Ports Scanning Security Services and the Tunneler

From MetroPipe WIKI

Your computer communicates with the Internet through network devices called 'ports'. These ports are analagous to the the internal switchboard of a corporation. You may call Acme Corp and ask to be transferred to the Public Relations department on extension 80. Then you'd be connect to someone who could give you all kinds of information about the corporation.

In a similar manner, whenever you click on Amazon.com's web address, your browser sends a request through the Internet to port 80 of Amazon's server. Their server is listening on port 80 for your request, and responds with Amazon's HTML page, and all the images that compose it.

Port 80 is the standard port for web traffic, traffic. There are many, many other standard ports that are designated for other Internet services: email, encrypted web traffic, domain name lookups, file transfers, etc. Each of these services uses a different port for communication.

Web servers usually have several ports open. Computer programs, like web servers, listen through these ports for requests (like Amazon's web server listening on port 80 for request from your browser). If you want, you can use a port-scanning tool to query the ports on server to see what services it offers. All webservers will be listening on port 80. Many will also be listening on port 443 (the port for secure web traffic). Some will also be listening on port 113 (used for authentication and identification), port 25 (SMTP for sending email), port 110 (POP for receiving email), and so on.

Your personal machine is quite different from an Internet server. It (probably) doesn't host websites, host email accounts for other users, or relay email around the Internet. Therefore, your personal machine shouldn't have many of these ports open. In fact, if some of these ports are open, it can indicate the presence of a trojan or virus, or at the least, a security hazard.

Port scanning services send a query to each port on a target machine. They can tell if a port is open if there is any answer. The port scanning service can then issue a comprehensive report on all open ports on any machine.

[edit]

Using Port Scanning Services with the Tunneler

When you use the Tunneler, outside observers only see the MetroPipe proxy that is the other end of the Tunnel. They don't see your computer; what they see is the end of your Tunnel on one of MetroPipe's proxy servers. This holds true even for port scanning services.

What this means is that when you use web-based port scanning services like Shields Up! be scanning your computer, they will be scanning our proxy server. Any reports that you get will refer to our server, not your computer.

[edit]

Differences Between Our Machines and Your Computer

Certain open ports that will raise warnings with port scanning services are really no big deal on our proxy machines. The port scanning services will show that port 22 is open on our proxies. This could be a hazard on your computer, but port 22 is the port that the Tunneler uses to connect to the proxy. Other ports may be open depending on which proxy is being scanned, but these are ports that are necessary for the proper operation of our proxy.

You can safely ignore any port warnings you see on any port scanning software while using port scanning software.

If you have any questions about these issues, please contact our customer support department at <a href="mailto:support@metropipe.net">support@metropipe.net</a> or use LiveSupport on our Customer Support page to chat with one of our customer support representatives.

Retrieved from "http://www.metropipe.net/wiki/index.php/Ports_Scanning_Security_Services_and_the_Tunneler"