RE: Windows XP open port 389

From: Moorhouse, Walt P (WaltPMoorhouse@eaton.com)
Date: 03/13/02

• Previous message: Williams, Kevin: "RE: Windows XP open port 389"
• Maybe in reply to: Williams, Kevin: "Windows XP open port 389"
• Next in thread: Zimin, Alex: "RE: Windows XP open port 389"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "Moorhouse, Walt P" <WaltPMoorhouse@eaton.com>
To: "'Williams, Kevin'" <KWilliams@sark.com>, "'focus-ms@securityfocus.com'" <focus-ms@securityfocus.com>
Date: Wed, 13 Mar 2002 10:57:07 -0500

A quick search on TechNet gave this page:
http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/prodtechn
ol/netmting/reskit/netmtg2/chpt4.asp
Which says:

   Establishing a NetMeeting Connection with a Firewall

   When you use NetMeeting to call other users over the Internet, several IP
ports are required to establish the outbound
   connection. If you use a firewall to connect to the Internet, it must be
configured so that the following IP ports are not
   blocked.
    This port Is used for
    389 Internet Locator Server (TCP)
...
NetMeeting directory services require either port 389 or port 522, depending
on the type of server
   you are using. Internet Locator Servers (ILSs), which support the
lightweight directory access protocol
   (LDAP) for NetMeeting, require port 389.

I hope this helps.

WPM

-----Original Message-----
From: Williams, Kevin [mailto:KWilliams@sark.com]
Sent: Tuesday, March 12, 2002 1:11 PM
To: 'focus-ms@securityfocus.com'
Subject: Windows XP open port 389

I ran a scan of my laptop and discovered port 389 (LDAP) was listening. I
tried FPort to nail down the .EXE responsible, but it told me "Must be
Admin" and quit (I was using an admin account at the time). I began shutting
down services until I found the one listening - it was the ICS/ICF
(firewall) service.

Does anyone have any info on why ICF was listening for LDAP traffic? I
didn't have any services configured, only ICMP allowed.

---

• Previous message: Williams, Kevin: "RE: Windows XP open port 389"
• Maybe in reply to: Williams, Kevin: "Windows XP open port 389"
• Next in thread: Zimin, Alex: "RE: Windows XP open port 389"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Anybody Willing To Test Net Meeting Please? ... >> How to Establish NetMeeting Connections Through a Firewall ... If you're Running NIS on a *Single* ... then you don't need to worry about Port ... On a Firewall on a Standalone Machine, all you have to worry about ... (uk.people.silversurfers) Re: BlackIce Issue ... This maniac has a problem with BlackIce? ... >> In the advanced Firewall settings, why is port 1503 set the way it is? ... >> that has Netmeeting and BlackIce on it. ... (comp.security.firewalls) Re: BlackIce Issue ... This maniac has a problem with BlackIce? ... > In the advanced Firewall settings, why is port 1503 set the way it is? ... > That entry in the firewall is protected, and I cannot do anything with it. ... > that has Netmeeting and BlackIce on it. ... (comp.security.firewalls) Re: keeping ports open ... If a port is open, it means that 1) a software or service is running on your ... and 2) you're not using a firewall or your firewall isn't ... Use firewall software and hardware and antivirus software that is ... Follow the instructions for hardening Windows and IIS at ... (microsoft.public.security) Re: How to Maintain an IIS Server? ... > server running on a Windows 2000 server. ... before a firewall and antivirus have been installed]. ... open ports; however, this will not identify which program is using the port. ... (microsoft.public.inetserver.iis.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > focus-ms  > 2002-03