[Samba] ms-rpc dynamic port range
Denis Cardon
dcardon at tranquil.it
Thu Oct 27 18:39:48 UTC 2016
Hi everyone,
According to the samba wiki page [1], samba ms-rpc dynamic port range is
1024-5000, which looks mostly coherent with a quick tcpdump analysis.
However it seems like there are also some connection in the upper range
or MS-RPC 49152-65535.
It seems that the lower range would be for AD2003 according to kb832017,
and that the upper range would be for AD2008 and up [2].
So my question is, what is the range that is used? Actually, I grep'ing
in the source code was quite unlucky because I didn't even found where
it was defined in samba source code... And I guess there aren't any
smb.conf parameter to control those values?
I was digging into this question after negotiating port openings for
dynamic range with the network/security team at a client.
Another similar question I have is about the drs replication port, and
if it can be set to a fixed value in order to limit the replication
partners through firewalling, like in MS KB224196 [3]?
Thanks,
Denis
[1] https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage
[2] https://support.microsoft.com/en-us/kb/832017
[3] https://support.microsoft.com/en-us/kb/224196
--
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint SĂ©bastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil-it-systems.fr
More information about the samba
mailing list