How to tell what ports are being used so that I can avoid our Cisco Firewall blocking them?

We are going to put our servers behind a cisco ASA firewall and I would like to know whats the easiest way of finding out which ports are currently being used on our Windows 2003 machines. In theory I can research online to see each software that we run what port it uses (and close everything else), but in practice this will definitely mean we will "forget" some ports and so our applications/services will not work.

Other than the standard and well known port 80, 21 and so on so forth, is there an application I can use to show me which ports are currently being used?
Who is Participating?
BertlingConnect With a Mentor Commented:
if you are moving all your servers to a DMZ you and you want to permit all required packets from the end users to the servers these are the ports i can think of:

RPC: 135
DNS: 53
LDAP: 389
Gloal catalog searches: 3268
SMTP: 25
HTTP/s: 80 & 443
Netbios: 139
SMB: 445
if you have databases: 1433
FTP: 21

you can also run netstat on all your servers you want to move to see what ports they have sessions with to particualr nodes or servers.
Jay_GridleyConnect With a Mentor Commented:
You could also try installing a trial version of PRTG traffic grapher to get a history of a few days of the traffic going to your server. The trial is obviously free and should be long enough for you to get insight in  what traffic your server passes.

Download it from:
leontasAuthor Commented:
Thanks Jay, I'll try that too!
I have been away for the past few days so I haven't had the chance to also thank Bertling for his suggestion as well!
Will try the software and get back with info!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.