Este conteúdo foi traduzido por máquina para sua conveniência e a Huawei Cloud não pode garantir que o conteúdo foi traduzido com precisão. Para exibir o conteúdo original, use o link no canto superior direito para mudar para a página em inglês.
Central de ajuda/ Virtual Private Cloud/ Guia de usuário/ Segurança/ Grupo de segurança/ Portas comuns usadas pelos ECSs
Atualizado em 2024-09-18 GMT+08:00
Ver PDF
Compartilhar

Portas comuns usadas pelos ECSs

When adding a security group rule, you must specify the port or port range for communication. When a security group detects an access request, it checks whether the IP address and the port of the device that sends the request are allowed by security group rules. Data communication can be established only when security group rules allow the request.

Tabela 1 lists the common ports used by ECSs. You can configure security group rules to allow traffic to and from specified ECS ports. For details, see Adição de uma regra de grupo de segurança. For more information about requirements for Windows, see Service overview and network port requirements for Windows.

Tabela 1 Common ports used by ECSs

Protocol

Port

Description

FTP

21

Used to upload and download files

SSH

22

Used to remotely connect to Linux ECSs

Telnet

23

Used to remotely log in to ECSs using Telnet

SMTP

25

Used to send emails

For security purposes, TCP port 25 is disabled in the outbound direction by default.

HTTP

80

Used to access websites over HTTP

POP3

110

Used to receive emails using Post Office Protocol version 3 (POP3)

IMAP

143

Used to receive emails using Internet Message Access Protocol (IMAP)

HTTPS

443

Used to access websites over HTTPS

SQL Server

1433

A TCP port of the SQL Server for providing services

SQL Server

1434

A UDP port of the SQL Server for returning the TCP/IP port number used by the SQL Server

Oracle

1521

Oracle database communications port, which must be enabled on the ECSs where Oracle SQL Server is deployed

MySQL

3306

Used by MySQL databases to provide services

Windows Server Remote Desktop Services

3389

Used to connect to Windows ECSs

Proxy

8080

Proxy port 8080 used in the WWW proxy service for web browsing. If you use port 8080, you need to add :8080 after the IP address when you visit a website or use a proxy server. After Apache Tomcat is installed, the default service port is 8080.

NetBIOS

137, 138, and 139

NetBIOS is often used for Windows files, printer sharing, and Samba.

  • Ports 137 and 138: UDP ports that are used when transferring files using Network Neighborhood (My Network Places)
  • Port 139: Connections from this port try to access the NetBIOS/SMB service.

Some Ports Inaccessible

Symptom: Users in certain areas cannot access some ports.

Analysis: Ports listed in the following table are high-risk ports and are blocked by default.

Tabela 2 High-risk ports

Protocol

Port

TCP

42, 135, 137, 138, 139, 444, 445, 593, 1025, 1068, 1433, 1434, 3127, 3128, 3129, 3130, 4444, 4789, 5554, 5800, 5900, 8998, 9995, and 9996

UDP

135 to 139, 1026, 1027, 1028, 1068, 1433, 1434, 4789, 5554, 9995, and 9996

Solution: It is recommended that you use ports that are not listed in the table for your services.

Tópico principal: Grupo de segurança