Mega basic question but does every OS have a 'port 80'?

I completely understand that ports facilitate communcation by either listening and/ or relaying messages via TCP/IP or UDP. My question is - does the end-user also need a 'Port 80' for HTTP? So, does a browser simply plug into what is being piped through 'Port 80' or whichever port HTTP/ TCP/ IP is being permitted?

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

beads

Read the RFC (Request For Comments) and develop some understanding.

https://www.ietf.org/rfc/rfc2817.txt

- b/eads

636-555-3226

You can host a webserver on whatever port you want (like 4444), but the web browser isn't going to look for a website on port 4444 unless you tell it to (Google). The browser knows what ports 99.999% of websites are on, so that's the only place it looks by default.

Load up tcpdump or wireshark & look at the actual communication to see what kind of conversation is going on, just google wireshark http traffic

PJ_Sneakers

Do some research on ephemeral ports.

I suggest looking into CompTIA Network+ before you go any further with your CEH studies. (I'm only assuming you're studying CEH because you posted in the CEH subforum.)

trueshrewkmc

@resilient A lab for you (do not try this at work or somewhere where it might mess up someone else's Internet connection): On a machine where you have administrator or root access and access to a firewall (software/hardware), close/deny port 80. Then try browsing the Internet (wikipedia.org, CNN, somewhere not a https). Port 80 is the default web port, so you probably won't see non-secure web sites loading for you. Make sure to reopen port 80 when you are done.

CEH is not a good starter cert. I'd go for CompTIA Security+ first. (I sat Sec+ after CEH, but I sat Microsoft Networking Essentials back in the 20th century.)

OctalDump

This goes back to some fundamentals of networking, fundamentals which you should ideally have a good grasp of if you are attempting CEH.

To answer the question directly, if you are using TCP/IP, then all ports are available to be used per the various RFCs. Excluding firewalls or other security measures you should be able to send on port 80. Your computer will also be able to receive on port 80, but will drop the segment/datagram unless something (eg a program) is explicitly set up to expect to receive a packet on that port.

TCP port 80 is a well known port and reserved for web traffic, so it will (nearly) always be that it is a web server that is listening for incoming traffic on port 80.

Each packet contains a source and destination IP address, the segment/datagram within the packet contains a source and destination port.

A typical segment sent from a client computer to a web server will have the destination port as port 80, and the source as a 'random', 'ephemeral' high port number. When the web server receives the segment, it will reply to the client computer using that 'source' port. So the client doesn't need to receive traffic on port 80. A web server, however, would need to receive traffic on port 80 (if using standard http conventions).

A firewall can filter traffic on source and/or destination IP or port. So you could block your client computer from sending traffic to other computers on port 80. This would prevent it from even sending a segment to a web server to ask for a web page, so would stop you from browsing the web.

resilient

Thanks - really appreciate the help and replies. I have a lab set-up and am rapidly learning.

TheFORCE

resilient wrote: »

Thanks - really appreciate the help and replies. I have a lab set-up and am rapidly learning.

You need some Network+ knowledge before you lab CEH. Look into the OSI reference model and also on the TCP/IP protocol and how it worka. Knowing those fundementals will help you more with the CEH.