CSA 5.2 Rule TCP 139

What is the best way to create an exception rule for NetBIOS on the CSAMC? NetBIOS needs to be enabled because of resolving IP's within rules on the CSAMC.
The process 'System' (as user NT AUTHORITY\SYSTEM) attempted to initiate a connection as a client on TCP port 139 to X.X.X.X using interface Wired\Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client). The operation was denied
Any help would be appreciated. i really dont want to create this rule not to see just incase something running over TCP 139.
Thanks,

Hey Adam, I have a local db (I'm setting up a remote one on a VM this week to test).
I allow connections on port 80 to a WSUS server to recieve updates, 139 and 445 to the one Windows server for accessing a file share, and 123 to our time server, but nothing else.
I don't see this as unacceptable risk. I think you could safely allow the traffic to your domain controller or deny and not log it if it doesn't affect function.
Are your MC and DB being chaty to the domain controller or to other hosts as well?

Similar Messages

  • CSA 5.1 & Rule 596

    Rule 596 (Network Access Control) generates a TON of noise. Any best practices on tuning this one?
    Obviously, cloning the module this one belongs to, "Rootkit Lockdown Module", and setting the new Network Access Control rule built inside to "Deny" instead of "Priority Deny" will allow exception rule creation, but...
    Does anyone recommend anything different, such as simply adding Application Classes to the list of apps that this rule should not apply to?
    Any suggestions are appreciated...

    I just checked a fresh install of CSA 5.1 and rule 596 is a high priority deny for all ip traffic.
    I do not agree with changing that rule to straight deny or to deny server only. The reason that rule kicks in is because your systems are "Set" as rootkit detected. If that is a true positive, you should clean the rootkits, not just do something to reduce the alerts. You can check this by going to Events > Status Summary and seeing how many hosts are listed in "Untrusted rootkit detected".
    I recommend changing the "Set" Rootkit detected rule itself to monitor. This is one of the 2 set rules in the System Hardening module (or rule 46 in a fresh install). Then use event suppression to keep these alerts out of your main event view if there are too many of them (I'm guessing Symantec will come up). But remember, these are potentially rootkits we're talking about here so you still want to keep an eye on them even if you suppress the events.
    I do not recommend changing rule 596 to straight deny or to deny server connections only. The rootkit lockdown module is meant for dealing with machines that have rootkits. This rule applies to servers as well so you can still see tons of alerts if CSA thinks your servers have rootkits.

  • CSA - Network Shield Rule Triggering for IGMP Packets

    Hi,
    Any ideas, why this Network Shield Rule (For Malicious Packet) is getting triggered for these IGMP Packets ?
    TESTMODE: A packet with malicious content was detected. Reason: Malicious packet. IGMP: 10.1.2.136->224.0.0.22 type 0x22. The operation would have been denied.
    TESTMODE: A packet with malicious content was detected. Reason: Malicious packet. IGMP: 10.1.2.144->224.0.0.1 type 0x11. The operation would have been denied.
    As far I researched 0x11 (Query) and 0x22 (v3Report) are Valid IGMP Packets.
    Thanks,
    Naman

    Try these links:
    http://www.cisco.com/en/US/products/sw/secursw/ps5057/products_qanda_item09186a008049ad72.shtml
    http://www.cisco.com/en/US/products/sw/secursw/ps5057/products_configuration_guide_chapter09186a00805afcc5.html

  • How to Create Windows Firewall Predefined rules using Powershell

    Windows Firewall Predefined rules using Powershell
    Following commands are working some time however sometimes it's giving errors. Any help would be appreciated
    WORKING ==> Set-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Enabled True 
    Set-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Enabled True -Direction Inbound
    NOT WORKING
    PS C:\Windows\system32> Set-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Enabled True -Direction Outbound
    Set-NetFirewallRule : One of the port keywords is invalid.
    At line:1 char:1
    + Set-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Enabled True -Dire ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidArgument: (MSFT_NetFirewal...ystemName = ""):root/standardcimv2/MSFT_NetFirewallRule) [Se 
       t-NetFirewallRule], CimException
        + FullyQualifiedErrorId : HRESULT 0x80070057,Set-NetFirewallRule
    PS C:\Windows\system32> Set-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Enabled True -Direction Outbound
    Set-NetFirewallRule : One of the port keywords is invalid.
    At line:1 char:1
    + Set-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Enabled True -Dire ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidArgument: (MSFT_NetFirewal...ystemName = ""):root/standardcimv2/MSFT_NetFirewallRule) [Se 
       t-NetFirewallRule], CimException
        + FullyQualifiedErrorId : HRESULT 0x80070057,Set-NetFirewallRule
    Anoop C Nair (My Blog www.AnoopCNair.com)
    - Twitter @anoopmannur -
    FaceBook Forum For SCCM

    The command:
    Get-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Direction Outbound
    produces the output:
    Name : FPS-NB_Session-In-TCP
    DisplayName : File and Printer Sharing (NB-Session-In)
    Description : Inbound rule for File and Printer Sharing to allow NetBIOS Session Service connections. [TCP 139]
    DisplayGroup : File and Printer Sharing
    Group : @FirewallAPI.dll,-28502
    Enabled : True
    Profile : Any
    Platform : {}
    Direction : Outbound
    Action : Allow
    EdgeTraversalPolicy : Block
    LooseSourceMapping : False
    LocalOnlyMapping : False
    Owner :
    PrimaryStatus : OK
    Status : The rule was parsed successfully from the store. (65536)
    EnforcementStatus : NotApplicable
    PolicyStoreSource : PersistentStore
    PolicyStoreSourceType : Local
    Name : FPS-NB_Session-Out-TCP
    DisplayName : File and Printer Sharing (NB-Session-Out)
    Description : Outbound rule for File and Printer Sharing to allow NetBIOS Session Service connections. [TCP 139]
    DisplayGroup : File and Printer Sharing
    Group : @FirewallAPI.dll,-28502
    Enabled : True
    Profile : Any
    Platform : {}
    Direction : Outbound
    Action : Allow
    EdgeTraversalPolicy : Block
    LooseSourceMapping : False
    LocalOnlyMapping : False
    Owner :
    PrimaryStatus : OK
    Status : The rule was parsed successfully from the store. (65536)
    EnforcementStatus : NotApplicable
    PolicyStoreSource : PersistentStore
    PolicyStoreSourceType : Local
    Name : FPS-SMB-In-TCP
    DisplayName : File and Printer Sharing (SMB-In)
    Description : Inbound rule for File and Printer Sharing to allow Server Message Block transmission and reception via Named Pipes. [TCP 445]
    DisplayGroup : File and Printer Sharing
    Group : @FirewallAPI.dll,-28502
    Enabled : True
    Profile : Any
    Platform : {}
    Direction : Outbound
    Action : Allow
    EdgeTraversalPolicy : Block
    LooseSourceMapping : False
    LocalOnlyMapping : False
    Owner :
    PrimaryStatus : OK
    Status : The rule was parsed successfully from the store. (65536)
    EnforcementStatus : NotApplicable
    PolicyStoreSource : PersistentStore
    PolicyStoreSourceType : Local
    Name : FPS-SMB-Out-TCP
    DisplayName : File and Printer Sharing (SMB-Out)
    Description : Outbound rule for File and Printer Sharing to allow Server Message Block transmission and reception via Named Pipes. [TCP 445]
    DisplayGroup : File and Printer Sharing
    Group : @FirewallAPI.dll,-28502
    Enabled : True
    Profile : Any
    Platform : {}
    Direction : Outbound
    Action : Allow
    EdgeTraversalPolicy : Block
    LooseSourceMapping : False
    LocalOnlyMapping : False
    Owner :
    PrimaryStatus : OK
    Status : The rule was parsed successfully from the store. (65536)
    EnforcementStatus : NotApplicable
    PolicyStoreSource : PersistentStore
    PolicyStoreSourceType : Local
    Name : FPS-NB_Name-In-UDP
    DisplayName : File and Printer Sharing (NB-Name-In)
    Description : Inbound rule for File and Printer Sharing to allow NetBIOS Name Resolution. [UDP 137]
    DisplayGroup : File and Printer Sharing
    Group : @FirewallAPI.dll,-28502
    Enabled : True
    Profile : Any
    Platform : {}
    Direction : Outbound
    Action : Allow
    EdgeTraversalPolicy : Block
    LooseSourceMapping : False
    LocalOnlyMapping : False
    Owner :
    PrimaryStatus : OK
    Status : The rule was parsed successfully from the store. (65536)
    EnforcementStatus : NotApplicable
    PolicyStoreSource : PersistentStore
    PolicyStoreSourceType : Local
    Name : FPS-NB_Name-Out-UDP
    DisplayName : File and Printer Sharing (NB-Name-Out)
    Description : Outbound rule for File and Printer Sharing to allow NetBIOS Name Resolution. [UDP 137]
    DisplayGroup : File and Printer Sharing
    Group : @FirewallAPI.dll,-28502
    Enabled : True
    Profile : Any
    Platform : {}
    Direction : Outbound
    Action : Allow
    EdgeTraversalPolicy : Block
    LooseSourceMapping : False
    LocalOnlyMapping : False
    Owner :
    PrimaryStatus : OK
    Status : The rule was parsed successfully from the store. (65536)
    EnforcementStatus : NotApplicable
    PolicyStoreSource : PersistentStore
    PolicyStoreSourceType : Local
    Name : FPS-NB_Datagram-In-UDP
    DisplayName : File and Printer Sharing (NB-Datagram-In)
    Description : Inbound rule for File and Printer Sharing to allow NetBIOS Datagram transmission and reception. [UDP 138]
    DisplayGroup : File and Printer Sharing
    Group : @FirewallAPI.dll,-28502
    Enabled : True
    Profile : Any
    Platform : {}
    Direction : Outbound
    Action : Allow
    EdgeTraversalPolicy : Block
    LooseSourceMapping : False
    LocalOnlyMapping : False
    Owner :
    PrimaryStatus : OK
    Status : The rule was parsed successfully from the store. (65536)
    EnforcementStatus : NotApplicable
    PolicyStoreSource : PersistentStore
    PolicyStoreSourceType : Local
    Name : FPS-NB_Datagram-Out-UDP
    DisplayName : File and Printer Sharing (NB-Datagram-Out)
    Description : Outbound rule for File and Printer Sharing to allow NetBIOS Datagram transmission and reception. [UDP 138]
    DisplayGroup : File and Printer Sharing
    Group : @FirewallAPI.dll,-28502
    Enabled : True
    Profile : Any
    Platform : {}
    Direction : Outbound
    Action : Allow
    EdgeTraversalPolicy : Block
    LooseSourceMapping : False
    LocalOnlyMapping : False
    Owner :
    PrimaryStatus : OK
    Status : The rule was parsed successfully from the store. (65536)
    EnforcementStatus : NotApplicable
    PolicyStoreSource : PersistentStore
    PolicyStoreSourceType : Local
    Name : FPS-ICMP4-ERQ-In
    DisplayName : File and Printer Sharing (Echo Request - ICMPv4-In)
    Description : Echo Request messages are sent as ping requests to other nodes.
    DisplayGroup : File and Printer Sharing
    Group : @FirewallAPI.dll,-28502
    Enabled : True
    Profile : Any
    Platform : {}
    Direction : Outbound
    Action : Allow
    EdgeTraversalPolicy : Block
    LooseSourceMapping : False
    LocalOnlyMapping : False
    Owner :
    PrimaryStatus : OK
    Status : The rule was parsed successfully from the store. (65536)
    EnforcementStatus : NotApplicable
    PolicyStoreSource : PersistentStore
    PolicyStoreSourceType : Local
    Name : FPS-ICMP4-ERQ-Out
    DisplayName : File and Printer Sharing (Echo Request - ICMPv4-Out)
    Description : Echo Request messages are sent as ping requests to other nodes.
    DisplayGroup : File and Printer Sharing
    Group : @FirewallAPI.dll,-28502
    Enabled : True
    Profile : Any
    Platform : {}
    Direction : Outbound
    Action : Allow
    EdgeTraversalPolicy : Block
    LooseSourceMapping : False
    LocalOnlyMapping : False
    Owner :
    PrimaryStatus : OK
    Status : The rule was parsed successfully from the store. (65536)
    EnforcementStatus : NotApplicable
    PolicyStoreSource : PersistentStore
    PolicyStoreSourceType : Local
    Name : FPS-ICMP6-ERQ-In
    DisplayName : File and Printer Sharing (Echo Request - ICMPv6-In)
    Description : Echo Request messages are sent as ping requests to other nodes.
    DisplayGroup : File and Printer Sharing
    Group : @FirewallAPI.dll,-28502
    Enabled : True
    Profile : Any
    Platform : {}
    Direction : Outbound
    Action : Allow
    EdgeTraversalPolicy : Block
    LooseSourceMapping : False
    LocalOnlyMapping : False
    Owner :
    PrimaryStatus : OK
    Status : The rule was parsed successfully from the store. (65536)
    EnforcementStatus : NotApplicable
    PolicyStoreSource : PersistentStore
    PolicyStoreSourceType : Local
    Name : FPS-ICMP6-ERQ-Out
    DisplayName : File and Printer Sharing (Echo Request - ICMPv6-Out)
    Description : Echo Request messages are sent as ping requests to other nodes.
    DisplayGroup : File and Printer Sharing
    Group : @FirewallAPI.dll,-28502
    Enabled : True
    Profile : Any
    Platform : {}
    Direction : Outbound
    Action : Allow
    EdgeTraversalPolicy : Block
    LooseSourceMapping : False
    LocalOnlyMapping : False
    Owner :
    PrimaryStatus : OK
    Status : The rule was parsed successfully from the store. (65536)
    EnforcementStatus : NotApplicable
    PolicyStoreSource : PersistentStore
    PolicyStoreSourceType : Local
    Name : FPS-LLMNR-In-UDP
    DisplayName : File and Printer Sharing (LLMNR-UDP-In)
    Description : Inbound rule for File and Printer Sharing to allow Link Local Multicast Name Resolution. [UDP 5355]
    DisplayGroup : File and Printer Sharing
    Group : @FirewallAPI.dll,-28502
    Enabled : True
    Profile : Any
    Platform : {}
    Direction : Outbound
    Action : Allow
    EdgeTraversalPolicy : Block
    LooseSourceMapping : False
    LocalOnlyMapping : False
    Owner :
    PrimaryStatus : OK
    Status : The rule was parsed successfully from the store. (65536)
    EnforcementStatus : NotApplicable
    PolicyStoreSource : PersistentStore
    PolicyStoreSourceType : Local
    Name : FPS-LLMNR-Out-UDP
    DisplayName : File and Printer Sharing (LLMNR-UDP-Out)
    Description : Outbound rule for File and Printer Sharing to allow Link Local Multicast Name Resolution. [UDP 5355]
    DisplayGroup : File and Printer Sharing
    Group : @FirewallAPI.dll,-28502
    Enabled : True
    Profile : Any
    Platform : {}
    Direction : Outbound
    Action : Allow
    EdgeTraversalPolicy : Block
    LooseSourceMapping : False
    LocalOnlyMapping : False
    Owner :
    PrimaryStatus : OK
    Status : The rule was parsed successfully from the store. (65536)
    EnforcementStatus : NotApplicable
    PolicyStoreSource : PersistentStore
    PolicyStoreSourceType : Local
    The command:
    (Get-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Direction Outbound).DisplayName
    shows the display names of the 14 outbound rules in the FPS group:
    File and Printer Sharing (NB-Session-In)
    File and Printer Sharing (NB-Session-Out)
    File and Printer Sharing (SMB-In)
    File and Printer Sharing (SMB-Out)
    File and Printer Sharing (NB-Name-In)
    File and Printer Sharing (NB-Name-Out)
    File and Printer Sharing (NB-Datagram-In)
    File and Printer Sharing (NB-Datagram-Out)
    File and Printer Sharing (Echo Request - ICMPv4-In)
    File and Printer Sharing (Echo Request - ICMPv4-Out)
    File and Printer Sharing (Echo Request - ICMPv6-In)
    File and Printer Sharing (Echo Request - ICMPv6-Out)
    File and Printer Sharing (LLMNR-UDP-In)
    File and Printer Sharing (LLMNR-UDP-Out)
    If your output is different than this, it means rules have been removed (or added) to the File and Print Sharing group.
    For example, if you run the command:
    New-NetFirewallRule -DisplayName "My test rule 2" -group "File and Printer Sharing" -Enabled True -Protocol tcp -LocalPort 12346 -Direction Inbound
    This adds a new inbound firewall rule to the FPS group. Output looks like:
    Name : {06449724-944b-4048-834f-8870b9dce4f6}
    DisplayName : My test rule 2
    Description :
    DisplayGroup : File and Printer Sharing
    Group : File and Printer Sharing
    Enabled : True
    Profile : Any
    Platform : {}
    Direction : Inbound
    Action : Allow
    EdgeTraversalPolicy : Block
    LooseSourceMapping : False
    LocalOnlyMapping : False
    Owner :
    PrimaryStatus : OK
    Status : The rule was parsed successfully from the store. (65536)
    EnforcementStatus : NotApplicable
    PolicyStoreSource : PersistentStore
    PolicyStoreSourceType : Local
    This test rule is of course useless because there's no listener on TCP port 12346 on this particular machine..
    The new rule can also be viewed in Windows Firewall with Advanced Security:
    Now if you run the command:
    (Get-NetFirewallRule -DisplayGroup "File and Printer Sharing" -Direction Inbound).DisplayName
    the output will look like:
    File and Printer Sharing (Spooler Service - RPC)
    File and Printer Sharing (Spooler Service - RPC-EPMAP)
    My test rule 2
    Sam Boutros, Senior Consultant, Software Logic, KOP, PA http://superwidgets.wordpress.com (Please take a moment to Vote as Helpful and/or Mark as Answer, where applicable)

  • How can I implement two TCP/IP servers (on two separate machines) and one TCP/IP client (on third machine)

    I have an application where I need to send data via TCP/IP from two separate machines to a third machine. The machines are on a local area network connected through a network switch. The data are generated independently through data acquisition by the two independent machines before are sent to the client on third machine. Each machine has one network card. Thanks.
    Solved!
    Go to Solution.

    If you have three separate machines, you don't need to use separate ports.  They will have three IP addresses.
    Remember this rule: TCP connections are EXACTLY like telephone connections.
    Have your client open two connections: same port on two different IP addresses.
    Each client listens for connections.
    After connections are established, you get to decide the protocol:  maybe the client should explicitly ask for data, maybe the servers just dump it without being asked. It's up to you.
    Read this:
    TCP tips and tricks
    Steve Bird
    Culverson Software - Elegant software that is a pleasure to use.
    Culverson.com
    Blog for (mostly LabVIEW) programmers: Tips And Tricks

  • Wsus Sync Failed. WebException: The underlying connection was closed: An unexpected error occurred on a send. --- System.IO.IOException: Received an unexpected EOF or 0 bytes from the transport stream.

    Hi I have installed wsus 3 sp2 on a win 2008 R2 Sp1
    before the installation , I have updated the windows
    I can open easily browse internet , but when I try to configure synchronization .but it fails.
    No firewall , no proxy ............. I am behind a nat.
    Wsus version is 3.2.7600.256.
    I have searched and searched .....
    Can any body help me
    WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Received an unexpected EOF or 0 bytes from the transport stream.
    at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
       at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
       at Microsoft.UpdateServices.ServerSync.ServerSyncCompressionProxy.GetWebResponse(WebRequest webRequest)
       at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
       at Microsoft.UpdateServices.ServerSyncWebServices.ServerSync.ServerSyncProxy.GetAuthConfig()
       at Microsoft.UpdateServices.ServerSync.ServerSyncLib.InternetGetServerAuthConfig(ServerSyncProxy proxy, WebServiceCommunicationHelper webServiceHelper)
       at Microsoft.UpdateServices.ServerSync.ServerSyncLib.Authenticate(AuthorizationManager authorizationManager, Boolean checkExpiration, ServerSyncProxy proxy, Cookie cookie, WebServiceCommunicationHelper webServiceHelper)
       at Microsoft.UpdateServices.ServerSync.CatalogSyncAgentCore.SyncConfigUpdatesFromUSS()
       at Microsoft.UpdateServices.Serve

    Hi
    yes . it is alloweded.
    Nat rule permits any ip traffic . No problem with https...
    also my windows is fully updated.
    here is my netstat -an , maybe usefull.
     TCP    0.0.0.0:135            0.0.0.0:0              LISTENING
     TCP    0.0.0.0:445            0.0.0.0:0              LISTENING
     TCP    0.0.0.0:8530           0.0.0.0:0              LISTENING
     TCP    0.0.0.0:8531           0.0.0.0:0              LISTENING
     TCP    0.0.0.0:47001          0.0.0.0:0              LISTENING
     TCP    0.0.0.0:49152          0.0.0.0:0              LISTENING
     TCP    0.0.0.0:49153          0.0.0.0:0              LISTENING
     TCP    0.0.0.0:49154          0.0.0.0:0              LISTENING
     TCP    0.0.0.0:49155          0.0.0.0:0              LISTENING
     TCP    0.0.0.0:49156          0.0.0.0:0              LISTENING
     TCP    --------------------:139       0.0.0.0:0              LISTENING
     TCP    --------------------:8530      172.16.2.201:53317     ESTABLISHED
     TCP    --------------------:49362     23.65.244.185:443      ESTABLISHED
     TCP    --------------------:49363     23.65.244.185:443      ESTABLISHED
     TCP    --------------------:49367     23.65.244.185:443      ESTABLISHED
     TCP    --------------------:49377     23.65.244.185:443      ESTABLISHED
     TCP    --------------------:49414     131.253.34.141:443     ESTABLISHED
     TCP    --------------------:49416     216.239.32.20:80       ESTABLISHED
     TCP    --------------------:49417     216.239.32.20:80       ESTABLISHED
     TCP    --------------------:49418     173.194.70.113:80      ESTABLISHED
     TCP    --------------------:49419     173.194.70.113:80      ESTABLISHED
     TCP    --------------------:49420     65.52.103.78:80        ESTABLISHED
     TCP    --------------------:49421     65.52.103.78:80        ESTABLISHED
     TCP    --------------------:49424     88.221.93.31:80        ESTABLISHED
     TCP    --------------------:49425     88.221.93.30:80        ESTABLISHED
     TCP    --------------------:49426     88.221.93.30:80        ESTABLISHED
     TCP    --------------------:49427     88.221.93.31:80        ESTABLISHED
     TCP    --------------------:49428     88.221.93.31:80        ESTABLISHED
     TCP    --------------------:49429     88.221.93.31:80        ESTABLISHED
     TCP    --------------------:49430     88.221.93.30:80        ESTABLISHED
     TCP    --------------------:49431     88.221.93.30:80        ESTABLISHED
     TCP    --------------------:49432     88.221.93.31:80        ESTABLISHED
     TCP    --------------------:49433     88.221.93.31:80        ESTABLISHED
     TCP    --------------------:49434     88.221.93.30:80        ESTABLISHED
     TCP    --------------------:49435     88.221.93.31:80        ESTABLISHED
     TCP    --------------------:49436     88.221.93.30:80        ESTABLISHED
     TCP    --------------------:49437     88.221.93.30:80        ESTABLISHED
     TCP    --------------------:49438     88.221.93.30:80        ESTABLISHED
     TCP    --------------------:49439     88.221.93.30:80        ESTABLISHED
     TCP    --------------------:49440     88.221.93.31:80        ESTABLISHED
     TCP    --------------------:49441     88.221.93.30:80        ESTABLISHED
     TCP    --------------------:49442     88.221.93.30:80        ESTABLISHED
     TCP    --------------------:49443     88.221.93.54:80        ESTABLISHED
     TCP    --------------------:49444     88.221.93.54:80        ESTABLISHED
     TCP    --------------------:49445     88.221.93.63:80        ESTABLISHED
     TCP    --------------------:49446     88.221.93.63:80        ESTABLISHED
     TCP    --------------------:49447     88.221.93.63:80        ESTABLISHED
     TCP    --------------------:49448     88.221.93.63:80        ESTABLISHED
     TCP    --------------------:49449     88.221.93.63:80        ESTABLISHED
     TCP    --------------------:49450     88.221.93.31:80        ESTABLISHED
     TCP    --------------------:49451     88.221.93.31:80        ESTABLISHED
     TCP    --------------------:49453     88.221.93.30:80        ESTABLISHED
     TCP    --------------------:49456     65.55.58.184:80        ESTABLISHED
     TCP    --------------------:49457     65.55.58.184:80        ESTABLISHED
     TCP    --------------------:49460     131.253.34.142:80      ESTABLISHED
     TCP    --------------------:49461     131.253.34.142:80      ESTABLISHED
     TCP    --------------------:49462     65.52.103.78:80        ESTABLISHED
     TCP    --------------------:49463     65.52.103.78:80        ESTABLISHED
     TCP    --------------------:49464     63.251.85.33:80        ESTABLISHED
     TCP    --------------------:49466     131.253.40.50:80       ESTABLISHED
     TCP    --------------------:49467     131.253.40.50:80       ESTABLISHED

  • Remote Access Disk Management

    I am wanting to be able to manage the new installation of windows 2012r2 core, which is a workgroup.
    I can see the event logs etc, but when I try device manager or disk manager I receive rpc error.
    What do I need to configure?

    I've posted this to a number of forums.  It has allowed me to manage almost everything remotely.  There are still some things with disk manager that don't work quite right, but they can be handled correctly from Server Manager instead of disk manager. 
    I run this on every server I build and I try to do almost all my management remotely.  Some things do require command line.  Microsoft has gotten a lot better over the years on the MMCs handling things remotely, but they are not 100% there.
    Oops, as I clicked submit, I saw the fact that your server is in a workgroup.  My script assumes domain.  But,
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/fe80f0aa-0697-4657-a1da-19d36b036698/guide-to-remote-manage-hyperv-servers-and-vms-in-workgroups-or-standalone?forum=winserverhyperv is another post talking about how another person accomplished
    in a workgroup.
    # Set-UcsHyperVRemoteMgmt.ps1
    # C A U T I O N: Ensure these settings conform to company security policy
    # This script works on a variety of settings that are easiest done from the
    # local machine to make it remotely manageable by a management workstation.
    # To find rule names
    # Get a list of possible groups
    # Get-NetFirewallRule | Select DisplayGroup -Unique | Sort DisplayGroup
    # To list the applicable rules that may be set.
    # Get-NetFirewallRule | Where { $_.DisplayGroup –Eq “Remote Volume Management”} | Format-Table Name
    # Ensure Server Manager remoting is enabled
    Configure-SMRemoting.exe -Enable
    # Set some firewall rules
    # Enable ping requests in and out
    Set-NetFirewallRule –Name “FPS-ICMP4-ERQ-In” –Enabled True -Profile Any
    Set-NetFirewallRule –Name “FPS-ICMP6-ERQ-In” –Enabled True -Profile Any
    Set-NetFirewallRule –Name “FPS-ICMP4-ERQ-Out” –Enabled True -Profile Any
    Set-NetFirewallRule –Name “FPS-ICMP6-ERQ-Out” –Enabled True -Profile Any
    # Enable remote volume management - firewall rules need to be set on both
    # source and destination computers
    # ***NOTE*** Policy must also be set on system to "Allow remote access
    # to the Plug and Play interface"
    # This is done with gpedit.msc locally or gpedit for domain policy
    Set-NetFirewallRule –Name “RVM-VDS-In-TCP” –Enabled True -Profile Any
    Set-NetFirewallRule –Name “RVM-VDSLDR-In-TCP” –Enabled True -Profile Any
    Set-NetFirewallRule –Name “RVM-RPCSS-In-TCP” –Enabled True -Profile Any
    # Enable DCOM management requests in
    Try
    Set-NetFirewallRule –Name “ComPlusNetworkAccess-DCOM-In” –Enabled True -Profile Any
    Catch
    Write-Host "ComPlusNetworkAccess-DCOM-In not set; assuming core installation"
    # Enable remote service management
    Set-NetFirewallRule –Name “RemoteSvcAdmin-In-TCP” –Enabled True -Profile Any
    Set-NetFirewallRule –Name "RemoteSvcAdmin-NP-In-TCP” –Enabled True -Profile Any
    Set-NetFirewallRule –Name “RemoteSvcAdmin-RPCSS-In-TCP” –Enabled True -Profile Any
    # Enable Remote Event Log Management
    Set-NetFirewallRule –Name "RemoteEventLogSvc-In-TCP” –Enabled True -Profile Any
    Set-NetFirewallRule –Name “RemoteEventLogSvc-NP-In-TCP” –Enabled True -Profile Any
    Set-NetFirewallRule –Name “RemoteEventLogSvc-RPCSS-In-TCP” –Enabled True -Profile Any
    # Enable Remote Scheduled Tasks Management
    Set-NetFirewallRule –Name “RemoteTask-In-TCP” –Enabled True -Profile Any
    Set-NetFirewallRule –Name “RemoteTask-RPCSS-In-TCP” –Enabled True -Profile Any
    # Enable Windows Firewall Remote Management
    Set-NetFirewallRule –Name “RemoteFwAdmin-In-TCP” –Enabled True -Profile Any
    Set-NetFirewallRule –Name “RemoteFwAdmin-RPCSS-In-TCP” –Enabled True -Profile Any
    # Enable WMI management requests in
    Set-NetFirewallRule –Name “WMI-WINMGMT-In-TCP” –Enabled True -Profile Any
    # Enable Remote Shutdown
    Set-NetFirewallRule –Name “Wininit-Shutdown-In-Rule-TCP-RPC” –Enabled True -Profile Any
    # Enable Network Discovery on the Domain Network
    Set-NetFirewallRule –Name “NETDIS-FDPHOST-In-UDP” –Enabled True -Profile Domain
    Set-NetFirewallRule –Name “NETDIS-FDPHOST-Out-UDP” –Enabled True -Profile Domain
    # Set some services to automatically start and start them.
    Set-Service -Name PlugPlay -StartupType Automatic
    Start-Service PlugPlay
    Set-Service -Name RemoteRegistry -StartupType Automatic
    Start-Service RemoteRegistry
    Set-Service -Name vds -StartupType Automatic
    Start-Service vds
    # Enable Remote Desktop
    (Get-WmiObject Win32_TerminalServiceSetting -Namespace root\cimv2\TerminalServices).SetAllowTsConnections(1,1) | Out-Null
    (Get-WmiObject -Class "Win32_TSGeneralSetting" -Namespace root\cimv2\TerminalServices -Filter "TerminalName='RDP-tcp'").SetUserAuthenticationRequired(0) | Out-Null
    # Enable Remote Desktop rules for all profiles
    Set-NetfirewallRule -Name "RemoteDesktop-UserMode-In-TCP" -Enabled True -Profile Any
    Set-NetfirewallRule -Name "RemoteDesktop-UserMode-In-UDP" -Enabled True -Profile Any
    .:|:.:|:. tim

  • Failed to install CM Client on computers located in untrusted site

    Hello,
    I deploy System Center 2012 SP1 Configuration Manager and successfully push client to Desktops/Servers, I read in TechNet that this scenario is supported:
    "The client is on a domain computer that does not have a two-way forest trust with the site server and site system roles are not installed in the client's
    forest"
    In my case, I have servers in DMZ and those servers are member of domain created in DMZ, for security reason we can's create two-way trust with AD in the main site.
    I found the following guides from blog.technet.com:
    Cross Forest Support in ConfigMgr 2012 Part 2: Forest Discovery, Publishing, and Client
    Push Installation. 
    Unfortunately I didn't found in TechNet what required ports to open between site system and DMZ to manage client in un-trusted forest and receive the following error what I add DMZ forest:
    I open the following ports CM and AD in DMZ:
    Outbound and inbound: TCP/UDP port 389
    Outbound and inbound: TCP port 636
    Outbound and inbound: TCP port 3268
    Outbound and inbound: TCP port 3269
    Outbound and inbound: TCP/UDP port 88 “User and Computer Authentication, Forest Level Trusts”.
    Outbound and inbound: TCP and UDP 53 “User and Computer Authentication, Name Resolution”
    Outbound and inbound: TCP and UDP 445 “User and Computer Authentication”
    Outbound and inbound: TCP Dynamic “User and Computer Authentication”
    Outbound and inbound: TCP and UDP 464 “User and Computer Authentication”
    Outbound and inbound: UDP 137 “User and Computer Authentication”
    Outbound and inbound: TCP 139 “User and Computer Authentication”
     I Open the following ports between DMZ servers and CM
    Outbound and inbound: File and Printer Sharing
    Inbound: Windows Management Instrumentation (WMI)
    Outbound: TCP Port 80 (for HTTP communication)
    Outbound: TCP Port 443 (for HTTPS communication)
    Outbound: TCP Port 10123
    (for Client notification)
    Inbound: TCP port 2701 (for Remote control)
    Allow ICMP traffic (for client push installation to succeed)
    Outbound and inbound: TCP port 445
    (for Server Message Block (SMB) between the site server and client computer)
    Outbound and inbound: TCP/UDP port 135
    (for RPC endpoint mapper between the site server and the client computer)
    Outbound and inbound: Dynamic ports  RPC “49152 – 65535” (Dynamic ports for Windows 7, Windows 2008)
    Outbound and inbound: Dynamic ports  RPC “1025 – 5000” (Dynamic ports for Windows XP, Windows 2003)
    Inbound: TCP port 1027
    Outbound and inbound: TCP port 8530 and 8531
    (for Software Update Point)
    Abduljalil Abolzahab

    Name resolution ok? Are you able to resolve the target domain from the computer where you're running the discovery? More details in Kent's post
    http://blog.coretech.dk/kea/multi-forest-support-in-configmgr-2012-part-i-managing-clients-in-an-untrusted-forest/
    Anoop C Nair -
    @anoopmannur :: MY Site:
     www.AnoopCNair.com ::
    FaceBook:
     ConfigMgr(SCCM) Page ::
    Linkedin:
     Linkedin<

  • Powerbook will not network with PC

    I have spent the last 4 hours in the Apple Discussions forums trying to find a solution to my problem with no avail. Please forgive me if I have alot of links to explain my issue, I'm just too exhausted to re-iterate. So here's the jist...
    I wanted to network my Powerbook G4 (10.4.6) to my PC (Windows XP) to share common files like pictures and music. Seems simple enough.
    Searched around here for a 'how-to" and found this nifty guide that was linked in tons of other posts. I followed it to the tee. End result: PC reading MAC works like a dream. But like so many other people, MAC just would not read PC.
    Looked for similar problems posts, followed all the same solutions listed everywhere I could find them. And still nothing.
    Finally, I found this thread. My details sounded pretty much identical, kept reading to the end where the user had the following conclusion:
    "To resolve this problem: on the remote (PC) computer, select Administrative Tools>Local Security Settings>Local Policies>User Rights Assignment, right-click on Access this computer from the network>Properties>Add Users or Groups, add everyone or any users you want to be able to access the computer from the network."
    Seemed like such a reasonable solution (I had tried everything else). But when I went into my Windows XP, I could not find "Local Security Settings" under Adminstrative Tools. DANGIT!
    After spending another 2 hours googling THIS issue, I pretty much concluded that this function (adjusting network access) can only be performed in Windows XP PROFESSIONAL!!! Unfortunately, I am running Windows XP HOME EDITION.
    Sooo... after all that... my question is this:
    Does anyone here know either --
    a) How to do the above suggestion for Windows XP HOME Edition? or
    b) After following all other suggestions... how the heck can I network my Powerbook G4 and my PC Windows XP HOME machines?!?!?!?!?
    For the love of all that is good and right with the world, someone PLEASE PLEASE PLEASE help me. The AD forums have always been good to me. Don't fail me now, faithful MAC users!
    Thanking you all in advance.
    -wizkid
    PowerBook G4 12" [1GHz PowerPC, 1.25GB DDR SDRAM, 80GB]   Mac OS X (10.4.6)   GeForce FX Go5200 32MB, Matshita DVD-R UJ-816, Maxtor External Hard Drive [250GB, Firewire & USB 2.0

    UPDATE: In the interest of helping all of you to assist me better, I've decided to write a more detailed post listing exactly what I've done so far. I'm hoping someone out here will have a solution for me. So here goes... this will be LONG, so please bear with me.
    To re-cap, I want to network my Powerbook G4 (10.4.6) to my PC (Windows XP HOME EDITION).
    As recommended here in the forums, I followed iFelix's guide to the tee. Below, I have re-iterated the steps that I took:
    Before you begin, ensure both computers have their firewalls turned off, or have the relevant ports opened. These ports are UDP 137 and 138 and TCP 139, 548 and 427.
    On my PC, I went to "Control Panel" >> "Windows Firewall" >> have Firewall on >> but clicked "Exceptions" tab >> under "Programs and Services" ticked off "File and Printer Sharing" >> to double-check ports are open, I highlighted this and hit "Edit" >> ports TCP 139, TCP 445, UDP 137, and UDP 138 are listed. >> I successfully opened the remaining ports TCP 548 and TCP 427 manually by following these instructions.
    On my MAC, I went to "System Preferences" >> "Sharing" >> Under "Services" ticked off "Personal File Sharing" and "Windows Sharing" >> clicked over to "Firewall" tab to double-check ports are open, I highlighted these and hit "Edit" >> under "Personal File Sharing", ports TCP 548 and TCP 427 are listed >> under "Windows Sharing", ports TCP 139, UDP 137, and UDP 138 are listed.
    Ensure that first each of the computers can access your network. Ensure that the IP address of each computer shares the same subnet, i.e. 192.168.0.x
    Both my PC and MAC are under subnet 192.168.1.xxx
    Ensure that the Windows PC has a user account with a username and a password and to know the shortname and password associated with the Mac.
    Windows PC user account is "chelle" WITH password.
    MAC shortname is also "chelle", also with password.
    On MAC
    System Preferences -> Sharing --> Ensure that Personal File Sharing and Windows File Sharing are checked
    As stated above, I already did this when I was ensuring the correct ports were open.
    On PC
    Do not try and share the whole drive only share folders, trying to share a whole drive can result in unexpected errors.
    I only want to share one folder (13GB of common files inside -- mostly photos, mpgs, and mp3s).
    On the relevant folders you want to share, right click and select Sharing and Security...
    You will then bring up a new window, which will be different depending on whether you are using simple file sharing or not.
    Select Share this folder and give the folder a relevant name (it makes sense to avoid spaces and keep it all in lower case.)
    As stated in my reply to rockewan above, I already did this too. The name of my desired shared folder is also called "chelle".
    PC to see MAC
    Start -> My Network Places
    Click Add a network place
    You will then start the Add Network Place Wizard
    Click Next
    Select Choose another network location (you have more than the choice indicated here) and click Next.
    Type in "\\IP Address of Mac\Mac Username" (i.e. "\\192.168.1.xxx\chelle")
    Then click Next.
    You will then be asked to Type a name for this network place:
    In this case the I have used the name of the Mac as the Network Place label.
    Then click Next.
    This will then add a folder to your My Network Places folder.
    And you will be able to access the files in the folder on the Mac from the PC
    Followed all of this and it worked splendidly. Unfortunately, I want the files on my PC to be accessible off of my MAC more than the other way around. Instructions for that below... last step!
    MAC to see PC
    Finder -> Go -> Connect to Server
    You will now see the Connect To Serve window.
    Type in smb://IP Address of PC (i.e. smb://192.168.1.xxx)
    Click the + button for Finder to remember this location.
    Click Connect
    It will then attempt to connect to the PC
    I FOLLOWED ALL OF THIS CORRECTLY... BUT THIS IS WHERE MY PROBLEM OCCURS...
    When my Powerbook attempts to connect to the server, I receive the following prompt: The Finder cannot complete the operation because some data in "smb://192.168.1.xxx" could not be read or written. Error Code -36).
    This is where I began to search the forums, and I tried many different ways to enter (i.e. using cifs://, using servername, etc.) but none of them worked for me.
    I finally found this <a href="http://discussions.apple.com/thread.jspa?messageID=2006084" thread</a> in which the user eventually concluded at the very end that it was a Windows issue and had this solution:
    "To resolve this problem: on the remote (PC) computer, select Administrative Tools>Local Security Settings>Local Policies>User Rights Assignment, right-click on Access this computer from the network>Properties>Add Users or Groups, add everyone or any users you want to be able to access the computer from the network."
    Seemed reasonable enough (after I had tried everything else). But when I went into my Windows XP, I could not find "Local Security Settings" under "Adminstrative Tools".
    So after spending another 2 hours googling THIS new issue, I pretty much concluded that this function (adjusting network access) can only be performed in Windows XP PROFESSIONAL Unfortunately, I am running Windows XP HOME EDITION.
    Sooo... that's where I'm at now. You're all caught up.
    My two huge questions are:
    Does anyone here know either --
    a) How to do the above suggestion for Windows XP HOME Edition? or
    b) After following all other suggestions... how the heck can I network my Powerbook G4 and my PC Windows XP HOME machines?!?!??
    Other users have been successful in networking MAC and WINDOWS XP HOME... so I got to believe there is a solution. If you've made it this far, thank you... now please tell me you have an answer!!
    desperate to share,
    -wizkid
    PowerBook G4 12" [1GHz PowerPC, 1.25GB DDR SDRAM, 80GB] Mac OS X (10.4.6) GeForce FX Go5200 32MB, Matshita DVD-R UJ-816, Maxtor External Hard Drive [250GB, Firewire & USB 2.0

  • Required "/" (root) file system size on UNIX for Solution Manager.

    Hello SAP Gurus,
       I am setting up SAP Solution Manager 3.2 on HP-UX. It is asking me about 350MB free sapce on "/" file system for Central Instance installation and about 120MB free sapce on "/" file system for Database Instance installation.
       I am installaing everything on to shared disk which mounted under /usr/sap. Why it needs free sapce in "/" file system. Is there any workaround to get rid of this requirement, as I have very less free sapce on "/" file system and I don't want to take the risks involved in increasing this size.
       Are there any SAP recommended sizes for "/" file system?
       I stuck in the middle of setting up SAP landscape on HP-UX (11.23). I searched through the Installation documents but I couldn't find any thing helpful in this regard. It is urgent requirement to set up this so please let me know any solution or workaround ASAP.
       Any help is greatly appriciated.
    Thanks in advance.
    Regards,
    cvr/

    Hi Vaibhav.
    Normally "canonical path not available for (folder name)" means:
    1. Wrong username/password. Please double check you credentials.
    2. The resource cannot be linked from the portal server. Please be sure that you can connect to the next ports in windows server from the Unix Server:
    a. NetBIOS Session Service TCP 139 This port is used to connect file shares for example.
    b. TCP 445 The SMB (Server Message Block) protocol is used among other things for file sharing in Windows NT/2000/XP. In windows NT it ran on top of NetBT (NetBIOS over TCP/IP), which used the famous ports 137, 138 (UDP) and 139 (TCP). In Windows 2000/XP/2003, Microsoft added the possibility to run SMB directly over TCP/IP, without the extra layer of NetBT. For this they use TCP port 445.
    I hope these things help somebody.
    Best Regards,
    Jheison A. Urzola H.

  • WRT54G not connecting properly with Netgear switch

    I have a WRT54Gv4 which I've been using as both a WAP and a wired switch. I now have too many wired devices to plug into the built-in switch, so I tried to expand the WRT54G using a Netgear FS108 8-port switch. The WRT54G and the FS108 both work perfectly well when not connected to each other, but all hell breaks loose as soon as I plug them together. If I plug the cable into a regular port on the FS108, then the "network activity" light on the corresponding WRT54G port blinks rapidly and continuously. If I plug the cable into the uplink port on the FS108, then the "network activity" light on the FS108 port blinks rapidly and continuously. I get around 50% packet loss trying to communicate between a computer plugged into the WRT54G and another computer plugged into the FS108. I've already tried 3 different cables between the WRT54G and the FS108, and all have exhibited the same problem. I have also tried all kinds of power cycling of the different devices, and nothing I have done has worked.
    So I have two questions:
    1) Has anyone successfully connected a Netgear FS108 to a WRT54G? If so, how did you do it?
    2) Has anyone successfully used a Linksys SD208 or EZXS88W switch with a WRT54G? I'm going to buy one of these to replace the FS108 if nobody can answer the first question.
    Thanks.
    Message Edited by stharward on 06-09-2008 07:48 AM

    If you have McAfee anti-virus, then I guarantee IT IS a McAfee + Vista issue. In the Firewall settings for Vista, enable Peer-to-Peer and add and enable ports TCP 5357, TCP 5358, UDP 3702, TCP 2869, UDP 1900, UDP 137, UDP 138, TCP 139, TCP 445. THEN, disable Vista Firewall and enable McAfee Firewall. Click on Internet & Network Protection and then Configure. This is where the McAfee Firewall protection is enabled. Click on the Advanced tab. Click on Grant Full Access and apply. Click OK, close out and reboot. Your system will utilize the McAfee Firewall and not the Microsoft one, and as long as you have WAP encryption and a private network, your Linksys router will allow printer and file sharing and be protected.

  • Need to automate the servers to report atleast once in day to WSUS

    Hello All,
    I have an enviroment with different domain and forests.
    My challenge here is whenever i see a server not responded for 30 or more days i need to login manually and fix the issues.
    we are not managing WSUS or servers through GPO for patching, instead we edit the registry to re-direct servers to our WSUS.
    I believe i can use PS tools, but it may not work due to different security polcies set on different servers.
    Any solution would be appreciated to automate the below commands.
    wuauclt /reportnow
    wuauclt /Detectnow
    stop and start windows update services.
    regards,
    ndraj

    One way would be:
    psexec @Server_List_DEV.txt -n 30 wuauclt /detectnow
    psexec @Server_List_DEV.txt -n 30 wuauclt /reportnow
    However, psexec would need
    Admin$ and IPC$ enabled and accessable. Also, TCP 135 (DCOM), TCP 445 (SMB raw) and TCP 139 (SMB over NetBIOS) need to be open on your FW.
    For any remote administration, you will need appropriate access. If these requirements can be met, then I can suggest a PS script that will use psexec to get  the job done. Let us know and good luck.

  • Partner ip not reached, connection refused

    Hello,
    I have the following setup
    Machine1 (host name: show-saprouter) running saprouter.exe. On this machine the windows firewall is completely disabled. Inbound rules TCP and UDP port 3200-3299 are open. Outbound rules TCP and UDP Port 3200-3299 are open too.
    Machine2 (host name: show-S71) with my SAP system.
    My goal is now to connect from my PC using SAPgui to machine1 with the running saprouter. saprouter (saprouttab: P * * *) now should forward me to machine2.
    For SAPgui I have the following settings: IID = 00, SID: S71 (I checked them, they are correct), SAProuter-String: /H/16.58.245.70/H/show-S71/H/
    If I enter the IP of show-S71 then I can connect without problems.
    I also confirmed with ping that
    PC-> machine1
    PC-> machine2
    machine1->machine2
    is working.
    Thanks

    This is really strange. Let me recap:
    If you try to login with IP everything is fine. If you replace the IP by the hostname, the connection won't establish. You are able to ping the following ways:
    PC-> machine1
    PC-> machine2
    machine1->machine2
    machine1 is your saprouter
    machine2 is your SAP system
    What about the firewall of your PC?

  • Is it okay to use different service group numbers?

    A new deployment of vWAAS in a DC connected to a Cat 6509 with existing WCCP redierection from an old WAAS deployment on that switch using service groups 61 and 62. I have researched service group numbers but only find a handful and want to ask the community if there are any issues using service groups 51 and 52, or 71 and 72 for this new deployment.
    Thanks, Karl

    Hi Karl,
    Service groups 61 and 62 are tcp promiscous groups and will redirect all TCP traffic. Also, in case of the wccp web-cache , this is going to redirect all the traffic from TCP port 80 from routers to Cisco Cache/ACNS devices. Other Custom WCCP services c will use custom wccp number (90 - 97) . So if you want to redirect port 8080 you can use custom WCCP service group.
    Some of the well known service groups are listed below and you can use which ever you want according to your requirement.
    Service Name
    Service Number
    Protocol
    Port
    Priority
    web-cache
    0
    tcp
    80
    240
    dns
    53
    udp
    53
    202
    ftp-native
    60
    tcp
    200
    tcp-promiscuous
    61
    tcp
    34
    tcp-promiscuous
    62
    tcp
    34
    https-cache
    70
    tcp
    443
    231
    rtsp
    80
    tcp
    554
    200
    wmt
    81
    tcp
    1755
    201
    mmsu
    82
    udp
    1755
    201
    rtspu
    83
    udp
    5005
    201
    cifs-cache
    89
    tcp
    139, 445
    224
    custom
    90
    220
    custom
    91
    221
    custom
    92
    222
    custom
    93
    223
    custom
    94
    224
    custom
    95
    225
    custom
    96
    226
    custom
    97
    227
    custom-web-cache
    98
    tcp
    80
    230
    reverse-proxy
    99
    tcp
    80
    235
    Regards,
    Kanwal

  • Configuring SunScreen Firewall on Solaris 8

    Hi,
    I'm trying to configure SunScreen Firewall on Solaris 8 and i would like to know what is 'tcp/ip high ports" ? And i have to configure NAT also on the same machine so that few of the machines behind firewall can
    communicate to the Server host infront of firewall. And currently i've the configuration like this.
    -- Firewall is configured with single policy
    --And the Rules are added correctly for NAT.
    And after the policy is verified successfully, the communication is across the Firewall. But after this
    following rules are added to configure tcp/ip high ports.(not sure about the service).
    -- The rules are configured like this.
    edit> add rule common localhost * ALLOW COMMENT "Allow firewall access out"
    edit> add rule tcp-high-ports hme0.net * ALLOW
    edit> add rule udp-high-ports hme0.net * ALLOW
    Now i'm unable to communicate to the server infront of Firewall after policy is activated successfully.
    I would appreciate if someone can help me on this.
    Thanks,
    Mullapudi

    HI,
    i don't know sunscreen, but i can tell you that high-ports are ports above 1023.
    J

Maybe you are looking for

  • Retaining a Value in a variable

    Hi, I have a sender query (query 1)and a receiver query(query2). The sender query has a user entry variable C on an info object A(of length 18). The receiver query has a customer exit variable D  on an info object B(of length 4). The customer exit va

  • Cannot open PDF - "file is damaged and could not be repaired"

    We created a signable, saveable, Reader Extended PDF in Acrobat X 10.1.4, with a Submit button that exports it using the "PDF The complete document" format to a .php page on our website using the url: http://www.todayscihld.us/pdfscript/fdf.php?form_

  • ContactItem.StoreEntryId supported in Office 365?

    I use Exchange Webservices Managed API to connect with Office365. Per Contact I retrieve the contact.ItemId.UniqueId and contact.StoreEntryId. However contact.StoreEntryId = null? Is this supported in Office365? My goal is to pop-up/display the conta

  • RDBMS Synchronization with a .CSV file

    Good morning. I am trying to create a testable .csv file that I can import into our ACS on a prescheduled basis. Here are my questions about this process: 1. Do I need to use the PASS_Expire action or is there a STOP_DATE? I have looked at the codes

  • How do I fix Adobe Reader installation freezing up?

    How do I fix Adobe Reader installation freezing up?