[LINK] Acrobat phone home?
Stilgherrian
stil at stilgherrian.com
Fri Feb 6 09:19:40 EST 2004
While I haven't really been following this thread about Acrobat's "phone
home" behaviour, I wanted to pick up one point about the port
incrementing...
Chirgwin, Richard said:
> One last thing. Howard noted that the outbound TCP connections should
> change each time the process appears. Correct, and thanks for pointing
> it out. The listening port is, of course, static.
>
> When the process is trying to make it's once-a-minute outbound
> connections, which I am refusing, it increments the port number to try
> again. This is, I guess, a straightforward behaviour: Acrobat's
> developers have assumed that the reader is going to run into corporate
> firewalls with tight security policies, so it steps through the port
> list looking for one that's open.
>
> Which, to me, fits under the heading "worse and worse". If a company (or
> an individual) is setting up a security policy, then for a software
> developer to try and circumvent that policy is irresponsible. Culpable,
> even.
This is unlikely to be a deliberate strategy for punching through
firewalls. It's just the normal behaviour for IP networking.
In general, when an application program asks the operating system for a
TCP connection, the source port -- that is, the port on "your" machine" --
is any arbirtary one above 1024. What usually happens in practice is that
when you first boot the machine, the first request for an outbound
connection comes from port 1024, the next one from 1025, the next one from
1026 and so on. That is, the port number is just incremented with each
subsequent connection.
It's presumably just easier to code that way...
Stil
--
Stilgherrian <stil at stilgherrian.com> http://www.stilgherrian.com/
Internet, IT and Media Consulting, Sydney, Australia. ABN 25 231 641 421
mobile 0407 623 600 (international +61 407 623 600)
fax 02 9516 5630 (international +61 2 9516 5630)
More information about the Link
mailing list