Thursday, September 06, 2007

Ignore the port 80 black hole at your peril

Network World

Wide Area Networking




Network World's Wide Area Networking Newsletter, 09/06/07

Ignore the port 80 black hole at your peril

By Steve Taylor and Jim Metzler

Even though Steve was trained as a physicist, we usually spend more time in this newsletter discussing topics such as application delivery than we do talking about physics. In this newsletter we get to discuss both.

Let’s start with application delivery. As previous newsletters have pointed out, managing application performance in general, and identifying the applications that are running on a network in particular, are both very complex tasks. There are, however, some factors that we have not previously discussed that make these tasks even more difficult. One of those is the volume of traffic that runs undetected over port 80. This is sometimes referred to as the port 80 blind spot.

Now let’s switch (briefly) to physics. According to Wikipedia, a black hole is a region of space whose gravitational field is so powerful that nothing can escape it once it has fallen past a certain point. Given the growing volume of traffic that typically transits port 80 combined with the risk associated with not being able to manage that traffic we feel justified in calling this phenomena the port 80 black hole.

Get Up to Speed on the Latest in WLANs

Easily stay on top of the latest developments and issues in WLAN technology, standards, security, telephony, management and more with Network World's latest Executive Guide, "Keeping Up With the Wireless Whirlwind."

Click here to download!

As a point of reference, in TCP/IP and UDP networks a port is an endpoint to a logical connection and is numbered from 0 to 65535. The ports that are numbered from 0 to 1023 are reserved for privileged services and are designated as well-known ports. For example, port 80 is the port that the server listens to expecting to receive data from Web clients.

Some applications, however, have the ability to hop between ports. A good example of this is instant messaging software such as AOL’s Instant Messenger (AIM). AOL has been assigned ports 5190 – 5193 for its Internet traffic and AIM is typically configured to use these ports. If these ports are blocked, however, AIM will use port 80. As a result, a network manager might well think that by blocking ports 5190 – 5193 they are blocking the use of AIM when in reality they are not.

Skype is a well-known, peer-to-peer based IP telephony and IP video service. Many peer-to-peer applications, including Skype, change the port that they use each time they start. In addition, Skype is particularly adept at port-hopping with the aim of traversing enterprise firewalls. Entering via UDP, TCP, or even TCP on port 80, Skype is usually very successful at passing typical firewalls.

We are not saying that network managers should block applications like AIM or Skype. That is a policy decision that needs to be made by the management of the company. What we are saying is it is difficult to see how we can be successful with application delivery if we ignore the port 80 black hole and continue to let growing volumes of traffic transit our networks without the ability to identify and control this traffic.


  What do you think?
Post a comment on this newsletter

TODAY'S MOST-READ STORIES:

1. Google: Apps not a Microsoft Office add-on
2. Cisco unveils 802.11n WLAN access point
3. IBM stores data on an atom
4. Why do AdblockPlus users hate my kids?
5. Cisco plans to blend two NAC schemes
6. Cisco playing network defense
7. Foleo, Foleo, where are thou, Foleo?
8. UTM firewalls: Ready for the enterprise
9. Microsoft buying RIM (Blackberry)
10. MPLS proposal spawns IETF, ITU turf war

MOST-READ REVIEW:

IBM Lotus Sametime tops corporate IM platform review


Contact the author:

Steve Taylor is president of Distributed Networking Associates and publisher/editor-in-chief of Webtorials. For more detailed information on most of the topics discussed in this newsletter, connect to Webtorials, the premier site for Web-based educational presentations, white papers, and market research. Taylor can be reached at taylor@webtorials.com

Jim Metzler is the Vice President of Ashton, Metzler & Associates, a consulting organization that focuses on leveraging technology for business success. Jim assists vendors to refine product strategies, service providers to deploy technologies and services, and enterprises evolve their network infrastructure. He can be reached via e-mail.



ARCHIVE

Archive of the Wide Area Networking Newsletter.


BONUS FEATURE

IT PRODUCT RESEARCH AT YOUR FINGERTIPS

Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details.


PRINT SUBSCRIPTIONS AVAILABLE
You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today.

International subscribers, click here.


SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here.

This message was sent to: networking.world@gmail.com. Please use this address when modifying your subscription.


Advertising information: Write to Associate Publisher Online Susan Cardoza

Network World, Inc., 118 Turnpike Road, Southborough, MA 01772

Copyright Network World, Inc., 2007

No comments: