2023年6月24日发(作者：)

windows 2003系统端口（Windows 2003 system port）

Windows 2003 port Guinness 2009-03-16 12:48:17| classification:

computer communication | Tags: | font

in

Small subscription

Application Layer Gateway Service

This component of the Internet connection sharing (ICS)

/Internet connection firewall (ICF) service provides support

for plug-ins that allow network protocols to pass through

firewalls and work behind the Internet connection share.

Application layer gateway (ALG) plug-ins can open ports and

change data embedded in packets (such as ports and IP addresses).

File transfer protocol (FTP) is the only network protocol with

Windows Server 2003 standard edition and Windows Server 2003

Enterprise Edition attached to a plug-in. The ALG FTP plug-in

aims to support active FTP sessions through the network address

translation (NAT) engine used by these components. The ALG FTP

plug-in supports these sessions by redirecting all

communications delivered via NAT to port 21 to the dedicated

listening port within the range of 3000 to 5000 of the loopback

adapter. Then, the ALG FTP plug-in monitors and updates the FTP

control channel communication, enabling the FTP plug-in to map

through the NAT forwarding port of the FTP data channel. The

FTP plug-in also updates the ports in the FTP control channel

stream.

System service name: ALG application protocol protocol port FTP control TCP 21

Status Service

state service supports out of process session

state. The state service stores session data outside

the process. This service uses sockets to communicate with

running on the Web server.

System service name: aspnet_state application protocol

protocol port

session state TCP 42424

Certificate service

Certificate service is part of the core operating system. Using

certificate services, an enterprise can act as its own

certificate authority (CA). By this method, enterprises can

issue and manage the procedures and Protocols (such as secure

/ multipurpose Internet Mail Extensions (S/MIME), secure

socket layer (SSL) encryption, file system (EFS), IPSec and

smart card login) digital certificate. The certificate service

uses a random TCP port higher than port 1024, and communicates

with the client depending on RPC and DCOM.

System service name: CertSvc application protocol protocol

port

Random allocation of high TCP port TCP random port number Cluster service

Cluster services control server cluster operations and manage

cluster databases. A cluster is a collection of independent

computers acting as a single computer. Administrators,

programmers, and users regard clusters as a system. This

software distributes data between cluster nodes. If a node

fails, other nodes will provide the original service and data

provided by the lost node. When you add or fix a node, the

cluster software moves some data to this node.

System service name: ClusSvc application protocol protocol

port

Cluster service UDP 3343

Random allocation of high TCP port TCP random port number

Computer browser

The "computer browser" system service maintains the list of the

latest computers on the network and provides the list of

requests at the request of the program. Windows based computers

use computer browser services to view network domains and

resources. The browser is designated as a browser to maintain

the browse list, which contains all the shared resources used

on the network. Earlier versions of the Windows program (such

as "Online neighbors", net view commands, and Windows Explorer)

require browsing capabilities. For example, when you open an

online neighbor on a computer that runs Microsoft Windows 95, a list of domains and computers appears. To display this list,

the computer obtains a copy of the browse list from a computer

that is designated as a browser.

System service name: browser application protocol port

NetBIOS datagram service UDP 138

netbios 名称解析 udp 137

名称解析 netbios tcp 137

会话服务 netbios tcp 139

dhcp 服务器

"dhcp 服务器" 服务使用动态主机配置协议 (dhcp) 自动分配 ip

地址.使用此服务, 可以调整 dhcp 客户机的高级网络设置.例如,

可以配置诸如域名系统 (dns) 服务器和 windows internet 名称服务 (wins) 服务器之类的网络设置.可以建立一个或更多的 dhcp 服务器来维护 tcp / ip 配置信息并向客户计算机提供此信息.

系统服务名称: dhcpserver应用协议 协议 端口

dhcp 服务器 udp 67

madcap udp 2535

分布式文件系统

"分布式文件系统 (dfs)" 服务管理分布在局域网 (lan) 或广域网 (wan) 上的逻辑卷, 它对 microsoft active directory 目录服务

sysvol 共享是必需的.dfs 是将不同的文件共享集成为一个逻辑命名空间的分布式服务.

系统服务名称: dfs应用协议 协议 端口

netbios 数据报服务 udp 138

会话服务 netbios tcp 139

ldap 服务器 tcp 389

ldap "分布式链接跟踪服务器" 系统服务存储信息, 使得在卷之间移动的文件可以跟踪到域中的每个卷. "分布式链接跟踪服务器" 服务运行在一个域中的所有域控制器上.此服务使 "分布式链接跟踪服务器客户机" 服务能够跟踪已移动到同一个域中另一个 ntfs 文件系统中某个位置的链接文档.

系统服务名称: trksvr应用协议 协议 端口

随机分配的高 tcp 端口 tcp 随机端口号

分布式事务处理协调器

"分布式事务处理协调器 (dtc)" 系统服务负责协调跨计算机系统和资源管理器分布的事务, 如数据库、消息队列、文件系统和其他事务保护资源管理器.通过 com + 配置事务组件时需要 dtc 系统服务.跨多个系统的消息队列 (也称为 msmq) 和 sql server 操作中的事务队列也需要 dtc 系统服务.

系统服务名称: msdtc应用协议 协议 端口 随机分配的高 tcp 端口 tcp 随机端口号

dna 服务器

"dna 服务器" 服务通过应答有关 dna dna dna 名称的查询和更新请求来启用 名称解析.查找使用 标识的设备和服务以及在 active

directory 中查找域控制器都需要 dna 服务器.

系统服务名称: dns应用协议 协议 端口

dns udp 53

dns udp 53

事件日志

"事件日志" 系统服务记录由程序和 windows 操作系统生成的事件消息.事件日志报告中包含对诊断问题有用的信息.在事件查看器中查看报告.事件日志服务将程序、服务以及操作系统发送的事件写入日志文件.这些事件中不仅包含特定于源程序、服务或组件的错误,

还包含诊断信息.可以通过事件日志 api 以编程方式查看日志, 也可以通过 mmc 管理单元中的事件查看器查看日志.

系统服务名称: eventlog应用协议 协议 端口

随机分配的高 tcp 端口 tcp 随机端口号

exchange server

microsoft exchange server mapi 包括几个系统服务.当 客户机 (如 microsoft outlook) 连接到 exchange 服务器时, 客户机先连接到 tcp 端口 135 上的 rpc 终结点映射器 (rpc 定位器服务).rpc 终结点映射器告诉客户机使用哪些端口连接到 exchange

server 服务.

These ports are dynamically allocated. Microsoft Exchange

Server 5.5 uses two ports: one for information storage and one

for directory. Microsoft Exchange 2000 Server and Microsoft

Exchange Server 2003 use three ports: one for information

storage, and two for system assistant. By using RPC over HTTP,

you can also use Microsoft Office Outlook 2003 to connect to

the server running Exchange Server 2003. Exchange Server also

supports other protocols, such as SMTP, post office protocol

3 (POP3), and IMAP.

Application protocol port

IMAP TCP 143

IMAP over SSL TCP 993

POP3 TCP 110

POP3 over SSL TCP 995

Random allocation of high TCP port TCP random port number

RPC TCP 135

RPC over HTTP TCP 593

SMTP TCP 25

SMTP UDP 25

Fax service

Fax service is a system service compatible with telephone

service API (TAPI), which provides fax function. Using fax

services, users can send and receive faxes from their desktop

programs using local fax devices or shared network fax devices.

System service name: fax application protocol protocol port

NetBIOS session service TCP 139

Random allocation of high TCP port TCP random port number

SMB TCP 445

SMB UDP 445

File replication

File replication service (FRS) allows automatic replication

and maintenance of files on many servers simultaneously. FRS

is the automatic file replication service in Windows 2000 and

Windows Server 2003, and its function is to copy SYSVOL share

to all domain controllers. In addition, FRS can be configured

to copy files between backup targets associated with

fault-tolerant DFS.

System service name: NtFrs application protocol protocol port

Random allocation of high TCP port TCP random port number

Macintosh file server

Using the "Macintosh file server" system service, the Macintosh

computer user can store and access files on the computer running

Windows Server 2003. If the service is closed or banned, the

Macintosh client will not be able to access or store the file

on this computer.

System service name: MacFile application protocol protocol

port

Macintosh file server TCP 548

FTP publishing service

FTP publishing service provides FTP connection. By default, the

FTP control port is 21. However, this system service can be

configured through the "Internet information service (IIS)

manager" management unit. The default data port (i. e. the port

used by the active mode FTP) is automatically set to one port

lower than the control port. Therefore, if the control port is

configured as port 4131, the default data port is port 4130.

Most FTP clients use passive mode FTP. It said the client

initially used the control port to connect to the FTP server,

the FTP server allocates a range between 1025 and 5000 between

the high TCP port, then the client opens another FTP server to

transfer data connection. You can configure the scope of high ports using the IIS meta database.

System service name: MSFTPSVC application protocol protocol

port

FTP control TCP 21

FTP default data TCP 20

Random allocation of high TCP port TCP random port number

HTTP SSL

HTTP SSL system services enable IIS to execute SSL functions.

SSL is an open standard for building encrypted communication

channels to help prevent important information from being

intercepted (such as credit card numbers). Although this

service is designed to handle other Internet services, it is

primarily used to enable encrypted electronic transactions on

the world wide web (WWW). Through the "Internet information

service (IIS) manager" management unit, you can configure ports

for this service.

System service name: HTTPFilter application protocol protocol

port

HTTPS TCP 443

Internet authentication service

Internet authentication service (IAS) is connected to the network users to perform centralized authentication,

authorization, auditing and accounting. These users can either

be on the LAN connection or on the remote connection. IAS

implements Internet engineering task group (IETF) standard

Remote Authentication Dial In User Service (RADIUS) protocol.

System service name: IAS application protocol protocol port

Old style RADIUS UDP 1645

Old style RADIUS UDP 1646

RADIUS accounting UDP 1813

RADIUS authentication UDP 1812

Internet connection firewall (ICF) /Internet connection share

(ICS)

This system service provides NAT, addressing, and name

resolution services for all computers on the home network or

on a small office network. When enabling Internet connection

sharing, your computer will become the network's "Internet

gateway", then the other client computer can share a Internet

connection, such as dial-up or broadband connection. This

service provides basic DHCP services and DNS services, but it

also applies to fully functional Windows DHCP services or DNS

services. When ICF and Internet connections are shared as

gateways to other computers on the network, they provide DHCP

services and DNS services for the private network on the

internal network interface. They do not provide these services on external interfaces.

System service name: SharedAccess application protocol

protocol port

DHCP server UDP 67

DNS UDP 53

DNS TCP 53

IPSec service

IPSec services help to provide end-to-end security between

clients and servers on TCP/IP networks. IPSec services manage

Internet protocol security (IPSec) policies, start Internet

key exchange (IKE), and coordinate IPSec policy settings and

IP security drivers. Use net start or net stop policy proxy

command to control this service.

System service name: PolicyAgent application protocol protocol

port

IPSec ISAKMP 500

Kerberos key distribution center

When you use the Kerberos key distribution center (KDC) system

service, the user can log in to the network using the Kerberos

version 5 authentication protocol. Like other implementations

of the Kerberos protocol, KDC is a process that provides two services: authentication service and ticket granting service.

The authentication service gives the invoice certificate to the

ticket, and the ticket granting service issues the ticket for

the computer connected to the domain itself.

System service name: KDC application protocol protocol port

Kerberos TCP 88

Kerberos UDP 88

License record

The license record system service is a tool that was originally

designed to help users manage the licenses of authorized

Microsoft server products in the server client access (CAL)

model. The license record is introduced with the Microsoft

Windows NT Server 3.51. By default, license service is disabled

in Windows Server 2003. Because the original design constraints

and the continuous development of the license terms, the

license may not provide records about the total number of CAL

relative to the total number of CAL buy an accurate view of the

use of specific server or the whole enterprise within the. The

CAL of the license record report may conflict with the end user

license agreement (EULA) and the use of the product (PUR). The

license version will not be included in the future version of

the Windows operating system. Microsoft only recommends users

of the Microsoft Small Business Server operating system to

enable this service on the server.

System service name: LicenseService application protocol protocol port

NetBIOS datagram service UDP 138

会话服务 137 TCP NetBIOS

SMB TCP 445

SMB UDP 445

本地安全机构

"本地安全机构" 系统服务提供核心操作系统安全机制.它将通过 服务分配的随机 端口用于域控制器复制 RPC TCP.

系统服务名称: lsass应用协议 协议 端口

全局编录服务器 TCP 3269

全局编录服务器 TCP 3268

LDAP server TCP 389

LDAP server UDP 389

LDAP SSL tcp 636

636 UDP LDAP SSL

随机分配的高 端口 随机端口号 TCP TCP

消息队列

"消息队列" 系统服务是一个消息处理结构和开发工具, 用于创建

Windows 分布式消息处理程序.这些程序可以跨异构网络通信, 并且可以在可能暂时无法彼此连接的计算机之间发送消息.消息队列对提供安全性、提高路由效率、支持在事务内发送消息、基于优先级的消息处理以及有保障的邮件传递都有帮助.

系统服务名称: msmq应用协议 协议 端口

TCP MSMQ 1801

MSMQ UDP 1801

MSMQ DCS TCP 2101

TCP MSMQ MGMT 2107

MSMQ - 3527 UDP Ping

RPC TCP MSMQ 2105

RPC TCP MSMQ 2103

RPC TCP 135

信使

"信使" 系统服务向用户和计算机、管理员以及 Alert 服务发送消息或接收来自它们的消息.此服务与 无关.如果禁用信使服务 发送给当前登录到网络上的计算机或用户的通知就无法收到.此外, Windows Messenger, Net Send Net name 命令和 命令不再起作用.

系统服务名称: 信使应用协议 协议 端口

数据报服务 UDP NetBIOS 138

Microsoft Exchange MTA 堆栈

在 和 Microsoft Exchange 2000 Server and Microsoft Exchange

Server 2003 中, 消息传输代理 (MTA) 常常用于在混合模式环境中基于 的服务器和基于 Exchange 2000 Server, Exchange Server 5.5

的服务器之间提供向后兼容的消息传输服务.

系统服务名称: msexchangemta应用协议 协议 端口

TCP X.400 102

Microsoft Operations Manager 2000

Microsoft Operations Manager (MOM) 2000 通过提供全面的事件管理、主动的监视和警告、报告以及趋势分析来提供企业级操作管理.安装了 Mom 2000 Service Pack 1 (SP1) 之后 2000 不再使用明文通信通道 Mom, Mom, mom 代理和 服务器之间的所有通信都在 TCP

端口 1270 上加密.mom 管理员控制台使用 DCOM 连接到服务器.这意味着管理网络上的 Mom 服务器的管理员必须能够访问随机高 TCP

端口.

系统服务名称: One point应用协议 协议 端口

Mom Clear TCP 51515

Mom - encrypted TCP 1270

Microsoft 服务 POP3

Microsoft Microsoft 服务后 POP3 服务提供电子邮件传输服务和检索服务.管理员可以使用此服务在邮件服务器上存储和管理电子邮件帐户.在邮件服务器上安装了 POP3, 用户就可以使用支持 POP3

协议的电子邮件客户程序 (如 连接到邮件服务器并且可以检索电子邮件 Microsoft Outlook).

系统服务名称: pop3svc应用协议 协议 端口

TCP POP3 110

MSSQLSERVER

是 MSSQLSERVER Server Microsoft SQL Server 2000 中的一个系统服务.sql 提供了一个强大而全面的数据管理平台.

Using server network utilities, you can configure the ports

used for each SQL Server instance.

System service name: MSSQLSERVER application protocol protocol

port

SQL over TCP TCP 1433

SQL Probe UDP 1434

MSSQL$UDDI

MSSQL$UDDI system service is installed during the general

description, discovery and integration (UDDI) function of the

Windows Server 2003 series operating system. MSSQL$UDDI

provides UDDI functionality in the enterprise. SQL Server

database engine is the core component of MSSQL$UDDI.

System service name: MSSQLSERVER application protocol protocol

port

SQL over TCP TCP 1433

SQL Probe UDP 1434

Net Logon

The Net Logon system maintains a secure channel between the

computer and the domain controller to authenticate the user and

the service. It passes the user credentials to the domain

controller, and then returns the user's domain security

identifier and user permissions. This is often referred to as

pass-through authentication. Net Logon automatically starts

when a computer is a member of a domain. In the Windows 2000

Server series and the Windows Server 2003 series, Net Logon

releases the service resource record in DNS. Net Logon is

enabled only on a computer that belongs to a domain. When the

service is running, it relies on the "server" service and the

"local security agency" service to listen for incoming requests.

On the domain member computer, Net Logon uses the RPC on the

named pipe. On the domain controller, it uses RPC, RPC over

TCP/IP, mailbox and light Directory Access Protocol (LDAP) on

named pipes. System service name: Netlogon application protocol protocol

port

NetBIOS datagram service UDP 138

NetBIOS name resolution TCP 137

NetBIOS name resolution UDP 137

NetBIOS session service TCP 139

SMB TCP 445

SMB UDP 445

NetMeeting remote desktop sharing

"NetMeeting remote desktop sharing" system service allows

authorized users to use Windows NetMeeting, through the

company's internal network remote access to your Windows

desktop from other personal computers. You must explicitly

enable this service in NetMeeting. You can also disable or close

this function by using an icon in the Windows notification area.

System service name: mnmsrvc application protocol protocol

port

Terminal service TCP 3389

Network News Transfer Protocol (NNTP) The network news transfer protocol (NNTP) system service allows

computers running Windows Server 2003 to be used as news servers.

The client can retrieve newsgroups from the server using news

client programs (such as Microsoft Outlook Express) and read

the title or text of each newsgroup.

System service name: NNTPSVC application protocol protocol

port

NNTP TCP 119