11/5/2016 How To Restrict TCP/IP Ports on Windows 2000 and Windows XP

0 Sign in

How To Restrict TCP/IP Ports on Windows 2000 and Windows

XP

This article was previously published under Q300083

SUMMARY

Distributed Component Object Model (DCOM) uses Remote Procedure Call (RPC) dynamic port
allocation. By default, RPC dynamic port allocation randomly selects port numbers above 1024. You can
control which ports RPC dynamically allocates for incoming communication and then configure your
firewall to confine incoming external communication to only those ports and port 135 (the RPC Endpoint
Mapper port).

MORE INFORMATION

To control RPC dynamic port allocation, follow these steps:

1. From the Start menu, point to Programs, point to Administrative Tools, and then click
Component Services to start Component Services.

2. Click to expand the Component Services and Computers nodes. Right-click My Computer, and
then click Properties.

3. On the Default Protocols tab, click Connection-oriented TCP/IP in the DCOM Protocols list box,
and then click Properties.

4. In the Properties for COM Internet Services dialog box, click Add.

5. In the Port range text box, add a port range (for example, type 5000-5020), and then click OK.

6. Leave the Port range assignment and the Default dynamic port allocation options set to Internet
range.

7. Click OK three times, and

https://support.microsoft.com/en-us/kb/300083 then restart your computer. 1/3
11/5/2016 How To Restrict TCP/IP Ports on Windows 2000 and Windows XP

7. Click OK three times, and then restart your computer.

REFERENCES

For additional information about port range allocation, click the article number below to view the article
in the Microsoft Knowledge Base:
217351 PRB: DCOM Port Range Configuration Problems
For additional information about using Microsoft Distributed Transaction Coordinator with firewalls, click
the article number below to view the article in the Microsoft Knowledge Base:
250367 INFO: Configuring Microsoft Distributed Transaction Coordinator (DTC) to Work Through a
Firewall
For more information about using DCOM with firewalls, see the following Microsoft Web site:
http://msdn.microsoft.com/en-us/library/ms809327.aspx

Properties

Article ID: 300083 - Last Review: 07/02/2004 13:51:06 - Revision: 2.4

Applies to
Microsoft COM+ 1.0, Microsoft COM+ 1.5

Keywords:
kbhowto kbsysadmin KB300083

Support

Account support
https://support.microsoft.com/en-us/kb/300083 2/3
11/5/2016 How To Restrict TCP/IP Ports on Windows 2000 and Windows XP

Account support

Supported products list

Microsoft Lifecycle Policy

Security

Safety & Security Center

Download Security Essentials

Malicious Software Removal Tool

Contact Us

Report a support scam

Disability Answer Desk

Locate Microsoft addresses worldwide

English (United States)

Terms of use Privacy & cookies Trademarks © 2016 Microsoft

https://support.microsoft.com/en-us/kb/300083 3/3