Policy: Firewall-VPN
Last Modified: Wed Oct 27 07:28:53 2004



Security
NAT
Desktop
CheckPoint
Nodes
Networks
ObjectGroups
AddressRanges
DynamicObjects
Services
ServiceGroups
Resources
Times
Servers
Users
UserGroups
Communities
Services

TypeServicePolicy
Load		SpecificationPropertiesComments
TCP
AOL
Keep
Port: 5190
Advanced
AOL Instant Messenger. Also used by: ICQ &
Apple iChat
Keep
Port: 2626
Advanced
Defender Authentication service
Keep
Port: 2626
Advanced
Defender Authentication service
Keep
Port: 411
Advanced
Backage trojan
Keep
Port: 5000
Advanced
Also used by: Blazer5 , Bubbel and Back-door
trojans
Keep
Port: 1494
Advanced
Citrix ICA general Service.
Keep
Port: 16384
Advanced
 
CPD
Keep
Port: 18191
Advanced
Check Point Daemon Protocol
Keep
Port: 18192
Advanced
Check Point Internal Application Monitoring
Keep
Port: 18190
Advanced
Check Point Management Interface
Keep
Port: 18262
Advanced
Check Point Extranet public key resolution
Keep
Port: 18263
Advanced
Check Point Extranet remote objects
resolution
Keep
Port: 18221
Advanced
Check Point Redundant Management Protocol
Keep
Port: 18205
Advanced
Check Point Reporting Client Protocol
Keep
Port: 18202
Advanced
Check Point Real Time Monitoring
Keep
Port: 4433
Advanced
Check Point Smart Portal
Keep
Port: 444
Advanced
SSL Network Extender port
Keep
Port: 4444
Advanced
CrackDown trojan
Keep
Port: 455
Advanced
The Client listening port
Keep
Port: 453
Advanced
The Server listening port
Keep
Port: 1074
Advanced
DaCryptic trojan
Keep
Port: 6129
Advanced
DameWare Mini Remote Control Protocol
Keep
Port: 13
Advanced
Daytime Server Protocol (TCP)
Keep
Port: 1000
Advanced
Also used by: Direct
Connection,Connecter,Insane Network trojans
Keep
Port: 2000
Advanced
Also used by:Insane Network,Last 2000,Remote
Explorer 2000,Senna Spy Trojan Generator
trojans
Keep
Port: 411-412
Advanced
Direct Connect P2P application. Used also by
other clients
Keep
Port: 9
Advanced
Discard Server Protocol (TCP)
Keep
Port: 53
Advanced
Domain Name System Download
Keep
Port: 7
Advanced
Echo Protocol (TCP)
Keep
Port: 4661
Advanced
eDonkey protocol. Used also by other clients.
Keep
Port: 4662
Advanced
eDonkey protocol. Used also by other clients.
Keep
Port: 710
Advanced
Entrust CA Administration Service
Keep
Port: 709
Advanced
Entrust CA Key Management Service
Keep
Port: 512
Advanced
Remote execution (rexec)
Keep
Port: 79
Advanced
UNIX, Finger Protocol
Keep
Port: 7001
Advanced
Also used by: Freak88,NetSnooper Gold trojans
ftp
Keep
Port: 21
Advanced
File Transfer Protocol
Keep
Port: 21
Advanced
File Transfer Protocol with bi-directional
data transfer
Keep
Port: 21
Advanced
File Transfer Protocol - PASV mode only
Keep
Port: 21
Advanced
File Transfer Protocol - PORT mode only
FW1
Keep
Port: 256
Advanced
Check Point VPN-1 & FireWall-1 Service
Keep
Port: 18193
Advanced
Check Point OPSEC Application Monitoring
Keep
Port: 900
Advanced
Check Point VPN-1 & FireWall-1 Client
Authentication (HTTP)
Keep
Port: 259
Advanced
Check Point VPN-1 & FireWall-1 Client
Authentication (Telnet)
Keep
Port: 18208
Advanced
Check Point Remote Installation Protocol
Keep
Port: 18181
Advanced
Check Point OPSEC Content Vectoring Protocol
Keep
Port: 18187
Advanced
Check Point OPSEC Event Logging API
Keep
Port: 18265
Advanced
Check Point Internal CA Management Tools
Keep
Port: 18210
Advanced
Check Point Internal CA Pull Certificate
Service
Keep
Port: 18211
Advanced
Check Point Internal CA Push Certificate
Service
Keep
Port: 18264
Advanced
Check Point Internal CA Fetch CRL and User
Registration Services
Keep
Port: 265
Advanced
Check Point VPN-1 Public Key Transfer
Protocol
Keep
Port: 18184
Advanced
Check Point OPSEC Log Export API
Keep
Port: 257
Advanced
Check Point VPN-1 & FireWall-1 Logs
Keep
Port: 258
Advanced
Check Point Management (Version 4.x)
Keep
Port: 19190
Advanced
Check Point User Authority simple protocol
Keep
Port: 18185
Advanced
Check Point OPSEC Objects Management
Interface
Keep
Port: 18186
Advanced
Check Point OPSEC Objects Management
Interface with Secure Internal Communication
Keep
Port: 18207
Advanced
Check Point Policy Server Logon protocol
Keep
Port: 18231
Advanced
Check Point NG Policy Server Logon protocol
Keep
Port: 18183
Advanced
Check Point OPSEC Suspicious Activity
Monitor API
Keep
Port: 18232
Advanced
Check Point SecuRemote Distribution Server
Protocol
Keep
Port: 65524
Advanced
SecuRemote Distribution Server Protocol (VC
and higher)
Keep
Port: 261
Advanced
Check Point VPN-1 & FireWall-1 Session
Authentication
Keep
Port: 264
Advanced
Check Point VPN-1 SecuRemote Topology
Requests
Keep
Port: 19191
Advanced
Check Point OPSEC User Authority API
Keep
Port: 18182
Advanced
Check Point OPSEC URL Filtering Protocol
Keep
Port: 6970
Advanced
GateCrasher trojan
Keep
Port: 6347
Advanced
Also used by: BearShare, ToadNode, Gnucleus,
Xolox, LimeWire
Keep
Port: 6346
Advanced
Also used by: BearShare, ToadNode, Gnucleus,
Xolox, LimeWire
Keep
Port: 70
Advanced
The Internet Gopher Protocol
Keep
Port: 8200
Advanced
Remote Computer Access & Sharing
application, also uses HTTP and HTTPS
Keep
Port: 1720
Advanced
videoconference transmissions over IP
networks
Keep
Port: 1720
Advanced
videoconference transmissions over IP
networks
Keep
Port: 31785
Advanced
HackaTack
Keep
Port: 31787
Advanced
HackaTack trojan
Keep
Port: 31788
Advanced
HackaTack trojan
Keep
Port: 31790
Advanced
HackaTack trojan
Keep
Port: 31792
Advanced
HackaTack trojan
Keep
Port: 5500-5503
Advanced
Hotline client connections
Keep
Port: 80
Advanced
Hypertext Transfer Protocol
Keep
Port: 443
Advanced
HTTP protocol over TLS/SSL
Keep
Port: 8080
Advanced
 
Keep
Port: 1027
Advanced
ICKiller
Keep
Port: 113
Advanced
Identify RCS keyword strings in files
Keep
Port: 500
Advanced
IPSEC Internet Key Exchange Protocol over TCP
Keep
Port: 143
Advanced
Interactive Mail Access Protocol
Keep
Port: 5000
Advanced
This port also used by many trojans and the
upnp service
Keep
Port: 1029
Advanced
Also used by: ICQ Nuke 98 trojan
Keep
Port: 1111
Advanced
used for distributing configuration changes
among cluster members and cluster wide
monitoring
Keep
Port: 6660-6670
Advanced
Internet Relay Chat Protocol
Keep
Port: 7000
Advanced
Internet Relay Chat Protocol
Keep
Port: 1024
Advanced
Also used by: Latinus,NetSpy,RAT trojans and
K Display Manager
Keep
Port: 1212
Advanced
Kaos trojan
Keep
Port: 1214
Advanced
FastTrack (KaZaA/Morpheus) P2P Protocol
Keep
Port: 88
Advanced
Kerberos authentication protocol (version 5)
Keep
Port: 17300
Advanced
Kuang2 trojan
Keep
Port: 389
Advanced
Lightweight Directory Access Protocol
Keep
Port: 636
Advanced
Lightweight Directory Access Protocol over
TLS/SSL
Keep
Port: 513
Advanced
Remote login (rlogin)
Keep
Port: 1352
Advanced
Lotus iNotes Web Access Protocol
Keep
Port: 515
Advanced
Also used by: Ramen trojan and printer
service.
Keep
Port: 5025
Advanced
Formerly called Aimster
Keep
Port: 445
Advanced
Microsoft CIFS over TCP
Keep
Port: 4666
Advanced
Mneah trojan
Keep
Port: 1434
Advanced
Microsoft SQL Monitor
Keep
Port: 1433
Advanced
Microsoft SQL Server
Keep
Port: 1863
Advanced
 
Keep
Port: 1863
Advanced
MSN Messenger
Keep
Port: 6891-6900
Advanced
Microsoft Network Messenger File Transfer
Keep
Port: 1035
Advanced
Multidropper trojan
Keep
Port: 3306
Advanced
Supported from version R55W, MySQL database
server
Keep
Port: 6600-6699
Advanced
Napster clients. Also used by: WinMX
Keep
Port: 4444
Advanced
Napster directory connections
Keep
Port: 5555
Advanced
Napster directory connections
Keep
Port: 6666
Advanced
Napster directory connections
Keep
Port: 7777
Advanced
Napster directory connections
Keep
Port: 8888
Advanced
Napster directory connections (Primary)
Keep
Port: 8875
Advanced
 
Keep
Port: 139
Advanced
NetBios Session Service
NCP
Keep
Port: 524
Advanced
Novell NetWare Core Protocol
Keep
Port: 1755
Advanced
Microsoft NetShow (Windows Media Player)
Keep
Port: 15
Advanced
UNIX netstat Protocol, show network status
Keep
Port: 2049
Advanced
Network File System Daemon over TCP
Keep
Port: 119
Advanced
Network News Transfer Protocol
Keep
Port: 123
Advanced
Network Time Protocol (TCP)
Keep
Port: 2649
Advanced
Oracle Application Server (IIOP) NameServer
Keep
Port: 2651
Advanced
Oracle Application Server (IIOP) ORB
Keep
Port: 2000
Advanced
 
Keep
Port: 1570
Advanced
IONA Orbix Daemon (IIOP) Port 1570
Keep
Port: 1571
Advanced
IONA Orbix Daemon (IIOP) Port 1571
Keep
Port: 5631
Advanced
PCs remote access security software, data
Keep
Port: 2299
Advanced
Symantec pcTELECOMMUTE File Synchronization
Keep
Port: 109
Advanced
Post Office Protocol - Version 2
Keep
Port: 110
Advanced
Post Office Protocol - Version 3
Keep
Port: 6667
Advanced
Used by: Dark FTP,EGO,Maniac
rootkit,Moses,ScheduleAgent,SubSeven,Trinity,The
thing,Kaitex,WinSatan trojans.
Keep
Port: 5432
Advanced
Supported from version R55W, PostgreSQL
database server
Keep
Port: 1723
Advanced
Point-to-Point Tunneling Protocol, extension
of PPP
Keep
Port: 6374
Advanced
RainWall high availability daemon
RAT
Keep
Port: 1097-1098
Advanced
RAT trojan (Remote Administration Tool)
Keep
Port: 7070
Advanced
RealNetworks PNA Protocol
Keep
Port: 2998
Advanced
Automatic 'Suspicious Activity Monitoring'
activator
Keep
Port: 3389
Advanced
Microsoft RDP
Keep
Port: 1025
Advanced
Also used by: Fraggle Rock,NetSpy,md5
Backdoor trojans
Keep
Port: 554
Advanced
Real Time Streaming Protocol
Keep
Port: 2000
Advanced
Supported from version R55W, Skinny Client
Control Protocol (SCCP)
Keep
Port: 5510
Advanced
Token based Authentication service (TCP)
Keep
Port: 1337
Advanced
Shadyshell trojan
Keep
Port: 514
Advanced
Remote shell (rsh)
Keep
Port: 5060
Advanced
Session Initiation Protocol over TCP IPv6
Keep
Port: 5060
Advanced
 
Keep
Port: 4000
Advanced
Also used by: Backdoor trojan
Keep
Port: 25
Advanced
Simple Mail Transfer Protocol
Keep
Port: 1
Advanced
Also used by the: tcpmux service
Keep
Port: 1521
Advanced
Oracle SQL*Net Version 1
Keep
Port: 1521
Advanced
part of Oracle SQL*Net Version 2 Services
Keep
Port: 1525
Advanced
part of Oracle SQL*Net Version 2 Services
Keep
Port: 1526
Advanced
part of Oracle SQL*Net Version 2 Services
ssh
Keep
Port: 22
Advanced
secure shell, encrypted and authenticated rsh
Keep
Port: 22
Advanced
Secure Shell, version 1.x block
Keep
Port: 443
Advanced
SSL version 3, dropping anything else.
Keep
Port: 3002
Advanced
Stonesoft StoneBeat Control
Keep
Port: 3001
Advanced
Stonesoft StoneBeat Daemon Heartbeat
Keep
Port: 27374
Advanced
Also used by:Bad
Blood,EGO,Lion,Ramen,Seeker,The
Saint,Tftloader,Webhead trojans
Keep
Port: 1243
Advanced
Also used by: Tiles and Backdoor_g trojans
Keep
Port: 1503
Advanced
H323, Application sharing protocol
Keep
Port: 49
Advanced
Terminal Access Controller Access Control
System over TCP
Keep
Port: >1023
Advanced
TCP Ports 1024-65535
Keep
Port: 23
Advanced
Telnet Protocol
Keep
Port: 3456
Advanced
Terror trojan
Keep
Port: 5534
Advanced
TheFlu trojan
Keep
Port: 37
Advanced
Time Server Protocol (TCP)
Keep
Port: 2004-2005
Advanced
TransScout trojan
Keep
Port: 1524
Advanced
Trinoo trojan
Keep
Port: 1234
Advanced
Also used by: SubSeven Java client
Keep
Port: 540
Advanced
Unix-to-Unix Copy Program
Keep
Port: 210
Advanced
Wide Area Information Servers
Keep
Port: 1494
Advanced
Allows servers to provide applications and
data for attached computer workstations
(Windows)
Keep
Port: 1081
Advanced
WinHole trojan
X11
Keep
Port: 6000-6063
Advanced
X Window System
Keep
Port: 1031
Advanced
Xanadu trojan
Keep
Port: 5050
Advanced
Yahoo Messenger messages
Keep
Port: 5000-5001
Advanced
Yahoo Messenger Voice Chat
Keep
Port: 5100
Advanced
Yahoo Messenger Webcams video
Compound TCP
Cdf
Keep
Port: 80
Compound Service: Cdf
 
http subservice for FloodGate use,Channel
Definition Format
Keep
Port: 80
Compound Service: NetCaster
 
http subservice for FloodGate use, Marimba
Castanet Tuner product
Keep
Port: 80
Compound Service: CDF
 
http subservice for FloodGate use, Microsoft
Channels
Keep
Port: 80
Compound Service: pointcast
 
http subservice for FloodGate use, push web
content
Citrix TCP
 
Port: 1494
 
Citrix ICA printing traffic
UDP
Keep
Port: 1525
Advanced
Archie Internet Protocol, search for files
over FTP servers
Keep
Port: 512
Advanced
UNIX biff Protocol, give notice of incoming
mail messages
Keep
Port: 41170
Advanced
Uses MANOLITO protocol
Keep
Port: 67
Advanced
Bootstrap Protocol Server, users
automatically configured
Keep
Port: 1604
Advanced
Tcp Service for general Citrix browsing
Keep
Port: 19194-19195
Advanced
SecureAgent Authentication service
Keep
Port: 7648-7652
Advanced
person-to-person or group discussions
videoconference
Keep
Port: 13
Advanced
Daytime Server Protocol (UDP)
Keep
Port: 67
Advanced
DHCP relay agent
Keep
Port: 68
Advanced
DHCP reply to enforcement module only
Keep
Port: 67
Advanced
DHCP request from enforcement module only
Keep
Port: 411-412
Advanced
Direct Connect P2P application. Used also by
other clients
Keep
Port: 9
Advanced
Discard Server Protocol (UDP)
Keep
Port: 53
Advanced
Domain Name System Queries
Keep
Port: 18241
Advanced
Check Point End to End Control Protocol
Keep
Port: 7
Advanced
Echo Protocol (UDP)
Keep
Port: 4665
Advanced
eDonkey protocol. Used also by other clients.
Keep
Port: 21300
Advanced
real-time full-duplex voice communication
via the Internet-server
Keep
Port: 18212
Advanced
Check Point ConnectControl Load Agent
Keep
Port: 18233
Advanced
Check Point SecureClient Verification
Keepalive Protocol
Keep
Port: 260
Advanced
Check Point VPN-1 & FireWall-1 SNMP Agent
Keep
Port: 6347
Advanced
Also used by: BearShare, ToadNode, Gnucleus,
Xolox, LimeWire
Keep
Port: 6346
Advanced
Also used by: BearShare, ToadNode, Gnucleus,
Xolox, LimeWire
Keep
Port: 3386
Advanced
used only for log resolving
Keep
Port: 2123
Advanced
used only for log resolving
Keep
Port: 2152
Advanced
used only for log resolving
Keep
Port: 1719
Advanced
RAS and associated connections (H.323
protocols)
Keep
Port: 1719
Advanced
Endpoint to Gatekeeper and Gatekeeper to
Gatekeeper communication
Keep
Port: 31789
Advanced
HackaTack trojan
Keep
Port: 31791
Advanced
HackaTack trojan
Keep
Port: 5499
Advanced
Hotline tracker connections
Keep
Port: 4000
Advanced
Mirabilis ICQ versions
IKE
Keep
Port: 500
Advanced
IPSEC Internet Key Exchange Protocol
(formerly ISAKMP/Oakley)
Keep
Port: 22555
Advanced
Vocaltec Internet Phone
Keep
Port: 750
Advanced
secure method for authenticating a request
for service
Keep
Port: 88
Advanced
Kerberos authentication protocol (version 5)
Keep
Port: 1701
Advanced
Layer 2 Tunneling Protocol
Keep
Port: 5004
Advanced
Check Point Meta IP UAM Client-Server
Communication
Keep
Port: 2727
Advanced
Supported from version R55W, Media Gateway
Control Protocol - Call-Agent port
Keep
Port: 2427
Advanced
Supported from version R55W, Media Gateway
Control Protocol - Media Gateway port
Keep
Port: 445
Advanced
Microsoft CIFS over UDP
Keep
Port: 1434
Advanced
Microsoft-SQL-Monitor_UDP
Keep
Port: 1433
Advanced
Microsoft SQL Server
Keep
Port: 1863
Advanced
Microsoft Network Messenger UDP
Keep
Port: 5190
Advanced
Microsoft Network Messenger
Keep
Port: 6901
Advanced
Microsoft Network Messenger Voice
communication
Keep
Port: 1434
Advanced
MS SQL Sapphire /SQL Slammer Worm
Keep
Port: 42
Advanced
Host Name Server
Keep
Port: 138
Advanced
NetBios Datagram Service
Keep
Port: 137
Advanced
NetBios Name Service
Keep
Port: 1812
Advanced
NEW - Remote Authentication Dial-In User
Service
Keep
Port: 1813
Advanced
NEW - Remote Authentication Dial-In User
Service accounting
Keep
Port: 2049
Advanced
Network File System Daemon over UDP (earlier
versions of NFS)
Keep
Port: 1201
Advanced
NoBackO trojan
Keep
Port: 123
Advanced
Network Time Protocol (UDP)
Keep
Port: 5632
Advanced
PCs remote access security software, status
Keep
Port: 1645
Advanced
Remote Authentication Dial-In User Service
Keep
Port: 1646
Advanced
Remote Authentication Dial-In User Service
accounting
Keep
Port: 6372
Advanced
RainWall daemons communication
Keep
Port: 6374
Advanced
RainWall remote management status
Keep
Port: 6373
Advanced
RainWall monitoring
RDP
Keep
Port: 259
Advanced
Check Point VPN-1 FWZ Key Negotiations -
Reliable Datagram Protocol
Keep
Port: 1104
Advanced
RexxRave trojan
rip
Keep
Port: 520
Advanced
Routing Information Protocol
Keep
Port: 521
Advanced
Routing Information Protocol for IPv6
Keep
Port: 5500
Advanced
Token based Authentication service (UDP)
sip
Keep
Port: 5060
Advanced
Session Initiation Protocol
Keep
Port: 5060
Advanced
Session Initiation Protocol
Keep
Port: 161
Advanced
Simple Network Management Protocol
Keep
Port: 161
Advanced
Simple Network Management Protocol - Read
Only
Keep
Port: 162
Advanced
Simple Network Management Protocol Traps
Keep
Port: 9281
Advanced
VPN-1 Embedded/SofaWare commands
Keep
Port: 9282
Advanced
VPN-1 embedded / SofaWare Management Server
(SMS)
Keep
Port: 514
Advanced
UNIX syslog Protocol, control system log
Keep
Port: 49
Advanced
Terminal Access Controller Access Control
System over UDP
Keep
Port: 69
Advanced
Trivial File Transfer Protocol
Keep
Port: 37
Advanced
Time Server Protocol (UDP)
Keep
Port: 18234
Advanced
Check Point tunnel testing application
Keep
Port: >1023
Advanced
UDP Ports 1024-65535
Keep
Port: 2746
Advanced
Check Point VPN-1 SecuRemote IPSEC Transport
Encapsulation Protocol
Keep
Port: 9200
Advanced
Wireless Datagram Protocol: a simplified
protocol suitable for low bandwidth mobile
stations enables a connectionless mode.
Keep
Port: 9202
Advanced
Wireless Datagram Protocol with Wireless
Transport Layer Security
Keep
Port: 9201
Advanced
Wireless Transaction Protocol: a simplified
protocol suitable for low bandwidth mobile
stations enables a connection mode.
Keep
Port: 9203
Advanced
Wireless Transaction Protocol with Wireless
Transport Layer Security
who
Keep
Port: 513
Advanced
UNIX who Protocol, who is on the system
Keep
Port: 6257
Advanced
Also uses Napster ports
Keep
Port: 5000-5010
Advanced
Yahoo Messenger Voice Chat
RPC
Keep
Program Number: 100235
 
SUN NFS/RPC file system cachefs daemon
Keep
Program Number: 100068
 
Calendar Manager Service Daemon
Keep
Program Number: 100005
 
Initiate client access to NFS application
Keep
Program Number: 100003
 
RPCs Network File System (Ordinary)
Keep
Program Number: 100300
 
NIS+ later version provides additional
security and other facilities
Keep
Program Number: 100021
 
RPC, Network Lock Manager
Keep
Program Number: 150001
 
PCs (windows client) password authorization
Keep
Program Number: 100001
 
RPC, Remote statistics
Keep
Program Number: 100008
 
RPC, Shutdown messages
Keep
Program Number: 100232
 
Solstice AdminSuite
Keep
Program Number: 100249
 
SUN SNMP to DMI mapper daemon
Keep
Program Number: 100024
 
Network status monitor daemon
Keep
Program Number: 100083
 
ToolTalk database server
Keep
Program Number: 100007
 
Sun Yellow Pages binder (NIS), provide
servers addressing information
Keep
Program Number: 100009
 
Sun Yellow Pages protocol (NIS), password
server
Keep
Program Number: 100004
 
Sun Yellow Pages directory service (YP)
protocol, now known as NIS
Keep
Program Number: 100028
 
Sun Yellow Pages protocol (NIS), update
service
Keep
Program Number: 100069
 
Sun Yellow Pages protocol (NIS), transfers
NIS maps
ICMP
Keep
Type: 3
Code: -
 
ICMP, destination unreach
Keep
Type: 0
Code: -
 
ICMP, echo reply
Keep
Type: 8
Code: -
 
ICMP, echo request
Keep
Type: 16
Code: -
 
ICMP, info reply
Keep
Type: 15
Code: -
 
ICMP, info request
Keep
Type: 18
Code: -
 
ICMP, mask reply
Keep
Type: 17
Code: -
 
ICMP, mask request
Keep
Type: 12
Code: -
 
ICMP, parameters problem
Keep
Type: 5
Code: -
 
ICMP, route redirect
Keep
Type: 4
Code: -
 
ICMP, source quench
Keep
Type: 11
Code: -
 
ICMP, time to live exceeded
Keep
Type: 13
Code: -
 
ICMP, timestamp request
Keep
Type: 14
Code: -
 
ICMP, timestamp reply
Other
AH
Keep
IP Protocol: 51
Advanced
IPSEC Authentication Header Protocol
Keep
IP Protocol: 17
Advanced
PUSH Web applications, send information
directly to desktops. over the Internet
egp
Keep
IP Protocol: 8
Advanced
Exterior Gateway Protocol, convey
net-reachability information between gateways
ESP
Keep
IP Protocol: 50
Advanced
IPSEC Encapsulating Security Payload Protocol
Keep
IP Protocol: 17
Advanced
FreeTel Incoming Connections
Keep
IP Protocol: 17
Advanced
real-time full-duplex voice communication
via the Internet-client
Keep
IP Protocol: 6
Advanced
FTP Port Mapping Service
Keep
IP Protocol: 94
Advanced
Check Point VPN-1 SecuRemote FWZ
Encapsulation Protocol
ggp
Keep
IP Protocol: 3
Advanced
Gateway-to-Gateway protocol
gre
Keep
IP Protocol: 47
Advanced
 
Keep
IP Protocol: 17
Advanced
GTP Reverse Connections
Keep
IP Protocol: 17
Advanced
GTP version 0 path management
Keep
IP Protocol: 17
Advanced
GTP version 1 path management
Keep
IP Protocol: 6
Advanced
HTTP Port Mapping Service
Keep
IP Protocol: 6
Advanced
HTTP without SCV enforcement
Keep
IP Protocol: 1
Advanced
Internet Control Message Protocol
Keep
IP Protocol: 2
Advanced
Internet Group Management Protocol
Keep
IP Protocol: 9
Advanced
Cisco Interior Gateway Routing Protocol
Keep
IP Protocol: 89
Advanced
Open Shortest Path First Interior GW Protocol
Keep
IP Protocol: -1
Advanced
Filter IPv6 destination addresses based on
mask and length
Keep
IP Protocol: -1
Advanced
Filter IPv6 source addresses based on mask
and length
pim
Keep
IP Protocol: 103
Advanced
 
Keep
IP Protocol: 17
Advanced
Routing Information Protocol - response
Keep
IP Protocol: -1
Advanced
Supported from version R55W, it allows sip
connection to be opened on a dynamic port and
not on the sip well-known port
SIT
Keep
IP Protocol: 41
Advanced
IPv6 encasulated in IPv4
Keep
IP Protocol: 109
Advanced
Sitara Networks Protocol (SpeedSeeker)
Keep
IP Protocol: 41
Advanced
 
Keep
IP Protocol: 57
Advanced
IPSEC Simple Key Management for Internet
Protocols
Keep
IP Protocol: 6
Advanced
SMTP Port Mapping Service
Keep
IP Protocol: 17
Advanced
Simple Network Management Protocol - Read
Only
Keep
IP Protocol: 17
Advanced
UNIX Traceroute, print the route packets
take to network host
Keep
IP Protocol: 17
Advanced
tunnel testing for a module performing the
tunnel test
Keep
IP Protocol: 112
Advanced
Virtual Router Redundancy Protocol
Keep
IP Protocol: 6
Advanced
X Window System With Authorization
ZSP
Keep
IP Protocol: 6
Advanced
Zone Security Protocol
DCE-RPC
Keep
Interface UUID: 00000000-0000-0000-0000-000000000000
Special Service For Allowing All DCE-RPC
Services
Keep
Interface UUID: 99fcfec4-5260-101b-bbcb-00aa0021347a
Object eXport IDentifier Resolver Interface
Keep
Interface UUID: 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57
DCOM Remote Activation
Keep
Interface UUID: 00000143-0000-0000-c000-000000000046
Remote Unknown2 DCOM Interface
Keep
Interface UUID: 000001a0-0000-0000-c000-000000000046
DCOM SystemActivation Interface
Keep
Interface UUID: 9e0c0224-3654-0000-9a8d-08000949ab4c
HP-OV OpC Control Agent
Keep
Interface UUID: 8d5cae88-43c9-0000-94f1-0800096df3a6
HP-OV OpC Control Agent (Bulk)
Keep
Interface UUID: 0d8fe322-d6ee-11d2-b858-0800096df3a6
HP-OV OpC Control Agent (cfgpush)
Keep
Interface UUID: 5df3dc6f-a568-0000-020f-887805000000
HP-OV OpC Distribution Manager
Keep
Interface UUID: e0c92330-3ba9-0000-a38b-0800096df3a6
HP-OV OpC Message receiver (COA)
Keep
Interface UUID: 6e0b494b-d551-0000-020f-88781a000000
HP-OV OpC Message Receiver (M2M)
Keep
Interface UUID: 6d63f833-c0a0-0000-020f-887818000000
HP-OV OpC Message Receiver
Keep
Interface UUID: 12345678-1234-abcd-ef00-01234567cffb
Microsoft Exchange 2000 Active Directory
Logon
Keep
Interface UUID: 1544f5e0-613c-11d1-93df-00c04fd7bd09
Microsoft Exchange 2000 Directory Reference
Keep
Interface UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2
Microsoft Exchange 2000 Directory Replication
Keep
Interface UUID: f5cc5a18-4264-101a-8c59-08002b2f8426
Microsoft Exchange Directory Services (NSPI)
Keep
Interface UUID: f5cc59b4-4264-101a-8c59-08002b2f8426
Microsoft Exchange Directory Replication
Services
Keep
Interface UUID: f5cc5a7c-4264-101a-8c59-08002b2f8426
Microsoft Exchange Directory Services XDS
Keep
Interface UUID: a4f1db00-ca47-1067-b31f-00dd010662da
Microsoft Exchange Information Store
Keep
Interface UUID: 9e8ee830-4459-11ce-979b-00aa005ffebe
Microsoft Exchange Message Transfer Agent
Keep
Interface UUID: 89742ace-a9ed-11cf-9c0c-08002be7ae86
Microsoft Exchange Store Administration
Keep
Interface UUID: 469d6ec0-0d87-11ce-b13f-00aa003bac6c
Microsoft Exchange System Attendant
Keep
Interface UUID: 83d72bf0-0d89-11ce-b13f-00aa003bac6c
Microsoft Exchange System Attendant Private
GTP
 
GTP version: v0
Port: 3386
Advanced
 
 
GTP version: v0
Port: 3386
Advanced
 
 
GTP version: v0
Port: 3386
Advanced
 
 
GTP version: v0
Port: 3386
Advanced
 
 
GTP version: v0
Port: 3386
Advanced
GPRS Tunneling Protocol version 0
 
GTP version: v1
Control Plane Port: 2123
User Plane Port: 2152
Advanced
 
 
GTP version: v1
Control Plane Port: 2123
User Plane Port: 2152
Advanced
 
 
GTP version: v1
Control Plane Port: 2123
User Plane Port: 2152
Advanced
 
 
GTP version: v1
Control Plane Port: 2123
User Plane Port: 2152
Advanced
 
 
GTP version: v1
Control Plane Port: 2123
User Plane Port: 2152
Advanced
GPRS Tunneling Protocol version 1

Service Groups

Service GroupMembersComments
AOL
ICQ_locator
AOL Instant Messenger. Also used by: ICQ &
Apple iChat
telnet
ftp
http
login
Authenticated group
microsoft-ds
NBT
Common Internet File System Services
Citrix_ICA
Citrix_ICA_Browsing
group for citrix communication
CPD
FW1
FW1_ica_pull
FW1_log
 
daytime-tcp
daytime-udp
Daytime Protocol group (TCP/UDP)
Direct_Connect_TCP
Direct_Connect_UDP
Direct Connect P2P application. Used also by
other clients
discard-tcp
discard-udp
Discard Protocol group (TCP/UDP)
dns
domain-tcp
domain-udp
Domain Name System (TCP/UDP)
echo-tcp
echo-udp
Echo Protocol group (TCP/UDP)
eDonkey_4661
eDonkey_4662
eDonkey_4665
eDonkey protocol. Used also by other clients.
Entrust-Admin
Entrust-KeyMgmt
Entrust CA Services
FreeTel-outgoing-server
FreeTel-outgoing-client
FreeTel Outgoing Connections
FW1_clntauth_telnet
FW1_clntauth_http
Check Point VPN-1 & FireWall-1 Client
Authentication
GNUtella_rtr_TCP
GNUtella_rtr_UDP
GNUtella_TCP
GNUtella_UDP
GNUtella P2P protocol (used by: BearShare,
ToadNode, Gnucleus, Xolox, LimeWire)
Hotline_client
Hotline_tracker
Hotline P2P protocol
echo-request
info-req
timestamp
mask-request
ICMP, requests group
ZSP
HTTP_wo_SCV
Accessing Integrity Server from SecureClient
AH
ESP
SKIP
IKE
VPN1_IPSEC_encapsulation
IPSEC Services
irc
irc1
irc2
Internet Relay Chat Protocol
kerberos-udp
Kerberos Protocol group (TCP/UDP)
AOL_Messenger
MSN_Messenger
Yahoo_Messenger
 
MS-SQL-Monitor
MS-SQL-Monitor_UDP
MS-SQL-Server
MS-SQL-Server_UDP
MS-SQL Server Protocols
MSExchangeDSNSPI
MSExchangeIS
MSExchangeDirRef
Microsoft Exchange Client-Server over MAPI
MSExchangeADL
MSExchangeDirRep
MSExchangeDirRef
Microsoft Exchange 2000 Extensions
MSExchangeDSXDS
MSExchangeSysAtt
MSExchangeSysAttPriv
MSExchangeStoreAdm
Microsoft Exchange Remote Administration
MSExchangeDSNSPI
MSExchangeDSRep
MSExchangeMTA
Microsoft Exchange MAPI Site Connector
MSN_Messenger_1863_UDP
MSN_Messenger_5190
MSN_Messenger_File_Transfer
MSN_Messenger_Voice
MSNP
MSN Messenger
Napster_Client_6600-6699
Napster_directory_4444
Napster_directory_5555
Napster_directory_6666
Napster_directory_7777
Napster_directory_8888_primary
Napster_redirector
Napster P2P protocol
NBT
nbname
nbdatagram
nbsession
NetBios Services
H323
ldap
Netmeeting group (H323 & Ldap)
NFS
mountd
nfsd
nfsd-tcp
nfsprog
nlockmgr
pcnfsd
Network File System Services
NIS
ypbind
yppasswd
ypserv
ypupdated
ypxfrd
Network Information Services (YP)
ntp
ntp-tcp
ntp-udp
Network Time Protocol group (TCP/UDP)
OAS
OAS-NameServer
OAS-ORB
Oracle Application Server (IIOP)
Orbix-1570
Orbix-1571
IONA Orbix Daemon (IIOP)
Blubster
Direct_Connect
eDonkey
GNUtella
GoToMyPC
Hotline
iMesh
KaZaA
Madster
Napster
WinMX
 
pcANYWHERE-data
pcANYWHERE-stat
Symantec pcANYWHERE
pcANYWHERE
pcTELECOMMUTE-FileSync
Symantec pcTELECOMMUTE
pptp-tcp
gre
Point-to-Point Tunneling group, (pptp & gre)
RainWall_Command
RainWall_Daemon
RainWall_Status
RainWall high availability
Real-Audio
rtsp
RealNetworks RealPlayer Services
securid-udp
securidprop
Secure ID group
sqlnet2-1521
sqlnet2-1525
sqlnet2-1526
Oracle SQL*Net Version 2 Services
StoneBeat-Control
StoneBeat-Daemon
snmp
Stonesoft StoneBeat
time-tcp
time-udp
Time Server Protocol
Bionet-Setup
Backage
SubSeven-G
SkyDance-T
CrackDown
DaCryptic
DerSphere
DerSphere_II
Freak2k
GateCrasher
HackaTack_31785
HackaTack_31787
HackaTack_31788
HackaTack_31789
HackaTack_31790
HackaTack_31791
HackaTack_31792
ICKiller
InCommand
Jade
Kaos
Kuang2
lpdw0rm
Mneah
Multidropper
NoBackO
Port_6667_trojans
RAT
Remote_Storm
RexxRave
Shadyshell
SocketsdesTroie
SubSeven
Terrortrojan
TheFlu
TransScout
Trinoo
UltorsTrojan
WinHole
Xanadu
Common ports used by trojan applications.
Yahoo_Messenger_messages
Yahoo_Messenger_Voice_Chat_TCP
Yahoo_Messenger_Voice_Chat_UDP
Yahoo_Messenger_Webcams
Yahoo Messenger

Generated by: CPRules 2.01
at: Mon Oct 26 21:32:41 2009