[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 430
  • Last Modified:

Which port is app using on Mac?

How can I tell which ports an application is trying to use on Mac OS X 10.6.3?  For example, I have my Mac Mail configured to connect to an SSL port on 993.  However, I get errors that it cannot connect.  Port 993 is open on the firewall.  I shut off my modem/router firewall and it is able to connect.  

With the firewall up and running a Netstat through the Network Utility, I see entries such as this:

tcp4       0     79  192.168.0.4.55886      mx251o.mysite4no.imaps FIN_WAIT_1

I have the entire 54000-56999 block open for TCP/UDP.  What does FIN_WAIT_1 mean and could that be why Mac Mail can't connect?
0
brettr
Asked:
brettr
  • 4
  • 3
  • 2
1 Solution
 
quizwedgeCommented:
For seeing what ports are active, check out Little Snitch: http://www.obdev.at/products/littlesnitch/index.html  At the very least, it will tell you if Mac Mail is trying to connect.

FIN_WAIT_1 means "The socket connection has been closed by the local application, the remote peer has not yet acknowledged the close, and the system is waiting for it to close its half of the connection."  See http://developer.apple.com/mac/library/DOCUMENTATION/Darwin/Reference/ManPages/man1/netstat.1.html

In short, it looks like the FIN_WAIT_1 status is showing that your application (Mac Mail) has closed the connection, but not gotten a response from the server.

One test I thought of is using Telnet while your firewall is on.  Follow the directions at http://www.wikihow.com/Use-Telnet-on-Mac-OS-X.  Try it with both host name (e.g. www.google.com) and IP address (e.g. 72.125.19.106)  User port 993 for both test.  If it works for the IP address, but not the host name, then it is probably a DNS connection issue (check UDP ports allowed) rather than a Port 993 issue.
0
 
brettrAuthor Commented:
I rebooted the modem/router and now Mac Mail seems to work fine.  However, Teamviewer is still having issues.  Even after the reboot and with the firewall off, Little Snitch shows that it keeps prompting to connect to port 80 on a never ending steam of different IP addresses.  I keep granting but it doesn't connect.

It was working fine today with the firewall off.  Not sure why it doesn't connect now.  Do you have any suggestions?
0
 
brettrAuthor Commented:
Ok, restarted Teamviewer and opened a port it continually prompted on through Little Snitch.  Then restarted Teamviewer again.  Works fine now.

Thanks on Little Snitch.  Excellent app.
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
brettrAuthor Commented:
Do you know if there is anything like Little Snitch for Windows?
0
 
quizwedgeCommented:
I can't recommend an equivalent for Windows, though it's a question that comes up.  I found a few suggestions, but I can't endorse any of them as I haven't tried most of them.  I don't know that I'll ever install another Comodo software product though.  The two that I have installed before caused me more problems than they solved.  Check out http://forums.appleinsider.com/showthread.php?t=60569 and http://www.insanelymac.com/forum/lofiversion/index.php/%22http:/t62323.html

Glad I could help.
0
 
marookCommented:
One question that hits me: Why do you block Outgoing traffic on your firewall?
0
 
quizwedgeCommented:
marook - One reason would be to try to block spyware from sending information back.
0
 
marookCommented:
Well, yeah, but they all normally act as a normal app, and it's a stupid spymare developer if they don't use port 80 and pretend to be HTTP traffic.
But still, You can't tell what port a local app will use, as it's the end port that is the target. The local 'socket' will always be between 1024 & 65550 - right?  ;-)
So blocking the source port from internal app's is just meant to give you trouble. Blocking what Destination port is trying to get accessed, is what you want to do.
0
 
brettrAuthor Commented:
@marook:

I have a Motorola SBG900.  How do you not block outgoing traffic?  From what I understand, the firewall will block everything and you have to punch out the specific holes for in/out traffic.
0

Featured Post

The eGuide to Automating Firewall Change Control

Today‚Äôs IT environment is constantly changing, which affects security policies and firewall rules. Discover tips to help you embrace this change through process improvement & identify areas where automation & actionable intelligence can enhance both security and business agility.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now