DCOM port 1024

Jelmer Vernooij jelmer at samba.org
Mon Feb 14 14:34:58 MST 2011 

On Mon, 2011-02-14 at 13:27 -0800, tms3 at tms3.com wrote:
> > On Mon, 2011-02-14 at 13:07 -0800, tms3 at tms3.com wrote:
> > > This came up on the samba lists for Samba4 firewall issues. Is
> > > this 
> > > DCOM port really necessary? What does the samba AD model use it
> > > for?
> > > 
> > > TIA for any info, always appreciated.
> > Can you provide some more context?
> Only thing running on this server is Samba4, sshd, ntpd:
> 
> Active Internet connections (including servers)
> Proto Recv-Q Send-Q  Local Address          Foreign Address
> (state)
> tcp4       0      0 192.168.64.3.139       192.168.164.100.54657
> SYN_RCVD
> tcp4       0      0 192.168.64.3.1024      192.168.64.6.1095
> ESTABLISHED
> tcp4       0      0 192.168.64.3.445       192.168.64.125.59802
> ESTABLISHED
> tcp4       0      0 *.3269                 *.*
> LISTEN
> tcp4       0      0 *.3268                 *.*
> LISTEN
> tcp4       0      0 *.636                  *.*
> LISTEN
> tcp4       0      0 *.389                  *.*
> LISTEN
> tcp4       0      0 *.464                  *.*
> LISTEN
> tcp4       0      0 *.88                   *.*
> LISTEN
> tcp4       0      0 *.135                  *.*
> LISTEN
> tcp4       0      0 *.1024                 *.*
> LISTEN
> tcp4       0      0 *.139                  *.*
> LISTEN
> tcp4       0      0 *.445                  *.*
> LISTEN
> tcp4       0     52 192.168.64.3.22        192.168.64.125.53773
> ESTABLISHED
> tcp4       0      0 127.0.0.1.25           *.*
> LISTEN
> tcp4       0      0 *.22                   *.*
> LISTEN
> tcp6       0      0 *.22                   *.*
> LISTEN
> udp4       0      0 192.168.64.3.464       *.*
> udp4       0      0 192.168.64.3.88        *.*
> udp4       0      0 *.464                  *.*
> udp4       0      0 *.88                   *.*
> udp4       0      0 192.168.64.3.389       *.*
> udp4       0      0 *.389                  *.*
> udp4       0      0 192.168.64.3.138       *.*
> udp4       0      0 192.168.64.255.138     *.*
> udp4       0      0 192.168.64.3.137       *.*
> udp4       0      0 192.168.64.255.137     *.*
> udp4       0      0 *.138                  *.*
> udp4       0      0 *.137                  *.*
> udp4       0      0 *.514                  *.*
> udp6       0      0 *.514                  *.*             
> 
> Note 1024 is up and running. The machine with ip 192.168.64.6 is a
> W2K3R server binding to port 1024, so it is being used.
That would be the dynamically allocated DCE/RPC port, but I don't see
anything that suggests this is DCOM?

> > The port assignment (like most interfaces over ncacn_ip_tcp) of the
> > DCOM
> > interfaces is dynamically allocated. 
> Well dynamically, starting with 1024 and moving up the scale should
> the first choice be claimed. 
It can be *any* port. Samba just happens to put everything on 1024 at
the moment, but that can be changed any time. The end point mapper
should be able to tell you which port a particular DCE/RPC service is
running on.

Cheers,

Jelmer


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20110214/f8754c8e/attachment.pgp>

More information about the samba-technical mailing list