Opening a Port

I have an application that is having troubles transmitting over the
internet and I suspect it's a firewall/ports issue. I had someone with
domain admin rights log in and test the same app and the had the same
problems. They tell me that with their credentials that they have
access to all ports and that something else other than a port problem
would be the problem. I thought that if a port is closed, it is closed
to everyone regardless of their credentials. Can someone confirm my
suspicion though that a port is closed regardless of your login
credentials?

Re: Opening a Port

Kristen Salerno wrote:
> I have an application that is having troubles transmitting over the
> internet and I suspect it's a firewall/ports issue. I had someone with
> domain admin rights log in and test the same app and the had the same
> problems. They tell me that with their credentials that they have
> access to all ports and that something else other than a port problem
> would be the problem. I thought that if a port is closed, it is closed
> to everyone regardless of their credentials. Can someone confirm my
> suspicion though that a port is closed regardless of your login
> credentials?
>

A port on a FW is open under two conditions that I know about.

1) The admin of the FW did a port forwarding of a port or ports (opening
) it or them to unsolicited inbound traffic from the Internet, such as a
WEB server sitting there listing for unsolicited inbound traffic from
client machines with an browser on port 80, as an example. That would
mean something behind the FW, a program running on a computer, was
sitting there listing on its port or ports for unsolicited inbound
traffic from the Internet.

2) Any program running on a machine behind the FW that sends outbound
traffic to a remote IP, a solicitation of traffic by the program, the FW
will open the required inbound port or ports back to the soliciting
program, like your machine that's has a browser and you make contact
with a WEB site. The FW is going to allow the solicited inbound traffic
back to your machine, on port 80.

Admin rights on a machine or a Domain has nothing to do with it that I
know about.

Duane :)

Re: Opening a Port

Kristen Salerno wrote:
> I have an application that is having troubles transmitting over the
> internet and I suspect it's a firewall/ports issue. I had someone
> with domain admin rights log in and test the same app and the had the
> same problems. They tell me that with their credentials that they
> have access to all ports and that something else other than a port
> problem would be the problem. I thought that if a port is closed, it
> is closed to everyone regardless of their credentials. Can someone
> confirm my suspicion though that a port is closed regardless of your
> login credentials?

Too little detail. Too much hearsay.

- What application? Version?
- What kind of transmission? Protocol? Data?
- What's the exact error message?
- Have you some sort of packet filter on the host in place?
- What firewall do you use?
- What do the logs on the host say?
- What do the logs on the firewall say?
- Have you tried the respective network tools (ping, netstat,
traceroute, port scanner, sniffer, ...) to track down the issue?
What were the results?

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich