Date: Mon, 13 May 2002 14:52:08 +0400 From: ark@eltex.ru To: nkinkade@dsl-only.com Cc: sam@wa4phy.net, security@freebsd.org Subject: Re: Second request Talk ports/sockets Message-ID: <200205131052.OAA24503@paranoid.eltex.ru> In-Reply-To: <20020510084653.51d1ba8e.nkinkade@dsl-only.com> from "Nathan Kinkade <nkinkade@dsl-only.com>"
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE-----
talk/ntalk use udp for paging user and initial handshake and then tcp
connection (to/from some random port) is used for chat session, afair.
Nathan Kinkade <nkinkade@dsl-only.com> said :
> On Fri, 10 May 2002 09:41:16 -0400
> Sam Drinkard <sam@wa4phy.net> wrote:
>
> > Since tightening up the firewall, my talk (from internal, not network)
> > is broken. I can't seem to figure out what ucp/tcp port(s) to open to
> > allow the talk utility to work. Looking at the source code didn't
> > help much either, but reference to sockets was mentioned. Once a user
> > logs in, does the talk utility not use the localhost address for
> > connections?
>
> The port for talk is 517.
> The port for ntalk is 518.
>
> I first found this out by launching ethereal (a network protocol
> analyzer that's in the ports collection). Then I attempted to launch a
> talk session with a non-existent host just to see some traffic. A quick
> review of the captured packets showed that my machine was attempting to
> communicate using ntalk on UDP port 518.
>
> I then did a quick search on Google for 'ntalk tcp port number'. The
> very first returned hit revealed the following.
>
> talk 517/tcp like tenex link, but across
> # machine - unfortunately, doesn't
> # use link protocol (this is actually
> # just a rendezvous port from which a
> # tcp connection is established)
> talk 517/udp like tenex link, but across
> # machine - unfortunately, doesn't
> # use link protocol (this is actually
> # just a rendezvous port from which a
> # tcp connection is established)
> ntalk 518/tcp
> ntalk 518/udp
>
> Further, a quick browse through /etc/services revealed exactly the same
> text as above. Presumably that's where the site got the information in
> the first place.
>
> There are plenty of ways to figure out information like this....it just
> requires that you think about it for a minute. The Google search engine
> is invaluable...and then again, as demonstrated above, often the info
> lies right on your own computer. Hope this helps.
_ _ _ _ _ _ _
{::} {::} {::} CU in Hell _| o |_ | | _|| | / _||_| |_ |_ |_
(##) (##) (##) /Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_|
[||] [||] [||] Do i believe in Bible? Hell,man,i've seen one!
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1i
iQCVAwUBPN+a16H/mIJW9LeBAQGZggP9GyBUOtejoE3Fv+rPuTZHazRfv8R3eoqV
kiZv4LOPVo775bkOfS7WTp5t9zMqSq0mwhr8cvXWTK6qTNUCStArhMgQF0vaXRW1
RGYspwyHyZTQw1qwr/YXzh80NpDiijAS7jeD07k9iDjGUTyIXM2xNtYmcR9ccDe2
1mvZGVV1Z3Q=
=mIZl
-----END PGP SIGNATURE-----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200205131052.OAA24503>