Default Ports
System Discovery
| Functionality | Service | Ports | Requirements/Notes |
| User Enumeration | nb-ssn | ms-ds | TCP 139 / 4451 | |
| Hardware Enumeration | nb-ssn | ms-ds | TCP 139 / 4452 | WMI Service running on target |
| Software Enumeration | nb-ssn | ms-ds | TCP 139 / 4453 | Remote Registry service running on target |
| Local Services | ms-ds | TCP 445 |
Desktop Connectivity
| Functionality | Service | Ports |
| User Interface | https | TCP 443 |
| Remote Desktop | rdp | TCP 4489 |
| SSH | ssh | TCP 4422 |
Session Management
| Functionality | Service | Ports |
| Remote Desktop | rdp | TCP 3389 |
| SSH | ssh | TCP 22 |
Network Devices
| Functionality | Service | Ports |
| Checkpoint | ssh | TCP 22 |
| Cisco | ssh | TCP 22 |
| Dell iDRAC | ssh | TCP 22 |
| F5 BIG IP | ssh | TCP 22 |
| HP Comware | ssh | TCP 22 |
| HP iLO | ssh | TCP 22 |
| Juniper | ssh | TCP 22 |
| Palo Alto | ssh | TCP 22 |
| Fortinet | ssh | TCP 22 |
| SonicWall | ssh | TCP 22 |
Operating Systems
| Functionality | Service | Ports | Requirements/Notes |
| AIX | ssh | TCP 22 | |
| HP-UX | ssh | TCP 22 | |
| IBMi (AS400) | telnet | TCP 22 | |
| Linux | ssh | TCP 22 | |
| MAC OSX | ssh | TCP 22 | |
| Solaris | ssh | TCP 22 | |
| Windows Desktop | adsi-ldap adsi-ldaps |
TCP / UDP 389 TCP 636 / UDP 389 |
ms-ds (TCP 445) is used as a fallback |
| Windows Server | adsi-ldap adsi-ldaps |
TCP / UDP 389 TCP 636 / UDP 389 |
ms-ds (TCP 445) is used as a fallback |
| Windows Update/Restart Service | wmi | TCP 135 | WMI Service running on target |
Directories
| Functionality | Service | Ports | Requirements/Notes |
| Active Directory | adsi-ldap adsi-ldaps |
TCP / UDP 389 TCP 636 / UDP 389 |
ms-ds (TCP 445) is used as a fallback |
| RACF | ssh | TCP 22 | |
| LDAP/S | ldap ldaps |
TCP / UDP 389 TCP 636 / UDP 389 TCP 88 (Kerberos) TCP 80 (CRL Validation) TCP 135 (RPC) TCP 389 (LDAP) TCP 445 (CIFS) TCP 464 (Directories) TCP 636 (LDAPS) TCP 3268 (Global Catalog) TCP 3269 (Global Catalog LDAPS) |
Databases
| Functionality | Service | Ports |
| Oracle | oracle-listener | TCP 1521 |
| MS SQL Server | netlib | TCP 1433 |
| Sybase ASE | TCP 5000 | |
| MySQL | TCP 3306 | |
| Teradata | TCP 1025 |
Applications
| Functionality | Ports |
| VMware vSphere API | API |
| VMware vSphere SSH | TCP 22 |
| SAP | API |
U-Series Appliance
| Functionality | Service | Ports |
| Mail Server Integration | smtp | TCP 25 |
| AD Integration | ldap ldaps |
TCP / UDP 389 TCP 636 / UDP 389 |
| Backup | smb | TCP 445 |
| Time Protocol | ntp | UDP 123 |
| HA Replication (pair) | sql-mirroring | https | TCP 5022 / 443 |
