Hello,
I am using the JBoss 4.2.2 server (atm as my development environment) for a project which was, before, based on TomCat only. However, the application in development now needs additional features (to be precise: EJB3).

I am interested in the port list (because I need to know which may be firewalled and which not). I examined the current server configuration with TCPView (I'm on Windows) and came to this result:

1098 JNDI
1099 JNDI RMI
3873 Default EJB3Connector
4444 JRMP-Invoker
4445 Pooled Invoker
4446 Connector (Core Component)
8009 Coyote AJP Connector
8080 Webserver
8083 Webservice
8093 JBossMQ UIL Service
3 x anon Various anonymous TCP ports

Anyway, I am interested in this: which ports are really in use when only TomCat is used as well as EJBs (which are accessed from the client using JNDI lookup). From what I can see I would guess these ones are really used:
- 1098 + 1099
- 3873
- 4444 (really used when using remote ebjs with a client?)
- 4445 (really used when using remote ebjs with a client?)
- 8080

I am absolutely not sure about these (and whether I could firewall them):
- 4446 (can it be blocked when not using connectors to integrate EISs?)
- 8009 (can it be blocked when not using connectors to integrate EISs?)
- 8083 (can it be blocked when not using WebService without breaking EJB3 and TomCat?)

Of course I was able to figure out roughly what each of the services behind the ports do, but still, I'm not 100% sure whether I should/could block them or not. What I am looking for is a conservative firewall-setup where only the really required ports are opened.

Kind regards and thank you for your help,
Marius