获取计算机系统的信息或访问权常用端口清单
前注:要想了解自己的网络里运行了哪些系统,精确的列出端口和主机的对应关系对于标识各个系统上的每个漏洞至关重要,如果要对对每台主机施行全部131070(TCP和UDP各有1~65535号端口)个端口的扫描大概需要花费数天时间。而精细地调整过的端口和服务清单可用于解决我们称之为“低垂的水果”的潜在脆弱服务。这份清单并不完整,当然我也不可能完整的整理出来,那可是个庞大的工作量。而且其中的某些应用程序可能配置成使用完全不的端口来监听,不过这个清单足以让你着手追踪那些无赖的应用程序。
服务或应用程序 端口/协议
echo 7/tcp systat 11/tcp chargen 19/tcp ftp-data 21/tcp ssh 22/tcp telnet 23/tcp SMTP 25/tcp nameserver 42/tcp Whois 43/tcp Tacacs 49/udp xns-time 52/tcp xns-time 52/udp dns-lookup 53/udp dns-zone 53/tcp Whois++ 63/tcp/udp Oracle-sqlnet 66/tcp Bootps 67/tcp/udp bootpc 68/tcp/udp Tftp 69/udp gopher 70/tcp/udp Finger 79/tcp http 80/tcp alternate web port(http) 81/tcp kerberos or alternate web port(http) 88/tcp pop2 109/tcp pop3 110/tcp Sunrpc 111/tcp sqlserv 118/tcp nntp 119/tcp ntp 123/tcp/udp ntrpc-or-dce(epmap) 135/tcp/udp netbios-ns 137/tcp/udp netbios-dgm 138/tcp/udp netbios 139/tcp imap 143/tcp snmp 161/udp snmp-trap 162/udp xdmcp 177/tcp/udp bgp 179/tcp snmp-checkpoint 256/tcp snmp-checkpoint 257/tcp snmp-checkpoint 258/tcp snmp-checkpoint 259/tcp ldap 389/tcp netware-ip 396/tcp timbuktu 407/tcp https/ssl 443/tcp ms-smb-alternate 445/tcp/udp
|
|
| |
| |
| |
2 | 获取计算机系统的信息或访问权常用端口清单 |
|
ipsec-internet-key-exchange(ike) 500/udp exec 512/tcp rlogin 513/tcp rwho 513/udp rshell 514/tcp syslog 514/udp printer 515/tcp printer 515/udp talk 517/tcp/udp ntalk 518/tcp/udp Route/RIP/RIPv2 520/udp netware-ncp 524/tcp irc-serv 529/tcp/udp Uucp 540/tcp/udp Klogin 543/tcp/udp Mount 645/udp remotelypossible 799/tcp rsync 873/tcp Samba-swat 901/tcp w2k rp services 1024-1030/tcp 1024-1030/udp Socks 1080/tcp Kpop 1109/tcp bmc-patrol-db 1313/tcp Notes 1352/tcp timbuktu-srv1 1417-1420/tcp/udp ms-sql 1433/tcp Citrix 1494/tcp Sybase-sql-anywhere 1498/tcp funkproxy 1505/tcp/udp ingres-lock 1524/tcp oracle-srv 1525/tcp oracle-tli 1527/tcp pptp 1723/tcp winsock-proxy 1745/tcp radius 1812/udp remotely-anywhere 2000/tcp cisco-mgmt 2001/tcp nfs 2049/tcp compaq-web 2301/tcp sybase 2368 openview 2447/tcp realsecure 2998/tcp nessusd 3001/tcp ccmail 3264/tcp/udp ms-activ-dit-global-catalog 3268/tcp/udp bmc-patrol-agent 3300/tcp mysql 3306/tcp ssql 3351/tcp ms-termserv 3389/tcp cisco-mgmt 4001/tcp nfs-lockd 4045/tcp rwhois 4321/tcp/udp postgress 5432/tcp secured 5500/udp pcanywhere 5631/tcp vnc 5800/tcp vnc-java 5900/tcp
|
|
| |
| |
|
|
3 | 获取计算机系统的信息或访问权常用端口清单 |
|
xwindows 6000/tcp cisco-mgmt 6001/tcp arcserve 6050/tcp apc 6549/tcp irc 6667/tcp font-service 7100/tcp/udp web 8000/tcp web 8001/tcp web 8002/tcp web 8080/tcp blackice-icecap 8081/tcp cisco-xremote 9001/tcp jetdirect 9100/tcp dragon-ids 9111/tcp iss system scanner agent 9991/tcp iss system scanner console ×××/tcp stel 10005/tcp Netbus 12345/tcp snmp-checkpoint 18210/tcp snmp-checkpoint 18211/tcp snmp-checkpoint 18186/tcp snmp-checkpoint 18190/tcp snmp-checkpoint 18191/tcp snmp-checkpoint 18192/tcp Trinoo-bcast 27444/tcp Trinoo-master 27665/tcp Quake 27960/udp backorifice 31337/udp rpc-solaris 32771/tcp snmp-solaris 32780/udp reachout 43188/tcp bo2k 54320/tcp bo2k 54321/udp netprowler-manager 61440/tcp pcanywhere-def 65301/tcp |
|
转载于:https://blog.51cto.com/bluesun/48254