Warning: array_keys() [
function.array-keys]: The first argument should be an array in
/home/five1kr/www/www/blog/wp-content/plugins/simple-tags/inc/client.php on line
1310
Warning: shuffle() expects parameter 1 to be array, null given in
/home/five1kr/www/www/blog/wp-content/plugins/simple-tags/inc/client.php on line
1311
Warning: Invalid argument supplied for foreach() in
/home/five1kr/www/www/blog/wp-content/plugins/simple-tags/inc/client.php on line
1312
IN THIS TASK
SUMMARY
Overview
System Services Ports
Ports and Protocols
REFERENCES
SUMMARY
This article discusses the network ports and protocols that are used by server products and their subcomponents in the Microsoft Windows server system.
The Windows server system includes a comprehensive and integrated infrastructure that is designed to meet the requirements of developers and of information technology (IT) professionals. This system is designed to run programs and solutions that information workers can use to obtain, to analyze, and to share information quickly and easily. These Microsoft server products use a variety of network ports and protocols to communicate with client systems and with other server systems over the network. Dedicated firewalls, host-based firewalls, and Internet Protocol security (IPSec) filters are other important components that are required to help secure your network. However, if these technologies are configured to block ports and protocols that are used by a specific server, that server will no longer respond to client requests.
back to the top
Overview
The following list provides an overview of the information that this article contains:
The “System Services Ports” section of this article contains a brief description of each service, displays the logical name of that service, and indicates the ports and protocols that each service requires for correct operation. Use this section to help identify the ports and protocols that a particular service uses.
The “Ports and Protocols” section of this article includes a table that summarizes the information from the “System Services Ports” section. The table is sorted by port number instead of by the service name. Use this section to quickly determine which services listen on a particular port.
This article uses certain terms in specific ways. To help avoid confusion, make sure that you understand how this document uses these terms. The following list describes these terms:
System services: The Windows server system includes many products, such as the Microsoft Windows Server 2003 family, Microsoft Exchange 2000 Server, and Microsoft SQL Server 2000. Each of these products include many components; system services is one of those components. System services that are required by a particular computer are either started automatically by the operating system during startup or are started as required during typical operations. For example, some system services that are available on computers that are running Windows Server 2003, Enterprise Edition, include the Server service, the Print Spooler service, and the World Wide Web Publishing Service. Each system service has a friendly service name and a service name. The friendly service name is the name that appears in graphical management tools such as the Services Microsoft Management Console (MMC) snap-in. The service name is the name that is used with command-line tools and with many scripting languages. Each system service may provide one or more network services.
Application protocol: In the context of this article, an application protocol is a high-level network protocol that uses one or more TCP/IP protocols and ports. Examples of application protocols include Hypertext Transfer Protocol (HTTP), server message blocks (SMBs), and Simple Mail Transfer Protocol (SMTP).
Protocol: Operating at a lower level than the application protocols, TCP/IP protocols are standard formats for communicating between devices on a network. The TCP/IP suite of protocols includes TCP, User Datagram Protocol (UDP), and Internet Control Message Protocol (ICMP).
Port: This is the network port that the system service listens on for incoming network traffic.
This article does not specify which services rely on other services for network communication. For example, many services rely on the remote procedure call (RPC) or DCOM features in Microsoft Windows to assign them dynamic TCP ports. The Remote Procedure Call service coordinates requests by other system services that use RPC or DCOM to communicate with client computers. Many other services rely on network basic input/output system (NetBIOS) or SMBs, protocols that are actually provided by the Server service. Others rely on HTTP or on Hypertext Transfer Protocol Secure (HTTPS). These protocols are provided by Internet Information Services (IIS). A full discussion of the architecture of the Windows operating systems is beyond the scope of this article. However, detailed documentation on this subject is available on Microsoft TechNet and on the Microsoft Developer Network (MSDN). While many services may rely on a particular TCP or UDP port, only a single service or process can be actively listening on that port at any one time.
When you use RPC with TCP/IP or with UDP/IP as the transport, inbound ports are frequently dynamically assigned to system services as required; TCP/IP and UDP/IP ports that are higher than port 1024 are used. These are frequently informally referred to as “random RPC ports.” In these cases, RPC clients rely on the RPC endpoint mapper to tell them which dynamic port(s) were assigned to the server. For some RPC-based services, you can configure a specific port instead of letting RPC assign one dynamically. You can also restrict the range of ports that RPC dynamically assigns to a small range, regardless of the service. For more information about this topic, see the “References” section of this article.
This article includes information about the system services roles and the server roles for the Microsoft products that are listed in the “Applies to” section at the end of this article. While this information may also apply to Microsoft Windows XP and to Microsoft Windows 2000 Professional, this article is intended to focus on server-class operating systems. Because of this, this article describes the ports that a service listens on instead of the ports that client programs use to connect to a remote system.
back to the top
System Services Ports
This section provides a description of each system service, includes the logical name that corresponds to the system service, and displays the ports and the protocols that each service requires.
Application Layer Gateway Service
This subcomponent of the Internet Connection Sharing (ICS)/Internet Connection Firewall (ICF) service provides support for plug-ins that allow network protocols to pass through the firewall and work behind Internet Connection Sharing. Application Layer Gateway (ALG) plug-ins can open ports and change data (such as ports and IP addresses) that are embedded in packets. File Transfer Protocol (FTP) is the only network protocol with a plug-in that is included with Windows Server 2003, Standard Edition, and Windows Server 2003, Enterprise Edition. The ALG FTP plug–in is designed to support active FTP sessions through the network address translation (NAT) engine that these components use. The ALG FTP plug–in supports these sessions by redirecting all traffic that passes through the NAT and that is destined for port 21 to a private listening port in the range of 3000 to 5000 on the loopback adapter. The ALG FTP plug–in then monitors and updates FTP control channel traffic so that the FTP plug-in can forward port mappings through the NAT for the FTP data channels. The FTP plug–in also updates ports in the FTP control channel stream.
System service name: ALG Application protocol Protocol Ports
FTP control TCP 21
ASP.NET State Service
ASP.NET State Service provides support for ASP.NET out-of-process session states. ASP.NET State Service stores session data out-of-process. The service uses sockets to communicate with ASP.NET that is running on a Web server.
System service name: aspnet_state Application protocol Protocol Ports
ASP.NET Session State TCP 42424
Certificate Services
Certificate Services is part of the core operating system. By using Certificate Services, a business can act as its own certification authority (CA). In this way, the business can issue and manage digital certificates for programs and protocols such as Secure/Multipurpose Internet Mail Extensions (S/MIME), Secure Sockets Layer (SSL), Encrypting File System (EFS), IPSec, and smart card logon. Certificate Services relies on RPC and on DCOM to communicate with clients by using random TCP ports that are higher than port 1024.
System service name: CertSvc Application protocol Protocol Ports
RPC TCP 135
Randomly allocated high TCP ports TCP random port number
Cluster Service
The Cluster service controls server cluster operations and manages the cluster database. A cluster is a collection of independent computers that act as a single computer. Managers, programmers, and users see the cluster as a single system. The software distributes data among the nodes of the cluster. If a node fails, other nodes provide the services and data that was formerly provided by the missing node. When a node is added or repaired, the cluster software migrates some data to that node.
System service name: ClusSvc Application protocol Protocol Ports
Cluster Services UDP 3343
RPC TCP 135
Randomly allocated high TCP ports TCP random port number
Computer Browser
The Computer Browser system service maintains an up-to-date list of computers on your network and supplies the list to programs that request it. The Computer Browser service is used by Windows-based computers to view network domains and resources. Computers that are designated as browsers maintain browse lists that contain all shared resources that are used on the network. Earlier versions of Windows programs, such as My Network Places, the net view command, and Windows Explorer, all require browsing capability. For example, when you open My Network Places on a computer that is running Microsoft Windows 95, a list of domains and computers appears. To display this list, the computer obtains a copy of the browse list from a computer that is designated as a browser.
System service name: Browser Application protocol Protocol Ports
NetBIOS Datagram Service UDP 138
NetBIOS Name Resolution UDP 137
NetBIOS Session Service TCP 139
DHCP Server
The DHCP Server service uses the Dynamic Host Configuration Protocol (DHCP) to automatically allocate IP addresses. By using this service, you can adjust the advanced network settings of DHCP clients. For example, you can configure network settings such as Domain Name System (DNS) servers and Windows Internet Name Service (WINS) servers. You can establish one or more DHCP servers to maintain TCP/IP configuration information and to provide that information to client computers.
System service name: DHCPServer Application protocol Protocol Ports
DHCP Server UDP 67
MADCAP UDP 2535
Distributed File System
The Distributed File System (DFS) service manages logical volumes that are distributed across a local area network (LAN) or wide area network (WAN) and is required for the Microsoft Active Directory directory service SYSVOL share. DFS is a distributed service that integrates disparate file shares into a single logical namespace.
System service name: Dfs Application protocol Protocol Ports
NetBIOS Datagram Service UDP 138
NetBIOS Session Service TCP 139
LDAP Server TCP 389
LDAP Server UDP 389
SMB TCP 445
RPC TCP 135
Randomly allocated high TCP ports TCP random port number
Distributed Link Tracking Server
The Distributed Link Tracking Server system service stores information so that files that are moved between volumes can be tracked to each volume in the domain. The Distributed Link Tracking Server service runs on each domain controller in a domain. This service enables the Distributed Link Tracking Client service to track linked documents that have been moved to a location in another NTFS file system volume in the same domain.
System service name: TrkSvr Application protocol Protocol Ports
RPC TCP 135
Randomly allocated high TCP ports TCP random port number
Distributed Transaction Coordinator
The Distributed Transaction Coordinator (DTC) system service is responsible for coordinating transactions that are distributed across multiple computer systems and resource managers, such as databases, message queues, file systems, or other transaction-protected resource managers. The DTC system service is required if transactional components are configured through COM+. It is also required for transactional queues in Message Queuing (also known as MSMQ) and SQL Server operations that span multiple systems.
System service name: MSDTC Application protocol Protocol Ports
RPC TCP 135
Randomly allocated high TCP ports TCP random port number
DNS Server
The DNS Server service enables DNS name resolution by answering queries and update requests for DNS names. DNS servers are required to locate devices and services that are identified by using DNS names and to locate domain controllers in Active Directory.
System service name: DNS Application protocol Protocol Ports
DNS UDP 53
DNS TCP 53
Event Log
The Event Log system service logs event messages that are generated by programs and by the Windows operating system. Event Log reports contain information that can be useful in diagnosing problems. Reports are viewed in Event Viewer. The Event Log service writes events that are sent by programs, by services, and by the operating system to log files. The events contain diagnostic information in addition to errors that are specific to the source program, the service, or the component. The logs can be viewed programmatically through the event log APIs or through the Event Viewer in an MMC snap-in.
System service name: Eventlog Application protocol Protocol Ports
RPC TCP 135
Randomly allocated high TCP ports TCP random port number
Exchange Server
Microsoft Exchange Server includes several system services. When a MAPI client, such as Microsoft Outlook, connects to an Exchange server, the client first connects to the RPC endpoint mapper (the RPC Locator Service) on TCP port 135. The RPC endpoint mapper tells the client what ports to use to connect to the Exchange Server service. These ports are dynamically assigned. Microsoft Exchange Server 5.5 uses two ports: one for the information store and one for the directory. Microsoft Exchange 2000 Server and Microsoft Exchange Server 2003 use three ports: one for the information store and two for the system attendant. You can also use Microsoft Office Outlook 2003 to connect to servers that are running Exchange Server 2003 by using RPC over HTTP. Exchange Server can also provide support for other protocols, such as SMTP, Post Office Protocol 3 (POP3), and IMAP.
Application protocol Protocol Ports
IMAP TCP 143
IMAP over SSL TCP 993
POP3 TCP 110
POP3 over SSL TCP 995
Randomly allocated high TCP ports TCP random port number
RPC TCP 135
RPC over HTTP TCP 593
SMTP TCP 25
SMTP UDP 25
Fax Service
Fax Service, a Telephony API (TAPI)–compliant system service, provides fax capabilities. By using Fax Service, users can send and receive faxes from their desktop programs by using either a local fax device or a shared network fax device.
System service name: Fax Application protocol Protocol Ports
NetBIOS Session Service TCP 139
RPC TCP 135
Randomly allocated high TCP ports TCP random port number
SMB TCP 445
File Replication
The File Replication service (FRS) allows files to be automatically copied and maintained on many servers at the same time. FRS is the automatic file replication service in Windows 2000 and in Windows Server 2003. Its function is to replicate the SYSVOL share to all domain controllers. Additionally, you can configure FRS to replicate files among alternate targets that are associated with the fault-tolerant DFS.
System service name: NtFrs Application protocol Protocol Ports
RPC TCP 135
Randomly allocated high TCP ports TCP random port number
File Server for Macintosh
By using the File Server for Macintosh system service, Macintosh computer users can store and access files on a computer that is running Windows Server 2003. If this service is turned off or blocked, Macintosh clients cannot access or store files on that computer.
System service name: MacFile Application protocol Protocol Ports
File Server for Macintosh TCP 548
FTP Publishing Service
FTP Publishing Service provides FTP connectivity. By default, the FTP control port is 21. However, you can configure this system service through the Internet Information Services (IIS) Manager snap-in. The default data (that is used for active mode FTP) port is automatically set to one port less than the control port. Therefore, if you configure the control port to port 4131, the default data port is port 4130. Most FTP clients use passive mode FTP. This means that the client initially connects to the FTP server by using the control port, the FTP server assigns a high TCP port between ports 1025 and 5000, and then the client opens a second connection to the FTP server for transferring data. You can configure the range of high ports by using the IIS metabase.
System service name: MSFTPSVC Application protocol Protocol Ports
FTP control TCP 21
FTP default data TCP 20
Randomly allocated high TCP ports TCP random port number
HTTP SSL
The HTTP SSL system service enables IIS to perform SSL functions. SSL is an open standard for establishing an encrypted communications channel to help prevent the interception of critical information, such as credit card numbers. Although this service is designed to work on other Internet services, it is primarily used to enable encrypted electronic financial transactions on the World Wide Web (WWW). You can configure the ports for this service through the Internet Information Services (IIS) Manager snap-in.
System service name: HTTPFilter Application protocol Protocol Ports
HTTPS TCP 443
Internet Authentication Service
Internet Authentication Service (IAS) performs centralized authentication, authorization, auditing, and accounting of users who are connecting to a network. These users can be on a LAN connection or on a remote connection. IAS implements the Internet Engineering Task Force (IETF) standard Remote Authentication Dial-In User Service (RADIUS) protocol.
System service name: IAS Application protocol Protocol Ports
Legacy RADIUS UDP 1645
Legacy RADIUS UDP 1646
RADIUS Accounting UDP 1813
RADIUS Authentication UDP 1812
Internet Connection Firewall (ICF)/Internet Connection Sharing (ICS)
This system service provides NAT, addressing, and name resolution services for all computers on your home network or your small-office network. When the Internet Connection Sharing feature is enabled, your computer becomes an “Internet gateway” on the network, and other client computers can then share one connection to the Internet, such as a dial-up connection or a broadband connection. This service provides basic DHCP and DNS services but will work with the full-featured Windows DHCP or DNS services. When ICF and Internet Connection Sharing act as a gateway for the rest of the computers on your network, they provide DHCP and DNS services to the private network on the internal network interface. They do not provide these services on the external-facing interface.
System service name: SharedAccess Application protocol Protocol Ports
DHCP Server UDP 67
DNS UDP 53
DNS TCP 53
Kerberos Key Distribution Center
When you use the Kerberos Key Distribution Center (KDC) system service, users can log on to the network by using the Kerberos version 5 authentication protocol. As in other implementations of the Kerberos protocol, the KDC is a single process that provides two services: the Authentication Service and the Ticket-Granting Service. The Authentication Service issues ticket granting tickets, and the Ticket-Granting Service issues tickets for connection to computers in its own domain.
System service name: kdc Application protocol Protocol Ports
Kerberos TCP 88
Kerberos UDP 88
License Logging
The License Logging system service is a tool that was originally designed to help customers manage licenses for Microsoft server products that are licensed in the Server Client Access License (CAL) model. License Logging was introduced with Microsoft Windows NT Server 3.51. By default, the License Logging service is disabled in Windows Server 2003. Because of original design constraints and evolving license terms and conditions, License Logging may not provide an accurate view of the total number of CALs that are purchased compared to the total number of CALs that are used on a particular server or across the enterprise. The CALs that are reported by License Logging may conflict with the interpretation of the End-User License Agreement (EULA) and with Product Use Rights (PUR). License Logging will not be included in future versions of the Windows operating system. Microsoft recommends that only users of the Microsoft Small Business Server family of operating systems enable this service on their servers.
System service name: LicenseService Application protocol Protocol Ports
NetBIOS Datagram Service UDP 138
NetBIOS Session Service TCP 139
SMB TCP 445
Local Security Authority
The Local Security Authority (LSASS) service provides core operating system security mechanisms. The service uses random TCP ports that are assigned through the RPC service for domain controller replication. Although LSASS can use all the following protocols, it may use only a subset of them. For example, if you configure a VPN gateway that lies behind a filtering router, you might use Layer 2 Tunneling Protocol (L2TP) together with IPSec. In this scenario, you must allow IPSec Encapsulating Security Protocol (ESP) (IP protocol 50), IPSec Network Address Translator Traversal NAT-T (UDP port 4500), and IPSec Internet Security Association and Key Management Protocol (ISAKMP) (UDP port 500) through the router.
NotePacket filters for L2TP traffic are not required, because L2TP is protected by IPSec ESP.
System service name: LSASS Application protocol Protocol Ports
Global Catalog Server TCP 3269
Global Catalog Server TCP 3268
LDAP Server TCP 389
LDAP Server UDP 389
LDAP SSL TCP 636
LDAP SSL UDP 636
IPSec ISAKMP UDP 500
NAT-T UDP 4500
RPC TCP 135
Randomly allocated high TCP ports TCP random port number
Message Queuing
The Message Queuing system service is a messaging infrastructure and development tool for creating distributed messaging programs for Windows. These programs can communicate across heterogeneous networks and can send messages between computers that may be temporarily unable to connect to each other. Message Queuing helps provide security, efficient routing, support for sending messages within transactions, priority-based messaging, and guaranteed message delivery.
System service name: MSMQ Application protocol Protocol Ports
MSMQ TCP 1801
MSMQ UDP 1801
MSMQ-DCs TCP 2101
MSMQ-Mgmt TCP 2107
MSMQ-Ping UDP 3527
MSMQ-RPC TCP 2105
MSMQ-RPC TCP 2103
RPC TCP 135
Messenger
The Messenger system service sends messages to or receives messages from users and computers, administrators, and the Alerter service. This service is not related to Windows Messenger. If you disable the Messenger service, notifications that are sent to computers or users who are currently logged on the network are not received. Additionally, the net send command and the net name command no longer function.
System service name: Messenger Application protocol Protocol Ports
NetBIOS Datagram Service UDP 138
Microsoft Exchange MTA Stacks
In Microsoft Exchange 2000 Server and Microsoft Exchange Server 2003, the Message Transfer Agent (MTA) is frequently used to provide backward-compatible message transfer services between Exchange 2000 Server-based servers and Exchange Server 5.5-based servers in a mixed-mode environment.
System service name: MSExchangeMTA Application protocol Protocol Ports
X.400 TCP 102
Microsoft Operations Manager 2000
Microsoft Operations Manager (MOM) 2000 delivers enterprise-class operations management by providing comprehensive event management, proactive monitoring and alerting, reporting, and trend analysis. After you install MOM 2000 Service Pack 1 (SP1), MOM 2000 no longer uses a clear text communications channel, and all traffic between the MOM agent and the MOM server is encrypted over TCP port 1270. The MOM Administrator console uses DCOM to connect to the server. This means that administrators who manage the MOM server over the network must have access to random high TCP ports.
System service name: one point Application protocol Protocol Ports
MOM-Clear TCP 51515
MOM-Encrypted TCP 1270
Microsoft POP3 Service
Microsoft POP3 Service provides e-mail transfer and retrieval services. Administrators can use this service to store and manage e-mail accounts on the mail server. When you install Microsoft POP3 Service on the mail server, users can connect to the mail server and can retrieve e-mail by using an e-mail client that supports the POP3 protocol, such as Microsoft Outlook.
System service name: POP3SVC Application protocol Protocol Ports
POP3 TCP 110
MSSQLSERVER
MSSQLSERVER is a system service in Microsoft SQL Server 2000. SQL Server provides a powerful and comprehensive data management platform. You can configure the ports that each instance of SQL Server uses by using the Server Network Utility.
System service name: MSSQLSERVER Application protocol Protocol Ports
SQL over TCP TCP 1433
SQL Probe UDP 1434
MSSQL$UDDI
The MSSQL$UDDI system service is installed during the installation of the Universal Description, Discovery, and Integration (UDDI) feature of the Windows Server 2003 family of operating systems. MSSQL$UDDI provides UDDI capabilities in an enterprise. The SQL Server database engine is the core component of MSSQL$UDDI.
System service name: MSSQLSERVER Application protocol Protocol Ports
SQL over TCP TCP 1433
SQL Probe UDP 1434
Net Logon
The Net Logon system service maintains a security channel between your computer and the domain controller to authenticate users and services. It passes the user’s credentials to a domain controller and returns the domain security identifiers and user rights for the user. This is typically referred to as pass-through authentication. Net Logon starts automatically when the computer is a member of a domain. In the Windows 2000 Server and Windows Server 2003 families, Net Logon publishes service resource records in the DNS. Net Logon is only enabled on computers that belong to a domain. When this service runs, it relies on the Server service and on the Local Security Authority service to listen for incoming requests. On domain member computers, Net Logon uses RPC over named pipes. On domain controllers, it uses RPC over named pipes, RPC over TCP/IP, mailslots, and Lightweight Directory Access Protocol (LDAP).
System service name: Netlogon Application protocol Protocol Ports
NetBIOS Datagram Service UDP 138
NetBIOS Name Resolution UDP 137
NetBIOS Session Service TCP 139
SMB TCP 445
NetMeeting Remote Desktop Sharing
The NetMeeting Remote Desktop Sharing system service allows authorized users to remotely access your Windows desktop from another personal computer over a corporate intranet by using Windows NetMeeting. You must explicitly enable this service in NetMeeting. You can disable or shut down this feature by using an icon in the Windows notification area.
System service name: mnmsrvc Application protocol Protocol Ports
Terminal Services TCP 3389
Network News Transfer Protocol (NNTP)
The Network News Transfer Protocol (NNTP) system service allows computers that are running Windows Server 2003 to act as news servers. Clients can use a news client, such as Microsoft Outlook Express, to retrieve newsgroups from the server and to read the headers or the bodies of the articles in each newsgroup.
System service name: NNTPSVC Application protocol Protocol Ports
NNTP TCP 119
NNTP over SSL TCP 563
Performance Logs and Alerts
The Performance Logs and Alerts system service collects, based on preconfigured schedule parameters, performance data from local or remote computers and then writes that data to a log or triggers a message. Based on the information that is contained in the named log collection setting, the Performance Logs and Alerts service starts and stops each named performance data collection. This service only runs if at least one performance data collection is scheduled.
System service name: SysmonLog Application protocol Protocol Ports
NetBIOS Session Service TCP 139
Print Spooler
The Print Spooler system service manages all local and network print queues and controls all print jobs. Print Spooler is the center of the Windows printing subsystem. It manages the print queues on the system and communicates with printer drivers and input/output (I/O) components, such as the USB port and the TCP/IP protocol suite.
System service name: Spooler Application protocol Protocol Ports
NetBIOS Session Service TCP 139
SMB TCP 445
Remote Installation
You can use the Remote Installation system service to install Windows 2000, Windows XP, and Windows Server 2003 on Pre-Boot eXecution Environment (PXE) remote boot-enabled client computers. The Boot Information Negotiation Layer (BINL) service, the primary component of Remote Installation Server (RIS), answers PXE client requests, checks Active Directory for client validation, and passes client information to and from the server. The BINL service is installed when you either add the RIS component from Add/Remove Windows Components, or select it when you initially install the operating system.
System service name: BINLSVC Application protocol Protocol Ports
BINL UDP 4011
Remote Procedure Call (RPC)
The Remote Procedure Call (RPC) system service is an interprocess communication (IPC) mechanism that enables data exchange and invocation of functionality that reside in a different process. The different process can be on the same computer, on the LAN, or in a remote location, and can be accessed over a WAN connection or over a VPN connection. The RPC service serves as the RPC endpoint mapper and Component Object Model (COM) Service Control Manager. Many services depend on the RPC service to start successfully.
System service name: RpcSs Application protocol Protocol Ports
RPC TCP 135
RPC over HTTP TCP 593
Remote Procedure Call (RPC) Locator
The Remote Procedure Call (RPC) Locator system service manages the RPC name service database. When this service is turned on, RPC clients can locate RPC servers. This service is turned off by default.
System service name: RpcLocator Application protocol Protocol Ports
NetBIOS Session Service TCP 139
SMB TCP 445
Remote Storage Notification
The Remote Storage Notification system service notifies users when they read from or write to files that are only available from a secondary storage media. Stopping this service prevents this notification.
System service name: Remote_Storage_User_Link Application protocol Protocol Ports
RPC TCP 135
Randomly allocated high TCP ports TCP random port number
Remote Storage Server
The Remote Storage Server system service stores infrequently used files on a secondary storage medium. If you stop this service, users cannot move or retrieve files from the secondary storage media.
System service name: Remote_Storage_Server Application protocol Protocol Ports
RPC TCP 135
Randomly allocated high TCP ports TCP random port number
Routing and Remote Access
The Routing and Remote Access service provides multiprotocol LAN-to-LAN, LAN-to-WAN, VPN, and NAT routing services. Additionally, the Routing and Remote Access service also provides dial-up and VPN remote access services. Although Routing and Remote Access can use all the following protocols, the service typically uses only a subset of them. For example, if you configure a VPN gateway that lies behind a filtering router, you will probably use only one technology. If you use L2TP with IPSec, you must allow IPSec ESP (IP protocol 50), NAT-T (TCP on port 4500), and IPSec ISAKMP (TCP on port 500) through the router.
Note Although NAT-T and IPSec ISAKMP are required for L2TP, these ports are actually monitored by the Local Security Authority. For additional information about this, see the “References” section of this article.
System service name: RemoteAccess Application protocol Protocol Ports
GRE (IP protocol 47) GRE n/a
IPSec AH (IP protocol 51) AH n/a
IPSec ESP (IP protocol 50) ESP n/a
L2TP UDP 1701
PPTP TCP 1723
Server
The Server system service provides RPC support and file, print, and named pipe sharing over the network. The Server service allows the sharing of local resources, such as disks and printers, so that other users on the network can access them. It also allows named pipe communication between programs that are running on the local computer and on other computers. Named pipe communication is memory that is reserved for the output of one process to be used as input for another process. The input-accepting process does not have to be local to the computer.
System service name: lanmanserver Application protocol Protocol Ports
NetBIOS Datagram Service UDP 138
NetBIOS Name Resolution UDP 137
NetBIOS Session Service TCP 139
SMB TCP 445
SharePoint Portal Server
With the SharePoint Portal Server system service, you can develop an intelligent portal that seamlessly connects users, teams, and knowledge so that people can take advantage of relevant information across business processes. Microsoft SharePoint Portal Server 2003 provides an enterprise business solution that integrates information from various systems into one solution through single sign-on and enterprise application integration capabilities.
Application protocol Protocol Ports
HTTP TCP 80
HTTPS TCP 443
Simple Mail Transfer Protocol (SMTP)
The Simple Mail Transfer Protocol (SMTP) system service is an e-mail submission and relay agent. It accepts and queues e-mail for remote destinations, and it retries at specified intervals. Windows domain controllers use the SMTP service for intersite e-mail-based replication. The Collaboration Data Objects (CDO) for the Windows Server 2003 COM component can use the SMTP service to submit and to queue outbound e-mail.
System service name: SMTPSVC Application protocol Protocol Ports
SMTP TCP 25
SMTP UDP 25
Simple TCP/IP Services
Simple TCP/IP Services implements support for the following protocols:
Echo, port 7, RFC 862
Discard, port 9, RFC 863
Character Generator, port 19, RFC 864
Daytime, port 13, RFC 867
Quote of the Day, port 17, RFC 865
System service name: SimpTcp Application protocol Protocol Ports
Chargen TCP 19
Chargen UDP 19
Daytime TCP 13
Daytime UDP 13
Discard TCP 9
Discard UDP 9
Echo TCP 7
Echo UDP 7
Quotd TCP 17
Quoted UDP 17
SMS Remote Control Agent
SMS Remote Control Agent is a system service in Microsoft Systems Management Server (SMS) 2003. SMS Remote Control Agent provides a comprehensive solution for change and for configuration management for the Microsoft operating systems. With this solution, organizations can provide relevant software and updates to users.
System service name: Wuser32 Application protocol Protocol Ports
SMS Remote Chat TCP 2703
SMS Remote Chat UDP 2703
SMS Remote Control (control) TCP 2701
SMS Remote Control (control) UDP 2701
SMS Remote Control (data) TCP 2702
SMS Remote Control (data) UDP 2702
SMS Remote File Transfer TCP 2704
SMS Remote File Transfer UDP 2704
SNMP Service
SNMP Service allows incoming Simple Network Management Protocol (SNMP) requests to be serviced by the local computer. SNMP Service includes agents that monitor activity in network devices and report to the network console workstation. SNMP Service provides a method of managing network hosts (such as workstation or server computers, routers, bridges, and hubs) from a centrally-located computer that is running network management software. SNMP performs management services by using a distributed architecture of management systems and agents.
System service name: SNMP Application protocol Protocol Ports
SNMP UDP 161
SNMP Trap Service
SNMP Trap Service receives trap messages that are generated by local or by remote SNMP agents and then forwards those messages to SNMP management programs that are running on your computer. SNMP Trap Service, when configured for an agent, generates trap messages if any specific events occur. These messages are sent to a trap destination. For example, an agent can be configured to initiate an authentication trap if an unrecognized management system sends a request for information. Trap destinations include the computer name, the IP address, or the Internetwork Packet Exchange (IPX) address of the management system. The trap destination must be a network-enabled host that is running SNMP management software.
System service name: SNMPTRAP Application protocol Protocol Ports
SNMP Traps Outbound UDP 162
SQL Analysis Server
The SQL Analysis Server system service is a component of SQL Server 2000. With SQL Analysis Server, you can create and manage OLAP cubes and data mining models. The analysis server may access local or remote data sources for creating and storing cubes or data mining models.
Application protocol Protocol Ports
SQL Analysis Services TCP 2725
SQL Server: Downlevel OLAP Client Support
This system service is used by SQL Server 2000 when the SQL Analysis Server service has to support connections from downlevel (OLAP Services 7.0) clients. These are the default ports for OLAP services that are used by SQL 7.0.
Application protocol Protocol Ports
OLAP Services 7.0 TCP 2393
OLAP Services 7.0 TCP 2394
SSDP Discovery Service
SSDP Discovery Service implements Simple Service Discovery Protocol (SSDP) as a Windows service. SSDP Discovery Service manages receipt of device presence announcements, updates its cache, and passes these notifications along to clients with outstanding search requests. SSDP Discovery Service also accepts registration of event callbacks from clients, turns these into subscription requests, and monitors for event notifications. It then passes these requests along to the registered callbacks. This system service also provides hosted devices with periodic announcements. Currently, the SSDP event notification service uses TCP port 5000. Starting with the next Windows XP service pack, it will rely on TCP port 2869.
Note At the time of this writing, the current Windows XP service pack level is Windows XP Service Pack 1 (SP1).
System service name: SSDPRSR Application protocol Protocol Ports
SSDP UDP 1900
SSDP event notification TCP 2869
SSDP legacy event notification TCP 5000
Systems Management Server 2.0
Microsoft Systems Management Server (SMS) 2003 provides a comprehensive solution for change and configuration management for Microsoft operating systems. With this solution, organizations can provide relevant software and updates to users quickly and cost-effectively.
Application protocol Protocol Ports
NetBIOS Datagram Service UDP 138
NetBIOS Name Resolution UDP 137
NetBIOS Session Service TCP 139
RPC TCP 135
Randomly allocated high TCP ports TCP random port number
TCP/IP Print Server
The TCP/IP Print Server system service enables TCP/IP–based printing by using the Line Printer Daemon (LPD) protocol. The LPD service on the server receives documents from Line Printer Remote (LPR) utilities that are running on UNIX computers.
System service name: LPDSVC Application protocol Protocol Ports
LPD TCP 515
Telnet
The Telnet system service for Windows provides ASCII terminal sessions to Telnet clients. A Telnet server supports two types of authentication and supports the following four types of terminals:
American National Standards Institute (ANSI)
VT-100
VT-52
VTNT
System service name: TlntSvr Application protocol Protocol Ports
Telnet TCP 23
Terminal Services
Terminal Services provides a multi-session environment that allows client devices to access a virtual Windows desktop session and Windows-based programs that are running on the server. Terminal Services allows multiple users to be connected interactively to a computer.
System service name: TermService Application protocol Protocol Ports
Terminal Services TCP 3389
Terminal Services Licensing
The Terminal Services Licensing system service installs a license server and provides licenses to registered clients when the clients connect to a terminal server (a server that has Terminal Server enabled). Terminal Services Licensing is a low-impact service that stores the client licenses that have been issued for a terminal server, and then tracks the licenses that have been issued to client computers or terminals.
System service name: TermServLicensing Application protocol Protocol Ports
RPC TCP 135
Randomly allocated high TCP ports TCP random port number
Terminal Services Session Directory
The Terminal Services Session Directory system service allows clusters of load-balanced terminal servers to correctly route a user’s connection request to the server where the user already has a session running. Users are routed to the first-available terminal server, regardless of whether they are running another session in the server cluster. The load-balancing functionality pools the processing resources of several servers by using the TCP/IP networking protocol. You can use this service with a cluster of terminal servers to increase the performance of a single terminal server by distributing sessions across multiple servers. Terminal Services Session Directory keeps track of disconnected sessions on the cluster and makes sure that users are reconnected to those sessions.
System service name: Tssdis Application protocol Protocol Ports
RPC TCP 135
Randomly allocated high TCP ports TCP random port number
Trivial FTP Daemon
The Trivial FTP Daemon system service does not require a user name or a password and is an integral part of RIS. The Trivial FTP Daemon service implements support for the Trivial FTP Protocol (TFTP) that is defined by the following RFCs:
RFC 1350 – TFTP
RFC 2347 – Option extension
RFC 2348 – Block size option
RFC 2349 – Timeout interval, and transfer size options
TFTP is a file transfer protocol that is designed to support diskless boot environments. TFTP daemons listen on UDP port 69 but respond from a randomly allocated high port. Therefore, when you enable this port, the TFTP service can receive incoming TFTP requests, but enabling it does not allow the selected server to respond to those requests. You must configure the selected server to respond from port 69 to allow it to respond to inbound TFTP requests.
System service name: tftpd Application protocol Protocol Ports
TFTP UDP 69
Universal Plug and Play Device Host
The Universal Plug and Play Host discovery system service implements all the components that are required for device registration, control, and the response to events for hosted devices. The information that is registered that pertains to a device (the description, the lifetimes, and the containers) are optionally stored to disk and are announced on the network after registration, or when the operating system restarts. The service also includes the Web server that serves the device, in addition to service descriptions and a presentation page.
System service name: UPNPHost Application protocol Protocol Ports
UPNP TCP 2869
Windows Internet Name Service (WINS)
Windows Internet Name Service (WINS) enables NetBIOS name resolution. This service helps you locate network resources by using NetBIOS names. WINS servers are required unless all domains have been upgraded to the Active Directory directory service and unless all computers on the network are running Windows 2000 or later. WINS servers communicate with network clients by using NetBIOS name resolution. WINS replication is only required between WINS servers.
System service name: WINS Application protocol Protocol Ports
NetBIOS Name Resolution UDP 137
WINS Replication TCP 42
WINS Replication UDP 42
Windows Media Services
Windows Media Services in Windows Server 2003 replaces the following four services that are included in Windows Media Services versions 4.0 and 4.1:
Windows Media Monitor Service
Windows Media Program Service
Windows Media Station Service
Windows Media Unicast Service
Windows Media Services is now a single service that runs on Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition; and Windows Server 2003, Datacenter Edition. Its core components were developed by using the COM, and it has a flexible architecture that you can customize for specific programs. It supports a greater variety of control protocols, including Real Time Streaming Protocol (RTSP), Microsoft Media Server (MMS) protocol, and HTTP.
System service name: WMServer Application protocol Protocol Ports
HTTP TCP 80
MMS TCP 1755
MMS UDP 1755
MS Theater UDP 2460
RTCP UDP 5005
RTP UDP 5004
RTSP TCP 554
Windows Time
The Windows Time system service maintains date and time synchronization on all Windows XP and Windows Server 2003-based computers on a network. This service uses Network Time Protocol (NTP) to synchronize computer clocks so that an accurate clock value, or timestamp is assigned for network validation and for resource access requests. The implementation of NTP and the integration of time providers help make Windows Time a reliable and scalable time service for your enterprise. For computers that are not joined to a domain, you can configure Windows Time to synchronize time with an external time source. If this service is turned off, the time setting for local computers is not synchronized with a time service in the Windows domain or with an externally configured time service. Windows Server 2003 uses NTP. NTP runs on UDP port 123. The Windows 2000 version of this service uses Simple Network Time Protocol (SNTP). SNTP also runs on UDP port 123.
System service name: W32Time Application protocol Protocol Ports
NTP TCP 123
SNTP UDP 123
World Wide Web Publishing Service
World Wide Web Publishing Service provides the infrastructure that is necessary to register, to manage, to monitor, and to serve Web sites and programs that are registered with IIS. This system service contains a process manager and a configuration manager. The process manager controls the processes where custom applications and Web sites reside. The configuration manager reads the stored system configuration for World Wide Web Publishing Service and makes sure that Http.sys is configured to route HTTP requests to the appropriate application pools or operating system processes. You can configure the ports that are used by this service through the Internet Information Services (IIS) Manager snap-in. If the administrative Web site is enabled, a virtual Web site is created that uses HTTP traffic on TCP port 8098.
System service name: W3SVC Application protocol Protocol Ports
HTTP TCP 80
HTTPS TCP 443
back to the top
Ports and Protocols
The following table summarizes the information from the “System Services Ports” section of this article. This table is sorted by port number instead of by the service name. Port Protocol Application protocol System service name
n/a GRE GRE (IP protocol 47) Routing and Remote Access
n/a ESP IPSec ESP (IP protocol 50) Routing and Remote Access
n/a AH IPSec AH (IP protocol 51) Routing and Remote Access
7 TCP Echo Simple TCP/IP Services
7 UDP Echo Simple TCP/IP Services
9 TCP Discard Simple TCP/IP Services
9 UDP Discard Simple TCP/IP Services
13 TCP Daytime Simple TCP/IP Services
13 UDP Daytime Simple TCP/IP Services
17 TCP Quotd Simple TCP/IP Services
17 UDP Quotd Simple TCP/IP Services
19 TCP Chargen Simple TCP/IP Services
19 UDP Chargen Simple TCP/IP Services
20 TCP FTP default data FTP Publishing Service
21 TCP FTP control FTP Publishing Service
21 TCP FTP control Application Layer Gateway Service
23 TCP Telnet Telnet
25 TCP SMTP Simple Mail Transfer Protocol
25 UDP SMTP Simple Mail Transfer Protocol
25 TCP SMTP Exchange Server
25 UDP SMTP Exchange Server
42 TCP WINS Replication Windows Internet Name Service
42 UDP WINS Replication Windows Internet Name Service
53 TCP DNS DNS Server
53 UDP DNS DNS Server
53 TCP DNS Internet Connection Firewall/Internet Connection Sharing
53 UDP DNS Internet Connection Firewall/Internet Connection Sharing
67 UDP DHCP Server DHCP Server
67 UDP DHCP Server Internet Connection Firewall/Internet Connection Sharing
69 UDP TFTP Trivial FTP Daemon Service
80 TCP HTTP Windows Media Services
80 TCP HTTP World Wide Web Publishing Service
80 TCP HTTP SharePoint Portal Server
88 TCP Kerberos Kerberos Key Distribution Center
88 UDP Kerberos Kerberos Key Distribution Center
102 TCP X.400 Microsoft Exchange MTA Stacks
110 TCP POP3 Microsoft POP3 Service
110 TCP POP3 Exchange Server
119 TCP NNTP Network News Transfer Protocol
123 UDP NTP Windows Time
123 UDP SNTP Windows Time
135 TCP RPC Message Queuing
135 TCP RPC Remote Procedure Call
135 TCP RPC Exchange Server
135 TCP RPC Certificate Services
135 TCP RPC Cluster Service
135 TCP RPC Distributed File System
135 TCP RPC Distributed Link Tracking
135 TCP RPC Distributed Transaction Coordinator
135 TCP RPC Event Log
135 TCP RPC Fax Service
135 TCP RPC File Replication
135 TCP RPC Local Security Authority
135 TCP RPC Remote Storage Notification
135 TCP RPC Remote Storage Server
135 TCP RPC Systems Management Server 2.0
135 TCP RPC Terminal Services Licensing
135 TCP RPC Terminal Services Session Directory
137 UDP NetBIOS Name Resolution Computer Browser
137 UDP NetBIOS Name Resolution Server
137 UDP NetBIOS Name Resolution Windows Internet Name Service
137 UDP NetBIOS Name Resolution Net Logon
137 UDP NetBIOS Name Resolution Systems Management Server 2.0
138 UDP NetBIOS Datagram Service Computer Browser
138 UDP NetBIOS Datagram Service Messenger
138 UDP NetBIOS Datagram Service Server
138 UDP NetBIOS Datagram Service Net Logon
138 UDP NetBIOS Datagram Service Distributed File System
138 UDP NetBIOS Datagram Service Systems Management Server 2.0
138 UDP NetBIOS Datagram Service License Logging Service
139 TCP NetBIOS Session Service Computer Browser
139 TCP NetBIOS Session Service Fax Service
139 TCP NetBIOS Session Service Performance Logs and Alerts
139 TCP NetBIOS Session Service Print Spooler
139 TCP NetBIOS Session Service Server
139 TCP NetBIOS Session Service Net Logon
139 TCP NetBIOS Session Service Remote Procedure Call Locator
139 TCP NetBIOS Session Service Distributed File System
139 TCP NetBIOS Session Service Systems Management Server 2.0
139 TCP NetBIOS Session Service License Logging Service
143 TCP IMAP Exchange Server
161 UDP SNMP SNMP Service
162 UDP SNMP Traps Outbound SNMP Trap Service
389 TCP LDAP Server Local Security Authority
389 UDP LDAP Server Local Security Authority
389 TCP LDAP Server Distributed File System
389 UDP LDAP Server Distributed File System
443 TCP HTTPS HTTP SSL
443 TCP HTTPS World Wide Web Publishing Service
443 TCP HTTPS SharePoint Portal Server
445 TCP SMB Fax Service
445 TCP SMB Print Spooler
445 TCP SMB Server
445 TCP SMB Remote Procedure Call Locator
445 TCP SMB Distributed File System
445 TCP SMB License Logging Service
445 TCP SMB Net Logon
500 UDP IPSec ISAKMP Local Security Authority
515 TCP LPD TCP/IP Print Server
548 TCP File Server for Macintosh File Server for Macintosh
554 TCP RTSP Windows Media Services
563 TCP NNTP over SSL Network News Transfer Protocol
593 TCP RPC over HTTP Remote Procedure Call
593 TCP RPC over HTTP Exchange Server
636 TCP LDAP SSL Local Security Authority
636 UDP LDAP SSL Local Security Authority
993 TCP IMAP over SSL Exchange Server
995 TCP POP3 over SSL Exchange Server
1270 TCP MOM-Encrypted Microsoft Operations Manager 2000
1433 TCP SQL over TCP Microsoft SQL Server
1433 TCP SQL over TCP MSSQL$UDDI
1434 UDP SQL Probe Microsoft SQL Server
1434 UDP SQL Probe MSSQL$UDDI
1645 UDP Legacy RADIUS Internet Authentication Service
1646 UDP Legacy RADIUS Internet Authentication Service
1701 UDP L2TP Routing and Remote Access
1723 TCP PPTP Routing and Remote Access
1755 TCP MMS Windows Media Services
1755 UDP MMS Windows Media Services
1801 TCP MSMQ Message Queuing
1801 UDP MSMQ Message Queuing
1812 UDP RADIUS Authentication Internet Authentication Service
1813 UDP RADIUS Accounting Internet Authentication Service
1900 UDP SSDP SSDP Discovery Service
2101 TCP MSMQ-DCs Message Queuing
2103 TCP MSMQ-RPC Message Queuing
2105 TCP MSMQ-RPC Message Queuing
2107 TCP MSMQ-Mgmt Message Queuing
2393 TCP OLAP Services 7.0 SQL Server: Downlevel OLAP Client Support
2394 TCP OLAP Services 7.0 SQL Server: Downlevel OLAP Client Support
2460 UDP MS Theater Windows Media Services
2535 UDP MADCAP DHCP Server
2701 TCP SMS Remote Control (control) SMS Remote Control Agent
2701 UDP SMS Remote Control (control) SMS Remote Control Agent
2702 TCP SMS Remote Control (data) SMS Remote Control Agent
2702 UDP SMS Remote Control (data) SMS Remote Control Agent
2703 TCP SMS Remote Chat SMS Remote Control Agent
2703 UPD SMS Remote Chat SMS Remote Control Agent
2704 TCP SMS Remote File Transfer SMS Remote Control Agent
2704 UDP SMS Remote File Transfer SMS Remote Control Agent
2725 TCP SQL Analysis Services SQL Analysis Server
2869 TCP UPNP Universal Plug and Play Device Host
2869 TCP SSDP event notification SSDP Discovery Service
3268 TCP Global Catalog Server Local Security Authority
3269 TCP Global Catalog Server Local Security Authority
3343 UDP Cluster Services Cluster Service
3389 TCP Terminal Services NetMeeting Remote Desktop Sharing
3389 TCP Terminal Services Terminal Services
3527 UDP MSMQ-Ping Message Queuing
4011 UDP BINL Remote Installation
4500 UDP NAT-T Local Security Authority
5000 TCP SSDP legacy event notification SSDP Discovery Service
5004 UDP RTP Windows Media Services
5005 UDP RTCP Windows Media Services
42424 TCP ASP.Net Session State ASP.NET State Service
51515 TCP MOM-Clear Microsoft Operations Manager 2000
Microsoft provides the information in this table in a Microsoft Excel worksheet. This worksheet is available for download from the Microsoft Download Center:
Download the Port_Requirements_for_Microsoft_Windows_Server_System.xls package now.
back to the top
REFERENCES
The Help files for each of the Microsoft products that are described in this article contain additional information that you may find useful to help configure your programs. Windows Server 2003 Help contains step-by-step instructions about how to configure specific technologies and server roles.
General Information
For more information about system services in Windows Server 2003 and Windows XP, visit the following Microsoft Web site:
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/plan/svrxpser.asp
For more information about how to help secure Windows Server 2003 and for sample IPSec filters for specific server roles, see the “Windows Server 2003 Security Guide.” To see this guide, visit the following Microsoft Web site:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/prodtech/win2003/w2003hg/sgch00.asp
For more information about operating system services, security settings, and IPSec filtering, see the “Threats and Countermeasures Guide.” To see this guide, visit the following Microsoft Web site:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/topics/hardsys/TCG/TCGCH00.asp
For additional information about port assignments for well-known ports, click the following article number to view the article in the Microsoft Knowledge Base:
174904 Information about TCP/IP Port Assignments
Additionally, see “Appendix B – Port Reference for MS TCP/IP” in the Microsoft Windows NT 4.0 Resource Kit. To do so, visit the following Microsoft Web site:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/winntas/reskit/net/port_nts.asp
Additionally, see “TCP and UDP Port Assignments” in the Windows 2000 Server Resource Kit. To do so, visit the following Microsoft Web site:
http://www.microsoft.com/windows2000/techinfo/reskit/en-us/default.asp?url=/windows2000/techinfo/reskit/en-us/cnet/cnfc_por_GDQC.asp
The Internet Assigned Numbers Authority coordinates the use of well-known ports. To view this organization’s list of TCP/IP port assignments, visit the following Web site:
http://www.iana.org/assignments/port-numbers
Remote Procedure Calls and DCOM
For information about RPC and how to configure DCOM to work with firewalls, see the “Using Distributed COM with Firewalls” white paper. To do so, visit the following Microsoft Web site:
http://www.microsoft.com/com/wpaper/dcomfw.asp
For a detailed discussion of DCOM, see the “Using Distributed COM with Firewalls” white paper. To do so, visit the following Microsoft Web site:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dndcom/html/msdn_dcomfirewall.asp
For a detailed description of RPC, visit the following Microsoft Web site:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnanchor/html/rpcank.asp
For additional information about configuring RPC to work with a firewall, click the following article number to view the article in the Microsoft Knowledge Base:
154596 HOWTO: Configure RPC Dynamic Port Allocation to Work with Firewall
For more information about the RPC protocol and how computers that are running Windows 2000 initialize, see the “Windows 2000 Startup and Logon Traffic Analysis” white paper. To do so, visit the following Microsoft Web site:
http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/prodtechnol/windows2000serv/deploy/w2kstart.asp
Distributed Transaction Coordinator
For additional information about how to configure DTC to use a specific range of ports, click the following article number to view the article in the Microsoft Knowledge Base:
250367 INFO: Configuring Microsoft Distributed Transaction Coordinator (DTC) to Work Through a Firewall
Domain Controllers and Active Directory
For additional information about how to restrict Active Directory replication traffic, click the following article number to view the article in the Microsoft Knowledge Base:
224196 Restricting Active Directory Replication Traffic to a Specific Port
For an explanation of how the Directory System Agent, LDAP, and the local system authority are related, visit the following Microsoft Web site:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ad/ad/directory_system_agent.asp
For additional information about how LDAP and the global catalog work in Windows 2000, visit the following Microsoft Web site:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windows2000serv/reskit/distsys/part1/dsgch10.asp
Commerce Server
For information about how to help configure secure applications that are built on top of Microsoft Commerce Server, visit the following Microsoft Web site:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/comm/comm2002/deploy/SecCncpt.asp
Exchange Server
For additional information about how to restrict Exchange 2000 Server and Exchange Server 2003 MAPI traffic, click the following article number to view the article in the Microsoft Knowledge Base:
270836 Exchange 2000 and Exchange 2003 Static Port Mappings
For additional information about the network ports and protocols that are supported by Exchange 2000 Server, click the following article number to view the article in the Microsoft Knowledge Base:
278339 XGEN: TCP/UDP Ports Used By Exchange 2000 Server
For additional information about how to configure Exchange Server 5.5 to use an alternative port for LDAP communications, click the following article number to view the article in the Microsoft Knowledge Base:
224447 XADM: How to Change LDAP Port Assignments in Exchange Server
For additional information about the ports that are used by Exchange Server 5.5 and earlier versions of Exchange Server, click the following article number to view the article in the Microsoft Knowledge Base:
176466 XGEN: TCP Ports and Microsoft Exchange: In-depth Discussion
File Replication Service
For additional information about how to configure FRS to work with a firewall, click the following article number to view the article in the Microsoft Knowledge Base:
319553 How to Restrict FRS Replication Traffic to a Specific Static Port
Internet Information Services
For additional information about the ports that are used by IIS 4.0, by IIS 5.0, and by IIS 5.1, click the following article number to view the article in the Microsoft Knowledge Base:
327859 INFO: Inetinfo Services Use Additional Ports Beyond Well-Known Ports
For information about how FTP works, visit the following Microsoft Web site:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/proddocs/standard/wsa_ftp_modes.asp
IPSec and VPNs
For additional information about how to configure IPSec default exemptions in Windows, click the following article number to view the article in the Microsoft Knowledge Base:
811832 IPSec Default Exemptions Can Be Used to Bypass IPSec Protection in Some Scenarios
For additional information about the ports and protocols that are used by IPSec, click the following article number to view the article in the Microsoft Knowledge Base:
233256 How to Enable IPSec Traffic Through a Firewall
For additional information about new and updated features in L2TP and IPSec, click the following article number to view the article in the Microsoft Knowledge Base:
818043 L2TP/IPSec NAT-T Update for Windows XP and Windows 2000
Multicast Address Dynamic Client Allocation Protocol (MADCAP)
For more information about how to plan MADCAP servers, visit the following Microsoft Web site:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/proddocs/deployguide/dnsbb_tcp_btgh.asp
Message Queuing
For additional information about the ports that are used by Microsoft Message Queuing, click the following article number to view the article in the Microsoft Knowledge Base:
178517 INFO: TCP, UDP, and RPC Ports Used by MSMQ
Mobile Information Server
For additional information about the ports that are used by Microsoft Mobile Information Server 2001, click the following article number to view the article in the Microsoft Knowledge Base:
294297 XCCC: TCP/IP Ports Used by Microsoft Mobile Information Server
Microsoft Operations Manager
For information about how to plan for and to deploy MOM, visit the following Microsoft Web site:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/mom/plan/momcngde.asp
Systems Management Server
For additional information about the ports that are used by SMS 2003, click the following article number to view the article in the Microsoft Knowledge Base:
826852 Ports That Systems Management Server 2003 Uses to Communicate Through a Firewall or Through a Proxy Server
For additional information about the ports that are used by SMS 2.0, click the following article number to view the article in the Microsoft Knowledge Base:
167128 SMS: Network Ports Used by Remote Helpdesk Functions
For additional information about how to configure SMS through a firewall, click the following article number to view the article in the Microsoft Knowledge Base:
200898 SMS: How to Use Systems Management Server Through a Firewall
For additional information about the ports that are used by SMS 2.0 Remote Tools, click the following article number to view the article in the Microsoft Knowledge Base:
256884 SMS: TCP and UDP Ports Used by Remote Control Have Changed in Service Pack 2
SQL Server
For additional information about how SQL Server 2000 dynamically determines ports for secondary instances, click the following article number to view the article in the Microsoft Knowledge Base:
286303 INF: Behavior of SQL Server 2000 Network Library During Dynamic Port Detection
For additional information about the ports that are used by SQL Server 7.0 and SQL Server 2000 for OLAP, click the following article number to view the article in the Microsoft Knowledge Base:
301901 INF: TCP Ports Used by OLAP Services when Connecting Through a Firewall
Terminal Services
For additional information about how to configure the port that is used by Terminal Services, click the following article number to view the article in the Microsoft Knowledge Base:
187623 How to Change Terminal Server’s Listening Port
Controlling Communications over the Internet in Windows
For additional information about how Windows XP Service Pack 1 (SP1) communicates over the Internet, see the “Using Windows XP Professional with Service Pack 1 in a Managed Environment” white paper. To do so, visit the following Microsoft Web site:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/winxppro/maintain/xpmanaged/00_abstr.asp
For additional information about how Windows 2000 Service Pack 4 (SP4) communicates over the Internet, see the “Using Windows 2000 with Service Pack 4 in a Managed Environment” white paper. To do so, visit the following Microsoft Web site:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windows2000pro/maintain/w2kmngd/00_abstr.asp
For additional information about how Windows Server 2003 communicates over the Internet, see the “Using Windows Server 2003 in a Managed Environment” white paper. To do so, visit the following Microsoft Web site:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/maintain/security/ws03mngd/00_abstr.asp
back to the top
The information in this article applies to:
Microsoft Windows Server 2003, Datacenter Edition
Microsoft Windows Server 2003, Enterprise Edition
Microsoft Windows Server 2003, Standard Edition
Microsoft Windows Server 2003, Web Edition
Microsoft Windows 2000 Server
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Datacenter Server
Microsoft SQL Server 2000 Standard Edition
Microsoft SQL Server 2000 Enterprise Edition
Microsoft Exchange 2000 Enterprise Server
Microsoft Exchange 2000 Server
Microsoft Internet Security and Acceleration Server 2000
Microsoft Windows XP 64-Bit Edition
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Microsoft SharePoint Portal Server 2001
Microsoft Systems Management Server
Microsoft Systems Management Server 2.0
Microsoft Systems Management Server 2003
Microsoft Operations Manager 2000
Microsoft Windows XP Tablet PC Edition
Microsoft Application Center 2000
Last Reviewed: 7/18/2004 (6.1)
Keywords: kbFirewall kbHOWTOmaster KB832017 kbAudITPRO
Provide a point-by-point statement of changes.
