Suggest A Fix PC Support Forums > IANA Port Authority Lists, firewall facts, trojan

Full Version: IANA Port Authority Lists, firewall facts, trojan

Suggest A Fix PC Support Forums > Security > Security Tools and Articles > Security Articles - read only

73-997563179

Aug 15 2001, 06:06 PM

What Are Ports?
A port is a point of connection. In networking, a port acts as the door at each end of a connection through which client/server/peer programs transfer information during a data exchange. Whenever a network program initiates activity with a remote system, a port is opened up, both locally and remotely, to allow the exchange to take place.

Below are links to TCP/IP port lists, which are a valuable resource for anyone involved with firewall configuration or maintenance.

Port Numbers
Port numbers are divided into three classifications: The Well-known Ports, the Registered Ports, and the Dynamic and/or Private Ports.

The Well-known Ports are those from 0 through 1023. These are IANA assigned and controlled, and are usually owned by programs performing lower level system processes. HTTP services, for example, such as Web browsers and Web servers, use TCP/IP port 80. FTP programs work on port 20/21.

The Registered Ports are those from 1024 through 49151. These are also IANA assigned and controlled, but are registered to a company or individual for proprietary purposes.

The Dynamic and/or Private Ports are those from 49152 through 65535. These ports are truly dynamic, in the sense that they can be utilized privately by any process for any purpose. Often, a program running on a registered port number (1024 through 49151) will spawn other processes that utilize these dynamic ports.

Information about registering port numbers may be found here: http://www.iana.org/numbers.htm#P

Lists by Service/Application
This list of ports is an extremely comprehensive catalog of the services and applications that make use of nearly 7000 of the TCP/IP ports.

Port Numbers with Applications/Services (HTML, from SecurityPortal)
1 to 500, 501 to 1000, 1001 to 1500, 1501 to 2000, 2001 to 2500, 2501 to 3000, 3001 to 3500, 3501 to 7000, 7001 to 65535

Lists by Registration
IANA (Internet Assigned Numbers Authority), the organization in charge of registering port numbers to individuals or corporation, keeps an updated list of each registered port online. The following lists are either posted by IANA, or derived from IANA postings (improved presentation).

Note that these lists do not necessarily tell what services or applications use each port. Except for the well-known ports, they catalog who is registered to distribute programs that use each port. Trojan horse authors, among others, often don't fall in line with the registration system, so you may find SecurityPortal's list by Service/Application to be a more valuable resource.

Port Assignments for All Well-known and Registered Ports (Text, from IANA) http://www.isi.edu/in-notes/iana/assignments/port-numbers

Port Assignments for Most Well-known and Registered Ports (HTML, from Linnet Solutions Ltd.) http://www.ec11.dial.pipex.com/port-num.htm

20. Firewall Forensics (What am I seeing?) http://www.robertgraham.com/pubs/firewall-seen.html#1.1

21. All about firewalls, IANA assigned and known trojan ports,etc http://www.nwi.net/~pchelp/security/firewalls.htm http://www.tribecaexpress.com/firewallfaq.htm

22. Trojan horse listings-known ports, file sizes, etc http://www.simovits.com/sve/nyhetsarkiv/1999/nyheter9902.html

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.