==

Network Ports Used by Key Microsoft Server Products

Network Ports Used by Key Microsoft Server Products


Introduction
Term Usage
Microsoft Server Product Ports
Ports and Protocols
For More Information
Related Topics

Introduction

https://msdn.microsoft.com/en-us/library/cc875824.aspx

This document discusses the network ports and protocols that are used by server products and their subcomponents in the Microsoft Windows Server System.
The Windows Server System includes a comprehensive and integrated infrastructure that is designed to meet the requirements of developers and information technology (IT) professionals. This system is designed to run programs that information workers can use to obtain, analyze, and share information quickly and easily. These Microsoft server products use a variety of network ports and protocols to communicate with client and server systems. While dedicated firewalls, host-based firewalls, and Internet Protocol Security (IPSec) filters can be used to help secure your network, if these technologies are configured to block ports and protocols that are used by the Windows Server System, a server may not be able to respond to legitimate client requests. If a server is unable to respond to legitimate client requests, it may not function properly or at all.

Term Usage

The following list provides an overview of the information contained in this document:
  • The "Microsoft Server Product Ports" section of this document contains a brief description of each service, displays the logical name of that service, and indicates the ports and protocols required by each service for correct operation. Use this section to help identify the ports and protocols that a particular service uses.
  • The "Ports and Protocols Table" section of this document includes a table that summarizes the information from the "System Services Ports" section. The table is sorted by port number instead of by the service name. Use this section to quickly determine which services listen on a particular port.
This document uses certain terms in specific ways. To help avoid confusion, make sure that you understand how this document uses these terms. The following list describes these terms:
  • System services: The Windows Server System includes many products, such as the Microsoft Windows Server 2003 family, Microsoft Exchange 2000 Server, and Microsoft SQL Server 2000. Each of these products includes many components; system services is one of those components. System services that are required by a computer are either started automatically by the operating system during startup or are started as required during typical operations. For example, some system services that are available on computers running Windows Server 2003, Enterprise Edition, include the Server service, the Print Spooler service, and the World Wide Web Publishing Service. Each system service has a friendly service name and a service name. The friendly service name is the name that appears in graphical management tools, such as the Services Microsoft Management Console (MMC) snap-in. The service name is the name that is used with command-line tools and with many scripting languages. Each system service may provide one or more network services.
  • Application protocol: In the context of this document, an application protocol is a high-level network protocol that uses one or more TCP/IP protocols and ports. Examples of application protocols include HTTP, server message blocks (SMBs), and Simple Mail Transfer Protocol (SMTP).
  • Protocol: Operating at a lower level than the application protocols, TCP/IP protocols are standard formats for communicating between devices on a network.
    The TCP/IP suite of protocols includes TCP, User Datagram Protocol (UDP), and Internet Control Message Protocol (ICMP).
  • Port: This is the network port that the system service listens on for incoming network traffic.
This document does not specify which services rely on other services for network communication. For example, many services rely on the remote procedure call (RPC) or DCOM features in Microsoft Windows to assign them dynamic TCP ports. The Remote Procedure Call service coordinates requests by other system services that use RPC or DCOM to communicate with client computers. Many other services rely on network basic input/output system (NetBIOS) or SMB, protocols that are actually provided by the Server service. Others rely on HTTP or HTTPS. These protocols are provided by Internet Information Services (IIS). A full discussion of the architecture of the Windows operating systems is beyond the scope of this document. However, detailed documentation on this subject is available on Microsoft TechNet and on the Microsoft Developer Network (MSDN). While many services may rely on a particular TCP or UDP port, only a single service or process can be actively listening on that port at any one time.
When you use RPC with TCP/IP or with UDP/IP as the transport, inbound ports are frequently dynamically assigned to system services as required; TCP/IP and UDP/IP ports that are higher than port 1024 are used. These are frequently informally referred to as "random RPC ports." In these cases, RPC clients rely on the RPC endpoint mapper to tell them which dynamic ports were assigned to the server. For some RPC-based services, you can configure a port instead of letting RPC assign one dynamically. You can also restrict the range of ports that RPC dynamically assigns to a small range, regardless of the service. For more information, see "Related Topics" later in this document.
This document includes information about the system services roles and the server roles for the Microsoft products that are listed in the "For More Information" section of this document. Although this information may also apply to Microsoft Windows XP and Microsoft Windows 2000 Professional, this document is intended to focus on server-class operating systems. Therefore, this document describes the ports that a service listens on instead of the ports that client programs use to connect to a remote system.

Microsoft Server Product Ports

This section provides a description of each system service, includes the logical name that corresponds to the system service, and displays the ports and the protocols required by each service.

Application Layer Gateway (ALG) Service

This subcomponent of the Internet Connection Sharing (ICS)/Internet Connection Firewall (ICF) service provides support for plug-ins that allow network protocols to pass through the firewall and work behind ICS. Application Layer Gateway plug-ins have the power to open ports and change data (such as ports and IP addresses) embedded in packets. File Transfer Protocol (FTP) is the only network protocol with a plug-in that is released with Windows Server 2003, Standard Edition, and Windows Server 2003, Enterprise Edition.
The ALG FTP plug-in is designed to support active FTP sessions through the network address translation (NAT) engine used by these components. The ALG FTP plug-in does this by redirecting all traffic passing through the NAT destined for port 21 to a private listening port in the 3000-5000 range on the loopback adapter. The ALG FTP plug-in then monitors and updates FTP control channel traffic so that the FTP plug-in can plumb port mappings through the NAT for the FTP data channels. The FTP plug-in will also update ports in the FTP control channel stream.
System Service Name ALG
Application protocol
Protocol
Port
FTP control
TCP
21

ASP.NET State Service

The ASP.NET State service provides support for ASP.NET out-of-process session states. The ASP.NET State service stores session data out-of-process. The service communicates with ASP.NET running on a Web server using sockets.
System Service Name aspnet_state
Application protocol
Protocol
Port
ASP.Net Session State
TCP
42424

Certificate Services

Certificate Services is part of the core operating system that enables a business to act as its own certification authority (CA). In this way, the business can issue and manage digital certificates for applications and protocols such as Secure/Multipurpose Internet Mail Extensions (S/MIME), Secure Sockets Layer (SSL), Encrypting File System (EFS), IPSec, and smart card log on. Certificate Services relies on RPC and DCOM to communicate with clients using random TCP ports greater than 1024.
System Service Name CertSvc
Application protocol
Protocol
Port
RPC
TCP
135
Randomly allocated high TCP ports
TCP
RANDOM

Cluster Service

The Cluster service controls server cluster operations and manages the cluster database. A cluster is a collection of independent computers that is as easy to use as a single computer. Managers, programmers, and users see the cluster as a single system. The software distributes data among the nodes of the cluster. If a node fails, other nodes provide the services and data formerly provided by the missing node. When a node is added or repaired, the cluster software migrates some data to that node.
System Service Name ClusSvc
Application protocol
Protocol
Port
RPC
TCP
135
Randomly allocated high TCP ports
TCP
RANDOM
Cluster Services
UDP
3343

Computer Browser

The Computer Browser system service maintains an up-to-date list of computers on your network and supplies the list to programs that request it. The Computer Browser service is used by Windows-based computers enabled to view network domains and resources. Computers designated as browsers maintain browse lists, which contain all shared resources used on the network. Earlier versions of Windows applications, such as My Network Places, the NET VIEW command, and Microsoft Windows NT Explorer, all require browsing capability. For example, opening My Network Places on a computer running Windows XP displays a list of domains and computers, which is accomplished by the computer obtaining a copy of the browse list from a computer designated as a browser.
System Service Name Browser
Application protocol
Protocol
Port
NetBIOS Datagram Service
UDP
138
NetBIOS Name Resolution
UDP
137
NetBIOS Session Service
TCP
139

DHCP Server

Using the Dynamic Host Configuration Protocol (DHCP), the DHCP Server service automatically allocates IP addresses and enables advanced configuration of network settings, such as Domain Name System (DNS) servers and Windows Internet Name Service (WINS) servers to DHCP clients. The network administrator establishes one or more DHCP servers that maintain TCP/IP configuration information and provide it to clients.
System Service Name DHCPServer
Application protocol
Protocol
Port
DHCP Server
UDP
67
MADCAP
UDP
2535

Distributed File System

The Distributed File System (DFS) service manages logical volumes distributed across a local or wide area network (LAN or WAN) and is required for the Microsoft Active Directory SYSVOL share. DFS is a distributed service that integrates disparate file shares into a single logical namespace.
System Service Name Dfs
Application protocol
Protocol
Port
NetBIOS Datagram Service
UDP
138
NetBIOS Session Service
TCP
139
LDAP Server
TCP
389
LDAP Server
UDP
389
SMB
TCP
445
RPC
TCP
135
Randomly allocated high TCP ports
TCP
RANDOM
NetBIOS Datagram Service
UDP
138

Distributed Link Tracking Server

The Distributed Link Tracking Server system service stores information so that files moved between volumes can be tracked to each volume in the domain. The Distributed Link Tracking Server service runs on each domain controller in a domain. This service enables the Distributed Link Tracking Server Client service to track linked documents that have been moved to a location in another NTFS file system volume in the same domain.
System Service Name TrkSvr
Application protocol
Protocol
Port
RPC
TCP
135
Randomly allocated high TCP ports
TCP
RANDOM

Distributed Transaction Coordinator

The Distributed Transaction Coordinator (DTC) system service is responsible for coordinating transactions that are distributed across multiple computer systems and resource managers, such as databases, message queues, file systems, or other transaction-protected resource managers. The DTC system service is necessary if transactional components will be configured through COM+. It is also required for transactional queues in Message Queuing (MSMQ) and SQL Server operations that span multiple systems.
System Service Name MSDTC
Application protocol
Protocol
Port
RPC
TCP
135
Randomly allocated high TCP ports
TCP
RANDOM

DNS Server

The DNS Server system service enables DNS name resolution by answering queries and update requests for DNS names. The presence of DNS servers is crucial for locating devices and services identified using DNS names and domain controllers in the Active Directory directory service.
System Service Name DNS
Application protocol
Protocol
Port
DNS
UDP
53
DNS
TCP
53

Event Log

This system service logs event messages issued by programs and the Windows operating system. Event Log reports contain information that can be useful in diagnosing problems. Reports are viewed in Event Viewer. The Event Log service writes events sent by applications, services, and the operating system to log files. The events contain diagnostic information in addition to errors specific to the source application, service, or component. The logs can be viewed programmatically through the Event Log application programming interfaces (APIs) or through the Event Viewer in an MMC (Microsoft Management Console) snap-in.
System Service Name Eventlog
Application protocol
Protocol
Port
RPC
TCP
135
Randomly allocated high TCP ports
TCP
RANDOM

Exchange Server

Microsoft Exchange Server includes several system services. When a MAPI client such as Microsoft Outlook connects to an Exchange server, the client first connects to the RPC endpoint mapper (the RPC Locator Service) on TCP port 135. The RPC endpoint mapper tells the client which ports to use to connect to the Exchange Server service, which are dynamically assigned. Exchange Server 5.5 uses two ports, one each for the information store and the directory. Microsoft Exchange 2000 Server and Exchange Server 2003 use three ports, one for the information store and two for the system attendant, respectively. Alternatively, Microsoft Outlook 2003 can use RPC over HTTP to connect to servers running Exchange Server 2003. Exchange can also provide support for other protocols, such as SMTP, POP3, and IMAP.
Application protocol
Protocol
Port
IMAP
TCP
143
IMAP over SSL
TCP
993
POP3
TCP
110
POP3 over SSL
TCP
995
Randomly allocated high TCP ports
TCP
RANDOM
RPC
TCP
135
RPC over HTTP
TCP
593
SMTP
TCP
25
SMTP
UDP
25

Fax Service

The Fax service, a Telephony Application Programming Interface (TAPI)-compliant system service, provides fax capabilities from your computer. The Fax service allows users to send and receive faxes from their desktop applications using either a local fax device or a shared network fax device.
System Service Name Fax
Application protocol
Protocol
Port
RPC
TCP
135
Randomly allocated high TCP ports
TCP
RANDOM
NetBIOS Session Service
TCP
139
SMB
TCP
445

File Replication

The File Replication system service allows files to be automatically copied and maintained simultaneously on multiple servers. File Replication service (FRS) is the automatic file replication service in Windows 2000 and the Microsoft Windows Server 2003 family. Its function is to replicate the Sysvol on all domain controllers. In addition, FRS can be configured to replicate files among alternate targets associated with the fault-tolerant DFS.
System Service Name NtFrs
Application protocol
Protocol
Port
RPC
TCP
135
Randomly allocated high TCP ports
TCP
RANDOM

File Server for Macintosh

The File Server for Macintosh system service enables Macintosh computer users to store and access files on a computer running Windows Server 2003. If this service is turned off or blocked, Macintosh clients cannot access or store files on your computer.
System Service Name MacFile
Application protocol
Protocol
Port
File Server for Macintosh
TCP
548

FTP Publishing Service

The File Transfer Protocol (FTP) Publishing service provides FTP connectivity. The FTP control port is 21 by default, but you can configure this system service through the Internet Information Services (IIS) Manager (a snap-in). The default data port (used for active mode FTP) is automatically set to one less than the control port, so if you configure the control port to 4131, the default data port will be 4130. Most FTP clients use passive mode, which means that the client initially connects to the FTP server through the control port; the FTP server assigns a high TCP port between 1025 and 5000; and the client opens a second connection to the FTP server for transferring data. The range of high ports can be configured through the IIS metabase.
System Service Name MSFtpsvc
Application protocol
Protocol
Port
FTP control
TCP
21
FTP default data
TCP
20
Randomly allocated high TCP ports
TCP
RANDOM

HTTP SSL

The HTTP SSL system service enables IIS to perform SSL functions. SSL is an open standard for establishing a secure communications channel to prevent the interception of critical information, such as credit card numbers. Primarily, this service enables secure electronic financial transactions on the Web, although it is designed to work on other Internet services as well. You can configure the ports for this service through IIS Manager.
System Service Name HTTPFilter
Application protocol
Protocol
Port
HTTPS
TCP
443

Internet Authentication Service

The Internet Authentication Service (IAS) performs centralized authentication, authorization, auditing, and accounting of users connecting to a network - either LAN or remote - using VPN equipment, Remote Access Equipment (RAS), or 802.1X Wireless and Ethernet/Switch Access Points. IAS implements the Internet Engineering Task Force (IETF) standard RADIUS protocol, which enables heterogeneous network access equipment.
System Service Name IAS
Application protocol
Protocol
Port
Legacy RADIUS
UDP
1645
Legacy RADIUS
UDP
1646
RADIUS Accounting
UDP
1813
RADIUS Authentication
UDP
1812

ICF/ICS

This system service provides NAT, addressing and name resolution services for all computers on your home or small-office network. When ICS is enabled, your computer becomes an "Internet gateway" on the network, enabling other client computers to share one connection to the Internet; such as a dial-up or broadband connection. This service provides basic DHCP and DNS services, but will work with the full-featured Windows DHCP or DNS services.
When ICF/ICS is acting as a gateway for the rest of the computers on your network, it provides DHCP and DNS services to the private network on the internal network interface. It does not provide these services on the externally-facing interface.
System Service Name SharedAccess
Application protocol
Protocol
Port
DHCP Server
UDP
67
DNS
UDP
53
DNS
TCP
53

Kerberos Key Distribution Center

The Kerberos Key Distribution Center (KDC) system service enables users to log on to the network using the Kerberos version 5 authentication protocol. As in other implementations of the Kerberos protocol, the KDC is a single process that provides two services: the Authentication Service, which issues ticket-granting tickets, and the Ticket-Granting Service, which issues tickets for connections to computers in its own domain.
System Service Name Kdc
Application protocol
Protocol
Port
Kerberos
TCP
88
Kerberos
UDP
88

License Logging Service

License Logging Service (LLS) is a tool that was originally designed to help customers manage licenses for Microsoft server products that are licensed in the Server Client Access License (CAL) model. LLS was introduced with Windows NT Server 3.51. By default, LLS is disabled in Windows Server 2003. Because of original design constraints and evolving license terms and conditions, LLS cannot provide an accurate view of the total number of CALs that are purchased as compared to the total number of CALs that are used on a single server or across the enterprise. The CALs that are reported by LLS may conflict with the interpretation of the End User License Agreement (EULA) and with Product Usage Rights (PUR). LLS will not be included in future versions of the Windows operating system. (Only users of Small Business Server should enable this service on their servers.)
System Service Name LicenseService
Application protocol
Protocol
Port
NetBIOS Datagram Service
UDP
138
NetBIOS Session Service
TCP
139
SMB
TCP
445

Local Security Authority

The Local Security Authority (LSASS) service provides core operating system security mechanisms. It uses random TCP ports assigned through the RPC service for domain controller replication.
Although LSASS can use all of the following protocols, it may only use a subset of them. For example, if you are configuring a VPN gateway that lies behind a filtering router, you might use L2TP with IPSec. If so, then you must allow IPSec ESP (IP protocol 50), NAT-T (TCP on port 4500), and IPSec ISAKMP (TCP on port 500) through the router. Although IPSec ESP is required for L2TP, it is actually monitored by the Routing and Remote Access service.
System Service Name LSASS
Application protocol
Protocol
Port
RPC
TCP
135
Randomly allocated high TCP ports
TCP
RANDOM
Global Catalog Server
TCP
3269
Global Catalog Server
TCP
3268
LDAP Server
TCP
389
LDAP Server
UDP
389
LDAP SSL
UDP
636
LDAP SSL
TCP
636
IPSec ISAKMP
UDP
500
NAT-T
UDP
4500

Message Queuing

The Message Queuing system service is a messaging infrastructure and development tool for creating distributed messaging applications for Windows. Such applications can communicate across heterogeneous networks and send messages between computers that may be temporarily unable to connect to each other. Message Queuing provides guaranteed message delivery, efficient routing, security, support for sending messages within transactions, and priority-based messaging.
System Service Name msmq
Application protocol
Protocol
Port
MSMQ
UDP
1801
MSMQ
TCP
1801
MSMQ-DCs
TCP
2101
MSMQ-Mgmt
TCP
2107
MSMQ-Ping
UDP
3527
MSMQ-RPC
TCP
2105
MSMQ-RPC
TCP
2103
RPC
TCP
135

Messenger

The Messenger system service sends messages to or receives messages from users and computers, administrators, and the Alerter service. This service is not related to Microsoft Windows Messenger or MSN Messenger. When this service is disabled, the NET SEND and NET NAME shell commands will no longer function. Messenger notifications sent to computers or users currently logged on the network will not be received.
System Service Name Messenger
Application protocol
Protocol
Port
NetBIOS Datagram Service
UDP
138

Microsoft Exchange MTA Stacks

In Exchange 2000 Server and Exchange Server 2003, Message Transfer Agent (MTA Stacks) is frequently used to provide backward-compatible message transfer services between Exchange 2000 Server-based servers and Exchange Server 5.5-based servers in a mixed-mode environment.
Application protocol
Protocol
Port
X.400
TCP
102

Microsoft Operations Manager 2000

Microsoft Operations Manager 2000 (MOM) delivers enterprise-class operations management by providing comprehensive event management, proactive monitoring and alerting, reporting, and trend analysis. After installing Service Pack 1, MOM will stop using the clear-text communications channel, and all traffic between the MOM agent and the MOM server will be encrypted over TCP port 1270. The MOM Administrator console uses DCOM to connect to the server. This means that administrators managing the MOM server over the network must have access to random high TCP ports, too.
System Service Name one point
Application protocol
Protocol
Port
MOM-Clear
TCP
51515
MOM-Encrypted
TCP
1270

Microsoft POP3 Service

The Microsoft POP3 Service provides e-mail transfer and retrieval services. Administrators can use this service to store and manage e-mail accounts on the mail server. When you install Microsoft POP3 Service on the mail server, users can connect to the mail server and retrieve e-mail using an e-mail client that supports the POP3 protocol, such as Microsoft Outlook.
System Service Name POP3SVC
Application protocol
Protocol
Port
POP3
TCP
110

Microsoft SQL Server

Microsoft SQL Server 2000 provides a powerful and comprehensive data management platform. The ports used by each instance of SQL Server can be configured through the Server Network Utility.
System Service Name SQLSERVR
Application protocol
Protocol
Port
SQL over TCP
TCP
1433
SQL Probe
UDP
1434

MSSQL$UDDI

This system service installs during the installation of the Universal Description, Discovery, and Integration (UDDI) feature of the Windows Server 2003 family of operating systems, which provides UDDI capabilities within an enterprise. The SQL Server database engine is the core component of this feature.
System Service Name SQLSERVR
Application protocol
Protocol
Port
SQL over TCP
TCP
1433
SQL Probe
UDP
1434

Net Logon

The Net Logon system service maintains a secure channel between your computer and the domain controller to authenticate users and services. It passes the user's credentials through a secure channel to a domain controller and returns the domain security identifiers and user rights for the user. This is commonly referred to as pass-through authentication. Net Logon starts automatically when the computer is a member of a domain. In the Windows 2000 Server and Windows 2003 Server families, the Net Logon service publishes service resource records in the DNS. Net Logon service is enabled only on computers that belong to a domain. When it is running, it relies on the Server and Local Security Authority services to listen for incoming requests. On domain member computers, it uses RPC over named pipes; on domain controllers, it uses RPC over named pipes, RPC over TCP/IP, mailslots, and LDAP.
System Service Name Netlogon
Application protocol
Protocol
Port
NetBIOS Datagram Service
UDP
138
NetBIOS Name Resolution
UDP
137
NetBIOS Session Service
TCP
139
SMB
TCP
445

NetMeeting Remote Desktop Sharing

The NetMeeting Remote Desktop Sharing system service allows authorized users to remotely access your Windows desktop from another personal computer over a corporate intranet by using Microsoft NetMeeting. You must explicitly enable this service in NetMeeting. You also can disable or shut down through an icon in the Windows notification area.
System Service Name mnmsrvc
Application protocol
Protocol
Port
Terminal Services
TCP
3389

Network News Transfer Protocol

The Network News Transfer Protocol (NNTP) system service allows computers running Windows Server 2003 to act as news servers. Clients can use a news client such as the Microsoft Outlook Express messaging client to retrieve newsgroups from the server and read headers or bodies of the articles in each newsgroup.
System Service Name NntpSvc
Application protocol
Protocol
Port
NNTP
TCP
119
NNTP over SSL
TCP
563

Performance Logs and Alerts

The Performance Logs and Alerts system service collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. The Performance Logs and Alerts service starts and stops each named performance data collection based on the information contained in the named log collection setting. This service runs only if at least one performance data collection is scheduled.
System Service Name SysmonLog
Application protocol
Protocol
Port
NetBIOS Session Service
TCP
139

Print Spooler

The Print Spooler system service manages all local and network print queues and controls all print jobs. The print spooler is the center of the Windows printing subsystem and controls all printing jobs. It manages the print queues on the system and communicates with printer drivers and input/output (I/O) components, for example, the USB port and the TCP/IP protocol suite.
System Service Name Spooler
Application protocol
Protocol
Port
NetBIOS Session Service
TCP
139
SMB
TCP
445

Remote Installation

The Remote Installation system service provides the ability to install Windows 2000, Windows XP, and Windows Server 2003 on Pre Execution Environment (PXE) remote boot-enabled client computers. The Boot Information Negotiation Layer (BINL) service, the primary component of Remote Installation Services (RIS), answers PXE client requests, checks Active Directory for client validation, and passes client information to and from the server. The BINL service is installed when you either add the RIS component from Add/Remove Windows Components, or select it when initially installing the operating system.
System Service Name BINLSVC
Application protocol
Protocol
Port
BINL
UDP
4011

Remote Procedure Call

The Microsoft Remote Procedure Call (RPC) system service is a secure inter-process communication (IPC) mechanism that enables data exchange and invocation of functionality residing in a different process. The different process can be on the same computer, on the LAN, or across the globe through a WAN or VPN connection. RPC service serves as the RPC endpoint mapper and Component Object Model (COM) Service Control Manager (SCM). Many services depend on the RPC service to start successfully.
System Service Name RpcSs
Application protocol
Protocol
Port
RPC
TCP
135
RPC over HTTP
TCP
593

Remote Procedure Call Locator

The Remote Procedure Call Locator system service enables RPC clients using the RpcNs family of application programming interfaces (APIs) to locate RPC servers and manages the RPC name service database. This service is turned off by default.
System Service Name RpcLocator
Application protocol
Protocol
Port
NetBIOS Session Service
TCP
139
SMB
TCP
445

Remote Storage Notification

The Remote Storage Notification system service notifies users when they read from or write to files that are available only from a secondary storage media. If this service is stopped, notification does not occur.
System Service Name Remote_Storage_User_Link
Application protocol
Protocol
Port
RPC
TCP
135
Randomly allocated high TCP ports
TCP
RANDOM

Remote Storage Server

The Remote Storage Server system service stores infrequently used files in a secondary storage medium. Stopping this service prevents users from moving or retrieving files from the secondary storage media.
System Service Name Remote_Storage_Server
Application protocol
Protocol
Port
RPC
TCP
135
Randomly allocated high TCP ports
TCP
RANDOM

Routing and Remote Access

The Routing and Remote Access (RRAS) system service provides multiprotocol LAN-to-LAN, LAN-to-WAN, VPN, and NAT routing services. In addition, the RRAS service also provides dial-up and VPN remote access services.
Although RRAS can use all of the following protocols, typically it will only use a subset of them. For example, if you are configuring a VPN gateway that lies behind a filtering router, you will probably only use one technology. If you use L2TP with IPSec, then you must allow IPSec ESP (IP protocol 50), NAT-T (TCP on port 4500), and IPSec ISAKMP (TCP on port 500) through the router. Although NAT-T and IPSec ISAKMP are required for L2TP, these ports are actually monitored by the Local Security Authority. For more information, see "Related Topics" later in this document.
System Service Name RemoteAccess
Application protocol
Protocol
Port
GRE (IP protocol 47)
GRE
n/a
IPSec AH (IP protocol 51)
AH
n/a
IPSec ESP (IP protocol 50)
ESP
n/a
L2TP
UDP
1701
PPTP
TCP
1723

Server

The Server system service provides RPC support, and file, print, and named pipe sharing over the network. The Server service allows the sharing of local resources, such as disks and printers, so that other users on the network can access them. It also allows named pipe communication between applications running on other computers and your computer, which is used for RPC. Named pipe communication is memory reserved for the output of one process to be used as input for another process. The input-accepting process does not have to be local to the computer.
System Service Namelanmanserver
Application protocol
Protocol
Port
NetBIOS Datagram Service
UDP
138
NetBIOS Name Resolution
UDP
137
NetBIOS Session Service
TCP
139
SMB
TCP
445

SharePoint Portal Server

The SharePoint Portal Server system service enables enterprises to develop an intelligent portal that seamlessly connects users, teams, and knowledge so that people can take advantage of relevant information across business processes to help them work more efficiently. Microsoft Office SharePoint Portal Server 2003 provides an enterprise business solution that integrates information from various systems into one solution through single sign-on and enterprise application integration capabilities, with flexible deployment options and management tools.
Application protocol
Protocol
Port
HTTP
TCP
80
HTTPS
TCP
443

Simple Mail Transfer Protocol

The Simple Mail Transfer Protocol (SMTP) system service is an e-mail submission and relay agent. It can accept and queue e-mail for remote destinations and retry at specified intervals. Windows domain controllers use the SMTP service for intersite e-mail-based replication. The Collaboration Data Objects (CDO) for the Windows Server 2003 COM component can use the SMTP service to submit and queue outbound e-mail.
System Service Name SMTPSVC
Application protocol
Protocol
Port
SMTP
TCP
25
SMTP
UDP
25

Simple TCP/IP Services

Simple TCP/IP Services implements support for the following protocols:
  • Echo, port 7, RFC 862
  • Discard, port 9, RFC 863
  • Character Generator, port 9, RFC 864
  • Daytime, port 3, RFC 867
  • Quote of the Day, port 17, RFC 865
System Service Name SimpTcp
Application protocol
Protocol
Port
Chargen
TCP
19
Chargen
UDP
19
Daytime
TCP
13
Daytime
UDP
13
Discard
TCP
9
Discard
UDP
9
Echo
UDP
7
Echo
TCP
7
Quotd
UDP
17
Quotd
TCP
17

SMS Remote Control Agent

Systems Management Server (SMS) 2003 provides a comprehensive solution for change and configuration management for the Microsoft platform, enabling organizations to provide relevant software and updates to users quickly and cost-effectively.
Application protocol
Protocol
Port
SMS Remote Chat
UPD
2703
SMS Remote Chat
TCP
2703
SMS Remote Control (control)
UDP
2701
SMS Remote Control (control)
TCP
2701
SMS Remote Control (data)
TCP
2702
SMS Remote Control (data)
UDP
2702
SMS Remote File Transfer
UDP
2704
SMS Remote File Transfer
TCP
2704

SNMP Service

The SNMP Service system service allows incoming Simple Network Management Protocol (SNMP) requests to be serviced by the local computer. The SNMP service includes agents that monitor activity in network devices and report to the network console workstation. SNMP service provides a method of managing network hosts, such as workstation or server computers, routers, bridges, and hubs from a centrally-located computer running network management software. SNMP performs management services by using a distributed architecture of management systems and agents.
System Service Name SNMP
Application protocol
Protocol
Port
SNMP
UDP
161

SNMP Trap Service

The SNMP Trap Service receives trap messages generated by local or remote SNMP agents and forwards the messages to SNMP management programs running on your computer. The SNMP Trap Service, when configured for an agent, generates trap messages if any specific events occur. These messages are sent to a trap destination. For example, an agent can be configured to initiate an authentication trap if an unrecognized management system sends a request for information. Trap destinations consist of the computer name, or the IP address, or IPX address of the management system. The trap destination must be a network-enabled host that is running SNMP management software.
System Service Name SNMPTRAP
Application protocol
Protocol
Port
SNMP Traps Outbound
UDP
162

SQL Analysis Server

The SQL Analysis Server system service is a component of SQL Server 2000. It can be used to create and manage OLAP cubes and data mining models. The analysis server may access local or remote data sources for the purposes of creating and storing cubes or data mining models.
Application protocol
Protocol
Port
SQL Analysis Services
TCP
2725

SQL Server: Downlevel OLAP Client Support

This system service is used by SQL Server 2000 when the SQL Analysis Server service must support connections from downlevel (OLAP Services 7.0) clients.
Default Ports for OLAP Services Used by SQL Server 7.0
Application protocol
Protocol
Port
OLAP Services 7.0
TCP
2393
OLAP Services 7.0
TCP
2394

SSDP Discovery Service

The SSDP Discovery service implements the Simple Service Discovery Protocol (SSDP) as a Windows service. The SSDP Discovery service manages receipt of device presence announcements, updating its cache and passing these notifications along to clients with outstanding search requests. The SSDP Discovery service also accepts registration of event callbacks from clients, turns these into subscription requests, and monitors for event notifications, passing them along to the registered callbacks. This system service also provides hosted devices with periodic announcements.
Currently, the SSDP event notification service uses TCP port 5000. In Windows XP Service Pack 2, it relies on TCP port 2869.
System Service Name SSDPRSRV
Application protocol
Protocol
Port
SSDP
UDP
1900
SSDP event notification
TCP
2869
SSDP legacy event notification
TCP
5000

Systems Management Server

Systems Management Server (SMS) 2003 provides a comprehensive solution for change and configuration management for the Microsoft platform, enabling organizations to provide relevant software and updates to users quickly and cost-effectively.
Application protocol
Protocol
Port
RPC
TCP
135
Randomly allocated high TCP ports
TCP
RANDOM
NetBIOS Datagram Service
UDP
138
NetBIOS Name Resolution
UDP
137
NetBIOS Session Service
TCP
139

TCP/IP Print Server

The TCP/IP Print Server system service enables TCP/IP-based printing using the Line Printer Daemon protocol. The Line Printer Daemon Service (LPDSVC) on the server receives documents from native Line Printer Remote (LPR) utilities running on UNIX computers.
System Service Name LPDSVC
Application protocol
Protocol
Port
LPD
TCP
515

Telnet

The Telnet system service for Windows provides ASCII terminal sessions to Telnet clients. Telnet Server supports two types of authentication and supports four types of terminals: American National Standards Institute (ANSI), VT-100, VT-52, and VTNT.
System Service Name TlntSvr
Application protocol
Protocol
Port
Telnet
TCP
23

Terminal Services

Terminal Services provides a multisession environment that allows client devices to access a virtual Windows desktop session and Windows-based programs running on the server. Terminal Services allows multiple users to be connected interactively to a computer.
System Service Name TermService
Application protocol
Protocol
Port
Terminal Services
TCP
3389

Terminal Services Licensing

The Terminal Services Licensing system service installs a license server and provides registered client licenses when connecting to a Terminal Server. The Terminal Services Licensing service is a low-impact service that stores the client licenses that have been issued for a Terminal Server, and then tracks the licenses that have been issued to client computers or terminals.
System Service NameTermServLicensing
Application protocol
Protocol
Port
RPC
TCP
135
Randomly allocated high TCP ports
TCP
RANDOM

Terminal Services Session Directory

The Terminal Services Session Directory system service allows clusters of load-balanced Terminal Servers to route a user's connection request to the server where the user already has a session running. Users will be routed to the first-available Terminal Server, regardless of whether they've got a running session elsewhere in the cluster. Load Balancing pools the processing resources of several servers using the TCP/IP networking protocol. You can use this service with a cluster of terminal servers to scale the performance of a single terminal server by distributing sessions across multiple servers. Session Directory keeps track of disconnected sessions on the cluster, and ensures that users are reconnected to those sessions.
System Service Name Tssdis
Application protocol
Protocol
Port
RPC
TCP
135
Randomly allocated high TCP ports
TCP
RANDOM

Trivial FTP Daemon Service

The Trivial FTP (TFTP) Daemon system service does not require a user name or password and is an integral part of the Remote Installation Services (RIS). The Trivial FTP Daemon service implements support for the TFTP protocol defined by the following RFCs:
  • RFC 350 - TFTP
  • RFC 2347 - Option extension
  • RFC 2348 - Block size option
  • RFC 2349 - Timeout interval, and transfer size options
Trivial File Transfer Protocol is designed to support diskless boot environments. TFTP Daemons listen on UDP port 69, but respond from a randomly allocated high port. Therefore, enabling this port will allow the TFTP service to receive incoming TFTP requests, but will not allow the selected server to respond to those requests. Allowing the selected server to respond to inbound TFTP requests cannot be accomplished unless the TFTP server is configured to respond from port 69.
System Service Name tftpd
Application protocol
Protocol
Port
TFTP
UDP
69

Universal Plug and Play Device Host

The UPnP Host discovery system service implements all of the components required for device registration, control, and responding to events for hosted devices. The information registered pertaining to a device (description, lifetimes, containers) are optionally persisted to disk and announced on the network after registration or on system restart. The service also includes the Web server, which serves the device, as well as service descriptions and a presentation page.
System Service Name UPNPHost
Application protocol
Protocol
Port
UPNP
TCP
2869

Windows Internet Name Service

The Windows Internet Name Service (WINS) enables NetBIOS name resolution. The presence of WINS servers is crucial for locating network resources that can be identified using NetBIOS names. WINS servers are required unless all domains have been upgraded to Active Directory, and all computers on the network are running Windows 2000 Server or later. WINS servers communicate with network clients using NetBIOS Name Resolution. WINS Replication is required between WINS servers only.
System Service Name WINS
Application protocol
Protocol
Port
NetBIOS Name Resolution
UDP
137
WINS Replication
TCP
42
WINS Replication
UDP
42

Windows Media Services

Windows Media Service in Windows Server 2003 replaces the four separate services that comprised Windows Media Services versions 4.0 and 4.1: Windows Media Monitor Service, Windows Media Program Service, Windows Media Station Service, and Windows Media Unicast Service.
The Windows Media Service system service is now a single service that runs on Windows Server 2003, Standard Edition, Enterprise Edition, and Datacenter Edition. Its core components were developed using COM, creating a flexible architecture that is easily customized for specific applications. It supports a greater variety of control protocols, including Real Time Streaming Protocol (RTSP), Microsoft Media Server (MMS) protocol, and HTTP.
System Service Name WMServer
Application protocol
Protocol
Port
HTTP
TCP
80
MMS
TCP
1755
MMS
UDP
1755
MS Theater
UDP
2460
RTCP
UDP
5005
RTP
UDP
5004
RTSP
TCP
554

Windows Time

For computers running Windows XP and Windows Server 2003, the Windows Time system service maintains date and time synchronization on all computers running on a Microsoft Windows network. The service uses the Network Time Protocol (NTP) to synchronize computer clocks so that an accurate clock value, or timestamp, is assigned for network validation and resource access requests.
The implementation of NTP and the integration of time providers make Windows Time a reliable and scalable time service for enterprise administrators. For computers not joined to a domain, you can configure Windows Time to synchronize time with an external time source. If this service is turned off, the time setting for local computers will not be synchronized with any time service in the Windows domain, or an externally configured time service.
Windows Server 2003 uses NTP, which runs on UDP port 123. The Windows 2000 version of this service uses the Simple Network Time Protocol (SNTP), which also runs on UDP port 123.
System Service Name W32Time
Application protocol
Protocol
Port
NTP
UDP
123
SNTP
UDP
123

World Wide Web Publishing Service

The World Wide Web Publishing Service provides the infrastructure necessary to register, manage, monitor, and serve Web sites and applications registered with IIS. The system service contains a process manager and a configuration manager. The process manager controls the processes in which custom applications and Web sites reside. The configuration manager reads the stored system configuration for the W3SVC, and ensures that HTTP.sys is configured to route HTTP requests to the appropriate application pools or operating system processes. The ports used by this service can be configured through IIS Manager.
If the administrative Web site is enabled, a virtual Web site will be created that uses HTTP traffic on TCP port 8098.
System Service Name W3SVC
Application protocol
Protocol
Port
HTTP
TCP
80
HTTPS
TCP
443

Ports and Protocols

The following table summarizes the information from the previous section, but it is sorted by port number rather than service name.
Port
Protocol
Application protocol
System Service Name
n/a
GRE
GRE (IP protocol 47)
Routing and Remote Access
n/a
ESP
IPSec ESP (IP protocol 50)
Routing and Remote Access
n/a
AH
IPSec AH (IP protocol 51)
Routing and Remote Access
7
TCP
Echo
Simple TCP/IP Services
7
UDP
Echo
Simple TCP/IP Services
9
TCP
Discard
Simple TCP/IP Services
9
UDP
Discard
Simple TCP/IP Services
13
TCP
Daytime
Simple TCP/IP Services
13
UDP
Daytime
Simple TCP/IP Services
17
TCP
Quotd
Simple TCP/IP Services
17
UDP
Quotd
Simple TCP/IP Services
19
TCP
Chargen
Simple TCP/IP Services
19
UDP
Chargen
Simple TCP/IP Services
20
TCP
FTP default data
FTP Publishing Service
21
TCP
FTP control
FTP Publishing Service
21
TCP
FTP control
Application Layer Gateway Service
23
TCP
Telnet
Telnet
25
TCP
SMTP
Simple Mail Transfer Protocol
25
UDP
SMTP
Simple Mail Transfer Protocol
25
TCP
SMTP
Exchange Server
25
UDP
SMTP
Exchange Server
42
TCP
WINS Replication
Windows Internet Name Service
42
UDP
WINS Replication
Windows Internet Name Service
53
TCP
DNS
DNS Server
53
UDP
DNS
DNS Server
53
TCP
DNS
Internet Connection Firewall/Internet Connection Sharing
67
UDP
DHCP Server
DHCP Server
67
UDP
DHCP Server
Internet Connection Firewall/Internet Connection Sharing
69
UDP
TFTP
Trivial FTP Daemon Service
80
TCP
HTTP
Windows Media Services
80
TCP
HTTP
World Wide Web Publishing Service
80
TCP
HTTP
SharePoint Portal Server
88
TCP
Kerberos
Kerberos Key Distribution Center
88
UDP
Kerberos
Kerberos Key Distribution Center
102
TCP
X.400
Microsoft Exchange MTA Stacks
110
TCP
POP3
Microsoft POP3 Service
110
TCP
POP3
Exchange Server
119
TCP
NNTP
Network News Transfer Protocol
123
UDP
NTP
Windows Time
123
UDP
SNTP
Windows Time
135
TCP
RPC
Message Queuing
135
TCP
RPC
Remote Procedure Call
135
TCP
RPC
Exchange Server
135
TCP
RPC
Certificate Services
135
TCP
RPC
Cluster Service
135
TCP
RPC
Distributed File System
135
TCP
RPC
Distributed Link Tracking
135
TCP
RPC
Distributed Transaction Coordinator
135
TCP
RPC
Event Log
135
TCP
RPC
Fax Service
135
TCP
RPC
File Replication
135
TCP
RPC
Local Security Authority
135
TCP
RPC
Remote Storage Notification
135
TCP
RPC
Remote Storage Server
135
TCP
RPC
Systems Management Server 2.0
135
TCP
RPC
Terminal Services Licensing
135
TCP
RPC
Terminal Services Session Directory
137
UDP
NetBIOS Name Resolution
Computer Browser
137
UDP
NetBIOS Name Resolution
Server
137
UDP
NetBIOS Name Resolution
Windows Internet Name Service
137
UDP
NetBIOS Name Resolution
Net Logon
137
UDP
NetBIOS Name Resolution
Systems Management Server 2.0
138
UDP
NetBIOS Datagram Service
Computer Browser
138
UDP
NetBIOS Datagram Service
Messenger
138
UDP
NetBIOS Datagram Service
Server
138
UDP
NetBIOS Datagram Service
Net Logon
138
UDP
NetBIOS Datagram Service
Distributed File System
138
UDP
NetBIOS Datagram Service
Systems Management Server 2.0
138
UDP
NetBIOS Datagram Service
License Logging Service
139
TCP
NetBIOS Session Service
Computer Browser
139
TCP
NetBIOS Session Service
Fax Service
139
TCP
NetBIOS Session Service
Performance Logs and Alerts
139
TCP
NetBIOS Session Service
Print Spooler
139
TCP
NetBIOS Session Service
Server
139
TCP
NetBIOS Session Service
Net Logon
139
TCP
NetBIOS Session Service
Remote Procedure Call Locator
139
TCP
NetBIOS Session Service
Distributed File System
139
TCP
NetBIOS Session Service
Systems Management Server 2.0
139
TCP
NetBIOS Session Service
License Logging Service
143
TCP
IMAP
Exchange Server
161
UDP
SNMP
SNMP Service
162
UDP
SNMP Traps Outbound
SNMP Trap Service
389
TCP
LDAP Server
Local Security Authority
389
UDP
LDAP Server
Local Security Authority
389
TCP
LDAP Server
Distributed File System
389
UDP
LDAP Server
Distributed File System
443
TCP
HTTPS
HTTP SSL
443
TCP
HTTPS
World Wide Web Publishing Service
443
TCP
HTTPS
SharePoint Portal Server
445
TCP
SMB
Fax Service
445
TCP
SMB
Print Spooler
445
TCP
SMB
Server
445
TCP
SMB
Remote Procedure Call Locator
445
TCP
SMB
Distributed File System
445
TCP
SMB
License Logging Service
445
TCP
SMB
Net Logon
500
UDP
IPSec ISAKMP
Local Security Authority
515
TCP
LPD
TCP/IP Print Server
548
TCP
File Server for Macintosh
File Server for Macintosh
554
TCP
RTSP
Windows Media Services
563
TCP
NNTP over SSL
Network News Transfer Protocol
593
TCP
RPC over HTTP
Remote Procedure Call
593
TCP
RPC over HTTP
Exchange Server
636
TCP
LDAP SSL
Local Security Authority
636
UDP
LDAP SSL
Local Security Authority
993
TCP
IMAP over SSL
Exchange Server
995
TCP
POP3 over SSL
Exchange Server
1270
TCP
MOM-Encrypted
Microsoft Operations Manager 2000
1433
TCP
SQL over TCP
Microsoft SQL Server
1433
TCP
SQL over TCP
MSSQL$UDDI
1434
UDP
SQL Probe
Microsoft SQL Server
1434
UDP
SQL Probe
MSSQL$UDDI
1645
UDP
Legacy RADIUS
Internet Authentication Service
1646
UDP
Legacy RADIUS
Internet Authentication Service
1701
UDP
L2TP
Routing and Remote Access
1723
TCP
PPTP
Routing and Remote Access
1755
TCP
MMS
Windows Media Services
1755
UDP
MMS
Windows Media Services
1801
TCP
MSMQ
Message Queuing
1801
UDP
MSMQ
Message Queuing
1812
UDP
RADIUS Authentication
Internet Authentication Service
1813
UDP
RADIUS Accounting
Internet Authentication Service
1900
UDP
SSDP
SSDP Discovery Service
2101
TCP
MSMQ-DCs
Message Queuing
2103
TCP
MSMQ-RPC
Message Queuing
2105
TCP
MSMQ-RPC
Message Queuing
2107
TCP
MSMQ-Mgmt
Message Queuing
2393
TCP
OLAP Services 7.0
SQL Server: Downlevel OLAP Client Support
2394
TCP
OLAP Services 7.0
SQL Server: Downlevel OLAP Client Support
2460
UDP
MS Theater
Windows Media Services
2535
UDP
MADCAP
DHCP Server
2701
TCP
SMS Remote Control (control)
SMS Remote Control Agent
2701
UDP
SMS Remote Control (control)
SMS Remote Control Agent
2702
TCP
SMS Remote Control (data)
SMS Remote Control Agent
2702
UDP
SMS Remote Control (data)
SMS Remote Control Agent
2703
TCP
SMS Remote Chat
SMS Remote Control Agent
2703
UPD
SMS Remote Chat
SMS Remote Control Agent
2704
TCP
SMS Remote File Transfer
SMS Remote Control Agent
2704
UDP
SMS Remote File Transfer
SMS Remote Control Agent
2725
TCP
SQL Analysis Services
SQL Analysis Server
2869
TCP
UPNP
UPNP Device Host
2869
TCP
SSDP event notification
SSDP Discovery Service
3268
TCP
Global Catalog Server
Local Security Authority
3269
TCP
Global Catalog Server
Local Security Authority
3343
UDP
Cluster Services
Cluster Service
3389
TCP
Terminal Services
NetMeeting Remote Desktop Sharing
3389
TCP
Terminal Services
Terminal Services
3527
UDP
MSMQ-Ping
Message Queuing
4011
UDP
BINL
Remote Installation
4500
UDP
NAT-T
Local Security Authority
5000
TCP
SSDP legacy event notification
SSDP Discovery Service
5004
UDP
RTP
Windows Media Services
5005
UDP
RTCP
Windows Media Services
42424
TCP
ASP.Net Session State
ASP.NET State Service
51515
TCP
MOM-Clear
Microsoft Operations Manager 2000
A

 

Pro Teknologi dibuat pada 22 Februari 2017. Blog ini adalah harapan saya agar dapat membagi manfaat kepada orang lain,berupa tips-tips Seputar Blog,Internet,Komputer,dan Info-Info Menarik lainnya.

0 Response to "Network Ports Used by Key Microsoft Server Products"

Post a Comment