In-Reply-To: <[EMAIL PROTECTED]>
The short answer is that just about any port list, to include RFC 1700, will tell you what *should* be listening on certain well-known or registered ports. However, in today's day and age of configurable trojans, netcat listeners, port monitors (NukeNabber, etc), that is pretty much out the window...no pun intended. You're better off securing your systems, and then having an incident response policy/procedure that addresses actions to determine things such as what's listening on a particular port. UDP port 137 is used by NetBIOS/SAMBA for name status queries. TCP port 139 is used by Windows for file sharing, logins, etc.