| Rule Name | Port(s) | Service Description | Risk Level |

|----------------------------|---------------|----------------------------------------------|---------------------------------------------------------| | PHONE SMB SHARE | 139 | Windows file sharing (SMBv1/NetBIOS) | High - SMB should never be public; ransomware risk | | PHONE SMB SHARE 2 | 445 | Windows file sharing (SMBv2/3) | High - Direct LAN file access from internet | | PHONE SNMP | 161 | Simple Network Management Protocol | Medium - Info disclosure; possible write access | | PHONE SSH | 22 | Secure Shell remote access | High - Full remote admin if creds compromised | | SIP 1 | 5060 | SIP VoIP signalling (UDP/TCP) | High - SIP scanning & toll fraud risk | | SIP 2 | 1000,2000 | Proprietary/alternate SIP signalling | High - Toll fraud risk | | TFTP | 69 | Trivial File Transfer Protocol | High - No authentication; config/firmware access | | FTP | 20,21 | File Transfer Protocol | High - Credentials often in plain text | | FTP 2 | 10090,10100 | Proprietary file transfer ports | Medium - Unknown implementation risks | | LDAP | 389 | Lightweight Directory Access Protocol | High - Directory info exposure | | LDAP 2 | 636 | LDAP over SSL/TLS | Medium - Secured LDAP, still sensitive | | PHONE DHCP | 68 | Dynamic Host Configuration Protocol | Medium - Rarely exposed externally | | XELION CLIENT | 443 | HTTPS access to PBX client | Medium - Likely secure, depends on patching | | XELION CLIENT 2 | 1791 | Proprietary Xelion port | Medium - Depends on vendor security | | XELION NET TOOL | 1798 | Proprietary Xelion management | Medium - Vendor security unknown | | XELION SSH | 22 | Secure Shell to PBX system | High - Full admin access risk | | YEALINK RPS 3 | 443 | HTTPS to Yealink provisioning server | Low - Secure if directly addressed | | YEALINK RPS SERVER PHONE | 443 | HTTPS to Yealink provisioning server | Low - Secure if directly addressed |