Although this is probably nothing to be alarmed about, I thought I would take this as an opportunity to mention some commonly used ports that have recently had a little more interest from port scanners.

In rough order from the most scanned:

• 21/tcp - File Transfer Protocol
• 42/tcp - Windows Internet Naming Service (WINS)
• 1080/tcp - Socks Proxy
• 3389/tcp - Microsoft Remote Desktop Protocol
• 3128/tcp - Squid Proxy

The quantity of scans for any given port can vary quite a lot, however for some reason these jumped out at me. Partly because most of them are port numbers I know and use, and partly because most of them can be (or are) used with various forms of authentication credentials. So it may be a good idea to double check counter measures set up against any attacks on these ports. Small things, like limiting the number of login attempts, can greatly reduce the potential of someone brute forcing login credentials for these services.

Have a good day,
Richard