Firewall Wizards mailing list archives
Re: Port Cheat Sheet
From: Derek Vadala <derek () usfca edu>
Date: Mon, 24 May 1999 15:06:33 -0700 (PDT)
On Mon, 24 May 1999, Joseph S D Yao wrote:
Seriously, the first place I always look is /etc/services on some J Q Random Unix [or derivative] system. The DEC one used to be very good. The Linux one seems to be good; probably *BSDs' are, as well. Some companies seem to trim it a bit to mostly include the Well Known ports and their proprietary ports, though ...
/etc/services is not usually that helpful if you're sitting on a network and watching traffic run by in attempt to track down a problem or intrustion. It would be helpful, for example, to be able to figure out what could be potentially passing traffic on given ports. Let's say I witness a ton of traffic being passed on port 35767. Well it would be helpful to know that XXXX application or trojan horse uses that port in a default configuration. I don't think that you want to have that kind of information sitting around in /etc/service, but it would be helpful if security thugs and administrators around the world had a place to tagline ports and say things like "Hey. I've noticed XXXX trend recently." +++ath Derek Vadala, derek () usfca edu, http://www.cynicism.com/~derek
Current thread:
- Port Cheat Sheet sweetcheeks (May 22)
- Re: Port Cheat Sheet administrator (May 23)
- Re: Port Cheat Sheet Mookie (May 23)
- Re: Port Cheat Sheet Crispin Cowan (May 23)
- RE: Port Cheat Sheet Peter Schuller (May 23)
- RE: Port Cheat Sheet Paul D. Robertson (May 28)
- Re: Port Cheat Sheet Joseph S D Yao (May 28)
- RE: Port Cheat Sheet Paul D. Robertson (May 28)
- Re: Port Cheat Sheet Derek Vadala (May 23)
- Re: Port Cheat Sheet Andrew Brown (May 28)
- Re: Port Cheat Sheet Joseph S D Yao (May 28)
- Re: Port Cheat Sheet Derek Vadala (May 28)
- Re: Port Cheat Sheet Joseph S D Yao (May 28)
- <Possible follow-ups>
- Re: Port Cheat Sheet Robert Graham (May 23)