Xerox® Security Guide for Light Production Mono Class Products
In the product, tickets are stored only in a memory, and are deleted automatically by a user log-off or
an automatic log-off due to time-out. When power is turned off during log-on, the tickets will be
deleted.
2.
Validity of the ticket
In the product, only the initial ticket is obtained; authentication is considered as successful when the
initial ticket is obtained. Thus, invalidation of the initial ticket is not judged.
Port 110: POP3
This port enables E-mail Print feature and is open at the specified intervals set when receive
protocol is set to POP3. Also, when “POP Before SMTP” is set, POP access is always performed
before sending data such as image to the SMTP server. Usually the POP User ID and the
password are sent in plain text, but the password is encrypted to be sent when “APOP
authentication” is selected.
A system administrator can change the port number from CentreWare Internet Services.
Port 123: SNTP
This port is used to access the server at the specified intervals when time synchronization with the
external time is set on the Local User Interface. The setting can be changed by a system
administrator.
Ports 137, 138, 139, 445: NETBIOS
Port 137 is the standard NetBIOS Name Service port and mainly used by WINS. Port 138
supports the CIFS browsing protocol. Port 445 is a standard direct host port and is used for
communication using SMB protocol that does not use NetBIOS over TCP. A system administrator
can disable each of the 4 ports via Local User Interface or from CentreWare Internet Services. To
use the SMB feature for Scan, all of the above ports need to be available. For Scan, image is sent
to Port 139 or Port 445, both of which are on the remote server.
Ports 161, 162: SNMP
These ports support the SNMPv1, SNMPv2c, and SNMPv3 protocols. SNMPv1 and SNMPv2c
control access to device’s MIB information by using write community string and read community
string. Since these community strings are transmitted on network in plain text, users should note
that the community strings can be read if packets are dumped. It is highly recommended that the
customer changes the community string from the default upon product installation. To solve the
above problem, for SNMPv3, packets on network are authenticated and encrypted, which realizes
safe access. Therefore, users who place importance on security should use SNMPv3. A system
administrator can set enable/disable of the SNMP from the local UI or CentreWare Internet
Services.
Port 389: LDAP
This is the standard LDAP port used for Address Book queries in LDAP authentication and the
Scan to Email feature.
Port 427: SLP
In the product, this port is used to search the NetWare server on the network, on the IP protocol.
This function operates only when the NetWare print function is set to be used on the IP protocol.