Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Exchange ports

Posted on 2006-07-18
7
Medium Priority
?
355 Views
Last Modified: 2010-03-06
What ports do I need to have open on a 2003 server running Exchange 2003. Also what is the best way to close ports that are not needed.
0
Comment
Question by:s2cott
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
7 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 17132022
What is your objective?

Ports where?
Internally?
Externally?
To the internet?
Somewhere else?

More information is required.

Simon.
0
 

Author Comment

by:s2cott
ID: 17132168
What is your objective? I am at a University so we are constantly under attack. We sit behind 2 firewalls but there are ways through.

Ports where? On the Exchange server it self
Internally?
Externally?
To the internet?
Somewhere else?

We also use OWA. Ifo needs to be sent back and forth between Exchange server and also out to the internet.

More information is required.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17133009
Unfortunately that still doesn't help.

The ports open to the internet are not the full list of ports that Exchange uses.

If you are using OWA, then the least ports you can get away with are 25 (SMTP) and 443 (HTTPS). In fact most Exchange sites could probably get away with just those.
However if you have machines outside of the network that are accessing the server via POP3, IMAP etc then you need to open those as well.

Are you talking about ports through the firewall from the internet - or an attempt to protect the Exchange server from attacks inside the network?
If you want to firewall the Exchange server itself, then you may as well give up now, as the large number of ports it requires to talk to Outlook clients and domain controllers will basically make the firewall useless.

Simon.
0
 

Author Comment

by:s2cott
ID: 17133131
I do not need the ports relating to accessing the firewall.
I am hoping for a list of the ports that need to be open on a exchange server
0
 
LVL 104

Accepted Solution

by:
Sembee earned 200 total points
ID: 17133198
Ok if you insist...

SMTP: 25
LDAP (DC lookup): 389
LDAP (GC lookup): 3268
NetBIOS (ports): 135, 139, 1024+ (default config is usually 6000 something).
DNS: 53
RPC: 111, 135, 1024+
Netlogon: 445
Kerberos: 88
OWA: 80 (HTTP), 443 (HTTPS)
IMAP4: 143, 993 (with SSL) SSL  
POP3:110, 995 (with SSL)

That is the minimum required, but will basically provide you with no protection whatsoever from attacks. The biggie is 135 NETBIOS, probably the most dangerous port to have open.

Simon.
0

Featured Post

Tech or Treat! - Giveaway

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question