Overclock.net › Forums › Software, Programming and Coding › Networking & Security › a couple security questions
New Posts  All Forums:Forum Nav:

a couple security questions - Page 4

post #31 of 37
Well, an open port is not like an open window. It's more like a working telephone line with an operator ready to pick up the phone. If there is a program (aka "service") attached to that port, the operator picks up the phone, says hello, waits for the caller to say hi in return, and then transfers the caller to the correct service.

If there is no service attached to the port, the operator picks up the phone, says "Sorry, I'm not listening to this phone", and hangs up.

You can use an open port to find out a little information about the operator. Like, if she has a German accent, you can deduce that she's probably German. Unless maybe she's faking the accent, which is entirely possible. You can use it to cause trouble - for example, if you call the operator once a minute and then transfer the call to Joe, Joe won't be able to use his phone and he will think the operator is pranking him. Or if you mess with the phone system, you might be able to screw up the operator's phone line so the volume is too low and she has to talk real slow and yell really loud for anyone to hear her.

But you can't normally use it as a way into the system.
Edited by thefreeaccount - 2/24/11 at 12:26am
post #32 of 37
but if you give us more details maybe we have a better chance at helping you, what program are you using? what port is it on and whats your ip address?

just kidding i don't want your ip. but if you tell us the other two questions we can better understand what it is? you said p2p so i'm guessing a torrent or a share program like limewire or bearshare.
Prometheus
(14 items)
 
  
Reply
Prometheus
(14 items)
 
  
Reply
post #33 of 37
Thread Starter 
Quote:
Originally Posted by KillServ View Post
but if you give us more details maybe we have a better chance at helping you, what program are you using? what port is it on and whats your ip address?

just kidding i don't want your ip. but if you tell us the other two questions we can better understand what it is? you said p2p so i'm guessing a torrent or a share program like limewire or bearshare.
I'm not really having a problem, I was just concerned about security.

I have another question. I read someone say somewhere that port forwarding is for incoming connections, but for outgoing you dont need to forward any ports, and an internet browser only makes outgoing requests. But I also hear people say that you will use port 80 to use your browser. Which is true?
Blurgh
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II X4 965 M4a77t evga gtx 560 ti fpb 12gb DDR3 1333mhz 
Hard DriveOSPower
1tb windows 7 home premium 64bit 500w 
  hide details  
Reply
Blurgh
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II X4 965 M4a77t evga gtx 560 ti fpb 12gb DDR3 1333mhz 
Hard DriveOSPower
1tb windows 7 home premium 64bit 500w 
  hide details  
Reply
post #34 of 37
Both.

but i thought port forwarding was for outgoing or in and outgoing. But i've never touched it i just allow ports on my rule and add firewall rules.
Prometheus
(14 items)
 
  
Reply
Prometheus
(14 items)
 
  
Reply
post #35 of 37
Thread Starter 
Quote:
Originally Posted by KillServ View Post
Both.

but i thought port forwarding was for outgoing or in and outgoing. But i've never touched it i just allow ports on my rule and add firewall rules.
Could you explain how its both?
Blurgh
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II X4 965 M4a77t evga gtx 560 ti fpb 12gb DDR3 1333mhz 
Hard DriveOSPower
1tb windows 7 home premium 64bit 500w 
  hide details  
Reply
Blurgh
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II X4 965 M4a77t evga gtx 560 ti fpb 12gb DDR3 1333mhz 
Hard DriveOSPower
1tb windows 7 home premium 64bit 500w 
  hide details  
Reply
post #36 of 37
Port forwarding is for incoming connections. That's because the port you connect from is supposed to be completely random. Connecting from a predictable port would be a security risk, since it could allow a 3rd party to impersonate the server by "jumping in" to the newly-opened port before the server can respond.

My guess is that by "forwarding on outgoing ports" they actually mean something called port triggering. Some older protocols - for example, active FTP and ident - require the server to make an incoming connection to your PC. Port triggering is supposed to make the router eavesdrop on all your outgoing traffic, and open the necessary incoming port when appropriate.

I would not suggest using port triggering because it will often slow the router down noticeably.
Edited by thefreeaccount - 2/24/11 at 4:50am
post #37 of 37
Quote:
Originally Posted by nachoz View Post
I'm not really having a problem, I was just concerned about security.

I have another question. I read someone say somewhere that port forwarding is for incoming connections, but for outgoing you dont need to forward any ports, and an internet browser only makes outgoing requests. But I also hear people say that you will use port 80 to use your browser. Which is true?
You need one port on your PC to connect to one port on a remote machine.
If you browse to a few sites and then open a command prompt with 'netstat -n' you can see these connections. Your PC generally picks a random port as a source and sends the HTTP request to the server on port 80.

Once the traffic hits your home router, a couple of things happen. The router looks at your source port and destination. If the source port is currently not in use on the router, it automatically opens up this port on the WAN interface to accept connections from the destination device at that IP and port. This also provides a mechanism to find your machine in order to send the website data back to you, as all computers in a typical home network are behind a singular WAN IP.

Here's how it looks on the router:
Quote:
BDR-RTR# show ip nat translation

Pro Inside global Inside local Outside local Outside global

tcp 108.108.108.108:39807 172.31.255.9:39807 67.220.212.115:80 67.220.212.115:80
tcp 108.108.108.108:1844 172.31.255.18:1844 74.125.162.32:80 74.125.162.32:80
tcp 108.108.108.108:1850 172.31.255.18:1850 74.125.162.32:80 74.125.162.32:80
tcp 108.108.108.108:1860 172.31.255.18:1860 74.125.162.32:80 74.125.162.32:80
tcp 108.108.108.108:1861 172.31.255.18:1861 74.125.162.32:80 74.125.162.32:80
tcp 108.108.108.108:38684 172.31.255.12:38684 178.18.17.77:443 178.18.17.77:443
tcp 108.108.108.108:1869 172.31.255.18:1869 74.125.162.32:80 74.125.162.32:80
tcp 108.108.108.108:40781 172.31.255.9:40781 72.14.204.148:80 72.14.204.148:80
tcp 108.108.108.108:51021 172.31.255.9:51021 72.14.204.157:80 72.14.204.157:80
tcp 108.108.108.108:1884 172.31.255.18:1884 74.125.162.32:80 74.125.162.32:80
tcp 108.108.108.108:1889 172.31.255.18:1889 74.125.162.32:80 74.125.162.32:80
When you port forward on the router, you're essentially telling it "any inbound connections on this port, forward to LAN PC x at IP x.x.x.x". If you don't do this and an inbound connection arrives on your WAN interface for a particular port, the router would have no idea which LAN client to forward to and the connection would fail if the router itself did not have a service running on this port. In this fashion, WAN clients can now connect to services on your network without you having to originate the connection, first.

So, to address the last question, it is both...ish. A browser both sends and receives data. You send an HTTP request when you visit a website, you receive the website and all content in return. The common port for HTTP web servers is port 80, this is the default implied port when you visit a URL.
Das Rig, Ja?
(12 items)
 
  
CPUMotherboardGraphicsRAM
AMD Ryzen 1700 Asus Crosshair VI EVGA 1080Ti SC2 2x16G GSkill RGB 3200 
Hard DriveCoolingOSMonitor
500 GB 960 EVO Enermax T50A-BVT Windows 10 Pro 27" Asus 
KeyboardPowerCaseMouse
Logitech K350 EVGA 1600G2 Fractal Define C Rosewill M55 RGB 
  hide details  
Reply
Das Rig, Ja?
(12 items)
 
  
CPUMotherboardGraphicsRAM
AMD Ryzen 1700 Asus Crosshair VI EVGA 1080Ti SC2 2x16G GSkill RGB 3200 
Hard DriveCoolingOSMonitor
500 GB 960 EVO Enermax T50A-BVT Windows 10 Pro 27" Asus 
KeyboardPowerCaseMouse
Logitech K350 EVGA 1600G2 Fractal Define C Rosewill M55 RGB 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › a couple security questions