Alors tout d'abord, les ports, c'est quoi ?
Disons... Ce sont des "portes" dans le FireWall. Par exemple, si vous avez le port 50000 ouvert, c'est comme si vous lessiez une fenetre ouverte et que vous partiez en lessant la clé dans la serrure. Les Trojans les utilisent pour se conecter sur votre pc ou sur un serveur. Il sont necéssaires pour se connecter ou utiliser certains logiciels, comme des jeux online ou emule. Un port peut être ouvert ou bloqué, et il est geré par le PareFeu.
Les ports les plus connus et les plus utilsés* :
Port 80 : HTTP
Port 22 : ssh
Port 23 : Telnet
Port 20 : FTP
Port 137 : NetBIOS
*Voir la liste entière à la fin
Les hackers utilisent des scanner de ports. Vous pouvez télécharger par exemple Angry IP Scanner. Vous pouver tester vos ports ouverts grâce à ce test.
Voici une liste des ports utilisé par les Trojans :
| port | Troyen |
|---|---|
| 21 | Back construction, Blade runner, Doly, Fore, FTP trojan, Invisible FTP, Larva, WebEx, WinCrash |
| 23 | TTS (Tiny Telnet Server) |
| 25 | Ajan, Antigen, Email Password Sender, Happy99, Kuang 2, ProMail trojan, Shtrilitz, Stealth, Tapiras, Terminator, WinPC, WinSpy |
| 31 | Agent 31, Hackers Paradise, Masters Paradise |
| 41 | Deep Throat |
| 59 | DMSetup |
| 79 | FireHotcker |
| 80 | Executor, RingZero |
| 99 | Hidden port |
| 110 | ProMail trojan |
| 113 | Kazimas |
| 119 | Happy 99 |
| 121 | JammerKillah |
| 421 | TCP Wrappers |
| 456 | Hackers Paradise |
| 531 | Rasmin |
| 555 | Ini-Killer, NetAdmin, Phase Zero, Stealth Spy |
| 666 | Attack FTP, Back Construction, Cain & Abel, Satanz Backdoor, ServeU, Shadow Phyre |
| 911 | Dark Shadow |
| 999 | Deep Throat, WinSatan |
| 1002 | Silencer, WebEx |
| 1010 à 1015 | Doly trojan |
| 1024 | NetSpy |
| 1042 | Bla |
| 1045 | Rasmin |
| 1090 | Xtreme |
| 1170 | Psyber Stream Server, Streaming Audio Trojan, voice |
| 1234 | Ultor trojan |
| port 1234 | Ultors Trojan |
| port 1243 | BackDoor-G, SubSeven, SubSeven Apocalypse |
| port 1245 | VooDoo Doll |
| port 1269 | Mavericks Matrix |
| port 1349 (UDP) | BO DLL |
| port 1492 | FTP99CMP |
| port 1509 | Psyber Streaming Server |
| port 1600 | Shivka-Burka |
| port 1807 | SpySender |
| port 1981 | Shockrave |
| port 1999 | BackDoor |
| port 1999 | TransScout |
| port 2000 | TransScout |
| port 2001 | TransScout |
| port 2001 | Trojan Cow |
| port 2002 | TransScout |
| port 2003 | TransScout |
| port 2004 | TransScout |
| port 2005 | TransScout |
| port 2023 | Ripper |
| port 2115 | Bugs |
| port 2140 | Deep Throat, The Invasor |
| port 2155 | Illusion Mailer |
| port 2283 | HVL Rat5 |
| port 2565 | Striker |
| port 2583 | WinCrash |
| port 2600 | Digital RootBeer |
| port 2801 | Phineas Phucker |
| port 2989 (UDP) | RAT |
| port 3024 | WinCrash |
| port 3128 | RingZero |
| port 3129 | Masters Paradise |
| port 3150 | Deep Throat, The Invasor |
| port 3459 | Eclipse 2000 |
| port 3700 | portal of Doom |
| port 3791 | Eclypse |
| port 3801 (UDP) | Eclypse |
| port 4092 | WinCrash |
| port 4321 | BoBo |
| port 4567 | File Nail |
| port 4590 | ICQTrojan |
| port 5000 | Bubbel, Back Door Setup, Sockets de Troie |
| port 5001 | Back Door Setup, Sockets de Troie |
| port 5011 | One of the Last Trojans (OOTLT) |
| port 5031 | NetMetro |
| port 5321 | Firehotcker |
| port 5400 | Blade Runner, Back Construction |
| port 5401 | Blade Runner, Back Construction |
| port 5402 | Blade Runner, Back Construction |
| port 5550 | Xtcp |
| port 5512 | Illusion Mailer |
| port 5555 | ServeMe |
| port 5556 | BO Facil |
| port 5557 | BO Facil |
| port 5569 | Robo-Hack |
| port 5742 | WinCrash |
| port 6400 | The Thing |
| port 6669 | Vampyre |
| port 6670 | DeepThroat |
| port 6771 | DeepThroat |
| port 6776 | BackDoor-G, SubSeven |
| port 6912 | Shit Heep (not port 69123!) |
| port 6939 | Indoctrination |
| port 6969 | GateCrasher, Priority, IRC 3 |
| port 6970 | GateCrasher |
| port 7000 | Remote Grab, Kazimas |
| port 7300 | NetMonitor |
| port 7301 | NetMonitor |
| port 7306 | NetMonitor |
| port 7307 | NetMonitor |
| port 7308 | NetMonitor |
| port 7789 | Back Door Setup, ICKiller |
| port 8080 | RingZero |
| port 9400 | InCommand |
| port 9872 | portal of Doom |
| port 9873 | portal of Doom |
| port 9874 | portal of Doom |
| port 9875 | portal of Doom |
| port 9876 | Cyber Attacker |
| port 9878 | TransScout |
| port 9989 | iNi-Killer |
| port 10067 (UDP) | portal of Doom |
| port 10101 | BrainSpy |
| port 10167 (UDP) | portal of Doom |
| port 10520 | Acid Shivers |
| port 10607 | Coma |
| port 11000 | Senna Spy |
| port 11223 | Progenic trojan |
| port 12076 | Gjamer |
| port 12223 | Hack´99 KeyLogger |
| port 12345 | GabanBus, NetBus, Pie Bill Gates, X-bill |
| port 12346 | GabanBus, NetBus, X-bill |
| port 12361 | Whack-a-mole |
| port 12362 | Whack-a-mole |
| port 12631 | WhackJob |
| port 13000 | Senna Spy |
| port 16969 | Priority |
| port 17300 | Kuang2 The Virus |
| port 20000 | Millennium |
| port 20001 | Millennium |
| port 20034 | NetBus 2 Pro |
| port 20203 | Logged |
| port 21544 | GirlFriend |
| port 22222 | Prosiak |
| port 23456 | Evil FTP, Ugly FTP, Whack Job |
| port 23476 | Donald Dick |
| port 23477 | Donald Dick |
| port 26274 (UDP) | Delta Source |
| port 27374 | SubSeven 2.0 |
| port 29891 (UDP) | The Unexplained |
| port 30029 | AOL Trojan |
| port 30100 | NetSphere |
| port 30101 | NetSphere |
| port 30102 | NetSphere |
| port 30303 | Sockets de Troie |
| port 30999 | Kuang2 |
| port 31336 | Bo Whack |
| port 31337 | Baron Night, BO client, BO2, Bo Facil |
| port 31337 (UDP) | BackFire, Back Orifice, DeepBO |
| port 31338 | NetSpy DK |
| port 31338 (UDP) | Back Orifice, DeepBO |
| port 31339 | NetSpy DK |
| port 31666 | BOWhack |
| port 31785 | Hack´a´Tack |
| port 31787 | Hack´a´Tack |
| port 31788 | Hack´a´Tack |
| port 31789 (UDP) | Hack´a´Tack |
| port 31791 (UDP) | Hack´a´Tack |
| port 31792 | Hack´a´Tack |
| port 33333 | Prosiak |
| port 33911 | Spirit 2001a |
| port 34324 | BigGluck, TN |
| port 40412 | The Spy |
| port 40421 | Agent 40421, Masters Paradise |
| port 40422 | Masters Paradise |
| port 40423 | Masters Paradise |
| port 40426 | Masters Paradise |
| port 47262 (UDP) | Delta Source |
| port 50505 | Sockets de Troie |
| port 50766 | Fore, Schwindler |
| port 53001 | Remote Windows Shutdown |
| port 54320 | Back Orifice 2000 |
| port 54321 | School Bus |
| port 54321 (UDP) | Back Orifice 2000 |
| port 60000 | Deep Throat |
| port 61466 | Telecommando |
| port 65000 | Devil |
Voici une liste compléte des ports :
| n° | type | description |
|---|---|---|
| 1 | tcp | tcpmux - TCP Port Service Multiplexer |
| 2 | tcp | compressnet - Management Utility |
| 3 | tcp | compressnet - Compression Process |
| 5 | tcp | rje - Remote Job Entry |
| 7 | tcp | echo |
| 9 | tcp | discard |
| 11 | tcp | systat - Active Users |
| 13 | tcp | daytime |
| 17 | tcp | qotd - Quote of the Day |
| 18 | tcp | msp - Message Send Protocol |
| 19 | tcp | chargen - Character Generator |
| 20 | tcp | ftp-data - File Transfer Protocol [flux de données] |
| 21 | tcp | ftp - File Transfer Protocol (le flux de contrôle pour le transfert de fichiers), voir Diagramme des flux FTP (port 20 et 21) |
| 22 | tcp | ssh - Secure Shell |
| 23 | tcp | telnet |
| 24 | tcp | any private mail system |
| 25 | tcp | smtp - Simple Mail Transfer |
| 27 | tcp | nsw-fe - NSW User System FE |
| 29 | tcp | msg-icp |
| 31 | tcp | msg-auth - MSG Authentication |
| 33 | tcp | dsp - Display Support Protocol |
| 35 | tcp | any private printer server |
| 37 | tcp | Time protocol |
| 38 | tcp | rap - Route Access Protocol |
| 39 | tcp | rlp - Resource Location Protocol |
| 41 | tcp | graphics |
| 42 | tcp | nameserver - Host Name Server |
| 43 | tcp | nicname - Who Is |
| 44 | tcp | mpm-flags - MPM FLAGS Protocol |
| 45 | tcp | mpm - Message Processing Module [recv] |
| 46 | tcp | mpm - Message Processing Module [default send] |
| 47 | tcp | ni-ftp |
| 48 | tcp | auditd - Digital Audit Daemon |
| 49 | tcp | login - Login Host Protocol (Terminal Access Controller Access-Control System) |
| 50 | tcp | re-mail-ck - Remote Mail Checking Protocol |
| 51 | tcp | la-maint - IMP Logical Address Maintenance |
| 52 | tcp | xns-time - XNS Time Protocol |
| 53 | udp | domain - Domain Name Service |
| 54 | udp | xns-ch - XNS Clearinghouse |
| 55 | tcp | isi-gl - ISI Graphics Language |
| 56 | tcp | xns-auth - XNS Authentication |
| 57 | tcp | any private terminal access |
| 58 | tcp | xns-mail - XNS Mail |
| 59 | tcp | any private file service |
| 61 | tcp | ni-mail |
| 62 | tcp | acas - ACA Services |
| 64 | tcp | covia - Communications Integrator (CI) |
| 65 | tcp | tacacs-ds - TACACS-Database Service |
| 67 | udp | bootps - Bootstrap Protocol Server, ce port est aussi utilisé par une extension de bootp : DHCP, pour la recherche d'un serveur DHCP |
| 68 | udp | bootpc - Bootstrap Protocol Client, ce port est aussi utilisé par une extension de bootp : DHCP, pour le dialogue entre le serveur DHCP et le client (attribution d'un bail pour une adresse IP) |
| 69 | udp | tftp - Trivial File Transfer |
| 70 | tcp | gopher |
| 71 | tcp | netrjs-1 Remote Job Service |
| 72 | tcp | netrjs-2 Remote Job Service |
| 73 | tcp | netrjs-3 Remote Job Service |
| 74 | tcp | netrjs-4 Remote Job Service |
| 75 | tcp | any private dial out service |
| 76 | tcp | deos - Distributed External Object Store |
| 77 | tcp | any private RJE service |
| 78 | tcp | vettcp |
| 79 | tcp | finger |
| 80 | tcp | www-http - World Wide Web HTTP |
| 81 | tcp | host2-ns - HOSTS2 Name Server |
| 82 | tcp | xfer - XFER Utility |
| 83 | tcp | mit-ml-dev |
| 84 | tcp | ctf - Common Trace Facility |
| 85 | tcp | mit-ml-dev |
| 86 | tcp | mfcobol - Micro Focus Cobol |
| 87 | tcp | any private terminal link |
| 88 | tcp | kerberos |
| 89 | tcp | su-mit-tg - SU/MIT Telnet Gateway |
| 90 | tcp | dnsix - DNSIX Security Attribute Token Map |
| 91 | tcp | mit-dov - MIT Dover Spooler |
| 92 | tcp | npp - Network Printing Protocol |
| 93 | tcp | dcp - Device Control Protocol |
| 94 | tcp | objcall - Tivoli Object Dispatcher |
| 95 | tcp | supdup |
| 96 | tcp | dixie - DIXIE Protocol Specification |
| 97 | tcp | swift-rvf - Swift Remote Virtual File Protocol |
| 98 | tcp | tacnews |
| 99 | tcp | metagram - Metagram Relay |
| 100 | tcp | newacct - [unauthorized use] |
| 101 | tcp | hostname - NIC Host Name Server |
| 102 | tcp | iso-tsap |
| 103 | tcp | gppitnp - Genesis Point-To-Point Trans Net |
| 104 | tcp | acr-nema - ACR-NEMA Digital Imag. & Comm. 300 |
| 105 | tcp | csnet-ns - Mailbox Name Nameserver |
| 106 | tcp | 3com-tsmux |
| 107 | tcp | rtelnet - Remote Telnet Service |
| 108 | tcp | snagas - SNA Gateway Access Server |
| 109 | tcp | pop2 - Post Office Protocol - Version 2 RFC 937 |
| 110 | tcp | pop3 - Post Office Protocol - Version 3 |
| 111 | tcp | sunrpc - SUN Remote Procedure Call |
| 112 | tcp | mcidas - McIDAS Data Transmission Protocol |
| 113 | tcp | auth - Authentication Service |
| 114 | tcp | audionews - Audio News Multicast |
| 115 | tcp | sftp - Secure File Transfer Protocol |
| 116 | tcp | ansanotify - ANSA REX Notify |
| 117 | tcp | uucp-path - UUCP Path Service |
| 118 | tcp | sqlserv - SQL Services |
| 119 | tcp | nntp - Network News Transfer Protocol |
| 120 | tcp | cfdptkt |
| 121 | tcp | erpc - Encore Expedited Remote Pro.Call |
| 122 | tcp | smakynet |
| 123 | tcp | ntp - Network Time Protocol |
| 124 | tcp | ansatrader - ANSA REX Trader |
| 125 | tcp | locus-map - Locus PC-Interface Net Map Server |
| 126 | tcp | unitary - Unisys Unitary Login |
| 127 | tcp | locus-con - Locus PC-Interface Conn Server |
| 128 | tcp | gss-xlicen - GSS X License Verification |
| 129 | tcp | pwdgen - Password Generator Protocol |
| 130 | tcp | cisco-fna - cisco FNATIVE |
| 131 | tcp | cisco-tna - cisco TNATIVE |
| 132 | tcp | cisco-sys - cisco SYSMAINT |
| 133 | tcp | statsrv - Statistics Service |
| 135 | tcp | loc-srv - Location Service |
| 136 | tcp | profile - PROFILE Naming System |
| 137 | tcp | netbios-ns - NETBIOS Name Service |
| 138 | tcp | netbios-dgm - NETBIOS Datagram Service |
| 139 | tcp | netbios-ssn - NETBIOS Session Service |
| 140 | tcp | emfis-data - EMFIS Data Service |
| 141 | tcp | emfis-cntl - EMFIS Control Service |
| 142 | tcp | bl-idm - Britton-Lee IDM |
| 143 | tcp | imap2, imap4 - Interim Mail Access Protocol v2 |
| 144 | tcp | news |
| 145 | tcp | uaac |
| 146 | tcp | iso-tp0 |
| 147 | tcp | iso-ip |
| 148 | tcp | cronus - CRONUS-SUPPORT |
| 149 | tcp | aed-512 - AED 512 Emulation Service |
| 150 | tcp | sql-net |
| 151 | tcp | hems |
| 152 | tcp | bftp - Background File Transfer Program |
| 153 | tcp | sgmp |
| 154 | tcp | netsc-prod |
| 155 | tcp | netsc-dev |
| 156 | tcp | sqlsrv - SQL Service |
| 157 | tcp | knet-cmp - KNET/VM Command/Message Protocol |
| 158 | tcp | pcmail-srv - PCMail Server |
| 159 | tcp | nss-routing |
| 160 | tcp | sgmp-traps |
| 161 | udp | SNMP - Simple Network Management Protocol |
| 162 | udp | snmptrap - Simple Network Management Protocol Trap |
| 163 | tcp | cmip-man - CMIP/TCP Manager |
| 164 | tcp | cmip-agent - CMIP/TCP Agent |
| 165 | tcp | xns-courier - Xerox |
| 166 | tcp | s-net - Sirius Systems |
| 167 | tcp | namp |
| 168 | tcp | rsvd |
| 169 | tcp | send |
| 170 | tcp | print-srv - Network PostScript |
| 171 | tcp | multiplex - Network Innovations Multiplex |
| 172 | tcp | cl/1 - Network Innocations CL/1 |
| 173 | tcp | xyplex-mux - Xyplex |
| 174 | tcp | mailq |
| 175 | tcp | vmnet |
| 176 | tcp | genrad-mux |
| 177 | tcp | xdmcp - X Display Manager Control Protocol |
| 178 | tcp | nextstep - NeXTSTEP Window Server |
| 179 | tcp | bgp - Border Gateway Protocol |
| 180 | tcp | ris - Intergraph |
| 181 | tcp | unify |
| 182 | tcp | audit - Unisys Audit SITP |
| 183 | tcp | ocbinder |
| 184 | tcp | ocserver |
| 185 | tcp | remote-kis |
| 186 | tcp | kis - KIS Protocol |
| 187 | tcp | aci - Application Communication Interface |
| 188 | tcp | mumps - Plus Five's MUMPS |
| 189 | tcp | qft - Queued File Transport |
| 190 | tcp | gacp - Gateway Access Protocol |
| 191 | tcp | prospero - Prospero Directory Service |
| 192 | tcp | osu-nms - OSU Network Monitoring System |
| 193 | tcp | srmp - Spider Remote Monitoring Protocol |
| 194 | tcp | Internet relay chat (IRC) |
| 195 | tcp | dn6-nlm-aud - DNSIX Network Level Module Audit |
| 196 | tcp | dn6-nlm-red - DNSIX Session Mgt Module Audit Redir |
| 197 | tcp | dls - Directory Location Service |
| 198 | tcp | dls-mon - Directory Location Service Monitor |
| 199 | tcp | smux |
| 200 | tcp | src - IBM System Resource Controller |
| 201 | tcp | at-rtmp - AppleTalk Routing Maintenance |
| 202 | tcp | at-nbp - AppleTalk Name Binding |
| 203 | tcp | at-3 - AppleTalk Unused |
| 204 | tcp | at-echo - AppleTalk Echo |
| 205 | tcp | at-5 - AppleTalk Unused |
| 206 | tcp | at-zis - AppleTalk Zone Information |
| 207 | tcp | at-7 - AppleTalk Unused |
| 208 | tcp | at-8 - AppleTalk Unused |
| 209 | tcp | tam - Trivial Mail Authentication Protocol |
| 210 | tcp | z39.50 |
| 211 | tcp | 914c/g - Texas Instruments 914C/G Terminal |
| 212 | tcp | anet - ATEXSSTR |
| 213 | tcp | ipx |
| 214 | tcp | vmpwscs - VM PWSCS |
| 215 | tcp | softpc - Insignia Solutions |
| 216 | tcp | atls - Access Technology License Server |
| 217 | tcp | dbase - dBASE Unix |
| 218 | tcp | mpp - Netix Message Posting Protocol |
| 219 | tcp | uarps - Unisys ARPs |
| 220 | tcp | imap3 - Interactive Mail Access Protocol v3 |
| 221 | tcp | fln-spx - Berkeley rlogind with SPX auth |
| 222 | tcp | rsh-spx - Berkeley rshd with SPX auth |
| 223 | tcp | cdc - Certificate Distribution Center |
| 243 | tcp | sur-meas - Surveet Measurement |
| 245 | tcp | link |
| 246 | tcp | dsp3270 - Display Systems Protocol |
| 344 | tcp | pdap - Prospero Data Access Protocol |
| 345 | tcp | pawserv - Perf Analysis Workbench |
| 346 | tcp | zserv - Zebra server |
| 347 | tcp | fatserv - Fatmen Server |
| 348 | tcp | csi-sgwp - Cabletron Management Protocol |
| 371 | tcp | clearcase |
| 372 | tcp | ulistserv - Unix Listserv |
| 373 | tcp | legent-1 - Legent Corporation |
| 374 | tcp | legent-2 - Legent Corporation |
| 375 | tcp | hassle |
| 376 | tcp | nip - Amiga Envoy Network Inquiry Proto |
| 377 | tcp | tnETOS - NEC Corporation |
| 378 | tcp | dsETOS - NEC Corporation |
| 379 | tcp | is99c - TIA/EIA/IS-99 modem client |
| 380 | tcp | is99s - TIA/EIA/IS-99 modem server |
| 381 | tcp | hp-collector - hp performance data collector |
| 382 | tcp | hp-managed-node - hp performance data managed node |
| 383 | tcp | hp-alarm-mgr - hp performance data alarm manager |
| 384 | tcp | arns - A Remote Network Server System |
| 385 | tcp | ibm-app - IBM Application |
| 386 | tcp | asa - ASA Message Router Object Def. |
| 387 | tcp | aurp - AppleTalk Update-Based Routing Pro. |
| 388 | tcp | unidata-ldm - Unidata LDM Version 4 |
| 389 | tcp | Lightweight Directory Access Protocol (LDAP) |
| 390 | tcp | uis |
| 391 | tcp | synotics-relay - SynOptics SNMP Relay Port |
| 392 | tcp | synotics-broker - SynOptics Port Broker Port |
| 393 | tcp | dis - Data Interpretation System |
| 394 | tcp | embl-ndt - EMBL Nucleic Data Transfer |
| 395 | tcp | NETscout Control Protocol |
| 396 | tcp | netware-ip - Novell NetWare over IP |
| 397 | tcp | mptn - Multi Protocol Trans. Net. |
| 398 | tcp | kryptolan |
| 400 | tcp | work-sol - Worksation Solutions |
| 401 | tcp | ups - Uninteruptible Power Supply |
| 402 | tcp | genie - Genie Protocol |
| 403 | tcp | decap |
| 404 | tcp | nced |
| 407 | tcp | timbuktu |
| 408 | tcp | prm-sm - Prospero Resource Manager Sys. Man. |
| 409 | tcp | prm-nm - Prospero Resource Manager Node Man. |
| 410 | tcp | decladebug - DECLadebug Remote Debug Protcol |
| 411 | tcp | rmt - Remote MT Protocol |
| 412 | tcp | synoptics-trap - Trap Convetion Port |
| 413 | tcp | smsp |
| 414 | tcp | infoseek |
| 415 | tcp | bnet |
| 416 | tcp | silverplatter |
| 417 | tcp | onmux |
| 418 | tcp | hyper-g |
| 419 | tcp | ariel1 |
| 420 | tcp | smpte |
| 421 | tcp | ariel2 |
| 422 | tcp | ariel3 |
| 423 | tcp | opc-job-start - IBM Operations Planning and Control Start |
| 424 | tcp | opc-job-track - IBM Operations Planning and Control Track |
| 425 | tcp | icad-el - ICAD |
| 426 | tcp | smartsdp |
| 427 | tcp | svrloc - Server Location |
| 428 | tcp | ocs_cmu |
| 429 | tcp | ocs_amu |
| 430 | tcp | utmpsd |
| 431 | tcp | utmpcd |
| 432 | tcp | iasd |
| 433 | tcp | nnsp |
| 434 | tcp | mobileip-agent |
| 435 | tcp | mobileip-mn |
| 436 | tcp | dna-cml |
| 437 | tcp | comscm |
| 438 | tcp | dsfgw |
| 439 | tcp | dasp |
| 440 | tcp | sgcp |
| 441 | tcp | decvms-sysmgt |
| 442 | tcp | cvc_hostd |
| 443 | tcp | https |
| 444 | tcp | snpp - Simple Network Paging Protocol |
| 445 | tcp | microsoft-ds (Microsoft Naked CIFS) |
| 446 | tcp | ddm-rdb |
| 447 | tcp | ddm-dfm |
| 448 | tcp | ddm-byte |
| 449 | tcp | as-servermap - AS Server Mapper |
| 450 | tcp | tserver |
| 465 | tcp | SMTP et connexion sécurisée SSL (non officiel) |
| 497 | tcp | retrospect - Retrospect Backup software |
| 500 | tcp | ISAKMP (Internet Security Association and Key Management Protocol), un des composants d'IPsec |
| 502 | tcp | Modbus sur TCP. |
| 514 | udp | Syslog RFC 3164 NB : ce service n'est pas listé habituellement dans le fichier etc\services |
| 515 | tcp | printer - spooler |
| 517 | tcp | talk |
| 518 | tcp | ntalk |
| 520 | udp | Routing |
| 525 | tcp | timed - timeserver |
| 526 | tcp | tempo - newdate |
| 546 | udp | DHCP- Dynamic Host Configuration Protocol |
| 548 | tcp | AppleShare IP Server |
| 554 | tcp | RSTP (Real Time Streaming Protocol) RFC 2326 |
| 587 | tcp | SUBMIT (SMTP auth) |
| 631 | tcp | Internet Printing Protocol |
| 873 | tcp | rsync |
| 993 | tcp | imap sécurisé (ssl) |
| 995 | tcp | pop3 sécurisé (ssl) |
| 1080 | tcp | SOCKS |
| 1352 | tcp | Lotus Notes |
| 1414 | tcp | IBM MQSeries |
| 1433 | tcp | Microsoft SQL Server |
| 1434 | tcp | Microsoft SQL Monitor |
| 1521 | tcp | Serveur Oracle |
| 1524 | tcp | Ingreslock, voir Ingres (base de données) |
| 1723 | tcp | PPTP |
| 1863 | tcp | MSN (tchat) |
| 3000 | tcp | First Class Server |
| 3051 | tcp | AMS (Agency Management System) |
| 3306 | tcp | Mysql Server |
| 3389 | tcp | Microsoft Terminal Server (RDP) |
| 3632 | tcp | distcc (compilation partagée) |
| 5060 | tcp | serveur SIP |
| 5222 | tcp | serveur Jabber |
| 5223 | tcp | serveur Jabber sécurisé (ssl) |
| 5432 | tcp | serveur PostgreSQL |
| 5498 | tcp | Hotline Tracker |
| 5500 | tcp | Hotline Server |
| 5501 | tcp | Hotline Server |
| 5900 | tcp | VNC Server |
| 6667 | tcp | Serveur IRC |
| 6697 | tcp | Serveur IRC sécurisé (ssl) |
| 7000 | tcp | Serveur IRC sécurisé (ssl) alternatif |
| 7648 | tcp | Cu-seeme |
| 8000 | tcp | Hotline |
| 8080 | tcp | http alternatif (webcache) |
| 9009 | tcp | Pichat - Peer to peer chat software |
| 11371 | tcp/udp | OpenPGP - OpenPGP HTTP Keyserver |
