How To Restrict TCP/IP Ports on Windows 2000 and Windows XP

Article translations Article translations
Article ID: 300083 - View products that this article applies to.
This article was previously published under Q300083
Expand all | Collapse all

SUMMARY

Distributed Component Object Model (DCOM) uses Remote Procedure Call (RPC) dynamic port allocation. By default, RPC dynamic port allocation randomly selects port numbers above 1024. You can control which ports RPC dynamically allocates for incoming communication and then configure your firewall to confine incoming external communication to only those ports and port 135 (the RPC Endpoint Mapper port).

MORE INFORMATION

To control RPC dynamic port allocation, follow these steps:
  1. From the Start menu, point to Programs, point to Administrative Tools, and then click Component Services to start Component Services.
  2. Click to expand the Component Services and Computers nodes. Right-click My Computer, and then click Properties.
  3. On the Default Protocols tab, click Connection-oriented TCP/IP in the DCOM Protocols list box, and then click Properties.
  4. In the Properties for COM Internet Services dialog box, click Add.
  5. In the Port range text box, add a port range (for example, type 5000-5020), and then click OK.
  6. Leave the Port range assignment and the Default dynamic port allocation options set to Internet range.
  7. Click OK three times, and then restart your computer.

REFERENCES

For additional information about port range allocation, click the article number below to view the article in the Microsoft Knowledge Base:
217351 PRB: DCOM Port Range Configuration Problems
For additional information about using Microsoft Distributed Transaction Coordinator with firewalls, click the article number below to view the article in the Microsoft Knowledge Base:
250367 INFO: Configuring Microsoft Distributed Transaction Coordinator (DTC) to Work Through a Firewall
For more information about using DCOM with firewalls, see the following Microsoft Web site:
http://msdn.microsoft.com/en-us/library/ms809327.aspx

Properties

Article ID: 300083 - Last Review: July 2, 2004 - Revision: 2.4
APPLIES TO
  • Microsoft COM+ 1.0, when used with:
    • Microsoft Windows 2000 Service Pack 1
    • Microsoft Windows 2000 Service Pack 2
    • the operating system: Microsoft Windows XP
  • Microsoft COM+ 1.5, when used with:
    • Microsoft Windows 2000 Service Pack 1
    • Microsoft Windows 2000 Service Pack 2
    • the operating system: Microsoft Windows XP
Keywords: 
kbhowto kbsysadmin KB300083

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com