Security Basics mailing list archives
RE: SSL workings
From: Joey Peloquin <jpelo1 () jcpenney com>
Date: Wed, 03 Dec 2003 13:54:11 -0600
Maybe what I need to know lies a little deeper. I want to know that
when a
client machine communicates with a server, out of what port does this information travel from the clients machine.
That's basic TCP/IP. The client connects from an unprivileged port > 1024.
From "Daryl's TCP/IP Primer" [1]:
Every TCP (or UDP) communication has a source port and destination port number in the TCP (or UDP) header. Every TCP/IP communication can be uniquely identified as [Source IP]:[Source Port] <---> [Dest. IP]:[Dest Port]. This is how a Web browser can load several images at once and keep track of which packet is for which image. The source port is different for each TCP image-download connection, though the destination port is 80 in each case. For example: Source IP Source Port Dest IP Dest Port Notes 192.168.1.1 1025 10.101.10.1 80 index.html 192.168.1.1 1026 10.101.10.1 80 logo.gif 192.168.1.1 1027 10.101.10.1 80 backgrnd.gif Note that each file getting downloaded has a different source port number; this is how the communications are differentiated (this packet is part of logo.gif, this packet is part of index.html, etc). -- end quote Virtual circuits on the client-side are dynamically created and torn down, providing session control.
And also, if a client and server communicate via SSL, is the data
transferred
in a secure state via the same port that data is normally sent, or is
the
data transferred through a separate port??
From the Netscape spec. [2]:
At the present time SSL is implemented using TCP/IP as the base networking technology. The IANA reserved the following Internet Protocol [IP] port numbers for use in conjunction with SSL. 443 Reserved for use by Hypertext Transfer Protocol with SSL (https). 465 Reserved (pending) for use by Simple Mail Transfer Protocol with SSL (ssmtp). 563 Reserved (pending) for use by Network News Transfer Protocol (snntp). -- end quote HTTP/80; SMTP/25; NNTP/119. Obviously the HTTP/S, SMTP/S, NNTP/S traffic arrives at different service ports. Virtually any port list will provide you with the standard port assignments for other protocols over SSL.
Cheers all.
Tryst
References: [1] http://www.tcpipprimer.com/tcpudp.cfm [2] http://wp.netscape.com/eng/ssl3/draft302.txt Joey Peloquin
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If the reader of this message is not the intended recipient, you are hereby notified that your access is unauthorized, and any review, dissemination, distribution or copying of this message including any attachments is strictly prohibited. If you are not the intended recipient, please contact the sender and delete the material from any computer.
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- SSL workings trystano (Dec 02)
- RE: SSL workings Joey Peloquin (Dec 03)
- RE: SSL workings dave kleiman (Dec 03)
- Re: SSL workings Creed Erickson (Dec 03)
- Re: SSL workings Markus Müssig (Dec 03)
- <Possible follow-ups>
- Re: SSL workings Trystano (Dec 03)
- RE: SSL workings dave kleiman (Dec 03)
- RE: SSL workings Joey Peloquin (Dec 03)
- SSL workings Boyer, G. T. IT2 ISSM Office (Dec 03)
- RE: SSL workings Boyer, G. T. IT2 ISSM Office (Dec 03)
- CSI/FBI Survey Meritt James (Dec 04)