Port 0 and firewalls

Discussion in 'other firewalls' started by zorro zorrito, Sep 22, 2004.

Thread Status:
Not open for further replies.
  1. Hi all! I have the next question. If i I install a new program I want to conect to internet and my firewall uses port 0 to do it, does it select a dynamic port starting from 1024?Most systems start handing out dynamic ports starting around 1024, so that I could trust that the firewall is going to do this? is it going to canalize the program through a port starting from 1024? so that it wont use a port minor to 1024?
    Thanks to people for answering!
     
  2. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi zorro zorrito

    Your OS and application/remote service will determine what ports are being used for network connections. A firewall will permit or deny these connections, and the ports used, based on the rules in place.

    By default Windows will use ports in the ephemeral range (1024-5000) as the source (local) port on your system for outbound connections. These source port numbers will continue to increase until 5000 is reached and then start over again at 1024. The destination (remote) port will vary depending on the service you are connecting to. DNS (53), HTTP (80), etc.

    The following is an example showing the connections (and use of ephemeral ports) when connecting to this forum starting with the initial DNS lookup.

    Code:
    Start udp session: initiator (10.10.10.5:3836) -- responder (209.53.4.130:53)
    Start tcp session: initiator (10.10.10.5:3837) -- responder (64.91.226.241:80)
    Start tcp session: initiator (10.10.10.5:3838) -- responder (64.91.226.241:80)
    Regards,

    CrazyM
     
  3. Thanks CrazyM, I asked this because I am using jetico firewall, and if I let it open ports automatically for programs, in the window configuration it selects port 0 and then, when I see the ports the programs are using they are always as you say, from 1024 to 5000. It makes it easyer to use the firewall this way, I am using it and it works very fine controlling every thing that goes in or out my pc.it has a kind of sandbox, very good program, I like it as much as kerio 2.1.5 and another one that is Securepoint personal firewall vpn 3.5
    Thanks
     
  4. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hi,

    when programming and using Winsock, if you create a program to bind on a port but instead of hardcoding a port you use "0", the program will use any free port after 1024.

    regards,

    gkweb.
     
Loading...
Thread Status:
Not open for further replies.