Security Basics mailing list archives
RE: Open ports to establish a one-way trust
From: "Mike" <mike_sha () shaw ca>
Date: Wed, 2 Mar 2005 08:26:34 -0500
These are the ports open on my DC, maybe this can help? PORT STATE SERVICE 25/tcp open smtp 53/tcp open domain 80/tcp open http 88/tcp open kerberos-sec 110/tcp open pop3 135/tcp open msrpc 139/tcp open netbios-ssn 143/tcp open imap 389/tcp open ldap 443/tcp open https 445/tcp open microsoft-ds 464/tcp open kpasswd5 593/tcp open http-rpc-epmap 636/tcp open ldapssl 691/tcp open resvc 993/tcp open imaps 995/tcp open pop3s 1026/tcp open LSA-or-nterm 1029/tcp open ms-lsa 1076/tcp open sns_credit 1084/tcp open ansoft-lm-2 1109/tcp open kpop 3052/tcp open PowerChute 3268/tcp open globalcatLDAP 3269/tcp open globalcatLDAPssl 3372/tcp open msdtc 6101/tcp open VeritasBackupExec 38292/tcp open landesk-cba Sincerely, Mike Fetherston PS> Yes, I know.. mail and web on a DC.. bad bad pooh pooh.. budget constraints dictated this...
-----Original Message----- From: Ju Ne [mailto:ddjjembe1 () hotmail com] Sent: Tuesday, March 01, 2005 11:16 AM To: security-basics () securityfocus com Subject: Open ports to establish a one-way trust We have a domain in our WAN that needs an Active Directory one-way trust established with our domain. The change has been made
in
Active Directory but we have been unable to test this new trust? What ports need to be opened at the firewall to allow this trust from a firewall perspective? Are any of the ports listed below required for this
trust?
TCP 135 - Microsoft RPC UDP 137 - Netbios-ns UDP 138 - Netbios-dgm TCP 139 - Netbios TCP 42 - WINS, Nameserv TCP/UDP 389- LDAP TCP 636 - SLDAP TCP 3268 - MSFT-GC TCP 3269 -MSFT-GC-SSL TCP/UDP 53 -DNS TCP/UDP 88 - Kerberos, www TCP 445 - SMB Thanks, Djembe _________________________________________________________________ FREE pop-up blocking with the new MSN Toolbar - get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
Current thread:
- Open ports to establish a one-way trust Ju Ne (Mar 01)
- RE: Open ports to establish a one-way trust dave kleiman (Mar 02)
- <Possible follow-ups>
- Re: Open ports to establish a one-way trust Eric McCarty (Mar 02)
- RE: Open ports to establish a one-way trust Depp, Dennis M. (Mar 02)
- RE: Open ports to establish a one-way trust Mike (Mar 02)