Solved

Proxy ports that can be used for external communication (SSL VPN)?

Posted on 2012-03-12
13
748 Views
Last Modified: 2012-03-22
Hi,

I wonder which ports can be used aside from 8080 and 80 (above ports 8080 since underneath ports are locked by many Internet-providers).

This question because some of our office users seem to have setup connections like openvpn or ssh not using 8080 (probably tunneling over other ports?) and still connecting to external devices at home while we would like to monitor/keep track of all these connections in order to block them if they cannot be justified.

J.
0
Comment
Question by:janhoedt
  • 4
  • 3
  • 3
  • +1
13 Comments
 
LVL 2

Expert Comment

by:4drahil
Comment Utility
It really depends on the level of compitancy of your users, theoretically they could be using any port they please (obviously with exceptions) to tunnel traffic out of the company.

It really becomes a case then of whitelisting what they can use and blocking everything else.

Although a really determined user could still use something like SSTP and their traffic for all intensive purposes would look like a HTTPS connection.

Alternativly you could lock the machines down using group policy so they cant create VPN connections or SSH sessions or change their proxy settings, etc...

Also I would get all of your users to sign a network/computer usage policy if they already havent, as you are probably going to get into more trouble monitoring their usage than they are for avoidance of monitoring.
0
 

Author Comment

by:janhoedt
Comment Utility
Ok, but that was not my question. I would like to know the ports: 8080, what else can be used?
0
 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
The question has already been answered in the first response. ANY port can be used to pass the traffic over - 80 and 8080 are just two of them. However, MOST use port 443 using the https protocol because it is encrypted and once a connection is made the traffic passing over it cannot be easily identified.
0
 
LVL 51

Expert Comment

by:ahoffmann
Comment Utility
> I would like to know the ports: 8080, what else can be used?
even already answered, here as numbers:
  1024 .. 65535
0
 

Author Comment

by:janhoedt
Comment Utility
No, not at all. Why don't you read my question?

I wonder which ports can be used aside from 8080 and 80 (above ports 8080 since underneath ports are locked by many Internet-providers).

80 and 8080 can be used to route ANY traffic, but I want to know which other ports pass the proxy (besides 443). Ports ABOVE 8080.
0
Give your grad a cloud of their own!

With up to 8TB of storage, give your favorite graduate their own personal cloud to centralize all their photos, videos and music in one safe place. They can save, sync and share all their stuff, and automatic photo backup helps free up space on their smartphone and tablet.

 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
I'll bail out of this question. There is only a couple of ways to give the same answer to you and I don't appreciate the tone of your wording.
0
 
LVL 51

Expert Comment

by:ahoffmann
Comment Utility
> I wonder which ports can be used aside from 8080 and 80 (above ports 8080 ...

  8081 .. 65535

(assuming that 8081 is "above" 8080)

it's as wondered in previous comment: I don't know how to express this answer in other words

> .. ports are locked by many Internet-providers
if you want to know which ports are locked, you need to specify the provider you have in mind,
otherwise this sounds like a "how is the world going round" question
a general answer would be: ports 80 and 443 are usually open and anything else blocked for http/https traffic
0
 

Author Comment

by:janhoedt
Comment Utility
Sorry but it's frustrating  since my questions sounds pretty clear to me but apparently it is not.

I don't need to know which ports are blocked by a provider, I know the ones above 8080 are NOT blocked.
I would like to know which ports are NOT blocked by proxy by default aside from 80, 8080 and 443. It depends on the proxy I assume but aren't there default ports which are open (beside 80,8080 and 443), ports ABOVE 8080?
0
 
LVL 51

Expert Comment

by:ahoffmann
Comment Utility
> .. which ports are NOT blocked by proxy by default  ..
hmm, I stiil don't really understand what you want to archive
by default all ports ar blocked,
by default webservers are open on for example 80
by default anything is open if there is a service listening
by default a firewall in front has its own configuration for accept and block
so as I understand your question, you simply have to ask the owner of the proxy which ports are in use and/or which are not blocked

BTW, where is this "proxy" located you're talking about: outgoing proxy in your LAN or a proxy somewhere in the internet you want to use
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
Comment Utility
I think the mist is clearing.....

Yes, it depends on the proxy server or service you are using.

For example, ISA and TMG block all ports by default - even 8080, 80 and 443..
You then have the option of choosing to use a web proxy port (their default is 8080) or to simply allow port 80 to be used and rely on the NAT capability to protect the internal services etc. However, the 8080 port can be switched to any port that you like.

Port 443 is not really a proxy port in the true sense - it is used predominently with the https protocol to provide an encrypted service but in respect to proxy, it is just another port like all the rest.

So there are no ports that are open 'by default' either above or below the known, regular ports. The definition of a proxy port is the port used by proxy clients to talk to the proxy server/service so, in line with that definition, you have to choose it rather than it being a default that is open.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
Comment Utility
Thanks - sorry it took a while to get on to your page :)
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

5 Experts available now in Live!

Get 1:1 Help Now