Port requirements for Microsoft Windows server system
Suitable
This task content
summary
Overview
System service port
Port and protocol
reference
summary
This article discusses the network ports and protocols used in the Microsoft Windows server system and their subcomponents.
The Windows server system includes a comprehensive, integrated infrastructure designed to meet the requirements of developers and information technology (IT) professionals. This system is designed to run specific programs and solutions, with these programs and solutions, information staff can quickly and easily access, analyze and share information. These Microsoft Server products use different network ports and protocols to communicate with the client system and other server systems via the network. Dedicated firewalls, host-based firewalls and Internet protocol security (IPSEC) filters are other important components that help ensure network security. However, if these techniques are configured to block ports and protocols used in a particular server, the server will no longer respond to client requests.
Back to top
Overview
The following table lists an overview of the information contained herein:
The "System Services Port" section of this article contains a short description of each service, showing the logical name of the service, and points out that the port and protocol required for each service for proper operation. Use this section to help identify ports and protocols used by a particular service.
A table includes a table in the Port and Protocol section herein, which summarizes the information in the System Services Port section. This table is sorted by the port number instead of being sorted by the service name. Use this section to quickly determine which services listen for a specific port.
This article uses a specific way in the use of certain terms. To avoid confusion, be sure to understand this term in this paper. The following table describes these terms:
System Services: Windows server systems include many products such as Microsoft Windows Server 2003 Series, Microsoft Exchange 2000 Server and Microsoft SQL Server 2000. All of these products include many components, system services are one of these components. The system service required for a particular computer or is automatically started during startup, or starts during typical operation during startup. For example, on a computer running a Windows Server 2003 Enterprise Edition, some available system services include server services, background printing program services, and web publishing services. Each system service has a good service name and a service name. A good service name is a graphics management tool (such as the name that appears in the Services Microsoft Management Console (MMC) management unit). The service name is used for command line tools and many scripting languages. Each system service can provide one or more network services.
Application Protocol: In this article, application protocols refer to advanced network protocols using one or more TCP / IP protocols and ports. Examples of application protocols include Hypertext Transfer Protocol (HTTP), Server Message Blocks (SMBs), and Simple Mail Transfer Protocol (SMTP).
Agreement: TCP / IP protocol runs at a level below the application protocol, which is a standard format for communication between devices on the network. The TCP / IP protocol suite includes TCP, User Data Ravel Protocol (UDP), and Internet Control Message Protocol (ICMP).
Port: This is the network port of the system service listening to the incoming network communication.
This article does not specify which services depends on other services for network communication. For example, many services relying on remote procedure call (RPC) feature in Microsoft Windows or DCOM features for them to assign dynamic TCP ports. Remote Process Calling Services Coordinate requests by other system services that use RPC or DCOM to communicate with customer computers. Many other services depends on the Basic Input / Output System (NetBIOS), SMB, and protocols (actually provided by the server service). Other services depends on the HTTP or Secure Hypertext Transfer Protocol (HTTPS). These protocols are provided by Internet Information Services (IIS). A complete discussion on the infrastructure of the Windows operating system has exceeded the scope discussed herein. However, you can get detailed documentation on this topic on Microsoft TechNet and Microsoft Developer Network (MSDN). Although many services may depend on a particular TCP port or UDP port, only one service or process can actively listen to this port at any time. When the RPC is used for transmission with TCP / IP or UDP / IP, the inbound port is often allocated to the system service as needed; using a TCP / IP port and UDP / IP port higher than port 1024. These ports are often referred to as "random RPC port". In these cases, the RPC client relies on the RPC endpoint mapper to notify which (some) dynamic port assignments to the server. For some RPC-based services, you can configure a specific port instead of letting the RPC dynamically allocated port. In addition, regardless of what services, the RPC dynamically allocated port range is limited to a small range. For more information on this topic, see the "Reference" section of this article.
This article contains information about system service roles and server roles of Microsoft products listed in the "Suitable to" section ended herein. Although this information may also apply to Microsoft Windows XP and Microsoft Windows 2000 Professional, this paper focuses on the server class operating system. Therefore, this article describes the ports of service listening without introducing client programs to connect to ports of remote systems.
Back to top
System service port
This section provides instructions for each system service, including logical names corresponding to the system service, and also shows the ports and protocols required for each service.
Application layer gateway service
The subcomponents of Internet Connection Sharing (ICS) / Windows Firewall Services are supported by plugins that allow the network protocol through the firewall and working in the Internet connection sharing. The application layer gateway (ALG) plugin can open port and change data embedded in the packet (such as port and IP address). File Transfer Protocol (FTP) is the only network protocol that has a plugin with Windows Server 2003 standard and Windows Server 2003 Enterprise Edition. The ALG FTP plug-in is intended to support the Activity FTP session through the network address conversion (NAT) engine used by these components. The ALG FTP plug-in supports these sessions by redirecting all traffic through NAT traffic and the traffic transmitted to the port 21 of the dedicated listening ports within the range of 3000 to 5000 in the range of 3,000 to 5000. The ALG FTP plug-in is then monitored and updated the FTP control channel traffic so that the FTP plug-in can be mapped through the NAT forwarding port mapping of the FTP data channel. The FTP plug-in also updates the ports in the FTP control channel stream.
System Services Name: ALG Application Protocol Protocol Port
FTP Control TCP 21
ASP.NET Status Service
ASP.NET Status Services supports the ASP.NET process. ASP.NET Status Services store session data outside the process. This service uses sockets to communicate with ASP.NET running on the web server.
System Service Name: ASPNET_STATE Application Protocol Protocol Port
ASP.NET session status TCP 42424
Certificate service
Certificate service is part of the core operating system. With certificate services, companies can act as its own certificate authority (CA). In this way, companies can issue and manage procedures and protocols (such as security / multi-purpose Internet mail extensions (S / MIME), security socket layers (SSL), encrypted file systems (EFS), IPSec, and smart card login) Digital certificate. The certificate service uses a random TCP port higher than port 1024, depending on RPC and DCOM communicate with client.
System Service Name: CERTSVC Application Protocol Protocol Port
RPC TCP 135
Randomly assigned high TCP port TCP random port number
Cluster service
"Cluster" service control server cluster operation and manages cluster databases. The cluster is a collection of independent computers that act as a single computer. Administrators, programmers and users regard the cluster as a system. This software distributes data between cluster nodes. If a node fails, other nodes will provide services and data that are provided by the lost nodes. When a node is added or fixed, the cluster software migrates some data to this node.
System Services Name: ClusVC Application Protocol Protocol Port
Cluster service UDP 3343
RPC TCP 135
Randomly assigned high TCP port TCP random port number
Computer browser
Computer Browser System Services Maintains this list on the latest computer list on your network and provides this list. Windows-based computers use the Computer Browser service to view the network domains and resources. The computer maintained a browsing list specified as a browser, which contains all shared resources used on the network. Earlier versions of the Windows program (such as "Online Neighbors", Net View Commands, and Windows Explorer) require browsing. For example, when you open an "online neighbor" on a computer running Microsoft Windows 95, a list of domains and computers will appear. To display this list, the computer gets a copy of the browsing list from a computer specified as a browser.
System Service Name: Browser Application Protocol Protocol Port
NetBIOS Datashers UDP 138
NetBIOS name resolution UDP 137
NetBIOS session service TCP 139
DHCP server
"DHCP Server" service is automatically assigned an IP address using Dynamic Host Configuration Protocol (DHCP). Using this service, you can adjust the advanced network settings of the DHCP client. For example, web settings such as a domain name system (DNS) server and Windows Internet Name Service (WINS) server can be configured. One or more DHCP servers can be created to maintain TCP / IP configuration information and provide this information to the client computer.
System Service Name: DHCPServer Application Protocol Protocol Port
DHCP server udp 67
Madcap UDP 2535
Distributed file system
"Distributed File System (DFS) Service Management Distributed Logical Volume on the LAN (LAN) or WAN (WAN), which is required for Microsoft Active Directory Directory Services Sysvol. DFS is a distributed service that shares different files into a logical namespace.
System Service Name: DFS Application Protocol Protocol Port
NetBIOS Datashers UDP 138
NetBIOS session service TCP 139
LDAP server TCP 389
LDAP server udp 389
SMB TCP 445
RPC TCP 135
Randomly assigned high TCP port TCP random port number
Distributed link tracking server
"Distributed Link Tracking Server" system service store information such that files moving between rolls can track each volume in the domain. The Distributed Link Tracking Server service is running on all domain controllers in a domain. This service enables the Distributed Link Tracking Server Client service to track link documents that have been moved to a location in another NTFS file system in the same domain.
System Services Name: Trksvr Application Protocol Protocol Port RPC TCP 135
Randomly assigned high TCP port TCP random port number
Distributed transaction processing coordinator
"Distributed Transaction Coordinator (DTC) system service is responsible for coordinating transactions across computer systems and resource manager, such as database, message queue, file system, and other transaction security resource manager. If the transactional component is configured with COM , the DTC system service is required. The transactional queue and SQL Server, also known as MSMQ, also require DTC system services.
System Services Name: MSDTC Application Protocol Protocol Port
RPC TCP 135
Randomly assigned high TCP port TCP random port number
DNS Server
The DNS Server service enables DNS name resolution by answering queries and update requests about DNS names. Find devices and services that use DNS identity and find DNS servers in Active Directory.
System Services Name: DNS Application Protocol Protocol Port
DNS UDP 53
DNS TCP 53
Event log
"Event Log" system service records event messages generated by the program and Windows operating system. The event log report contains information useful for diagnostic issues. View the report in the Event Viewer. Event Log Services writes programs, services, and events sent by the operating system to the log file. These events not only contain errors specific to source, service, or components, but also contain diagnostic information. The log can be viewed by the event log API or the event viewer in the MMC's management unit.
System Service Name: Eventlog Application Protocol Protocol Port
RPC TCP 135
Randomly assigned high TCP port TCP random port number
Exchange Server
Microsoft Exchange Server includes several system services. When the MAPI client (such as Microsoft Outlook is connected to Exchange Server, the client is first connected to the RPC endpoint map (RPC locator service) on the TCP port 135. The RPC endpoint map tells the client which ports are connected to the Exchange Server service. These ports are dynamically allocated. Microsoft Exchange Server 5.5 uses two ports: one for information storage, one for directory. Microsoft Exchange 2000 Server and Microsoft Exchange Server 2003 uses three ports: one for information storage, two for system assistants. By using the RPC on HTTP, you can also connect to the server running Exchange Server 2003 using Microsoft Office Outlook 2003. The Exchange server also supports other protocols, such as SMTP, post office protocol 3 (POP3), and IMAP.
Application Protocol Protocol Port
IMAP TCP 143
IMAP TCP 993 on SSL
POP3 TCP 110
POP3 TCP 995 on SSL
Randomly assigned high TCP port TCP random port number
RPC TCP 135
RPC TCP 593 on HTTP
SMTP TCP 25
SMTP UDP 25
Fax service
Fax service, in line with the Telephony API system service, provides fax features. Using fax services, users can use local fax devices or shared network fax devices to send and receive faxes from their desktop programs.
System Service Name: FAX Application Protocol Protocol Port
NetBIOS session service TCP 139
RPC TCP 135
Randomly assigned high TCP port TCP random port number
SMB TCP 445
File replication
File Copy Service (FRS) allows you to automatically copy and maintain files on many servers. FRS is an automatic file replication service in Windows 2000 and Windows Server 2003, which is the functionality to copy Sysvol to all domain controllers. In addition, FRS can be configured to copy files between alternate destinations associated with fault tolerance DFS. System Service Name: NTFRS Application Protocol Protocol Port
RPC TCP 135
Randomly assigned high TCP port TCP random port number
Macintosh file server
Using the Macintosh File Server system service, Macintosh computer users can store and access files on a computer running Windows Server 2003. If this service is turned off or disabled, the Macintosh client will not be able to access or store files on this computer.
System Service Name: MacFile Application Protocol Protocol Port
Macintosh file server TCP 548
FTP release service
The FTP publishing service provides an FTP connection. By default, the FTP control port is 21. However, this system service can be configured by the Internet Information Services (IIS Manager "snap-in. The default data port (ie, the port used by the active mode FTP) is automatically set to a port lower than the control port. Therefore, if the control port is configured as a port 4131, the default data port is port 4130. Most FTP clients use passive mode FTP. This means that the client initially connects to the FTP server using the control port, the FTP server assigns a high TCP port between 1025 and 5000, and then the client opens another FTP server connection to pass data. You can configure the range of high ports using IIS metadata.
System Service Name: MSFTPSVC Application Protocol Protocol Port
FTP Control TCP 21
FTP default data TCP 20
Randomly assigned high TCP port TCP random port number
HTTP SSL
The HTTP SSL system service enables IIS to perform SSL functions. SSL is an open standard for establishing encrypted communication channels to help prevent intercept important information (such as credit card numbers). Although this service is intended to handle other Internet services, it is mainly used to enable encrypted electronic financial transactions on the World Wide Web (WWW). The port of this service can be configured by the Internet Information Services (IIS Manager "snap-in.
System Service Name: HTTPFilter Application Protocol Protocol Port
HTTPS TCP 443
Internet Authentication Service
Internet Authentication Service (IAS) performs centralized authentication, authorization, audit, and accounting of users being connected to the network. These users can connect on the LAN or on the remote connection. IAS implementation Internet Engineering Task Group (IETF) Standard Remote Authentication Dial-in User Service (RADIUS) protocol.
System Service Name: IAS Application Protocol Protocol Port
Old RADIUS UDP 1645
Old Radius UDP 1646
RADIUS billing UDP 1813
RADIUS authentication UDP 1812
Windows Firewall / Internet Connection (ICS)
This system service provides NAT, addressing, and name resolution services for all computers on home networks or small office networks. When an Internet connection sharing feature is enabled, your computer becomes "Internet Gateway" on the network, then other client computers can share an Internet connection, such as dial-up or broadband connections. This service provides basic DHCP services and DNS services, but it also applies to features and complete Windows DHCP services or DNS services. When ICF and Internet Connections share the gateways that act as other computers on the network, they provide DHCP services and DNS services for private networks on the internal network interface. They are not provided on external interfaces. System Services Name: SharedAccess Application Protocol Ports
DHCP server udp 67
DNS UDP 53
DNS TCP 53
Kerberos Key Distribution Center
When you use the Kerberos Key Distribution Center (KDC) system service, users can log in to the network using the Kerberos version 5 Authentication protocol. As in other implementations of the Kerberos protocol, KDC is a process that provides two services: authentication services and ticket award services. Authentication Services issued a ticket granding ticket, the ticket grant service issued a ticket for the computer connected to your own domain.
System Service Name: KDC Application Protocol Protocol Port
Kerberos TCP 88
Kerberos UDP 88
License record
"License Record" system service is a tool that is designed to help the user management server client access to licenses (CAL) licenses licenses licenses licensed in the license (CAL) model. The license record is introduced with Microsoft Windows NT Server 3.51. By default, "License Record" service in Windows Server 2003 is disabled. Due to the limitations of the original design and the terms of the license agreement and conditions of the license, "license record" may not provide an exact view of the total number of purchased CALs with the total number of CALs used on a particular server or in the enterprise. The CAL of the License Record report may conflict with the Interpretation of the End User License Agreement and the Product Usage (PUR) ". A license record will not be included in the future version of the Windows operating system. Microsoft only recommends that users of the Microsoft Small Business Server Series operating system enable this service on the server.
System Service Name: LicenseService Application Protocol Ports
NetBIOS Datashers UDP 138
NetBIOS session service TCP 139
SMB TCP 445
Local security agency
"Local Security Agency" (LSASS) service provides a core operating system security mechanism. It performs domain controller replication using a random TCP port assigned by the RPC service. Although LSASS can use all the following protocols, it may only use one of the subsets. For example, when configuring the VPN gateway behind the filter router, you may have to use IPSec with the "Layer 2 Tunnel Protocol (L2TP)". In this case, you must allow IPSec Package Security Protocol (ESP) (IP Protocol 50), IPSec Network Address Converter Traversed NAT-T (UDP Port 4500) and IPSec Internet Security Association and Key Management Agreement (Isakmp) (UDP port 500) via a router.
Note: L2TP traffic does not require a packet filter because L2TP is protected by IPSec ESP.
System Services Name: LSASS Application Protocol Protocol Port
Global catalog server TCP 3269
Global catalog server TCP 3268
LDAP server TCP 389
LDAP server udp 389
LDAP SSL TCP 636LDAP SSL UDP 636
IPsec Isakmp UDP 500
NAT-T UDP 4500
RPC TCP 135
Randomly assigned high TCP port TCP random port number
message queue
The Message Queue system service is a message processing structure and development tool for creating a Windows distributed message handler. These programs can communicate across partition and can send messages between computers that may not be connected to each other. Message queues provide security, improve routing efficiency, support messages in transactions, with priority-based messages, and guaranteed mail delivery.
System Service Name: MSMQ Application Protocol Protocol Port
MSMQ TCP 1801
MSMQ UDP 1801
MSMQ-DCS TCP 2101
MSMQ-MGMT TCP 2107
MSMQ-PING UDP 3527
MSMQ-RPC TCP 2105
MSMQ-RPC TCP 2103
RPC TCP 135
Messenger
"Letter" system service sends a message to the user and computer, administrator, and Alerter service or receives messages from them. This service is independent of Windows Messenger. If you disable the messenger service, the notification sent to the current logged in to the network or user cannot be received. In addition, the NET sent command and the Net name command no longer work.
System Service Name: Messenger Application Protocol Protocol Port
NetBIOS Datashers UDP 138
Microsoft Exchange MTA Stack
In Microsoft Exchange 2000 Server and Microsoft Exchange Server 2003, mail Transport Agents (MTA) are often used to provide down-compatible mail transport services between Exchange 2000 Server-based servers and Exchange Server 5.5-based servers in a hybrid mode environment. .
System Service Name: MSExchangemta Application Protocol Protocol Port
X.400 TCP 102
Microsoft Operations Manager 2000
Microsoft Operations Manager (MOM) 2000 provides enterprise-level operation management by providing comprehensive event management, active monitoring and warning, report, and trend analysis. After MOM 2000 Service Pack 1 installed, MOM 2000 no longer uses all communication between the MOM agent and the MOM agent and the MOM server on TCP port 1270. The MOM Administrator console uses DCOM to connect to the server. This means that the administrator of the MOM server on the network must be able to access random TCP ports.
System Service Name: One Point Application Protocol Protocol Port
Mom-Clear TCP 51515
MOM-Encrypted TCP 1270
Microsoft POP3 Services
Microsoft POP3 service provides email transport services and retrieval services. Administrators can use this service to store and manage email accounts on the mail server. After the Microsoft POP3 service is installed on the mail server, the user can use an email client (such as Microsoft Outlook) to support the POP3 protocol (such as Microsoft Outlook) and can retrieve emails.
System Services Name: POP3SVC Application Protocol Protocol Port
POP3 TCP 110
MSSQLServer
MSSQLServer is a system service in Microsoft SQL Server 2000. SQL Server provides a powerful and comprehensive data management platform. Using the Server Network Utility You can configure the ports used by each SQL Server instance.
System Service Name: MSSQLServer Application Protocol Protocol Port
SQL TCP 1433SQL ProBE UDP 1434 on TCP
MSSQL $ uddi
The MSSQL $ UDDI system service is installed during the "General Description, Discovery and Integration (UDDI)" feature installed in the Windows Server 2003 series. MSSQL $ UDDI provides UDDI features in your business. The SQL Server database engine is the core component of MSSQL $ UDDI.
System Service Name: MSSQLServer Application Protocol Protocol Port
SQL TCP 1433 on TCP
SQL Probe UDP 1434
Net logon
NET Logon System Services Maintains a secure channel between computer and domain controllers to authenticate users and services. It passes the user's credentials to the domain controller and then returns the user's domain security identifier and user permissions. This is often referred to as Pass-Through authentication. When the computer is a member of a domain, NET LOGON is automatically started. In the Windows 2000 Server Series and the Windows Server 2003 series, NET Logon releases service resource records in DNS. NET LOGON is enabled on a computer belonging to a domain. When this service is run, it relies on the "Server" service and "local security agency" service to listen to the incoming request. On the domain member computer, NET LOGON uses the RPC on the named pipe. On the domain controller, it uses the RPC, RPC over TCP / IP, Mailbox, and Light Directory Access Protocol (LDAP) on the named pipe.
System Service Name: Netlogon Application Protocol Protocol Port
NetBIOS Datashers UDP 138
NetBIOS name resolution UDP 137
NetBIOS session service TCP 139
SMB TCP 445
NetMeeting Remote Desktop Sharing
"Netmeeting Remote Desktop Sharing" system service allows authorized users to use Windows Netmeeting, access your Windows desktop remotely from other personal computers through the company's internal network. You must have this service in NetMeeting. You can also use an icon in the Windows Notification area to disable or close this feature.
System Services Name: MNMSRVC Application Protocol Ports
Terminal Services TCP 3389
Network News Transfer Protocol (NNTP)
"Network News Transfer Protocol (NNTP) system service allows you to run Windows Server 2003 as a news server. The client can use news clients (such as Microsoft Outlook Express) to retrieve newsgroups from the server and read the title or body of the article in each newsgroup.
System Service Name: NNTPSVC Application Protocol Protocol Port
NNTP TCP 119
NNTP over SSL TCP 563
Performance log and alert
Performance Logs and Alerts System Services collect performance data from a local or remote computer based on pre-configured schedule parameters, and then write these data to logs or trigger messages. Start and stop each specified performance data collection based on the information, "Performance Logs, Alert" service included in the specified log set setting. This service is only running only when at least one performance data collection is arranged.
System Service Name: SysmonLog Application Protocol Protocol Port
NetBIOS session service TCP 139
Background printing program
"Background Print Program" service manages all local and network print queues and controls all print jobs. The background print program is the center of the Windows Printing Subsystem. It manages the print queue on the system and communicates with the printer driver and the input / output (I / O) component (such as USB port and TCP / IP protocol suite).
System Service Name: Spooler Application Protocol Protocol Port
NetBIOS session service TCP 139
SMB TCP 445
Remote installation
Using the Remote Installation system service You can install Windows 2000, Windows XP, and Windows Server 2003 on a client computer that enables pre-start execution environments (PXE) remote boot. Start Information Negotiation Layer (BINL) Service (Main Components of Remote Install Server (RIS) answers the PXE client request to check Active Directory to perform client authentication, and then pass client information with the server. When you add a RIS component from Add / Remove Windows Components, or when you first install the operating system, you will install BINL service. System Service Name: BINLSVC Application Protocol Protocol Port
BINL UDP 4011
Remote Process Call (RPC)
"Remote Process Call (RPC) system service is a process-related communication (IPC) mechanism that enables data exchange and function calls that reside in another process. Different processes can be located on the same computer, or on the remote location, and can be accessed via a WAN connection or VPN connection. The RPC service acts as an RPC Endpoint Map and Component Object Model (COM) Service Control Manager. The successful launch of many services rely on RPC services.
System Services Name: RPCSS Application Protocol Protocol Port
RPC TCP 135
RPC TCP 593 on HTTP
Remote Process Call (RPC) Locator
"Remote Process Call (RPC) Locator system service management RPC name service database. After this service is open, the RPC client can locate the RPC server. This service is closed by default.
System Service Name: RPClocator Application Protocol Protocol Port
NetBIOS session service TCP 139
SMB TCP 445
Remote storage notification
The Remote Storage Notification system service notifies them when users read or write files available only from the auxiliary storage medium. This notice will be prohibited after stopping this service.
System Service Name: Remote_Storage_User_Link Application Protocol Protocol Port
RPC TCP 135
Randomly assigned high TCP port TCP random port number
Remote storage server
The Remote Storage Server system service stores unused files to the auxiliary storage medium. If this service is stopped, the user will not be able to move or retrieve files from the secondary storage medium.
System Service Name: Remote_Storage_server Application Protocol Protocol Port
RPC TCP 135
Randomly assigned high TCP port TCP random port number
Routing and remote access
Routing and Remote Access services provide multi-protocol LAN to LAN, LAN to WAN, VPN (virtual private network), and NAT (network address translation) routing services. In addition, the Routing and Remote Access services also provide dial and VPN remote access services. Although routes and remote access can use all protocols listed below, it usually only uses a subset of these protocols. For example, it is usually only one technique that is used when the VPN gateway behind the filter router is used. If you use IPsec with L2TP, you must allow IPSec ESP (IP Protocol 50), NAT-T (TCP is located at port 4500) and IPsec isakmp (TCP located at port 500) via the router.
Note: Although L2TP requires NAT-T and IPsec Isakmp, these ports are actually monitored by the Local Security Authority. See the "Reference" section of this article for additional information.
System Services Name: RemoteAccess Application Protocol Protocol Port
GRE (IP protocol 47) GRE N / A
IPsec AH (IP Protocol 51) AH N / A
IPSec ESP (IP Protocol 50) ESP N / AL2TP UDP 1701
PPTP TCP 1723
server
"Server" system service provides RPC support and file, print, and named pipe sharing through the network. The server service allows sharing local resources (such as disks and printers) to enable other users on the network to access these resources. It also allows naming pipe communication between the local computer and programs running on other computers. Named pipe communication is a memory that will be used as an input to another process. Accepting the entered process does not have to be on the local computer.
System Services Name: LanmanServer Application Protocol Protocol Port
NetBIOS Datashers UDP 138
NetBIOS name resolution UDP 137
NetBIOS session service TCP 139
SMB TCP 445
SharePoint Portal Server
Using the SharePoint Portal Server system service, you can develop a smart portal that closely links users, teams, and knowledge to enable people to utilize relevant information between different business processes. Microsoft SharePoint Portal Server 2003 provides an enterprise business solution that integrates information from different systems into a solution through a single login and enterprise application integration.
Application Protocol Protocol Port
HTTP TCP 80
HTTPS TCP 443
Simple Mail Transfer Protocol (SMTP)
Simple Mail Transfer Protocol (SMTP) system service is an email submission and relay agent. It accepts emails that are sent to remote targets and queue them, and retrieve them at specified time intervals. The Windows Domain Controller uses the SMTP service for the site-based replication. The Collaboration Data Objects (CDO) of Windows Server 2003 COM components (CDO) can submit an outbound email using the SMTP service and queue them.
System Services Name: SMTPSVC Application Protocol Ports
SMTP TCP 25
SMTP UDP 25
Simple TCP / IP Service
The simple TCP / IP service implements support for the following protocols:
Echo, port 7, RFC 862
Discard, port 9, RFC 863
Character Generator, Port 19, RFC 864
Daytime, port 13, RFC 867
Quote of the day, port 17, RFC 865
System Service Name: SimptCP Application Protocol Protocol Port
Chargen TCP 19
Chargen UDP 19
Daytime TCP 13
Daytime UDP 13
Discard TCP 9
Discard UDP 9
Echo TCP 7
Echo UDP 7
Quotd TCP 17
Quoted udp 17
SMS Remote Control Agent
The SMS Remote Control Agent is a system service in Microsoft Systems Management Server (SMS) 2003. The SMS Remote Control Agent provides a comprehensive solution for Microsoft's changes and configuration management. With this solution, organizations can provide users with relevant software and updates.
System Service Name: Wuser32 Application Protocol Protocol Port
SMS Remote Chat TCP 2703
SMS Remote Chat UDP 2703
SMS Remote Control (Control) TCP 2701
SMS Remote Control (Control) UDP 2701
SMS Remote Control (Data) TCP 2702
SMS Remote Control (Data) UDP 2702
SMS Remote File Transfer TCP 2704SMS Remote File Transfer UDP 2704
SNMP service
The SNMP service allows the local computer to process the incoming Simple Network Management Protocol (SNMP) request. The SNMP service contains a proxy that monitors network device activity and reports to the network console workstation. The SNMP service provides a method of managing network hosts from a computer (such as a workstation or server computer, router, bridge, and hub) located in central location and running network management software. SNMP uses distributed management systems and proxy structures to perform management services.
System Service Name: SNMP Application Protocol Protocol Port
SNMP UDP 161
SNMP trap service
The SNMP trap service receives a trap message generated by a local or remote SNMP agent and then forwards these messages to the SNMP manager running on your computer. After an SNMP trap service is configured for the agent, a trap message will be generated if any particular event occurs. These messages are sent to trap destination. For example, the agent can be configured to initiate an authentication trap when sending a message request in an unrecognized management system. Trap destination includes a computer name, an IP address, or an Internet packet exchange (IPX) address of the management system. Trap destination must be a host that enables the network and runs SNMP management software.
System Service Name: SNMPTRAP Application Protocol Protocol Port
SNMP trap outbound udp 162
SQL Analysis Server
The SQL Analysis Server system service is a component of SQL Server 2000. With SQL analysis servers, you can create and manage OLAP cubes and data mining models. The analysis server can access the local and remote data sources to create and store cube or data mining models.
Application Protocol Protocol Port
SQL analysis service TCP 2725
SQL Server: Lower OLAP Client Support
SQL Server 2000 uses the system service when the SQL analysis server must support the connection from the next layer (OLAP Service 7.0) client. These are the default ports using the OLAP service using the OLAP service.
Application Protocol Protocol Port
OLAP SERVICES 7.0 TCP 2393
OLAP SERVICES 7.0 TCP 2394
SSDP discovery service
SSDP Discovery Services The Simple Service Discovery Protocol (SSDP) is implemented as a Windows service. The SSDP discovery service management device has a notification receipt, updates its cache, and transmits these notifications together to the client along with the unselected search request. The SSDP discovery service also accepts event callback registration from the client, transforming them into subscription requests, and monitors event notifications. These requests are then passed to the registered callback. The system service also provides periodic notice for host devices. Currently, the SSDP event notification service uses TCP port 5000. Starting with the next Windows XP Service Pack, it will depend on TCP port 2869.
Note: When writing this article, the current Windows XP Service Pack is Windows XP Service Pack 1 (SP1).
System Service Name: SSDPRSR Application Protocol Protocol Port
SSDP UDP 1900
SSDP event notification TCP 2869
SSDP old incident notification TCP 5000
Systems Management Server 2.0
Microsoft Systems Management Server (SMS) 2003 provides a comprehensive solution for Microsoft operating system changes and configuration management. With this solution, organizations can quickly economically provide users with relevant software and updates.
Application Protocol Protocol Port
NetBIOS Datashers UDP 138
NetBIOS name resolution UDP 137
NetBIOS session service TCP 139
RPC TCP 135
Randomly assigned high TCP port TCP random port number
TCP / IP Print Server "TCP / IP Print Server" system service allows printing based on TCP / IP (using the Line Printer Daemon protocol). The LPD service on the server receives documents from the Remote Row Printer (LPR) utility that is running on a UNIX computer.
System Service Name: LPDSVC Application Protocol Protocol Port
LPD TCP 515
Telnet
Telnet system services for Windows provide ASCII terminal sessions for Telnet clients. Telnet servers support two types of authentication and support the following four types of terminals:
National Standards Association (ANSI)
VT-100
VT-52
VTNT
System Service Name: TLNTSVR Application Protocol Protocol Port
Telnet TCP 23
terminal service
Terminal services provide a multi-session environment that allows client devices to access Windows-based programs running on virtual Windows desktop sessions and servers. The terminal service allows multiple users to connect to a computer interactively.
System Services Name: Termservice Application Protocol Protocol Port
Terminal Services TCP 3389
Terminal service authorization
The Terminal Services Authorization system service Install the license server and provides licenses for these clients when they are connected to the Terminal Server (Enable "Terminal Server" server). Terminal Services Authorization is a low impact service, which stores a client license that has been issued to the terminal server and then tracks licenses that have been issued to the client computer or terminal.
System Service Name: Termservlicensing Application Protocol Protocol Port
RPC TCP 135
Randomly assigned high TCP port TCP random port number
Terminal service session catalog
The Terminal Services Session Directory system service allows the Load Balancing Terminal Server cluster to correctly route the user's connection request to the server that is already running the session. Regardless of whether the user is running another session in the server cluster, the user is routed to the first available terminal server. Load Balancing features use TCP / IP network protocol sets the processing resources of multiple servers. In the Terminal Server cluster, you can use this service to allocate a session between multiple servers to increase the performance of a single terminal server. Terminal Services session directory tracks the session disconnected on the cluster and make sure the user reconnects to those sessions.
System Service Name: TSSDIS Application Protocol Protocol Port
RPC TCP 135
Randomly assigned high TCP port TCP random port number
Ordinary FTP background program
"Ordinary FTP Backstage Program" system service is an indispensable part of RIS and does not require username and password. "Common FTP Backstage Program" service implements the support of the "normal FTP protocol (TFTP)" defined by the following RFC:
RFC 1350 - TFTP
RFC 2347 - Option Extension
RFC 2348 - Block Size Options
RFC 2349 - Over Time Septs and Transmission Size Options
TFTP is a file transfer protocol that is designed to support diskless boot environments. The TFTP background resident program listens to the UDP port 69, but responds from a random allocated high-port. Therefore, after enabling this port, the TFTP service can receive incoming TFTP requests, but the selected server does not respond to these requests. The selected server must be configured to respond from port 69, which can respond to inbound TFTP requests.
System Service Name: TFTPD Application Protocol Protocol Port
TFTP UDP 69
Universal plug-and-play device host
"Universal Plug and Play Host Discovery" system service implements all components required to register, control, and respond to host device events. Registration information related to the device (description, validity period, and container) can be selected on the disk and publish it on the network after registration or after the operating system is restarted. In addition to the service instructions and presentations, this service includes a web server that serves service for the device.
System Service Name: UPNPHOST Application Protocol Protocol Port UPNP TCP 2869
Windows Internet Name Service (WINS)
Windows Internet Name Service (WINS) Enables NetBIOS name resolution. This service uses the NetBIOS name to help you locate network resources. The WINS server is required unless all the domains have been upgraded to the Active Directory directory service and all computers on the network run Windows 2000 or higher, otherwise you need a WINS server. WINS Server uses NetBIOS name parsing with network client communication. WINS replication is only available between the WINS server.
System Service Name: WINS Application Protocol Protocol Port
NetBIOS name resolution UDP 137
WINS replication TCP 42
WINS copy UDP 42
Windows Media Services
Windows Media Services in Windows Server 2003 replaces the following four services included in Windows Media Services 4.0 and version 4.1:
Windows Media Monitoring Services
Windows Media Program Service
Windows Media Broadcasting Station Service
Windows Media Unicast Service
Windows Media Services is now a single service, running on Windows Server 2003 Standard Edition, Windows Server 2003 Enterprise Edition and Windows Server 2003 Data Center. Its core components are developed using COM, which has flexible structures that can be customized according to specific programs. It supports various control protocols, including real-time flow protocol (RTSP), Microsoft Media Server (MMS) protocol, and HTTP.
System Service Name: WMSERVER Application Protocol Protocol Ports
HTTP TCP 80
MMS TCP 1755
MMS UDP 1755
MS theater udp 2460
RTCP UDP 5005
RTP UDP 5004
RTSP TCP 554
Windows time
"Windows Time" system service Maintenance The date and time synchronization of all Windows XP and Windows Server 2003-based computers on the network. This service uses the Network Time Protocol (NTP) to synchronize the computer clock to assign an accurate clock value or timestamp for network authentication and resource access requests. NTP's implementation and time provider integration help Windows Time becomes a reliable and flexible time service of your company. For computers that do not join the domain, you can configure Windows time to synchronize the time from the external time source. If this service is closed, the time setting of the local computer will not be synchronized with the time service or external configuration in the Windows domain. Windows Server 2003 uses NTP. NTP runs on UDP port 123. This service's Windows 2000 version uses a Simple Network Time Protocol (SNTP). SNTP is also running on UDP port 123.
System Service Name: W32Time Application Protocol Protocol Port
NTP TCP 123
SNTP UDP 123
World Wide Web release service
The World Wide Web Publishing Service provides registration, management, monitoring of web sites and programs registered with IIS, as well as the infrastructure required to provide services. This system service contains a process manager and a configuration manager. Process Manager controls the process of custom application and Web site resident. The Configuration Manager reads the system configuration of the stored web publishing service and make sure Http.sys is configured to route HTTP requests to the appropriate application pool or operating system process. With the Internet Information Services (IIS) manager management unit, the ports used by this service can be configured. If a management web site is enabled, a virtual Web site that uses HTTP communication on TCP port 8098 will be created.
System Service Name: W3SVC Application Protocol Protocol Port
HTTP TCP 80HTTPS TCP 443
Back to top
Port and protocol
The following table summarizes the "System Services Port" section of this article. This table is sorted by port numbers (rather than by service name). Port Protocol Application Protocol System Service Name
N / A GRE GRE (IP Protocol 47) Routing and Remote Access
N / A ESP IPSec ESP (IP Protocol 50) Roution and Remote Access
N / A AH IPsec AH (IP Protocol 51) Route and Remote Access
7 TCP ECHO simple TCP / IP service
7 UDP ECHO simple TCP / IP service
9 TCP Discard Simple TCP / IP Service
9 UDP Discard Simple TCP / IP Service
13 TCP DayTime Simple TCP / IP Service
13 UDP DayTime Simple TCP / IP Service
17 TCP Quotd Simple TCP / IP Service
17 UDP Quotd Simple TCP / IP Service
19 TCP Chargen Simple TCP / IP Service
19 UDP Chargen Simple TCP / IP Service
20 TCP FTP Default Data FTP Publish Service
21 TCP FTP Control FTP Publishing Service
21 TCP FTP Control Application Layer Gateway Service
23 TCP Telnet Telnet
25 TCP SMTP Simple Mail Transfer Protocol
25 UDP SMTP Simple Mail Transfer Protocol
25 TCP SMTP Exchange Server
25 UDP SMTP Exchange Server
42 TCP WINS Copying Windows Internet Name Service
42 UDP WINS Copying Windows Internet Name Service
53 TCP DNS DNS Server
53 UDP DNS DNS Server
53 TCP DNS Windows Firewall / Internet Connection Sharing
53 UDP DNS Windows Firewall / Internet Connection Sharing
67 UDP DHCP Server DHCP Server
67 UDP DHCP Server Windows Firewall / Internet Connection Sharing
69 UDP TFTP Ordinary FTP Backstage Program Service
80 TCP HTTP Windows Media Services
80 TCP HTTP World Wide Web Release Service
80 TCP HTTP SharePoint Portal Server
88 TCP Kerberos Kerberos Key Distribution Center
88 UDP Kerberos Kerberos Key Distribution Center
102 TCP X.400 Microsoft Exchange MTA Stack
110 TCP POP3 Microsoft POP3 Services
110 TCP POP3 Exchange Server
119 TCP NNTP Network News Transport Agreement
123 UDP NTP Windows Time
123 UDP SNTP Windows Time
135 TCP RPC Message Queue
135 TCP RPC Remote Process Call
135 TCP RPC Exchange Server
135 TCP RPC Certificate Service
135 TCP RPC Cluster Service
135 TCP RPC Distributed File System
135 TCP RPC Distributed Link Tracking
135 TCP RPC Distributed Transaction Coordinator
135 TCP RPC Event Log
135 TCP RPC Fax Service
135 TCP RPC file replication
135 TCP RPC Local Security
135 TCP RPC Remote Storage Notice
135 TCP RPC Remote Storage Server
135 TCP RPC Systems Management Server 2.0
135 TCP RPC Terminal Services Authorization
135 TCP RPC Terminal Services Session Directory
137 UDP NetBIOS Name Resolution Computer Browser
137 UDP NetBIOS Name Resolution Server
137 UDP NetBIOS Name Resolution Windows Internet Name Service
137 UDP NetBIOS Name Resolution Net Logon
137 UDP NetBIOS Name Resolution Systems Management Server 2.0
138 UDP NetBIOS Datashers Computer Browser
138 UDP NetBIOS Datashers Messenger
138 UDP NetBIOS Datashers Server Server
138 UDP NetBIOS Datashers NET LOGON
138 UDP NetBIOS Datashers Distributed File System
138 UDP NetBIOS Datashers Systems Management Server 2.0
138 UDP NetBIOS Datashers Service License Record Service
139 TCP NetBIOS Session Service Computer Browser
139 TCP NetBIOS Session Service Fax Service
139 TCP NetBIOS Session Services Performance Logs and Alerts
139 TCP NetBIOS Session Service Background Print Program
139 TCP NetBIOS Session Service Server
139 TCP NetBIOS Session Service NET Logon
139 TCP NetBIOS Session Service Remote Process Call Locator
139 TCP NetBIOS Session Service Distributed File System
139 TCP NetBIOS Session Services Systems Management Server 2.0
139 TCP NetBIOS Session Service License Record Service
143 TCP IMAP Exchange Server
161 UDP SNMP SNMP Service
162 UDP SNMP Trap Exit SNMP Trap Service
389 TCP LDAP Server Local Security
389 UDP LDAP Server Local Security
389 TCP LDAP server distributed file system
389 UDP LDAP server distributed file system
443 TCP HTTPS HTTP SSL
443 TCP HTTPS World Wide Web Release Service
443 TCP HTTPS SharePoint Portal Server
445 TCP SMB Fax Service
445 TCP SMB Background Printing Program
445 TCP SMB server
445 TCP SMB Remote Process Call Locator
445 TCP SMB Distributed File System
445 TCP SMB License Recording Service
445 TCP SMB Net Logon
500 UDP IPSec IsakMP Local Security
515 TCP LPD TCP / IP Print Server
548 TCP Macintosh File Server Macintosh File Server
554 TCP RTSP Windows Media Services
563 TCP NNTP over SSL Network News Transfer Protocol
593 RPC remote procedure call on TCP HTTP
593 RPC Exchange Server on TCP HTTP
636 TCP LDAP SSL Local Security Agency
636 UDP LDAP SSL local security agency
993 IMAP Exchange Server on TCP SSL
POP3 Exchange Server on 995 TCP SSL
1270 TCP MOM-Encrypted Microsoft Operations Manager 2000
1433 SQL Microsoft SQL Server on TCP TCP
1433 SQL MSSQL $ UDDI on TCP TCP
1434 UDP SQL Probe Microsoft SQL Server
1434 UDP SQL PROBE MSSQL $ UDDI
1645 UDP Old Radius Internet Authentication Service
1646 UDP Old Radius Internet Authentication Service
1701 UDP L2TP Routing and Remote Access 1723 TCP PPTP Routing and Remote Access
1755 TCP MMS Windows Media Services
1755 UDP MMS Windows Media Services
1801 TCP MSMQ Message Queue
1801 UDP MSMQ Message Queue
1812 UDP RADIUS Authentication Internet Authentication Service
1813 UDP RADIUS Account Internet Authentication Service
1900 UDP SSDP SSDP Discovery Services
2101 TCP MSMQ-DCS Message Queue
2103 TCP MSMQ-RPC Message Queue
2105 TCP MSMQ-RPC Message Queue
2107 TCP MSMQ-MGMT Message Queue
2393 TCP OLAP SERVICES 7.0 SQL Server: Lower OLAP Client Support
2394 TCP OLAP Services 7.0 SQL Server: Lower OLAP Client Support
2460 UDP MS Theater Windows Media Services
2535 UDP MADCAP DHCP Server
2701 TCP SMS Remote Control (Control) SMS Remote Control Agent
2701 UDP SMS Remote Control (Control) SMS Remote Control Agent
2702 TCP SMS Remote Control (Data) SMS Remote Control Agent
2702 UDP SMS Remote Control (Data) SMS Remote Control Agent
2703 TCP SMS Remote Chat SMS Remote Control Agent
2703 UPD SMS Remote Chat SMS Remote Control Agent
2704 TCP SMS Remote File Transfer SMS Remote Control Agent
2704 UDP SMS Remote File Transfer SMS Remote Control Agent
2725 TCP SQL Analysis Service SQL Analysis Server
2869 TCP UPNP Universal Plug and Play Device Host
2869 TCP SSDP Event Notification SSDP Discovery Services
3268 TCP global catalog server local security agency
3269 TCP global catalog server local security agency
3343 UDP cluster service cluster service
3389 TCP Terminal Services NetMeeting Remote Desktop Sharing
3389 TCP Terminal Services Terminal Services
3527 UDP MSMQ-PING Message Queue
4011 UDP BINL Remote Installation
4500 UDP NAT-T Local Security Agency
5000 TCP SSDP Old Event Notification SSDP Discovery Service
5004 UDP RTP Windows Media Services
5005 UDP RTCP Windows Media Services
42424 TCP ASP.NET Session Status ASP.NET Status Service
51515 TCP MOM-CLEAR Microsoft Operations Manager 2000
