These are object groups for the Cisco Pix firewall that implement the tcp/ip port requirements as defined in the Microsoft Knowledge Base article #832017. (Reference: http://support.microsoft.com/kb/832017) This is useful in segmented networks, too much of the documentation for Microsoft's Bizzaro server system assumes that nobody runs firewalls or limits traffic internally.
For the record, I am absolutely digusted that so many of these services require thousands of random ephemeral ports. I am aware that some of them can be modified to run under more strict conditions, but requiring 64510 unfirewalled ports to implement basic services is absolutely unforgivable from a strict security standpoint. An attacker could stick a rogue listening process on any one of these servers and connect to it, at will, from just about any other machine in the organization that uses that server's services. I'm annoyed just thinking about the design ramifications.
object-group service ms_lsass_tcp tcp description : List of TCP ports that the LSASS service requires port-object eq 3269 port-object eq 3268 port-object eq ldap port-object eq ldaps port-object eq 135 port-object range 1024 65534 object-group service ms_lsass_udp udp description : List of UDP ports that the LSASS service requires port-object eq 389 port-object eq 636 port-object eq isakmp port-object eq 4500 object-group service ms_alg_tcp tcp description : List of TCP ports that the ALG service requires port-object eq ftp object-group service ms_aspnet_state_tcp tcp description : List of TCP ports that the aspnet_state service requires port-object eq 42424 object-group service ms_certsvc_tcp tcp description : List of TCP ports that the CertSvc service requires port-object eq 135 port-object range 1024 65534 object-group service ms_clussvc_tcp tcp description : List of TCP ports that the ClusSvc service requires port-object eq 135 port-object range 1024 65534 object-group service ms_clusssvc_udp udp description : List of UDP ports that the ClusSvc service requires port-object eq 3343 object-group service ms_browser_tcp tcp description : List of TCP ports that the Browser service requires port-object eq netbios-ssn object-group service ms_browser_udp udp description : List of UDP ports that the Browser service requires port-object eq netbios-dgm port-object eq netbios-ns object-group service ms_dhcpdserver_udp udp description : List of UDP ports that the DHCPServer service requires port-object eq bootps port-object eq 2535 object-group service ms_dfs_tcp tcp description : List of TCP ports that the Dfs service requires port-object eq netbios-ssn port-object eq ldap port-object eq 445 port-object eq 135 port-object range 1024 65534 object-group service ms_dfs_udp udp description : List of UDP ports that the Dfs service requires port-object eq netbios-dgm port-object eq 389 object-group service ms_trksvr_tcp tcp description : List of TCP ports that the TrkSvr service requires port-object eq 135 port-object range 1024 65534 object-group service ms_msdtc_tcp tcp description : List of TCP ports that the MSDTC service requires port-object eq 135 port-object range 1024 65534 object-group service ms_dns_tcp tcp description : List of TCP ports that the DNS service requires port-object eq domain object-group service ms_dns_udp udp description : List of UDP ports that the DNS service requires port-object eq domain object-group service ms_eventlog_tcp tcp description : List of TCP ports that the Eventlog service requires port-object eq 135 port-object range 1024 65534 object-group service ms_exchange_tcp tcp description : List of TCP ports that the Exchange service requires port-object eq imap4 port-object eq 993 port-object eq pop3 port-object eq 995 port-object range 1024 65534 port-object eq 135 port-object eq https port-object eq smtp port-object eq 6001 port-object eq 6002 port-object eq 6004 object-group service ms_exchange_udp udp description : list of UDP ports that the Exchange service requires port-object eq 25 object-group service ms_fax_tcp tcp description : list of TCP ports that the Fax service requires port-object eq netbios-ssn port-object eq 135 port-object range 1024 65534 port-object eq 445 object-group service ms_ntfrs_tcp tcp description : list of TCP ports that the NtFrs service requires port-object eq 135 port-object range 1024 65534 object-group service ms_macfile_tcp tcp description : list of TCP ports that the MacFile service requires port-object eq 548 object-group service ms_msftpsvc_tcp tcp description : list of TCP ports that the MSFTPSVC service requires port-object eq ftp port-object eq ftp-data port-object range 1024 65534 object-group service ms_httpfilter_tcp tcp description : list of TCP ports that the HTTPFilter service requires port-object eq https object-group service ms_ias_udp udp description : list of UDP ports that the IAS service requires port-object eq radius port-object eq radius-acct port-object eq 1813 port-object eq 1812 object-group service ms_sharedaccess_tcp tcp description : list of TCP ports that the SharedAccess service requires port-object eq domain object-group service ms_sharedaccess_udp udp description : list of UDP ports that the SharedAccess service requires port-object eq bootps port-object eq domain object-group service ms_kdc_tcp tcp description : list of TCP ports that the kdc service requires port-object eq 88 object-group service ms_kdc_udp udp description : list of UDP ports that the kdc service requires port-object eq 88 object-group service ms_licenseservice_tcp tcp description : list of TCP ports that the LicenseService service requires port-object eq netbios-ssn port-object eq 445 object-group service ms_licenseservice_udp udp description : list of UDP ports that the LicenseServices service requires port-object eq netbios-dgm object-group service ms_msmq_tcp tcp description : list of TCP ports that the MSMQ service requires port-object eq 1801 port-object eq 2101 port-object eq 2107 port-object eq 2105 port-object eq 2103 port-object eq 135 object-group service ms_msmq_udp udp description : list of UDP ports that the MSMQ service requires port-object eq 1801 port-object eq 3527 object-group service ms_messenger_udp udp description : list of UDP ports that the Messenger service requires port-object eq netbios-dgm object-group service ms_msexchangemta_tcp tcp description : list of TCP ports that the MSExchangeMTA service requires port-object eq 102 object-group service ms_onepoint_tcp tcp description : list of TCP ports that the one point service requires port-object eq 51515 port-object eq 1270 object-group service ms_pop3svc_tcp tcp description : list of TCP ports that the POP3SVC service requires port-object eq pop3 object-group service ms_mssqlserver_tcp tcp description : list of TCP ports that the MSSQLSERVER service requires port-object eq 1433 object-group service ms_mssqlserver_udp udp description : list of UDP ports that the MSSQLSERVER service requires port-object eq 1434 object-group service ms_netlogon_tcp tcp description : list of TCP ports that the Netlogon service requires port-object eq netbios-ssn port-object eq 445 object-group service ms_netlogon_udp udp description : list of UDP ports that the Netlogon service requires port-object eq netbios-dgm port-object eq netbios-ns object-group service ms_mnmsrvc_tcp tcp description : list of TCP ports that the mnmsrvc service requires port-object eq 3389 object-group service ms_nntpsvc_tcp tcp description : list of TCP ports that the NNTPSVC service requires port-object eq nntp port-object eq 563 object-group service ms_sysmonlog_tcp tcp description : list of TCP ports that the SysmonLog service requires port-object eq netbios-ssn object-group service ms_spooler_tcp tcp description : list of TCP ports that the Spooler service requires port-object eq netbios-ssn port-object eq 445 object-group service ms_binlsvc_udp udp description : list of UDP ports that the BINLSVC service requires port-object eq 4011 object-group service ms_rpcss_tcp tcp description : list of TCP ports that the RpcSs service requires port-object eq 135 port-object eq 593 object-group service ms_rpclocator_tcp tcp description : list of TCP ports that the RpcLocator service requires port-object eq netbios-ssn port-object eq 445 object-group service ms_remote_storage_user_link_tcp tcp description : list of TCP ports that the Remote_storage_User_link service requires port-object eq 135 port-object range 1024 65534 object-group service ms_remote_storage_server_tcp tcp description : list of TCP ports that the Remote_Storage_Server service requires port-object eq 135 port-object range 1024 65534 object-group service ms_remoteaccess_tcp tcp description : list of TCP ports that the RemoteAccess service requires port-object eq pptp object-group service ms_remoteaccess_udp udp description : list of UDP ports that the RemoteAccess service requires port-object eq 1701 object-group protocol ms_remoteaccess_ip description : list of additional IP protocols that the RemoteAccess service requires protocol-object gre protocol-object ah protocol-object esp object-group service ms_lanmanserver_tcp tcp description : list of TCP ports that the lanmanserver service requires port-object eq netbios-ssn port-object eq 445 object-group service ms_lanmanserver_udp udp description : list of UDP ports that the lanmanserver service requires port-object eq netbios-dgm port-object eq netbios-ns object-group service ms_sharepoint_portal_tcp tcp description : list of UDP ports that the SharePoint Portal Server requires port-object eq www port-object eq https object-group service ms_smtpsvc_tcp tcp description : list of TCP ports that the SMTPSVC service requires port-object eq smtp object-group service ms_smtpsvc_udp udp description : list of UDP ports that the SMTPSVC service requires port-object eq 25 object-group service ms_simptcp_tcp tcp description : list of TCP ports that the SimpTcp service requires port-object eq chargen port-object eq daytime port-object eq discard port-object eq echo port-object eq 17 object-group service ms_simptcp_udp udp description : list of UDP ports that the SimpTcp service requires port-object eq 19 port-object eq 13 port-object eq discard port-object eq echo port-object eq 17 object-group service ms_wuser32_tcp tcp description : list of TCP ports that the Wuser32 service requires port-object eq 2703 port-object eq 2701 port-object eq 2702 port-object eq 2704 object-group service ms_wuser32_udp udp description : list of UDP ports that the Wuser32 service requires port-object eq 2703 port-object eq 2701 port-object eq 2702 port-object eq 2704 object-group service ms_snmp_udp udp description : list of UDP ports that the SNMP service requires port-object eq snmp object-group service ms_snmptrap_udp udp description : list of UDP ports that the SNMPTRAP service requires port-object eq snmptrap object-group service ms_sqlanalysis_tcp tcp description : list of TCP ports that are required by the SQL ANalysis Server port-object eq 2725 object-group service ms_ssdprsr_tcp tcp description : list of TCP ports that are required by the SSDPRSR service port-object eq 2869 port-object eq 5000 object-group service ms_ssdprsr_udp udp description : list of UDP ports that are required by the SSDPRSR service port-object eq 1900 object-group service ms_sms_tcp tcp description : list of TCP ports that are required by the SMS service port-object eq netbios-ssn port-object eq 135 port-object range 1024 65534 object-group service ms_sms_udp udp description : list of UDP ports that are required by the SMS service port-object eq netbios-dgm port-object eq netbios-ns object-group service ms_lpdsvc_tcp tcp description : list of TCP ports that are required by the LPDSVC service port-object eq lpd object-group service ms_tlntsvr_tcp tcp description : list of TCP ports that are required by the TlntSvr service port-object eq telnet object-group service ms_termservice_tcp tcp description : list of TCP ports that are required by the TermService service port-object eq 3389 object-group service ms_termservlicensing_tcp tcp description : list of TCP ports that are required by the TermServLicensing service port-object eq 135 port-object eq netbios-ssn port-object eq 445 port-object range 1024 65534 object-group service ms_tssdis_tcp tcp description : list of TCP ports that are required by the Tssdis service port-object eq 135 port-object range 1024 65534 object-group service ms_tftpd_udp udp description : list of UDP ports that are required by the tftpd service port-object eq tftp object-group service ms_upnphost_tcp tcp description : list of TCP ports that are required by the UPNPHost service port-object eq 2869 object-group service ms_wins_tcp tcp description : list of TCP ports that are required by the WINS service port-object eq 42 object-group service ms_wins_udp udp description : list of UDP ports that are required by the WINS service port-object eq netbios-ns port-object eq nameserver object-group service ms_wmserver_tcp tcp description : list of TCP ports that are required by the WMServer service port-object eq www port-object eq 1755 port-object eq 554 object-group service ms_wmserver_udp udp description : list of UDP ports that are required by the WMServer service port-object eq 1755 port-object eq 2460 port-object eq 5005 port-object eq 5004 object-group service ms_w32time_udp udp description : list of UDP ports that are required by the W32time service port-object eq ntp object-group service ms_w3svc_tcp tcp description : list of TCP ports that are required by the W3SVC service port-object eq www port-object eq https
The object groups in .txt format
The object groups in .txt, with port numbers rather than service names.