Access Lists Workbook - Student Edition Ver1 - 2 PDF
Access Lists Workbook - Student Edition Ver1 - 2 PDF
Access Lists Workbook - Student Edition Ver1 - 2 PDF
Extended
Any
Access
0.0.0.0
Lists
Workbook
Version 1.2
permit
deny access-group
access-list Wildcard Mask
Standard
Access-List Numbers
IP Standard 1 to 99
IP Extended 100 to 199
Ethernet Type Code 200 to 299
Ethernet Address 700 to 799
DECnet and Extended DECnet 300 to 399
XNS 400 to 499
Extended XNS 500 to 599
Appletalk 600 to 699
48-bit MAC Addresses 700 to 799
IPX Standard 800 to 899
IPX Extended 900 to 999
IPX SAP (service advertisement protocol) 1000 to 1099
IPX SAP SPX 1000 to 1099
Extended 48-bit MAC Addresses 1100 to 1199
IPX NLSP 1200 to 1299
IP Standard, expanded range 1300 to 1999
IP Extended, expanded range 2000 to 2699
SS7 (voice) 2700 to 2999
Standard Vines 1 to 100
Extended Vines 101 to 200
Simple Vines 201 to 300
Transparent bridging (protocol type) 200 to 299
Transparent bridging (vendor type) 700 to 799
Extended Transparent bridging 1100 to 1199
Source-route bridging (protocol type) 200 to 299
Source-route bridging (vendor type) 700 to 799
If there is no ACL the router switches the packet out that interface to its
destination.
If there is an ACL the router checks the packet against the access list
statements sequentially. Then permits or denys each packet as it is
matched.
If the packet does not match any statement written in the ACL it is
denyed because there is an implicit “deny any” statement at the end of
every ACL.
1
Standard Access Lists
Standard Access Lists...
...are numbered from 1 to 99.
...filter (permit or deny) only source addresses.
...do not have any destination information so it must placed as close
to the destination as possible.
...work at layer 3 of the OSI model.
Router B Router D
S1 S0 S1
Router A Router C E0
E0
S0 S1 S0
E0 E0
Janet’s
Matt’s
Computer
Computer
Juan’s Jimmy’s
Computer Computer
2
Standard Access List Placement
Sample Problems
FA0 FA1
Router A
Juan’s Jan’s
Computer Computer
E0 S0 E1
S1
Router A Router B
Lisa’s
Computer Paul’s
Computer
3
Standard Access List Placement
Router B
S1 S0
Router A
E0 FA1
S0 S1
S1 Router C
Ricky’s Jenny’s
Computer Computer
Amanda’s
Computer
Carrol’s Kathy’s
George’s
Computer Computer
Computer
S1
Router D E0 Jeff’s
S0 Computer
Jim’s
Computer
S1
E0 S0 FA1
S1
Router E Router F
4
Standard Access List Placement
1. Where would you place a standard access list to Router D
Router Name_________________
permit traffic from Ricky’s computer to reach Jeff’s E0
Interface ____________________
computer?
Matt’s Janet’s
Computer Computer
Juan’s Jimmy’s
Computer Computer
6
Extended Access List Placement
Sample Problems
E0 E1
Router A
Jan’s
Juan’s
Computer
Computer
FA0 S0 FA1
S1
Router A Router B
Lisa’s Paul’s
Computer Computer
7
Extended Access List Placement
Router B
S1 S0
Router A
FA0 E1
S0 S1
S1 Router C
Ricky’s Jenny’s
Computer Computer Amanda’s
Computer
Carrol’s Kathy’s
George’s
Computer Computer
Computer
S1
Router D FA0 Jeff’s
S0 Computer
Jim’s
Computer
S1
FA0 S0 FA1
S1
Router E Router F
8
Extended Access List Placement
1. Where would you place an ACL to deny traffic from Router D
Router Name_________________
Jeff’s computer from reaching George’s computer? FA0
Interface ____________________
autonomous source
number address
1 to 99
source
permit or deny address
10
Breakdown of an Extended ACL Statement
protocol
icp,
icmp,
tcp, udp, source destination
ip, wildcard wildcard
autonomous
etc. mask mask
number
100 to 199
port
protocol
number
icp,
icmp, (23 = telnet)
tcp, udp,
autonomous ip, indicates a destination
number etc. specific address
100 to 199 host
11
What are Named Access Control Lists?
Named ACLs...
...are standard or extended ACLs which have an alphanumeric name
instead of a number. (ie. 1-99 or 100-199)
12
Applying an extended Named Access List
called “Gracie”
Write a named extended access list called “Gracie” on Router A, Interface E0 called “Gracie” to deny HTTP traffic intended for web
server 192.168.207.27, but will permit all other HTTP traffic to reach the only the 192.168.207.0 network. Deny all other IP traffic.
Keep in mind that there may be multiple ways many of the individual statements in an ACL can be written.
13
Choices for Using Wildcard Masks
Wildcard masks are usually set up to do one of four things:
1. Match a specific host.
2. Match an entire subnet.
3. Match a specific range.
4. Match all addresses.
Example 2
Address: 172.16.0.0 Subnet Mask: 255.255.0.0
Example 3
Address: 10.0.0.0 Subnet Mask: 255.0.0.0
14
3. Match a specific range
Example 1
Address: 10.250.50.112 Subnet Mask: 255.255.255.224
255. 255. 255. 255
Custom Subnet mask: -255. 255. 255. 224
Wildcard: 0. 0. 0. 31
Access-list 125 permit udp 10.250.50.112 0.0.0.31 any
e Example 2
Address Range: 192.168.16.0 to 192.168.16.127
192. 168. 16.127
-192. 168. 16. 0
Wildcard: 0. 0. 0.127
Example 3
Address: 172.250.16.32 to 172.250.31.63
172. 250. 31. 63
-172. 250. 16. 32
Wildcard: 0. 0. 15. 31
4. Match everyone.
15
Creating Wildcard Masks
Just like a subnet mask the wildcard mask tells the router what part of the
address to check or ignore. Zero (0) must match exactly, one (1) will be
ignored.
As a rule of thumb the wildcard mask is the reverse of the subnet mask.
Example #1:
IP Address and subnet mask: 204.100.100.0 255.255.255.0
IP Address and wildcard mask: 204.100.100.0 0.0.0.255
All zero’s (or 0.0.0.0) means the address must match exactly.
Example #2:
10.10.150.95 0.0.0.0 (This address must match exactly.)
Example #3:
10.10.150.95 0.0.0.255 (Any 10.10.150.0 subnet address will match.
10.10.150.0 to 10.10.150.255)
Example #4:
IP Address and subnet mask: 192.170.25.30 255.255.255.224
IP Address and wildcard mask: 192.170.25.30 0.0.0.31
(Subtract the subnet mask from
255.255.255.255 to create the wildcard)
Do the math... 255 - 255 = 0 (This is the inverse of the subnet mask.)
255 - 224 = 31
Example #5:
IP Address and subnet mask: 172.24.128.0 255.255.128.0
IP Address and wildcard mask: 172.24.128.0 0.0.127.255
Do the math... 255 - 255 = 0 (This is the inverse of the subnet mask.)
255 - 128 = 127
255 - 0 = 255
16
Wildcard Mask Problems
1. Create a wildcard mask to match this exact address.
0 . 0 . 0 . 0
IP Address: 192.168.25.70
Subnet Mask: 255.255.255.0 ___________________________________
17
Wildcard Mask Problems
Based on the given information list the usable source addresses or range of
usable source addresses that would be permitted or denied for each access
list statement.
192.168.150.50
Answer: __________________________________________________________________
Any address
Answer: __________________________________________________________________
195.223.50.1 to 195.223.50.63
Answer: __________________________________________________________________
210.10.10.1 a 210.10.10.254
Answer: __________________________________________________________________
18
11. access-list 110 permit ip 192.168.15.0 0.0.0.3 192.168.30.10 0.0.0.0
192.168.15.1 a 192.168.15.3
Answer: _________________________________________________________________
19
Wildcard Mask Problems
Based on the given information list the usable destination addresses or range
of usable destination addresses that would be permitted or denied for each
access list statement.
172.168.10.1
Answer: __________________________________________________________________
Any address
Answer: __________________________________________________________________
192.168.15.1 to 192.168.15.63
Answer: __________________________________________________________________
20
Writing
Standard Access Lists...
Router A
172.16.70.1 192.168.90.2
E1
E0
S0
Jim’s
Frank’s 210.30.28.0 Computer
Computer
172.16.70.32 192.168.90.36 Kathy’s
Computer
Melvin’s 192.168.90.38
Computer
172.16.70.35
Router# show configuration (This will show which access groups are associated
with particular interfaces)
Router# show access list 10 (This will show detailed information about this ACL)
22
Standard Access List Sample #2
Write a standard access list to block Jim’s computer from sending information to Frank’s
computer; but will allow all other traffic from the 192.168.90.0 network. Permit all traffic from the
210.30.28.0 network to reach the 172.16.70.0 network. Deny all other traffic. Keep in mind that there
may be multiple ways many of the individual statements in an ACL can be written.
[Disabling ACL’s]
[Removing an ACL]
23
FA0 S0
223.190.32.1
Router A
Router B
S1 FA1 192.16.32.94
FA0
Router(config)# ________________________________________________________
or
________________________________________________________
or
________________________________________________________
Router(config)# ________________________________________________________
or
______________________________________________________
24
Standard Access List Problem #2
Write a standard access list to permit Debbie’s computer to receive information from
Michael’s computer; but will deny all other traffic from the 223.190.32.0 network. Block all
traffic from the 172.16.0.0 network. Permit all other traffic. List all the command line options
for this problem. Keep in mind that there may be multiple ways many of the individual
statements in an ACL can be written.
Router(config)# ________________________________________________________
or
________________________________________________________
or
________________________________________________________
Router(config)#_________________________________________________________
Router(config)#_________________________________________________________
Router(config)#_________________________________________________________
or
_______________________________________________________
25
Router A
204.90.30.124 E0
S0
10.250.30.35 Router B
Jim’s
S1 FA1 Computer
Router(config)# ________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
Router(config)# ________________________________________________________
Router(config-std-nacl)# _______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
27
Router B
S1 S0
Router A
172.30.225.1 E0 S0 S1
E1 212.180.10.5
S1 Router C
172.30.225.2 212.180.10.6
172.30.225.3 212.180.10.2
Router(config)# ________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
28
Standard Access List Problem #6
Write a standard access list to block and log 212.180.10.2 from sending information to the
172.30.225.0 network. Permit and log 212.180.10.6 to send data to the 172.30.225.0 network.
Deny all other traffic. Keep in mind that there may be multiple ways many of the individual
statements in an ACL can be written. (Check the example on page 10 for help with the logging
option.)
Router(config)# ________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
29
Router C
Router A
S0 S1
FA0
FA0 S1 Router B 198.32.10.25
192.168.15.172 S0
FA1
210.140.15.1
192.168.15.3 198.32.10.25
210.140.15.8
Router(config)# ________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
30
Standard Access List Problem #8
Write a standard named access list called “Cisco_Lab_A” to permit traffic from the lower half of
the 198.32.10.0 network to reach 192.168.15.0 network; block the upper half of the addresses.
Allow host 198.32.10.192 to reach network 192.168.15.0. Permit all other traffic. For help with
this problem review page 13 or the wildcard masks problems on pages 16 and 17. For
assistance with named ACLs review pages 12 and 13.
Router(config)# ________________________________________________________
Router(config-std-nacl)# _______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
31
Standard Access List Problem #9
Write a standard access list to block network 192.168.255.0 from receiving information from
the following addresses: 10.250.1.1, 10.250.2.1, 10.250.4.1, and the entire 10.250.3.0
255.255.255.0 network. Allow all other traffic. Keep in mind that there may be multiple ways
many of the individual statements in an ACL can be written.
Router(config)# ________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
________________________________________________________
FA0
Router(config)# interface ________
32
Writing
Extended Access Lists...
Router A
34
172.16.70.1 192.168.90.2
FA1
FA0
Gail’s Mike’s
Computer Computer
John’s Celeste’s
Computer 172.16.70.32 192.168.90.36 Computer
172.16.70.35 192.168.90.38
35
Router A Router B
36
FA0 S0 FA1
S1 192.168.122.52
172.20.70.15
Cindy’s Jay’s
Computer Computer
Bob’s Jackie’s
Computer
172.20.70.89 192.168.122.128 Computer
172.20.70.80 192.168.122.129
Router(config)#______________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
37
Router# copy run start
Router A
38
E0 S0
218.35.50.1
Juan’s
Computer
218.35.50.12 S1 Rebecca’s
Computer
Jan’s Rachael’s
Computer Router B FA1 172.59.2.15 Computer
218.35.50.10 172.59.2.1 172.59.2.18
Router(config)#_____________________________________________________________________________________
Router(config-ext-nacl)# ____________________________________________________________________________
___________________________________________________________________________
___________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
39
Router A
40
S0 Router B
S1
E0
Ralph’s Bob’s
Computer E1 Computer
Cindy’s 192.16.20.5 Barbra’s
Computer 192.16.20.7 192.18.50.11 Computer
192.16.20.6 192.18.50.10 192.18.50.12
Router# show configuration (This will show which access groups are associated
with particular interfaces)
Router# show access list 111 (This will show detailed information about this ACL)
Extended Access List Sample #4 Deny/Permit Entire Ranges
Write an extended access list to block the 192.18.50.0 network from receiving information from the 192.16.20.0 network. Permit all
other traffic. Keep in mind that there may be multiple ways many of the individual statements in an ACL can be written.
41
Router A
42
FA0 S0 210.250.10.0
204.95.150.11
Todd’s S0 Rebecca’s
Computer S1 Computer
Rachel’s 172.59.2.15 David’s
Computer 204.95.150.12 FA1 Computer
204.95.150.10 Router B 172.59.2.1 172.59.2.18
Router(config)#______________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
43
Router A Router B
44
E0 S0 E1
172.120.170.45 S1 192.168.50.2
E1 S0
Tommy’s
Computer
Phyllis’s Tim’s Denise’s
Computer 172.120.170.45 210.168.70.0 Computer Computer
172.120.170.45 10.250.1.0 192.168.50.3 192.168.50.4
Router(config)# _____________________________________________________________________________________
Router(config-ext-nacl)#_____________________________________________________________________________
_____________________________________________________________________________
_____________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
45
Router A
46
S0 Router B
FA0 S1
192.168.15.20 E1
Jim’s Carol’s
Computer 172.21.50.95 Computer
Rodney’s Frank’s
Computer 192.168.15.43 172.21.50.96 Computer
192.168.15.44 172.21.50.97
Router# show configuration (This will show which access groups are associated
with particular interfaces)
Router# show access list 185 (This will show detailed information about this ACL)
Extended Access List Sample #6 Deny/Permit a Range of Addresses
Write an extended access list which will allow the lower half of 192.168.15.0 network access to the 172.21.50.0 network. Deny all
other traffic. Keep in mind that there may be multiple ways many of the individual statements in an ACL can be written.
47
Router A
48
192.168.195.90 192.168.125.254
E0 E1
S0
Gail’s Mike’s
Computer 172.31.195.0 Computer
John’s Celeste’s
Computer 192.168.195.145 192.168.125.17 Computer
192.168.195.88 192.168.125.108
Router(config)#______________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
Router(config-ext-nacl)#_____________________________________________________________________________
_____________________________________________________________________________
_____________________________________________________________________________
_____________________________________________________________________________
_____________________________________________________________________________
_____________________________________________________________________________
_____________________________________________________________________________
49
192.16.20.5 Router A Router C
50
FA0
S0 S1
FA1
S1 172.18.50.10
Jill’s
Computer
Ralph’s Router B Bob’s
Computer S0 172.22.75.9 Computer
Cindy’s Barbra’s
Computer
192.16.20.7 Brad’s 172.18.50.11 Computer
E1
Computer 172.18.50.12
192.16.20.6 172.22.75.8 172.22.75.10
Extended Access List Problem #11 Deny/Permit a Range of Addresses
Write an extended access list to permit the first 3 usable addresses in the 192.16.20.0 network to reach the 172.22.75.0 network.
Deny the addresses from 192.16.20.4 through 192.16.20.31 from reaching the 172.22.75.0 network. Permit all other traffic. Keep in
mind that there are multiple ways this ACL can be written.
Router(config)#______________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
51
Router A Router B
52
FA0 S0 FA1
172.16.70.1 S1 192.168.88.1
FA1 FA0
Bob’s Peggy’s
Computer Computer
Celeste’s Denise’s
Computer
172.16.70.155 192.168.88.200 Computer
172.16.70.145 10.250.1.0 10.250.4.0 192.168.88.204
Router(config)#______________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
53
Router A
54
S0 Router B
E0 S1
Web Server 192.168.207.25 E1 Web Server
192.168.207.26 210.128.50.12
Router# show configuration (This will show which access groups are associated
with particular interfaces)
Router# show access list 198 (This will show detailed information about this ACL)
Extended Access List Sample #8 Deny/Permit Port Numbers
Write an extended access list to permit pings in either direction between hosts on the 210.128.50.0 and 192.168.207.0 networks.
Deny all other traffic. Keep in mind that there may be multiple ways many of the individual statements in an ACL can be written.
55
Router A Router B
56
E0 S0 E1
172.20.70.1 S1 192.168.33.1
E1 E0
Bob’s Peggy’s
Computer Computer
Celeste’s Denise’s
Computer
192.30.76.155 192.168.33.210 Computer
192.30.76.145 10.250.4.0 172.16.16.0 192.168.33.214
Router# show access list 45 (This will show detailed information about this ACL)
Extended Access List Sample #10 Deny/Permit Port Numbers
Write an extended access list to deny FTP to ip addresses 192.30.76.0 through 192.30.76.13.
Permit all other traffic. Keep in mind that there may be multiple ways many of the individual statements in an ACL can be written.
57
Router B
58
10.250.2.0 FA1
S1 192.128.45.8
FA0
E1 Bill’s
Computer
Jackie’s
S0 Jennifer’s
Computer
E0 192.128.45.33 Computer
172.16.125.1 172.16.70.1 192.128.45.35
Router A 10.250.8.0
Router(config)#______________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
Router(config-ext-nacl_______________________________________________________________________________
____________________________________________________________________________
____________________________________________________________________________
____________________________________________________________________________
____________________________________________________________________________
____________________________________________________________________________
59
Router A
60
FA0 S0 204.250.10.0
203.194.100.1
Router(config)#______________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
61
62
Router A
S0 Router B
E0 S1
E1
192.168.15.25 E1
Bobbie’s Web Server #2
Computer 172.23.50.195 172.23.50.196
Web Server #1 Gail’s
192.168.15.82 192.172.10.0 Computer
192.168.15.125
172.23.50.197
Router(config)#______________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
______________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
63
Optional ACL Commands
& Other Network Security Ideas
In order to reduce the chance of spoofing from outside your network consider adding the
following statements to your network’s inbound access list.
router# config t
router(config)# access-list 100 deny ip 10.0.0.0 0.255.255.255 any
router(config)# access-list 100 deny ip 172.16.0.0 0.0.255.255 any
router(config)# access-list 100 deny ip 192.168.0.0 0.0.255.255 any
router(config)# access-list 100 deny ip 127.0.0.0 0.255.255.255 any
router(config)# access-list 100 deny ip 224.0.0.0 31.255.255.255 any
router(config)# access-list 100 deny ip your-subnet-# your-subnet-mask-# any
router(config)# access-list 100 deny igmp any any
router(config)# access-list 100 deny icmp any any redirect
router(config)# access-list 100 permit any any
router(config)# interface e0 (or whatever your inbound port is)
router(config-if)# ip access-group in
router(config-if)# exit
router(config)# exit
Another handy security tool is to only allow ip packets out of your network with your source
address.
router# config t
router(config)# access-list 100 permit ip your-subnet-# your-subnet-mask-# any
router(config)# interface e0 (or whatever your outbound port is)
router(config-if)# ip access-group out
router(config-if)# exit
router(config)# exit
To keep packets with unreachable destinations from entering your network add this command:
To protect against smurf and other attacks add the following commands to every external
interface:
no ip directed-broadcast
no ip source-route
fair-queue
scheduler interval 500
64
Index / Table of Contents
65
Port Numbers
Port numbers are now assigned by the ICANN (Internet Corporation for
Assigned Names and Numbers). Commonly used TCP and UDP
applications are assigned a port number; such as: HTTP - 80, POP3 - 110,
FTP - 20. When an application communicates with another application on
another node on the internet, it specifies that application in each data
transmission by using its port number. You can also type the name (ie. Telnet)
instead of the port number (ie. 23). Port numbers range from 0 to 65536 and
are divided into three ranges:
Below is a short list of some commonly used ports. For a complete list of
port numbers go to http://www.iana.org/assignments/port-numbers.
0 Reserved
1 TCPMUX (TCP Port Service Multiplexer)
5 RJE (Remote Job Entry)
7 ECHO
9 DISCARD
11 SYSTAT (Active users)
13 DAYTIME
17 QUOTE (Quote of the day)
18 MSP (Message Send Protocol)
19 CHARGEN (Character generator)
20 FTP-DATA (File Transfer Protocol - Data)
21 FTP (File Transfer Protocol - Control)
22 SSH (Remote Login Protocol)
23 Telnet (Terminal Connection)
25 SMTP (Simple Mail Transfer Protocol)
29 MSG ICP
37 TIME
39 RLP (Resource Location Protocol
42 NAMESERV (Host Name Server)
66
43 NICNAME (Who Is)
49 LOGIN (Login Host Protocol)
53 DNS (Domain Name Server)
67 BOOTP (Bootstrap Protocol Server)
68 BOOTPS (Bootstrap Protocol Client)
69 TFTP (Trivial File Transfer Protocol)
70 GOPHER (Gopher Services )
75 (Any Privite Dial-out Service)
79 FINGER
80 HTTP (Hypertext Transfer Protocol)
95 SUPDUP (SUPDUP Protocol)
101 HOSTNAME (NIC Host Name Server)
108 SNAGAS (SNA Gateway Access Server)
109 POP2 (Post Office Protocol - Version 2)
110 POP3 (Post Office Protocol - Version 3)
113 AUTH (Authentication Service)
115 SFTP (Simple File Transfer Protocol)
117 UUCP-PATH (UUCP Path Service)
118 SQLSERV (SQL Services)
119 NNTP (Newsgroup)
123 NTP (Network Tim Protocol)
137 NetBIOS-NS (NetBIOS Name Service)
139 NetBIOS-SSN (NetBIOS Session Service )
143 IMAP (Interim Mail Access Protocol)
150 SQL-NET (NetBIOS Session Service)
156 SQLSRV (SQL Service)
161 SNMP (Simple Network Management Protocol)
179 BGP (Border Gateway Protocol)
190 GACP (Gateway Access Control Protocol)
194 IRC (Internet Relay Chat)
197 DLS (Directory Location Service)
389 LDAP (Lightweight Directory Access Protocol)
396 NETWARE-IP (Novell Netware over IP )
443 HTTPS (HTTP MCom)
444 SNPP (Simple Network Paging Protocol)
445 Microsoft-DS
458 Apple QuickTime
546 DHCP Client
547 DHCP Server
563 SNEWS
569 MSN
Inside Cover