| Oracle Agile Engineering Data Management Security Guide Release e6.2.1.0 E69102-01 |
|
 Previous |
 Next |
| Oracle Agile Engineering Data Management Security Guide Release e6.2.1.0 E69102-01 |
|
Previous |
Next |
The Internet Assigned Numbers Authority (IANA) administrates the port numbers in the range of 0 - 65,535.
When it comes to assigning port numbers for services that are not registered, only port numbers of the so-called dynamic (private) range of 49,152 - 65,535 should be assigned in order to meet minimum security requirements. However, conflicts with already installed applications can occur.
But in practice, numbers in the range from 0-1,023 are protected, and numbers from 1,024 onwards can be used. For example, operating systems must only allow processes with appropriate privileges to open the server ports that are within the given range.
Prior to any installation, contact your system administrator to evaluate the ports that are already in use by the system and applications. Conflicts can be avoided by assigning ports that are already used by Agile e6. An existing firewall can also be configured, accordingly.
In case a system administrator is not available, a list of currently used TCP- and UDP -ports can be created with the command netstat -a. The RPC ports that are available through PortMapper can be determined using the command rpcinfo -p.
The port numbers are divided into three ranges:
Well-known ports
The well known ports are those from 0 - 1,023. DCCP well known ports should not be used without IANA registration. The registration procedure is defined in document RFC4340, section 19.9.
Registered ports
The registered ports are those from 1,024 - 49,151. DCCP registered ports should not be used without IANA registration. The registration procedure is defined in document RFC4340, section 19.9.
Dynamic and/or private ports
The dynamic and/or private ports are those from 49,152 - 65,535.
|
Note: Assignment of a port number does not in any way imply an endorsement of an application or product, and the fact that network traffic is flowing to or from a registered port does not mean that it is "good" traffic. Firewall and system administrators should choose how to configure their systems based on their knowledge of the traffic in question, not whether there is a port number registered or not. |
The well known ports are assigned by the IANA and on most systems can only be used by system (or root) processes or by programs executed by privileged users.
Ports are used in the TCP [RFC793] to name the ends of logical connections which carry long term conversations. For the purpose of providing services to unknown callers, a service contact port is defined. This list specifies the port used by the server process as its contact port. The contact port is sometimes called the "well-known port".
To the extent possible, the same port assignments are used with the UDP [RFC768]. The range for assigned ports managed by the IANA is 0-1,023.
The registered ports are listed by the IANA and on most systems can be used by ordinary user processes, or programs executed by ordinary users.
Ports are used in the TCP [RFC793] to name the ends of logical connections which carry long term conversations. For the purpose of providing services to unknown callers, a service contact port is defined. This list specifies the port used by the server process as its contact port.
The IANA registers uses of these ports as a convenience to the community. To the extent possible, these same port assignments are used with the UDP [RFC768]. The Registered Ports are in the range 1,024-49,151.
| Service | Ports (default value) |
|---|---|
| Sun Portmapper (RPC) | 111 |
| Admin Server | HTTP (8080)
Shutdown Port (8005) AJP 1.3 Port (8009) |
| Java Daemon | StandardPort (16087)
AdminPort (16088), only local RegistrationPort (16089), only local One free port from the port range per application server (3000-4000) FMS Java Daemon Standard Port (17087) |
| FMS Java Daemon | Standard Port (17087) |
| FileServer | RPC port (804257548)
One free port per client connection (52517-53517) |
| Web FileService (Tomcat) | HTTP (8088) |
| Web FileService (WebLogic) | HTTP (7013)
HTTP (7104) |
| e6 Server | Per session one port assigned from the daemon.
Concerning security issues and firewall settings the port range (One free port per FMS Client connection (51516-52516) used from the Java daemon to select a server port should be defined between 3000 and 4000. This is the default used during installation and is defined in file jade.ini with parameter named PortRange. |
| Web Presentation Service (Tomcat) | Ajp 1.3 Port (8009)
Shutdown Port (8005) Web Client / Web Report Service (8088) |
| Web Presentation Service (WebLogic) | Web Client / Web Report Service
HTTP (7103) HTTPS (7104) |
| Business Service | ECI Port (19997)
One free port per connection to the EDM Server |
| Java Client | ECI Topic (4444)
Needs to be distinct for each client call and can be set with the start. |
| Core Web Services | Web Service ECI Port (19998)
One free port per connection to the EDM Server |
| Workflow Editor | Business Service (ECI Port) |
| Office Suite | OLE/COM |
| EIP | Admin Port (9876)
Log Port (4445) Web Server (8080) synchronous: ECI Server Port (19997) Note: Here exists a conflict with the standard ECI port of the Business Service. |
