Pages

Monday, August 1, 2011

Change TCP Port Range for DCOM with WMI

WMI - Windows Management Instrumentation - is used by many different type of applications for different purposes but most recently our team used it for an application to monitor file integrity on servers for PCI compliance requirement. The software we used for file integrity monitoring is called nCircle File Integrity Monitor (nFIM) from nCircle. As a security measure we decided to use non-default range of ports for WMI and DCOM.  I was tasked to make WMI work with dynamic ports since nFIM utilizes DCOM to connect to a range of TCP ports. Here is how we made it work for each server.

1. Log on to the server in question
2. Go to Administrative Tools
3. Click on Component Services
4. Expand Component Services tree until My Computer
5. Right click my computer and go the tab shown in the image below
Click on image for full view



















You can further narrow down the security for DCOM by specifying trusted endpoints as shown in the image below.
Click on image for full view

6 comments:

  1. Great article …Thanks for your great information, the contents are quiet interesting. I will be waiting for your next post.

    ReplyDelete
  2. Nice and interesting post. you must be aware that you have a really nice blog must be very much thankful to you because of this awesome blog. I really appreciate what you are doing here.

    ReplyDelete
  3. Now it is easy to do this, i can do it myself thanks to share with us this tutorial.

    ReplyDelete
  4. Great and intriguing post. you must aware that you have a truly decent website must really appreciative to you in view of this stunning online journal. I truly acknowledge what you are doing here.For more visit-http://www.fieryescorts.co.uk/.

    ReplyDelete
  5. I agree to efeet, this doesn't work. My outgoing (source ports) are still in the upper random range (e.g. 49000)

    ReplyDelete