Windows Server 2008 Firewall Ports


Mark Empson has published a nice list of firewall ports used by Windows Server 2008.

Possible Rule name

Description

Port

Path

Active Directory Domain Controller – LDAP (TCP-In)

Inbound rule for the Active Directory Domain Controller service to allow remote LDAP traffic. (TCP 389)

389

%systemroot%\System32\lsass.exe

Active Directory Domain Controller – LDAP (UDP-In)

Inbound rule for the Active Directory Domain Controller service to allow remote LDAP traffic. (UDP 389)

389

%systemroot%\System32\lsass.exe

Active Directory Domain Controller – LDAP for Global Catalog (TCP-In)

Inbound rule for the Active Directory Domain Controller service to allow remote Global Catalog traffic. (TCP 3268)

3268

%systemroot%\System32\lsass.exe

Active Directory Domain Controller – NetBIOS name resolution (UDP-In)

Inbound rule for the Active Directory Domain Controller service to allow NetBIOS name resolution. (UDP 138)

138

System

Active Directory Domain Controller – SAM/LSA (NP-TCP-In)

Inbound rule for the Active Directory Domain Controller service to be remotely managed over Named Pipes. (TCP 445)

445

System

Active Directory Domain Controller – SAM/LSA (NP-UDP-In)

Inbound rule for the Active Directory Domain Controller service to be remotely managed over Named Pipes. (UDP 445)

445

System

Active Directory Domain Controller – Secure LDAP (TCP-In)

Inbound rule for the Active Directory Domain Controller service to allow remote Secure LDAP traffic. (TCP 636)

636

%systemroot%\System32\lsass.exe

Active Directory Domain Controller – Secure LDAP for Global Catalog (TCP-In)

Inbound rule for the Active Directory Domain Controller service to allow remote Secure Global Catalog traffic. (TCP 3269)

3269

%systemroot%\System32\lsass.exe

Active Directory Domain Controller – W32Time (NTP-UDP-In)

Inbound rule for the Active Directory Domain Controller service to allow NTP traffic for the Windows Time service. (UDP 123)

123

%systemroot%\System32\svchost.exe

Active Directory Domain Controller (RPC)

Inbound rule to allow remote RPC/TCP access to the Active Directory Domain Controller service.

Dynamic RPC

%systemroot%\System32\lsass.exe

Active Directory Domain Controller (RPC-EPMAP)

Inbound rule for the RPCSS service to allow RPC/TCP traffic to the Active Directory Domain Controller service.

135

%systemroot%\System32\svchost.exe

Active Directory Domain Controller (TCP-Out)

Outbound rule for the Active Directory Domain Controller service. (TCP)

Any

%systemroot%\System32\lsass.exe

Active Directory Domain Controller (UDP-Out)

Outbound rule for the Active Directory Domain Controller service. (UDP)

Any

%systemroot%\System32\lsass.exe

DNS (TCP, Incoming)

DNS inbound

53

%systemroot%\System32\dns.exe

DNS (UDP, Incoming)

DNS inbound

53

%systemroot%\System32\dns.exe

DNS (TCP, outbound)

DNS outbound

53

%systemroot%\System32\dns.exe

DNS (UDP, outbound)

DNS outbound

53

%systemroot%\System32\dns.exe

DNS RPC, incoming

Inbound rule for the RPCSS service to allow RPC/TCP traffic to the DNS Service

135

%systemroot%\System32\dns.exe

DNS RPC, incoming

Inbound rule to allow remote RPC/TCP access to the DNS service

Dynamic RPC

%systemroot%\System32\dns.exe

Nice reference Mark. I was just looking for a similar list for Windows Server 2003 R2 Domain Controllers, and had to pull the information from a variety of sources. I couldn’t find a nice summary like you’ve made.

One Response to “Windows Server 2008 Firewall Ports”

  1. Martijn H Says:

    People that are interessted in ports used by W2K8 probably like the following articel.
    It also works for w2k8 dc`s!

    http://support.microsoft.com/kb/224196#appliesto


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 32 other followers

%d bloggers like this: