115 lines
3.2 KiB
Markdown
115 lines
3.2 KiB
Markdown
|
When Moneyrocket Core automatically opens outgoing P2P connections, it chooses
|
||
|
a peer (address and port) from its list of potential peers. This list is
|
||
|
populated with unchecked data gossiped over the P2P network by other peers.
|
||
|
|
||
|
A malicious actor may gossip an address:port where no Moneyrocket node is listening,
|
||
|
or one where a service is listening that is not related to the Moneyrocket network.
|
||
|
As a result, this service may occasionally get connection attempts from Moneyrocket
|
||
|
nodes.
|
||
|
|
||
|
"Bad" ports are ones used by services which are usually not open to the public
|
||
|
and usually require authentication. A connection attempt (by Moneyrocket Core,
|
||
|
trying to connect because it thinks there is a Moneyrocket node on that
|
||
|
address:port) to such service may be considered a malicious action by an
|
||
|
ultra-paranoid administrator. An example for such a port is 22 (ssh). On the
|
||
|
other hand, connection attempts to public services that usually do not require
|
||
|
authentication are unlikely to be considered a malicious action,
|
||
|
e.g. port 80 (http).
|
||
|
|
||
|
Below is a list of "bad" ports which Moneyrocket Core avoids when choosing a peer to
|
||
|
connect to. If a node is listening on such a port, it will likely receive fewer
|
||
|
incoming connections.
|
||
|
|
||
|
1: tcpmux
|
||
|
7: echo
|
||
|
9: discard
|
||
|
11: systat
|
||
|
13: daytime
|
||
|
15: netstat
|
||
|
17: qotd
|
||
|
19: chargen
|
||
|
20: ftp data
|
||
|
21: ftp access
|
||
|
22: ssh
|
||
|
23: telnet
|
||
|
25: smtp
|
||
|
37: time
|
||
|
42: name
|
||
|
43: nicname
|
||
|
53: domain
|
||
|
69: tftp
|
||
|
77: priv-rjs
|
||
|
79: finger
|
||
|
87: ttylink
|
||
|
95: supdup
|
||
|
101: hostname
|
||
|
102: iso-tsap
|
||
|
103: gppitnp
|
||
|
104: acr-nema
|
||
|
109: pop2
|
||
|
110: pop3
|
||
|
111: sunrpc
|
||
|
113: auth
|
||
|
115: sftp
|
||
|
117: uucp-path
|
||
|
119: nntp
|
||
|
123: NTP
|
||
|
135: loc-srv /epmap
|
||
|
137: netbios
|
||
|
139: netbios
|
||
|
143: imap2
|
||
|
161: snmp
|
||
|
179: BGP
|
||
|
389: ldap
|
||
|
427: SLP (Also used by Apple Filing Protocol)
|
||
|
465: smtp+ssl
|
||
|
512: print / exec
|
||
|
513: login
|
||
|
514: shell
|
||
|
515: printer
|
||
|
526: tempo
|
||
|
530: courier
|
||
|
531: chat
|
||
|
532: netnews
|
||
|
540: uucp
|
||
|
548: AFP (Apple Filing Protocol)
|
||
|
554: rtsp
|
||
|
556: remotefs
|
||
|
563: nntp+ssl
|
||
|
587: smtp (rfc6409)
|
||
|
601: syslog-conn (rfc3195)
|
||
|
636: ldap+ssl
|
||
|
989: ftps-data
|
||
|
990: ftps
|
||
|
993: ldap+ssl
|
||
|
995: pop3+ssl
|
||
|
1719: h323gatestat
|
||
|
1720: h323hostcall
|
||
|
1723: pptp
|
||
|
2049: nfs
|
||
|
3659: apple-sasl / PasswordServer
|
||
|
4045: lockd
|
||
|
5060: sip
|
||
|
5061: sips
|
||
|
6000: X11
|
||
|
6566: sane-port
|
||
|
6665: Alternate IRC
|
||
|
6666: Alternate IRC
|
||
|
6667: Standard IRC
|
||
|
6668: Alternate IRC
|
||
|
6669: Alternate IRC
|
||
|
6697: IRC + TLS
|
||
|
10080: Amanda
|
||
|
|
||
|
For further information see:
|
||
|
|
||
|
[pull/23306](https://github.com/moneyrocket/moneyrocket/pull/23306#issuecomment-947516736)
|
||
|
|
||
|
[pull/23542](https://github.com/moneyrocket/moneyrocket/pull/23542)
|
||
|
|
||
|
[fetch.spec.whatwg.org](https://fetch.spec.whatwg.org/#port-blocking)
|
||
|
|
||
|
[chromium.googlesource.com](https://chromium.googlesource.com/chromium/src.git/+/refs/heads/main/net/base/port_util.cc)
|
||
|
|
||
|
[hg.mozilla.org](https://hg.mozilla.org/mozilla-central/file/tip/netwerk/base/nsIOService.cpp)
|