Port addresses. What are they doing?

[Bear_Nenno]

I am almost positive this has been asked before. It should have anyway. I searched for “port address” in GQ and got back over 1600 threads. None of the first dozen or so were promising…
Anyway, what are the ports doing exactly? AOL Instant Messenger will not work on the proxied network I have at work. But I have found that if I change the port setting really low, like 25, it will work.
Then, if I use a dial-up connection later, or plug back into my cable modem at home (we are talking a laptop here) I have to change the port setting back to 1000. It wont work at 25. Why is this?

[Joe_Cool]

*Originally posted by Bear_Nenno *
**…the fact that this thread talks about Port 25 and I also used port 25 to connect to AOL IM, is merely a coincidence. But a strange one at that… is there something special about port 25 that I did not realize? **

No. The something special is AIM’s login server (oscar). It listens on pretty much every commonly used port, specifically to make it easier for people to connect through firewalls.

5190 is the default AIM port, but it also listens on:
13: daytime
20: ftp data
21: ftp
23: telnet
25: sendmail
37: time
53: DNS
69, dudes!
70: gopher
79: finger
80: http
88: kerberos
110: pop3
113: authentication
119: nntp (USENET)
123: ntp (network time protocol)
137: netbios
8080: https

and a whole mess of other ones. Basically, they set it up to make it as easy to connect as possible, which is a Good Thing®.

A port is just an extension of your computer’s address. The IP tells data how to find the computer, and the port tells the data what service it needs to go to once it reaches that computer (sort of like the apartment number, vs. the street address). Port 25 is the address of the Unix Sendmail program, which is the mail relaying agent. Your firewall happens to have port 25 left open for sending e-mail (apparently your company uses SMTP instead of MS Exchange, you lucky dog) out of the network. That’s why you are able to connect there.

Hope I’ve been helpful.

[friedo]

The port number is a 16-bit number (between 0 and 65535) added on to the end of an IP address. Port numbers were devised so you can have multiple conversations going on at once between machines on a TCP/IP network, like the Internet.

Port numbers below 1023 are considered “priveledged” ports, and are standardized in RFC 1700 under “well known port numbers.”
On a Unix system, you have to be root to start a process on a priveledged ports. Some well known ports include 80 for HTTP, 25 for SMTP, 23 for Telnet, 53 for DNS, and 443 for SSL. All the other ports (1024-65535) are up for grabs.

Say you want some info from boards.straightdope.com. Your web browser would make a request for the operating system to open a connection to boards.straightdope.com on port 80 (the standard port for HTTP). That connection would come from your machine on a random non-priveledged port that is available, say, 5687.

Now say you were getting several pages from boards.straightdope.com at one time. You would open several connections, each of which used a different random non-priveledged port, each of which connected to port 80 on boards.straightdope.com. That’s how web servers keep track of multiple queries from the same IP.

All internet client software assumes you’re using the standard port for the service you are requesting unless you specify otherwise. That’s why sometimes you see websites with a port number on the end; that web server is either being run as a non-root process or is trying to get around a firewall or something.

[st1d]

Concerning having software listen on a number of ports:

While it is nice that they listen on several different ports (usually to allow some flexibility in the software/system you use), there can be one unintended problem with this. For instance, a certain monopolistic company with a famous billionaire founder runs a series of online internet based games. When you connect to these games, unlike those provided by other portals, your browser opens a great number of ports. Supposedly this is so your gaming experience is more pleasant, and the software can access different parts of your OS for this reason.

The question is, why do they need to open so many when most other portals are fine with only a couple? Under ideal circumstances, this would be a minor annoyance, but as the internet isn’t utopia, there is a bigger problem. When various ports are sitting there open, waiting for information, they become targets for crackers (think bending over naked in San Fransisco after the bars let out). Easy targets, as a few of these ports will let you do anything you want to the computer once you pass the weakest of protection.

So, while it’s nice for servers to listen on several different ports, you don’t particularly want your own software to open tons of them while you’re online. Not that it makes a difference, you probably have little control over what your software decides to do, but I thought I should mention it.