapper (epmap) and NT RPC services |
137 TCP/UDP | NetBIOS over TCP/IP name service (NetBIOS-ns) |
138 UDP | NetBIOS over TCP/IP datagram service (NetBIOS-ds) |
139 TCP | NetBIOS over TCP/IP session serviceNetBIOS-ssn) |
143 TCP | Internet Message Access Protocol (IMAP) |
161 UDP | Simple Network Management Protocol (SNMP) |
162 UDP | SNMP Trap |
389 TCP | Lightweight Directory Access Protocol (LDAP) |
443 TCP | Transport Layer Security (TLS)/Secure Sockets Layer (SSL) |
445 TCP/UDP | Microsoft DS (NetBIOS service) |
500 TCP/UDP | Internet Key Exchange (IKE) protocol;Internet Security Association and Key Management Protocol (ISAKMP) |
514 UDP | UNIX Syslog (system logging) |
1701 UDP | Layer 2 Tunneling Protocol (L2TP) |
1723 TCP | Point to Point Tunneling Protocol (PPTP) |
2049 TCP | Sun NFS |
3389 TCP | Microsoft Terminal ServicesMS WBT Server |
5631 TCP | PCAnywhere Data |
5632 UDP | PCAnywhere Status |
The Internet Assigned Numbers Authority (IANA) has reserved both TCP and UDP ports for all of these protocols except syslog. This table illustrates the most commonly used port numbers and protocols. For a complete list of ports check the IANA Web site at http://www.iana.org/assignments/port-numbers.
Protocol Numbers
You sometimes need to know protocol IDs when configuring routers or firewalls. For example, you might need to know a specific protocol ID to allow a certain protocol through your firewall. If you would like to read a detailed example, read Microsoft Knowledge Base article Q233256 "How to Enable IPSec Traffic Through a Firewall." Table B-2 lists the IP protocol identifiers you should remember.
IP Protocol Identification Number | Used for |
1 | Internet Control Message Protocol (ICMP) |
6 | TCP |
17 | UDP |
47 | Generic Routing Encapsulation (GRE), which is used in PPTP connections |
50 | Authentication Header (AH) used with Internet Protocol Security (IPSec) |
51 | Encapsulating Security Payload (ESP) used with IPSec |
For a complete list of protocol IDs check the IANA Web site at http://www.iana.org/assignments/protocol-numbers.