Wireshark-users: Re: [Wireshark-users] 4 extra ports opened

From: Martin Visser <martinvisser99@xxxxxxxxx>
Date: Sat, 3 Apr 2010 10:41:20 +1100
M K,

There's no real explanation except that Windows != UNIX. Windows has the loopback address, which can you obviously bind() to, but the designers have chosen not to implement it as a true interface.

Regards, Martin

MartinVisser99@xxxxxxxxx


On Sat, Apr 3, 2010 at 12:50 AM, M K <gedropi@xxxxxxxxx> wrote:
Low end machine for the time being.  Windows 2000 SP4, OEM version.
WS Version 1.0.9 (SVN Rev 29911)

I am confused.  I can ping 127.0.0.1 and my proxy is bound to the
localhost, yet when I go into Device Mgr > Hardware, indeed, there is
no loopback listed!?  Just as you said.  So what actually am I pinging
and what is my proxy actually bound to?  Thank you for this
information.

On 4/1/10, Martin Visser <martinvisser99@xxxxxxxxx> wrote:
> You haven't said what platform you are running on, but in the out-of-the-box
> Wireshark on Windows the loopback interface doesn't exist (it does on other
> platforms)
>
> http://wiki.wireshark.org/CaptureSetup/Loopback
> <http://wiki.wireshark.org/CaptureSetup/Loopback>
> Regards, Martin
>
> MartinVisser99@xxxxxxxxx
>
>
> On Fri, Apr 2, 2010 at 11:22 AM, M K <gedropi@xxxxxxxxx> wrote:
>
>> I  I  realized that WS was picking up traffic off the hardware
>> interface, but was unsure if in the promiscuous mode, it could/should
>> also pick up software interfaces (127.0.0.1).  Curious about the
>> Password Manager reference since FF does not request pws.  So my
>> question is:  Which passwords?  I will look into that.  Again thanks.
>>
>> On 4/1/10, Martin Visser <martinvisser99@xxxxxxxxx> wrote:
>> > This is a known requirement for Firefox on non-UNIX systems -
>> >
>> https://support.mozilla.com/en-US/kb/Firefox+makes+unrequested+connections#Loopback_connection
>> > .
>> > Googling elsewhere indicates it is to do with the password manager.
>> >
>> > And besides, as it is only bound to 127.0.0.1, this is the loopback
>> address
>> > only reachable from the machine itself.
>> >
>> > So for you there is no risk (a case of too much knowledge can bring on
>> > unfound fear)
>> >
>> > Regards, Martin
>> >
>> > MartinVisser99@xxxxxxxxx
>> >
>> >
>> > On Thu, Apr 1, 2010 at 11:20 AM, M K <gedropi@xxxxxxxxx> wrote:
>> >
>> >> Currently I am using Firefox browser manually configured to have all
>> >> traffic use a single port thru my proxy. However, when I launch a
>> >> browser, FF opens four additional, consecutive  ports (127.0.0.1:extra
>> >> ports) as seen with netstat.  In WS, when I search for these
>> >> four additional ports I do not find them. Not an expert so could
>> >> someone please enlighten me.  I hate to have anything invisible.
>> >> Thanks
>> >>
>> >> --
>> >> All that is necessary for evil to succeed is that good men do nothing.
>> >>
>> >>              ~Edmund Burke
>> >>
>> ___________________________________________________________________________
>> >> Sent via:    Wireshark-users mailing list <
>> wireshark-users@xxxxxxxxxxxxx>
>> >> Archives:    http://www.wireshark.org/lists/wireshark-users
>> >> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>> >>             mailto:wireshark-users-request@xxxxxxxxxxxxx
>> >> ?subject=unsubscribe
>> >>
>> >
>>
>>
>> --
>> All that is necessary for evil to succeed is that good men do nothing.
>>
>>              ~Edmund Burke
>> ___________________________________________________________________________
>> Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
>> Archives:    http://www.wireshark.org/lists/wireshark-users
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>>             mailto:wireshark-users-request@xxxxxxxxxxxxx
>> ?subject=unsubscribe
>>
>


--
All that is necessary for evil to succeed is that good men do nothing.

             ~Edmund Burke
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe