Child pages
  • Information about Network Ports

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Port #

Protocol

Service Name

Connection Initiation

Application

Notes

N/A

ICMP

ping

Server to Device

Open-AudIT

Discovery - ICMP Message Types 8 and 0

22

TCP

SSH

Server to Device

Open-AudIT

Discovery

23

TCP

Telnet

Server to Device

Open-AudIT

Discovery

25 or 587

TCP

SMTP

Server to Email Server

Open-AudIT

Scheduled Reports

53

UDP

DNS

Server to DNS Server

Open-AudIT

Discovery

53

TCP

DNS

Server to DNS Server

Open-AudIT

Discovery

80

TCP

HTTP

Device to Server

Open-AudIT

Upload of audit result

80

TCP

HTTP

Server to Device

Open-AudIT

Discovery

135

TCP

WMI

Server to Device

Open-AudIT

Discovery

139

TCP

File and Print Sharing

Server to Device

Open-AudIT

Discovery

161

UDP

SNMP

Server to Device

Open-AudIT

Discovery

443

TCP

HTTPS

Server to Device

Open-AudIT

Discovery

443

TCP

HTTPS

Device to Server

Open-AudIT

Upload of audit result

445

TCP

File and Print Sharing

Server to Device

Open-AudIT

Discovery

445

TCP

Active Directory

Server to AD Controller

Open-AudIT

Authentication and Discovery

49152-65535

TCP

WMI / AD

Server to Device

Open-AudIT

Discovery - MS Server 2008 and above, MS Vista and above targets

1025-5000

TCP

WMI / AD

Server to Device

Open-AudIT

Discovery - MS 2000, XP, 2003 targets

...

Port #

Protocol

Service Name

Connection Initiation

Application

Notes

N/A

ICMP

ping

Server to Device

Open-AudIT

Discovery - ICMP Message Types 8 and 0

22

TCP

SSH

Server to Device

Open-AudIT

Discovery

23

TCP

Telnet

Server to Device

Open-AudIT

Discovery

25 or 587

TCP

SMTP

Server to Email Server

Open-AudIT

Scheduled Reports

53

UDP

DNS

Server to DNS Server

Open-AudIT

Discovery

53

TCP

DNS

Server to DNS Server

Open-AudIT

Discovery

80

TCP

HTTP

Device to Server

Open-AudIT

Upload of audit result

80

TCP

HTTP

Server to Device

Open-AudIT

Discovery

135

TCP

WMI

Server to Device

Open-AudIT

Discovery

139

TCP

Samba

Server to Device

Open-AudIT

Discovery

161

UDP

SNMP

Server to Device

Open-AudIT

Discovery

443

TCP

HTTPS

Server to Device

Open-AudIT

Discovery

443

TCP

HTTPS

Device to Server

Open-AudIT

Upload of audit result

445

TCP

Samba / RPC

Server to Device

Open-AudIT

Discovery

445

TCP

Active Directory

Server to AD Controller

Open-AudIT

Authentication and Discovery

623

UDP

IPMI

Server to Device

Open-AudIT

Discovery


Network Management User Traffic for Open-AudIT

...

Port #ProtocolService NameConnection InitiationAppNotes
389TCPLDAPServer to LDAP ServerOAUser authentication and/or authorisation
636TCPLDAPSServer to LDAP ServerOAUser authentication and/or authorisation

Optional Collector Server traffic

If you are using Collectors for remote auditing you should consider the following.

Port #ProtocolService NameConnection InitiationAppNotes
80TCPHTTPCollector to ServerOANot secure. Use HTTPS below instead if required
443TCPHTTPSCollector to serverOARequires HTTPS/TLS setup on the Server to operate.

Note: You may also wish to consider the day to day administration of the operating system and open-audit configurations on the server e.g. enable ssh access to the device.

Notes

Microsoft’s DCOM/WMI services typically use a large range of random ports to function.

...