Security Basics mailing list archives
Re: trusted & untrusted ports
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Tue, 11 Nov 2003 11:38:32 +0100
On 2003-11-09 Hilal Hussein wrote:
I would like to open ports in my firewall so that i can access some applications out of my network. consequently, I have two questions: 1 - How I can Identify trusted ports vs. Untrusted ports ? assuming trust is directly concern with the security prespective (include virus, worms, hack, ...).
A port is a port. What do you mean by "trusted"? On Unix systems only root can attach services to the well known ports (< 1024), so you only have to trust the sysadmin of that machine. On Windows systems any user can attach services to any port that no other service is listening on. So with Windows machines (and Unix machines for ports >= 1024) you have to trust any user of the machine. Clients use arbitrary ports >= 1024 for connections to servers.
2 - corret me from wrong please. "There are two types of applications: web application (access through the http port), and client/server application (access through a defined port should be opened on the internet gateway).
I would rather say "web applications are those accessible through HTTP", because you can easily run those applications on ports != 80. In fact you can run any application on any port that is not already used by another application. It's just a convention to use port 80 for HTTP, so your browser would assume that port if you omit a port number in an URL. Most likely your web application will be a client/server application, too. Client/server just determines that there are two applications with different roles: one sending requests (client) and the other processing/ answering these requests (server). HTH Regards Ansgar Wiechers --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- trusted & untrusted ports Hilal Hussein (Nov 10)
- Re: trusted & untrusted ports Ansgar -59cobalt- Wiechers (Nov 11)
- Re: trusted & untrusted ports Duston Sickler (Nov 11)