Table C.
1 Well-Known Ports
Port No. Protocol Service Name Aliases
7 7 9 9 13 13 17 17 19 19 20 21 23 25 37 37 39 42 42 43 53 53 67 68 69 70 79 80 88 88 101 102 107 109 110 111 111 113 117 119 123 135 135 137 137 138 139 143 158 161 162 170 179 194 213 389 443 443 445 TCP UDP TCP UDP TCP UDP TCP UDP TCP UDP TCP TCP TCP TCP TCP UDP UDP TCP UDP TCP TCP UDP UDP UDP UDP TCP TCP TCP TCP UDP TCP TCP TCP TCP TCP TCP UDP TCP TCP TCP UDP TCP UDP TCP UDP UDP TCP TCP TCP UDP UDP TCP TCP TCP UDP TCP TCP UDP TCP echo echo discard discard daytime daytime qotd qotd chargen chargen ftp-data ftp telnet smtp time time rlp nameserver nameserver nicname domain domain bootps bootpc tftp gopher finger http kerberos kerberos hostname iso-tsap rtelnet pop2 pop3 sunrpc sunrpc auth uucp-path nntp ntp epmap epmap netbios-ns netbios-ns netbios-dgm netbios-ssn imap pcmail-srv snmp snmptrap print-srv bgp irc ipx ldap https https
Echo Echo sink null Discard sink null Discard Daytime Daytime quote Quote of the day quote Quote of the day ttytst source Character generator ttytst source Character generator File Transfer FTP Control Telnet mail Simple Mail Transfer Time Time resource Resource Location Protocol name Host Name Server name Host Name Server whois Who Is Domain Name Domain Name Server dhcps Bootstrap Protocol Server dhcpc Bootstrap Protocol Client Trivial File Transfer Gopher Finger www, http World Wide Web krb5 Kerberos krb5 Kerberos hostnames NIC Host Name Server ISO-TSAP Class 0 Remote Telnet Service postoffice Post Office Protocol - Version 2 postoffice Post Office Protocol - Version 3 rpcbind portmap SUN Remote Procedure Call rpcbind portmap SUN Remote Procedure Call ident tap Authentication Sevice UUCP Path Service usenet Network News Transfer Protocol Network Time Protocol loc-srv DCE endpoint resolution loc-srv DCE endpoint resolution nbname NETBIOS Name Service nbname NETBIOS Name Service nbdatagram NETBIOS Datagram Service nbsession NETBIOS Session Service imap4 Internet Message Access Protocol repository PC Mail Server snmp SNMP snmp-trap SNMP TRAP Network PostScript Border Gateway Protocol Internet Relay Chat Protocol IPX over IP Lightweight Directory Access Protocol MCom MCom Microsoft CIFS
Comment
�Port No. Protocol Service Name Aliases
445 464 464 500 512 512 513 513 514 514 515 517 518 520 520 525 526 530 531 532 533 540 543 544 550 556 560 561 636 749 749 UDP TCP UDP UDP TCP UDP TCP UDP TCP UDP TCP UDP UDP TCP UDP UDP TCP TCP,UDP TCP TCP UDP TCP TCP TCP UDP TCP UDP UDP TCP TCP UDP kpasswd kpasswd isakmp exec biff login who cmd syslog printer talk ntalk efs router timed tempo courier conference netnews netwall uucp klogin kshell new-rwho remotefs rmonitor monitor ldaps kerberos-adm kerberos-adm
Comment
Microsoft CIFS Kerberos (v5) Kerberos (v5) Internet Key Exchange (IPSec) Remote Process Execution Notifies users of new mail Remote Login Database of who's logged on, average load Automatic Authentication Listens for incoming connections Establishes TCP Connection Extended File Name Server RIPv.1, RIPv.2 Timeserver Newdate RPC IRC Chat Readnews For emergency broadcasts Uucpd Kerberos login Kerberos remote shell New-who Rfs Server Rmonitor LDAP over TLS/SSL Kerberos administration Kerberos administration
ike comsat whod shell spooler
router routed timeserver newdate rpc chat readnews uucpd krcmd new-who rfs rfs_server rmonitord sldap
Port Assignments for Registered Ports
Registered Ports, ports between 1024 and 49151, are listed by the IANA and on most systems can be used by applications or programs executed by users. Table C.2 specifies the port used by the server process as its contact port. The IANA registers uses of these ports as a convenience to the Internet community. To the extent possible, these same port assignments are used with UDP. The Registered Ports are in the numerical range of 1024-49151. The Registered Ports between 1024 and 5000 are also referred to as the Ephemeral Ports. The list below contains most of the port assignments that are significant to Windows 2000. Table C.2 Registered Ports
Port No. Protocol Service Name Aliases Comment
1109 1167 1433 1433 1434 1434 1512 1512 1524 1701 1723 1812 TCP UDP TCP UDP TCP UDP TCP UDP TCP UDP TCP UDP kpop phone ms-sql-s ms-sql-s ms-sql-m ms-sql-m wins wins ingreslock l2tp pptp radiusauth
ingres
Kerberos POP Conference calling Microsoft-SQL-Server Microsoft-SQL-Server Microsoft-SQL-Monitor Microsoft-SQL-Monitor Microsoft Windows Internet Name Service Microsoft Windows Internet Name Service Ingres Layer Two Tunneling Protocol Point-to-point tunneling protocol RRAS (RADIUS authentication protocol)
�Port No. Protocol Service Name Aliases Comment
1813 2049 2053 2504 9535 UDP UDP TCP UDP TCP radacct nfsd knetd nlbs man nfs RRAS (RADIUS accounting protocol) Sun NFS server Kerberos de-multiplexer Network Load Balancing Remote Man Server
Port Assignments for Commonly-Used Services
There are many services associated with the Windows 2000 operating system. These services might require more than one TCP or UDP port for the service to be functional. Table C.3 shows the default ports that are used by each service mentioned. Table C.3 Default Port Assignments for Common Services
Service Name
Browsing datagram responses of NetBIOS over TCP/IP Browsing requests of NetBIOS over TCP/IP Client/Server Communication Common Internet File System (CIFS) Content Replication Service Cybercash Administration Cybercash Coin Gateway Cybercash Credit Gateway DCOM (SCM uses udp/tcp to dynamically assign ports for DCOM) DHCP client DHCP server DHCP Manager DNS Administration DNS client to server lookup (varies) Exchange Server 5.0 Client Server Communication Exchange Administrator IMAP IMAP (SSL) LDAP LDAP (SSL) MTA - X.400 over TCP/IP POP3 POP3 (SSL) RPC SMTP NNTP NNTP (SSL) File shares name lookup File shares session FTP FTP-data HTTP HTTP-Secure Sockets Layer (SSL) Internet Information Services (IIS) IMAP IMAP (SSL) IKE (For more information, see Table C.4) IPSec Authentication Header (AH) (For more information, see Table C.4) IPSec Encapsulation Security Payload (ESP) (For more information, see Table C.4) IRC ISPMOD (SBS 2nd tier DNS registration wizard) Kerberos de-multiplexer Kerberos klogin
UDP
138 137 445
TCP
135 139, 445 560 8001 8002 8000 135 67 68 135 139 53 135 135 143 993 389 636 102 110 995 135 25 119 563
135
53
137
500
139 21 20 80 443 80 143 993
531 1234 2053 543
�Service Name
Kerberos kpasswd (v5) Kerberos krb5 Kerberos kshell L2TP LDAP LDAP (SSL) Login Sequence Macintosh, File Services (AFP/IP) Membership DPA Membership MSN Microsoft Chat client to server Microsoft Chat server to server Microsoft Message Queue Server Microsoft Message Queue Server Microsoft Message Queue Server MTA - X.400 over TCP/IP NetBT datagrams NetBT name lookups NetBT service sessions NetLogon NetMeeting Audio Call Control NetMeeting H.323 call setup NetMeeting H.323 streaming RTP over UDP NetMeeting Internet Locator Server ILS NetMeeting RTP audio stream NetMeeting T.120 NetMeeting User Location Service NetMeeting user location service ULS Network Load Balancing NNTP NNTP (SSL) Outlook (see "Exchange" for ports) Pass Through Verification POP3 POP3 (SSL) PPTP control PPTP data (see Table C.4) Printer sharing name lookup Printer sharing session Radius accounting (Routing and Remote Access) Radius authentication (Routing and Remote Access) Remote Install TFTP RPC client fixed port session queries RPC client using a fixed port session replication RPC session ports RPC user manager, service manager, port mapper SCM used by DCOM SMTP SNMP SNMP Trap SQL Named Pipes encryption over other protocols name lookup SQL RPC encryption over other protocols name lookup SQL session SQL session SQL session SQL session mapper SQL TCP client name lookup Telnet
UDP
464 88 1701 137, 138
TCP
464 88 544 389 636 139 548 568 569 6667 6665 1801 135, 2101 2103, 2105 102 139 1731 1720
1801 3527 138 137 138 Dynamic Dynamic
389 1503 522 522 119 563 139 110 995 1723 139
2504
137, 138
137 1646 or 1813 1645 or 1812 69 1500 2500 Dynamic 135 135 25
135 161 162 137 137
53
139 1433 1024 - 5000 135 53 23
�Service Name
Terminal Server UNIX Printing WINS Manager WINS NetBios over TCP/IP name service WINS Proxy WINS Registration WINS Replication X400
UDP
TCP
3389 515 135 137 42 102
137 137
Protocol Numbers
In an IP header, the Protocol field identifies the service in the next higher level in the protocol stack to which data is passed. Table C.4 shows these commonly used IP protocol numbers. Protocol numbers are used to configure firewalls, routers and proxies. Table C.4 Common Protocol Numbers
Service
Internet Control Message Protocol (ICMP) 1 Transmission Control Protocol (TCP) 6 User Datagram Protocol (UDP) 17 General Routing Encapsulation (PPTP data over GRE) 47 Authentication Header (AH) IPSec 51 Encapsulation Security Payload (ESP) IPSec 50 Exterior Gateway Protocol (EGP) 8 Gateway-Gateway Protocol (GGP) 3 Host Monitoring Protocol (HMP) 20 Internet Group Management Protocol (IGMP) 88 MIT Remote Virtual Disk (RVD) 66 OSPF Open Shortest Path First 89 PARC Universal Packet Protocol (PUP) 12 Reliable Datagram Protocol (RDP) 27 Reservation Protocol (RSVP) QoS 46
Protocol Number
