Solved

Exchange ports

Posted on 2006-07-18
7
349 Views
Last Modified: 2010-03-06
What ports do I need to have open on a 2003 server running Exchange 2003. Also what is the best way to close ports that are not needed.
0
Comment
Question by:s2cott
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
7 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 17132022
What is your objective?

Ports where?
Internally?
Externally?
To the internet?
Somewhere else?

More information is required.

Simon.
0
 

Author Comment

by:s2cott
ID: 17132168
What is your objective? I am at a University so we are constantly under attack. We sit behind 2 firewalls but there are ways through.

Ports where? On the Exchange server it self
Internally?
Externally?
To the internet?
Somewhere else?

We also use OWA. Ifo needs to be sent back and forth between Exchange server and also out to the internet.

More information is required.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17133009
Unfortunately that still doesn't help.

The ports open to the internet are not the full list of ports that Exchange uses.

If you are using OWA, then the least ports you can get away with are 25 (SMTP) and 443 (HTTPS). In fact most Exchange sites could probably get away with just those.
However if you have machines outside of the network that are accessing the server via POP3, IMAP etc then you need to open those as well.

Are you talking about ports through the firewall from the internet - or an attempt to protect the Exchange server from attacks inside the network?
If you want to firewall the Exchange server itself, then you may as well give up now, as the large number of ports it requires to talk to Outlook clients and domain controllers will basically make the firewall useless.

Simon.
0
 

Author Comment

by:s2cott
ID: 17133131
I do not need the ports relating to accessing the firewall.
I am hoping for a list of the ports that need to be open on a exchange server
0
 
LVL 104

Accepted Solution

by:
Sembee earned 50 total points
ID: 17133198
Ok if you insist...

SMTP: 25
LDAP (DC lookup): 389
LDAP (GC lookup): 3268
NetBIOS (ports): 135, 139, 1024+ (default config is usually 6000 something).
DNS: 53
RPC: 111, 135, 1024+
Netlogon: 445
Kerberos: 88
OWA: 80 (HTTP), 443 (HTTPS)
IMAP4: 143, 993 (with SSL) SSL  
POP3:110, 995 (with SSL)

That is the minimum required, but will basically provide you with no protection whatsoever from attacks. The biggie is 135 NETBIOS, probably the most dangerous port to have open.

Simon.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question