We have a training vendor who uses port 446 to allow people to securely sign up for their classes via the Internet. Port 446 is typically not used in today's world since it is for remote access to relational databases. Doesn't this appear to be an "improper" use of port 446? Is anyone familiar with correct or others uses of port 446?
2006-07-06 11:38:42 · 5 answers · asked by tabarber 1 in Computers & Internet ➔ Computer Networking
Ok, thanks for all the answers. I do understand that you can use any port but if you are following good security practices on your firewall configuration, you typically don't allow traffic to flow across "improperly" used ports. This is what we have configured. We would rather not open up an outbound port 446 for use of HTTPS traffic because it is a non-standard configuration and a "unique" configuration of the firewall. And for firewalls, you want to limit "uniqueness" as much as possible for security purposes.
Thanks to all your answers. The one gentleman that stated that IBM DB2 uses this port gave me the answer I was looking for. It was originally used by IBM and not a typical standard for today's Internet needs.
2006-07-06 12:11:52 · update #1
Any program can use any Port, but there are a few that are comon to certain programs so it's recommended to stay away from some to prevent conflict. 0 - 1023 are the well-known ports, that is they are used by common well known programs already. Ports 446 to 448 are assigned to IBM for some Lotus Database feature. The ports recommended to be used freely by anybody are 49152 - 65535.
There is nothing stopping programs for using any port, however, so many programs use shorter numbers. Sometimes unwanted software hide in known ports, to fool routers and firewalls.
Registered Ports list:
http://www.iana.org/assignments/port-numbers
2006-07-06 11:50:08 · answer #1 · answered by Tim 6 · 3⤊ 1⤋
Ditto to the other answers, plus a bit. By using port 446 for a secure sign-in they've added an additional layer of security. Someone trying to hack in would have to know (or discover) they're using this port for this purpose. It just makes things a bit safer.
We do this all the time, requiring different ports than 23 to telnet into our routers, different ports than 110 and 25 for e-mail transfers between internal mail servers and the honeypot in the DMZ, etc.
It's not an "improper" use. It's a sound security practice.
2006-07-06 19:05:39 · answer #2 · answered by antirion 5 · 0⤊ 0⤋
While you are correct in the recommended usage of port 446, there is no law that requires it. You can put any service you want on any port and use it any way you want. Of course, the world might have a hard time connecting to your webserver if it's not on 80, or your mail server if it's on 23911.
IANA has no policing authority; just regulatory and even that is voluntary. The internet community follows the guidelines for the sake of interoperability but, again, there is no concrete requirement that it be done that way and no other.
2006-07-06 18:43:02 · answer #3 · answered by Anonymous · 0⤊ 0⤋
There's no such thing as "improper" use of a port. It's just an addressing scheme that allows multiple services to run from a single IP. If you aren't running DB2 (the only DB that defaults to port 446), it won't affect anything. Many people use non-standard port numberings to avoid spambots/etc.
2006-07-06 18:44:42 · answer #4 · answered by Xymon 2 · 0⤊ 0⤋
Typically is it 'customary' to use these ports (the first 1024 ports) for well known services - although there is nothing to stop you from using these ports for something else.
This isn't a huge problem, it just depends on how this particular service vendor has chosen to offer their services. The only problem I can forsee is if someone tries to run a different service when that port is in use, it might cause a bit of problems, but aside of that, it isn't that big a 'breach' of rules.
2006-07-06 18:46:17 · answer #5 · answered by dinuksw 3 · 0⤊ 0⤋