When trying to request a firewall change IT told me “ports between 1 and 1024 are reserved and can’t be used for anything else” so I couldn’t be using it for a pure TCP connection, and besides, there would have to be a protocol on top of TCP, just TCP as protocol is obviously wrong. I was using port 20 because it was already open…
as a full stack dev, everything you said has offended me.
port 20 is used for FTP, unless you were using FTP, then go right ahead. Guessing that since you didn’t know the protocol you were not using FTP.
port usage reservations are incredibly important to ensure that the system is running within spec and secure. imagine each interface like a party telephone line and the ports are time slots.
your neighborhood has reserved specific times (ports) for everyone to call their relatives. if you use the phone not in your slot (port) your neighbors might get pissed off enough to interrupt your slot. and then it’s just chaos from there.
As IT/network/security, using a well known port for something that’s not what is supposed to run on that port, is inviting all kinds of problems.
Especially the very well known ones, like ftp, ssh, SMTP, http, HTTPS, etc (to name a few). People make it their mission to find and exploit open FTP systems. I opened up FTP on a system once to the internet as kind of a honeypot, and within a week or so, there was someone uploading data to it.
No bueno. Don’t use well known ports for things unless the thing that well known port is known for, is what you want to do.
All of that is fine, and they mentioned the management perspective, which I get. It was a field test and our original choice of 4001 - which is what other serial to TCP servers like us use, also in their network - was unavailable.
What irks me is the “technical impossibility” of raw TCP and “I must be wrong” when filling out their firewall change form.
They’ve since given us a different port “close to others that we use”, for whatever reason that matters, and based their choice on some list of common protocols outside the reserved range. But not 4001.
That by itself is just one thing and I wouldn’t give it a second thought, but it’s all part of a larger picture of ineptitude. They opened a ticket because an arrow at the border of our UI vanished when they screen shared on Teams. Because of the red border. And they blamed our application for it.
They didn’t set up their PKI correctly and opening our webpage on specific hosts gave the typical “go back” warning. But it was our fault somehow, even though the certificate was the one they supplied us and it was valid.
When trying to request a firewall change IT told me “ports between 1 and 1024 are reserved and can’t be used for anything else” so I couldn’t be using it for a pure TCP connection, and besides, there would have to be a protocol on top of TCP, just TCP as protocol is obviously wrong. I was using port 20 because it was already open…
as a full stack dev, everything you said has offended me.
port 20 is used for FTP, unless you were using FTP, then go right ahead. Guessing that since you didn’t know the protocol you were not using FTP.
port usage reservations are incredibly important to ensure that the system is running within spec and secure. imagine each interface like a party telephone line and the ports are time slots.
your neighborhood has reserved specific times (ports) for everyone to call their relatives. if you use the phone not in your slot (port) your neighbors might get pissed off enough to interrupt your slot. and then it’s just chaos from there.
As IT/network/security, using a well known port for something that’s not what is supposed to run on that port, is inviting all kinds of problems.
Especially the very well known ones, like ftp, ssh, SMTP, http, HTTPS, etc (to name a few). People make it their mission to find and exploit open FTP systems. I opened up FTP on a system once to the internet as kind of a honeypot, and within a week or so, there was someone uploading data to it.
No bueno. Don’t use well known ports for things unless the thing that well known port is known for, is what you want to do.
All of that is fine, and they mentioned the management perspective, which I get. It was a field test and our original choice of 4001 - which is what other serial to TCP servers like us use, also in their network - was unavailable.
What irks me is the “technical impossibility” of raw TCP and “I must be wrong” when filling out their firewall change form.
They’ve since given us a different port “close to others that we use”, for whatever reason that matters, and based their choice on some list of common protocols outside the reserved range. But not 4001.
That by itself is just one thing and I wouldn’t give it a second thought, but it’s all part of a larger picture of ineptitude. They opened a ticket because an arrow at the border of our UI vanished when they screen shared on Teams. Because of the red border. And they blamed our application for it.
They didn’t set up their PKI correctly and opening our webpage on specific hosts gave the typical “go back” warning. But it was our fault somehow, even though the certificate was the one they supplied us and it was valid.