Service | Port | Protocol | Attack probability | Description |
---|---|---|---|---|
| ||||
Reserved | 0 | TCP/UDP | High | This port can't be present—neither as a source nor as a destination port |
0-5 | TCP | High | Sscan scanner | |
Echo | 7 | TCP/UDP | High | UDP attack |
Systat | 11 | TCP | High | Information about user processes |
Netstat | 15 | TCP | High | Network state |
chargen | 19 | TCP/UDP | High | UDP attack |
ftp | 20, 21 | TCP | Medium | FTP server |
ssh | 22 | TCP | Medium-High | SSH server |
ssh | 22 | UDP | Low | Outdated pcAnywhere version |
telnet | 23 | TCP | High | Telnet server |
smtp | 25 | TCP | High | Attempt of relaying e-mail or scanning the security system for vulnerabilities |
domain | 53 | TCP | High | DNS falsification |
tftpd | 69 | UDP | Medium-High | Alternative FTP server, lacking security mechanisms |
finger | 79 | TCP | Low | Information about the user |
pop-3 | 109, 110 | TCP | High | Frequently used for penetration |
sunrpc | 111 | TCP/UDP | High | Frequently used for penetration |
nntp | 119 | TCP | Medium-High | News server used for spam |
ntp | 123 | UDP | Low | Network time synchronization |
netbios-sn | 137 | TCP/UDP | Medium | Windows systems |
netbios-dgm | 138 | TCP/UDP | Medium | Windows systems |
netbios-ssn | 139 | TCP | Medium | Windows systems |
imap | 143 | TCP | High | Frequently used for penetration |
snmp | 161, 162 | UDP | Medium | Remote network administration |
exec | 512 | TCP | High | Intranet only |
biff | 512 | UDP | High | Intranet only |
login | 513 | TCP | High | Intranet only |
who | 513 | UDP | High | Intranet only |
shell | 514 | TCP | High | Intranet only |
syslog | 514 | UDP | High | Intranet only |
printer | 515 | TCP | High | Intranet only |
talk | 517 | UDP | Medium | Intranet only |
ntalk | 518 | UDP | Medium | Intranet only |
route | 520 | UDP | High | Routing |
UUCP | 540 | TCP | Medium | UUCP |
mount | 635 | UDP | High | Daemon has vulnerabilities in security system |
socks | 1080 | TCP | High | Used for spam |
SQL | 1114 | TCP | High | Sscan |
openwin | 2000 | TCP | High | Open Windows |
NFS | 2049 | TCPIUDP | High | Remote access to files |
pcanywhere | 5632 | UDP | Low | PcAnywhere |
X11 | 6000+n | TCP | High | X Window |
NetBus | 12345, 12346, 20034 | TCP | High | Trojan for Windows system |
BackOrifice | 31337 | UDP | High | Trojan for Windows system |
Traceroute | 33434-33523 | UDP | Low | Incoming traceroute request (for Unix) |
Ping | 8 | ICMP | Medium | Incoming ping request |
Redirect | 5 | ICMP | High | Redirection |
Traceroute | 11 | ICMP | Low | Outgoing traceroute request |