More on the latest variant of 'Petya' Ransomware outbreak here
This article explains the firewall exceptions for the Sophos Remote Management System (RMS) TCP ports - including direction.
Applies to the following Sophos product and version Sophos Anti-Virus for Windows 2000+Enterprise ConsoleSophos Control CenterSophos Enterprise Manager
See diagram below for clarification. Note: TCP port 8193 is not used for communication but you will see RMS listening on the port.
Click image to zoom in.
Port 8192 (TCP) is used to provide the connecting client (message router) with information on how to find connect to the SSL port for future communication.
Port 8192 (TCP) hosts an Interoperable Object Reference (IOR), which encodes within it the port and address for the client to connect back to. By default this is the IP address of the parent message router and port 8194 (TCP).
Port 8193 (TCP) although in a listening state is not used for communication and can therefore be safely fire-walled.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.