Been looking into the traffic going in and out of the Zone Controllers.
Base Listeners:
- Admin webinterface
TCP Port 5480
- Admin shell
TCP Port 22
- Meeting traffic (MMR)
TCP/UDP Port 8801
- Zone Controller (ZCTRL)
TCP port 8802
- Cloud access (ZCTRL)
TCP port 443 (Both regular and encryption address)
- STUN (ZCTRL)
UDP port 3478,3479
- Unknown
TCP port 5488, 5489
Outgoing traffic includes contacting Zoom Cloud on port 443 (Amazon EC2) most likely for statistics collection.
Edit
Example from Zone Controller 2:
Netstat:
tcp 0 0 185.174.116.88:443 0.0.0.0:* LISTEN 1404/zctrl
tcp 0 0 185.174.116.172:443 0.0.0.0:* LISTEN 1371/mmr
tcp 0 0 185.174.116.172:8801 0.0.0.0:* LISTEN 1371/mmr
tcp 0 0 0.0.0.0:8802 0.0.0.0:* LISTEN 1404/zctrl
tcp 0 0 185.174.116.88:8802 185.174.116.88:38396 ESTABLISHED 1404/zctrl
tcp 0 0 185.174.116.88:49024 185.174.116.18:8802 ESTABLISHED 1371/mmr
tcp 0 0 185.174.116.88:58636 54.83.5.86:443 ESTABLISHED 1404/zctrl
tcp 0 0 185.174.116.88:38396 185.174.116.88:8802 ESTABLISHED 1371/mmr
tcp 0 0 185.174.116.88:42266 54.243.3.229:443 ESTABLISHED 1404/zctrl
tcp 0 204 185.174.116.88:47780 54.215.18.227:443 ESTABLISHED 1404/zctrl
udp 0 0 185.174.116.172:8801 0.0.0.0:* 1371/mmr
udp 0 0 0.0.0.0:3478 0.0.0.0:* 1404/zctrl
udp 0 0 0.0.0.0:3479 0.0.0.0:* 1404/zctrl
Comments
0 comments
Article is closed for comments.