Other Service Packet Filtering

• Login services:
  • telnet (23/tcp)
  • SSH (22/tcp)
  • FTP (21/tcp)
  • NetBIOS (139/tcp)
  • rlogin et al (512/tcp through 514/tcp)
• RPC and NFS:
  • Portmap/rpcbind (111/tcp and 111/udp)
  • NFS (2049/tcp and 2049/udp)
  • lockd (4045/tcp and 4045/udp)
• NetBIOS in Windows NT:
  135 (tcp and udp), 137 (udp), 138 (udp), 139 (tcp). Windows 2000 - earlier ports plus 445(tcp and udp)
• X Windows:
  6000/tcp through 6255/tcp
• Naming services--
  • DNS (53/udp) to all machines which are not DNS servers, DNS zone transfers (53/tcp) except from external secondaries
• "Small Services"-- ports below 20/tcp and 20/udp, time (37/tcp and 37/udp)
• Miscellaneous--
  • TFTP (69/udp)
  • finger (79/tcp)
  • NNTP (119/tcp)
  • NTP (123/udp)
  • LPD (515/tcp)
  • syslog (514/udp)
  • SNMP (161/tcp and 161/udp, 162/tcp and 162/udp)
  • BGP (179/tcp)
  • SOCKS (1080/tcp)
• ICMP
  • incoming echo request (ping and Windows traceroute)
  • outgoing echo replies
  • time exceeded
  • destination unreachable messages
  • Do not block "packet too big" messages (type 3, code 4).

• PreviousBasic Packet Filtering
• Contents
• NextIP Packet Filtering

 Last change: Monday, June 21, 2004 3:47 pm
 Unless otherwise expressly stated, all original material on this page created by Diomidis Spinellis is licensed under a Creative Commons Attribution-Share Alike 3.0 Greece License.