Network Ports Used by Key Microsoft Server Products PDF

Network Ports Used by Key Microsoft
Server Products
On This Page
Introduction
Term Usage
Microsoft Server Product Ports
Ports and Protocols
For More Information
Related Topics
Introduction
This document discusses the network ports and protocols that are used by server products and their
subcomponents in the Microsoft Windows Server System.
The Windows Server System includes a comprehensive and integrated infrastructure that is designed to meet the
requirements of developers and information technology (IT) professionals. This system is designed to run
programs that information workers can use to obtain, analyze, and share information quickly and easily. These
Microsoft server products use a variety of network ports and protocols to communicate with client and server
systems. While dedicated firewalls, host-based firewalls, and Internet Protocol Security (IPSec) filters can be used
to help secure your network, if these technologies are configured to block ports and protocols that are used by
the Windows Server System, a server may not be able to respond to legitimate client requests. If a server is
unable to respond to legitimate client requests, it may not function properly or at all.
Top Of Page
Term Usage
The following list provides an overview of the information contained in this document:
• The "Microsoft Server Product Ports" section of this document contains a brief description of each service,
displays the logical name of that service, and indicates the ports and protocols required by each service
for correct operation. Use this section to help identify the ports and protocols that a particular service
uses.
• The "Ports and Protocols Table" section of this document includes a table that summarizes the
information from the "System Services Ports" section. The table is sorted by port number instead of by the
service name. Use this section to quickly determine which services listen on a particular port.
This document uses certain terms in specific ways. To help avoid confusion, make sure that you understand how
this document uses these terms. The following list describes these terms:
• System services: The Windows Server System includes many products, such as the Microsoft Windows
Server 2003 family, Microsoft Exchange 2000 Server, and Microsoft SQL Server 2000. Each of these
products includes many components; system services is one of those components. System services that
are required by a computer are either started automatically by the operating system during startup or are
started as required during typical operations. For example, some system services that are available on
computers running Windows Server 2003, Enterprise Edition, include the Server service, the Print Spooler
service, and the World Wide Web Publishing Service. Each system service has a friendly service name and
a service name. The friendly service name is the name that appears in graphical management tools, such
as the Services Microsoft Management Console (MMC) snap-in. The service name is the name that is used
with command-line tools and with many scripting languages. Each system service may provide one or
more network services.
• Application protocol: In the context of this document, an application protocol is a high-level network
protocol that uses one or more TCP/IP protocols and ports. Examples of application protocols include
HTTP, server message blocks (SMBs), and Simple Mail Transfer Protocol (SMTP).
• Protocol: Operating at a lower level than the application protocols, TCP/IP protocols are standard formats
for communicating between devices on a network.
The TCP/IP suite of protocols includes TCP, User Datagram Protocol (UDP), and Internet Control Message
Protocol (ICMP).
• Port: This is the network port that the system service listens on for incoming network traffic.
This document does not specify which services rely on other services for network communication. For example,
many services rely on the remote procedure call (RPC) or DCOM features in Microsoft Windows to assign them
dynamic TCP ports. The Remote Procedure Call service coordinates requests by other system services that use
RPC or DCOM to communicate with client computers. Many other services rely on network basic input/output
system (NetBIOS) or SMB, protocols that are actually provided by the Server service. Others rely on HTTP or
HTTPS. These protocols are provided by Internet Information Services (IIS). A full discussion of the architecture of
the Windows operating systems is beyond the scope of this document. However, detailed documentation on this
subject is available on Microsoft TechNet and on the Microsoft Developer Network (MSDN). While many services
may rely on a particular TCP or UDP port, only a single service or process can be actively listening on that port at
any one time.
When you use RPC with TCP/IP or with UDP/IP as the transport, inbound ports are frequently dynamically
assigned to system services as required; TCP/IP and UDP/IP ports that are higher than port 1024 are used. These
are frequently informally referred to as "random RPC ports." In these cases, RPC clients rely on the RPC endpoint
mapper to tell them which dynamic ports were assigned to the server. For some RPC-based services, you can
configure a port instead of letting RPC assign one dynamically. You can also restrict the range of ports that RPC
dynamically assigns to a small range, regardless of the service. For more information, see "Related Topics" later in
this document.
This document includes information about the system services roles and the server roles for the Microsoft
products that are listed in the "For More Information" section of this document. Although this information may
also apply to Microsoft Windows XP and Microsoft Windows 2000 Professional, this document is intended to
focus on server-class operating systems. Therefore, this document describes the ports that a service listens on
instead of the ports that client programs use to connect to a remote system.
Top Of Page
Microsoft Server Product Ports
This section provides a description of each system service, includes the logical name that corresponds to the
system service, and displays the ports and the protocols required by each service.
Application Layer Gateway (ALG) Service

This subcomponent of the Internet Connection Sharing (ICS)/Internet Connection Firewall (ICF) service provides
support for plug-ins that allow network protocols to pass through the firewall and work behind ICS. Application
Layer Gateway plug-ins have the power to open ports and change data (such as ports and IP addresses)
embedded in packets. File Transfer Protocol (FTP) is the only network protocol with a plug-in that is released with
Windows Server 2003, Standard Edition, and Windows Server 2003, Enterprise Edition.
The ALG FTP plug-in is designed to support active FTP sessions through the network address translation (NAT)
engine used by these components. The ALG FTP plug-in does this by redirecting all traffic passing through the
NAT destined for port 21 to a private listening port in the 3000-5000 range on the loopback adapter. The ALG
FTP plug-in then monitors and updates FTP control channel traffic so that the FTP plug-in can plumb port
mappings through the NAT for the FTP data channels. The FTP plug-in will also update ports in the FTP control
channel stream.
System Service Name ALG
Application protocol Protocol Port
FTP control TCP 21
ASP.NET State Service

The ASP.NET State service provides support for ASP.NET out-of-process session states. The ASP.NET State service
stores session data out-of-process. The service communicates with ASP.NET running on a Web server using
sockets.
System Service Name aspnet_state
ASP.Net Session State TCP 42424
Certificate Services
Certificate Services is part of the core operating system that enables a business to act as its own certification
authority (CA). In this way, the business can issue and manage digital certificates for applications and protocols
such as Secure/Multipurpose Internet Mail Extensions (S/MIME), Secure Sockets Layer (SSL), Encrypting File
System (EFS), IPSec, and smart card log on. Certificate Services relies on RPC and DCOM to communicate with
clients using random TCP ports greater than 1024.
System Service Name CertSvc
RPC TCP 135
Randomly allocated high TCP ports TCP RANDOM
Cluster Service
The Cluster service controls server cluster operations and manages the cluster database. A cluster is a collection
of independent computers that is as easy to use as a single computer. Managers, programmers, and users see
the cluster as a single system. The software distributes data among the nodes of the cluster. If a node fails, other
nodes provide the services and data formerly provided by the missing node. When a node is added or repaired,
the cluster software migrates some data to that node.
System Service Name ClusSvc

RPC TCP 135
Cluster Services UDP 3343
Computer Browser
The Computer Browser system service maintains an up-to-date list of computers on your network and supplies
the list to programs that request it. The Computer Browser service is used by Windows-based computers enabled
to view network domains and resources. Computers designated as browsers maintain browse lists, which contain
all shared resources used on the network. Earlier versions of Windows applications, such as My Network Places,
the NET VIEW command, and Microsoft Windows NT Explorer, all require browsing capability. For example,
opening My Network Places on a computer running Windows XP displays a list of domains and computers, which
is accomplished by the computer obtaining a copy of the browse list from a computer designated as a browser.
System Service Name Browser
NetBIOS Datagram Service UDP 138
NetBIOS Name Resolution UDP 137
NetBIOS Session Service TCP 139
DHCP Server
Using the Dynamic Host Configuration Protocol (DHCP), the DHCP Server service automatically allocates IP
addresses and enables advanced configuration of network settings, such as Domain Name System (DNS) servers
and Windows Internet Name Service (WINS) servers to DHCP clients. The network administrator establishes one
or more DHCP servers that maintain TCP/IP configuration information and provide it to clients.
System Service Name DHCPServer
DHCP Server UDP 67
MADCAP UDP 2535
Distributed File System

The Distributed File System (DFS) service manages logical volumes distributed across a local or wide area
network (LAN or WAN) and is required for the Microsoft Active Directory SYSVOL share. DFS is a distributed
service that integrates disparate file shares into a single logical namespace.
System Service Name Dfs
LDAP Server TCP 389
LDAP Server UDP 389
SMB TCP 445
RPC TCP 135
Distributed Link Tracking Server

The Distributed Link Tracking Server system service stores information so that files moved between volumes can
be tracked to each volume in the domain. The Distributed Link Tracking Server service runs on each domain
controller in a domain. This service enables the Distributed Link Tracking Server Client service to track linked
documents that have been moved to a location in another NTFS file system volume in the same domain.
System Service Name TrkSvr
RPC TCP 135
Distributed Transaction Coordinator

The Distributed Transaction Coordinator (DTC) system service is responsible for coordinating transactions that
are distributed across multiple computer systems and resource managers, such as databases, message queues,
file systems, or other transaction-protected resource managers. The DTC system service is necessary if
transactional components will be configured through COM+. It is also required for transactional queues in
Message Queuing (MSMQ) and SQL Server operations that span multiple systems.
System Service Name MSDTC
RPC TCP 135

DNS Server
The DNS Server system service enables DNS name resolution by answering queries and update requests for DNS
names. The presence of DNS servers is crucial for locating devices and services identified using DNS names and
domain controllers in the Active Directory directory service.
System Service Name DNS
DNS UDP 53
DNS TCP 53
Event Log
This system service logs event messages issued by programs and the Windows operating system. Event Log
reports contain information that can be useful in diagnosing problems. Reports are viewed in Event Viewer. The
Event Log service writes events sent by applications, services, and the operating system to log files. The events
contain diagnostic information in addition to errors specific to the source application, service, or component. The
logs can be viewed programmatically through the Event Log application programming interfaces (APIs) or
through the Event Viewer in an MMC (Microsoft Management Console) snap-in.
System Service Name Eventlog
RPC TCP 135
Exchange Server
Microsoft Exchange Server includes several system services. When a MAPI client such as Microsoft Outlook
connects to an Exchange server, the client first connects to the RPC endpoint mapper (the RPC Locator Service)
on TCP port 135. The RPC endpoint mapper tells the client which ports to use to connect to the Exchange Server
service, which are dynamically assigned. Exchange Server 5.5 uses two ports, one each for the information store
and the directory. Microsoft Exchange 2000 Server and Exchange Server 2003 use three ports, one for the
information store and two for the system attendant, respectively. Alternatively, Microsoft Outlook 2003 can use
RPC over HTTP to connect to servers running Exchange Server 2003. Exchange can also provide support for other
protocols, such as SMTP, POP3, and IMAP.
IMAP TCP 143
IMAP over SSL TCP 993

POP3 TCP 110
POP3 over SSL TCP 995
RPC TCP 135
RPC over HTTP TCP 593
SMTP TCP 25
SMTP UDP 25
Fax Service
The Fax service, a Telephony Application Programming Interface (TAPI)-compliant system service, provides fax
capabilities from your computer. The Fax service allows users to send and receive faxes from their desktop
applications using either a local fax device or a shared network fax device.
System Service Name Fax
RPC TCP 135
SMB TCP 445
File Replication
The File Replication system service allows files to be automatically copied and maintained simultaneously on
multiple servers. File Replication service (FRS) is the automatic file replication service in Windows 2000 and the
Microsoft Windows Server 2003 family. Its function is to replicate the Sysvol on all domain controllers. In
addition, FRS can be configured to replicate files among alternate targets associated with the fault-tolerant DFS.
System Service Name NtFrs
RPC TCP 135

File Server for Macintosh
The File Server for Macintosh system service enables Macintosh computer users to store and access files on a
computer running Windows Server 2003. If this service is turned off or blocked, Macintosh clients cannot access
or store files on your computer.
System Service Name MacFile
File Server for Macintosh TCP 548
FTP Publishing Service

The File Transfer Protocol (FTP) Publishing service provides FTP connectivity. The FTP control port is 21 by
default, but you can configure this system service through the Internet Information Services (IIS) Manager (a
snap-in). The default data port (used for active mode FTP) is automatically set to one less than the control port,
so if you configure the control port to 4131, the default data port will be 4130. Most FTP clients use passive
mode, which means that the client initially connects to the FTP server through the control port; the FTP server
assigns a high TCP port between 1025 and 5000; and the client opens a second connection to the FTP server for
transferring data. The range of high ports can be configured through the IIS metabase.
System Service Name MSFtpsvc
FTP control TCP 21
FTP default data TCP 20
HTTP SSL
The HTTP SSL system service enables IIS to perform SSL functions. SSL is an open standard for establishing a
secure communications channel to prevent the interception of critical information, such as credit card numbers.
Primarily, this service enables secure electronic financial transactions on the Web, although it is designed to work
on other Internet services as well. You can configure the ports for this service through IIS Manager.
System Service Name HTTPFilter
HTTPS TCP 443
Internet Authentication Service

The Internet Authentication Service (IAS) performs centralized authentication, authorization, auditing, and
accounting of users connecting to a network - either LAN or remote - using VPN equipment, Remote Access
Equipment (RAS), or 802.1X Wireless and Ethernet/Switch Access Points. IAS implements the Internet Engineering
Task Force (IETF) standard RADIUS protocol, which enables heterogeneous network access equipment.
System Service Name IAS
Legacy RADIUS UDP 1645
Legacy RADIUS UDP 1646
RADIUS Accounting UDP 1813
RADIUS Authentication UDP 1812
ICF/ICS
This system service provides NAT, addressing and name resolution services for all computers on your home or
small-office network. When ICS is enabled, your computer becomes an "Internet gateway" on the network,
enabling other client computers to share one connection to the Internet; such as a dial-up or broadband
connection. This service provides basic DHCP and DNS services, but will work with the full-featured Windows
DHCP or DNS services.
When ICF/ICS is acting as a gateway for the rest of the computers on your network, it provides DHCP and DNS
services to the private network on the internal network interface. It does not provide these services on the
externally-facing interface.
System Service Name SharedAccess
DHCP Server UDP 67
DNS UDP 53
DNS TCP 53
Kerberos Key Distribution Center

The Kerberos Key Distribution Center (KDC) system service enables users to log on to the network using the
Kerberos version 5 authentication protocol. As in other implementations of the Kerberos protocol, the KDC is a
single process that provides two services: the Authentication Service, which issues ticket-granting tickets, and the
Ticket-Granting Service, which issues tickets for connections to computers in its own domain.
System Service Name Kdc
Kerberos TCP 88
Kerberos UDP 88
License Logging Service
License Logging Service (LLS) is a tool that was originally designed to help customers manage licenses for
Microsoft server products that are licensed in the Server Client Access License (CAL) model. LLS was introduced
with Windows NT Server 3.51. By default, LLS is disabled in Windows Server 2003. Because of original design
constraints and evolving license terms and conditions, LLS cannot provide an accurate view of the total number
of CALs that are purchased as compared to the total number of CALs that are used on a single server or across
the enterprise. The CALs that are reported by LLS may conflict with the interpretation of the End User License
Agreement (EULA) and with Product Usage Rights (PUR). LLS will not be included in future versions of the
Windows operating system. (Only users of Small Business Server should enable this service on their servers.)
System Service Name LicenseService
SMB TCP 445
Local Security Authority

The Local Security Authority (LSASS) service provides core operating system security mechanisms. It uses random
TCP ports assigned through the RPC service for domain controller replication.
Although LSASS can use all of the following protocols, it may only use a subset of them. For example, if you are
configuring a VPN gateway that lies behind a filtering router, you might use L2TP with IPSec. If so, then you must
allow IPSec ESP (IP protocol 50), NAT-T (TCP on port 4500), and IPSec ISAKMP (TCP on port 500) through the
router. Although IPSec ESP is required for L2TP, it is actually monitored by the Routing and Remote Access
service.
System Service Name LSASS
RPC TCP 135
Global Catalog Server TCP 3269
Global Catalog Server TCP 3268
LDAP Server TCP 389
LDAP Server UDP 389
LDAP SSL UDP 636

LDAP SSL TCP 636
IPSec ISAKMP UDP 500
NAT-T UDP 4500
Message Queuing
The Message Queuing system service is a messaging infrastructure and development tool for creating distributed
messaging applications for Windows. Such applications can communicate across heterogeneous networks and
send messages between computers that may be temporarily unable to connect to each other. Message Queuing
provides guaranteed message delivery, efficient routing, security, support for sending messages within
transactions, and priority-based messaging.
System Service Name msmq
MSMQ UDP 1801
MSMQ TCP 1801
MSMQ-DCs TCP 2101
MSMQ-Mgmt TCP 2107
MSMQ-Ping UDP 3527
MSMQ-RPC TCP 2105
MSMQ-RPC TCP 2103
RPC TCP 135
Messenger
The Messenger system service sends messages to or receives messages from users and computers,
administrators, and the Alerter service. This service is not related to Microsoft Windows Messenger or MSN
Messenger. When this service is disabled, the NET SEND and NET NAME shell commands will no longer function.
Messenger notifications sent to computers or users currently logged on the network will not be received.
System Service Name Messenger

Microsoft Exchange MTA Stacks
In Exchange 2000 Server and Exchange Server 2003, Message Transfer Agent (MTA Stacks) is frequently used to
provide backward-compatible message transfer services between Exchange 2000 Server-based servers and
Exchange Server 5.5-based servers in a mixed-mode environment.
X.400 TCP 102
Microsoft Operations Manager 2000

Microsoft Operations Manager 2000 (MOM) delivers enterprise-class operations management by providing
comprehensive event management, proactive monitoring and alerting, reporting, and trend analysis. After
installing Service Pack 1, MOM will stop using the clear-text communications channel, and all traffic between the
MOM agent and the MOM server will be encrypted over TCP port 1270. The MOM Administrator console uses
DCOM to connect to the server. This means that administrators managing the MOM server over the network
must have access to random high TCP ports, too.
System Service Name one point
MOM-Clear TCP 51515
MOM-Encrypted TCP 1270
Microsoft POP3 Service

The Microsoft POP3 Service provides e-mail transfer and retrieval services. Administrators can use this service to
store and manage e-mail accounts on the mail server. When you install Microsoft POP3 Service on the mail
server, users can connect to the mail server and retrieve e-mail using an e-mail client that supports the POP3
protocol, such as Microsoft Outlook.
System Service Name POP3SVC
POP3 TCP 110
Microsoft SQL Server

Microsoft SQL Server 2000 provides a powerful and comprehensive data management platform. The ports used
by each instance of SQL Server can be configured through the Server Network Utility.
System Service Name SQLSERVR

SQL over TCP TCP 1433
SQL Probe UDP 1434
MSSQL$UDDI
This system service installs during the installation of the Universal Description, Discovery, and Integration (UDDI)
feature of the Windows Server 2003 family of operating systems, which provides UDDI capabilities within an
enterprise. The SQL Server database engine is the core component of this feature.
System Service Name SQLSERVR
SQL over TCP TCP 1433
SQL Probe UDP 1434
Net Logon
The Net Logon system service maintains a secure channel between your computer and the domain controller to
authenticate users and services. It passes the user's credentials through a secure channel to a domain controller
and returns the domain security identifiers and user rights for the user. This is commonly referred to as pass-
through authentication. Net Logon starts automatically when the computer is a member of a domain. In the
Windows 2000 Server and Windows 2003 Server families, the Net Logon service publishes service resource
records in the DNS. Net Logon service is enabled only on computers that belong to a domain. When it is running,
it relies on the Server and Local Security Authority services to listen for incoming requests. On domain member
computers, it uses RPC over named pipes; on domain controllers, it uses RPC over named pipes, RPC over TCP/IP,
mailslots, and LDAP.
System Service Name Netlogon
SMB TCP 445
NetMeeting Remote Desktop Sharing

The NetMeeting Remote Desktop Sharing system service allows authorized users to remotely access your
Windows desktop from another personal computer over a corporate intranet by using Microsoft NetMeeting.
You must explicitly enable this service in NetMeeting. You also can disable or shut down through an icon in the
Windows notification area.
System Service Name mnmsrvc

Terminal Services TCP 3389
Network News Transfer Protocol

The Network News Transfer Protocol (NNTP) system service allows computers running Windows Server 2003 to
act as news servers. Clients can use a news client such as the Microsoft Outlook Express messaging client to
retrieve newsgroups from the server and read headers or bodies of the articles in each newsgroup.
System Service Name NntpSvc
NNTP TCP 119
NNTP over SSL TCP 563
Performance Logs and Alerts

The Performance Logs and Alerts system service collects performance data from local or remote computers
based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. The Performance
Logs and Alerts service starts and stops each named performance data collection based on the information
contained in the named log collection setting. This service runs only if at least one performance data collection is
scheduled.
System Service Name SysmonLog
Print Spooler
The Print Spooler system service manages all local and network print queues and controls all print jobs. The print
spooler is the center of the Windows printing subsystem and controls all printing jobs. It manages the print
queues on the system and communicates with printer drivers and input/output (I/O) components, for example,
the USB port and the TCP/IP protocol suite.
System Service Name Spooler
SMB TCP 445

Remote Installation
The Remote Installation system service provides the ability to install Windows 2000, Windows XP, and Windows
Server 2003 on Pre Execution Environment (PXE) remote boot-enabled client computers. The Boot Information
Negotiation Layer (BINL) service, the primary component of Remote Installation Services (RIS), answers PXE client
requests, checks Active Directory for client validation, and passes client information to and from the server. The
BINL service is installed when you either add the RIS component from Add/Remove Windows Components, or
select it when initially installing the operating system.
System Service Name BINLSVC
BINL UDP 4011
Remote Procedure Call

The Microsoft Remote Procedure Call (RPC) system service is a secure inter-process communication (IPC)
mechanism that enables data exchange and invocation of functionality residing in a different process. The
different process can be on the same computer, on the LAN, or across the globe through a WAN or VPN
connection. RPC service serves as the RPC endpoint mapper and Component Object Model (COM) Service
Control Manager (SCM). Many services depend on the RPC service to start successfully.
System Service Name RpcSs
RPC TCP 135
RPC over HTTP TCP 593
Remote Procedure Call Locator

The Remote Procedure Call Locator system service enables RPC clients using the RpcNs family of application
programming interfaces (APIs) to locate RPC servers and manages the RPC name service database. This service is
turned off by default.
System Service Name RpcLocator
SMB TCP 445
Remote Storage Notification

The Remote Storage Notification system service notifies users when they read from or write to files that are
available only from a secondary storage media. If this service is stopped, notification does not occur.
System Service Name Remote_Storage_User_Link

RPC TCP 135
Remote Storage Server

The Remote Storage Server system service stores infrequently used files in a secondary storage medium.
Stopping this service prevents users from moving or retrieving files from the secondary storage media.
System Service Name Remote_Storage_Server
RPC TCP 135
Routing and Remote Access

The Routing and Remote Access (RRAS) system service provides multiprotocol LAN-to-LAN, LAN-to-WAN, VPN,
and NAT routing services. In addition, the RRAS service also provides dial-up and VPN remote access services.
Although RRAS can use all of the following protocols, typically it will only use a subset of them. For example, if
you are configuring a VPN gateway that lies behind a filtering router, you will probably only use one technology.
If you use L2TP with IPSec, then you must allow IPSec ESP (IP protocol 50), NAT-T (TCP on port 4500), and IPSec
ISAKMP (TCP on port 500) through the router. Although NAT-T and IPSec ISAKMP are required for L2TP, these
ports are actually monitored by the Local Security Authority. For more information, see "Related Topics" later in
this document.
System Service Name RemoteAccess
GRE (IP protocol 47) GRE n/a
IPSec AH (IP protocol 51) AH n/a
IPSec ESP (IP protocol 50) ESP n/a
L2TP UDP 1701
PPTP TCP 1723

Server
The Server system service provides RPC support, and file, print, and named pipe sharing over the network. The
Server service allows the sharing of local resources, such as disks and printers, so that other users on the network
can access them. It also allows named pipe communication between applications running on other computers
and your computer, which is used for RPC. Named pipe communication is memory reserved for the output of
one process to be used as input for another process. The input-accepting process does not have to be local to
the computer.
System Service Namelanmanserver
SMB TCP 445
SharePoint Portal Server

The SharePoint Portal Server system service enables enterprises to develop an intelligent portal that seamlessly
connects users, teams, and knowledge so that people can take advantage of relevant information across business
processes to help them work more efficiently. Microsoft Office SharePoint Portal Server 2003 provides an
enterprise business solution that integrates information from various systems into one solution through single
sign-on and enterprise application integration capabilities, with flexible deployment options and management
tools.
HTTP TCP 80
HTTPS TCP 443
Simple Mail Transfer Protocol

The Simple Mail Transfer Protocol (SMTP) system service is an e-mail submission and relay agent. It can accept
and queue e-mail for remote destinations and retry at specified intervals. Windows domain controllers use the
SMTP service for intersite e-mail-based replication. The Collaboration Data Objects (CDO) for the Windows
Server 2003 COM component can use the SMTP service to submit and queue outbound e-mail.
System Service Name SMTPSVC
SMTP TCP 25
SMTP UDP 25
Simple TCP/IP Services
Simple TCP/IP Services implements support for the following protocols:
• Echo, port 7, RFC 862
• Discard, port 9, RFC 863
• Character Generator, port 9, RFC 864
• Daytime, port 3, RFC 867
• Quote of the Day, port 17, RFC 865
System Service Name SimpTcp
Chargen TCP 19
Chargen UDP 19
Daytime TCP 13
Daytime UDP 13
Discard TCP 9
Discard UDP 9
Echo UDP 7
Echo TCP 7
Quotd UDP 17
Quotd TCP 17
SMS Remote Control Agent

Systems Management Server (SMS) 2003 provides a comprehensive solution for change and configuration
management for the Microsoft platform, enabling organizations to provide relevant software and updates to
users quickly and cost-effectively.
SMS Remote Chat UPD 2703

SMS Remote Chat TCP 2703
SMS Remote Control (control) UDP 2701
SMS Remote Control (control) TCP 2701
SMS Remote Control (data) TCP 2702
SMS Remote Control (data) UDP 2702
SMS Remote File Transfer UDP 2704
SMS Remote File Transfer TCP 2704
SNMP Service
The SNMP Service system service allows incoming Simple Network Management Protocol (SNMP) requests to be
serviced by the local computer. The SNMP service includes agents that monitor activity in network devices and
report to the network console workstation. SNMP service provides a method of managing network hosts, such as
workstation or server computers, routers, bridges, and hubs from a centrally-located computer running network
management software. SNMP performs management services by using a distributed architecture of management
systems and agents.
System Service Name SNMP
SNMP UDP 161
SNMP Trap Service

The SNMP Trap Service receives trap messages generated by local or remote SNMP agents and forwards the
messages to SNMP management programs running on your computer. The SNMP Trap Service, when configured
for an agent, generates trap messages if any specific events occur. These messages are sent to a trap destination.
For example, an agent can be configured to initiate an authentication trap if an unrecognized management
system sends a request for information. Trap destinations consist of the computer name, or the IP address, or IPX
address of the management system. The trap destination must be a network-enabled host that is running SNMP
management software.
System Service Name SNMPTRAP
SNMP Traps Outbound UDP 162
SQL Analysis Server

The SQL Analysis Server system service is a component of SQL Server 2000. It can be used to create and manage
OLAP cubes and data mining models. The analysis server may access local or remote data sources for the
purposes of creating and storing cubes or data mining models.
SQL Analysis Services TCP 2725
SQL Server: Downlevel OLAP Client Support

This system service is used by SQL Server 2000 when the SQL Analysis Server service must support connections
from downlevel (OLAP Services 7.0) clients.
Default Ports for OLAP Services Used by SQL Server 7.0
OLAP Services 7.0 TCP 2393
OLAP Services 7.0 TCP 2394
SSDP Discovery Service

The SSDP Discovery service implements the Simple Service Discovery Protocol (SSDP) as a Windows service. The
SSDP Discovery service manages receipt of device presence announcements, updating its cache and passing
these notifications along to clients with outstanding search requests. The SSDP Discovery service also accepts
registration of event callbacks from clients, turns these into subscription requests, and monitors for event
notifications, passing them along to the registered callbacks. This system service also provides hosted devices
with periodic announcements.
Currently, the SSDP event notification service uses TCP port 5000. In Windows XP Service Pack 2, it relies on TCP
port 2869.
System Service Name SSDPRSRV
SSDP UDP 1900
SSDP event notification TCP 2869
SSDP legacy event notification TCP 5000
Systems Management Server

Systems Management Server (SMS) 2003 provides a comprehensive solution for change and configuration
management for the Microsoft platform, enabling organizations to provide relevant software and updates to
users quickly and cost-effectively.
RPC TCP 135

TCP/IP Print Server

The TCP/IP Print Server system service enables TCP/IP-based printing using the Line Printer Daemon protocol.
The Line Printer Daemon Service (LPDSVC) on the server receives documents from native Line Printer Remote
(LPR) utilities running on UNIX computers.
System Service Name LPDSVC
LPD TCP 515
Telnet
The Telnet system service for Windows provides ASCII terminal sessions to Telnet clients. Telnet Server supports
two types of authentication and supports four types of terminals: American National Standards Institute (ANSI),
VT-100, VT-52, and VTNT.
System Service Name TlntSvr
Telnet TCP 23
Terminal Services
Terminal Services provides a multisession environment that allows client devices to access a virtual Windows
desktop session and Windows-based programs running on the server. Terminal Services allows multiple users to
be connected interactively to a computer.
System Service Name TermService
Terminal Services TCP 3389
Terminal Services Licensing

The Terminal Services Licensing system service installs a license server and provides registered client licenses
when connecting to a Terminal Server. The Terminal Services Licensing service is a low-impact service that stores
the client licenses that have been issued for a Terminal Server, and then tracks the licenses that have been issued
to client computers or terminals.
System Service NameTermServLicensing
RPC TCP 135
Terminal Services Session Directory

The Terminal Services Session Directory system service allows clusters of load-balanced Terminal Servers to route
a user's connection request to the server where the user already has a session running. Users will be routed to
the first-available Terminal Server, regardless of whether they've got a running session elsewhere in the cluster.
Load Balancing pools the processing resources of several servers using the TCP/IP networking protocol. You can
use this service with a cluster of terminal servers to scale the performance of a single terminal server by
distributing sessions across multiple servers. Session Directory keeps track of disconnected sessions on the
cluster, and ensures that users are reconnected to those sessions.
System Service Name Tssdis
RPC TCP 135
Trivial FTP Daemon Service

The Trivial FTP (TFTP) Daemon system service does not require a user name or password and is an integral part of
the Remote Installation Services (RIS). The Trivial FTP Daemon service implements support for the TFTP protocol
defined by the following RFCs:
• RFC 350 - TFTP
• RFC 2347 - Option extension
• RFC 2348 - Block size option
• RFC 2349 - Timeout interval, and transfer size options
Trivial File Transfer Protocol is designed to support diskless boot environments. TFTP Daemons listen on UDP
port 69, but respond from a randomly allocated high port. Therefore, enabling this port will allow the TFTP
service to receive incoming TFTP requests, but will not allow the selected server to respond to those requests.
Allowing the selected server to respond to inbound TFTP requests cannot be accomplished unless the TFTP
server is configured to respond from port 69.
System Service Name tftpd

TFTP UDP 69
Universal Plug and Play Device Host

The UPnP Host discovery system service implements all of the components required for device registration,
control, and responding to events for hosted devices. The information registered pertaining to a device
(description, lifetimes, containers) are optionally persisted to disk and announced on the network after
registration or on system restart. The service also includes the Web server, which serves the device, as well as
service descriptions and a presentation page.
System Service Name UPNPHost
UPNP TCP 2869
Windows Internet Name Service

The Windows Internet Name Service (WINS) enables NetBIOS name resolution. The presence of WINS servers is
crucial for locating network resources that can be identified using NetBIOS names. WINS servers are required
unless all domains have been upgraded to Active Directory, and all computers on the network are running
Windows 2000 Server or later. WINS servers communicate with network clients using NetBIOS Name Resolution.
WINS Replication is required between WINS servers only.
System Service Name WINS
WINS Replication TCP 42
WINS Replication UDP 42
Windows Media Services

Windows Media Service in Windows Server 2003 replaces the four separate services that comprised Windows
Media Services versions 4.0 and 4.1: Windows Media Monitor Service, Windows Media Program Service,
Windows Media Station Service, and Windows Media Unicast Service.
The Windows Media Service system service is now a single service that runs on Windows Server 2003, Standard
Edition, Enterprise Edition, and Datacenter Edition. Its core components were developed using COM, creating a
flexible architecture that is easily customized for specific applications. It supports a greater variety of control
protocols, including Real Time Streaming Protocol (RTSP), Microsoft Media Server (MMS) protocol, and HTTP.
System Service Name WMServer

HTTP TCP 80
MMS TCP 1755
MMS UDP 1755
MS Theater UDP 2460
RTCP UDP 5005
RTP UDP 5004
RTSP TCP 554
Windows Time
For computers running Windows XP and Windows Server 2003, the Windows Time system service maintains date
and time synchronization on all computers running on a Microsoft Windows network. The service uses the
Network Time Protocol (NTP) to synchronize computer clocks so that an accurate clock value, or timestamp, is
assigned for network validation and resource access requests.
The implementation of NTP and the integration of time providers make Windows Time a reliable and scalable
time service for enterprise administrators. For computers not joined to a domain, you can configure Windows
Time to synchronize time with an external time source. If this service is turned off, the time setting for local
computers will not be synchronized with any time service in the Windows domain, or an externally configured
time service.
Windows Server 2003 uses NTP, which runs on UDP port 123. The Windows 2000 version of this service uses the
Simple Network Time Protocol (SNTP), which also runs on UDP port 123.
System Service Name W32Time
NTP UDP 123
SNTP UDP 123
World Wide Web Publishing Service

The World Wide Web Publishing Service provides the infrastructure necessary to register, manage, monitor, and
serve Web sites and applications registered with IIS. The system service contains a process manager and a
configuration manager. The process manager controls the processes in which custom applications and Web sites
reside. The configuration manager reads the stored system configuration for the W3SVC, and ensures that
HTTP.sys is configured to route HTTP requests to the appropriate application pools or operating system
processes. The ports used by this service can be configured through IIS Manager.
If the administrative Web site is enabled, a virtual Web site will be created that uses HTTP traffic on TCP port
8098.
System Service Name W3SVC

HTTP TCP 80
HTTPS TCP 443
Top Of Page
Ports and Protocols
The following table summarizes the information from the previous section, but it is sorted by port number rather
than service name.
Port Protocol Application protocol System Service Name
n/a GRE GRE (IP protocol 47) Routing and Remote Access
n/a ESP IPSec ESP (IP protocol 50) Routing and Remote Access
n/a AH IPSec AH (IP protocol 51) Routing and Remote Access
7 TCP Echo Simple TCP/IP Services
7 UDP Echo Simple TCP/IP Services
9 TCP Discard Simple TCP/IP Services
9 UDP Discard Simple TCP/IP Services
13 TCP Daytime Simple TCP/IP Services
13 UDP Daytime Simple TCP/IP Services
17 TCP Quotd Simple TCP/IP Services
17 UDP Quotd Simple TCP/IP Services
19 TCP Chargen Simple TCP/IP Services
19 UDP Chargen Simple TCP/IP Services
20 TCP FTP default data FTP Publishing Service
21 TCP FTP control FTP Publishing Service
21 TCP FTP control Application Layer Gateway Service
23 TCP Telnet Telnet

25 TCP SMTP Simple Mail Transfer Protocol
25 UDP SMTP Simple Mail Transfer Protocol
25 TCP SMTP Exchange Server
25 UDP SMTP Exchange Server
42 TCP WINS Replication Windows Internet Name Service
42 UDP WINS Replication Windows Internet Name Service
53 TCP DNS DNS Server
53 UDP DNS DNS Server
53 TCP DNS Internet Connection Firewall/Internet

Connection Sharing
67 UDP DHCP Server DHCP Server
67 UDP DHCP Server Internet Connection Firewall/Internet

Connection Sharing
69 UDP TFTP Trivial FTP Daemon Service
80 TCP HTTP Windows Media Services
80 TCP HTTP World Wide Web Publishing Service
80 TCP HTTP SharePoint Portal Server
88 TCP Kerberos Kerberos Key Distribution Center
88 UDP Kerberos Kerberos Key Distribution Center
102 TCP X.400 Microsoft Exchange MTA Stacks
110 TCP POP3 Microsoft POP3 Service
110 TCP POP3 Exchange Server
119 TCP NNTP Network News Transfer Protocol
123 UDP NTP Windows Time
123 UDP SNTP Windows Time
135 TCP RPC Message Queuing

135 TCP RPC Remote Procedure Call
135 TCP RPC Exchange Server
135 TCP RPC Certificate Services
135 TCP RPC Cluster Service
135 TCP RPC Distributed File System
135 TCP RPC Distributed Link Tracking
135 TCP RPC Distributed Transaction Coordinator
135 TCP RPC Event Log
135 TCP RPC Fax Service
135 TCP RPC File Replication
135 TCP RPC Local Security Authority
135 TCP RPC Remote Storage Notification
135 TCP RPC Remote Storage Server
135 TCP RPC Systems Management Server 2.0
135 TCP RPC Terminal Services Licensing
135 TCP RPC Terminal Services Session Directory
137 UDP NetBIOS Name Resolution Computer Browser
137 UDP NetBIOS Name Resolution Server
137 UDP NetBIOS Name Resolution Windows Internet Name Service
137 UDP NetBIOS Name Resolution Net Logon
137 UDP NetBIOS Name Resolution Systems Management Server 2.0
138 UDP NetBIOS Datagram Computer Browser

Service
138 UDP NetBIOS Datagram Messenger

Service
138 UDP NetBIOS Datagram Server

Service
138 UDP NetBIOS Datagram Net Logon
Service
138 UDP NetBIOS Datagram Distributed File System

Service
138 UDP NetBIOS Datagram Systems Management Server 2.0

Service
138 UDP NetBIOS Datagram License Logging Service

Service
139 TCP NetBIOS Session Service Computer Browser
139 TCP NetBIOS Session Service Fax Service
139 TCP NetBIOS Session Service Performance Logs and Alerts
139 TCP NetBIOS Session Service Print Spooler
139 TCP NetBIOS Session Service Server
139 TCP NetBIOS Session Service Net Logon
139 TCP NetBIOS Session Service Remote Procedure Call Locator
139 TCP NetBIOS Session Service Distributed File System
139 TCP NetBIOS Session Service Systems Management Server 2.0
139 TCP NetBIOS Session Service License Logging Service
143 TCP IMAP Exchange Server
161 UDP SNMP SNMP Service
162 UDP SNMP Traps Outbound SNMP Trap Service
389 TCP LDAP Server Local Security Authority
389 UDP LDAP Server Local Security Authority
389 TCP LDAP Server Distributed File System
389 UDP LDAP Server Distributed File System
443 TCP HTTPS HTTP SSL
443 TCP HTTPS World Wide Web Publishing Service

443 TCP HTTPS SharePoint Portal Server
445 TCP SMB Fax Service
445 TCP SMB Print Spooler
445 TCP SMB Server
445 TCP SMB Remote Procedure Call Locator
445 TCP SMB Distributed File System
445 TCP SMB License Logging Service
445 TCP SMB Net Logon
500 UDP IPSec ISAKMP Local Security Authority
515 TCP LPD TCP/IP Print Server
548 TCP File Server for Macintosh File Server for Macintosh
554 TCP RTSP Windows Media Services
563 TCP NNTP over SSL Network News Transfer Protocol
593 TCP RPC over HTTP Remote Procedure Call
593 TCP RPC over HTTP Exchange Server
636 TCP LDAP SSL Local Security Authority
636 UDP LDAP SSL Local Security Authority
993 TCP IMAP over SSL Exchange Server
995 TCP POP3 over SSL Exchange Server
1270 TCP MOM-Encrypted Microsoft Operations Manager 2000
1433 TCP SQL over TCP Microsoft SQL Server
1433 TCP SQL over TCP MSSQL$UDDI
1434 UDP SQL Probe Microsoft SQL Server
1434 UDP SQL Probe MSSQL$UDDI
1645 UDP Legacy RADIUS Internet Authentication Service

1646 UDP Legacy RADIUS Internet Authentication Service
1701 UDP L2TP Routing and Remote Access
1723 TCP PPTP Routing and Remote Access
1755 TCP MMS Windows Media Services
1755 UDP MMS Windows Media Services
1801 TCP MSMQ Message Queuing
1801 UDP MSMQ Message Queuing
1812 UDP RADIUS Authentication Internet Authentication Service
1813 UDP RADIUS Accounting Internet Authentication Service
1900 UDP SSDP SSDP Discovery Service
2101 TCP MSMQ-DCs Message Queuing
2103 TCP MSMQ-RPC Message Queuing
2105 TCP MSMQ-RPC Message Queuing
2107 TCP MSMQ-Mgmt Message Queuing
2393 TCP OLAP Services 7.0 SQL Server: Downlevel OLAP Client Support
2394 TCP OLAP Services 7.0 SQL Server: Downlevel OLAP Client Support
2460 UDP MS Theater Windows Media Services
2535 UDP MADCAP DHCP Server
2701 TCP SMS Remote Control SMS Remote Control Agent

(control)
2701 UDP SMS Remote Control SMS Remote Control Agent

(control)
2702 TCP SMS Remote Control SMS Remote Control Agent

(data)
2702 UDP SMS Remote Control SMS Remote Control Agent

(data)
2703 TCP SMS Remote Chat SMS Remote Control Agent

2703 UPD SMS Remote Chat SMS Remote Control Agent
2704 TCP SMS Remote File Transfer SMS Remote Control Agent
2704 UDP SMS Remote File Transfer SMS Remote Control Agent
2725 TCP SQL Analysis Services SQL Analysis Server
2869 TCP UPNP UPNP Device Host
2869 TCP SSDP event notification SSDP Discovery Service
3268 TCP Global Catalog Server Local Security Authority
3269 TCP Global Catalog Server Local Security Authority
3343 UDP Cluster Services Cluster Service
3389 TCP Terminal Services NetMeeting Remote Desktop Sharing
3389 TCP Terminal Services Terminal Services
3527 UDP MSMQ-Ping Message Queuing
4011 UDP BINL Remote Installation
4500 UDP NAT-T Local Security Authority
5000 TCP SSDP legacy event SSDP Discovery Service

notification
5004 UDP RTP Windows Media Services
5005 UDP RTCP Windows Media Services
42424 TCP ASP.Net Session State ASP.NET State Service
51515 TCP MOM-Clear Microsoft Operations Manager 2000
A spreadsheet with the information in this table is available in Microsoft Excel 2003 format from the Microsoft
Web site at http://go.microsoft.com/fwlink/?linkid=21179.
Top Of Page
For More Information
The information in this document applies to these Microsoft products:
• Microsoft Windows Server 2003, 64-Bit Datacenter Edition
• Microsoft Windows Server 2003, 64-Bit Enterprise Edition

• Microsoft Windows Server 2003, Datacenter Edition
• Microsoft Windows Server 2003, Enterprise Edition
• Microsoft Windows Server 2003, Standard Edition
• Microsoft Windows Server 2003, Web Edition
• Microsoft Windows 2000 Server
• Microsoft Windows 2000 Advanced Server
• Microsoft Windows 2000 Datacenter Server
• Microsoft Application Center 2000
• Microsoft Commerce Server 2002
• Microsoft Exchange 2000
• Microsoft Internet Security and Acceleration (ISA) Server 2000
• Microsoft Operations Manager 2000
• Microsoft SharePoint Portal Server
• Microsoft SQL Server 2000
• Microsoft Systems Management Server
• Microsoft Windows XP 64-Bit Edition
• Microsoft Windows XP Home Edition
• Microsoft Windows XP Professional
• Microsoft Windows XP Tablet PC Edition
• Microsoft Windows 2000 Professional
Top Of Page
Related Topics
The help files for each of the Microsoft products contain detailed information that you may find helpful. Those
included with Windows Server 2003 are particularly thorough, and contain step-by-step instructions for
configuring specific technologies and server roles.
General Information
For more information about system services in Windows Server 2003 and Windows XP, see "System Services for
the Windows Server 2003 Family and Windows XP Operating Systems" on the TechNet Web site at
http://go.microsoft.com/fwlink/?LinkId=22567.
For more information about securing Windows Server 2003 and some sample IPSec filters for specific server
roles, see the Windows Server 2003 Security Guide on the TechNet Web site at http://go.microsoft.com/fwlink/?
LinkId=14845.
For more information about system services, security settings, and IPSec filtering, see Threats and
Countermeasures Guide on the TechNet Web site at http://go.microsoft.com/fwlink/?LinkId=15159.
For more information about port assignments for well known ports, see "Information about TCP/IP Port
Assignments" on the Microsoft Web site at http://go.microsoft.com/fwlink/?LinkId=22568, and Appendix B - Port
Reference for MS TCP/IP from the Windows NT 4 Resource Kit at http://go.microsoft.com/fwlink/?LinkId=22569,
and TCP and UDP Port Assignments in the Windows 2000 Server Resource Kit at http://go.microsoft.com/fwlink/?
LinkId=22571.
The Internet Assigned Numbers Authority is an organization that coordinates the use of well known ports. For a
list of TCP/IP port assignments, see "Well Known Port Numbers" at http://go.microsoft.com/fwlink/?
LinkId=22570.
Remote Procedure Calls and DCOM

For information about RPC and configuring DCOM to work with firewalls, see "Using Distributed COM with
Firewalls" on the Microsoft Web site at http://go.microsoft.com/fwlink/?LinkId=22572.
For a detailed explanation of RPC, see "Remote Procedure Call (RPC)" on MSDN at
For more information about configuring RPC to work with a firewall, see Microsoft Knowledge Base article
154596, "How to Configure RPC Dynamic Port Allocation to Work with Firewall," on the Microsoft Web site at
For more information about the RPC protocol and how systems running Windows 2000 initialize, see "Windows
2000 Startup and Logon Traffic Analysis" on the TechNet Web site at http://go.microsoft.com/fwlink/?
LinkId=22576.
Distributed Transaction Coordinator

For information about configuring DTC to use a specific range of ports, see Microsoft Knowledge Base article
250367, "INFO: Configuring Microsoft Distributed Transaction Coordinator (DTC) to Work Through a Firewall," on
the Microsoft Web site at http://go.microsoft.com/fwlink/?LinkId=22577.
For more information about restricting Active Directory, see "Restricting Active Directory Replication Traffic to a
Specific Port" on the Microsoft Web site at http://go.microsoft.com/fwlink/?LinkId=22578.
For an explanation about how the Directory System Agent, LDAP, and the local system authority are related, see
"Directory System Agent" on MSDN at http://go.microsoft.com/fwlink/?LinkId=22747.
For more information about how LDAP and the Global Catalog work in Windows 2000, see Chapter 10 - Active
Directory Diagnostics, Troubleshooting, and Recovery in the Distributed Systems Guide from the Windows 2000
Server Resource Kit at http://go.microsoft.com/fwlink/?LinkId=22581.
Commerce Server
For detailed information about configuring secure applications built on top of Commerce Server, see "Deploying
a Secure Commerce Server 2002 Site" on the TechNet Web site at http://go.microsoft.com/fwlink/?LinkId=22582.
Exchange
For more information about restricting Exchange 2000 and Exchange 2003 MAPI traffic, see Microsoft Knowledge
Base article 270836, "Exchange 2000 and Exchange 2003 Static Port Mappings," on the Microsoft Web site at
For an exhaustive list of network ports and protocols supported by Exchange 2000, see Microsoft Knowledge
Base article 278339, "XGEN: TCP/UDP Ports Used By Exchange 2000 Server," on the Microsoft Web site at
For information about configuring Exchange 5.5 and 5.0 to use an alternate port for LDAP, see Microsoft
Knowledge Base article 224447, "XADM: How to Change LDAP Port Assignments in Exchange Server," on the
Microsoft Web site at http://go.microsoft.com/fwlink/?LinkId=22587.
For more information about restricting Exchange 5.5 MAPI traffic, see Microsoft Knowledge Base Article 148732,
"XADM: Setting TCP/IP Port Numbers for Internet Firewalls," on the Microsoft Web site at
For information about ports used by Exchange 5.5 and older versions of Exchange, see Microsoft Knowledge
Base article 176466, "XGEN: TCP Ports and Microsoft Exchange: In-depth Discussion," on the Microsoft Web site
at http://go.microsoft.com/fwlink/?LinkId=22589.
File Replication Service

For more information about configuring FRS to work with a firewall, see Microsoft Knowledge Base article
319553, "How to Restrict FRS Replication Traffic to a Specific Static Port," on the Microsoft Web site at
Internet Information Services

For information about ports used by IIS 4.0, IIS 5.0, and IIS 5.1, see Microsoft Knowledge Base article, "INFO:
Inetinfo Services Use Additional Ports Beyond Well-Known Ports," on the Microsoft Web site at
For detailed information about how FTP works, see "Modes and Data Transmission" on the TechNet Web site at
IPSec and VPNs

For information about how to configure IPSec default exemptions in Windows, see Microsoft Knowledge Base
article 811832, "IPSec Default Exemptions Can Be Used to Bypass IPsec Protection in Some Scenarios," on the
For more information about which ports and protocols are used by IPSec, see Microsoft Knowledge Base article
233256, "How to Enable IPSec Traffic Through a Firewall," on the Microsoft Web site at
For more information about new and updated features in L2TP and IPSec, see Microsoft Knowledge Base article
818043, "L2TP/IPSec NAT-T Update for Windows XP and Windows 2000," on the Microsoft Web site at
MADCAP
For more information about MADCAP, see "Planning MADCAP Servers" on the TechNet Web site at
Message Queue Server

For more information about which ports are used by Microsoft Message Queue Server, see Microsoft Knowledge
Base article 178517, "INFO: TCP, UDP, and RPC Ports Used by MSMQ," on the Microsoft Web site at
Mobile Information Server

For information about ports used by Mobile Information Server 2001, see Microsoft Knowledge Base article
294297, "XCCC: TCP/IP Ports Used by Microsoft Mobile Information Server," on the Microsoft Web site at
Microsoft Operations Manager

For detailed information about planning for and deploying MOM, see Microsoft Operations Manager 2000 SP1
Conceptual Guide on the TechNet Web site at http://go.microsoft.com/fwlink/?LinkId=22599.
Systems Management Server
For more information about ports used by SMS 2003, see Microsoft Knowledge Base article 826852, "Ports That
Systems Management Server 2003 Uses to Communicate Through a Firewall or Through a Proxy Server," on the
For more information about the ports used by SMS 2.0, see Microsoft Knowledge Base article 167128, "SMS:
Network Ports Used by Remote Helpdesk Functions," on the Microsoft Web site at
For more information about ports used by SMS, see Microsoft Knowledge Base article 200898, "SMS: How to Use
Systems Management Server Through a Firewall," on the Microsoft Web site at http://go.microsoft.com/fwlink/?
LinkId=22602.
For information about ports used by SMS, see Microsoft Knowledge Base article 256884, "SMS: TCP and UDP
Ports Used by Remote Control Have Changed in SP2," on the Microsoft Web site at
SQL Server
For information about how SQL Server 2000 dynamically determines ports for secondary instances, see Microsoft
Knowledge Base article 286303, "INF: Behavior of SQL Server 2000 Network Library During Dynamic Port
Detection," on the Microsoft Web site at http://go.microsoft.com/fwlink/?LinkId=22604.
For information about ports used by SQL Server 7.0 and SQL Server 2000 for OLAP Services, see Microsoft
Knowledge Base article 301901, "TCP Ports Used by OLAP Services when Connecting Through a Firewall," on the
Terminal Services
For information about how to configure the port used by Terminal Services, see Microsoft Knowledge Base article
187623, "How to Change Terminal Server's Listening Port," on the Microsoft Web site at
Controlling Communication with the Internet in Windows

For a client-side perspective about how Windows XP with Service Pack 1 communicates on the Internet, see
"Using Windows XP Professional with Service Pack 1 in a Managed Environment" on the TechNet Web site at
For a client-side perspective about how Windows 2000 with Service Pack 4 communicates on the Internet, see
"Using Windows 2000 with Service Pack 4 in a Managed Environment" on the TechNet Web site at
For a client-side perspective about how Windows Server 2003 communicates on the Internet, see "Using
Windows Server 2003 in a Managed Environment" on the TechNet Web site at http://go.microsoft.com/fwlink/?
LinkId=22609.
Top Of Page
© 2018 Microsoft

Network Ports Used by Key Microsoft Server Products PDF

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Network Ports Used by Key Microsoft Server Products PDF

Загружено:

Авторское право:

Доступные форматы

Network Ports Used by Key Microsoft

Application Layer Gateway (ALG) Service

System Service Name ALG

Application protocol Protocol Port

FTP control TCP 21

ASP.NET State Service

System Service Name aspnet_state

Application protocol Protocol Port

ASP.Net Session State TCP 42424

System Service Name CertSvc

Application protocol Protocol Port

RPC TCP 135

Randomly allocated high TCP ports TCP RANDOM

System Service Name ClusSvc

RPC TCP 135

Randomly allocated high TCP ports TCP RANDOM

Cluster Services UDP 3343

System Service Name Browser

Application protocol Protocol Port

NetBIOS Datagram Service UDP 138

NetBIOS Name Resolution UDP 137

NetBIOS Session Service TCP 139

System Service Name DHCPServer

Application protocol Protocol Port

DHCP Server UDP 67

MADCAP UDP 2535

Distributed File System

Application protocol Protocol Port

NetBIOS Datagram Service UDP 138

NetBIOS Session Service TCP 139

LDAP Server TCP 389

LDAP Server UDP 389

SMB TCP 445

RPC TCP 135

Randomly allocated high TCP ports TCP RANDOM

NetBIOS Datagram Service UDP 138

Distributed Link Tracking Server

System Service Name TrkSvr

Application protocol Protocol Port

RPC TCP 135

Randomly allocated high TCP ports TCP RANDOM

Distributed Transaction Coordinator

System Service Name MSDTC

Application protocol Protocol Port

RPC TCP 135

System Service Name DNS

Application protocol Protocol Port

System Service Name Eventlog

Application protocol Protocol Port

RPC TCP 135

Randomly allocated high TCP ports TCP RANDOM

Application protocol Protocol Port

IMAP TCP 143

IMAP over SSL TCP 993

POP3 over SSL TCP 995

Randomly allocated high TCP ports TCP RANDOM

RPC TCP 135

RPC over HTTP TCP 593

System Service Name Fax

Application protocol Protocol Port

RPC TCP 135

Randomly allocated high TCP ports TCP RANDOM

NetBIOS Session Service TCP 139