1 TCPMUX TCP Port Service Multiplexer Transfer Control Protocol Port Services Multi-Switch Selector
2 CompressNet Management Utility CompressNet Management Utility
3 CompressNet Compression Process Compression Process
5 RJE Remote Job Entry Remote Job Login
7 echo echo return
9 Discard Discard Discard
11 SYSTAT ACTIVE USERS online user
13 DayTime Daytime Time
17 qotd quote of the day daily reference
18 MSP Message Send Protocol Message Send Agreement
19 Chargen Character Generator Character Generator
20 FTP-DATA File Transfer [Default Data] File Transfer Protocol (Default Data Port)
21 FTP File Transfer [Control] File Transfer Protocol (Control)
22 SSH SSH Remote Login Protocol SSH Remote Login Protocol
23 Telnet Telnet Terminal Simulation Agreement
24? Any Private Mail System reserved for personal mail systems
25 SMTP SIMPLE MAIL TRANSFER Simple Mail Send Agreement
27 NSW-Fe NSW User System FE NSW User System Field Engineer
29 MSG-ICP MSG ICP MSG ICP
31 MSG-Auth MSG Authentication MSG Verification
33 DSP Display Support Protocol Display Support Protocol
35? Any Private Printer Server reserved for personal printer services
37 Time Time Time
38 Rap Route Access Protocol Route Access Protocol
39 RLP Resource Location Protocol Resource Location Protocol
41 Graphics Graphics Graphics
42 Nameserver Wins Host Name Server WINS Host Name Service
43 NICName WHO IS "Nickname" WHO IS Service
44 MPM-Flags MPM Flags Protocol MPM (Message Processing Module) Sign Protocol
45 MPM Message Processing Module [RECV] Message Processing Module
46 MPM-SND MPM [Default Send] Message Process Module (Default Send Port)
47 NI-FTP NI FTP NI FTP
48 Auditd Digital Audit Daemon Digital Audio Background Service
49 Tacacs Login Host Protocol (TACACS) TACACS Login Host Protocol
50 RE-MAIL-CK Remote Mail Checking Protocol Remote Mail Check Protocol
51 la-maint IMP logical address maintenance IMP logical address maintenance
52 XNS-Time XNS Time Protocol Xerox Network Service System Time Agreement
53 Domain Domain Name Server Domain Name Server
54 XNS-CH XNS Clearinghouse Xerox Network Service System Bill Exchange 55 ISI-GL ISI Graphics Language ISI Graphic Language
56 XNS-Auth XNS Authentication Xerox Network Service System Verification
57? Any Private Terminal Access Reserved Personal Terminal Access
58 XNS-Mail XNS Mail Xerox Network Service System Mail
59? Any Private File Service Reserved personal file service
60? Unassigned undefined
61 NI-mail ni mail ni mail?
62 ACAS ACA SERVICES? Asynchronous communication adapter service
63 WHOIS WHOIS WHOIS
64 COVIA Communications Integrator (CI) Communication Interface
65 TACACS-DS TACACS-Database Service TACACS Database Services
66 SQL * NET ORACLE SQL * NET ORACLE SQL * NET
67 Bootps Bootstrap Protocol Server Boot Protocol Service
68 Bootpc Bootstrap Protocol Client Boot Protocol Client
69 TFTP Trivial File Transfer Small File Transfer Protocol
70 GOPHER GOPHER Information Retrieval Agreement
71 NETRJS-1 Remote Job Service Remote Job Service
72 NETRJS-2 Remote Job Service Remote Job Services
73 NETRJS-3 Remote Job Service Remote Job Service
74 NETRJS-4 Remote Job Service Remote Job Service
75? Any Private Dial Out Service Reserved to your personal allocation service
76 DEOS Distributed External Object Store Distributed External Object Storage
77? Any Private RjE Service Reserved to your personal remote job input service
78 VETTCP VETTCP Fix TCP?
79 Finger Finger query remote host online user, etc.
80 HTTP World Wide Web HTTP Global Information Network Hypertext Transfer Protocol
81 Hosts2-NS Hosts2 Name Server Host2 Name Service
82 XFER XFER Utility Transfer Utility
83 mit-ml-dev mit ml Device Modular Intelligent Terminal ML Equipment
84 CTF Common Trace Facility Public Tracking Equipment
85 mit-ml-dev mit ml Device modular smart terminal ML device
86 MFCOBOL Micro Focus Cobol Micro Focus Cobol Programming Language
87? Any Private Terminal Link reserved to a personal terminal connection
88 Kerberos Kerberos Kerberros Security Authentication System
89 SU-MIT-TG SU / MIT TELNET GATEWAY SU / MIT Terminal Simulation Gateway
90 DNSIX DNSIX Securit Attribute Token Map DNSIx Security Properties Tags
91 MIT-DOV MIT DOVER SPOOLER MIT DOVER Vacation 92 NPP Network Printing Protocol Network Print Protocol
93 DCP Device Control Protocol Device Control Protocol
94 Objcall Tivoli Object Dispatcher Tivoli Object Scheduling
95 Supdup SuPDUP
96 DIXIE DIXIE PROTOCOL SPECification DIXIE Agreement Specification
97 SWIFT-RVF (SWIFT Remote Virtural File Protocol) Quick Remote Virtual File Agreement
98 TacNews Tac News TAC News Agreement
99 Metagram Metagram RELAY
100 NewAcct [Unauthorized USE]
101 / TCP Hostname Nic Host Name Server
102 / TCP ISO-TSAP ISO-TSAP CLASS 0
103 / TCP GPPITNP Genesis Point-to-Point Trans Net
104 / TCP ACR-NMA ACR-NEMA DIGITAL IMAG. & COMM. 300
105 / TCP CSO CCSO Name Server Protocol
105 / TCP CSNet-NS Mailbox Name Nameserver
106 / TCP 3COM-TSMUX 3COM-TSMUX
107 / TCP RTELNET Remote Telnet Service
108 / TCP SNAGAS SNA GATEWAY Access Server
109 / TCP POP2 Post Office Protocol - Version 2
110 / TCP POP3 Post Office Protocol - Version 3
111 / TCP SUNRPC Sun Remote Procedure Call
112 / TCP MCIDAS MCIDAS Data Transmission Protocol
113 / TCP IDENT
114 / TCP AUDIONEWS AUDIO NEWS MULTICAST
115 / TCP SFTP SIMPLE FILE TRANSFER Protocol
116 / TCP ANSANOTIFY ANSA REX Notify
117 / TCP UUCP-PATH UUCP PATH SERVICE
118 / TCP SQLSERV SQL SERVICES
119 / TCP NNTP NetWork News Transfer Protocol
120 / TCP CFDPTKT CFDPTKT
121 / TCP ERPC Encore Expedified Remote Pro.Call
122 / TCP SMAKYNET SMAKYNET
123 / TCP NTP NetWork Time Protocol
124 / TCP ANSATRADER ANSA REX Trader
125 / TCP LOCUS-MAP LOCUS PC-Interface Net Map Ser
126 / TCP Unityary Unisys Unityary Login
127 / TCP LOCUS-Conn Locus PC-Interface Conn Server
128 / TCP GSS-XLICEN GSS X License Verification
129 / TCP PWDgen Password Generator Protocol
130 / TCP Cisco-Fna Cisco Fnative
131 / TCP Cisco-TNA Cisco TNATIVE
132 / TCP Cisco-Sys Cisco Sysmaint
133 / TCP Statsrv Statistics Service134 / TCP INGRES-NET INGRES-NET Service
135 / TCP EPMAP DCE ENDPOINT RESOLUTION
136 / TCP Profile Profile Naming System
137 / TCP NetBIOS-NS NetBIOS Name Service
138 / TCP Netbios-DGM Netbios DataGram Service
139 / TCP NetBIOS-SSN NetBIOS Session Service
140 / TCP EMFIS-DATA EMFIS DATA Service
141 / TCP EMFIS-CNTL EMFIS Control Service
142 / TCP BL-IDM BRITTON-Lee IDM
143 / TCP IMAP Internet Message Access Protocol
144 / TCP Uma Universal Management Architecture
145 / TCP UAAC UAAC Protocol
146 / TCP ISO-TP0 ISO-IP0
147 / TCP ISO-IP ISO-IP
148 / TCP Jargon Jargon
149 / TCP AED-512 AED 512 Emulation Service
150 / TCP SQL-Net SQL-NET
151 / TCP HEMS HEMS
152 / TCP BFTP Background File Transfer Program
153 / TCP SGMP SGMP
154 / TCP NetSC-PROD NETSC
155 / TCP NetSC-DEV NETSC
156 / TCP SQLSRV SQL Service
157 / TCP KNET-CMP KNET / VM Command / Message Protocol
158 / TCP Pcmail-SRV PCMAIL Server
159 / TCP NSS-Routing NSS-Routing
160 / TCP SGMP-TRAPS SGMP-TRAPS
161 / TCP SNMP SNMP
162 / TCP SNMPTRAP SNMPTRAP
163 / TCP CMIP-MAN CMIP / TCP Manager
164 / TCP CMIP-Agent CMIP / TCP Agent
165 / TCP XNS-Courier Xerox
166 / TCP S-NET SIRIUS SYSTEMS
167 / TCP NAMP NAMP
168 / TCP RSVD RSVD
169 / TCP Send Send
170 / TCP Print-SRV Network PostScript
171 / TCP Multiplex Network Innovations Multiplex
172 / TCP CL / 1 NetWork Innovations CL / 1
173 / TCP XYPLEX-MUX XYPLEX
174 / TCP MAILQ MAILQ
175 / TCP VMNET VMNET
176 / TCP Genrad-Mux Genrad-MUX
177 / TCP xdmcp x display manager control protocol
178 / TCP NextStep Nextstep Window Server
179 / TCP BGP Border Gateway Protocol
180 / TCP RIS Intergraph
181 / TCP Unify Unify
182 / TCP Audit Unisys Audit Sitp
183 / TCP OCBINDER OCBINDER
184 / TCP OCSERVER OCSERVER
185 / TCP Remote-Kis Remote-Kis
186 / TCP Kis Kis Protocol
187 / TCP ACI Application Communication Interface188 / TCP MUMPS PLUS FIVE 磗 Mumps
189 / TCP QFT Queued File Transport
190 / TCP GACP GATEWAY Access Control Protocol
191 / TCP Prospero Prospero Directory Service
192 / TCP OSU-NMS OSU NetWork Monitoring SYSTEM
193 / TCP SRMP SPIDER Remote Monitoring Protocol
194 / TCP IRC Internet Relay Chat Protocol
195 / TCP DN6-NLM-AUD DNSIX NETWORK Level Module Audit
196 / TCP DN6-SMM-Red DNSIX Session Mgt Module Audit Redir
197 / TCP DLS Directory Location Service
198 / TCP DLS-MON DIRECTORY LOCATION Service Monitor
199 / TCP SMUX SMUX
200 / TCP SRC IBM System Resource Controller
201 / TCP AT-RTMP AppleTalk Routing Maintenance
202 / TCP AT-NBP AppleTalk Name Binding
203 / TCP AT-3 AppleTalk Unused
204 / TCP At-Echo AppleTalk Echo
205 / TCP AT-5 AppleTalk Unused
206 / TCP AT-ZIS AppleTalk Zone Information
207 / TCP AT-7 AppleTalk Unused
208 / TCP AT-8 AppleTalk Unused
209 / TCP QMTP The Quick Mail Transfer Protocol
210 / TCP Z39.50 ANSI Z39.50
211 / TCP 914C / G Texas Instruments 914C / G Terminal
212 / TCP ANET ATEXSSTR
214 / TCP VMPWSCS VM PWSCS
215 / TCP SoftPC Insignia Solutions
216 / TCP CAILIC Computer Associates INT 磍 License Server
217 / TCP DBASE DBASE UNIX
218 / TCP MPP Netix Message Posting Protocol
219 / TCP UARPS Unisys ARPS
220 / TCP IMAP3 INTERACTIVE MAIL Access Protocol V3
221 / TCP FLN-SPX Berkeley Rlogind with SPX Auth
222 / TCP RSH-SPX Berkeley RSHD with SPX Auth
223 / TCP CDC CERTIFICATE DISTRIBUTION CENTER
242 / TCP DIRECT DIRECT
243 / TCP SUR-MEAS SURVEY MEASurement
244 / TCP Dayna Dayna
245 / TCP LINK LINK
246 / TCP DSP3270 DISPLAY SYSTEMS Protocol
247 / TCP subntbcst_tftp subntbcst_tftp
248 / TCP BHFHS BHFHS
256 / TCP RAP RAP
257 / TCP Set Secure Electronic Transaction
258 / TCP YAK-Chat Yak Winsock Personal Chat
259 / TCP ESRO-GEN Efficient Short Remote Operations
260 / TCP OpenPort OpenPort
263 / TCP HDAP HDAP
264 / TCP BGMP BGMP
280 / TCP http-mgmt http-mgmt
309 / TCP EntrustTime EntrustTime
310 / TCP BHMDS BHMDS
312 / TCP vslmp vslmp
315 / TCP DPSI DPSI
316 / TCP Decauth Decauth
317 / TCP ZANNET ZANNET
321 / TCP PIP PIP
344 / TCP PDAP Prospero Data Access Protocol
345 / TCP Pawserv Perf Analysis Workbench
346 / TCP ZSERV ZEBRA Server
347 / TCP FatServ Fatmen Server
348 / TCP CSI-SGWP Cabletron Management Protocol
349 / TCP MFTP MFTP
351 / TCP Matip-Type-b Matip Type B
351 / TCP BHOETTY BHOETTY (Added 5/21/97)
353 / TCP NDSAUTH NDSAUTH
354 / TCP BH611 BH611
357 / TCP BHEVENT BHEVENT
362 / TCP Srssend SRS Send
365 / TCP DTK DTK
366 / TCP ODMR ODMR
368 / TCP qbikgdp qbikgdp
371 / TCP CLEARCASE CLEARCASE
372 / TCP UListProc ListProcessor
373 / TCP LEGENT-1 Legent Corporation
374 / TCP Legent-2
______________________________________________________
The following is bingtang supplements:
0 usually used to analyze the operating system. This method can work because "0" in some systems is invalid port, which will produce different results when you try to use a usual closing port to connect it. A typical scan: Use the IP address of 0.0.0.0 to set the ACK bit and broadcast in Ethernet layer.
1. TCPMUX This shows that someone is looking for SGI IRIX machines. IRIX is the main provider of TCPMUX, which is opened in this system by default. IRIS machines are published in the release of several default unconsored accounts such as LP, Guest, UUCP, NUUCP, DEMOS, TUTOR, DIAG, EZSETUP, OUTOFBOX, and 4DGIFTS. Many administrators have forgotten to delete these accounts. Therefore, Hacker searches for TCPMUX on the Internet and uses these accounts.
7 Echo You can see how many people search for the Fraggle amplifier, sent to XX.x.0 and X.x.x.255. Common DOS Attacks are echo-loops, and an attacker is forged from a UDP packet from one machine to another, and the two machines respond to these packets in their fastest way. Another thing is a TCP connection established by DoubleClick in the word port. There is a product called "Resonate Global Dispatch", which is connected to this port of DNS to determine the nearest route. Harvest / Squid Cache will send UDP Echo from the 3130 port: "If you open the cache's Source_Ping ON option, it will respond to a hit reply on the UDP ECHO port of the original host." This will generate a lot of such packets.
11 SysStat This is a UNIX service that lists all the running processes on the machine and what is started. This provides many information for intruders and threats to the machine, such as exposing programs known to certain weaknesses or accounts. This is similar to the results of the "PS" command in the UNIX system. Again: ICMP has no port, ICMP Port 11 is usually ICMP Type = 11. 19 Chargen This is a service that only sends characters. The UDP version will respond to the package containing the spam after receiving the UDP package. When the TCP connection is connected, the data stream containing the spam will be sent to the connection to close. Hacker uses IP spoof to launch a DOS attack. Forged two UDP packages between two Chargen servers. Since the server attempts to respond to unlimited round-trip data communication between the two servers A Chargen and Echo will cause the server to overload. The same Fraggle DOS attack is broadcast to this port of the target address with a packet with counterfeit victim IP, and the victim is overloaded in order to respond to this data.
The most common attacker of FTP is used to find the method of opening "anonymous" FTP server. These servers have a readable and writable directory. Hackers or Crackers uses these servers as a node that transmits Warez (private programs) and PR0n (intentional tangle words).
22 SSH PCANYWHERE Establish TCP and this connection can be used to find SSH. This service has many weaknesses. If configured as specific modes, many have many vulnerabilities using the RSAREF library. (It is recommended to run SSH in other ports). It should also be noted that the SSH toolkit has a program called make-ssh-known-hosts. It scans the SSH host of the entire domain. You sometimes be used in unintentional scanning. UDP (rather than TCP) is connected to the 5632 port of the other means that there is a scanning of PCANywhere. 5632 (Hexadecimal 0x1600) After the interchange is 0x0016 (22).
TeLNet invaders are searching for remote login UNIX services. In most cases, the invaders scan this port is to find the operating system that is running. In addition, use other technologies, invaders will find a password.
(Spammer) Finding the SMTP server is to deliver their spam. The invader's account is always turned off, and they need to dial to connect to the high-bandwidth E-mail server to pass simple information to different addresses. SMTP servers (especially Sendmail) are one of the most common methods of entering the system, as they must be completely exposed to the Internet and the route of mail is complex (exposed complex = weaknesses).
53 DNS HACKER or CRACKERS may be trying to perform regional delivery (TCP), deceive DNS (UDP) or hidden other communications. Therefore, the firewall often filters or records 53 ports. It should be noted that you often see the 53 port as the UDP source port. Unstable firewalls typically allow this communication and assume that this is a reply to DNS queries. Hacker often uses this method to penetrate the firewall.
67 & 68 Bootp and Bootp / DHCP on DHCP UDP: The firewall that is often sent to the broadcast address 255.255.255.255 via DSL and Cable-Modem often see data from the broadcast address 255.255.255.255. These machines request an address assignment to the DHCP server. Hacker often enters them allocated an address to initiate a large number of "man-in-middle) attacks as partial routers. The client is configured to the 68-port (Bootps) broadcast request, and the server responds to the 67-port (Bootpc) broadcast. This response uses broadcast because the client still does not know the IP address that can be sent.
69 TFTP (UDP) Many servers provide this service with BOOTP to facilitate downloading startup code from the system. But they often configure any files from the system, such as password files. They can also be used to write files to the system. 79 Finger Hacker is used to obtain user information, query the operating system, and detect known buffer overflow errors, responding to the machine to other machine finger scans.
98 LinuxConf This program provides simple management of Linux Boxen. Provide a web-based service in the 98 port by integrated HTTP servers. It has found many security issues. Some versions setuid root, trust local area network, build Internet accessible files, and the LANG environment variable has buffer overflow. Also because it contains integrated servers, many typical HTTP vulnerabilities may exist (buffer overflow, over the directory, etc.)
109 POP2 is not called POP3, but many servers provide two services (backward compatibility). The vulnerability of POP3 on the same server exists in POP2.
110 POP3 is used for the client access to the server side mail service. POP3 services have many recognized weaknesses. There are at least 20 weaknesses overflow over the username and password switching buffer (this means that Hacker can enter the system before logging in). There are other buffers overflow errors after successfully logging in.
111 SunRPC Portmap RpcBind Sun RPC Portmapper / Rpcbind. Access Portmapper is the first step for the scanning system to view which RPC services allowed. Common RPC services include: rpc.mountd, nfs, rpc.statd, rpc.csmd, rpc.ttybd, AMD, etc. The invader found that the allowed RPC service will turn to the specific port test vulnerability of the service. Remember to record Daemon, IDS, or Sniffer in the line, and you can find what program access to the invader is to find what happened.
113 Ident Auth This is a multi-machine running protocol for identifying TCP connections. This service using standard can obtain information of many machines (will be utilized by Hacker). But it can serve as many services, especially those such as FTP, POP, IMAP, SMTP, and IRC. Usually if you have many customers access these services through the firewall, you will see the connection requests for this port. Remember, if you block this port client feels slow connection with the E-mail server on the other side of the firewall. Many firewalls support back RST during the blocking of TCP connections, and will stop this slow connection back.
119 NNTP News News Group Transmission Protocol to carry USENET communication. This port is usually used when you link to the address, such as: news: //comp.security.firewalls/. The connection at this port is usually looking for a USENET server. Most ISP limits only their customers can access their newsgroup servers. Open the newsgroup server will allow / read anyone's post, access the restricted newsgroup server, post anonymous to post or send a spam.
135 OC-SERV MS RPC End-Point Mapper Microsoft runs DCE RPC End-Point Mapper for this port for its DCOM service. This is similar to the functionality of UNIX 111 ports. Use DCOM and / or RPC services to register their location using end-point mapper on your machine. When remote customers are connected to the machine, they queries end-point mapper to find the location of the service. The same HACKER scanning machine is to find Exchange Server on this machine? What version is it? This port can also be used for direct attacks in addition to query services (such as using EPDUMP). There are some DOS attacks directly for this port. 137 Netbios Name Service NBTSTAT (UDP) This is the most common information of the firewall administrator.
139 NetBIOS File and Print Sharing Attempts to get NetBIOS / SMB services via this port. This protocol is used for Windows file and printer sharing and Samba. Sharing your own hard drive on the Internet is the most common problem. A large number of ports were started at 1999, and later became less. In 2000, there was a rebound. Some VBS (IE5 VisualBasic scripting) starts copying themselves to this port and trying to breed this port.
143 IMAP and the security of POP3 above, many IMAP servers have buffer overflow vulnerabilities running in the login process. Remember: A Linux worm (ADMW0RM) will reproduce this port, so many of this port scans from uninformed users who are infected. These vulnerabilities become popular when Radhat allows IMAP by default in their Linux release versions. This is also a widely spread worm after Morris worm. This port is also used in IMAP2, but it is not popular. Some reports have found that some 0 to 143 ports have stem from script.
161 SNMP (UDP) invaders often detect ports. SNMP allows remote management devices. All configurations and running information are stored in the database and are available through SNMP guests. Many administrator error configurations are exposed to the Internet. Crackers will try to use the default password "public" "private" access system. They may test all possible combinations. The SNMP package may be incorrect to point to your network. The Windows machine often uses SNMP for the HP JetDirect Remote Management software because the error configuration. HP Object Identifier will receive an SNMP package. The new version of Win98 uses SNMP to resolve domain names, you will see this package in subnet broadcast (Cable Modem, DSL) query sysname and other information.
162 SNMP TRAP may be due to error configuration
177 XDMCP Many Hacker access to the X-Windows console, which needs to open the 6000 port at the same time.
513 RWHO may be broadcast from UNIX machines from the subnet using Cable Modem or DSL. These people provide very interesting information for Hacker into their system.
553 CORBA IIOP (UDP) If you use Cable Modem or DSL VLAN, you will see the broadcast of this port. CORBA is an object-oriented RPC (Remote Procedure Call) system. Hacker will use this information to enter the system.
600 PCServer Backdoor Please see the 1524 port.
Some children who play Script think they have completely broken the system through the modification of the Ingreslock and the PCServer file - Alan J. Rosenthal.
635 mountd Linux's MountD bug. This is a popular bug that people scan. Most of this port scan is UDP based, but TCP-based mountD has increased (MountD runs on two ports). Remember, MountD can run in any port (which port is in the end, you need to do a portmap query at the port 111), just Linux defaults to 635 port, just like NFS usually runs on the 2049 port. 1024 Many people ask what this port is dry. It is the beginning of a dynamic port. Many programs do not care which port connection network, they request operating systems to assign them "next idle port". Based on this allocation starts from port 1024. This means that the first program that requests the dynamic port to the system will be assigned port 1024. To verify this, you can restart the machine, open Telnet, open a window to run "natstat -a", you will see Telnet assigned 1024 port. The more programs requested, the more dynamic ports. The port assigned by the operating system will gradually become large. Come again, when you browse the web page, use "NetStat" to view, each web page requires a new port.
1025, 1026 See 1024
1080 SOCKS This protocol passes through the firewall by pipeline, allowing many people behind the firewall to access the Internet through an IP address. In theory it should only allow the internal communication to reach the Internet. However, due to the wrong configuration, it allows the HACKER / CRACKER to pass an attack outside the firewall through the firewall. Or simply respond to a computer located on the Internet, enabling them to attack your direct attack. Wingate is a common Windows personal firewall that often occurs the above error configuration. This will often see this when joining the IRC chat room.
1114 SQL system itself rarely scans this port, but is often part of the SSCAN script.
1243 SUB-7 Trojans (TCP)
1124 Ingreslock back door Many attack scripts will install a backdoor shell at this port (especially those for Sendmail and RPC service vulnerabilities in the Sun system, such as Statd, TTDBServer, and CMSD). If you just installed your firewall, you see the connection at this port, which is probably the above reasons. You can try Telnet to this port on your machine to see if it will give you a shell. This issue is also available to 600 / PCServer.
The2049 NFS NFS program is often running on this port. It usually needs to access portmapper query which port is running, but most of the case is installed after installation, and Hacker / Cracker can pass the portmapper directly to test this port.
3128 Squid This is the default port of the Squid HTTP proxy server. The attacker scans this port is to search for an anonymous access to the Internet. You will also see the ports of other proxy servers: 8000/8001/8080/8888. Another reason for scan this port is that users are entering the chat room. Other users (or server itself) also verify this port to determine if the user's machine supports the agent.
5632 Pcanywere you will see a lot of this port, depending on your location. When the user opens PCAnyWere, it automatically scans the local area network C-class network to find the possible agent (the translator: refers to Agent instead of proxy). Hacker / Cracker will also find a machine that open this service, so you should check the source address of this scan. Some scanning of PCANYWERE often contains the UDP packet of port 22.
6776 SUB-7 Artifact This port is a port for transmitting data from the Sub-7 main port. For example, when the controller controls another machine through the telephone line, you will see this when the controlled machine is hung up. Therefore, when another person is dial in this IP, they will see continuous, attempting at this port. (Translator: That is to see the connection attempt of the firewall, do not mean that you have been controlled by SUB-7. This is set by the TCP7070 port externally control connection.
13223 Powwow Powwow is a Tribal Voice chat program. It allows users to open private chats at this port. This process is very "offensive" for establishing a connection. It will "station" waiting for response in this TCP port. This causes a connection attempt to a heartbeat interval. If you are a dial user, "inherit" from another chat, this is what the IP address is: It seems that many different people are testing this port. This protocol uses "OPNG" as the first four bytes of its connection attempt.
11027 Conducent This is an outgoing connection. This is because someone has a shared software with Conducent "ADBOT" inside the company. Conducent "Adbot" is an advertising service for shared software. A popular software using this service is pkware. Some people test: Blocking this external connection does not have any problems, but the IP address itself will cause the ADBOTS to try to connect multiple times in each second:
The machine will continue to analyze DNS name -ads.conducent.com, ie IP address 216.33.210.40; 216.33.199.77; 216.33.199.80; 216.33.199.81; 216.33.210.41. (Translator: I don't know if Netants used in Radiate also has this phenomenon)
27374 SUB-7 Trojan (TCP)
30100 NetSphere Trojan (TCP) usually this port scan is to find NetSphere Trojans.
31337 Back Orification "Elite" HACKER 31337 Read "Elite" / Ei'li: T / (Translator: French, translated as backbone, essence. That is, 3 = E, 1 = L, 7 = T). So many rear door programs are running on this port. The most famous is Back Orific. This is the most common scan on the Internet for a while. Now it's getting less and less, other Trojans are increasingly popular.
31789 HACK-A-TACK This port UDP communication is usually due to the "HACK-A-TACK" remote access to Trojan (RAT, Remote Access Trojan). This Trojan includes a built-in 31790 port scanner, so any 31789 port to 317890 port means that this invasion is already. (31789 port is control connection, 317890 port is file transfer connection)
32770 ~ 32900 RPC Services Sun Solaris RPC service is within this range. Detailed: Early versions of Solaris (2.5.1) placed portmapper in this range even if the low port was closed by the firewall, still allowed Hacker / Cracker to access this port. Scanning this range is not to find portmapper, just to find known RPC services that can be attacked.
33434 ~ 33600 Traceroute If you see the UDP packet within this port (and within this range), it may be due to TraceRoute. See the relevant part of this site. 374 / TCP Legent-2 Legent Corporation
375 / TCP Hassle Hassle
376 / TCP NIP Amiga Envoy Network Inquiry PROTO
377 / TCP TNETOS NEC CORPORATION
378 / TCP DSETOS NEC CORPORATION
379 / TCP IS99C TIA / EIA / IS-99 MODEM Client
380 / TCP IS99S TIA / EIA / IS-99 MODEM Server
381 / TCP HP-Collector HP Performance Data Collector
383 / TCP HP-ALARM-MGR HP Performance Data Alarm Manager
384 / TCP ARNS A Remote Network Server System
385 / TCP IBM-APP IBM Application
386 / TCP ASA ASA Message Router Object DEF.
387 / TCP AURP AppleTalk Update-based Routing Pro.
388 / TCP Unidata-LDM Unidata LDM Version 4
389 / TCP LDAP Lightweight Directory Access Protocol
390 / TCP UIS UIS
391 / TCP SYNOTICS-RELAY SYNOPTICS SNMP RELAY Port
393 / TCP DIS DATA Interpretation System
394 / TCP EMBL-NDT EMBL Nucleic Data Transfer
395 / TCP Netcp Netscout Control Protocol
396 / TCP NetWare-IP Novell NetWare Over IP
397 / TCP MPTN MULTI Protocol Trans. Net.
398 / TCP KRYPTOLAN KRYPTOLAN
399 / TCP ISO-TSAP-C2 ISO TRANSPORT CLASS 2 NON-Control Over TCP
400 / TCP WORK-SOL WORKSTATION SOLUTIONS
401 / TCP UPS Uninterruptible Power Supply
402 / TCP GENIE GENIE Protocol
403 / TCP Decap Decap
404 / TCP NCED NCED
405 / TCP NCLD NCLD
406 / TCP IMSP INTERACTIVE MAIL Support Protocol
407 / TCP TIMBUKTU TIMBUKTU
408 / TCP PRM-SM Prospero Resource Manager Sys .man.
409 / TCP PRM-NM Prospero Resource Manager Node Man.
410 / TCP Decladebug Decladebug Remote Debug Protocol
411 / TCP RMT Remote MT Protocol
412 / TCP Synoptics-Trap Trap Convention Port
413 / TCP SMSP SMSP
414 / TCP Infoseek Infoseek
415 / TCP BNET BNET
416 / TCP SilverPlatter SilverPlatter
417 / TCP ONMUX ONMUX
418 / TCP Hyper-g Hyper-g
419 / TCP Ariel1 Ariel
420 / TCP SMPTE SMPTE421 / TCP Ariel2 Ariel
422 / TCP Ariel3 Ariel
423 / TCP OPC-Job-Start IBM Operations Planning and Control Start
424 / TCP OPC-JOB-TRACK IBM Operations Planning and Control TRACK
425 / TCP ICAD-EL ICAD
426 / TCP SmartSDP SmartSDP
427 / TCP SVRLOC Server Location
428 / TCP OCS_CMU OCS_CMU
429 / TCP OCS_AMU OCS_AMU
430 / TCP UTMPSD UTMPSD
431 / TCP UTMPCD UTMPCD
432 / TCP IASD IASD
433 / TCP NNSP NNSP
434 / TCP MobileIP-Agent MobileIP-Agent
435 / TCP MOBILIP-MN MOBILIP-MN
436 / TCP DNA-CML DNA-CML
437 / TCP COMSCM COMSCM
438 / TCP DSFGW DSFGW
439 / TCP DASP DASP THOMAS OBERMAIR
440 / TCP SGCP SGCP
441 / TCP DECVMS-SYSMGT DECVMS-SYSMGT
442 / TCP CVC_Hostd CVC_Hostd
443 / TCP HTTPS HTTP Protocol Over TLS / SSL
444 / TCP SNPP SIMPLE NETWORK PAGING Protocol
445 / TCP Microsoft-DS Microsoft-DS
446 / TCP DDM-RDB DDM-RDB
447 / TCP DDM-DFM DDM-RFM
448 / TCP DDM-SSL DDM-SSL
449 / TCP As-ServerMap As Server Mapper
450 / TCP TSERVER TSERVER
451 / TCP SFS-SMP-NET CRAY NETWORK SEMAPHORE Server
453 / TCP CreativeServer Creative Server
454 / TCP ContentServer ContentServer
455 / TCP CreativePartnr CreativePartNR
456 / TCP Macon-TCP Macon-TCP
457 / TCP Scohelp Scohelp
458 / TCP AppleQTC Apple Quick Time
459 / TCP AMPR-RCMD AMPR-RCMD
460 / TCP SKRONK SKRONK
461 / TCP DataSurfsrv Datarampsrv
462 / TCP DataSurfsrvsec Datarampsrvsec
463 / TCP Alpes Alpes
464 / TCP kpasswd kpasswd
465 / TCP SMTPS SMTP Protocol Over TLS / SSL (WAS SSMTP)
466 / TCP DIGITAL-VRC DIGITAL-VRC
467 / TCP Mylex-Mapd Mylex-MAPD
468 / TCP PhoTuris Proturis
469 / TCP RCP Radio Control Protocol
470 / TCP SCX-Proxy SCX-Proxy
471 / TCP Mondex Mondex
472 / TCP LJK-LOGIN LJK-LOGIN
473 / TCP HYBRID-POP HYBRID-POP
474 / TCP TN-TL-W1 TN-TL-W1
475 / TCP TCPNETHASPSRV TCPNETHASPSRV
476 / TCP TN-TL-FD1 TN-TL-FD1
477 / TCP SS7NS SS7NS478 / TCP SPSC SPSC
479 / TCP IAFSERVER IAFSERVER
480 / TCP iafdbase iafdbase
481 / TCP PH Phpervice
482 / TCP BGS-NSI BGS-NSI
483 / TCP ULPNET ULPNET
484 / TCP INTEGRA-SME INTEGRA Software Management Environment Environment Environment Environment
485 / TCP Powerburst Air Soft Power Burst
486 / TCP Avian avian
487 / TCP SAFT SAFT SIMPLE Asynchronous File Transfer
488 / TCP GSS-HTTP GSS-HTTP
489 / TCP Nest-Protocol Nest-Protocol
490 / TCP MICOM-PFS MICOM-PFS
491 / TCP Go-Login Go-login
492 / TCP TICF-1 Transport Independent Convergence for FNA
493 / TCP TICF-2 Transport Independent Convergence for FNA
494 / TCP POV-RAY POV-RAY
495 / TCP INTECOUR INTECOOURIER
496 / TCP PIM-RP-DISC PIM-RP-DISC
497 / TCP DANTZ DANTZ
498 / TCP Siam Siam
499 / TCP ISO-ILL ISO ILL Protocol
500 / TCP isakmp isakmp
501 / TCP STMF STMF
502 / TCP ASA-Appl-Proto ASA-Appl-Proto
503 / TCP Intrinsa Intrinsa
504 / TCP CITADEL CITADEL
505 / TCP MAILBOX-LM Mailbox-LM
506 / TCP OHIMSRV OHIMSRV
507 / TCP CRS CRS
508 / TCP XVTTP XVTTP
509 / TCP Snare Snare
510 / TCP FCP Firstclass Protocol
511 / TCP PASSGO Passgo
512 / TCP EXEC Remote Process EXECUTION;
513 / TCP login Remote Login a la telnet
514 / TCP shell cmd
515 / TCP Printer SpoOler
516 / TCP video VideoTex Videotex
517 / TCP Talk Like Tenex Link, But Across
518 / TCP NTALK
519 / TCP Utime Unixtime
520 / TCP EFS Extended File Name Server
521 / TCP RIPNG RIPNG
522 / TCP ULP ULP
523 / TCP IBM-DB2 IBM-DB2
524 / TCP NCP NCP
525 / TCP TIMED TIMESERVER
526 / TCP TEMPO NewDate
527 / TCP StX stock ixchange
528 / TCP Custix Customer IXChange
529 / TCP IRC-Serv IRC-Serv
530 / TCP Courier RPC
531 / TCP Conference Chat
532 / TCP NetNews Readnews
533 / TCP NetWall for Emergency Broadcasts
534 / TCP MM-Admin Megamedia admin
535 / TCP IIOP IIOP
536 / TCP OPALIS-RDV OPALIS-RDV
537 / TCP NMSP NetWorked Media Streaming Protocol538 / TCP GDomap GDOMAP
539 / TCP Apertus-LDP Apertus Technologies Load Determination
540 / TCP UUCP UUCPD
541 / TCP UUCP-RLOGIN UUCP-RLOGIN
542 / TCP Commerce Commerce
543 / TCP Klogin
544 / TCP Kshell Krcmd
545 / TCP AppleQTCSRVR AppleQTCSRVR
546 / TCP DHCPV6-Client DHCPV6 Client
547 / TCP DHCPV6-Server DHCPV6 Server
548 / TCP AFPOVERTCP AFP OVER TCP
549 / TCP IDFP IDFP
550 / TCP New-RWho New-WHO
551 / TCP Cybercash Cybercash
552 / TCP DEVICESHARE DEVICESHARE
553 / TCP PIRP PIRP
554 / TCP RTSP Real Time Stream Control Protocol
555 / TCP DSF
556 / TCP Remotefs RFS Server
557 / TCP OpenVMS-SYSIPC OpenVMS-SYSIPC
558 / TCP SDNSKMP SDNSKMP
559 / TCP TEEDTAP TEEDTAP
560 / TCP RMONITOR RMONITORD
561 / TCP Monitor
562 / TCP Chshell CHCMD
563 / TCP NNTPS NNTP Protocol Over TLS / SSL (WAS SNNTP)
564 / TCP 9PFS PLAN 9 File Service
565 / TCP WHOAMI WHOAMI
566 / TCP streettalk streettalk
567 / TCP Banyan-RPC Banyan-RPC
568 / TCP MS-Shuttle Microsoft SHUTTLE
569 / TCP MS-ROME Microsoft Rome
570 / TCP Meter Demon
571 / TCP meter udemonon
572 / TCP Sonar Sonar
573 / TCP Banyan-Vip Banyan-VIP
574 / TCP FTP-Agent FTP Software Agent System
575 / TCP Vemmi Vemmi
576 / TCP IPCD IPCD
577 / TCP VNAS VNAS
578 / TCP ipdd ipdd
579 / TCP DECBSRV DECBSRV
581 / TCP BDP Bundle Discovery Protocol
588 / TCP CAL CAL
589 / TCP Eyelink Eyelink
590 / TCP TNS-CML TNS CML
593 / TCP HTTP-RPC-EPMAP HTTP RPC EP MAP
594 / TCP TPIP TPIP
596 / TCP SMSD SMSD
599 / TCP ACP AEOLON CORE PROTOCOL
600 / TCP IPCServer Sun IPC Server
606 / TCP URM CRAY UNIFIED RESOURCE MANAGER
607 / TCP NQS NQS
608 / TCP SIFT-UFT Sender-Initiated / Unsolicited File Transfer
609 / TCP NPMP-TRAP NPMP-TRAP
610 / TCP NPMP-LOCAL NPMP-LOCAL
611 / TCP NPMP-GUI NPMP-GUI
613 / TCP HMMP-OP HMMP Operation
620 / TCP SCO-WEBSRVRMgr SCO Webserver Manager621 / TCP ESCP-IP ESCP
625 / TCP DEC_DLM DEC DLM
626 / TCP Asia Asia
628 / TCP QMQP QMQP
630 / TCP RDA RDA
631 / TCP IPP IPP (Internet Printing Protocol)
632 / TCP BMPP BMPP
634 / TCP GINAD GINAD
635 / TCP RLZDBase RLZ DBASE
636 / TCP LDAPS LDAP Protocol Over TLS / SSL (WAS SLDAP)
637 / TCP LANSERVER LANSERVER
639 / TCP MSDP MSDP
666 / TCP DOOM DOM ID SOFTWARE
667 / TCP Disclose Campaign Contribution Disclosures - SDR Technologies
668 / TCP MeComm Mecomm
669 / TCP meregister meregister
670 / TCP VACDSM-SWS VACDSM-SWS
671 / TCP VACDSM-APP VACDSM-APP
672 / TCP VPPS-Qua VPPS-Qua
673 / TCP CIMPLEX CIMPLEX
674 / TCP ACAP ACAP
675 / TCP DCTP DCTP
704 / TCP Elcsd Errlog Copy / Server Daemon
705 / TCP Agentx Agentx
709 / TCP Entrust-KMSH Entrust Key Management Service Handler
710 / TCP Entrust-Ash Entrust Administration Service Handler
729 / TCP NetViewDM1 IBM NetView DM / 6000 Server / Client
730 / TCP NetViewDM2 IBM NetView DM / 6000 Send / TCP
731 / TCP NetViewDM3 IBM NetView DM / 6000 Receive / TCP
741 / TCP NETGW NETGW
742 / TCP NetRCS Network Based Rev. CONT. SYS.
744 / TCP FlexLM flexible license Manager
747 / TCP Fujitsu-dev fujitsu Device Control
748 / TCP RIS-CM Russell Info Sci Calendar Manager
749 / TCP Kerberos-ADM Kerberos Administration
750 / TCP RFILE
751 / TCP PUMP
752 / TCP QRH
753 / TCP RRH
754 / TCP Tell Send
758 / TCP NLOGIN
759 / TCP Con
760 / TCP NS
761 / TCP RXE
762 / TCP quotad
763 / TCP CYCleSERV
764 / TCP OMSERV
765 / TCP Webster
769 / TCP VID
770 / TCP CADLOCK
771 / TCP RTIP
772 / TCP CYCleServ2
773 / TCP SUBMIT
774 / TCP RPASswd
776 / TCP WPAGES
780 / TCP WPGS
786 / TCP Concert Concert
787 / TCP QSC QSC
801 / TCP DEVICE
873 / TCP rsync rsync rsync
886 / TCP ICLCNET-LOCATE ICL CONETION LOCATE SERVER
887 / TCP ICLCNET_SVINFO ICL Contection Server Info888 / TCP AccessBuilder AccessBuilder
900 / TCP OmginitialRefs Omg Initial Refs
911 / TCP XACT-Backup XACT-BACKUP
990 / TCP FTPS FTP Protocol, Control, Over TLS / SSL
991 / TCP NAS NetNews Administration System
992 / TCP Telnets Telnet Protocol Over TLS / SSL
993 / TCP IMAPS IMAP4 Protocol Over TLS / SSL
994 / TCP IRCS IRC Protocol Over TLS / SSL
995 / TCP POP3S POP3 Protocol Over TLS / SSL (WAS SPOP3)
996 / TCP vsinet vsinet
997 / TCP Maitrd
998 / TCP busboy
999 / TCP Garcon
1000 / TCP CADLOCK
1010 / TCP SURF SURF
1023 / TCP Reserved Reserved
1030 / TCP IAD1 BBN IAD
1031 / TCP IAD2 BBN IAD
1032 / TCP IAD3 BBN IAD
1047 / TCP NEOD1 Sun's NEO Object Request Broker
1048 / TCP NEOD2 Sun's NEO Object Request Broker
1058 / TCP NIM NIM
1059 / TCP NimReg Nimreg
1067 / TCP INSTL_BOOTS Installation Bootstrap Proto. Serv.
1068 / TCP INSTL_BOOTC Installation Bootstrap Proto. CLI.
1080 / TCP SOCKS SOCKS
1083 / TCP ANSOFT-LM-1 Anasoft License Manager
1084 / TCP ANSOFT-LM-2 Anasoft License Manager
1123 / TCP MURRAY MURRAY
1155 / TCP NFA Network File Access
1212 / TCP LUPA LUPA
1222 / TCP NERV SNI R & D NETWORK
1239 / TCP NMSD NMSD
1248 / TCP HERMES
1313 / TCP BMC_PatroldB BMC_Patrol
1314 / TCP PDPS Photoscript Distributed Printing SYSTEM
1321 / TCP PIP PIP
1345 / TCP VPJP VPJP
1346 / TCP Alta-ana-lm Alta Analytics License Manager
1347 / TCP BBN-MMC Multi Media Conferencing
1348 / TCP BBN-MMX Multi Media Conferencing
1349 / TCP SBOOK Registration Network Protocol
1350 / TCP Editbench Registration Network Protocol
1352 / TCP Lotusnote Lotus Note
1353 / TCP RELIEF RELIEF CONSULTING
1354 / TCP Rightbrain Rightbrain Software
1355 / TCP INTUTIVE-EDGE INTUTIVE EDGE
1356 / TCP Cuillamartin Cuillamartin Company
1357 / TCP Pegboard Electronic Pegboard
1358 / TCP connlcli connlcli
1359 / TCP FTSRV FTSRV
1360 / TCP MIMER MIMER
1361 / TCP Linx Linx
1362 / TCP TIMEFLIES TIMEFLIES
1363 / TCP NDM-Requester Network DataMover Requester NetWork DataMover Requester
1364 / TCP NDM-Server Network DataMover Server
1365 / TCP Adapt-Sna NetWork Software Associates
1366 / TCP NetWare-CSP Novell NetWare Comm Service Platform
1367 / TCP DCS DCS
1368 / TCP Screencast Screencast
1369 / TCP GV-US GlobalView to Unix Shell
1370 / TCP US-GV UNIX Shell To GlobalView
1371 / TCP FC-CLI Fujitsu Config Protocol
1372 / TCP FC-Ser FUJITSU Config Protocol
1373 / TCP chromagrafx chromagrafx
1374 / TCP MOLLY EPI Software Systems
1375 / TCP BYTEX BYTEX
1376 / TCP IBM-PPS IBM Person To Person Software
1377 / TCP Cichlid Cichlid License Manager
1378 / TCP Elan Elan license Manager
1379 / TCP DBREPORTER INTEGRITY SOLUTIONS
1380 / TCP Telesis-Licman Telesis Network license Manager
1381 / TCP Apple-Licman Apple Network License Manager
1382 / TCP UDT_OS
1383 / TCP GWHA GW HANNAWAY NETWORK LICENSE MANAGER
1384 / TCP OS-Licman Objective Solutions License Manager
1385 / TCP ATEX_ELMD ATEX PUBLISHING LICENSE Manager
1386 / TCP CHECKSUM CHECKSUM LICENSE MANAGER
1387 / TCP CADSI-LM Computer Aid Design Software Inc LM
1388 / TCP Objective-DBC Objective Solutions Database Cache
1389 / TCP ICLPV-DM Document. NbspManager
1390 / TCP ICLPV-SC Storage Controller
1391 / TCP ICLPV-SAS Storage Access Server
1392 / TCP ICLPV-PM Print Manager
1393 / TCP ICLPV-NLS NetWork Log Server
1394 / TCP ICLPV-NLC NetWork Log Client
1395 / TCP ICLPV-WSM PC Workstation Manager Software
1396 / TCP DVL-ActiveMail DVL Active Mail
1399 / TCP CADKEY-Licman Cadkey License Manager
1400 / TCP CADKEY-TABLET CADKEY TABLET DAEMON
1402 / TCP PRM-SM-NP Prospero Resource Manager
1403 / TCP PRM-NM-NP Prospero Resource Manager1404 / TCP IGI-LM Infinite Graphics License Manager
1405 / TCP IBM-RES IBM Remote EXECUTION STARTER
1406 / TCP NetLabs-LM Netlabs License Manager
1407 / TCP DBSA-LM DBSA LICENSE MANAGER
1408 / TCP Sophia-LM Sophia License Manager
1409 / TCP here-lm here license manager
1410 / TCP HIQ HIQ LICENSE MANAGER
1411 / TCP AF AUDIOFILE
1412 / TCP INNOSYS Innosys
1413 / TCP Innosys-ACL Innosys-ACL
1414 / TCP IBM-MQSERIES IBM MQSeries
1415 / TCP DBSTAR DBSTAR
1416 / TCP Novell-lu6.2 Novell LU6.2
1417 / TCP TIMBUKTU-SRV1 TIMBUKTU Service 1 Port
1418 / TCP TIMBUKTU-SRV2 TIMBUKTU Service 2 Port
1419 / TCP TIMBUKTU-SRV3 TIMBUKTU Service 3 Port
1420 / TCP TIMBUKTU-SRV4 TIMBUKTU Service 4 Port
1421 / TCP Gandalf-LM Gandalf License Manager
1422 / TCP Autodesk-LM Autodesk License Manager
1423 / TCP EssBase EssBase Arbor Software
1424 / TCP HYBRID HYBRID ENCRYPTION Protocol
1425 / TCP ZEN-LM ZION SOFTWARE LICENSE MANAGER
1426 / TCP SAIS Satellite-Data Acquisition System 1
1427 / TCP MLOADD MLOADD MONITORING TOOL
1428 / TCP Informatik-LM Informatik License Manager
1429 / TCP NMS HYPERCOM NMS
1430 / TCP TPDU HYPERCOM TPDU
1431 / TCP RGTP REVERSE GOSSIP TRANSPORT
1432 / TCP Blueberry-LM Blueberry Software License Manager
1433 / TCP MS-SQL-S Microsoft-SQL-Server
1434 / TCP MS-SQL-M Microsoft-SQL-Monitor
1435 / TCP IBM-CICS IBM CICS
1436 / TCP Saism Satellite-Data Acquisition System 2
1437 / TCP Tabula Tabula
1438 / TCP Eicon-Server Eicon Security Agent / Server
1439 / TCP EICON-X25 Eicon X25 / SNA GATEWAY
1440 / TCP EICON-SLP Eicon Service Location Protocol
1441 / TCP CADIS-1 CADIS license Management
1442 / TCP CADIS-2 CADIS license Management
1443 / TCP IES-LM INTEGRATED ENGINEERING SOFTWARE
1444 / TCP Marcam-LM Marcam License Management
1445 / TCP Proxima-LM Proxima License Manager1446 / TCP ORA-LM Optical Research Associates License Manager
1447 / TCP APRI-LM Applied Parallel Research LM
1448 / TCP OC-LM OpenConnect License Manager
1449 / TCP PEPORT PEPORT
1450 / TCP DWF TANDEM Distributed Workbench Facility
1451 / TCP INFMAN IBM INFORMATION Management
1452 / TCP GTEGSC-LM GTE GOVERNMENT SYSTEMS LICENSE MAN
1453 / TCP Genie-LM Genie License Manager
1454 / TCP Interhdl_elmd Interhdl License Manager
1455 / TCP ESL-LM ESL LICENSE MANAGER
1456 / TCP DCA DCA
1457 / TCP VALISYS-LM VALISYS LICENSE MANAGER
1458 / TCP NRCABQ-LM Nichols Research Corp.
1459 / TCP ProShare1 Proshare Notebook Application
1460 / TCP ProShare2 ProShare Notebook Application
1461 / TCP IBM_WRLSS_LAN IBM WIRELESS LAN
1462 / TCP World-LM World License Manager
1463 / TCP Nucleus Nucleus
1464 / TCP MSL_LMD MSL License Manager
1465 / TCP PIPES PIPES Platform
1466 / TCP Oceansoft-LM Ocean Software License Manager
1467 / TCP CSDMBase CSDMBase
1468 / TCP CSDM CSDM
1469 / TCP AAL-LM ACTIVEAALSIS LIMITED LICENSE MANAGER
1470 / TCP Uaiact Universal Analytics
1471 / TCP CSDMBase CSDMBase
1472 / TCP CSDM CSDM
1473 / TCP OpenMATH OpenMATH
1474 / TCP TELEFINDER TELEFINDER
1475 / TCP Taligent-LM Taligent License Manager
1476 / TCP CLVM-CFG CLVM-CFG
1477 / TCP MS-SNA-SERVER MS-SNA-SERVER
1478 / TCP MS-SNA-BASE MS-SNA-Base
1479 / TCP DBEREGISTER DBEREGISTER
1480 / TCP PACERFORUM PACERFORUM
1481 / TCP AIRS AIRS
1482 / TCP MIiteksys-LM Miteksys License Manager
1483 / TCP AFS AFS LICENSE MANAGER
1484 / TCP Confluent Confluent License Manager
1485 / TCP LANSOURCE LANSOURCE
1486 / TCP NMS_TOPO_SERV NMS_TOPO_SERV
1487 / TCP LOCALINFOSRVR LOCALINFOSRVR
1488 / TCP DocStor Docstor
1489 / TCP DMDOCBROKER DMDocBroker
1490 / TCP INSITU-Conf Insitu-Conf
1491 / TCP AnynetGateway AnynetGateway1492 / TCP stone-design-1 stone-design-1
1493 / TCP NetMap_LM NetMap_LM
1494 / TCP ICA ICA
1495 / TCP CVC CVC
1496 / TCP LIBERTY-LM LIBERTY-LM
1497 / TCP RFX-LM RFX-LM
1498 / TCP Sybase-SQLANY SYBASE SQL ANY
1499 / TCP FHC Federico Heinz Consultora
1500 / TCP VLSI-LM VLSI License Manager
1501 / TCP Saiscm Satellite-Data Acquisition System 3
1502 / TCP Shivadiscovery Shiva
1503 / TCP IMTC-MCS DataBeam
1504 / TCP EVB-ELM EVB SOFTWARE ENGINEERING LICENSE Manager
1505 / TCP FunkProxy Funk Software, Inc.
1506 / TCP UTCD Universal Time Daemon (UTCD)
1507 / TCP SYMPLEX SYMPLEX
1508 / TCP Diagmond Diagmond
1509 / TCP Robcad-LM Robcad, Ltd. License Manager
1510 / TCP MVX-LM MIDLAND VALLEY EXPLORATION LTD. LIC .man.
1511 / TCP 3L-L1 3L-L1
1512 / TCP WINS Microsoft's Windows Internet Name Service
1513 / TCP Fujitsu-DTC Fujitsu Systems Business of America, Inc
1514 / TCP Fujitsu-DTCNS Fujitsu Systems Business of America, Inc
1515 / TCP IFOR-Protocol Ifor-Protocol
1516 / TCP VPAD Virtual Places Audio Data
1517 / TCP VPAC Virtual Places Audio Control
1518 / TCP VPVD Virtual Places Video Data
1519 / TCP VPVC Virtual Places Video Control
1520 / TCP ATM-ZIP-Office ATM ZIP Office
1521 / TCP NCube-LM NCube License Manager
1522 / TCP Ricardo-LM Ricardo North America License Manager
1523 / TCP CICHILD-LM CICHILD
1525 / TCP ORASRV Oracle
1525 / TCP Prospero-NP Prospero Directory Service Non-Priv
1526 / TCP PDAP-NP Prospero Data Access Prot Non-Priv
1527 / TCP TLISRV Oracle
1528 / TCP MCIAUTOREG Micautoreg
1529 / TCP coauthor oracle
1530 / TCP RAP-Service Rap-Service
1531 / TCP RAP-LISTEN RAP-LISTEN
1532 / TCP Miroconnect Miroconnect
1533 / TCP Virtual-Places Virtual Places Software
1534 / TCP Micromuse-LM MicroMUse-LM
1535 / TCP AMPR-INFO AMPR-INFO
1536 / TCP AMPR-InterPr-Inter1537 / TCP SDSC-LM ISI-LM
1538 / TCP 3DS-LM 3DS-LM
1539 / TCP IntelliStor-LM Intellistor License Manager
1540 / TCP RDS RDS
1541 / TCP RDS2 RDS2
1542 / TCP Gridgen-Elmd Gridgen-Elmd
1543 / TCP SIMBA-CS SIMBA-CS
1544 / TCP AspeClmd AspeClmd
1545 / TCP Vistium-Share Vistium-Share
1546 / TCP Abbaccuray Abbaccuray
1547 / TCP LAPLINK LAPLINK
1548 / TCP AXON-LM AXON LICENSE MANAGER
1549 / TCP Shivahose Shiva Hose
1550 / TCP 3M-Image-LM Image Storage license Manager 3M Company
1551 / TCP HECMTL-DB HECMTL-DB
1552 / TCP Pciarray Pciarray
1553 / TCP SNA-CS SNA-CS
1554 / TCP CACI-LM CACI Products Company License Manager
1555 / TCP LiveLan Liveland
1556 / TCP ASHWIN ASHWIN CI TECNOLOGIES
1557 / TCP Arbortext-LM Arbortext License Manager
1558 / TCP XINGMPEG XINGMPEG
1559 / TCP Web2Host Web2host
1560 / TCP ASCI-VAL ASCI-VAL
1561 / TCP FacilityView FacilityView
1562 / TCP PCONNECTMGR PConnectMgr
1563 / TCP CADABRA-LM CADABRA LICENSE MANAGER
1564 / TCP PAY-Per-View Pay-Per-View
1565 / TCP Winddlb Windd
1566 / TCP CorelVideo Corelvideo
1567 / TCP JLICELMD JLICELMD
1568 / TCP TSSPMAP TSSPMAP
1569 / TCP ETS ETS
1570 / TCP ORBIXD ORBIXD
1571 / TCP RDB-DBS-DISP ORACLE Remote Data Base
1572 / TCP CHIP-LM ChIPCOM LICENSE MANAGER
1573 / TCP ITSCOMM-NS ITSCOMM-NS
1574 / TCP MVEL-LM MVEL-LM
1575 / TCP ORACLENAMES ORACLENAMES
1576 / TCP MOLDFLOW-LM MOLDFLOW-LM
1577 / TCP HYPERCUBE-LM HYPERCUBE-LM
1578 / TCP Jacobus-LM Jacobus License Manager
1579 / TCP IOC-SEA-LM IOC-SEA-LM
1580 / TCP TN-TL-R1 TN-TL-R1
1581 / TCP MIL-2045-47001 MIL-2045-47001
1582 / TCP MSIMS MSIMS
1583 / TCP SIMBAEXPRESS SIMBAEXPRESS
1584 / TCP TN-TL-FD2 TN-TL-FD2
1585 / TCP INTV INTV
1586 / TCP IBM-ABTACT IBM-ABTACT
1587 / TCP PRA_ELMD PRA_ELMD
1588 / TCP TRIQUEST-LM TRIQUEST-LM
1589 / TCP VQP VQP
1590 / TCP GEMINI-LM GEMINI-LM1591 / TCP NCPM-PM NCPM-PM
1592 / TCP Commonspace Commonspace
1593 / TCP MAINSOFT-LM MAINSOFT-LM
1594 / TCP Sixtrak Sixtrak
1595 / TCP RADIO RADIO
1596 / TCP RADIO-SM RADIO-SM
1597 / TCP ORBPLUS-IIOP ORBPLUS-IIOP
1598 / TCP PICKNFS PICKNFS
1599 / TCP SIMBASERVICES SIMBASERVICES
1600 / TCP ISSD
1601 / TCP AAS AAS
1602 / TCP Inspect Inspect
1603 / TCP Picodbc Pickodbc
1604 / TCP ICABROWSER ICABROWSER
1605 / TCP SLP SALUTATION Manager (Salutation Protocol)
1606 / TCP SLM-API SALUTATION Manager (SLM-API)
1607 / TCP STT STT
1608 / TCP Smart-LM Smart Corp. License Manager
1609 / TCP ISYSG-LM ISYSG-LM
1610 / TCP Taurus-WH TAURUS-WH
1611 / TCP ILL Inter Library Loan
1612 / TCP NetBill-Trans NetBill Transaction Server
1613 / TCP NetBill-Keyrep NetBill Key Repository
1614 / TCP NetBill-Cred Netbill Credential Server
1615 / TCP NetBill-Auth Netbill Authorization Server
1616 / TCP NetBill-Product NetBill Product Server
1617 / TCP Nimrod-agent Nimrod Inter-Agent Communication
1618 / TCP Skytelnet Skytelnet
1619 / TCP XS-OpenStorage XS-OpenStorage
1620 / TCP FaxportWinport Faxportwinport
1621 / TCP SoftDataPhone SoftDataPhone
1622 / TCP ONTIME ONTIME
1623 / TCP jaleosnd jaleosnd
1624 / TCP UDP-SR-PORT UDP-SR-Port
1625 / TCP SVS-OMAGENT SVS-OMAGENT
1636 / TCP CNCP CABLENET Control Protocol
1637 / TCP CNAP CABLENET Admin Protocol
1638 / TCP CNIP CABLENET INFO PROTOCOL
1639 / TCP CERT-INITIATOR CERT-INITIATOR
1640 / TCP CERT-RESPONDER CERT-RESPONDER
1641 / TCP Invision Invision
1642 / TCP ISIS-AM ISIS-AM
1643 / TCP ISIS-AMBC ISIS-AMBC
1645 / TCP DataMetrics DataMetrics
1646 / TCP SA-MSG-Port SA-MSG-Port
1647 / TCP RSAP RSAP
1648 / TCP Concurrent-LM Concurrent-LM
1649 / TCP Inspect Inspect
1650 / TCP NKD NKD
1651 / TCP shiva_confsrvr shiva_confsrvr
1652 / TCP XNMP XNMP1653 / TCP Alphatech-LM Alphatech-LM
1654 / TCP stargatealerts stargatealerts
1655 / TCP DEC-MBADMIN DEC-MBADMIN
1656 / TCP DEC-MBADMIN-H DEC-MBADMIN-H
1657 / TCP Fujitsu-MMPDC Fujitsu-MMPDC
1658 / TCP SixNetudr SixNetudr
1659 / TCP SG-LM Silicon Grail License Manager
1660 / TCP SKIP-MC-GIKREQ SKIP-MC-GIKREQ
1661 / TCP NetView-AIX-1 NetView-AIX-1
1662 / TCP NetView-AIX-2 NetView-AIX-2
1663 / TCP NETVIEW-AIX-3 NetView-AIX-3
1664 / TCP NETVIEW-AIX-4 NetView-AIX-4
1665 / TCP NETVIEW-AIX-5 NetView-AIX-5
1666 / TCP NetView-AIX-6 NetView-AIX-6
1667 / TCP NETVIEW-AIX-7 NetView-AIX-7
1668 / TCP NetView-AIX-8 NetView-AIX-8
1669 / TCP NetView-AIX-9 NetView-AIX-9
1670 / TCP NetView-AIX-10 NetView-AIX-10
1671 / TCP NetView-AIX-11 NetView-AIX-11
1672 / TCP NetView-AIX-12 NetView-AIX-12
1673 / TCP Proshare-MC-1 Intel ProShare Multicast
1674 / TCP Proshare-MC-2 Intel ProShare Multicast
1675 / TCP PDP Pacific Data Products
1676 / TCP Netcomm1 Netcomm1
1677 / TCP GroupWise GroupWise
1678 / TCP ProLink Prolink
1679 / TCP DARCORP-LM DARCORP-LM
1681 / TCP SD-ELMD SD-ELMD
1682 / TCP lanyon-lantern lanyon-lantern
1683 / TCP NCPM-HIP NCPM-HIP
1684 / TCP SNARESECURE SNARESECURE
1685 / TCP N2NREMOTE N2NREMOTE
1686 / TCP CVMON CVMON
1687 / TCP NSJTP-CTRL NSJTP-CTRL
1688 / TCP NSJTP-DATA NSJTP-DATA
1689 / TCP Firefox Firefox
1690 / TCP NG-UMDS NG-UMDS
1691 / TCP EMPIRE-EMPUMA Empire-Empuma
1692 / TCP SSTSYS-LM SSTSYS-LM
1693 / TCP RRIRTR RRIRTR
1694 / TCP RRIMWM RRIMWM
1695 / TCP RRILWM RRILWM
1696 / TCP RRIFMM RRIFMM
1697 / TCP rrisat rrisat
1698 / TCP RSVP-ENCAP-1 RSVP-ENCAPSULATION-1
1699 / TCP RSVP-ENCAP-2 RSVP-ENCAPSULATION-2
1700 / TCP MPS-RAFT MPS-RAFT
1701 / TCP L2F, L2TP L2F, L2TP
1702 / TCP Deskshare Deskshare
1703 / TCP HB-ENGINE HB-ENGINE
1704 / TCP BCS-BROKER BCS-BROKER
1705 / TCP SLINGSHOT SLINGSHOT
1706 / TCP JetForm Jetform
1707 / TCP VDMPLAY VDMPLAY
1708 / TCP GAT-LMD GAT-LMD
1709 / TCP CENTRA CENTRA
1710 / TCP IMPERA Impera
1711 / TCP PPTConference PPTCONMENCE
1712 / TCP Registrar Resource Monitoring Service
1713 / TCP Conferencealk Conferencetalk
1714 / TCP SESI-LM SESI-LM
1715 / TCP HOUDINI-LM HOUDINI-LM
1716 / TCP XMSG XMSG
1717 / TCP FJ-HDNET FJ-HDNET
1718 / TCP H323Gatedisc H323GatedISC
1719 / TCP H323Gatestat H323gatestat
1720 / TCP H323HostCall H323HostCall
1721 / TCP caicci caicci
1722 / TCP HKS-LM HKS License Manager
1723 / TCP PPTP PPTP
1724 / TCP CSBPHONEMASTER CSBPHONEMASTER
1725 / TCP IDEN-RALP IDEN-RALP
1726 / TCP Iberiagames Iberiagames
1727 / TCP Winddx Winddx
1728 / TCP TELINDUS TELINDUS
1729 / TCP citynl citynl license management
1730 / TCP ROKETZ ROKETZ
1731 / TCP Msiccp Msiccp
1732 / TCP Proxim Proxim
1733 / TCP SiIPAT SIMS - SIIPAT Protocol for Alarm Transmission
1734 / TCP CAMBERTX-LM CAMBER CORPORATION LICENSE Management
1735 / TCP PrivateChat PrivateChat PRIVATECHAT
1736 / TCP Street-Stream Street-stream
1737 / TCP Ultimad Ultimad
1738 / TCP Gamegen1 Gamegen1
1739 / TCP Webaccess Webaccess
1740 / TCP ENCORE ENCORE
1741 / TCP Cisco-Net-mgmt Cisco-Net-MGMT
1742 / TCP 3COM-NSD 3COM-NSD
1743 / TCP CINEGRFX-LM CINEMA Graphics License Manager
1744 / TCP NCPM-FT NCPM-FT
1745 / TCP Remote-Winsock Remote-Winsock
1746 / TCP FTRAPID-1 FTRAPID-1
1747 / TCP FTRAPID-2 FTRAPID-2
1748 / TCP ORACLE-EM1 ORACLE-EM1
1749 / TCP Aspen-Services Aspen-Services
1750 / TCP SSLP SIMPLE Socket Library's Portmaster
1751 / TCP SWIFTNET SWIFTNET
1752 / TCP LOFR-LM Leap of Faith Research License Manager
1753 / TCP TRANSLOGIC-LM Translogic license Manager
1754 / TCP ORACLE-EM2 Oracle-EM2
1755 / TCP MS-streaming ms-streaming
1756 / TCP CAPFAST-LMD CAPFAST-LMD1757 / TCP CNHRP CNHRP
1758 / TCP TFTP-MCAST TFTP-MCAST
1759 / TCP SPSS-LM SPSS license Manager
1760 / TCP WWW-LDAP-GW WWW-LDAP-GW
1761 / TCP CFT-0 CFT-0
1762 / TCP CFT-1 CFT-1
1763 / TCP CFT-2 CFT-2
1764 / TCP CFT-3 CFT-3
1765 / TCP CFT-4 CFT-4
1766 / TCP CFT-5 CFT-5
1767 / TCP CFT-6 CFT-6
1768 / TCP CFT-7 CFT-7
