...
| Port # | Protocol | Service Name | Connection Initiation | App | Notes |
|---|---|---|---|---|---|
| 389 | TCP | LDAP | Server to LDAP Server | OA | User authentication and/or authorisationauthorization |
| 636 | TCP | LDAPS | Server to LDAP Server | OA | User authentication and/or authorisationauthorization |
Optional Collector Server traffic
If you are using Collectors for remote auditing you should consider the following.
| Port # | Protocol | Service Name | Connection Initiation | App | Notes |
|---|---|---|---|---|---|
| 80 | TCP | HTTP | Collector to Server | OA | Not secure. Use HTTPS below instead if required |
| 443 | TCP | HTTPS | Collector to server | OA | Requires HTTPS/TLS setup on the Server to operate. |
Note: You may also wish to consider the day to day administration of the operating system and open-audit configurations on the server e.g. enable ssh access to the device.
...
The Linux installed version of Open-AudIT does not use remote DCOM/WMI. Instead the Linux Open-AudIT server copies the audit script to the Windows target machine, then asks the Windows target machine to run the script (using RPC on port 445) and submit the result when it’s finished back to the Linux Open-AudIT servercreate an audit result file. The Linux server then copies the file from the target to itself for processing using Samba. Hence, the Linux Open-AudIT server does not require the range of ports open that the Windows Open-AudIT server does.
...