Identify which ports are being used on target server
briangee
Posts: 6 New member
Hi
I have a query from my firewall team who are asking about one of the monitored servers we've setup.
There is a large amount of traffic on ports APP-TCP/49100-49199
Does SQL Monitor use this range of ports at all? I couldn't find anything in the knowledge articles abut that port range
Thanks
Brian
I have a query from my firewall team who are asking about one of the monitored servers we've setup.
There is a large amount of traffic on ports APP-TCP/49100-49199
Does SQL Monitor use this range of ports at all? I couldn't find anything in the knowledge articles abut that port range
Thanks
Brian
Answers
Hi There,
No by default SQL Monitor does not make use of that port range. The SQL Monitor Base Monitor uses 135 for the RPC and 1433 for connecting to the SQL Server instances when using WMI over DCOM.
If using WMI over WinRM then it will use Either port 5985 (HTTP) or port 5986 (HTTPS) and 1433 for the SQL Server connection.
The port may vary if you've set up a static WMI endpoint.
WMI over DCOM uses port 135 (RPC), but in addition to this, through its use of DCOM which it's built upon, it uses a random port between 1065 and 65535 as well to continue the conversation. This can be restricted to a static port or smaller port range, see https://documentation.red-gate.com/sm/adding-and-managing-monitored-servers/adding-servers-for-monitoring/adding-sql-server/adding-sql-server-on-windows/windows-monitoring-wmi-connections/wmi-over-dcom