• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

  • 0
Sign in to follow this  

Ephemeral Port Question

Question

notta    73

We're working with a new application intended to secure Windows clients. You can think of the application as a software firewall. We have defined rules and we're using the ephemeral ports 49152 - 65535. This has worked fine on most systems, but we are getting some computers that have the older ephemeral range of 1025 - 65535. All systems are Windows 7 and Windows 2012 and up so they should be using the default ephemeral range of 49152 - 65535. Do you have any idea why this range would be different on some systems? Do software applications change this range? We have used the netsh command on 2 systems to change the range back to 49152 - 65535 from the older range. Do you foresee any problems long term by shrinking the range? As I said we have changed it on a couple systems without any issues so far.

 

netsh int ipv4 show dynamicport tcp - will show your ephemeral range.

netsh int ipv4 set dynamicport tcp start=49152 num=16383 - to set to new range

 

Share this post


Link to post
Share on other sites

1 answer to this question

Recommended Posts

  • 0
+BudMan    3,513

You should consider the full range 1025–65535, since an application could use any of those ports that are not currently be using be some other application..

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.