TIP: Click on subject to list as thread!

ANSI

echo:	nthelp
to:	Rich
from:	Gregg N
date:	2004-05-28 12:45:44
subject:	Re: Default network ports for Windows XP
From: "Gregg N" This is a multi-part message in MIME format. ------=_NextPart_000_003F_01C444B1.B0FB5CE0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I am not sure if I am running with the best arguments and switches, but = the output of rpcdump and portqry are listed below. It looks like port = 1025 is being used by something called NCACN RPCDUMP -------------------------------------------------------------------------= ------- C:\Program Files\Resource Kit>rpcdump /i /v Querying Endpoint Mapper Database... 9 registered endpoints found. Collecting Data.... This may take a while. 0 10 20 30 40 50 60 70 80 90 100 \|----\|----\|----\|----\|----\|----\|----\|----\|----\|----\| ................................................... ProtSeq:ncacn_ip_tcp Endpoint:1025 NetOpt: Annotation: IsListening:YES StringBinding:ncacn_ip_tcp:192.168.50.99[1025] UUID:0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor 0 ProtSeq:ncacn_ip_tcp Endpoint:1025 NetOpt: Annotation: IsListening:YES StringBinding:ncacn_ip_tcp:192.168.50.99[1025] UUID:378e52b0-c0a9-11cf-822d-00aa0051e40f ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor 0 ProtSeq:ncacn_ip_tcp Endpoint:1025 NetOpt: Annotation: IsListening:YES StringBinding:ncacn_ip_tcp:192.168.50.99[1025] UUID:1ff70682-0a51-30e8-076d-740be8cee98b ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor 0 ProtSeq:ncalrpc Endpoint:OLE3 NetOpt: Annotation: IsListening:YES StringBinding:ncalrpc:[OLE3] UUID:0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor 0 ProtSeq:ncalrpc Endpoint:OLE3 NetOpt: Annotation: IsListening:YES StringBinding:ncalrpc:[OLE3] UUID:378e52b0-c0a9-11cf-822d-00aa0051e40f ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor 0 ProtSeq:ncalrpc Endpoint:OLE3 NetOpt: Annotation: IsListening:YES StringBinding:ncalrpc:[OLE3] UUID:1ff70682-0a51-30e8-076d-740be8cee98b ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor 0 ProtSeq:ncacn_np Endpoint:\PIPE\atsvc NetOpt: Annotation: IsListening:YES StringBinding:ncacn_np:\\\\IONET2A[\\PIPE\\atsvc] UUID:378e52b0-c0a9-11cf-822d-00aa0051e40f ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor 0 ProtSeq:ncacn_np Endpoint:\PIPE\atsvc NetOpt: Annotation: IsListening:YES StringBinding:ncacn_np:\\\\IONET2A[\\PIPE\\atsvc] UUID:1ff70682-0a51-30e8-076d-740be8cee98b ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor 0 ProtSeq:ncacn_np Endpoint:\PIPE\atsvc NetOpt: Annotation: IsListening:YES StringBinding:ncacn_np:\\\\IONET2A[\\PIPE\\atsvc] UUID:0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor 0 rpcdump completed sucessfully after 1 seconds PORTQRY -------------------------------------------------------------------------= ------- C:\PortQryV2>portqry -n 127.0.0.1 -e 135 Querying target system called: 127.0.0.1 Attempting to resolve IP address to a name... IP address resolved to localhost querying... TCP port 135 (epmap service): LISTENING Using ephemeral source port Querying Endpoint Mapper Database... Server's response: UUID: 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53=20 ncacn_np:\\\\IONET2A[\\PIPE\\atsvc] UUID: 1ff70682-0a51-30e8-076d-740be8cee98b=20 ncalrpc:[OLE3] UUID: 1ff70682-0a51-30e8-076d-740be8cee98b=20 ncacn_ip_tcp:127.0.0.1[1025] UUID: 1ff70682-0a51-30e8-076d-740be8cee98b=20 ncacn_np:\\\\IONET2A[\\PIPE\\atsvc] UUID: 378e52b0-c0a9-11cf-822d-00aa0051e40f=20 ncalrpc:[OLE3] UUID: 378e52b0-c0a9-11cf-822d-00aa0051e40f=20 ncacn_ip_tcp:127.0.0.1[1025] UUID: 378e52b0-c0a9-11cf-822d-00aa0051e40f=20 ncacn_np:\\\\IONET2A[\\PIPE\\atsvc] UUID: 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53=20 ncalrpc:[OLE3] UUID: 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53=20 ncacn_ip_tcp:127.0.0.1[1025] Total endpoints found: 9 =3D=3D=3D=3D End of RPC Endpoint Mapper query response =3D=3D=3D=3D -------------------------------------------------------------------------= ------- Gregg "Rich" wrote in message news:40b6cfac$1{at}w3.nls.net... For RPC there is an endpoint mapper is queried to find the endpoints = supported for the service to which you want to connect if that service = is even available. I just noticed another tool called portqry or portqryv2 that will = give you the RPC endpoint info. See = http://support.microsoft.com/default.aspx?scid=3Dkb;en-us;832919. I've = not tried the v2 but the original will give you the RPC info if you = query port 135 which is the end point mapper port. Rich "Gregg" wrote in message = news:Xns94F7B52ADED9gregginvalidinvalid{at}216.144.1.254... "Rich" wrote in news:40b6c1d4{at}w3.nls.net: > You appear to have still not tried the Microsoft tool to which I > referred you.=20 I admit I haven't, probably due to fear of the unfamiliar, but I will = try=20 it tomorrow when I get in. I guess I was not sure what I would be = looking=20 for when using it, and I thought I would first see what I could find = with=20 more familiar tools. > As for being documented, dynamically assigned ports would not be > documented by port number as the allocation is just that, dynamic.=20 > The ranges used, if this is RPC, is well documented.=20 I don't understand the concept of listening on dynamically allocated = ports.=20 How does a potential client know on which port to connect if the port is = not known a priori? Is this information communicated over a separate = well- known port? Thanks, Gregg ------=_NextPart_000_003F_01C444B1.B0FB5CE0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I am not sure if I am running with the best arguments and switches, = but the=20 output of rpcdump and portqry are listed below. It looks like port 1025 = is being=20 used by something called NCACNRPCDUMP C:\Program Files\Resource = Kit>rpcdump /i=20 /vQuerying Endpoint Mapper Database... 9 registered endpoints = found. Collecting=20 Data.... This may take a while. =20 0 10 20 30 = 40 =20 50 60 70 80 90 =20 100 =20 \|----\|----\|----\|----\|----\|----\|----\|----\|----\|----\| = =20 ................................................... ProtSeq:ncacn_ip_tcp Endpoint:1025 NetOpt: Annotation: IsListening:YES StringBinding:ncacn_ip_tcp:192.168.50.99[1025] UUID:0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor = 0 ProtSeq:ncacn_ip_tcp Endpoint:1025 NetOpt: Annotation: IsListening:YES StringBinding:ncacn_ip_tcp:192.168.50.99[1025] UUID:378e52b0-c0a9-11cf-822d-00aa0051e40f ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor = 0 ProtSeq:ncacn_ip_tcp Endpoint:1025 NetOpt: Annotation: IsListening:YES StringBinding:ncacn_ip_tcp:192.168.50.99[1025] UUID:1ff70682-0a51-30e8-076d-740be8cee98b ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor = 0 ProtSeq:ncalrpc Endpoint:OLE3 NetOpt: Annotation: IsListening:YES StringBinding:ncalrpc:[OLE3] UUID:0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor = 0 ProtSeq:ncalrpc Endpoint:OLE3 NetOpt: Annotation: IsListening:YES StringBinding:ncalrpc:[OLE3] UUID:378e52b0-c0a9-11cf-822d-00aa0051e40f ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor = 0 ProtSeq:ncalrpc Endpoint:OLE3 NetOpt: Annotation: IsListening:YES StringBinding:ncalrpc:[OLE3] UUID:1ff70682-0a51-30e8-076d-740be8cee98b ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor = 0 ProtSeq:ncacn_np Endpoint:\PIPE\atsvc NetOpt: Annotation: IsListening:YES StringBinding:ncacn_np:\\\\IONET2A[\\PIPE\\atsvc] UUID:378e52b0-c0a9-11cf-822d-00aa0051e40f ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor = 0 ProtSeq:ncacn_np Endpoint:\PIPE\atsvc NetOpt: Annotation: IsListening:YES StringBinding:ncacn_np:\\\\IONET2A[\\PIPE\\atsvc] UUID:1ff70682-0a51-30e8-076d-740be8cee98b ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor = 0 ProtSeq:ncacn_np Endpoint:\PIPE\atsvc NetOpt: Annotation: IsListening:YES StringBinding:ncacn_np:\\\\IONET2A[\\PIPE\\atsvc] UUID:0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53 ComTimeOutValue:RPC_C_BINDING_DEFAULT_TIMEOUT VersMajor 1 VersMinor = 0 rpcdump completed sucessfully after 1 = seconds PORTQRY C:\PortQryV2>portqry -n 127.0.0.1 -e = 135 Querying target system=20 called: 127.0.0.1 Attempting to resolve IP address to a=20 name... IP address resolved to = localhost querying... TCP port 135 (epmap service): = LISTENING Using ephemeral source portQuerying = Endpoint Mapper=20 Database...Server's response: UUID: 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53=20 ncacn_np:\\\\IONET2A[\\PIPE\\atsvc] UUID: 1ff70682-0a51-30e8-076d-740be8cee98b=20 ncalrpc:[OLE3] UUID: 1ff70682-0a51-30e8-076d-740be8cee98b=20 ncacn_ip_tcp:127.0.0.1[1025] UUID: 1ff70682-0a51-30e8-076d-740be8cee98b=20 ncacn_np:\\\\IONET2A[\\PIPE\\atsvc] UUID: 378e52b0-c0a9-11cf-822d-00aa0051e40f=20 ncalrpc:[OLE3] UUID: 378e52b0-c0a9-11cf-822d-00aa0051e40f=20 ncacn_ip_tcp:127.0.0.1[1025] UUID: 378e52b0-c0a9-11cf-822d-00aa0051e40f=20 ncacn_np:\\\\IONET2A[\\PIPE\\atsvc] UUID: 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53=20 ncalrpc:[OLE3] UUID: 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53=20 ncacn_ip_tcp:127.0.0.1[1025] Total endpoints found: 9 =3D=3D=3D=3D End of RPC Endpoint Mapper query = response=20 =3D=3D=3D=3D Gregg "Rich" <{at}> wrote in = message=20 news:40b6cfac$1{at}w3.nls.net... For RPC there is an = endpoint=20 mapper is queried to find the endpoints supported for the service to = which you=20 want to connect if that service is even available. I = just=20 noticed another tool called portqry or portqryv2 that will give you the = RPC=20 endpoint info. See=20 http://support.microsoft.com/default.aspx?scid=3Dkb;en-us;832919. = I've not=20 tried the v2 but the original will give you the RPC info if you query = port 135=20 which is the end point mapper port.Rich"Gregg"=20 <gregg{at}invalid.invalid> wrote in message=20 news:Xns94F7B52ADED9gregginvalidinvalid{at}216.144.1.254..."Rich" = <{at}>=20 wrote in news:40b6c1d4{at}w3.nls.net:> You = appear to=20 have still not tried the Microsoft tool to which = I> =20 referred you. I admit I haven't, probably due to fear of the = unfamiliar,=20 but I will try it tomorrow when I get in. I guess I was not sure = what I=20 would be looking for when using it, and I thought I would first see = what I=20 could find with more familiar tools.> = As for=20 being documented, dynamically assigned ports would not=20 be> documented by port number as the allocation = is just=20 that, dynamic. > The ranges used, if this is = RPC, is=20 well documented. I don't understand the concept of listening on=20 dynamically allocated ports. How does a potential client know on = which port=20 to connect if the port is not known a priori? Is this information=20 communicated over a separate well-known=20 port?Thanks,Gregg ------=_NextPart_000_003F_01C444B1.B0FB5CE0-- --- BBBS/NT v4.01 Flag-5 * Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45) SEEN-BY: 633/267 270 @PATH: 379/45 1 633/267
SOURCE: echomail via fidonet.ozzmosis.com

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.