Ports
A port is numerical value that identifies the application associated with data. The source port number identifies the application that sent the data, and the destination port number identifies the application that receives the data. Each port is assigned a unique 16-bit number in the range of 0 through 65535.
The well known port are those from 0 through 1023. This range or port is bound to the services running on them. for example, FTP runs on port 21 by default.
The registered ports are those from 1024 through 49151. This range of port numbers is not bound to any specific service. Actually, networking utilities like your browser opens a random port within this range and starts a communication with remote server.
The dynamic or private ports are those from 49152 through 65535. this range is rarely used and is mostly used by Trojans. However some application do tend to use such high range port numbers.
Re-mapping Ports: A common technique employed by a number of system administrators is re-mapping ports. for example, normally the default port for HTTP is 80. However it can be re-mapped to port 8080. If that is the case then homepage hosted on that server would be at : http://domain.com:8080
The idea behind port re-mapping is that instead of running a service on a well-known port, where it can easily be exploited, it is better to run it on a not so well-known port, as any hacker, will find it more difficult to find that service.
Sockets
Let 10.0.0.1 wants to connect to the ftp daemon to download a file and at the same time, it wants to connect to 20.0.0.1's website, i.e. connect to its HTTP daemon. In such a scenario, 20.0.0.1 will have to initiate two distinct connections with 10.0.0.1 simultaneously. If there are two distinct connections existing between the same pair of systems. There has to be a way in which this system is able to distinguish between connection for FTP daemon and HTTP daemon. To solve such problems, we have ports. Thus, the 10.0.0.1 computer knows as to which port to connect to in order to download a FTP file. As a result, it will communicate with the 20.0.0.1 machine using what is known as the "socket pair", which is a combination of an ip address and a port. TCP/IP or over the Internet, all communication is done using this socket pair.
socket pair for HTTP port on local host : 127.0.0.1:80
socket pair for SMTP port on local host: 127.0.0.1:25
A port is numerical value that identifies the application associated with data. The source port number identifies the application that sent the data, and the destination port number identifies the application that receives the data. Each port is assigned a unique 16-bit number in the range of 0 through 65535.
The well known port are those from 0 through 1023. This range or port is bound to the services running on them. for example, FTP runs on port 21 by default.
The registered ports are those from 1024 through 49151. This range of port numbers is not bound to any specific service. Actually, networking utilities like your browser opens a random port within this range and starts a communication with remote server.
The dynamic or private ports are those from 49152 through 65535. this range is rarely used and is mostly used by Trojans. However some application do tend to use such high range port numbers.
Re-mapping Ports: A common technique employed by a number of system administrators is re-mapping ports. for example, normally the default port for HTTP is 80. However it can be re-mapped to port 8080. If that is the case then homepage hosted on that server would be at : http://domain.com:8080
The idea behind port re-mapping is that instead of running a service on a well-known port, where it can easily be exploited, it is better to run it on a not so well-known port, as any hacker, will find it more difficult to find that service.
Sockets
Let 10.0.0.1 wants to connect to the ftp daemon to download a file and at the same time, it wants to connect to 20.0.0.1's website, i.e. connect to its HTTP daemon. In such a scenario, 20.0.0.1 will have to initiate two distinct connections with 10.0.0.1 simultaneously. If there are two distinct connections existing between the same pair of systems. There has to be a way in which this system is able to distinguish between connection for FTP daemon and HTTP daemon. To solve such problems, we have ports. Thus, the 10.0.0.1 computer knows as to which port to connect to in order to download a FTP file. As a result, it will communicate with the 20.0.0.1 machine using what is known as the "socket pair", which is a combination of an ip address and a port. TCP/IP or over the Internet, all communication is done using this socket pair.
socket pair for HTTP port on local host : 127.0.0.1:80
socket pair for SMTP port on local host: 127.0.0.1:25
No comments:
Post a Comment