Appendix A. TCP, UDP Ports, and ICMP Message Types

I list useful TCP, UDP ports, and ICMP message types in this appendix. A comprehensive list of registered TCP and UDP services may be found at http://www.iana.org/assignments/port-numbers. The nmap-services list of ports provided with Nmap is also a good reference, particularly for backdoors and other unregistered services.

TCP Ports

TCP ports of interest from a remote security assessment perspective are listed in Table A-1. I have included references to chapters within this book, along with other details that I deem appropriate, including MITRE CVE references to known issues.

Table A-1. TCP ports

Port

Name

Notes

1

tcpmux

TCP port multiplexer, indicates the host is running IRIX

11

systat

System status service

15

netstat

Network status service

21

ftp

File Transfer Protocol (FTP) service; see Chapter 8

22

ssh

Secure Shell (SSH); see Chapter 8

23

telnet

Telnet service; see Chapter 8

25

smtp

Simple Mail Transfer Protocol (SMTP); see Chapter 11

42

wins

Microsoft WINS name service; see Chapter 5

43

whois

WHOIS service; see Chapter 3

53

domain

Domain Name Service (DNS); see Chapter 5

79

finger

Finger service, used to report active users; see Chapter 5

80

http

Hypertext Transfer Protocol (HTTP); see Chapter 6

88

kerberos

Kerberos distributed authentication mechanism

98

linuxconf

Linuxconf service, remotely exploitable under older Linux distributions; see CVE-2000-0017

109

pop2

Post Office Protocol 2 (POP2), rarely used

110

pop3

Post Office Protocol 3 (POP3); ...

Get Network Security Assessment, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.