Chapter 8. Assessing Microsoft Services
This chapter focuses on proprietary Microsoft protocols that support file sharing, printing, email, and other functions within Windows networks. Table 8-1 lists the common static ports used by the protocols. Microsoft RPC services use dynamic high ports, as orchestrated by the RPC locator service. Open protocols used by Windows include DNS, Kerberos, and LDAP, as listed in Table 8-2 and covered in Chapter 7.
| Port | Protocol | Name | Description | |
|---|---|---|---|---|
| TCP | UDP | |||
| 135 |
● |
● |
loc-srv | RPC locator service |
| 137 | – |
● |
netbios-ns | NetBIOS name service |
| 138 | – |
● |
netbios-dgm | NetBIOS datagram service |
| 139 |
● |
– | netbios-ssn | NetBIOS session service |
| 445 |
● |
● |
microsoft-ds | SMB Direct service |
| 3389 |
● |
– | microsoft-rdp | Remote Desktop Protocol |
| Port | Protocol | Name | Description | |
|---|---|---|---|---|
| TCP | UDP | |||
| 53 |
● |
● |
domain | DNS service |
| 88 |
● |
● |
kerberos | Kerberos authentication service |
| 123 | – |
● |
ntp | Network Time Protocol |
| 389 |
● |
● |
ldap | LDAP |
| 464 |
● |
● |
kpasswd | Kerberos password service |
| 636 |
● |
– | ldaps | LDAP (TLS) |
| 3268 |
● |
– | globalcat | Microsoft Global Catalog LDAP |
| 3269 |
● |
– | globalcats | Microsoft Global Catalog LDAP (TLS) |
These protocols support functions including the following:
-
Authentication via Kerberos
-
Directory service through LDAP and Global Catalog
-
Name resolution via DNS (e.g.,
SRVrecords defining service locations) -
Legacy name ...
Get Network Security Assessment, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
