Bootstrap Closing UDP Port 67

[Kotowski]

Hi all,

Maybe it´s a newbie question, but anyway, i would appreciate a little
help.

I´m working on a W2003 Enterprise Edition Server and recently i
removed DHCP service, which i do not need.

Even so, udp ports 67 & 68 are still open (bootps and bootpc). Still
far ok, nothing unexpected.

Anyway, i was wondering if by any means there is a way to "shut down"
these ports. I read that the bootps and bootpc are related to the
bootstrap protocol, and found no material in the ms web page.

I don´t know if these "services" are needed for the system to work. I
don´t know whether boot.ini uses them...

Please help me diminishing my ignorance...

NPKF.

 

[Karl Levinson, mvp]

How did you determine they are open? Are they listening? Did you run the
NETSTAT -ANO command? How did you remove the DHCP service? There is a
server service and a client service. boot.ini doesn't figure into this, in
Windows it is primarily a DHCP thing.


Hi all,

Maybe it´s a newbie question, but anyway, i would appreciate a little
help.

I´m working on a W2003 Enterprise Edition Server and recently i
removed DHCP service, which i do not need.

Even so, udp ports 67 & 68 are still open (bootps and bootpc). Still
far ok, nothing unexpected.

Anyway, i was wondering if by any means there is a way to "shut down"
these ports. I read that the bootps and bootpc are related to the
bootstrap protocol, and found no material in the ms web page.

I don´t know if these "services" are needed for the system to work. I
don´t know whether boot.ini uses them...

Please help me diminishing my ignorance...

NPKF.

 

[Kotowski]

Karl,

1. How did you determine they are open?

I determine they are open via netstat -na command.

1.a ) There follows the extract from a remote machine, using the
netstat -ano destination_machine_ip:

UDP 0.0.0.0:445 *:* 4
UDP 0.0.0.0:500 *:*
1312
UDP 0.0.0.0:1025 *:*
2008
UDP 0.0.0.0:1038 *:*
2008
UDP 0.0.0.0:1041 *:*
2008
UDP 0.0.0.0:4500 *:*
1312
UDP 127.0.0.1:123 *:*
1956
UDP 127.0.0.1:1037 *:*
1316
UDP 127.0.0.1:1262 *:*
3888
UDP 127.0.0.1:1900 *:*
272
UDP 146.164.34.142:123 *:*
1956
UDP 146.164.34.142:137 *:* 4
UDP 146.164.34.142:138 *:* 4
UDP 192.168.0.11:123 *:*
1956
UDP 192.168.0.11:1900 *:*
272
UDP 192.168.48.1:123 *:*
1956
UDP 192.168.48.1:137 *:* 4
UDP 192.168.48.1:138 *:* 4
UDP 192.168.48.1:1900 *:*
272
UDP 192.168.71.1:123 *:*
1956
UDP 192.168.71.1:137 *:* 4
UDP 192.168.71.1:138 *:* 4
UDP 192.168.71.1:1900 *:*
272

1.b ) The one below is from the destination machine:

UDP 0.0.0.0:445 *:* 4
UDP 0.0.0.0:3015 *:*
844
UDP 0.0.0.0:3224 *:*
1172
UDP 0.0.0.0:3289 *:*
1644
UDP 0.0.0.0:3316 *:*
388
UDP 127.0.0.1:123 *:*
844
UDP 127.0.0.1:1039 *:*
1948
UDP 127.0.0.1:1090 *:*
3084
UDP 127.0.0.1:3016 *:*
844
UDP 127.0.0.1:3946 *:*
3028
UDP 127.0.0.1:4035 *:*
3264
UDP 127.0.0.1:4766 *:*
896
UDP 127.0.0.1:4787 *:*
2300
UDP 146.164.34.9:123 *:*
844
UDP 146.164.34.9:389 *:*
452
UDP 192.168.0.9:53 *:*
844
UDP 192.168.0.9:67 *:*
844
UDP 192.168.0.9:68 *:*
844
UDP 192.168.0.9:123 *:*
844
UDP 192.168.0.9:137 *:* 4
UDP 192.168.0.9:138 *:* 4
UDP 192.168.0.9:389 *:*
452

2. How did you remove the DHCP service?

I removed the DHCP Server service via Add/Remove Windows Components.
The DHCP Client service remains.

Maybe this can help a little bit...

The destination machine (the one i am questioning about) hold the
192.168.0.9 IP Address.

Thanks again,
NPKF.