From owner-freebsd-security Mon May 13 4: 0:29 2002 Delivered-To: freebsd-security@freebsd.org Received: from portal.eltex.ru (eltex-gw2.nw.ru [195.19.203.86]) by hub.freebsd.org (Postfix) with ESMTP id 7A66C37B403 for ; Mon, 13 May 2002 04:00:05 -0700 (PDT) Received: (from root@localhost) by portal.eltex.ru (8.12.3/8.11.3) id g4DAxw7c057135; Mon, 13 May 2002 14:59:58 +0400 (MSD) (envelope-from ark@eltex.ru) Received: from yaksha.eltex.ru (root@yaksha.eltex.ru [195.19.198.2]) by portal.eltex.ru (8.12.3/8.11.3av) with SMTP id g4DAxqV9057127; Mon, 13 May 2002 14:59:52 +0400 (MSD) (envelope-from ark@eltex.ru) From: ark@eltex.ru Received: by yaksha.eltex.ru (ssmtp TIS-1.1alpha, 17 Jan 2002); Mon, 13 May 2002 14:52:02 +0400 Received: from undisclosed-intranet-sender id smtpdi16867; Mon May 13 14:51:56 2002 Date: Mon, 13 May 2002 14:52:08 +0400 Message-Id: <200205131052.OAA24503@paranoid.eltex.ru> In-Reply-To: <20020510084653.51d1ba8e.nkinkade@dsl-only.com> from "Nathan Kinkade " Organization: "Klingon Imperial Intelligence Service" Subject: Re: Second request Talk ports/sockets To: nkinkade@dsl-only.com Cc: sam@wa4phy.net, security@freebsd.org X-Virus-Scanned: by Eltex TC Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- talk/ntalk use udp for paging user and initial handshake and then tcp connection (to/from some random port) is used for chat session, afair. Nathan Kinkade said : > On Fri, 10 May 2002 09:41:16 -0400 > Sam Drinkard wrote: > > > Since tightening up the firewall, my talk (from internal, not network) > > is broken. I can't seem to figure out what ucp/tcp port(s) to open to > > allow the talk utility to work. Looking at the source code didn't > > help much either, but reference to sockets was mentioned. Once a user > > logs in, does the talk utility not use the localhost address for > > connections? > > The port for talk is 517. > The port for ntalk is 518. > > I first found this out by launching ethereal (a network protocol > analyzer that's in the ports collection). Then I attempted to launch a > talk session with a non-existent host just to see some traffic. A quick > review of the captured packets showed that my machine was attempting to > communicate using ntalk on UDP port 518. > > I then did a quick search on Google for 'ntalk tcp port number'. The > very first returned hit revealed the following. > > talk 517/tcp like tenex link, but across > # machine - unfortunately, doesn't > # use link protocol (this is actually > # just a rendezvous port from which a > # tcp connection is established) > talk 517/udp like tenex link, but across > # machine - unfortunately, doesn't > # use link protocol (this is actually > # just a rendezvous port from which a > # tcp connection is established) > ntalk 518/tcp > ntalk 518/udp > > Further, a quick browse through /etc/services revealed exactly the same > text as above. Presumably that's where the site got the information in > the first place. > > There are plenty of ways to figure out information like this....it just > requires that you think about it for a minute. The Google search engine > is invaluable...and then again, as demonstrated above, often the info > lies right on your own computer. Hope this helps. _ _ _ _ _ _ _ {::} {::} {::} CU in Hell _| o |_ | | _|| | / _||_| |_ |_ |_ (##) (##) (##) /Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_| [||] [||] [||] Do i believe in Bible? Hell,man,i've seen one! -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.1i iQCVAwUBPN+a16H/mIJW9LeBAQGZggP9GyBUOtejoE3Fv+rPuTZHazRfv8R3eoqV kiZv4LOPVo775bkOfS7WTp5t9zMqSq0mwhr8cvXWTK6qTNUCStArhMgQF0vaXRW1 RGYspwyHyZTQw1qwr/YXzh80NpDiijAS7jeD07k9iDjGUTyIXM2xNtYmcR9ccDe2 1mvZGVV1Z3Q= =mIZl -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message