Re: AD ports

Date: 09/12/04

Date: Sun, 12 Sep 2004 15:24:06 +0200


Is there a problem with what I did?

"Karl Levinson [x y] mvp" <> wrote in message
> One possibility is using IPSec between the two domain controllers? Then
> you open ports for IPSec and not for AD.
> Other possibilities are to decide that everything is working and keep
> those
> ports closed, or to open a range of ports.
> <s> wrote in message news:uW393sLmEHA.2412@TK2MSFTNGP10.phx.gbl...
>> Hi
>> I have 2 sites that protected by CheckPoint firewall.
>> In each site I have DC.
>> I closed all the ports and opened only the necessary ports for AD and
>> internet.
>> I also changed the RPC dynamic assignment port from Dynamic to Fix ,port
>> 9999, in
>> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters\
>> I had the parameter TCP/IP Port=9999
>> All the replication is working good.
>> My problem is that in the FW monitor I see that the 2 DC's try to connect
> in
>> ports 1057,1059 and 1061, but those prots r closed.
>> How can I find what r those ports?
>> Than'x
>> Shay

Relevant Pages

  • Re: Plausible reasons for http access?
    ... snip some important but volumous and onorous free up your time while helping me.. ... provides transportation service - in this case, transporting packets. ... Many instances have different open 'ports' numbered anything but 80,110,25. ... I wonder though if Spybots utility has failed to differentiate a proxy port and an actual open ethernet-internet port and is telling me I have "open ports" but no tcp/ip packets are acknowledged unless specificaly allowed? ...
  • Re: AV showing unauthorized access attempts after installing IE8
    ... NAV is showing in its ... history "unauthorized access blocked" all day ... one or more ports open that is reacing to queies; ... One of the tests is for open ports. ...
  • Re: SMB File Sharing XP SP2
    ... i went straight to manually configuring my ports to allow file sharing ... > to manually configure the open ports. ... it's trying to automate ...
  • Re: Concerns about wording of man blackhole
    ... As open ports still show up as open I don't see the protection. ... What does this have to do with "blackhole". ... skillful intruders leapfrog around the firewall by abusing the HTTP CONNECT ...
  • Re: Pentest - ISA server
    ... of them have over 50000 open ports. ... Tried to run fast-track using reverse connections but no luck. ... with that many ports open. ... ISA Server is a proxy firewall, so TCP port scanning ...