Wireshark-users: Re: [Wireshark-users] 4 extra ports opened
From: M K <gedropi@xxxxxxxxx>
Date: Sat, 3 Apr 2010 07:35:17 -0800
Thank you for enlightening me. I now have the fake and the true 127.0.0.1 interfaces enabled on this machine. I am wondering which one is actually bound to my proxy at this point. Once again, I love *nix because what you see is what you get. This originally started as a WS issue but turned out to be a discovery. Thanks for responding. On 4/2/10, Martin Visser <martinvisser99@xxxxxxxxx> wrote: > M K, > > There's no real explanation except that Windows != UNIX. Windows has the > loopback address, which can you obviously bind() to, but the designers have > chosen not to implement it as a true interface. > > Regards, Martin > > MartinVisser99@xxxxxxxxx > > > On Sat, Apr 3, 2010 at 12:50 AM, M K <gedropi@xxxxxxxxx> wrote: > >> Low end machine for the time being. Windows 2000 SP4, OEM version. >> WS Version 1.0.9 (SVN Rev 29911) >> >> I am confused. I can ping 127.0.0.1 and my proxy is bound to the >> localhost, yet when I go into Device Mgr > Hardware, indeed, there is >> no loopback listed!? Just as you said. So what actually am I pinging >> and what is my proxy actually bound to? Thank you for this >> information. >> >> On 4/1/10, Martin Visser <martinvisser99@xxxxxxxxx> wrote: >> > You haven't said what platform you are running on, but in the >> out-of-the-box >> > Wireshark on Windows the loopback interface doesn't exist (it does on >> other >> > platforms) >> > >> > http://wiki.wireshark.org/CaptureSetup/Loopback >> > <http://wiki.wireshark.org/CaptureSetup/Loopback> >> > Regards, Martin >> > >> > MartinVisser99@xxxxxxxxx >> > >> > >> > On Fri, Apr 2, 2010 at 11:22 AM, M K <gedropi@xxxxxxxxx> wrote: >> > >> >> I I realized that WS was picking up traffic off the hardware >> >> interface, but was unsure if in the promiscuous mode, it could/should >> >> also pick up software interfaces (127.0.0.1). Curious about the >> >> Password Manager reference since FF does not request pws. So my >> >> question is: Which passwords? I will look into that. Again thanks. >> >> >> >> On 4/1/10, Martin Visser <martinvisser99@xxxxxxxxx> wrote: >> >> > This is a known requirement for Firefox on non-UNIX systems - >> >> > >> >> >> https://support.mozilla.com/en-US/kb/Firefox+makes+unrequested+connections#Loopback_connection >> >> > . >> >> > Googling elsewhere indicates it is to do with the password manager. >> >> > >> >> > And besides, as it is only bound to 127.0.0.1, this is the loopback >> >> address >> >> > only reachable from the machine itself. >> >> > >> >> > So for you there is no risk (a case of too much knowledge can bring >> >> > on >> >> > unfound fear) >> >> > >> >> > Regards, Martin >> >> > >> >> > MartinVisser99@xxxxxxxxx >> >> > >> >> > >> >> > On Thu, Apr 1, 2010 at 11:20 AM, M K <gedropi@xxxxxxxxx> wrote: >> >> > >> >> >> Currently I am using Firefox browser manually configured to have all >> >> >> traffic use a single port thru my proxy. However, when I launch a >> >> >> browser, FF opens four additional, consecutive ports (127.0.0.1: >> extra >> >> >> ports) as seen with netstat. In WS, when I search for these >> >> >> four additional ports I do not find them. Not an expert so could >> >> >> someone please enlighten me. I hate to have anything invisible. >> >> >> Thanks >> >> >> >> >> >> -- >> >> >> All that is necessary for evil to succeed is that good men do >> nothing. >> >> >> >> >> >> ~Edmund Burke >> >> >> >> >> >> ___________________________________________________________________________ >> >> >> Sent via: Wireshark-users mailing list < >> >> wireshark-users@xxxxxxxxxxxxx> >> >> >> Archives: http://www.wireshark.org/lists/wireshark-users >> >> >> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users >> >> >> mailto:wireshark-users-request@xxxxxxxxxxxxx >> >> >> ?subject=unsubscribe >> >> >> >> >> > >> >> >> >> >> >> -- >> >> All that is necessary for evil to succeed is that good men do nothing. >> >> >> >> ~Edmund Burke >> >> >> ___________________________________________________________________________ >> >> Sent via: Wireshark-users mailing list < >> wireshark-users@xxxxxxxxxxxxx> >> >> Archives: http://www.wireshark.org/lists/wireshark-users >> >> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users >> >> mailto:wireshark-users-request@xxxxxxxxxxxxx >> >> ?subject=unsubscribe >> >> >> > >> >> >> -- >> All that is necessary for evil to succeed is that good men do nothing. >> >> ~Edmund Burke >> ___________________________________________________________________________ >> Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx> >> Archives: http://www.wireshark.org/lists/wireshark-users >> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users >> mailto:wireshark-users-request@xxxxxxxxxxxxx >> ?subject=unsubscribe >> > -- All that is necessary for evil to succeed is that good men do nothing. ~Edmund Burke
- References:
- Re: [Wireshark-users] 4 extra ports opened
- From: Martin Visser
- Re: [Wireshark-users] 4 extra ports opened
- From: M K
- Re: [Wireshark-users] 4 extra ports opened
- From: Martin Visser
- Re: [Wireshark-users] 4 extra ports opened
- From: M K
- Re: [Wireshark-users] 4 extra ports opened
- From: Martin Visser
- Re: [Wireshark-users] 4 extra ports opened
- Prev by Date: [Wireshark-users] Problem with PPPoE on Windows
- Next by Date: Re: [Wireshark-users] New MAC user, No Capture Interfaces
- Previous by thread: Re: [Wireshark-users] 4 extra ports opened
- Next by thread: [Wireshark-users] decoding SS7 messages encapsulated in some proprietary protocol
- Index(es):