Problem solve Get help with specific problems with your technologies, process and projects.

Determining which TCP/IP services are needed

I've always been told to only start the TCP/IP servers I need. My question is which servers do what, so I know...

which ones to start or not start?

Actually, you've been told to start only the TCP/IP "services" that you need, not servers. Virtually every application that requires communication over a network can be made to use TCP/IP as the transport protocols for that application. There are literally thousands of services defined for various port numbers for TCP.

The list of what services are usually run on which ports can be found at http://www.iana.org/assignments/port-numbers. Note that the services defined do not need to used the specific ports listed here. They are only the default or typical ports used by those services.

One good way to figure out what you really need (assuming you can get away with this in your organization), is to block everything, and then turn on ports and/or services as users justify their need for them. In many organizations, blocking everything is not practical. In that case, you will need to do some analysis to find out what is turned on in your box and make some decisions as to whether that port should be enabled or not.

For more information on this topic, visit these other SearchSecurity resources:
Ask the Expert: Explanation of ports
Web Security Tip: Vulnerable ports on Windows 2000 Web servers
Ask the Expert: Identifying open ports

This was last published in March 2002

Dig Deeper on Application firewall security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.