Pretty much every port below 1024 is reserved for one protocol or another, but many of them have been obsolete for years. It seems that whoever was in charge of assigning well-known ports back then just handed them out like candy.
Well, who am I kidding? This is the same IANA that used to hand out humongous blocks of IPv4 addresses to anyone who asked.
Should we try to deprecate dead protocols so that low ports can be put into better use? Or have we come to expect that all new technologies will simply reuse ports 80 & 443, so we have no need to set aside new well-known ports anymore?
Not everything has to be RFC approved. If I had the need for a new protocol, I'd just use one of the dead protocol ports anyway.
I suspect firewalls blocking everything but ports 80 and 443 has a lot more to do with why so many services these days are being stacked on top of them. I used to run a SOCKSv5 SSH tunnel home when I worked for a more restrictive employer, and of course I stuck it on port 443.
DNS is even more open then Port 80 and 443. Lots of small WLAN appliances which are in the most internet cafe`s today could be easily blown by putting a vpn at the dns port
Enough administrative firewalls block non-80/443 ports that it's harder to deploy a protocol that uses them. This has got a bit better with UPNP and admin education, but it's the only reason absurdities like XMLRPC-over-HTTP got off the ground.
I'm actually psyched about Palo Alto's app-id and Snort OpenAppId that maybe firewalls will start allowing things through by behavior instead of port. Then we can have the internet back the way it was designed.
BOFH-admins will configure to accept-and-bitbucket-default; that is, make the other party think it's gotten through, and then ignore everything it has to say.
Maybe throw in some fuzzing: accept-and-respond-with-gibberish-default.
Well, who am I kidding? This is the same IANA that used to hand out humongous blocks of IPv4 addresses to anyone who asked.
Should we try to deprecate dead protocols so that low ports can be put into better use? Or have we come to expect that all new technologies will simply reuse ports 80 & 443, so we have no need to set aside new well-known ports anymore?