Web Browser Port Restrictions

October 12th, 2006 by dk

Some of my notes regarding Browser Port Restrictions.

Internet Explorer:

Anything goes. I need to look into this more.

Opera 9:

Resticts access to Ports 22,25,53 and 110. All other services seem accessible, I need to do more work here - It was interesting to note that my CPU was cranked up to 100% when requesting a restricted port. A “-1″ port will cause Opera to wrap to 65535 (although this could be the default). Its late and I’m going to bed.

Firefox (tested on 1.5.0.7):

Restricts common services such as Telnet and SSH. However, it allows most services. Some of the more interesting ports allowed include:

Service | Port
bootps | 67/tcp
snmp | 161/tcp
netbios-ns | 137/tcp
netbios-dgm | 138/tcp
microsoft-ds | 445/tcp
ldaps | 636/tcp # Firefox blocks ldap (unencrypted version)
imaps | 993/tcp # Firefox blocks imap (unencrypted version)
pop3s | 995/tcp
socks | 1080/tcp
nessusd | 1241/tcp
ms-sql-s | 1433/tcp
ms-sql-m | 1434/tcp
oracle TNS | 1521/tcp
mysql | 3306/tcp
RDP | 3389/tcp
postgresql | 5432/tcp

3 Comments so far

  1. pdp @ October 13th, 2006

    very good and interesting reasearch!!!

  2. Daniel @ October 13th, 2006

    Interesting, I’ve also been looking at browser’s interaction with the localhost for the research i’ve been doing with Apple’s Leopard.

    Real world testing to see if browser will connect to port 22 on localhost:

    IE 7.0.5450.4 (win2k3) refuses to connect
    FF 1.5.0.6 refuses saying its restricted
    Camino 1.0.3 refuses (built on FF framework, so expected same results as FF)
    Safari 2.0.4 happily does a GET / HTTP/1.1 to the port

    Interesting, so Safari here isn’t following protocol and playing nicely.

    What happens when i try a non-standard port, hmmm 666 sounds good:

    IE 7.0.5450.4 (win2k3) Tries to connect, but returns an error
    FF 1.5.0.6 does a GET, but returns an error
    Camino 1.0.3 happily does a GET / HTTP/1.1 to the port
    Safari 2.0.4 happily does a GET / HTTP/1.1 to the port

  3. david.kierznowski @ October 14th, 2006

    Daniel, I must take a look at Safari and Camino. Do you have a particular reason for picking sshd for your tests?

    It is interesting to note in Firefox, that any service that terminates immediately after connecting (i.e. postgresql and sshd) can be used in port scanning. JSWebPing can be used to test this. Obviously sshd had to be setup on another port for this test.

    It is definately an interesting area.

    Thanks pdp, your bi-directional project is rather interesting… I must have a chat to you about it, I have a few thoughts in that area.

Leave a reply

Recent

Sponsored links