As of the lastest upgrade on my ASR, the list of inspectable protocols
went from a very manageable 30 or so core protocols to almost 150.
I don't particularly care to see l4 statistics for stuff like "hp-managed-node"
or "creativeserver" and would prefer to keep the load down, but also I
have no reason to kick any protocols that do open "dial-back" IP
connections in the nuts, as long as they are solicited from my users.
So I can probably add a few extra protocols beyond what I was already
inspecting in the interest of keeping things working, but it would take
a whole day to go through the list one by one...
Anyone seen a list of ZBCF/CBFW inspection protocols which indicates
which ones actually do create opposite-side pinholes, as opposed
to which inspections are merely gathering statistics or hooks for filtering?
match protocol ?
802-11-iapp IEEE 802.11 WLANs WG IAPP
ace-svr ACE Server/Propagation
aol America-Online Instant Messenger
appleqtc Apple QuickTime
bgp Border Gateway Protocol
biff Bliff mail notification
bootpc Bootstrap Protocol Client
bootps Bootstrap Protocol Server
cddbp CD Database Protocol
cifs CIFS
cisco-fna Cisco FNATIVE
cisco-net-mgmt cisco-net-mgmt
cisco-svcs cisco license/perf/GDP/X.25/ident svcs
cisco-sys Cisco SYSMAINT
cisco-tdp Cisco TDP
cisco-tna Cisco TNATIVE
citrix Citrix IMA/ADMIN/RTMP
citriximaclient Citrix IMA Client
clp Cisco Line Protocol
creativepartnr Creative Partnr
creativeserver Creative Server
cuseeme CUSeeMe Protocol
daytime Daytime (RFC 867)
dbase dBASE Unix
dbcontrol_agent Oracle dbControl Agent po
ddns-v3 Dynamic DNS Version 3
dhcp-failover DHCP Failover
discard Discard port
dns Domain Name Server
dnsix DNSIX Securit Attribute Token Map
echo Echo port
entrust-svc-handler Entrust KM/Admin Service Handler
entrust-svcs Entrust sps/aaas/aams
exec Remote Process Execution
fcip-port FCIP
finger Finger
ftp File Transfer Protocol
ftps FTP over TLS/SSL
gdoi GDOI
giop Oracle GIOP/SSL
gopher Gopher
gtpv0 GPRS Tunneling Protocol Version 0
gtpv1 GPRS Tunneling Protocol Version 1
h225ras H225 RAS over Unicast
h323 H.323 Protocol (e.g, MS NetMeeting, Inte
h323callsigalt h323 Call Signal Alternate
hp-alarm-mgr HP Performance data alarm manager
hp-collector HP Performance data collector
hp-managed-node HP Performance data managed node
hsrp Hot Standby Router Protocol
http Hypertext Transfer Protocol
https Secure Hypertext Transfer Protocol
ica ica (Citrix)
icabrowser icabrowser (Citrix)
icmp ICMP
ident Authentication Service
igmpv3lite IGMP over UDP for SSM
imap Internet Message Access Protocol
imap3 Interactive Mail Access Protocol 3
imaps IMAP over TLS/SSL
ipass IPASS
ipsec-msft Microsoft IPsec NAT-T
ipx IPX
irc Internet Relay Chat Protocol
irc-serv IRC-SERV
ircs IRC over TLS/SSL
ircu IRCU
isakmp ISAKMP
iscsi iSCSI
iscsi-target iSCSI port
kazaa KAZAA
kerberos Kerberos
kermit kermit
l2tp L2TP/L2F
ldap Lightweight Directory Access Protocol
ldap-admin LDAP admin server port
ldaps LDAP over TLS/SSL
login Remote login
lotusmtap Lotus Mail Tracking Agent Protocol
lotusnote Lotus Note
mgcp Media Gateway Control Protocol
microsoft-ds Microsoft-DS
ms-cluster-net MS Cluster Net
ms-dotnetster Microsoft .NETster Port
ms-sna Microsoft SNA Server/Base
ms-sql Microsoft SQL
ms-sql-m Microsoft SQL Monitor
msexch-routing Microsoft Exchange Routing
msnmsgr MSN Instant Messenger
msrpc Microsoft Remote Procedure Call
mysql MySQL
n2h2server N2H2 Filter Service Port
ncp NCP (Novell)
net8-cman Oracle Net8 Cman/Admin
netbios-dgm NETBIOS Datagram Service
netbios-ns NETBIOS Name Service
netbios-ssn NETBIOS Session Service
netshow Microsoft NetShow
netstat Variant of systat
nfs Network File System
nntp Network News Transport Protocol
ntp Network Time Protocol
oem-agent OEM Agent (Oracle)
oracle Oracle
oracle-em-vp Oracle EM/VP
oraclenames Oracle Names
orasrv Oracle SQL*Net v1/v2
pcanywheredata pcANYWHEREdata
pcanywherestat pcANYWHEREstat
pop3 Post Office Protocol - Version 3
pop3s POP3 over TLS/SSL
pptp PPTP
pwdgen Password Generator Protocol
qmtp Quick Mail Transfer Protocol
r-winsock remote-winsock
radius RADIUS & Accounting
rdb-dbs-disp Oracle RDB
realmedia RealNetwork's Realmedia Protocol
realsecure ISS Real Secure Console Service Port
router Local Routing Process
rsvd RSVD
rsvp-encap RSVP ENCAPSULATION-1/2
rsvp_tunnel RSVP Tunnel
rtc-pm-port Oracle RTC-PM port
rtelnet Remote Telnet Service
rtsp Real Time Streaming Protocol
send SEND
shell Remote command
sip Session Initiation Protocol
sip-tls SIP-TLS
skinny Skinny Client Control Protocol
sms SMS RCINFO/XFER/CHAT
smtp Simple Mail Transfer Protocol
snmp Simple Network Management Protocol
snmptrap SNMP Trap
socks Socks
sql-net SQL-NET
sqlserv SQL Services
sqlsrv SQL Service
ssh SSH Remote Login Protocol
sshell SSLshell
ssp State Sync Protocol
streamworks StreamWorks Protocol
stun cisco STUN
sunrpc SUN Remote Procedure Call
syslog SysLog Service
syslog-conn Reliable Syslog Service
tacacs Login Host Protocol (TACACS)
tacacs-ds TACACS-Database Service
tarantella Tarantella
tcp TCP
telnet Telnet
telnets Telnet over TLS/SSL
tftp Trivial File Transfer Protocol
time Time
timed Time server
tr-rsrb cisco RSRB
ttc Oracle TTC/SSL
udp UDP
uucp UUCPD/UUCP-RLOGIN
vdolive VDOLive Protocol
vqp VQP
webster Network Disctionary
who Who's service
wins Microsoft WINS
x11 X Window System
xdmcp XDM Control Protocol
ymsgr Yahoo! Instant Messenger
