The following document identifies the list of protocols and ports that are used when scanning a target device. The network requirements for the appliance to communicate/scan the Target computer are as follows:
Target Computer Port Configuration (for Scanning this target) |
|||||
Port |
Protocol |
Service/ |
Traffic Direction |
Description |
OS |
N/A |
ICMP |
|
Inbound to this device |
Optional: |
Linux/Unix |
22 |
TCP |
sshd
|
Inbound to this device |
Used to execute remote commands through SSH ( SCP ). |
Linux/Unix |
135 |
TCP |
|
Inbound to this device |
TCP port 135 is the Remote Procedure Call (RPC) Endpoint Mapper service. It enables the identification of services available on a machine and on which port they can be found. Responses to these requests are returned on Windows Dynamic Ports (see later in this list) |
Windows |
137 |
TCP/UDP |
|
Inbound to this device |
Optional: |
Windows |
138 |
TCP/UDP |
|
Inbound to this device |
Optional: |
Windows |
139 |
TCP/UDP |
|
Inbound to this device |
NETBIOS Session Service. SMB originally ran on top of NetBIOS using port 139.
This port must be open on the target computer (inbound) for access to C$ shared drive |
Windows |
443 |
TCP |
HTTPS |
Inbound to this device |
HTTP Secure Web traffic. This port is only used when the vCenter agent is listening on this port. The alternative port for this usage is port 9443. |
Windows |
445 |
TCP |
|
Inbound to this device |
Microsoft-DS SMB file sharing. This port must be open on the target computer (inbound) for access to C$ shared drive |
Windows |
8080 |
TCP |
HTTP |
Outbound from this device |
Metrics Traffics. Collected device metrics traffic is returned to the CloudSphere appliance over this port. |
Linux/Unix |
9443 |
TCP |
HTTPS |
Inbound to this device |
HTTP Secure Web traffic. This port is only used when the vCenter agent is listening on this port. The alternative port for this usage is port 443. |
Windows |
1025-5000 |
TCP |
Windows Dynamic Ports |
Outbound from this device |
Conditional: WMI response ports are generated dynamically as the means to create response communications. |
Used by Windows 2000, Windows XP, and Windows Server 2003 |
49152-65535 |
TCP |
Windows Dynamic Ports |
Outbound from this device |
WMI response ports are generated dynamically as the means to create response communications. |
Used by Windows Server 2012 or later versions of Windows |
Target Computer Port Configuration (for Scanning Applications on this target) |
|||||
Port |
Protocol |
Service/ |
Direction |
Description |
OS |
1433 |
TCP |
SQL Server DB |
Inbound |
This port is required for scanning SQL Server endpoints. |
Windows/Unix |
1521 |
TCP |
Oracle |
Inbound |
This port is required for scanning Oracle DB endpoints. |
Windows/Unix |
Other application-specific ports may also need to open to allow application-specific scanning to be achieved. |
Conclusion
The table should be used to configure any intervening firewalls to allow the appropriate level of access. Network-based firewalls or Intrusion Prevention systems must allow communication from the CloudSphere Appliance inbound to the target server(s) (on the ports specified above) and allow communication over ports/protocols outbound from the target server (on the ports specified above) to the Appliance.