On 2014-07-15 Tue 16:04 PM |, Theo de Raadt wrote: > >On Tue, Jul 15, 2014 at 12:22:37PM +0100, Craig R. Skinner wrote: > >> > >> Suggestion of add NSD, Unbound & BIND control ports to /etc/services: > > > >Makes sense to me. Anyone want to OK this? > > > >> Index: etc/services > >> =================================================================== > >> RCS file: /cvs/src/etc/services,v > >> retrieving revision 1.87 > >> diff -u -p -r1.87 services > >> --- etc/services 12 Jul 2014 14:51:07 -0000 1.87 > >> +++ etc/services 15 Jul 2014 11:17:31 -0000 > >> @@ -181,6 +181,8 @@ kerberos-adm 749/tcp # > >> Kerberos 5 kad > >> kerberos-adm 749/udp # Kerberos 5 kadmin > >> rsync 873/tcp # rsync server > >> cddb 888/tcp cddbp # Audio CD Database > >> +named-rndc 953/tcp # Domain Name System > >> (DNS) BIND RNDC Service > >> +named-rndc 953/udp # Domain Name System > >> (DNS) BIND RNDC Service > >> imaps 993/tcp # imap4 protocol over > >> TLS/SSL > >> imaps 993/udp # imap4 protocol over > >> TLS/SSL > >> pop3s 995/tcp spop3 # pop3 protocol over > >> TLS/SSL > > That means two more reserved ports are taken out of the bucket. >
Strip out the Kerberos stuff?????: $ fgrep -i Kerberos etc/services kerberos 88/udp kerberos-sec # Kerberos 5 UDP kerberos 88/tcp kerberos-sec # Kerberos 5 TCP kpasswd 464/tcp # Kerberos 5 password changing kpasswd 464/udp # Kerberos 5 password changing klogin 543/tcp # Kerberos authenticated rlogin kshell 544/tcp krcmd # Kerberos remote shell ekshell 545/tcp # Kerberos encrypted shell kerberos-adm 749/tcp # Kerberos 5 kadmin kerberos-adm 749/udp # Kerberos 5 kadmin kpop 1109/tcp # Pop with Kerberos eklogin 2105/tcp # Kerberos encrypted rlogin rkinit 2108/tcp # Kerberos remote kinit kx 2111/tcp # X over kerberos kip 2112/tcp # IP over kerberos iprop 2121/tcp # Kerberos incremental propagation krb524 4444/tcp # Kerberos 5->4 krb524 4444/udp # Kerberos 5->4 afs3-kaserver 7004/tcp # AFS kerberos authentication server afs3-kaserver 7004/udp # AFS kerberos authentication server kerberos-iv 750/udp kdc # Kerberos authentication--udp kerberos-iv 750/tcp kdc # Kerberos authentication--tcp kerberos_master 751/udp # Kerberos 4 kadmin kerberos_master 751/tcp # Kerberos 4 kadmin krb_prop 754/tcp hprop # Kerberos slave propagation krbupdate 760/tcp kreg # BSD Kerberos registration
