..and the port or port range opens and closes per connection request, inbound and outbound.
So basically, any passing TCP "port scan" would "trigger" these port(s) as "open" ?
Am I right?
Thanks,
Shinobi
Question about router, Port triggering?
Question about router, Port triggering?
Basically, from what I understand... port triggering is like port fowarding, without a I.P. address for the port or port range..
..and the port or port range opens and closes per connection request, inbound and outbound.
So basically, any passing TCP "port scan" would "trigger" these port(s) as "open" ?
Am I right?
Thanks,
Shinobi
..and the port or port range opens and closes per connection request, inbound and outbound.
So basically, any passing TCP "port scan" would "trigger" these port(s) as "open" ?
Am I right?
Thanks,
Shinobi
_______________________________________________
Vendor neutral certified in IT Project Management, IT Security, Cisco Networking, Cisco Security, Wide Area Networks, IPv6, IT Hardware, Unix, Linux, and Windows server administration
[SIGPIC][/SIGPIC]
Vendor neutral certified in IT Project Management, IT Security, Cisco Networking, Cisco Security, Wide Area Networks, IPv6, IT Hardware, Unix, Linux, and Windows server administration
[SIGPIC][/SIGPIC]
No.
Routers also depend on direction and on which system requested the open port. For example, you request a web page from a server. Your computer uses a port above 32K, to connect to port 80 on the destination. Once the two computers connect, they agree on ports (above 32K on both machines) to communicate. This leaves port 80 on the web server open for the next connection.
Once the communcation between the computers is completed, the port on both systems (and the router) is closed.
Now, on most routers, the external ports aren't just closed; they are normally in "stealth mode." So, when a scan requests the status of a port, not only does the router not respond with the fact that the port is closed, it doesn't respond at all. This is called a firewall.
Unprotected Windows, however, will respond with the port status. Not only that, some standard ports, like NetBIOS, FTP, SNMP or SMTP are always open. These are some of the ports that port scanners target.
Now you know why a firewall is necessary.
courtney
Routers also depend on direction and on which system requested the open port. For example, you request a web page from a server. Your computer uses a port above 32K, to connect to port 80 on the destination. Once the two computers connect, they agree on ports (above 32K on both machines) to communicate. This leaves port 80 on the web server open for the next connection.
Once the communcation between the computers is completed, the port on both systems (and the router) is closed.
Now, on most routers, the external ports aren't just closed; they are normally in "stealth mode." So, when a scan requests the status of a port, not only does the router not respond with the fact that the port is closed, it doesn't respond at all. This is called a firewall.
Unprotected Windows, however, will respond with the port status. Not only that, some standard ports, like NetBIOS, FTP, SNMP or SMTP are always open. These are some of the ports that port scanners target.
Now you know why a firewall is necessary.
courtney
-
cataclysmcow
- New Member
- Posts: 15
- Joined: Sun Aug 22, 2004 5:25 pm
After a trigger event is detected a temporary port forward rule is created. Only outgoing traffic will cause the trigger event so a port scan would not affect it.Shinobi wrote:..and the port or port range opens and closes per connection request, inbound and outbound. So basically, any passing TCP "port scan" would "trigger" these port(s) as "open" ?
Ephemeral ports start at 1023 (not 32k). The only OS that I know of that uses above 32,000 for ephemerals is Solaris.Your computer uses a port above 32K, to connect to port 80 on the destination. Once the two computers connect, they agree on ports (above 32K on both machines) to communicate.
Replying with a RST packet isn't the kiss of death that people make it out to be. Also FTP, SNMP and SMTP ports are not open on windows. You must start a service/application in order to "open" them.Unprotected Windows, however, will respond with the port status. Not only that, some standard ports, like NetBIOS, FTP, SNMP or SMTP are always open. These are some of the ports that port scanners target.