XEROX WorkCentre 3550 Information Assurance Disclosure Paper
2.8.2.15. Port 636, sLDAP
This is the standard LDAP port when using SSL for address book queries in the Scan to Email feature.
2.8.2.16. Port 1124, Network Scan Utility
This port supports the Xerox Network Scan utility. It is not configurable and cannot be disabled.
2.8.2.17. Port 1900, SSDP
This port behaves similarly to the SLP port. When activated, this port is used for service discovery and advertisement. The device will advertise itself as a printer and also listen for SSDP queries using this port. It is not configurable. This port is explicitly enabled / disabled in the Properties tab of the device’s web pages.
2.8.2.18. Port 3003, http/SNMP reply
This port is used when the http server requests device information. The user displays the Web User Interface (WebUI) and goes to a page where the http server must query the device for settings (e.g. Novell network settings). The http server queries the machine via an internal SNMP request (hence this port can only open when the http server is active). The machine replies back to the http server via this port. It sends the reply to the loopback address (127.0.0.0), which is internally routed to the http server. This reply is never transmitted on the network. Only SNMP replies are accepted by this port, and this port is active when the http server is active (i.e. if the http server is disabled, this port will be closed). If someone attempted to send an SNMP reply to this port via the network, the reply would have to contain the correct sequence number, which is highly unlikely, since the sequence numbers are internal to the machine.
2.8.2.19. Port 5200, UPnP
This port is used by UPnP. This is disabled when SSDP is disabled (see 3.2.2.16).
2.8.2.20. Port 5353, Multicast DNS
Designating a Multicast DNS server will allow the device to resolve domain names over a multicast protocol. This can be configured via the Local UI or WebUI.
2.8.2.21. Port 6000, SetIP Utility
This port supports the Xerox SetIP utility. It is not configurable and cannot be disabled.
2.8.2.22. Port 9100, raw IP
This allows downloading a PDL file directly to the interpreter. This port has limited
2.8.2.23. 9400, TWAIN for Network Utility
This port supports the Xerox TWAIN for Network utility. It is not configurable and cannot be disabled.
2.8.2.24. 9401, TWAIN for Network Utility
This port supports the Xerox TWAIN for Network utility. It is not configurable and cannot be disabled.
2.8.3. IP Filtering
The devices contain a static
| 20 |
Ver. 1.3, March 2011 | Page 20 of 32 |