---- On Mon, 23 Apr 2012 11:56:52 -0600 Gerald Combs wrote ----
>It seems like the "services" file has effectively become "a list of
>things not running on the network". This is especially true for OSes
>that use the old-style (1024 - 4999) ephemeral port range. Is there any
>reason we shouldn't disable transport name resolution by default for the
>1.8 release?
It still has useful matches including, but not limited to:
ssh (22)
domain (53)
http (80)
microsoft-ds (445)
router (520) <- (I know, scary RIP...)
The strange protocols like your example on the ask site gave may have become more of an issue since we imported the entire IANA services file a while back. Maybe we need to trim it back down to common protocols. Interestingly, the Wireshark services file shows port 3389 as belonging to "ms-wbt-server" whereas the FreeBSD 9.0-REL one shows it as the better known name "rdp". Wireshark's services has has port 5900 belonging to "rfb" which is the protocol name for VNC (remote frame buffer), even though most people know it as VNC. FreeBSD's services doesn't have an entry for 5900.
