Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 10 subscribers
  • Views 2025 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is it possible to change Sophos ports 8192, 8193?

Calvin Miner

I've found plenty of guides to change Sophos port 8194 on Windows, but none to change ports 8192 and 8193. I'm using Windows Server 2016. Is this possible? If so, how?



This thread was automatically locked due to age.
Parents
  • +1

    Hello Calvin Miner,

    the SESC Console forum is, maybe, the better place for this question.
    First of all, is this a theoretical question or where does this need come from?

    Port 8193 isn't used, but if it is already acquired by some other application this might prevent the startup of the Message Router service (haven't tested it). How a managed endpoint client locates the management server mentions [t]he 'ClientIORPort', by default 8192 so I assume it's permissible to change it even though it is not documented. I assume there aren't many reports of conflicts w.r.t. port 8192, if at all.

    Christian

  • 0 in reply to QC

    This isn't hypothetical, I have software that needs to listen on these ports.

     

    I see RouterNT.exe always listening on 8192 and 8193 (and 9194 after configuring that). The local address is 0.0.0.0:8191 and 0.0.0.0:8192. Foreign port is 0.0.0.0:0 and 0.0.0.0:0. I'm not expert on networking, but this sounds like a loopback.

     

    Thanks for the suggestions and background. I'll put this question in SESC console forum.

  • 0 in reply to Calvin Miner

    Hello Calvin Miner,

    I'll put this question in SESC console forum
    please note that you only have to join the SESC group, then this thread can be moved.

    As to the meaning of these Local and Foreign addresses (without going into too many details, example addresses are IPv4):
    An application can either listen on a specific local address (interface) or on any interface, and usually on a specific port. Any is denoted by all zeros, e.g. 0.0.0.0:8192. If an application intends to accept only loopback connections it'd use e.g. 127.0.0.1:8888. And as long as no connection is established (i.e. the status is LISTENING) the Foreign Address is all zeros. Once a connection is established it shows the address on the other side.

    Christian

Reply
  • 0 in reply to Calvin Miner

    Hello Calvin Miner,

    I'll put this question in SESC console forum
    please note that you only have to join the SESC group, then this thread can be moved.

    As to the meaning of these Local and Foreign addresses (without going into too many details, example addresses are IPv4):
    An application can either listen on a specific local address (interface) or on any interface, and usually on a specific port. Any is denoted by all zeros, e.g. 0.0.0.0:8192. If an application intends to accept only loopback connections it'd use e.g. 127.0.0.1:8888. And as long as no connection is established (i.e. the status is LISTENING) the Foreign Address is all zeros. Once a connection is established it shows the address on the other side.

    Christian

Children
No Data
Unfiltered HTML