All three ports are reserved (assigned by IANA). Port 13 is specifically reserved for the "daytime" protocol (RFC 867) which returns the current date and time if the port is accessed. Port 9 is assigned to the discard function (i.e. any data sent here is simply dropped, in the past it was used as a test). Port 11 is assigned to systat. This used to be implemented on Unix systems in order to make them more easy to remotely admin. When queried, it would dump a list of the active processes. It's not exactly something you want open on the LAN today, let along on the WAN. In short, none of these ports are used by Windows and NONE of them should really be open for any reason on the firewall.
This was first published in December 2003