Table C-1 Application Protocols
HTTP
|
80/TCP HTTP (HyperText Transfer Protocol—Used for transferring web pages
|
HTTPS
|
443/TCP,UDP HTTPS—HTTP Protocol over TLS/SSL (encrypted transmission)
|
FTP
|
20/TCP,UDP FTP—Data port Official
|
FTP
|
21/TCP,UDP FTP—Control (command) port
|
SSH
|
22/TCP,UDP SSH (Secure Shell) —Used for secure logins, file transfers (SCP, SFTP) and port forwarding
|
Telnet
|
23/TCP,UDP Telnet Protocol—Unencrypted text communications
|
DNS
|
53/TCP,UDP DNS (Domain Name System)
|
CSA-Client
|
For Agents to CSAMC, the following are needed:
5401/TCP
5402/TCP
443/TCP
80/TCP
|
|
|
|
|
CSA-Server
|
5401/UDP for CSAMC to Agents
|
TACACS
|
49/TCP,UDP TACACS Login Host protocol
|
RADIUS
|
1812/UDP radius, RADIUS authentication protocol
|
RADIUS
|
1813/UDP radacct, RADIUS accounting protocol
|
DHCP
|
67/UDP BOOTP (BootStrap Protocol) server; also used by DHCP (Dynamic Host Configuration Protocol) Official
|
DHCP
|
68/UDP BOOTP client; also used by DHCP Official
|
TFTP
|
69/UDP TFTP (Trivial File Transfer Protocol)
|
NTP
|
123/UDP NTP (Network Time Protocol) - used for time synchronization Official
|
NetBIOS
|
137/TCP,UDP NetBIOS NetBIOS Name Service Official
|
NetBIOS
|
138/TCP,UDP NetBIOS NetBIOS Datagram Service Official
|
NetBIOS
|
139/TCP,UDP NetBIOS NetBIOS Session Service
|
RPC
|
135/TCP, Windows RPC
|
MSDS
|
445/TCP Microsoft-DS (Active Directory, Windows shares, Sasser worm, Agobot, Zobotworm)
|
MSDS
|
445/UDP Microsoft-DS SMB file sharing
|
RDP
|
3389/tcp Microsoft Terminal Server (RDP) officially registered as Windows Based Terminal (WBT)
|
SNMP
|
161/TCP,UDP SNMP (Simple Network Management Protocol) Official
|
SNMP
|
162/TCP,UDP SNMPTRAP
|
HSRP
|
1985/UDP Cisco HSRP
|
SQL
|
1433/tcp, udp Microsoft SQL database system Official
|
SQL
|
1434/tcp, udp Microsoft SQL Monitor
|
SYSLOG
|
514/UDP syslog protocol - used for system logging
|
AV
|
82/tcp McAfee Antivirus Update
|
ICMP
|
ALL ICMP
|
NetFlow
|
2055/TCP Cisco NetFlow
|
LDAP
|
636/TCP,UDP LDAP over SSL (encrypted transmission)
|
LDAP
|
389/TCP,UDP LDAP (Lightweight Directory Access Protocol)
|
KERBEROS
|
464/TCP,UDP Kerberos Change/Set password
|
KERBEROS
|
543/TCP klogin, Kerberos login
|
KERBEROS
|
544/TCP kshell, Kerberos Remote shell
|
KERBEROS
|
88/TCP Kerberos—Authenticating agent
|
KERBEROS
|
88/UDP Kerberos—Authenticating agent
|
GC
|
TCP Port 3268—Global Catalog Server Local Security Authority
|
GC
|
TCP Port 3269—Global Catalog Server Local Security Authority
|
ASP
|
TCP Port 42424—ASP.Net Session State ASP.NET State Service
|
LWAPP-S
|
UDP/12223 IS used for controller source UDP port to AP "LWAPP control"
|
LWAPP
|
UDP/12222 used for controller source UDP port to AP "LWAPP data"
|
RSA File Security Manager
|
TCP/19978 and TCP/5766
• Audit Port:
–Default listening port is TCP/19978
–The audit service is listening for requests initiated by the adapter manager (console)
•Configuration Port:
–Default listening port is TCP/5766
–The configuration service is listening for requests from the adapter manager (console)
|
RSA Key Manager
|
443/TCP,UDP HTTPS—HTTP Protocol over TLS/SSL (encrypted transmission)
|
