一些防火墙安装后默认打开的端口 【花了10分钟从sowhat网站上拽出来的】


·        Below given ports are the default ports open after installing the firewall except Checkpoint. For checkpoint all the management port details are given. Hope this will be somewhat useful.

SonicWall,Nokia,ZyWALL,NetASQ,Watchguard SOHO,Lucent Access Point 300,WatchGuard Vclass,Astaro Security Linux Firewall,Cisco IOS Firewall,Cisco Pix Firewall,BroadCom Firewall,Fortigate Firewall,Microsoft ISA Firewall,Netscreen Firewall,Nortel ASF,Novell Border Manager,NetGear ProSafe ,Watchguard Firebox,Checkpoint Firewall Management ports

SonicWall,Nokia,ZyWALL,NetASQ,Watchguard SOHO,Lucent Access Point 300,WatchGuard Vclass,Astaro Security Linux Firewall,Cisco IOS Firewall,Cisco Pix Firewall,BroadCom Firewall,Fortigate Firewall,Microsoft ISA Firewall,Netscreen Firewall,Nortel ASF,Novell Border Manager,NetGear ProSafe ,Watchguard Firebox,Checkpoint Firewall Management ports

 

SonicWall

 

Service Port Listening

Service Identified

Available To

TCP/UDP 23

TELNET

private

TCP 67

BOOTPS

private

UDP 69

TFTP

private

TCP 80

HTTP

private

TCP/UDP 137

NETBIOS

Private

UDP 500

ISAKMP

Private

 

 

Nokia

 

Service Port Listening

Service Identified

Available To

TCP, 23

Telnet

both

TCP, 80

HTTP

both

TCP, 256

FireWall-1 Management

both

TCP, 259

FireWall-1 Management

both

TCP, 262

FireWall-1 Management

both

TCP, 900

FireWall-1 Management

both

TCP, 1149

FireWall-1 Management

both

TCP, 1150

FireWall-1 Management

both

TCP, 1151

FireWall-1 Management

both

TCP, 1152

FireWall-1 Management

both

TCP, 1153

FireWall-1 Management

both

TCP, 1154

FireWall-1 Management

both

TCP, 18183

FireWall-1 Management

both

TCP, 18184

FireWall-1 Management

both

UDP, 161

FireWall-1 Management

both

UDP, 259

FireWall-1 Management

both

UDP, 514

FireWall-1 Management

both

 

ZyWALL

 

Service Port Listening

Service Identified

Available To

TCP 21

FTP

Private

TCP 23

Telnet

Private

 

 

 

NetASQ

 

Service Port Listening

Service Identified

Available To

TCP 1300

NETASQ Firewall Manager Administrative Communication

Private

TCP 1302

NETASQ Firewall Monitor Administrative Communication

Private

 

Watchguard SOHO

 

Service Port Listening

Service Identified

Available To

TCP 21

FTP

Private

TCP 53

DNS

Private

UDP 53

DNS

Private

UDP 67

bootps

Private

TCP 80

HTTP

Private

TCP 1080

Socks

Private

 

Lucent Access Point 300

 

Service Port Listening

Service Identified

Available To

TCP 22

SSH

Private & Public

TCP 23

Telnet

Private & Public

TCP 80

HTTP

Private & Public

UDP 123

NTP

Private & Public

UDP 161

SNMP

Private & Public

TCP 443

HTTPS

Private & Public

UDP 500

ISAKMP

Private & Public

UDP 514

SYSLOG

Private & Public

UDP 520

RIP

Private & Public

UDP 1701

L2TP

Private & Public

UDP 8127

AP SLA Probe

Private & Public

UDP 65534

Loop back Address

Private & Public

 

 

 

 

 

 

WatchGuard Vclass

 

Service Port Listening

Service Identified

Available To

TCP 22

SSH

Private

TCP 23

Telnet

Private

UDP 161

SNMP

Private

TCP 443

SSL encrypted Remote Administration

Private

UDP 500

IKE

Private

UDP 1024

Centraized Policy Manager (CPM)

Private

UDP 1850

Heart Beat (keepalive) to send/receive to centralized managers

Private

TCP 6789

Used by HA modules to hot synch configuration between two HA units

Private

 

 

Astaro Security Linux Firewall

 

 

Cisco IOS Firewall

 

 

 

 

 

 

Cisco Pix Firewall

 

 

BroadCom Firewall

 

 

 

Fortigate Firewall

 

 

Microsoft ISA Firewall

 

 

 

 

 

 

 

Netscreen Firewall

 

 

Nortel ASF

 

 

 

 Novell Border Manager

 

 

 

 

NetGear ProSafe

 

 

Watchguard Firebox

 

 

 

Checkpoint Firewall Management ports

 

Port No.

Name in Service Manager

Short description

256 /tcp

FW1

Check Point VPN-1 & FireWall-1 Service

257 /tcp

FW1_log

Check Point VPN-1 & FireWall-1 Logs

258 /tcp

FW1_mgmt

Check Point VPN-1 & FireWall-1 Management

259 /tcp

FW1_clntauth
FW1_clntauth_telnet

Check Point VPN-1 & FireWall-1 Client Authentication (Telnet)

259 /udp

RDP

Check Point VPN-1 FWZ Key Negotiations - Reliable Datagram Protocol

260 /udp

FW1_snmp

Check Point VPN-1 & FireWall-1 SNMP Agent

261 /tcp

FW1_snauth

Check Point VPN-1 & FireWall-1 Session Authentication

264 /tcp

FW1_topo

Check Point VPN-1 SecuRemote Topology Requests

265 /tcp

FW1_key

Check Point VPN-1 Public Key Transfer Protocol

900 /tcp 

FW1_clntauth
FW1_clntauth_http

Check Point VPN-1 & FireWall-1 Client Authentication (HTTP)

981 /tcp

- not predefined -

Check Point VPN-1 Edge remote administration from external using HTTPS

2746 /udp

VPN1_IPSEC_encapsulation

Check Point VPN-1 SecuRemote IPSEC Transport Encapsulation Protocol

5004 /udp

MetaIP-UAT

Check Point Meta IP UAM Client-Server Communication

8116 /udp

- not predefined - 

Check Point Cluster Control Protocol
Protocol for internal communication between High Availability Cluster Members.

9281 /udp

SWTP_Gateway

VPN-1 Embedded / SofaWare commands

9282 /udp

SWTP_SMS

VPN-1 Embedded / SofaWare Management Server (SMS) Edge)

18182 /tcp

FW1_ufp

Check Point OPSEC URL Filtering Protocol

18183 /tcp

FW1_sam

Check Point OPSEC Suspicious Activity Monitor API

18184 /tcp

FW1_lea

Check Point OPSEC Log Export API
- Protocol for exporting logs from MM

18185 /tcp

FW1_omi

Check Point OPSEC Objects Management Interface

18186 /tcp

FW1_omi-sic

Check Point OPSEC Objects Management Interface with SIC

18187 /tcp

FW1_ela

Check Point OPSEC Event Logging API

18190 /tcp

CPMI

Check Point Management Interface

18191 /tcp

CPD

Check Point Daemon Protocol

18192 /tcp

CPD_amon

Check Point Internal Application Monitoring

18193 /tcp

FW1_amon

Check Point OPSEC Application Monitoring

18202 /tcp

CP_rtm

Check Point RTM Log

18205 /tcp

CP_reporting

Check Point Reporting client

18207 /tcp

FW1_pslogon

Check Point Policy Server Logon protocol

18208 /tcp

FW1_CPRID

Check Point Remote Installation Protocol

18209 /tcp

- not predefined -

Protocol used in SIC for communication between FWM and ICA (status, issue, revoke)

18210 /tcp

FW1_ica_pull

Check Point Internal CA Pull Certificate Service

18211 /tcp

FW1_ica_push

Check Point Internal CA Push Certificate Service

18212 /udp

FW1_load_agent

Check Point ConnectControl Load Agent

18221 /tcp

CP_redundant

Check Point Redundant Management Protocol

18231 /tcp

FW1_pslogon_NG

Check Point NG Policy Server Logon protocol (NG)

18232 /tcp

FW1_sds_logon

Check Point SecuRemote Distribution Server Protocol

18233 /udp

FW1_scv_keep_alive

Check Point SecureClient Verification KeepAlive Protocol

 

18234 /udp

 

tunnel_test

 

Check Point tunnel testing application

18241 /udp

E2ECP

Check Point End to End Control Protocol

18262 /tcp

CP_Exnet_PK

Check Point Extrnet public key advertisement

18263 /tcp

CP_Exnet_resolve

Check Point Extranet remote objects resolution

18264 /tcp

FW1_ica_services

Check Point Internal CA Fetch CRL and User Registration Services

18265/tcp

FW1_ica_mgmt_tools

Check Point Internal CA Management Tools

19190 /tcp

FW1_netso

Check Point User Authority simple protocol

19191 /tcp

FW1_uaa

Check Point OPSEC User Authority API

19194 /udp

CP_SecureAgent-udp

SecureAgent Authentication service

19195 /udp

CP_SecureAgent-udp

SecureAgent Authentication service

65524 /tcp

FW1_sds_logon_NG

Check Point SecuRemote Distribution Server Protocol

 

http://secway.org/papers/firewall/firewall.htm

你可能感兴趣的:(Fun&TipS)