RE: Remote Connections and port identification

["Keith Cirelli" <Keith.Cirelli () strategiclink com>]

Hoooooooooold up...your a bit mis-informed.

UDP is a protocol. It is fast, not reliable and does not perform error checking like TCP. Many apps use it such as SNMP.

ACK is and 'acknowledgement' packet. In TCP/IP there is a 3 way handshake that takes place before two machines start an 
established connection. If I start a conversation w/your PC it goes like this....Syncronization packet to you, you send 
back to me a synchronization ACKnowledgement THEN, I send you and ACKnowledgement. Handshake complete...we start 
talking  TCP/IP

RCP (provided you didn't mean RPC) is a unix sentric 'remote copy' command/app that is used to copy files from 1 
machine to another. rcp (remote copy) is used to copy files between the local host (the computer you are currently 
logged on to) and a remote host (any other computer on the network).

Hope that helps clear things up a bit.



- -----Original Message-----
From: Sayo Venchetti [mailto:november_echone () yahoo com] 
Sent: Tuesday, July 22, 2003 8:14 PM
To: security-basics () securityfocus com
Subject: Remote Connections and port identification



Hey again :),



I also was wondering what exactly a UDP, ACK, and RCP ports are. I'm 

guesing an ACK port has something to do with uploading information(?), 

and is it possible for a remote screen to launch an uplink or direct 

connection to another computer or network via an open TCP, UDP, ACK, or 

RCP port on a computer? If so, do they have to be already established, or 

can one open them from the remote computer? 



Also, I was reading a chart on remote SSH connections for a website on 

Koji Nobumoto's email of SSH, and it was sharing information on remote 

logins to windows machines from linux machines 

(http://www.uk.research.att.com/vnc/sshvnc.html) and it says at one point 

a linux machine 1 was forwarding information back over a public network 

through a secure remote network (Passing through another linux box #2) to 

another windows machine. 



Was the information being transfered going THROUGH the linux box 2, or 

was it directly connected to the windows box via some sort of secured 

connection? It raises the possibility of bypassing security on the 2nd 

linux box to direct connect to the windows box. If this was true, I'm 

thinking about performing an experiment where from my own windows 

machine, I will direct connect to a relativly unsecure LAN network down 

the street from my house (A friend of mine's computer network), and 

connect to a windows 2k pro OS box I own, bypassing his server computer. 

Is this possible? If so, I'll do it and report the results back here :P 



Thanks, 

~Sayo Venchetti


-
---------------------------------------------------------------------------
-
----------------------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBPyGTkaRW4RQby1QuEQLf+wCg3E8x37KKQMARB8x4g+NHGrt7ViYAoM3n
6IJvzI7Ub9+OLXkBPfzpWBSk
=9tAx
-----END PGP SIGNATURE-----



---------------------------------------------------------------------------
----------------------------------------------------------------------------