Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

TCP ports - changing

Posted on 2013-01-17
4
Medium Priority
?
361 Views
Last Modified: 2013-01-22
Hello TCP experts,

This may be a dumb question. Suppose I have an application that listens on TCP 3012. Suppose I want to secure it with SSL. I know of a handful of TCP ports with SSL "flavors" (ldaps, imaps, pop3s, etc).
I was thinking if I change the app to listen on, let's say, tcp 636, would I then be able to secure it with an SSL Cert? I guess what I'm missing is, are port #s, just numbers or is it the behavior of the traffic that defines the port #?
0
Comment
Question by:trojan81
  • 2
  • 2
4 Comments
 

Author Comment

by:trojan81
ID: 38790197
Giving it a second thought and I think simply configuring your application to listen on a known secure port over SSL doesnt do any good if the application is not configured to negotiate encryption with the client. Is that a correct assumption?
0
 
LVL 14

Accepted Solution

by:
theras2000 earned 2000 total points
ID: 38790257
Yes that's correct.  You can just change your port and expect your application to automatically encrypt traffic.

Also correct is your saying that a port is just a port.  You can run any app/protocol over any port you like.  The reason people stick to recognised ports is so that we can find each others' services.  If a public website suddenly started using port 6000 instead of 80, then nobody's browser would find their site.  443 is the recognised port for HTTP/SSL.  993 is the recognised port for IMAP/SSL.  We pick what port we want, but then we must make sure our clients know what it is.
0
 

Author Comment

by:trojan81
ID: 38790315
Thereas2000

Your comment "Yes that's correct.  You can just change your port and expect your application to automatically encrypt traffic."

Did you mean to say You CAN'T or you CAN
0
 
LVL 14

Expert Comment

by:theras2000
ID: 38791833
Do'h!  You CAN'T.  Sorry about the typo.
0

Featured Post

[Webinar] Cloud Security

In this webinar you will learn:

-Why existing firewall and DMZ architectures are not suited for securing cloud applications
-How to make your enterprise “Cloud Ready”, and fix your aging DMZ architecture
-How to transform your enterprise and become a Cloud Enabler

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Network ports are the threads that hold network communication together. They are an essential part of networking that can be easily ignore or misunderstood, my goals is to show those who don't have a strong network foundation how network ports opera…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
Loops Section Overview
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question