%META:TOPICINFO{author="ChrisBartram" date="1170391369" format="1.1" version="1.2"}%
%META:TOPICPARENT{name="Hp3000AndTheInternet"}%
---+ Implementing a firewall for an HP3000

Part of knowing how to make a decent firewall is knowing what services are there to firewall. I've compiled a list of services I've found and what sockets they are on. (services.net.sys format)

<pre>
echo           7/tcp                 # Echo
echo           7/udp                 #
discard        9/tcp  sink null      # Discard                        **I
discard        9/udp  sink null      #                                **I
daytime       13/tcp                 # Daytime                        **3
daytime       13/udp                 # Daytime                        **3
qotd          17/tcp  quote          # Quote of the Day               **3
chargen       19/udp  ttytst source  #                                **I
chargen       19/tcp  ttytst source  #                                **I
ftp-data      20/tcp                 # File Transfer Protocol (Data)
ftp           21/tcp                 # File Transfer Protocol (Control
telnet        23/tcp                 # Network Host access client
smtp          25/tcp                 # Simple Mail Transfer Protocol  **3
time          37/tcp  timeserver     # Time
time          37/udp  timeserver     #
domain        53/tcp  nameserver     # Domain Name Service client
domain        53/udp  nameserver     # Domain Name Service client
tftp          69/udp                 # Trivial File Transfer Protocol
gopher        70/tcp                 # gopher client/server           **3
finger        79/tcp                 # Finger client/server           **3
httpd         80/tcp                 # World Wide Web client/server
hostname     101/tcp                 # hostname client                **3
pop2         109/tcp                 # pop2 server                    **3
pop3         110/tcp                 # pop3 server                    **3
ntp          123/udp                 # Network Time Protocol
nmbp         137/udp                 # Samba name services
smbp         139/tcp                 # Samba server
snmp         161/udp                 # SNMP
snmpt        162/udp                 # SNMP Trap
syslog       514/tcp                 # syslog daemon
lpd          515/tcp                 # lpr/lpd printing client/server **3
DAServer     987/tcp                 # Image/sql remote access

# NS Services Ports
nsloop      1260/tcp                 # NS Loopback
nft         1536/tcp                 # NS Network File Transfer (DSCOP
vt          1537/tcp                 # NS VT (message mode)
rvt         1538/tcp                 # NS Reverse VT
ptop        1540/tcp                 # NS Process to Process comm.
pxp         1541/tcp                 # IPC Registry
rpm         1542/tcp                 # NS Remote Process Management
avt         1570/tcp                 # NS VT (stream mode)
rfa         2560/tcp                 # NS Remote File Access
nsstat      2564/tcp                 # NS Status Server
pds         5696/tcp                 #
hdspns      5697/tcp                 # Information Access Service
hcs         5710/tcp                 # Cooperative Service
iasql       7489/tcp                 # Information Access/SQL Service
hpip        7490/tcp                 # Client/Server AllBase Service

</pre>
* client services connect out (from) the HP 3000, servers accept connections
 into the HP 3000.
** Not all services are available on all systems - some require optional
 programs (contributed or purchased)
**I denotes services available on MPE/iX 5.5+ using the inetd daemon.
**3 denotes services available from third party software packages.



-- Main.ChrisBartram - 09 Jun 2006