Jump to content

Looking for PORTs


ccruz_md

Recommended Posts

Posted

hi. good day. i am reading ALOT of opening ports so that we could download faster.

all are teaching how to open ports in firewalls in windows, routers and antivirus.

now the question, WHAT IF, there is a firewall in your ISP?

what if?

UTORRENT --------- ROUTER -------------- HUB ----------- ISP-------WEB

^^^

what IF the firewall is here ...

or this is not possible.

my theory is that, if the ISP does not allow opening NEW PORTS to access the web; cant we just use OPEN PORTS which WINDOWS has already opened?

Posted

ccruz_md - I'm going to redraw your picture to make it a little simpler.

UTORRENT ------- HOME GATEWAY ---------- ISP GATEWAY ----------- INTERNET

I took out the HUB. Hubs have no brains, they just repeat signals. Anything that happens on one side of the hub is simply retransmitted to the other side(s) of the hub.

UTORRENT ------- HOME GATEWAY ---------- ISP GATEWAY ----------- INTERNET

^

What if a firewall is here?

Yes, that is possible. In many religious countries, the government requires filtering of certain content between the world-wide internet and a private Internet Service Provider.

You seem to be asking: Is it possible to avoid such a blocking firewall by reusing ports that were previously opened and allowed?

The answer is no, for several reasons. These TCP connections have a beginning sequence, a middle sequence, and an ending sequence. It is not possible to go backwards in the sequence to choose a different destination, you must start entirely over. When you do start over, Windows (and most other network stacks) will give you a new "Ephemeral" source port to connect from. Any consideration given by a firewall or filter to the previous source port will not apply to this new source port.

Secondly, the TCP connections have four values, which are either permitted or denied by a filter or similar firewall as a complete set. These values are the source IP address, the source port, the destination IP address, and the destination port. So even though you have a source IP and source port that were allowed before, the destination IP and port would be different. Since these are evaluated as a set, and not individually, you couldn't defeat a firewall in that manner.

I hope that helps you understand it.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...