Register Log In

Forums General Discussion mIRC and TCP ports/connections

Print Thread

Re: mIRC and TCP ports/connections #52958 08/10/03 06:55 PM
Joined: Feb 2003 Posts: 2,737 Raccoon Hoopy frood
Raccoon Hoopy frood Joined: Feb 2003 Posts: 2,737	Fairly accurate article as best as I can tell. Though I'm sure there are additional circomstances that may cause a stale connection, including physical interruptions in the connection and crappy/ misconfigured (home) routers that filter things it should not. Also, you might consider using TCPView (www.sysinternals.com) instead of NETSTAT. Someone also told me that Win2K makes it appear that the client-port endpoint appears as a listening socket, however this port still refuses connection and so it should be ignored. You accurately noted that client ports are randomly/ incrementally chosen from the 1024-5000 Shared Application Port range, but should also include that DCC (sender/ chat initiator) Listening ports are also chosen in in the same manner by default, even though they are "server ports". Not _ALL_ "Servers listen on well known (preassigned) port numbers." if you consider DCC (and even FTP) data ports as servers (short-lived servers anyway). You should also mention that when configuring a router to forward DCC ports, a range OUTSIDE of 1024-5000 should be chosen... contrary to many documents that recommend ports 4000-up. I've encountered some very disturbing home routers that translate "DCC Packets" (DCC SEND file.ext ipaddress port filesize) by changing the port value to 60000+ (or in some cases completely mangle the packet) if the port value falls inside 1024-5000. I recommend some high range between 12000 and 65535 that wont interfere with other applications, and that isn't as easy to scan for (which can interrupt/ intercept DCC connections if timed right). Oh, and if you goto Options (ALT+O) > Connect > Options > Advanced... You can checkbox [x] Use random ports for listening sockets (which should actually read "connecting sockets"). This option will make mIRC choose random high client-ports instead of 1024-5000 when establishing a connection to an IRC server. This makes Destination Unreachable (click2) attacks much more difficult, if you're not already protected by a firewall or would prefer not to filter these ICMP packets. - Raccoon Well. At least I won lunch. Good philosophy, see good in bad, I like!

Entire Thread
Subject	Posted By	Posted
mIRC and TCP ports/connections	erikw	08/10/03 05:22 PM
Re: mIRC and TCP ports/connections	Raccoon	08/10/03 06:55 PM
Thanks for the useful information	erikw	09/10/03 01:34 PM
Re: Thanks for the useful information	Raccoon	10/10/03 08:49 AM

Link Copied to Clipboard