1 - rcpmux; rarely used; block 7 - echo; see if a host is reachable (ping) 9 - discard; block 11 - systat; block 13 - daytime; comment out 15 - netstat; unassigned; block 17 - qotd; quote of the day; block 19 - chargen; charachter generator; comment out 21 - ftp (file transfer protocol); copies files, renames, deletes 23 - telnet; allows clients and servers to speak, including access to router 24 - private mail; block 25 - smtp (simple mail transfer protocol); restrict to single e-mail server 37 - time; comment out 38 - rap; route access protocol; block 42 - nameserver; block 43 - nicname; whois; outbound only or block 48 - auditd; block 49 - login; tacacs-65; block 53 - dns (domain name service); contains host names; can be spoofed 67 - bootbs; boot protocol; block 68 - bootbs; boot protocol; block 69 - tftp (trivial ftp); can update router s/w; block. 70 - gopher; outbound only 79 - finger; who is logged in and where did it originate; outbound 80 - http (hypertext transfer protocol); should be on proxy servers only 87 - link; block 88 - kerberos; block 94 - objcall; tivoli; block 95 - supdup; block 109 - pop2; block 110 - POP3; needs a patch 111 - rpc (remote procedure call); block; used to steal passwords and files 113 - auth; limit 119 - NNTP (Network News Transfer Protocol); assesses and reads news; may block 121 - erpc; encore; block 123 - ntp; network time protocol; may block 126 127 130 131 132 135 - location service; can cause NT to showq 100% cpu usage 137 - netbios, name service; block at router 138 - netbios, datagram service; block at router 139 - netbios, session service; block at router 143 - IMAP; needs a patch 144 156 161 162 177 178 194 199 200 201 202 203 204 205 206 207 208 210 220 387 396 411 512 - rxe (remote execute); block 513 - rlogin (remote login); block 514 - rsh (remote shell); block 515 517 518 520 - RIP (Routing Information Protocol); can be spoofed 523 532 533 540 - UUCP (unix to unix copy); can give unauthorized access if misconfigured 550 566 666 744 flexn 754 755 765 1025 1352 1525 2000 - OpenWindows; displays data and keystrokes; block 2049 2766 3264 5130 5133 5500 5510 5701 6000-6063 - X-Windows; displays data and keystrokes; block 6667 7000-7009 7100