I'm currently working my way through several basic web server examples with both .NET and also Python. Most examples seem to use 8000 or 8080 as test ports. Can anybody clarify the difference between these? Does it matter? Please advise.
It doesn't matter. In fact, 8080 is often used as a default http port for software providing http services that is not a core http Server (e.g. Apache http Server). So after a while this port is sometimes taken from software that runs on the system in a background.
8000 it seems is just another port being used by the .NET domain.
Ports below 1024 need system user permission like root or something. That is why ports in the thousands are used for software running as a normal user.
No difference. Two common ports you'll want to know the difference between 80 and 443. 80 is for insecure (HTTP) connections and the other one is for secure (HTTPS) connections, but they both are used and reserved for HTTP communication.
Related
Firstly, I have a HTTP Server with Apache 2.4 in Windows working perfectly fine with a simple website,
so I forwarded external port 80 to the local port 80 of my Windows machine in my router.
And I want to run a WebSocket server on my Raspberry PI for doing crazy things with python, and I tried to forward the external port 80 also to the local port 80 of the Raspberry.
And I tried to connect to the python WebSocket server running on my Raspberry, with a JS script in a website, and it says: net::ERR_CONNECTION_REFUSED.
Then I noted that my simple website in my Apache server was not loading correctly (very slowly), the majority of the time it didn't load it at all, chrome said: Connection refused. Then I undone the Raspberry port rule and then it was loading completely fine.
So, is that the two mentioned protocols can't coexist (probably they do)? or its just a problem with port forwarding?
Thanks in advance for your time
This is a limitation of the routing. When you use port forwarding in your router, it's happening on the transport layer (4) of the OSI model. Here a socket is defined by 3 things: protocol, address, port. Which in this case is tcp:<Your-IP-Address>:80. You can only forward that to one location. HTTP and WebSocket protocols are on higher layers and are not visible to the router, they are passed along only as data.
You will need to use a different port number for one of them, or use a reverse proxy server, such as HAProxy or nginx, that can process the higher level protocols and router accordingly.
I am sorry if this question does not make sense but I am struggling to understand this topic. I have made an audio video style application that uses ports :80 and :443 but my senior developers worry is that it will not work because other applications also use ports :80 and :443 like skype and gmail.
My question is how do I get past this issue? Is it possible?
Again sorry if the question does not make sense
Thanks!
If you hosting your application, then it would not be problem. As you said other application like gmail etc uses the same port 80, i.e. means gmail server keeps listening on the port 80. When we access the gmail, any port is selected (1024 <) on client side. these ports are usually called as ephemeral ports
So when you access gmail, port say 41667 on your machine opened and connected to port 80 of gmail. port 80 inturn pass to other available port and keeps listening so many user at the same time can access gmail.
The convention for ports 80 and 443 is for http and https protocols.
Gmail listens on those ports, but it is sitting on a remote host, the local ports are random.
Skype do make use of those ports as an alternate configuration.
If you are coding both sides, you should consider other ports (>1024).
If you are relaying on users connecting to your server with regular http or https stay with 80 and 443, otherwise they will have to know the port and specify it in the http call (http://<YOUR_HOST | IP>:<PORT#>).
everyone! I have a list of http proxy servers, some of then may stop running http proxy process. Of course, there are two cases: the port is not listened any more; and the port may be listened for another service. I have to write a program to judge if a given server is still running http proxy. How can I do that? If I can connect to a port, how can I judge whether it provides http proxy service or not? Is there protocol relative thing I can employ?
Most proxy servers use port numbers like 8080, which are not assigned to any other services. In those cases, if you can connect, it is usually safe to assume it is still a proxy.
In the case that the proxy server uses a standard port like 80, you may want to make a single request to a known host on the internet. That way you can know that it is still forwarding requests to the outside.
If you're trying to see what services are available on any given server or port, something like nmap may be useful. nmap can usually identify the type of service running on any given port.
IMPORTANT: Running a full port scan on a remote host is (almost always) illegal unless you have written permission from the owner of that host. Sometimes it is illegal even if you have written permission.
Scanning one targeted port using nmap is probably okay.
I don't really understand the differences between the different ports. I couldn't find any useful resources online that would go into detail about it. From what I can understand, it acts as some kind of filter that blocks out any other request not using the same port number.
When will I, if ever, need to change the port number when typing in a website in my browser? What about if I am running my own website? Are there any risks I take when using port 80? As in, are there ways to use different port numbers to hack into a website?
And since a Simple Mail Transfer Protocol uses port 25, could I use this knowledge to send emails using self written programs?
By conventions and standards, defined protocols generally listen on defined ports by default. You can set any service to listen on any port you want, just be aware that changing from a standard port means that standard tools would need to be explicitly told to use your non-standard port.
For example, if you run a web server then by default it's probably listening on port 80. So all someone needs to do to visit your server is use the address:
http://www.yourserver.com
However, if you change it to listen on a non-standard port, such as 81, then any user who wants to visit your site will need to specify the port number:
http://www.yourserver.com:81
The standard convention of just using the address wouldn't be sufficient, because you've broken convention. Now, this is fine if you don't want people randomly using your site and only want it to be available to people to whom you've told the port number. This is called "security through obscurity." It doesn't actually secure your site in any way or filter out anything, it just adds an additional step to the use of the site.
As for SMTP, yes, you can write programs to connect to port 25 on SMTP services and send data to those services. You may indeed be able to spoof emails in this manner. However, most services have other built-in checks and balances to prevent such spoofing.
TCP/IP supports 2^16 ports on a machine. A server program is said to listen on a specific port; other machines contact a server program at a machine using the port number and the name of the machine. It's like the address on a letter.
Some port numbers are "well known", which just means they're officially assigned for a particular service: port 80 is for web servers, port 25 for SMTP, port 25 for telnet, etc.
But any server can run on any port; it's just a matter of changing the code or the configuration. Sometimes you may way to run two separate web servers on one machine; one might listen on port 80, and the second one on some other port (8080 is a common choice for servers used during development.)
So the client can't meaningfully change the port to some random number: there has to be something listening on that port, on that machine, or it doesn't do anything.
There is no 'difference' between running a web server on any port number, from a purely technical perspective, as long as the client and the server both know which port to use. When the client connects to the server, it has to know the IP address as well as the port.
By convention, several ports are used by standard services. For example, port 25 is SMTP, port 80 is the http port, 22 is the ssh port, etc. Because of these conventions, ports less than 1024 are reserved by the operating systems and can only be opened by a root process.
Unless there is a specfiic reason, it is generally a good idea to stick with the standard port numbers. Advanced port scanners/ analysis tools will try all ports on a system, so there isn't much benefit to running a service on a non-standard port.
The port numbers are a way of multiplexing communications over IP links. This is commonly used to provide specific services on accepted port numbers. HTTP servers have been allocated port 80 for listening for incoming client connections, though this is not a lock - there is nothing stopping you constructing/configuring an HTTP server that listens on port 9001, or whatever. If you did use a non-standard port number for your server, then you would have to specifically instruct a browser to connect to that port, rather than defaulting to 80 as it normally does.
SMTP in port 25 using your own program - sure, you can do this. Any mail app is some developers' 'own program' .
Rgds,
Martin
Which of the following ports is the best one to use for a program. I'm working on using a custom protocol still under development. I'm looking for one that will be accessible to virtually every host that is connected to the public Internet (that is, every host that can view websites can use this port). The three main options are:
port 53 UDP (DNS)
port 80 TCP (HTTP)
port 443 TCP (HTTPS)
Which of these is most widely accessible over the Internet, including all ISPs, corporate firewalls, etc.
All of those ports are used by well-known services, and you should use none of them (if your product is not a webserver or a DNS server.) DCCP Well Known ports SHOULD NOT be used without IANA registration. If your service is commercially viable or has benefits for the network as a whole, consider registering it for a lower port number: The registration procedure is defined in RFC4340, Section 19.9.
For experimental use, use a port between 1024 and 49151. Remember that even those ports should be registered with the IANA as soon as your service goes "live".
Regarding firewalls: You cannot predict if your service will be available to any network at all. Even if you use port 80, you probably will run against firewalls that do content checking.
Not port 53. Toss-up between 80 and 443. If you make your protocol look sufficiently like HTTPS that a proxy will forward it the same way, then maybe 443 is your best choice.
As all the ports you've nominated are used for particular well-specified protocols, it's a very bad idea to use these for a different protocol. There's a convention that for a well-known port, there's a corresponding protocol, and if you break this convention, then at the least you're going to cause confusion, and at worst be suspected of nefarious intentions and be blocked. Martin's answer points you in the right direction.