Re: Firewall : ports for TCP and UDP Connections

Steve Edgar (se10@cornell.edu)
Wed, 26 Mar 1997 14:21:12 -0500


>> As far as I know, the only TCP that the CU client does is the
>> gethostbyname() function (Steve Edgar or Brian O'Shea correct me if I'm
>> wrong). The client does everything else via UDP on port 7648.
>
>It is not clear what the tcp session is used for.
[...]

The White Pine versions of CUSM use a TCP connection when connecting and
disconnecting to other WP CUSM clients and reflectors. I'm not sure
exactly how the connection is used, but from what I can tell, no info flows
over the TCP connection *during* the actual conference, just during connect
and disconnect.

Cornell clients do not use a TCP connection, and only use UDP on port 7648,
for everything.

>The gethostbyname()
>will get ip address from the domain name provided. How will this
>function get used ?
[...]

CUSM needs to know the IP address of the box it is running on. The Windows
Sockets 1.1 specification doesn't provide a direct way to find that out.
The only way that works across all vendor's stacks (which was a very big
issue in the Win16 version) was by calling gethostname(), and then
gethostbyname().

Also, if a user enters a hostname when initiating a connection, it will
need to be resolved.

>> Open up UDP ports 7640 thru 7648
>
>It is unsafe to open all UDP ports from 7640 to 7648 until you know
>the application is secure enough. How can we know the cu-seeme
>application is secure without any technical information ? Another
>way to learn it is by reading the source code directly. Are there
>any open domain ( free ? ) source code available now ?

There is no free source code available. White Pine Software owns the
rights to the product, and the source code. Under terms of an agreement,
Cornell is allowed to release a freeware version of CUSM.

Hope this helps. -- Steve.