Solved

Ports allowed for outlook Express

Posted on 2004-04-07
3
225 Views
Last Modified: 2010-04-09
Hey Guys,
Simple question hopefully.
I am doing some testing on some firewalls and have a question regarding Outlook Express.
I am running Ethereal to see exactly what is going over the line and to what ports. OE talks out on 110 retrieving mail but then the outside server responds on a 25xx port usually. I know this is common because the computer issues another port to continue the conversation on. How does this affect how you are setting up your firewall. Shouldn't the conversation bomb out because of the 25xx ports being used?
Thanks a million.
0
Comment
Question by:Premiernc
  • 2
3 Comments
 
LVL 35

Expert Comment

by:Bembi
ID: 10797722
Any TCP/IP connection is initiated by an initiating port and a response port. The respose port is usually a port from the not reserved pool. If you see in your firewall logs a communication with local port on 25xx and remote port on 110, that means that your server or client has established a connection with the remote server. As the 110 port is reserved and maybe used by your own system, the remote server cannot respond on the same port, usually it takes a port offered by your own server/client (25xx). Within your log file, you can see, that the ports will arise, i.e. 2510 for the first request, 2511 for the second and so on, as long as ports are available.

As your firewall knows the established ports for this single connection, the firewall is able the handle this. That means, that there is no need for any additional setting, as these ports can only be used for this dedicated connection. As long as the port is used, no other application can make a request to the local port (25xx) as it is dedicated to this connection and used as long as the connection is open. If the connection closes, the port is also closed and your firewall do not allow, that anybody else can use it.

The configuration is made in that way, that you allow port 110 for outgoing requests and any port for the corresponding answers. This is usually made within the same protocol definition. This means, that only the remote server, which gets a request on port 110 can answer to the request (on any port), but can not make a request for its own.

If you are unsure, if your firewall is save, you can test it by using

Shields UP
https://grc.com/x/ne.dll?bh0bkyd2
0
 
LVL 1

Author Comment

by:Premiernc
ID: 10805699
Thanks for the info. I also imagine that your firewall has to stateful in order to dedicate the port the current application, is this corrrect. Thanks again.
0
 
LVL 35

Accepted Solution

by:
Bembi earned 250 total points
ID: 10806071
If an application establishes a connection to a remote system, the firewall has usually nothing to do (in the first step) with any used port ranges. This is a agreement between the initiation application and the remote server. If your applications initiates a connection on port 110, it usually offers a port range for response, from which one free port is choosen, or it accepts any port. As long as the connection is established, no other application can use these (two) ports as TCP/IP do not allow that. This is the reason, why you have to setup your firewall i.e. for port 110 local outgoing and any port remote for response. As every connection gets a session-ID, the firewall knows, which session is allowed to answer, which is only the session, originally initiated on port 110.  The other ports out of the port range are obsolete, therefore free for other communication, but not open from outside.

Hope this answers your second question?
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Firewall vs WYSIWYG editor 5 73
Using PowerShell on Windows Firewall #1 5 80
Sql Server Firewall Problems 2 58
Hardening ScreenOS 8 66
Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now