Solved

Ports allowed for outlook Express

Posted on 2004-04-07
3
231 Views
Last Modified: 2010-04-09
Hey Guys,
Simple question hopefully.
I am doing some testing on some firewalls and have a question regarding Outlook Express.
I am running Ethereal to see exactly what is going over the line and to what ports. OE talks out on 110 retrieving mail but then the outside server responds on a 25xx port usually. I know this is common because the computer issues another port to continue the conversation on. How does this affect how you are setting up your firewall. Shouldn't the conversation bomb out because of the 25xx ports being used?
Thanks a million.
0
Comment
Question by:Premiernc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 35

Expert Comment

by:Bembi
ID: 10797722
Any TCP/IP connection is initiated by an initiating port and a response port. The respose port is usually a port from the not reserved pool. If you see in your firewall logs a communication with local port on 25xx and remote port on 110, that means that your server or client has established a connection with the remote server. As the 110 port is reserved and maybe used by your own system, the remote server cannot respond on the same port, usually it takes a port offered by your own server/client (25xx). Within your log file, you can see, that the ports will arise, i.e. 2510 for the first request, 2511 for the second and so on, as long as ports are available.

As your firewall knows the established ports for this single connection, the firewall is able the handle this. That means, that there is no need for any additional setting, as these ports can only be used for this dedicated connection. As long as the port is used, no other application can make a request to the local port (25xx) as it is dedicated to this connection and used as long as the connection is open. If the connection closes, the port is also closed and your firewall do not allow, that anybody else can use it.

The configuration is made in that way, that you allow port 110 for outgoing requests and any port for the corresponding answers. This is usually made within the same protocol definition. This means, that only the remote server, which gets a request on port 110 can answer to the request (on any port), but can not make a request for its own.

If you are unsure, if your firewall is save, you can test it by using

Shields UP
https://grc.com/x/ne.dll?bh0bkyd2
0
 
LVL 1

Author Comment

by:Premiernc
ID: 10805699
Thanks for the info. I also imagine that your firewall has to stateful in order to dedicate the port the current application, is this corrrect. Thanks again.
0
 
LVL 35

Accepted Solution

by:
Bembi earned 250 total points
ID: 10806071
If an application establishes a connection to a remote system, the firewall has usually nothing to do (in the first step) with any used port ranges. This is a agreement between the initiation application and the remote server. If your applications initiates a connection on port 110, it usually offers a port range for response, from which one free port is choosen, or it accepts any port. As long as the connection is established, no other application can use these (two) ports as TCP/IP do not allow that. This is the reason, why you have to setup your firewall i.e. for port 110 local outgoing and any port remote for response. As every connection gets a session-ID, the firewall knows, which session is allowed to answer, which is only the session, originally initiated on port 110.  The other ports out of the port range are obsolete, therefore free for other communication, but not open from outside.

Hope this answers your second question?
0

Featured Post

Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question