Security Basics mailing list archives
RE: Remote Connections and port identification
From: "Keith Cirelli" <Keith.Cirelli () strategiclink com>
Date: Mon, 28 Jul 2003 13:00:38 -0400
Hoooooooooold up...your a bit mis-informed. UDP is a protocol. It is fast, not reliable and does not perform error checking like TCP. Many apps use it such as SNMP. ACK is and 'acknowledgement' packet. In TCP/IP there is a 3 way handshake that takes place before two machines start an established connection. If I start a conversation w/your PC it goes like this....Syncronization packet to you, you send back to me a synchronization ACKnowledgement THEN, I send you and ACKnowledgement. Handshake complete...we start talking TCP/IP RCP (provided you didn't mean RPC) is a unix sentric 'remote copy' command/app that is used to copy files from 1 machine to another. rcp (remote copy) is used to copy files between the local host (the computer you are currently logged on to) and a remote host (any other computer on the network). Hope that helps clear things up a bit. - -----Original Message----- From: Sayo Venchetti [mailto:november_echone () yahoo com] Sent: Tuesday, July 22, 2003 8:14 PM To: security-basics () securityfocus com Subject: Remote Connections and port identification Hey again :), I also was wondering what exactly a UDP, ACK, and RCP ports are. I'm guesing an ACK port has something to do with uploading information(?), and is it possible for a remote screen to launch an uplink or direct connection to another computer or network via an open TCP, UDP, ACK, or RCP port on a computer? If so, do they have to be already established, or can one open them from the remote computer? Also, I was reading a chart on remote SSH connections for a website on Koji Nobumoto's email of SSH, and it was sharing information on remote logins to windows machines from linux machines (http://www.uk.research.att.com/vnc/sshvnc.html) and it says at one point a linux machine 1 was forwarding information back over a public network through a secure remote network (Passing through another linux box #2) to another windows machine. Was the information being transfered going THROUGH the linux box 2, or was it directly connected to the windows box via some sort of secured connection? It raises the possibility of bypassing security on the 2nd linux box to direct connect to the windows box. If this was true, I'm thinking about performing an experiment where from my own windows machine, I will direct connect to a relativly unsecure LAN network down the street from my house (A friend of mine's computer network), and connect to a windows 2k pro OS box I own, bypassing his server computer. Is this possible? If so, I'll do it and report the results back here :P Thanks, ~Sayo Venchetti - --------------------------------------------------------------------------- - ---------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com> iQA/AwUBPyGTkaRW4RQby1QuEQLf+wCg3E8x37KKQMARB8x4g+NHGrt7ViYAoM3n 6IJvzI7Ub9+OLXkBPfzpWBSk =9tAx -----END PGP SIGNATURE----- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: Remote Connections and port identification libero (Jul 28)
- <Possible follow-ups>
- RE: Remote Connections and port identification Keith Cirelli (Jul 28)