Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Ports between ISA and DC

from [Hernán M. Racciatti] Network Security [Permanent Link]
Subject: Re: Ports between ISA and DC
Date: Fri, 28 Jan 2005 08:53:51 -0300 
On 27 Jan 2005 08:48:33 -0000, sf_mail_sbm@yahoo.com
<sf_mail_sbm@yahoo.com> wrote:


Hi List,

I have the following config
                 ____
INTERNET <------| FW |--------> Domain Controller (in LOCAL LAN)
                   |
                   |
                 -----
                  ISA (in DMZ)

ISA is doing Web Proxy only
Only users in a particular user group can access the web
Trying to find out the ports that ISA needs to talk with the DC for 
authentication of users instead of opening all ports on the Firewall
Could not find same from Microsoft site
If someone knows the ports that need to be opened, please share it with us

Thanks,
Ronish



Hi Ronish,

Above you found some for begin...

Members Servers in DMZ -> Internal DCs

ADLogon/DirRep *
50000 TCP Outbond

DNS
53 TCP Outbound
53 UDP Outbound/Inbound

Kerberos-Adm (UDP)
749 UDP Outbound/Inbound

Kerberos-Sec (TCP)
88 TCP Outbound

Kerberos-Sec (UDP)
88 UDP Outbound/Inbound

LDAP
389 TCP Outbound

LDAP (UDP)
389 UDP Outbound/Inbound

LDAP GC (Global Catalog)
3268 TCP Outbound

Microsoft CIFS (TCP)
445 TCP Outbound

NTP (UDP)
123 UDP Outbound/Inbound

Ping
ICMP Type 8 Outbound/Inbound

RPC (All Interfaces)
135 TCP Outbound

* Tip: for RPC fix in one port!!! 50000 in this case.

See  you,

-- 
Hernán Marcelo Racciatti

Core Team Member ISECOM (Institute for Security and Open Methodologies)
Coordinator OISSG, Argentina (Open Information System Security Group)

[mailto:hracciatti@gmail.com]
[http://www.hernanracciatti.com.ar]
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Ports between ISA and DC, Roger A. Grimes
Next by Date:  Re:Betr.: RE: encryption, Philip Wagenaar
Previous by Thread:  Ports between ISA and DC, sf_mail_sbm
Next by Thread:  RE: Ports between ISA and DC, Roger A. Grimes
Indexes:  [Date] [Thread] [Top] [All Lists]