Reference required for firewall settings page 1/6

Port: 0
Service: Reserved
Description: it is usually used to analyze the operating system. This method works because "0" is an invalid port in some systems and will produce different results when you try to connect to it using a normally closed port. A typical scan uses the IP address 0.0.0.0 to set the ACK bit and broadcast it on the Ethernet layer.

Port: 1
Service: tcpmux
Note: This shows someone is looking for an sgi irix machine. IRIX is the main provider for implementing tcpmux. By default, tcpmux is enabled in this system. IRIX machines are released with several default password-free accounts, such as IP, guest uucp, nuucp, demos, tutor, DIAG, and outofbox. Many administrators forget to delete these accounts after installation. Therefore, hacker searches for tcpmux on the Internet and uses these accounts.

Port: 7
Service: Echo
Note: When many people search for the Fraggle amplifier, the information sent to x. x. x.0 and x. x. x.255 is displayed.

Port: 19
Service: Character Generator
Note: This is a service that only sends characters. The UDP version will respond to packets containing spam characters after receiving the UDP packet. When a TCP connection is established, data streams containing spam characters are sent until the connection is closed. Hacker uses IP spoofing to launch DoS attacks. Forge a UDP packet between two chargen servers. Similarly, the Fraggle DoS attack broadcasts a packet with a spoofed IP address to the port of the target address. The victim is overloaded to respond to the data.

Port: 21
Service: ftp
Description: The port opened by the FTP server for uploading and downloading. The most common attacker is used to find the method to open the FTP server of anonymous. These servers have read/write directories. Ports opened by Doly Trojan, fore, invisible FTP, WebEx, WinCrash, and Blade Runner.

Port: 22
Service: SSH
Note: The TCP Connection established by pcAnywhere to this port may be used to search for SSH. This service has many vulnerabilities. If configured in a specific mode, many versions using the rsaref library may have many vulnerabilities.

Port: 23
Service: Telnet
Description: Remote logon. Intruders are searching for remote logon to UNIX services. In most cases, this port is scanned to find the operating system on which the machine runs. There are other technologies that allow intruders to find their passwords. The Tiny Telnet server of the Trojan opens this port.

Port: 25
Service: SMTP
Description: The port opened by the SMTP server for sending emails. Intruders look for SMTP servers to pass their spam. The intruder's account is closed and they need to connect to a high-bandwidth E-MAIL server, passing simple information to different addresses. This port is available for trojans such as antigen, email password sender, haebu coceda, shtrilitz stealth, winpc, and winspy.

Port: 31
Service: MSG Authentication
Note: This port is enabled for Trojan master paradise and Hackers Paradise.

Port: 42
Service: WINS replication
Note: WINS replication

Port: 53
Service: Domain Name Server (domain)
Description: The port opened by the Domain Server. Intruders may attempt to pass the region (TCP), cheat the domain (UDP) or hide other communications. Therefore, firewalls often filter or record this port.

Port: 67
Service: Bootstrap Protocol server
Note: Through the DSL and cable modem firewalls, you will often see a large amount of data sent to the broadcast address 255.255.255.255. These machines are requesting an address from the DHCP server. Hacker often enters them and assigns an address to act as a local router to initiate a large number of man-in-middle attacks. The client broadcasts the request configuration to port 68, and the server broadcasts the response to the request to port 67. This response uses broadcast because the client does not know the IP address that can be sent.

Port: 69
Service: trival File Transfer
Note: many servers provide this service together with BOOTP to facilitate download and startup from the system.Code. However, they often enable intruders to steal any files from the system due to misconfiguration. They can also be used to write files to the system.

Port: 79
Service: Finger server
Note: Intruders are used to obtain user information, query the operating system, detect known buffer overflow errors, and respond to finger scans from their own machines to other machines.

Port: 80
Service: HTTP
Description: used for Web browsing. The trojan executor opens this port.

Port: 99
Service: metemedirelay
Description: BackdoorProgramNcx99 opens this port.

Port 102
Service: Message Transfer Agent (MTA)-x.400 over TCP/IP
Description: message transmission proxy.

Port 109
Service: Post Office Protocol-version3
Note: The POP3 Server opens this port to receive mails and the client accesses the mail service on the server. POP3 services have many common vulnerabilities. There are at least 20 vulnerabilities in username and password exchange buffer overflow, which means that intruders can log on to the system. There are other buffer overflow errors after successful login.

port: 110
service: all RPC ports of Sun
Note: Common RPC services include RPC. mountd, NFS, RPC. STATD, RPC. csmd, RPC. ttybd, AMD, etc.