Home page logo
/

basics logo Security Basics mailing list archives

RE: SSL workings
From: Joey Peloquin <jpelo1 () jcpenney com>
Date: Wed, 03 Dec 2003 13:54:11 -0600

Maybe what I need to know lies a little deeper. I want to know that
when a 
client machine communicates with a server, out of what port does this 
information travel from the clients machine.

That's basic TCP/IP.  The client connects from an unprivileged port >
1024.

From "Daryl's TCP/IP Primer" [1]:
Every TCP (or UDP) communication has a source port and destination port
number in the TCP (or UDP) header. Every TCP/IP communication can be
uniquely identified as [Source IP]:[Source Port] <---> [Dest. IP]:[Dest
Port]. This is how a Web browser can load several images at once and
keep track of which packet is for which image. The source port is
different for each TCP image-download connection, though the destination
port is 80 in each case. For example:

Source IP       Source Port     Dest IP         Dest Port       Notes
192.168.1.1     1025    10.101.10.1     80      index.html
192.168.1.1     1026    10.101.10.1     80      logo.gif
192.168.1.1     1027    10.101.10.1     80      backgrnd.gif

Note that each file getting downloaded has a different source port
number; this is how the communications are differentiated (this packet
is part of logo.gif, this packet is part of index.html, etc).
-- end quote

Virtual circuits on the client-side are dynamically created and torn
down, providing session control.

And also, if a client and server communicate via SSL, is the data
transferred 
in a secure state via the same port that data is normally sent, or is
the 
data transferred through a separate port??

From the Netscape spec. [2]:

At the present time SSL is implemented using TCP/IP as the base
   networking technology.  The IANA reserved the following Internet
   Protocol [IP] port numbers for use in conjunction with SSL.

     443  Reserved for use by Hypertext Transfer Protocol with
          SSL (https).
     465  Reserved (pending) for use by Simple Mail Transfer Protocol
          with SSL (ssmtp).
     563  Reserved (pending) for use by Network News Transfer
          Protocol (snntp).
-- end quote

HTTP/80; SMTP/25; NNTP/119.  Obviously the HTTP/S, SMTP/S, NNTP/S
traffic arrives at different service ports.  Virtually any port list
will provide you with the standard port assignments for other protocols
over SSL.

Cheers all.

Tryst

References:
[1] http://www.tcpipprimer.com/tcpudp.cfm
[2] http://wp.netscape.com/eng/ssl3/draft302.txt

Joey Peloquin

The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material.  If the reader of this message is not the intended recipient,
you are hereby notified that your access is unauthorized, and any review,
dissemination, distribution or copying of this message including any
attachments is strictly prohibited.   If you are not the intended
recipient, please contact the sender and delete the material from any
computer.

---------------------------------------------------------------------------
----------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault