DCOM port requirements for Windows Discovery

Go to solution
Suggy
Giga Sage

‎09-02-2021 02:02 AM

I need more details on DCOM ports opening for Windows Discovery.

Which all ports needs to be opened. How DCOM is related to Windows discovery. What all needs to be done.

Need to share the exact details to my windows team for fulfilling successful discovery of Windows hosts.

I see its a huge list:

The default ranges of DCOM ports are:

  • from 1025   to 5000:   Windows 2000, Windows XP and Windows Server 2003
  • from 49152 to 65535: Windows Server 2008 and later versions, and in Windows Vista and later versions

 

Should I tell my windows team to open all the above ports? Will my windows team be okay to enable so many ports? 

Please share your experience on this topic.

Thanks

0 Helpfuls
  • 4,332 Views
1 ACCEPTED SOLUTION

Go to solution
VivekSattanatha
Mega Sage
Mega Sage
In response to Suggy

‎09-02-2021 05:38 AM

hi Suggy,

 

These are high ports there is no need that we need to open all these 16k+ ports. we need a minimum of at least 300 ports within that range so that wmi can use any of them. You can talk to your windows teams it's not like the windows team has to open these ports one by one, when they create a firewall inbound rule they can specify these ranges which they need. If your company using agentless monitoring solutions like SolarWinds, Icinga, or Nagios they would be having these ports already so it won't be a problem for them.

 

Regards,

Vivek

View solution in original post

0 Helpfuls
8 REPLIES 8

Go to solution
Rahul Priyadars
Giga Sage
Giga Sage
In response to Rahul Priyadars

‎09-02-2021 08:07 AM

@Suggy refer this as per service now.  

 

find_real_file.png

Shazzam probe, port probes, and protocols | ServiceNow Docs

 

I have not seen any Service Now Docs stating 300 High ports for communication after Classification is done on port 135. May be i am missing something.

Regards

RP

 

Preview file
8 KB
0 Helpfuls

Go to solution
VivekSattanatha
Mega Sage
Mega Sage
In response to Suggy

‎09-02-2021 05:38 AM

hi Suggy,

 

These are high ports there is no need that we need to open all these 16k+ ports. we need a minimum of at least 300 ports within that range so that wmi can use any of them. You can talk to your windows teams it's not like the windows team has to open these ports one by one, when they create a firewall inbound rule they can specify these ranges which they need. If your company using agentless monitoring solutions like SolarWinds, Icinga, or Nagios they would be having these ports already so it won't be a problem for them.

 

Regards,

Vivek

0 Helpfuls

Go to solution
Minesh Bandre
Tera Contributor
In response to VivekSattanatha

‎05-26-2022 02:06 AM

Hello Vivek,

 

Does ServiceNow still supports discovery based on DCOM ports in latest(SD) release? Or have they stopped.

 

Thanks in Advance

0 Helpfuls

Go to solution
Suggy
Giga Sage

‎09-02-2021 06:07 AM

Thank you so much @Rahul Priyadarshy @Vivek.Sattanatha  🙂

0 Helpfuls