Appendix C. Network Services and Ports

   


Each socket that a program uses to communicate over the network has a protocol type, usually TCP or UDP, and a port number to identify it to other processes on the local and remote systems. Port numbers range from 0 to 65535 and typically are stored in two-byte unsigned integers in host order and transmitted in network order.

Each protocol has its own set of 65536 port numbers. However, an organization usually registers both the TCP and UDP protocol for a port number. This accounts for many named services showing as having both a TCP and a UDP port but using only one of them.

There are three ranges of port numbers, shown in Table C.1.

Table C.1. Port Number Ranges

Range

Usage

0-1023

Well-known

1024-49151

Registered

49152-65535

Dynamic & Private


Well-known ports (0 1023) are assigned by the IANA (Internet Assigned Numbers Authority). On Linux (and UNIX) systems, only a process running as root may open one of these ports and listen on it. This security provision is so that if a particular server crashes or is not running, a rogue ordinary user cannot listen on the port and learn the secrets of the universe. Some services, such as rshd, trust that the root process on the remote system that is requesting local service is not malevolent.

Anyone may request that an unused port number be assigned to them and receive it if that entity can justify its use. One of these port numbers was assigned at the request of Larry Gee and this author. IANA may be reached at

www.iana.org/

iana@iana.org

The current well-known ports[1] are listed in Table C.2. Some of the most important registered ports are listed in Table C.3. Note that only commonly used ports are included. The most up-to-date list is available from IANA's Web site.

[1] Copyright 2000 IANA. Used with permission. IANA's Web site is www.iana.org/. The complete set of port assignments is available at www.isi.edu/in-notes/iana/assignments/port-numbers

Table C.2. Well-Known Port Numbers

Keyword

Port

Description

 

0/tcp

Reserved

 

0/udp

Reserved

tcpmux

1/tcp

TCP Port Service Multiplexer

tcpmux

1/udp

TCP Port Service Multiplexer

rje

5/tcp

Remote Job Entry (unused)

rje

5/udp

Remote Job Entry (unused)

echo

7/tcp

Echo

echo

7/udp

Echo

discard

9/tcp

Discard

discard

9/udp

Discard

systat

11/tcp

Active Users

systat

11/udp

Active Users

daytime

13/tcp

Daytime (RFC 867[*])

daytime

13/udp

Daytime (RFC 867)

qotd

17/tcp

Quote of the Day

qotd

17/udp

Quote of the Day

chargen

19/tcp

Character Generator

chargen

19/udp

Character Generator

ftp-data

20/tcp

File Transfer [Default Data]

ftp-data

20/udp

File Transfer [Default Data]

ftp

21/tcp

File Transfer [Control]

ftp

21/udp

File Transfer [Control]

ssh

22/tcp

SSH Remote Login Protocol

ssh

22/udp

pcAnywhere (unofficial)

telnet

23/tcp

Telnet

telnet

23/udp

Telnet

smtp

25/tcp

Simple Mail Transfer Protocol [Sendmail]

smtp

25/udp

Simple Mail Transfer Protocol [Sendmail]

time

37/tcp

Time

time

37/udp

Time

name

42/tcp

Host Name Server (not DNS)

name

42/udp

Host Name Serve (not DNS)

nameserver

42/tcp

Host Name Serve (not DNS)

nameserver

42/udp

Host Name Serve (not DNS)

nicname

43/tcp

Who Is

nicname

43/udp

Who Is

domain

53/tcp

Domain Name Server (DNS/named)

domain

53/udp

Domain Name Server (DNS/named)

whois++

63/tcp

whois++

whois++

63/udp

whois++

sql*net

66/tcp

Oracle SQL*NET

sql*net

66/udp

Oracle SQL*NET

bootps

67/tcp

Bootstrap Protocol Server

bootps

67/udp

Bootstrap Protocol Server

bootpc

68/tcp

Bootstrap Protocol Client

bootpc

68/udp

Bootstrap Protocol Client

tftp

69/tcp

Trivial File Transfer Protocol

tftp

69/udp

Trivial File Transfer Protocol

gopher

70/tcp

Gopher

gopher

70/udp

Gopher

finger

79/tcp

Finger

finger

79/udp

Finger

http

80/tcp

World Wide Web HTTP

http

80/udp

World Wide Web HTTP (not used)

www

80/tcp

World Wide Web HTTP

www

80/udp

World Wide Web HTTP (not used)

www-http

80/tcp

World Wide Web HTTP

www-http

80/udp

World Wide Web HTTP

kerberos

88/tcp

Kerberos

kerberos

88/udp

Kerberos

hostname

101/tcp

NIC Host Name Server

hostname

101/udp

NIC Host Name Server

pop2

109/tcp

Post Office Protocol - V 2 (rarely used)

pop2

109/udp

Post Office Protocol - V 2 (rarely used)

pop3

110/tcp

Post Office Protocol - V 3

pop3

110/udp

Post Office Protocol - V 3

sunrpc

111/tcp

SUN Remote Procedure Call [portmap]

sunrpc

111/udp

SUN Remote Procedure Call [portmap]

ident

113/tcp

 

auth

113/tcp

Authentication Service

auth

113/udp

Authentication Service

nntp

119/tcp

Network News Transfer Protocol

nntp

119/udp

Network News Transfer Protocol

ntp

123/tcp

Network Time Protocol

ntp

123/udp

Network Time Protocol

netbios-ns

137/tcp

NETBIOS Name Service

netbios-ns

137/udp

NETBIOS Name Service

netbios-dgm

138/tcp

NETBIOS Datagram Service

netbios-dgm

138/udp

NETBIOS Datagram Service

netbios-ssn

139/tcp

NETBIOS Session Service

netbios-ssn

139/udp

NETBIOS Session Service

imap

143/tcp

Internet Message Access Protocol

imap

143/udp

Internet Message Access Protocol

snmp

161/tcp

Simple Network Management Protocol [SNMP]

snmp

161/udp

Simple Network Management Protocol [SNMP]

irc

194/tcp

Internet Relay Chat Protocol

irc

194/udp

Internet Relay Chat Protocol

at-rtmp

201/tcp

AppleTalk Routing Maintenance

at-rtmp

201/udp

AppleTalk Routing Maintenance

at-nbp

202/tcp

AppleTalk Name Binding

at-nbp

202/udp

AppleTalk Name Binding

at-echo

204/tcp

AppleTalk Echo

at-echo

204/udp

AppleTalk Echo

at-zis

206/tcp

AppleTalk Zone Information

at-zis

206/udp

AppleTalk Zone Information

ipx

213/tcp

IPX [Novell]

ipx

213/udp

IPX [Novell]

imap3

220/tcp

Interactive Mail Access Protocol v3

imap3

220/udp

Interactive Mail Access Protocol v3

dtk

365/tcp

DTK (Deception Tool Kit)

dtk

365/udp

DTK (Deception Tool Kit)

https

443/tcp

http protocol over TLS/SSL

https

443/udp

http protocol over TLS/SSL

comsat

512/udp

 

biff

512/udp

mail system: to notify users

login

513/tcp

remote login à la telnet

who

513/udp

who's logged in

shell

514/tcp

exec, with authentication

syslog

514/udp

 

printer

515/tcp

spooler [lpd]

printer

515/udp

spooler [lpd]

talk

517/tcp

Talk

talk

517/udp

Talk

ntalk

518/tcp

New Talk

ntalk

518/udp

New Talk

utime

519/tcp

unixtime

utime

519/udp

unixtime

router

520/udp

local routing process (RIP)

ncp

524/tcp

NCP

ncp

524/udp

NCP

timed

525/tcp

timeserver

timed

525/udp

timeserver

netnews

532/tcp

readnews

netnews

532/udp

readnews

netwall

533/tcp

for emergency broadcasts

netwall

533/udp

for emergency broadcasts

uucp

540/tcp

uucpd

uucp

540/udp

uucpd

uucp-rlogin

541/tcp

uucp-rlogin

uucp-rlogin

541/udp

uucp-rlogin

klogin

543/tcp

Kerberos rlogin

klogin

543/udp

Kerberos rlogin

kshell

544/tcp

krcmd [Kerberos rsh]

kshell

544/udp

krcmd [Kerberos rsh]

new-rwho

550/tcp

new-who

new-rwho

550/udp

new-who

snews

563/tcp

NNTP over SSL

9pfs

564/tcp

plan 9 file service [Bell Labs]

9pfs

564/udp

plan 9 file service [Bell Labs]

whoami

565/tcp

whoami

whoami

565/udp

whoami

nmap

689/tcp

nmap

nmap

689/udp

nmap

flexlm

744/tcp

Flexible License Manager

flexlm

744/udp

Flexible License Manager

kerberos-adm

749/tcp

kerberos admin.

kerberos-adm

749/udp

kerberos admin.

kerberos-iv

750/udp

kerberos version iv

nas

991/tcp

Netnews Administration System

nas

991/udp

Netnews Administration System

telnets

992/tcp

telnet protocol over TLS/SSL

telnets

992/udp

telnet protocol over TLS/SSL

imaps

993/tcp

imap4 protocol over TLS/SSL

imaps

993/udp

imap4 protocol over TLS/SSL

ircs

994/tcp

irc protocol over TLS/SSL

ircs

994/udp

irc protocol over TLS/SSL

pop3s

995/tcp

pop3 protocol over TLS/SSL

pop3s

995/udp

pop3 protocol over TLS/SSL


[*] RFC 867 is available at www.faqs.org/rfcs/rfc867.html

Table C.3. Registered Port Numbers

Keyword

Port

Description

socks

1080/tcp

Socks

socks

1080/udp

Socks

lotusnote

1352/tcp

Lotus Note

lotusnote

1352/udp

Lotus Note

sybase-sqlany

1498/tcp

Sybase SQL Any

sybase-sqlany

1498/udp

Sybase SQL Any

ingreslock

1524/tcp

ingres

ingreslock

1524/udp

ingres

nfs

2049/tcp

Network File System

nfs

2049/udp

Network File System



   
Top


Real World Linux Security Prentice Hall Ptr Open Source Technology Series
Real World Linux Security Prentice Hall Ptr Open Source Technology Series
ISBN: N/A
EAN: N/A
Year: 2002
Pages: 260

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net