Solved

TCPIP Ports an explanation needed please...(ISA Server)

Posted on 2003-10-23
7
967 Views
Last Modified: 2010-04-11
Ok I roughly know what ports are....and how to open them and forward them etc.  However Im a bit confused about how they are assigned by applications.  For example SMTP uses port 25...so does this leave my ISP mail server on port 25 and then come into my exchange server on port 25?.  

The reason Im confused boils down to the difference between local and remote ports?.

Can someone give me a good analogy that will make sence of this to me?.
0
Comment
Question by:NeilDavis
7 Comments
 
LVL 4

Expert Comment

by:Wiired
ID: 9608875
Local ports are on your PC, and Remote ports are located on the destination. I may use port 80 to browse your webserver, but your ISA server may send the info back to me on port 62,000. In your example, the mail may or may not leave your ISP's port 25 (remote), but it will arrive at your port 25 (local).
I am not sure that I have explained this very well, so if someone else hasx a better way, please help.


0
 
LVL 4

Expert Comment

by:rbdnz
ID: 9608923
servers use well-known ports and those are published... i can dig up a link if needed.

ftp servers listen on 21
ssh service listens on 22
smtp servers listen on 25
web servers listen on 80
pop servers listen on 110
imap servers listen on 143...  for a few examples.

clients will connect to those servers on those ports.  from the clients perspective, those are the remote ports.

client connections can really have any value for the local port.  normally is 1025 or higher.

in the case of your example above, if you are running an SMTP server, then other mailservers (doesn't necessarily have to be your ISP's mailserver) will connect to you on port 25.  the connecting client (the other mailserver... which is a client in this case) can have as its local port anything.  it won't use 25 as it's local port -- after all, it too is a mail server & it is waiting for incoming connections on its own port 25.

i'll stop myself at this point -- does that help at all?  if not, i can keep going....
0
 

Expert Comment

by:pheonix05
ID: 9609343
Port assignments are controlled by Internet Assigned Numbers Authority (IANA).
The current list of PORTs and the well known services that use them can be seen at http://www.iana.org/assignments/port-numbers.
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 3

Expert Comment

by:MaxQ
ID: 9610617
Any service that listens for incoming connections generally is going to use a well-known
port number, as people have said.  When a client initiates a conversation with that service,
their request will come from a essentially random high-numbered port on their machine.
This pair of port numbers, along with the IPs of the client and server, uniquely identifies
the conversation they're having.  This is important since they could have several sessions
going on at the same time and you wouldn't want to mix them up.  So, traffic from the
client to the server might have source port 18123 to destination port 80, and the return
traffic from the server to the client would have those ports reversed, source port 80 to
destination 18123.

And just to clarify, the distinction between client and server is mainly relative to who sits
and listens for connections (server) and who initiates them (client).  A machine could easily
be a server in some contexts and a client in others...imagine a mail server that goes out
and fetches mail from a number of mail accounts and waits for you to connect and retrieve
that mail.
0
 
LVL 2

Expert Comment

by:jlindq
ID: 9612637
Or to make things really screwed, look at the client-server model of X11.  :-)
0
 
LVL 1

Author Comment

by:NeilDavis
ID: 9613160
Its getting clearer in my head slowly.  The main reason Ive been confused is due to the setting up of Proxy and ISA servers I think some of ours are at risk because in many filter instances they are set up to allow ANY remote port...but then if some incoming applications leave at random ports then I have to do that dont I??.  I take it the IP packet(s) contain information about the port it left on and the port it wants to go to?.

Im probably confusing myself at bit.  The main example I can give is with PCanywhere.  Ive been told it uses ports 5631 and 5632 for TCP and UDP which Im fine with.  However if I set my filter up to local and remote fixed port it doesnt work.  I have to allow a remote ANY port and local fixed (5631 and 5632) before I can connect....is this because the application is leaving the client on a random port but when it gets to the destination server it knows to use 5631 etc.
0
 
LVL 4

Accepted Solution

by:
rbdnz earned 125 total points
ID: 9613531
correct -- you have to allow any remote port.

you don't however have to allow any remote IP address.

among other things the TCP/IP header contains
source IP address
source port number
destination IP address
destination port number

source in your case meaning the remote side, for connecting clients.  destination being you.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now