SANS - Summary of 31 tips for better PORT security
Each year the Internet Storm Center picks a theme for improved security awareness and publishes an article per day during Cybersecurity awareness month (October). These are excellent resources for any professional in the IT Security profession:
SANS - Summary of 31 tips for better PORT security
http://isc.sans.org/diary.html?storyid=7504
QUOTE: This year we examined 31 different ports/services/protocols/applications and discussed some of the major security issues. Many readers submitted comments, tips, and tricks for securing them.
1 - Port 445 - SMB over tcp
2 - Port 0
3 - Port 5900 - VNC
4 - Port 20/21 - FTP-data/FTP
5 - Port 31337 - trojan horses
6 - Ports 67&68 udp - bootp and dhcp
7 - Port 6667/8/9/7000 - IRC
8 - Port 25 - SMTP
9 - Port 3389 -RDP
10 - The Questionable Ports
11 - Port 111 - RPCBind aka Portmapper
12 - Ports 161/162 - Simple Network Management Protocol (SNMP)
13 - Ports 3128, 8080 & .... - Proxies
14 - Port 514 - syslog
15 - Ports 995, 465, and 993 - Secure Email
16 - Port 1521 - Oracle TNS Listener
17 - Port 22 - SSH
18 - Port 23 - Telnet
19 - ICMP
20 - Ports 5060 & 5061 - SIP (VoIP)
21 - Port 135 - MS DCE locator
22 - Port 502 - Modbus
23 - Port 179 - Border Gateway Protocol
24 - Ports 1-20 and 37 - The Small Services
25 - Port 80 and 443 - Web services
26 - Ports 1433/1434 - MS SQL
27 - Ports 135, 137, 138, 139, ... - MS Active Directory Ports
28 - Port 123 - ntp
29 - Port 53 - dns
30 - Ports 47, 50, 500, 1723, 4500, ... - The "Common" IPSEC VPN Protocols
31 - Port 113 - ident
Below are links to prior years sharing best practices by the Internet Storm Center during Cybersecurity awareness month:
SANS - 2008 Security Incident Handling tips
http://isc.sans.org/diary.html?storyid=5279
SANS - 2007 Cybersecurity Awareness tips
http://isc.sans.org/diary.html?storyid=3597