[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20031110225423.GA6749@garbarek.hsc.fr>
From: jbm at hsc.fr (Jean-Baptiste Marchand)
Subject: IIS 5.0 random/fixed TCP/UDP ports
* thalm <thalm@...cabo.pt> [01/01/70 - 01:00]:
> When viewing the ports associated with inetinfo.exe (Windows 2000
> Server with IIS 5.0 in a default configuration) using TCPView I see
> port 80 (TCP) , 443 (TCP), another TCP strange and random port and one
> UDP port (3456)
>
> Example in one machine: TCP 80 TCP 443 TCP 1055 UDP 3456
>
> Example in another machine: TCP 80 TCP 443 TCP 2086 UDP 3456
>
> Already tried to connect to the random TCP port, and write to it, but
> the server does not return a thing. What are the random TCP and fixed
> UDP port for?
As detailed in the IIS 5.0 section of our Windows network services
minimization paper, IIS 5.0 runs RPC services over TCP/IP:
http://www.hsc.fr/tips/min_srv_res_win.en.html
The dynamic TCP port is used by IIS remote administration RPC services.
You should also observe a dynamic UDP port. You can check with ifids
that RPC services are bound on these endpoints.
udp/3456 is used by IIS 5.0 internally. Microsoft finally documented
this port a few months ago, see
http://support.microsoft.com/?id=327859
Jean-Baptiste Marchand
--
Jean-Baptiste.Marchand@....fr
HSC - http://www.hsc.fr/
Powered by blists - more mailing lists