Source and Destination port

[Stevie1111]

Hi all,

I am quite new to IT and would like to seek your kind advise on some of my confusion

If my computer is communicating with a server, for example a webserver, I will have below ( for example)

MyComputer
Source port: 10.0.0.1:63000
Destination port: 192.0.0.1:80

Webserver
Source port: 192.0.0.1:80
Destination port: 10.0.0.1:63000

In this case, does my computer need to have port 80 open? Because I already have a local source port and since is communicating with the destination, far end/webserver should have the port80 open. Vice versa, when webserver communicate back, their outbound destination port would be 63000 and will not be using port 80.

Am I right on this theoretically?

Thank you in advance

 

[Kshipper]

Port 80 is part of the 'Well known ports' so you won't have to specifically open that port to use it because traffic coming in from a web browser is going to use port 80 by default.

List of TCP and UDP port numbers - Wikipedia

en.wikipedia.org

Your example is showing IP addresses that are non-routable

Private network - Wikipedia

en.wikipedia.org

You can't ping a web server that is using a private address scheme. This is why you have to pay extra to the ISP for a public IP address or use a service that keeps track of your dynamic IP address like> Dyn DNS

Good luck with your learning. There is a lot to know. Look up Eli the computer guy on Youtube. I think he has a good way of explaining these topics.

 

[Stevie1111]

Thanks for the reply @Kshipper.

I am actually trying to understand if the 2 way communication is required to have the port open. You mentioned that the traffic from web browser to local pc will go through port 80 as well? Despite my local source port shown in " netstat -ano " is other than 80?

So in another words, if ( by any chance) I have my port 80 close in my local pc, I am not able to browse the web?

 

[Kshipper]

2-way communication is not required to open a port. You can open a port on the router using "Port Forwarding" and it will wait for traffic to come to that port and forward it to an IP you specify on your Intranet. Think of a port as a door. The traffic comes to that door and knocks to say "let me in". if it is Port 80 (one of the well-known ports) then the traffic is already identified as being browser traffic.

If you close port 80 you won't be able to browse the web. Here is something you can do that would be fun. Use Steve Gibson's website GRC to probe your well-known ports:

GRC | ShieldsUP! — Internet Vulnerability Profiling

GRC Internet Security Detection System

www.grc.com

 

[Stevie1111]

2-way communication is not required to open a port. You can open a port on the router using "Port Forwarding" and it will wait for traffic to come to that port and forward it to an IP you specify on your Intranet. Think of a port as a door. The traffic comes to that door and knocks to say "let me in". if it is Port 80 (one of the well-known ports) then the traffic is already identified as being browser traffic.

If you close port 80 you won't be able to browse the web. Here is something you can do that would be fun. Use Steve Gibson's website GRC to probe your well-known ports:

GRC | ShieldsUP! — Internet Vulnerability Profiling

GRC Internet Security Detection System

www.grc.com

Cheers @Kshipper , much appreciated.

Thanks for the sharing. I understand a bit more now.

 

[Kshipper]

It is awesome that you are taking the time to learn all this. You didn't ask for any clarification on non-routable IP addresses but I thought I would just broach the subject one more time.

The original spec of IPV4 laid out a bunch of IP ranges that are considered non-routable, which means that those IPs can not be used on the Internet (WAN) only on the Intranet (LAN).

Here they are in all their glory:

• 10.0. 0.0/8 ( Range: 10.0. 0.0 – 10.255. 255.255 ) – Available IPs: 16,777,214.
• 172.16. 0.0/12 ( Range: 172.16. 0.0 – 172.31. 255.255 ) – Available IPs: 1,048,574.
• 192.168. 0.0/16 ( Range: 192.168. 0.0 – 192.168. 255.255 ) – Available IPs: 65,534.