When is a port considered to be closed? - Page 2
Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: When is a port considered to be closed?

  1. #11
    Ninja Code Monkey
    Join Date
    Nov 2001
    Location
    Washington State
    Posts
    1,027
    True, that would be the second part of my post where the user recieves no response or gets the icmp admin prohibited from the nearest local router responsible for that network segment.
    "When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
    "There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
    "Mischief my ass, you are an unethical moron." - chsh
    Blog of X

  2. #12
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Exactly the point, Juridian.

    What is meant by the posters use of "Closed".

    Is it rejecting, dropping, connecting, or connected? If there is a service listening (or as Roswell finehaired it, a superdaemon listening), the port is considered 'Open', agreed? If no service is listening, is it 'Closed' as TheSpecialist indicated? What about "Stealthed" as many port scanners will call unresponsive ports on obivously online hosts?

    Semantics: not just an overbloated AntiVirus company anymore.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  3. #13
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,535
    Stealthed is the same as filtered..

    No responce at all..

    A closed port should send a reset back..
    The clients sends a SYN and the server sends a RST back.
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  4. #14
    And if a host shuts down right when it receives a "SYN" packet to a specific port?

  5. #15
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,535
    Originally posted here by ThePastorGang
    And if a host shuts down right when it receives a "SYN" packet to a specific port?
    The client precieves that as a broken request or a request to a filtered port . .
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  6. #16
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    for me:

    blocked = filtered = sthealthed --> a firewall is dropping the response packs or a firewall is blocking the input packets. its detected by timeout, since normal behavior is send a RST back

    closed = no deamon, service is available on that port. It can be showed by a RST response (Juridian is correct about FIN flag)
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  7. #17
    Junior Member
    Join Date
    Jan 2004
    Posts
    1
    The Port is considered to be closed if it is explicitly blocked by the Operating System .
    I feel like GOD

  8. #18
    Member
    Join Date
    Aug 2004
    Posts
    95
    thank you for the response.

    So all of you suggest that - If explicitly Blocked by the OS or firewall in the system then the port is consifered to be closed.

    If you have a different opinion pl. put it across.

  9. #19
    Banned
    Join Date
    Jul 2005
    Posts
    511
    Closed, blocked.... These are all just definitions and people tend to disagree with those definitions. Basically there are three situations with a port:
    1) not a single process is using it.
    2) A single process is listening to it.
    3) Two processes are listening to it and thus communicate with each other.

    In situation 2, it is possible that a process is listening and discarding each and every message that is sent to the port. This way, the process is actually blocking the port. In situation 1, I have the feeling that it is just closed since any process can decide to open the port to listen to it. But that's my personal feelings about it. Others have different opinions about this.

  10. #20
    Yes, that's my CC number! 576869746568617's Avatar
    Join Date
    Dec 2003
    Location
    Earth
    Posts
    397
    I love it when people over-analyze a question!

    Think of any connection via TCP as a telephone conversation:

    You dial the number of the other person (IP and Port) This immediatly initiates the SYN.

    If the number is not in service (no service listening to port) you get that annoying mesage from the phone company (the RST).

    IMHO, that is a closed port. There is no service or daemon running, so no process is listening on the port, preventing a connection from being established.

    Any other event such as dropping the SYN and sending no response is simply stealthed, blocked, hidden, masked, etc. (which I personally collectively refer to as "blocked".

    Also, While it is true that inetd will spawn telnet if it is requested, on most linux distros and MS OSes, telnet has its own service daemon that can be disabled, or simply not installed when setting up the OS, which effectively closes port 23 for telnet on these systems, and also prevents telnet access to SMTP (because there is no telnet service).
    Windows 9x: n. A collection of 32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor. Written by a 2 bit company that can\'t stand 1 bit of competition.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •