Hi,
You don't really need to sniff to find out the source port, on the command
prompt of your computer just issue a "netstat -a" command, you will see all
the ports your system is using, and you will see that most of the source
ports are in the 1000+ range, at least on Windows implementation of TCP/IP.
The port number listed in the IANA assigned number are meant for
destination port numbers, so that other people can connect to the well
known services that a server is offering without having to check with the
administrator on what ports those services are listening on. If you are
writing a client/server app for use privately among a small group of
people, IANA recommend that your private app bind to port > 49152, but you
can still ignore that recommendation and bind your private app to, say,
port 80, and everything will still work.
No control for source port other than it should be > 1023, but you can
still use ports < 1024 as source port, the destination should not reject
your connection request, but the security folks will not be very happy. If
I am not mistaken, Bind use TCP port 53 for both source and destination
ports when it does zone transfer, anyone can confirm that.
Using a source port that has been registered for some other app is not a
problem, unless you system also happen to be listening on that port; in
that case the system would skip that port number and use the next available
port number instead (somebody please correct me if I am wrong).
Thanks.
At 05:24 PM 11/6/2000 -0800, Chuck Larrieu wrote:
>Got a question about this.
>
>Application wants to open a TCP connection to something - say http, so the
>application issues the request, TCP on the application side uses some random
>port number above 1023 as the source port number. The destination port is
>the well know port on the distant end.
>
>However, I see from the IANA port listings
>(http://www.isi.edu/in-notes/iana/assignments/port-numbers ) that there are
>any number of registered ports above 1023. For example L2TP uses port 1701,
>Groupwise uses port 1677, ands WINS uses port 1512. The IANA page itself
>calls ports 1024 through 49151 "registered" and further states that only
>ports 49152 and beyond are "dynamic and / or private"
>
>Anyone ever sniffed outbound traffic and seen apps using source ports in the
>1024 through 49151 range?
>
>It just occurs to me that this has the potential of creating problems, if an
>application uses a port reserved for some other application. Since most of
>the ports in this "registered" range appear to be for obscure kinds of
>services or applications, perhaps this isn't really and issue.
>
>Comments?
>
>Chuck
>
>_________________________________
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Boo Kheng
Professional Services
Cisco Systems
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
