common port and services block list

Protocol	Port	Service name	Comment
TCP	21	FTP	If you use FTP, incoming only
TCP	25	SMTP	Block incoming or route directly to your email server
TCP/UDP	53	DNS	Block incoming or route to your DNS Server
TCP/UDP	67, 68	DHCP	Block incoming and outgoing
TCP/UDP	69	TFTP	Highly recommended for internal use only. * **
TCP	80	WWW, HTTP	Block incoming or route to your web server
TCP/UDP	88	Kerberos
TCP	135	RPC/DCE Endpoint mapper	Highly recommended for internal use only. * **
UDP	137	NetBIOS Name Service	Highly recommended for internal use only. * **
UDP	138	NetBIOS Datagram Service	Highly recommended for internal use only. * **
TCP	139	NetBIOS Session Service	Highly recommended for internal use only. * **
TCP/UDP	389	LDAP
TCP	443	HTTP over SSL/TLS	Block this unless your web server is running SSL certs
TCP/UDP	445	Microsoft SMB/CIFS	ADMINISTRATION PORT! BLOCK THIS!
TCP/UDP	464	Kerberos lpasswd
UDP	500	Internet Key Exchange, IKE (IPSec)	Block this unless using VPN from outside.
TCP	593	HTTP RPC Endpoint mapper	**
TCP	636	LDAP over SSL/TLS
TCP/UDP	1433, 1434	MS SQL Server	hosts data and local server scans
TCP	3268	AD Global Catalog	ADMINISTRATION PORT! BLOCK THIS!
TCP	3269	AD Global Catalog over SSL	ADMINISTRATION PORT! BLOCK THIS!
TCP	3389	Windows Terminal Server	Highly recommended for internal use only. *
TCP/UDP	17027	AdBots	Block outgoing on this port
TCP/UDP	31337	(trojan)	commonly used trojan/backdoor port, such as Back Orifice
TCP	31789, 31790	(trojan)	Commonly used RAT trojan ports, block incoming and outgoing.
* "Internal use only" services were originally never intended for use over the internet, and therefore are highly unsecure.
** indicates these ports are used by MS Blaster and similar worms.