Some of these questions I include in my exams for "network technology" classes (at least the easier ones: what's the class D network, what's bootp, ..) - and maybe I can find some more. Thank's for sharing.
Good grief I'd be hammered. Admittedly, not my area of expertise, but still. Bad for the ego. Which in turn is good for the drinking, so... Bartender, line some shots up...
Q: How does a Windows machine react if ports above 1080 are blocked by a router?
A: A regular user can surf for roughly 2min after booting, then has to reboot.
I think this is saying that Windows starts assigning ephermal ports at 1025 and a common rate of web browsing uses 55 ports after about 2 minutes, at which point ports above 1080 start to be assigned and are blocked.
Here's my guess (would welcome confirmation or a more accurate explanation, not least because I'm far from an expert on how TCP/IP works and know even less about Windows):
1) The router blocking outgoing connections coming from ports on that machine. That is, each time you make an outgoing connection, there's a port on your machine associated with that connection.
2) The ports associated with outgoing connections start at 1024. (Unix-specific? Traditionally only root could use ports lower than that.)
3) Each subsequent connection gets a higher port. Presumably they wrap around eventually.
4) So, after not too many outgoing connections, you've hit 1080, and you need to reboot to reset the count.
Traditionally only root could use ports lower than [1024]
As an aside, this is one of the more daft aspects of Unix. There's no reason whatsoever that http should need bits to run. The reasons cited for services such as ftp, smtp, imap, etc aren't very compelling, either. This restriction, ostensibly in the name of security, has in fact been a cause of a number of security problems.
In the silliness scale, it's up there with exposing numeric user IDs. (You can't do arithmetic with them for anything useful.)
15 comments
[ 0.85 ms ] story [ 56.1 ms ] threadQ: How many identical acks need to be received for fast retransmit to occur?
The DUPACK threshold is a configurable parameter. Linux uses a threshold of 2 (sysctl: net.ipv4.tcp_reordering).
Q: Name one of the men described as "The Father of the Internet."
Apparently, Leonard Kleinrock is also one of the fathers of the Internet: http://www.cs.ucla.edu/~lk/.
No, no, no. Everybody wins a drinking game.
Here's my guess (would welcome confirmation or a more accurate explanation, not least because I'm far from an expert on how TCP/IP works and know even less about Windows):
1) The router blocking outgoing connections coming from ports on that machine. That is, each time you make an outgoing connection, there's a port on your machine associated with that connection.
2) The ports associated with outgoing connections start at 1024. (Unix-specific? Traditionally only root could use ports lower than that.)
3) Each subsequent connection gets a higher port. Presumably they wrap around eventually.
4) So, after not too many outgoing connections, you've hit 1080, and you need to reboot to reset the count.
As an aside, this is one of the more daft aspects of Unix. There's no reason whatsoever that http should need bits to run. The reasons cited for services such as ftp, smtp, imap, etc aren't very compelling, either. This restriction, ostensibly in the name of security, has in fact been a cause of a number of security problems.
In the silliness scale, it's up there with exposing numeric user IDs. (You can't do arithmetic with them for anything useful.)
If we want trustable services, there are ways to do that, although with mixed track records to be sure.
To try to create trustable services by assigning a range of ports to the superuser is clumsy in the extreme, and has all sorts of bad side effects.