Port 3668: Dell Remote Management — Virtual Media over the Wire

What Port 3668 Does

Port 3668 is registered with IANA under the service name dell-rm-port — Dell Remote Management.¹ In practice, it handles Virtual Media traffic for Dell's DRAC (Dell Remote Access Controller), an out-of-band management card built into Dell servers.

Virtual Media is exactly what it sounds like: making a remote server believe there's a physical disc in its drive, when in reality the data is being streamed over the network from an administrator's workstation. Mount an ISO of a Linux installer in New Jersey, and a server rack in Oregon sees it as a local CD-ROM. Port 3668 is how that illusion travels across the wire.²

Port 3669 is its partner — together, the pair handle the Virtual Media session. Port 3668 carries unencrypted Virtual Media data; 3669 handles encrypted Virtual Media. Both are non-configurable on most Dell OpenManage and iDRAC platforms.³

The Range It Lives In

Port 3668 sits in the registered ports range (1024–49151). These are ports that vendors and protocol designers can formally register with IANA — unlike the well-known ports below 1024, which are reserved for foundational Internet services, registered ports are claimed by specific applications and products.

IANA assigned dell-rm-port to both TCP and UDP in January 2003,¹ when Dell was actively building out its OpenManage server management platform.

What DRAC Actually Is

DRAC (Dell Remote Access Controller) is a separate processor embedded on Dell servers — it has its own CPU, its own memory, its own network port, and runs independently of the main server's operating system. Even if the server is powered off, crashed, or has a failed OS, DRAC stays alive.

It's out-of-band management: you can power cycle the server, view the console, update firmware, and mount installation media — all without touching the physical machine. Port 3668 is part of that toolkit, specifically the ability to boot from remote media without needing a physical disc or USB drive anywhere near the hardware.²

Security Considerations

Traffic on port 3668 is unencrypted — that's what distinguishes it from port 3669. If you're using Virtual Media without SSL, the disc image data flows in plaintext over port 3668.

In practice, DRAC and iDRAC interfaces should never be exposed to the public Internet. They're designed for isolated management networks (often called "out-of-band" or "IPMI" networks), where the security model depends on network isolation rather than encryption of individual sessions.

If you see port 3668 open on a device that isn't Dell server hardware in a managed data center environment, that's worth investigating.

How to Check What's Listening on This Port

On Linux:

ss -tlnp | grep 3668

On macOS:

lsof -i :3668

On Windows:

netstat -ano | findstr :3668

If something is listening, the process name will tell you whether it's legitimate Dell management software or something unexpected.

Related Ports

• Port 3669 — Dell Virtual Media (encrypted)
• Port 623 — IPMI (Intelligent Platform Management Interface), the broader standard for out-of-band server management
• Port 443 — iDRAC web interface (HTTPS)
• Port 22 — iDRAC SSH access