Fixing up content. Making it look purdy

2025-10-29 16:56:59 +00:00 · 2014-01-12 08:46:10 -05:00 · 2014-01-12 08:46:10 -05:00 · e3bd9f3473
commit e3bd9f3473
parent c72a02d96b
1 changed files with 35 additions and 35 deletions
--- a/references/ports.md
+++ b/references/ports.md
@ -11,29 +11,29 @@
 * 80 HTTP
 * 88 Kerberos
 * 110 POP3
- * 111 SUNRPC(UnixRPC)
+ * 111 SUNRPC (UnixRPC)
 * 139 NetBIOS
 * 143 IMAP
 * 389 LDAP
 * 443 HTTPS
- * 445 MicrosoftDS
+ * 445 Microsoft DS
 * 514 RSH
 * 515 Printers
 * 631 CUPS
- * 1352 LotusNotes
+ * 1352 Lotus Notes
 * 2049 NFS
 * 3000 Webrick (Ruby Webserver)
 * 3389 RDP
 * 4949 Munin
 * 5060 SIP
 * 5631-5632 PCAnywhere
- * 5666(evidence of Nagios server on network) NRPE(*nix)/NSCLIENT++(win)
+ * 5666 Nagios server/NRPE(*nix)/NSCLIENT++(win)
- * 5900-5906 (Same as X11; display over VNC. SPICE is usually in this range as well) VNC
+ * 5900-5906 VNC (Same as X11; display over VNC. SPICE is usually in this range as well)
- * 6000-6009 (seexspy, xwd, xkeyforexploitation) X11
+ * 6000-6009 Xll (seexspy, xwd, xkeyforexploitation)
 * 8006 Proxmox
 * 8080 Alt-HTTP
- * 8089(also on 8000) Splunk
+ * 8089 Splunk (also on 8000)
- * 8000(mezzanine in development mode for example) AnotherHTTP
+ * 8000 Another HTTP (mezzanine in development mode for example)
 * 8834 Nessus HTTPS
 * 8443 AltHTTPS
 * 9080 Alt-HTTPtomcat
@ -42,7 +42,7 @@
 * 17500 Dropbox lansync
 ## UDP Discovery: ##
- * easy copy - `53,111,123,161,177,500,514,1194,1434,1900,17185`
+ * easy copy - `53,111,123,161,177,500,514,623,1194,1434,1900,17185`
 * 53 DNS
 * 111 SUNRPC (Unix RPC)
 * 123 Network Time Protocol (NTP)
@ -50,6 +50,7 @@
 * 177 XDMCP (via NSE script --script broadcast-xdmcp-discover, discover *nix boxes hosting X)
 * 500 Isakmp (ike PSK Attack)
 * 514 syslog
 * 623 IPMI (easy crack or auth bypass)
 * 1194 OpenVPN
 * 1434 MSSQL Ping
 * 1900 UPNP
@ -57,36 +58,35 @@
 ## Authentication Ports: ##
 * easy copy - `80,902,1494,5985,5986,6129,8200,9084`
- * Citrix: 1494
+ * 80,5985,5986 WinRM (5985 (HTTP), 5986 (HTTPS))
- * WinRM: 80, 5985 (HTTP), 5986 (HTTPS)
+ * 902,8200,9084 VMware Server
- * VMware Server: 8200, 902, 9084
+ * 1494 Citrix
- * DameWare: 6129
+ * 6129 DameWare
 ## Easy-win Ports: ##
- * Java RMI - 1099, 1098
+ * easy copy - `1098-1099,3299,3632,4848,6002,7002,8500,9060,10000,11211`
- * coldfusion default stand alone - 8500
+ * 1098-1099 Java RMI
- * IPMI UDP(623) (easy crack or auth bypass)
+ * 3299 SAP Router
- * 6002, 7002 (sentinel license monitor (reverse dir traversal, sometimes as SYSTEM))
+ * 3632 DistCC
- * GlassFish: 4848
+ * 4848 GlassFish
- * easy copy - `9060`
+ * 6002,7002 (Sentinel license monitor (reverse dir traversal, sometimes as SYSTEM))
- * IBM Web Sphere: 9060
+ * 8500 Coldfusion default stand alone
- * Webmin or BackupExec: 10000
+ * 9060 IBM Web Sphere
- * memcached: 11211
+ * 10000 Webmin or BackupExec
- * DistCC: 3632
+ * 11211 memcached
 * SAP Router: 3299
 ## Database Ports: ##
- * easy copy - `3306,1521-1527,5432,5433,1433,3050,3351,1583,8471,9471`
+ * easy copy - `1433,1521-1527,1583,3351,2100,3050,3306,5000,5432,5433,8471,9471`
- * MySQL: 3306
+ * 1433 MSSQL
- * PostgreSQL: 5432
+ * 1521-1527 Oracle TNS Listener
- * PostgreSQL 9.2: 5433
+ * 1583,3351 PervasiveSQL
- * Oracle TNS Listener: 1521-1527
+ * 2100 Oracle XDB
- * Oracle XDB: 2100
+ * 3050 Firebird/Interbase
- * MSSQL: 1433
+ * 3306 MySQL
- * Firebird / Interbase: 3050
+ * 5000 Sybase
- * PervasiveSQL: 3351, 1583
+ * 5432 PostgreSQL
- * DB2/AS400 8471, 9471
+ * 5433 PostgreSQL 9.2
- * Sybase 5000
+ * 8471,9471 DB2/AS400
 ## SCADA / ICS:##
 (source: http://www.digitalbond.com/tools/the-rack/control-system-port-list/ )