هذا ملحق بمنافذ TCP و UDP وما يقابلها من خدمات ومدى أمنها
يفيدك في إعداد جدار النار أو عند الشك بوجود حصان طروادة Trojan Horse.
المنافذ هي ل TCP إلا إذا وجدت (UDP) أو (*) وهذه الأخيرة تعني الإثنين.
# Ports table
# from:
# [http://www.linuxports.com/] Linux Networking HOWTO by Joshua Drake, Commandprompt, Inc
# Security Quick-Start HOWTO for Linux by Hal Burgiss
# see:
# http://www.iana.org/assignments/port-numbers
# http://www.linuxsecurity.com/resource_files/firewalls/firewall-seen.html
#
1-19(*) old and not used(7 echo, 18 msp) (turned off)
20 FTP-DATA(active ftp only) low risk
21 FTP(active & passive) Very high risk
22 SSH Low risk
23 telnet Moderate risk (LAN ONLY) see ssh
25 SMTP(send outgoing emails) Moderate risk
37 Time service (inetd) Low risk (LAN ONLY)
39 rlp (resource location)
42 nameserver
43 whois/nicname
50 re-mail-ck(Remote Mail Checking Protocol)
53 DNS High Risk
57 old mtp (mail) (turned off)
67(UDP) BOOTP/DHCP server Low risk (LAN ONLY)
68(UDP) BOOTP/DHCP client port Low risk (LAN ONLY)
69 tftp, Extremely insecure. (turned off)
70 Internet Gopher
77 netrjs
79 Finger pass sensitive info (turned off)
80 WWW/HTTP Low risk
87 ttylink
88 Kerberos v5
95 supdup
98 Linuxconf web administrative (LAN ONLY)
101 hostnames/sri-nic
102 tsap/iso-tsap/ISODE
105 csnet-ns/CSO name server High risk (turned off)
107 rtelnet
109 POP2
110 POP3 (inbox mail) Low risk (plane text)
111 sunrpc portmapper (NFS,NIS...) high risk (LAN ONLY)
113 identd/auth server port. pass sensitive info (turned off)
115 sftp (secure ftp as ssh) see ssh
117 uucp-path (turned off)
119 nntp/news server Low risk
123 Network Time Protocol for (sync) Low risk see rdate & inetd
137-139 NetBios (SMB) Windows networks Low risk(LAN ONLY)
143 IMAP2 (inbox mail) Low to moderate risk.
161 SNMP(routers statistics and vital signs) Low risk(turned off)
177 XDMCP Low risk(LAN ONLY)
178 nextstep(NeXTStep window) (turned off)
179 bgp(Border Gateway Protocol) (turned off)
191 prospero(Cliff Neuman's Prospero) (turned off)
194 irc(Internet Relay Chat) (turned off)
199 smux(SNMP Unix Multiplexer) (turned off)
201-206 AppleTalk (routing,name,-,echo,-,zone) (turned off)
210 z3950 (Z39.50 database) (turned off)
213 ipx
220 imap3(Interactive Mail Access)
372 ulistserv (UNIX Listserv)
389 ldap
443 HTTPS, secure HTTP(SSL) Low risk.
465 secure SMTP(SSL) Low risk
512 rexec High risk (LAN ONLY) see ssh
512(UDP)biff (mail notification) Low risk(LAN only)
513 rlogin High risk (LAN ONLY) see ssh
514(UDP) who High risk (LAN ONLY)
514 rsh High risk (LAN ONLY) see ssh
514(UDP) remote syslog Low risk(LAN only/tuned off)
515 lpd (printer server) High risk(LAN ONLY)
517 talkntalk
520 router/routed/RIP
525 timed timeserver
526 tempo newdate
530 courier RPC
531 conference chat
532 netnews readnews
533 netwall for emergency broadcasts
540 old uucp (turned off)
556 remotefs (Brunhoff remote filesystem) (turned off)
543 klogin (Kerberized `rlogin' v5)
544 kshell krcmd (Kerberized `rsh' v5)
750-752(*)\
kerberos v4 (server,auth,passwd,-,propagation) old(turned off)
587 MSA (another mail servers) Low risk
631 CUPS (printer web management) Low risk(LAN only)
635 mountd(NFS) High risk(LAN ONLY)
636 secure ldap(with ssl)
749 kerberos-adm (Kerberos `kadmin' v5)
760 krbupdate kreg (Kerberos v4 registration) old(turned off)
761 kpasswd kpwd (Kerberos v4 "passwd") old(turned off)
765 webster(dictionary server)
871 supfilesrv(NetBSD SUP server) (turned off)
873 rsync (LAN only)
901 SWAT (Samba/Windows network) Low risk(LAN only)
993 secure IMAP(SSL) Very low risk
995 secure POP(SSL) Very low risk
# 1024 is the first "unprivileged" port
1080 Socks Proxy server Very High risk(LAN only)
1109 kpop (Kerberosed v4 POP mail) (turned off)
1127 supfiledbg(NetBSD SUP server) (turned off)
1243 SubSeven Trojan. Windows only problem.
1433 MS SQL server port High risk(turned off: N/A on Linux)
1524(*) ingreslock
1525(*) prospero-np (Prospero non-privileged)
2102-2104(UDP)\
Zephyr server,connection,hostmanager (turned off)
2105 eklogin (Kerberos4 encrypted rlogin)
2049 nfsd, NFS(server) High risk(LAN only)
2053 knetd (Kerberos v4 de-multiplexor) (turned off)
3128 Squid proxy Low risk(LAN only)
3306 MySQL server port. Low risk(LAN only)
5002(UDP) rfe (Radio Free Ethernet)
5432 PostgreSQL Low risk(LAN only)
5631(TCP)PCAnywhere(Windows only) High risk(Windows only)
5632(UDP)PCAnywhere(Windows only) High risk(Windows only)
6000-6009\
X11 TCP port for remote connections Low to moderate risk(LAN only)
6010 X11Forwarding with ssh Low to moderate risk(LAN only)
6346 gnutella
6667 ircd, (IRC server)
6699 napster
7000 bbs (BBS service)
7100-7101\
Font servers Low risk(LAN only)
8000,8080\
web proxy depends(LAN only)
10000 webmin Low risk(LAN only)
27374 SubSeven Trojan. (Windows only problem)
31337 Back Orifice Trojan. (Windows only problem)
1236 rmtcfg (Gracilis Packeten remote config server)
1313 xtel french minitel
2003 cfinger (GNU Finger)
4321 postgres
9359(UDP)mandelspawn