Ports needed for discovery

Santiago Ruales · 3 weeks ago

Hi everyone

Please can you tell me the necessary ports that should be considered only for discovery (not for service mapping)?

Thanks

k_lutz · 3 weeks ago

Hello,

Have you looked at this posting?

https://www.servicenow.com/docs/bundle/yokohama-it-operations-management/page/product/discovery/refe...

Take note of the dynamic port ranages mentioned at the end.

Alex Lamykin · 3 weeks ago

Here are ports/protocols used by Shazzam probe performing port scanning:

Shazzam probe, port probes, and protocols

palanikumar · 3 weeks ago

It depends on the devices in your environment. If you are going to discover only Windows and Linux devices then Port 135 (Windows) and 22 (Linux) enough. You need to open more ports based on the devices you are planning to discover.

You can refer the below document to know about the other ports:

https://www.servicenow.com/docs/bundle/washingtondc-it-operations-management/page/product/discovery/...

Thank you,
Palani

doug_schulze · 3 weeks ago

Pretty much all of them 🙂 sure as the links already replied we have particular ports needing to be seen on the port scan, 22, 135, 80/443, ect ect.. But there are also vmware appliance ports and others. One thing thats often overlooked is that the actual Discovery of a device. Linux/Unix will need 22 open, when dealing with Windows sure, we check to see 135 epmap is open but when we go to talk to the device we use random high ports that also need to be open.

https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/service-overview-and-networ...

Now you can use WinRM that keeps it to just two ports or use the agent client collector to better suit local security needs.