3268
Microsoft Global Catalog
High RiskTCP — System & Infrastructure
Port Overview
Port Number
3268
Service Name
Microsoft Global Catalog
Transport Protocol
TCP
Category
System & Infrastructure
Security Risk
High
Port Range
Registered (1024-49151)
What is Port 3268?
Port 3268 is used by Microsoft Active Directory for the Global Catalog service, which provides a partial replica of all objects in the directory forest. LDAP clients query the Global Catalog to locate objects across multiple domains. This port is essential for cross-domain authentication in Windows enterprise environments.
TCP
System & Infrastructure
Commonly Used
Security Considerations
Port 3268 (Microsoft Global Catalog) is classified as high risk. This port is a common target for automated scanning and brute-force attacks. If you must expose it, restrict access to known IP addresses.
Recommendation: Use firewall rules to whitelist trusted IPs. Enable rate limiting and intrusion detection.