I know I go stupid from time to time. However, I was under the
impression that all the ports open on an shrink wraped NT box was
evrething that is listed in the services phile in the /drivers/etc
dir. No, nix that. Rather they are alternately open/not open depending
on the actual services/software installed. Am I missing something
here?
David Kimball wk 713.965.9122
Systems Administration fx 713.341.9581
NT/Exchange/SMS/Blah/Blah/Blah
Dreco, Inc.
Tomorrow, tomorrow, tomorrow...creeps this petty pace. From now
til' the end of time.....
----------
From: Bill Stout[SMTP:bill .
stout @
hidata .
com]
Sent: Tuesday, September 03, 1996 11:42 AM
To: Firewalls @
GreatCircle .
COM
Subject: Re: NT port activity list
I started this thread out of interest in NT Firewalls and Webservers.
Let me know if this is too unrelated and I will take this elsewhere.
Amazing what you learn by reading. Windows NT Resource Kit 3.51
Windows NT Networking - Part III 'TCP/IP'.
I haven't completed a Satan scan against an NT system yet, but this
is what I got so far. Also much of the system-level communication
is still a mystery; logon process, etc (RPC?).
NT TCP/IP is divided into the following separate categories;
· 'Core protocols' - TCP, IP, UDP, ARP, ICMP, PPP and SLIP.
· API support - Windows Sockets v1.1, RPC, NetBIOS, and Network DDE.
· Basic TCP/IP utilities - finger, ftp, lpr, rcp, rexec, rsh, telnet,
and tftp.
· Diagnostic tools - arp, hostname, ipconfig, lpq, nbtstat, netstat,
ping, route, and tracert.
· Services and Administration tools - FTP Server, WINS, DHCP, and
TCP/IP Printing.
· SNMP agent
· Client software for 'Simple network protocols' - chargen, daytime,
discard, echo, quotd.
· Path MTU discovery - discovers datagram size for all routers between
Windows NT computer and any system on a WAN. (RFC 1191)
· IGMP - Internet Gateway Multicast Protocol
The following is a partial list of available IP network ports in NT:
Port Name Description RFC
1 icmp Internet Control Message Protocol 792
2 igmp Internet Group Management Protocol 1112
7 echo Ping 862
9 discard Discard (sink null) 863
13 daytime Daytime 867
15 netstat Network Statistics
17 quotd Quote of the Day
(\winnt\system32\drivers\etc\quotes) 865
19 chargen Character Generator 864
20 ftp-data File Transfer Protocol (Data) 959
21 ftp File Transfer Protocol (Control) 959
23 telnet Telnet 854
53 domain Domain Name Service 1034,1035
69 tftp Trivial File Transfer Protocol
Used by Bootp, DHCP
783,1534,1541
79 finger Finger 1194
137 netbios_ns NetBIOS Name Service
Typically UDPAlso used by 'nbtstat'
Node Status Request 1001,1002
138 netbios_dgm NetBIOS Datagram Service 1001,1002
139 netbios_ssn NetBIOS Session Service 1001,1002
161 snmp SNMP Messages 1157
162 snmptrap SNMP Traps 1157
530 courier RPC
515 printer LPD Spooler 1179
Other installed services:
775 sms_db
777 sms_update
1433 tds Tabular Data Stream DB-library SQLserver
Please edit this list if you have more data (ISS, Raptor, MS?).
Bill Stout
_______________________________________________________________________
________
Senior Systems Admin NT/UNIX/I-net/Routers/Mainframes/Janitor ;)
Hitachi Data Systems 408-970-4822 --- Disclaimer: I speak only
for myself
___________"Infowar, Cyber-war, yes, 'they' _are_ out to get
you..."___________
<<application/ms-tnef>>
|
|
