![]() My tentative conclusion, pending Saturday's definitive test with my router's port 497 closed and pending my talking to A. Users of Windows 2003 SP1 may also need to open firewall exceptions." You should configure your firewall to allow Port 497 for UPD and TCP packets. Retrospect also uses subnet broadcast and Multicast packets. Retrospect uses a well-known port, 497, assigned by the Internet Assigned Number Authority (IANA), for both TCP and UDP. " Opening your network firewall for Retrospect Second, the entire contents of this article: There should be no traffic on the Internet using port 497 that’s not using Retrospect." ![]() IANA’s assignment of port 497 to "Dantz" (Retrospect) is listed on their site at: Sending a packet to a multicast address is how Retrospect locates its clients using our Piton Name Service. It is our Class D multicast address, assigned to Retrospect by the Internet Assigned Numbers Authority and listed in their registration database at: " Why is Retrospect communicating with address 224.1.0.38?Īddress 224.1.0.38 does not refer to any node on your network. I have further information on port 497, gleaned from Retrospect Inc.s Knowledge Base (which I had not previously found particularly useful, as distinct from their Mac forum).įirst, from the start of this article (there's more below what I've quoted): If that was the case I would still well clear of Retrospect and it's clueless developers. It could be that Retrospect does need the port open to the Internet. Both would mean that a well-known port has been opened for no reason. Retrospect Tech Support are either clueless, or DavidH has misinterpreted what they mean. ![]() Retrospect is closed-source so it's very unlikely that actual problems will be addressed until way after they have been found by the developers. And retrospect's tech support sounds awful.Īny port that is opened is a security problem and should only be opened on this understanding. You are correct, and yet you completely miss the point - the important one that represents the nasty security hole: that being the chances that there are exploitable bugs in Retrospect's "listener", which are extremely high. Since 497 is a "well known port number" (see third paragraph at the top of the linked-to WP article) reserved for Retrospect, the chances are that any "listener" to port 497 is in software built by Retrospect Inc. In other words, a TCP/UDP port is a "mousehole" that a "mousie" can go through into a machine only if there is a murine tour guide waiting inside the machine. As I remembered from my 25-years-ago class in Operating Systems, and confirmed today from the second paragraph of this, a TCP/UDP port can normally communicate only if there is an internal "listener" process. Nevertheless I will not lie awake tonight worrying about what nameless horrors my LAN has been exposed to over the last six months.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |