View Full Version : Port 0 and firewalls
zorro zorrito
September 22nd, 2004, 06:27 PM
Hi all! I have the next question. If i I install a new program I want to conect to internet and my firewall uses port 0 to do it, does it select a dynamic port starting from 1024?Most systems start handing out dynamic ports starting around 1024, so that I could trust that the firewall is going to do this? is it going to canalize the program through a port starting from 1024? so that it wont use a port minor to 1024?
Thanks to people for answering!
CrazyM
September 25th, 2004, 04:47 AM
Hi zorro zorrito
Your OS and application/remote service will determine what ports are being used for network connections. A firewall will permit or deny these connections, and the ports used, based on the rules in place.
By default Windows will use ports in the ephemeral range (1024-5000) as the source (local) port on your system for outbound connections. These source port numbers will continue to increase until 5000 is reached and then start over again at 1024. The destination (remote) port will vary depending on the service you are connecting to. DNS (53), HTTP (80), etc.
The following is an example showing the connections (and use of ephemeral ports) when connecting to this forum starting with the initial DNS lookup.
Start udp session: initiator (10.10.10.5:3836) -- responder (209.53.4.130:53)
Start tcp session: initiator (10.10.10.5:3837) -- responder (64.91.226.241:80)
Start tcp session: initiator (10.10.10.5:3838) -- responder (64.91.226.241:80)
Regards,
CrazyM
zorro zorrito
September 25th, 2004, 05:12 AM
Thanks CrazyM, I asked this because I am using jetico firewall, and if I let it open ports automatically for programs, in the window configuration it selects port 0 and then, when I see the ports the programs are using they are always as you say, from 1024 to 5000. It makes it easyer to use the firewall this way, I am using it and it works very fine controlling every thing that goes in or out my pc.it has a kind of sandbox, very good program, I like it as much as kerio 2.1.5 and another one that is Securepoint personal firewall vpn 3.5
Thanks
gkweb
September 25th, 2004, 05:15 AM
Hi,
when programming and using Winsock, if you create a program to bind on a port but instead of hardcoding a port you use "0", the program will use any free port after 1024.
regards,
gkweb.
vBulletin® Copyright ©2000-2012, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2012, Wilders Security Forums