Solved

Why does fiddler listen on port 8888?

Posted on 2015-02-13
7
4,404 Views
Last Modified: 2015-02-13
Fiddler Web Debugging Proxy by default listens on port 8888.  

1) What is the significance of port 8888?  
2) It seems that as a rule, internet browsers use port 8888 to send and receive traffic, correct?
3) If so, then it seems like this is a majorly important port, so why wouldn't this be indicated when I search on port 8888 e.g. under "Well known ports"?
0
Comment
Question by:SAbboushi
  • 3
  • 2
  • 2
7 Comments
 
LVL 78

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 150 total points
ID: 40608862
it is an unregistered port that they 'fiddler' may pay for and get it registered to them
https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.txt
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 40608942
Fiddler works by intercepting traffic from the web browser.  They do that by redirecting the web browser to some other port, 8888 in this case, reading the packets and then passing the traffic on thru the standard ports.  It's the same technique used by your anti-virus also.
0
 

Author Comment

by:SAbboushi
ID: 40609104
it is an unregistered port that they 'fiddler' may pay for and get it registered to them
Thanks David.  The link I provided shows 2 "official" registrants for port 8888 (one of them is also listed in your link).  Since Fiddler has been around a long time and hasn't registered the port, it seems to me that software (e.g. Fiddler) which has need of a port for a non-standard use will likely select a rarely used port as default.  Is that the likely answer to my question?

Fiddler works by intercepting traffic from the web browser.  They do that by redirecting the web browser to some other port, 8888 in this case, reading the packets and then passing the traffic on thru the standard ports.
Thanks David.  So I was mistaken: web browsers don't use port 8888 as a rule to send/receive traffic?  What port do they use?

So you're saying that fiddler reroutes the http/https traffic from the default browser ports to port 8888 which they are listening to and then reroutes back to the default browser ports?

In my case, I'm monitoring SoapUI traffic (not browser).  Fiddler didn't see its traffic until I enabled a proxy within SoapUI's preferences for Host: localhost, Port: 8888.  But I don't understand what I did (i.e. the mechanics of what is going on), hence my questions.

Appreciate you guys taking the time to help.  Thanks--
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:SAbboushi
ID: 40609120
Ah - I think I get it: somehow (in a manner I don't understand) Fiddler reroutes the foreign address for the http/https requests generated by my browsers to port 8888; then after Fiddler intercepts the packets, it forwards them to the originally designated foreign address.  Correct?
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 40609121
yes it is a man-in-the-middle proxy
0
 
LVL 82

Accepted Solution

by:
Dave Baldwin earned 350 total points
ID: 40609134
HTML pages using HTTP protocol are normally communicated over port 80.  Fiddler is setup to create a proxy on some other port in your web browser.  You had to redirect SoapUI traffic because the automatic proxy wasn't created in SoapUI since it is not a browser with the Fiddler plugin / add-on.

Fiddler might still work if your page is on some other port in the browser but I don't know.

HTML pages using HTTPS protocol are normally communicated over port 443.  Fiddler has to create a temporary SSL certificate to monitor that traffic.  It can do it but does not do it unless you tell it to.
0
 

Author Closing Comment

by:SAbboushi
ID: 40609212
Thanks Guys--
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Wireshark 7 53
ESXi VLAN Lab 2 32
Windows 10 VPN? 6 41
static routing issue no access to public internet 7 15
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now