The Data ONTAP services file is available in the /etc directory. The /etc/services file is in the same format as its corresponding UNIX system's /etc/services file.
Although some port scanners are able to identify storage systems as storage systems, other port scanners report storage systems as UNIX systems if they support NFS or as Windows systems if they support CIFS. There are several services that are not currently listed in the /etc/services file.
File Transfer Protocol (FTP) uses TCP ports 20 and 21.
Secure Shell (SSH) protocol is a secure replacement for RSH and runs on TCP port 22. This port appears in a port scan only if the SecureAdmin software is installed on your storage system.
Telnet is used for administrative control of your storage system and uses TCP connections on port 23. Telnet is more secure than RSH, as secure as FTP, and less secure than SSH or Secure Socket Layer (SSL).
Simple Mail Transport Protocol (SMTP) uses TCP port 25. Your storage system does not listen on this port but makes outgoing connections to mail servers using this protocol when sending AutoSupport e-mail.
Time service Your storage system supports the Network Time Protocol (NTP) for time synchronization.
The Domain Name System (DNS) uses UDP port 53 and TCP port 53. Your storage system does not typically listen on these ports because it does not run a domain name server. However, if DNS is enabled on your storage system, it makes outgoing connections using UDP port 53 for host name and IP address lookups.
Clients broadcast messages to the entire network on UDP port 67 and receive responses from the Dynamic Host Configuration Protocol (DHCP) server on UDP port 68. The same ports are used for the BOOTP protocol.
Trivial File Transfer Protocol (TFTP) uses TCP port 69. It is used mostly for booting UNIX or UNIX-like systems that do not have a local disk (this process is also known as netbooting) and for storing and retrieving configuration files for devices such as Cisco routers and switches.
Hypertext Transfer Protocol (HTTP) runs on TCP port 80 and is the protocol used by Web browsers to access Web pages.
There are four Kerberos ports in the /etc/services file: TCP port 88, UDP port 88, TCP port 750, and UDP port 750. These ports are used only for outbound connections from your storage system. Your storage system does not run Kerberos servers or services and does not listen on these ports.
Network File System (NFS) is used by UNIX clients for file access. NFS uses port 2049.
Common Internet File Service (CIFS) is the successor to the server message block (SMB) protocol. CIFS is the primary protocol used by Windows systems for file sharing.
The Secure Sockets Layer (SSL) protocol provides encryption and authentication of TCP connections. Data ONTAP supports SSLv2, SSLv3, and Transport Layer Security (TLS) version 1.0. You should use TLSv1.0 or SSLv3 because it offers better security than previous SSL versions.
Simple Network Management Protocol (SNMP) is an industry-standard protocol used for remote monitoring and management of network devices over UDP port 161.
Remote Shell (RSH) protocol is used for remote command execution. It is less secure than TFTP and uses TCP port 514.
Your storage system sends messages to hosts specified by the user in the /etc/syslog.conf file by using the syslog protocol on UDP port 514. It does not listen on this port, nor does it act as a syslog server.
The routed daemon
The routed daemon, routed, listens on UDP port 520. It receives broadcast messages, using the Routing Information Protocol (RIP), from routers or other hosts. These messages are used by your storage system to update its internal routing tables to determine the optimal network interfaces for each destination.
Network Data Management Protocol (NDMP) runs on TCP port 10000 and is used primarily for backup of network-attached storage (NAS) devices, such as storage systems.
SnapMirror and SnapVault
SnapMirror and SnapVault use TCP port 10566 for data transfer. Network connections are always initiated by the destination system; that is, SnapMirror and SnapVault pull data rather than push data.