• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 7590
  • Last Modified:

Why does fiddler listen on port 8888?

Fiddler Web Debugging Proxy by default listens on port 8888.  

1) What is the significance of port 8888?  
2) It seems that as a rule, internet browsers use port 8888 to send and receive traffic, correct?
3) If so, then it seems like this is a majorly important port, so why wouldn't this be indicated when I search on port 8888 e.g. under "Well known ports"?
0
SAbboushi
Asked:
SAbboushi
  • 3
  • 2
  • 2
2 Solutions
 
David Johnson, CD, MVPOwnerCommented:
it is an unregistered port that they 'fiddler' may pay for and get it registered to them
https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.txt
0
 
Dave BaldwinFixer of ProblemsCommented:
Fiddler works by intercepting traffic from the web browser.  They do that by redirecting the web browser to some other port, 8888 in this case, reading the packets and then passing the traffic on thru the standard ports.  It's the same technique used by your anti-virus also.
0
 
SAbboushiAuthor Commented:
it is an unregistered port that they 'fiddler' may pay for and get it registered to them
Thanks David.  The link I provided shows 2 "official" registrants for port 8888 (one of them is also listed in your link).  Since Fiddler has been around a long time and hasn't registered the port, it seems to me that software (e.g. Fiddler) which has need of a port for a non-standard use will likely select a rarely used port as default.  Is that the likely answer to my question?

Fiddler works by intercepting traffic from the web browser.  They do that by redirecting the web browser to some other port, 8888 in this case, reading the packets and then passing the traffic on thru the standard ports.
Thanks David.  So I was mistaken: web browsers don't use port 8888 as a rule to send/receive traffic?  What port do they use?

So you're saying that fiddler reroutes the http/https traffic from the default browser ports to port 8888 which they are listening to and then reroutes back to the default browser ports?

In my case, I'm monitoring SoapUI traffic (not browser).  Fiddler didn't see its traffic until I enabled a proxy within SoapUI's preferences for Host: localhost, Port: 8888.  But I don't understand what I did (i.e. the mechanics of what is going on), hence my questions.

Appreciate you guys taking the time to help.  Thanks--
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
SAbboushiAuthor Commented:
Ah - I think I get it: somehow (in a manner I don't understand) Fiddler reroutes the foreign address for the http/https requests generated by my browsers to port 8888; then after Fiddler intercepts the packets, it forwards them to the originally designated foreign address.  Correct?
0
 
David Johnson, CD, MVPOwnerCommented:
yes it is a man-in-the-middle proxy
0
 
Dave BaldwinFixer of ProblemsCommented:
HTML pages using HTTP protocol are normally communicated over port 80.  Fiddler is setup to create a proxy on some other port in your web browser.  You had to redirect SoapUI traffic because the automatic proxy wasn't created in SoapUI since it is not a browser with the Fiddler plugin / add-on.

Fiddler might still work if your page is on some other port in the browser but I don't know.

HTML pages using HTTPS protocol are normally communicated over port 443.  Fiddler has to create a temporary SSL certificate to monitor that traffic.  It can do it but does not do it unless you tell it to.
0
 
SAbboushiAuthor Commented:
Thanks Guys--
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now