Re: Open Ports on an Exchange 2000 on Server 2000

Thanks for your response. I found 8081 is used by Symantec's Exchange
Anti-virus management application. I'll get TCPview and do as you suggest.

jwkh


"Miha Pihler [MVP]" wrote:

> Hi,
>
> Most of these services are expected to run on Exchange server. If not used,
> you can stop some of these services (e.g. you can stop pop3 or pop3s or nntp
> if these services are not used in your environment.
>
> Some of the services that do stand out are running on TCP ports above 1024
> e.g.
> - 8081/tcp open blackice-icecap
> - 38292/tcp open landesk-cba
> and few others.
>
> Check what is actually running on these TCP ports. You can e.g. use TCPView
> tool from www.sysinternals.com. It will tell you what process is using these
> ports... Once identified, make sure that there are only services that you
> install and need on the server. If you did not install them check your
> server and try to determine how they got there.
>
> --
> Mike
> Microsoft MVP - Windows Security
>
> "jwkh" <jwkh@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:FF632BC8-D396-45AC-A86D-844A95A6A919@xxxxxxxxxxxxxxxx
> >I have the following ports open on our server. Several do not look right
> >to
> > me. I used a Linux Security boot CD and Nmap to scan all our addresses
> > for
> > open ports. Any ideas?
> >
> > Interesting ports on (10.253.10.1):
> > (The 1634 ports scanned but not shown below are in state: closed)
> > PORT STATE SERVICE
> > 25/tcp open smtp
> > 80/tcp open http
> > 88/tcp open kerberos-sec
> > 110/tcp open pop3
> > 119/tcp open nntp
> > 135/tcp open msrpc
> > 139/tcp open netbios-ssn
> > 143/tcp open imap
> > 389/tcp open ldap
> > 443/tcp open https
> > 445/tcp open microsoft-ds
> > 464/tcp open kpasswd5
> > 563/tcp open snews
> > 593/tcp open http-rpc-epmap
> > 636/tcp open ldapssl
> > 691/tcp open resvc
> > 993/tcp open imaps
> > 995/tcp open pop3s
> > 1026/tcp open LSA-or-nterm
> > 1029/tcp open ms-lsa
> > 1058/tcp open nim
> > 1178/tcp open skkserv
> > 1234/tcp open hotline
> > 3268/tcp open globalcatLDAP
> > 3269/tcp open globalcatLDAPssl
> > 3389/tcp open ms-term-serv
> > 8081/tcp open blackice-icecap
> > 10000/tcp open snet-sensor-mgmt
> > 38292/tcp open landesk-cba
> >
> > TIA,
> >
> > jwkh
> >
> >
>
>
>
.

Relevant Pages

  • Re: Cannot connect to RWW from home PC
    ... That would be the address you need a DNS record for. ... You say "And in the router you need to forward to your external nic IP" ... Still can't telnet to any of your ports at your public ip address. ... Heres' the info for our server: ...
    (microsoft.public.windows.server.sbs)
  • Re: Netopia 3347NWG with Remote Desktop and Remote Web Workplace
    ... Glad you're back in business Greg! ... Ports Closed ... Despite this, Remote Web Workplace DOES WORK now, and Connect to Server ... Exchange BPA updates), ...
    (microsoft.public.windows.server.sbs)
  • Solution -> Re: SSH tunnel question.
    ... change IPS and ports around but that is not a big deal. ... telnet/ftp/rsh open on a server including on the Internet facing ports! ... I will go from the corp desktop to a hop ... through the firewall to the hop ...
    (SSH)
  • Re: Exch2003 front-end questions
    ... all the supported protocol ports must be open on the inner ... communication between the front-end server and the back-end servers. ... lists the ports required for the intranet firewall. ...
    (microsoft.public.isa)
  • Re: Exch2003 front-end questions
    ... all the supported protocol ports must be open on the inner ... to inbound traffic (from the front-end server to the back-end servers). ...
    (microsoft.public.isa)