Scribd Logo
Upload

Welcome to Scribd!

  • PLC 6

    Uploaded by

    Ted Burgondy
    3 views4 pages
    The document lists various services and the TCP and UDP ports they use for network communication. It provides information on common protocols like FTP (port 21 TCP), SSH (port 22 TCP), HTTP (port 80 TCP/UDP), and services like OPC UA (ports 4840, 4841, 4870, 4843 TCP) and Windows Remote Desktop (port 3389 TCP). Network administrators should be aware of the ports used by critical applications and services to configure routers and firewalls appropriately.

    Original Description:

    Service ports

    Original Title

    plc6

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document lists various services and the TCP and UDP ports they use for network communication. It provides information on common protocols like FTP (port 21 TCP), SSH (port 22 TCP), HTTP (port 80 TCP/UDP), and services like OPC UA (ports 4840, 4841, 4870, 4843 TCP) and Windows Remote Desktop (port 3389 TCP). Network administrators should be aware of the ports used by critical applications and services to configure routers and firewalls appropriately.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    3 views4 pages

    PLC 6

    Uploaded by

    Ted Burgondy
    The document lists various services and the TCP and UDP ports they use for network communication. It provides information on common protocols like FTP (port 21 TCP), SSH (port 22 TCP), HTTP (port 80 TCP/UDP), and services like OPC UA (ports 4840, 4841, 4870, 4843 TCP) and Windows Remote Desktop (port 3389 TCP). Network administrators should be aware of the ports used by critical applications and services to configure routers and firewalls appropriately.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    Which ports are used by the various services for data transfer via TCP and UDP Entry-ID:

    Entry-ID: 8970169
    and what should you watch out for when using routers and firewalls?

    Service Protocol Name Protocol Number Source Port Destination Port Version IP Version ICMP Type ICMP Code Description
    FTP TCP 6 Any 21 1,0 IPv4 File Transfer Protocol (FTP) is used for file management and access to data blocks in the CPU (client
    and server function). FTP uses TCP/IP as the underlying protocol.
    Using FTP you can execute commands for files and directories, e. g.:
    - List or delete files and directories on the remote system
    - Access files in the communication processor (CP). With an FTP client you can download files from
    a PC into the CP, e. g. self-made html pages.
    SSH TCP 6 Any 22 1,0 IPv4 Secure Shell (SSH), also Secure File Transfer Protocol (SFTP)
    secure CLI access ("secure FTP")
    SFTP TCP 6 Any 115 1,0 IPv4 Simple File Transfer Protocol
    FTPS (data) TCP 6 Any 989 1,0 IPv4 FTP over TLS/SSL
    FTPS (control) TCP 6 Any 990 1,0 IPv4
    Telnet TCP 6 Any 23 1,0 IPv4 Telnet helps set up a terminal session on the Telnet server to the Telnet client. This client/server
    protocol is based on TCP and enables remote configuration, for example.
    With SCALANCE products, remote configuration is possible with the CLI (Command Line Interface)
    via Telnet. You enable or disable the Telnet Server service for unencrypted access to the CLI
    (Command Line Interface) of the SCALANCE products.
    SMTP TCP 6 Any 25 1,0 IPv4 Simple Mail Transport Protocol (SMTP) is used on the Internet to transfer e-mails to a mail server
    and to exchange e-mails between two mail servers.
    With SMTP, the e-mail client (SMTP-Client) gains access to a mail server (SMTP server).
    SMTPS TCP 6 Any 465 1,0 IPv4 Simple Mail Transfer Protocol (SMTP) over SSL
    Submission TCP 6 Any 587 1,0 IPv4 Submission Protocol ("secure SMTP")
    HTTP TCP 6 Any 80 1,0 IPv4 Hypertext Transfer Protocol (HTTP)
    HTTP UDP 17 Any 80 1,0 IPv4 Using HTTP you access the webserver of a device, e. g. S7-CPU or CP, to monitor device and
    HTTP alternative TCP 6 Any 8080 1,0 IPv4 process data and to use the web diagnostics functions.
    SIMATIC-S7 TCP 6 Any 102 1,0 IPv4 Transport Service Access Point (ISO-TSAP) used by SIMATIC S7
    HTTPS TCP 6 Any 443 1,0 IPv4 Hyper Text Transfer Protocol Secure (HTTPS) is used for the communication with the webserver of a
    HTTPS UDP 17 Any 443 1,0 IPv4 device, e. g. S7-CPU, CP or CU, via Transport Layer Seurity (TLS).
    HTTP for certificate auto enrollment TCP 6 Any 6220 1,0 Certificate auto enrollment
    HMI Load (HMI Load RT Advanced / Transfer) TCP 6 Any 2308 1,0 IPv4 Transmit images and configuration data to Siemens Panels (RT Advanced).
    HMI Load (HMI Load RT Advanced / Transfer) TCP 6 Any 50523 1,0 IPv4 Transmit images and configuration data to Siemens Panels (RT Advanced).
    This port is used if port 2308 is not available.
    HMI Load (HMI Load RT Basic / Transfer) TCP 6 Any 1033 1,0 IPv4 Transmit images and configuration data to Siemens Basic Panels (RT Basic).
    HMI Load (Device Manager) TCP 6 Any 5001 1,0 IPv4 Transmit images and configuration data to Siemens Comfort Panels.
    HMI Load (System configuration Server) TCP 6 Any 5002 1,0 IPv4 Transmit images and configuration data to Siemens Comfort Panels.
    Remote Desktop TCP 6 Any 3389 1,0 IPv4 Windows Remote Desktop
    ALM TCP 6 Any 4410 1,0 IPv4 Automation License Manager (License service)
    OPC UA TCP 6 Any 4840 1,0 IPv4 OPC UA Protocol
    OPC UA TCP 6 Any 4841 1,0 IPv4 Used by SINEC NMS for OPC UA Protocol
    OPC UA TCP 6 Any 4870 1,0 IPv4 OPC UA Protocol
    OPC UA TCP 6 Any 4843 1,0 IPv4 OPC UA Protocol over TLS/SSL
    OPC UA Discovery TCP 6 Any 52601 1,0 IPv4 This service provides information about the installed OPC server.
    It is installed and configured by the OPC UA server.
    DCOM TCP 6 Any 135 1,0 IPv4 This service is required to initialize OPC (DA) connections. The communication via OPC (DA) is
    based on DCOM and uses unspecified ports assigned by the system. This should be taken into
    consideration when using OPC (DA) and creating rules for the firwall.
    NetBIOS Name Service TCP 6 Any 137 1,0 IPv4 Used by OPC Scout, Panels and WinCC RT Advanced
    NetBIOS Datagram Service TCP 6 Any 138 1,0 IPv4 Used by OPC Scout, Panels and WinCC RT Advanced
    Archiving TCP 6 Any 139 1,0 IPv4 Used by WinCC Flexible RT for archiving on a server
    Archiving UDP 17 Any 137 1,0 IPv4 Used by WinCC Flexible RT for archiving on a server
    Archiving UDP 17 Any 138 1,0 IPv4 Used by WinCC Flexible RT for archiving on a server
    VNC Client TCP 6 Any 5500 1,0 IPv4 Used by Sm@rtServer application (Client)
    VNC Server TCP 6 Any 5900 1,0 IPv4 Used by Sm@rtServer application (Server)
    VNC Server TCP 6 Any 5800 1,0 IPv4 Used by Sm@rtServer application (Server)
    SINEC NMS RabbityMQ TCP 6 Any 5671 1,0 IPv4 Data exchagne SINEC NMS Operation <> Control
    SINEC NMS Operation Webserver TCP 6 Any 8443 1,0 IPv4 SINEC NMS Operation Webserver
    SINEC NMS Heartbeat TCP 6 Any 49113 1,0 IPv4 Heartbeat SINEC NMS Operation <> Control
    SINEC NMS Version check TCP 6 Any 49114 1,0 Ipv4 Version check SINEC NMS Operation <> Control
    SINEC NMS FW-Sync TCP 6 Any 49131 1,0 IPv4 Firmware Sync SINEC NMS Control <> Operation
    SINEC NMS Internal communication TCP 6 Any 4897 1,0 IPv4 Used by SINEC NMS to start the operation

    17.06.2021
    1/4
    Which ports are used by the various services for data transfer via TCP and UDP Entry-ID: 8970169
    and what should you watch out for when using routers and firewalls?

    Service Protocol Name Protocol Number Source Port Destination Port Version IP Version ICMP Type ICMP Code Description
    TCP 6 Any 4998 1,0 IPv4
    TCP 6 Any 4999 1,0 IPv4
    SINEC NMS Communication between Control TCP 6 Any 4369 1,0 IPv4 Used by SINEC NMS to access the Operation from Control
    and Operation TCP 6 Any 5671 1,0 IPv4
    TCP 6 Any 15671 1,0 IPv4
    TCP 6 Any 25672 1,0 IPv4
    SINEC NMS Internal communication TCP 6 Any 49111 - 49116 1,0 IPv4 communication between Control and Operation and between Operation and Operation
    TCP 6 Any 49125 - 49126 1,0 IPv4
    TCP 6 Any 49135 - 49136 1,0 IPv4
    SINEC NMS UMC TCP 6 Any 8444 1,0 IPv4 Used by SINEC NMS for User Management Component (UMC)
    SINEC NMS UMC internal communication TCP 6 Any 49133 1,0 IPv4 Used by SINEC NMS for UMC based authentification
    SINEC NMS PostgreSCL TCP 6 Any 5432 1,0 IPv4 Used by SINEC NMS to save events
    TCP 6 Any 5433 1,0 IPv4
    SINEC NMS Operation Monitor (Server) TCP 6 Any 49101 1,0 IPv4 Used by SINEC NMS for websites and export services in Operation
    TCP 6 Any 49103 1,0 IPv4
    TCP 6 Any 49104 1,0 IPv4
    SIMATIC Logon TCP 6 Any 16389 1,0 IPv4 Logon to remote Server
    POP3 TCP 6 Any 110 1,0 IPv4 Post Office Protocol v3 (POP3)
    IMAP TCP 6 Any 143 1,0 IPv4 Internet Message Access Protocol (IMAP)
    POP3s TCP 6 Any 995 1,0 IPv4 Post Office Protocol v3 over TLS/SSL (POP3S)
    IMAPs TCP 6 Any 993 1,0 IPv4 Internet Message Access Protocol over TLS/SSL (IMAPS)
    Bootstrap Protocol (BOOTP client), UDP 17 Any 67 1,0 IPv4 Bootstrap Protocol (BOOTP)
    also used by DHCP BOOTP dient dazu, einem Gerät in einem TCP/IP-Netzwerk eine IP-Adresse und eine Reihe von
    weiteren Parametern zuzuweisen.
    Dynamic Host Configuration Protocol (DHCP) is an extension of BOOTP.
    DHCP enables the network configuration to be assigned to clients by a server.
    DNS UDP 17 Any 53 1,0 IPv4 Domain Name System (DNS) is responsible for assigning and resolving names in IP-based
    DNS TCP 6 Any 53 1,0 IPv4 networks.
    Bootstrap Protocol (BOOTP server), UDP 17 Any 68 1,0 IPv4 Bootstrap Protocol (BOOTP)
    also used by DHCP BOOTP dient dazu, einem Gerät in einem TCP/IP-Netzwerk eine IP-Adresse und eine Reihe von
    weiteren Parametern zuzuweisen.
    Dynamic Host Configuration Protocol (DHCP) is an extension of BOOTP.
    DHCP enables the network configuration to be assigned to clients by a server.
    TFTP UDP 17 Any 69 1,0 IPv4 Trivial File Transfer Protocol (TFTP) is a simple protocol for file transfer. Each file package is
    acknowledged individually. TFTP is used with SCALANCE products to load firmware or to save and
    load configurations.
    NTP / SNTP TCP 6 Any 123 1,0 IPv4 Network Time Protocol (NTP) is a standard for time synchronization in IP-based networks.
    NTP / SNTP UDP 17 Any 123 1,0 IPV4 Simple Network Time Protocol (SNTP) is a simplified version of the NTP.
    SNMP UDP 17 Any 161 1,0 IPv4 Simple Network Management Protocol (SNMP) is a UDP-based protocol that has been specified
    SNMP-Traps UDP 17 Any 162 1,0 IPv4 specially for the administration of data networks. SNMP is for managing and configuring the different
    network components. In this way routers, switches and other components that are usually widely
    distributed can be managed from a central workstation.
    IKEv1/2 UDP 17 Any 500 1,0 IPv4 Internet Key Exchange IKE, used for IPsec key management
    ISAKMP UDP 17 Any 500 1,0 IPv4 Internet Security Association and Key Management ISAKMP for establishing seurity associations
    (SA) and exchanging cryptic codes in the internet.
    Syslog UDP 17 Any 514 1,0 IPv4 Message logging interface
    Syslog TCP 6 Any 514 1,0 IPv4 The syslog protocol is for transferring syslog messages. Syslog messages contain short text
    messages (less than 1024 bytes) and are transferred unencrypted.
    Printing TCP 6 Any 1032 1,0 IPv4 Used by WinCC RT Advanced for printing on the control panel via Ethernet
    Printing TCP 6 Any 1032 1,0 IPv4 Used by WinCC Flexible RT for printing on Windows CE Panels via Ethernet
    VPN: incomming connections TCP 6 Any 1033 1,0 IPv4 Used for teleservicing
    RADIUS/Authentication UDP 17 Any 1812 1,0 IPv4 Remote Authentication Dial-In User Service (RADIUS)
    PROFINET IO Service TCP 6 Any 84 1,0 IPv4 PROFINET IO Service
    PROFINET IO UDP 17 Any 34964 1,0 IPv4 PROFINET Context Manager (EndPoint Mapper; EPM)
    RADIUS/Accounting UDP 17 Any 1813 1,0 IPv4 Remote Authentication Dial-In User Service (RADIUS)

    17.06.2021
    2/4
    Which ports are used by the various services for data transfer via TCP and UDP Entry-ID: 8970169
    and what should you watch out for when using routers and firewalls?

    Service Protocol Name Protocol Number Source Port Destination Port Version IP Version ICMP Type ICMP Code Description
    IPSec NAT-T UDP 17 Any 4500 1,0 IPv4 IPSec NAT Traversal, used with IPsec when passing NAT routers
    Internet Protocol Security (IPsec) is a security protocol that provides the following protection goals for
    communication via IP networks:
    - Confidentiality
    - Authenticity
    - Integrity
    It is used to build virtual private networks (VPN).
    IPSec NAT-T TCP 6 Any 4500 1,0 IPv4 IPSec NAT Traversal, used with IPsec when passing NAT routers
    ICMP ICMP 1 1,0 IPv4 8(Echo Request) Internet Control Message Protocol
    ICMP is used to exchange information and error messages via the Internet protocol, e. g. ping.
    IGMP IGMP 2 Any 1,0 IPv4 Internet Group Management Protocol (IGMP)
    The network protocol is used to organize multicast groups.
    GRE GRE 47 1,0 IPv4 Generic Routing Encapsulation
    ESP ESP 50 1,0 IPv4 IPSec VPN connection Data Traffic
    VRRP VRRP 112 1,0 IPv4 Virtual Router Redundancy Protocol
    NETCONF over SSH TCP 6 Any 830 1,0 IPv4 NETCONF over SSH
    SINEC NMS Control Webserver TCP 6 Any 443 1,0 IPv4 SINEC NMS Control Webserver
    VNC Server over HTTP TCP 6 Any 5800 1,0 IPv4 Used by Sm@rtServer application (Server)
    RFC 1006 TCP 6 Any 102 1,0 IPv4 RFC 1006 entitled "ISO Transport Service on top of the TCP" (ISO-on-TCP) is a protocol extension
    for the TCP protocol and permits a reliable connection between two systems.
    RFC 1006 is used for standard connections in the SIMATIC environment.
    - STEP 7 remote programming via LAN
    - ISO-on-TCP connections
    - S7 connections via Industrial Ethernet
    Note
    Port 102 is blocked by default in routers and firewalls.
    SINEC NMS PROFINET diagnostics UDP 17 Any 49152 - 65535 1,0 IPv4 PROFINET diagnostics for SINEC NMS Operation
    Firmware update (http) TCP 6 Any 49117 1,0 IPv4 RUGGEDCOM device firmware management
    EtherNet/IP TCP 6 Any 44818 1,0 IPv4 EtherNet/IP is used for connections to Allen Bradley PLCs.
    EtherNet/IP UDP 17 Any 2222 1,0 IPv4 EtherNet/IP is used for connections to Allen Bradley PLCs.
    Mitsubishi MC TCP 6 Any 5002 1,0 IPv4 Mitsubishi protocol is used for connections to Mitsubishi PLCs.
    Mitsubishi MC TCP 6 Any 1025 1,0 IPv4 Mitsubishi protocol is used for connections to Mitsubishi PLCs.
    SINAMICS Implicit messaging UDP 17 Any 2222 1,0 IPv4 Used by SINAMICS for exchanging I/O data.
    This is inactive when delivered. Is activated when selecting EtherNet/IP.
    SINAMICS Explicit messaging TCP 6 Any 44848 1,0 IPv4 Used by SINAMICS for parameter access (writing / reading).
    This is inactive when delivered. Is activated when selecting EtherNet/IP.
    SINAMICS Explicit messaging UDP 17 Any 44848 1,0 IPv4 Used by SINAMICS for parameter access (writing / reading).
    This is inactive when delivered. Is activated when selecting EtherNet/IP.
    SIMOTION Internal Protocol TCP 6 Any 5188 1,0 IPv4 Used by SIMOTION for communiation tools for downloading project data.
    SIMOCODE EtherNet-IP-1 UDP 17 Any 2222 1,0 IPv4 Used by SIMOCODE for EtherNet/IP messaging
    SIMOCODE EtherNet-IP-2 TCP 6 Any 44818 1,0 IPv4 Used by SIMOCODE for EtherNet/IP I/O
    PROFINET RT TCP 6 Any 34962 1,0 IPv4 Used by SIMOCODE for PROFINET RT
    Modbus/TCP TCP 6 Any 502 1,0 IPv4 Modbus/TCP is a standardized connection to the cyclic client-server communication.
    Detailed information about about the Modbus/TCP products you an find under following link:
    https://support.industry.siemens.com/cs/ww/en/view/22660304
    Modbus/TCP Security Protocol TCP 6 Any 802 1,0 IPv4 secure Modbus/TCP Protocol based on Transport Layer Security (TLS)
    WinCC Unified UMC TCP 6 Any 4002 1,0 IPv4 Used by WinCC Unified for User Management Component (UMC)
    Network Discovery UDP 17 Any 137 1,0 IPv4 Used by WinCC Unified for network discovery
    RIP UDP 17 Any 520 1,0 IPv4 Routing Information Protocol (RIP)
    MSDP TCP 6 Any 639 1,0 IPv4 Multicast Source Discovery Protocol (MSDP)
    DCP UDP 17 Any 93 1,0 IPv4 Dynamic Configuration Protocol (DCP)
    Online security diagnostics TCP 6 Any 8448 1,0 IPv4 On avoiding opening port 102 during diagnostics.
    SINEMA RC OpenVPN UDP 17 Any 1194 1,0 IPv4 VPN connection over OpenVPN
    SINEMA RC OpenVPN TCP 6 Any 5443 1,0 IPv4 VPN connection over OpenVPN
    SINEMA RC Web Client TCP 6 Any 443 1,0 IPv4 SINEMA RC Web Client
    SINEMA RC Routing Update UDP 17 Any 5243 1,0 IPv4 SINEMA RC Routing Update
    SINEMA RC Encapsulated UDP 17 Any 500 1,0 IPv4 VPN connection over IPsec
    SINEMA RC Encapsulated NAPT UDP 17 Any 500 1,0 IPv4 VPN connection over IPsec
    SINEMA RC Licensing TCP 6 Any 22350 1,0 IPv4 Licensing

    17.06.2021
    3/4
    Which ports are used by the various services for data transfer via TCP and UDP Entry-ID: 8970169
    and what should you watch out for when using routers and firewalls?

    Service Protocol Name Protocol Number Source Port Destination Port Version IP Version ICMP Type ICMP Code Description
    All All -1 1,0 IPv4 All Services

    17.06.2021
    4/4

    You might also like