Transcript Document

Greg Van Dyne
December 4, 2007
Agenda
 Introduction
 Technical Overview
 Protocols
 Demonstration
 Future Trends
 References
Introduction
 Port Forwarding
 Opening a port in a router or firewall residing in a
private network in order to let a party from the outside
world contact a user inside. For example, opening ports
for VoIP and videoconferencing traffic makes two-way
communications easier no matter which side initiates
the call. Also called "port mapping," port forwarding can
be done by manual configuration or by software.
*definition courtesy of PCWorld.com
Ports
 What is a port?
 represents an endpoint or "channel" for network
communications
 One computer sends data from port of one IP address to
another
 Port numbers can theoretically range from 0 to 65535
 Only one application can be used at a time on any given
port
 Why forward a port?
 With routers, firewalls prevent direct comm. between
IPs
A Few Common Ports
 21 – FTP
 22 – Secure Shell (SSH)
 23 – Telnet
 80 – HTTP
 110 – POP3 mail
 3389 – Remote Desktop Protocol (RDP)
 6112 – Blizzard’s Battle.net gaming service (Unofficial)
*Unofficial – not registered with IANA (Internet
Assigned Numbers Authority)
Some Familiar Concepts
 TCP – Transfer Control Protocol - 2 computers directly
connect, and remain connected for duration of session
*similar to a telephone call
 UDP – User Datagram Protocol – sends data and relies
on devices in between to deliver properly. Not as
reliable *like putting mail in mailbox
 NAT – Network Address Translation – determines
destinati0on of packets sent to network. This is where
port forwarding comes into play.
Static vs. Dynamic IP
 Static
 Usually ocnfigured within OS
 Ensures that internal IP never changes
 Ports can be forwarded once, and will not require any
changes in the future
 Dynamic
 Internal IP fluctuates
 Can cause port forwarding not to work
 Port Triggering
 Dynamic port forwarding
 Port triggering allows for port to to
open only when a certain application is
running
 Once application stops, access to that
port is turned off
 Slightly more secure
Things to consider
 The need to forward the packets that come to the
router's forwarded port, and the need to rewrite them
so that the private machine sees them as originating
from the router
 Only one networked machine can use a specific
forwarded port at one time
 Traditional port forwarding allows the entire world
access to the port, thus security is reduced
 Ports can be changed within registry if unofficial
Reverse Port Forwarding
 Also called reverse tunneling
 Composed of session server (SS) and session client
(SC)
 SS connects with session port, SC connects with
session server component
 SS tunes in to port that needs forwarded
 When connection is done, it’s forwarded directly to SC
with an accessible destination to that SC
 Usually needed when a port is behind a router or
firewall but that router or firewall is not configurable
with normal port forwarding for one reason or another
References
 Cadden, C. (2006) “MP3 Player Market to Reach 286
Million Units by 2010.” In-Stat.com. Retrieved Nov.
23, 2007.
http://www.instat.com/press.asp?ID=1648&sku=I
N0603155ID.
 Snell, J. (2004) “How AirTunes Works” Macworld.com.
Retrieved Nov. 23, 2007.
http://www.macworld.com/weblogs/editors/archi
ves/000212.php.
 Wikipedia. (2007) “Digital Living Network Alliance.”
http://en.wikipedia.org/wiki/Digital_Living_Network
_Alliance