LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   What is 510 port service? (https://www.linuxquestions.org/questions/linux-security-4/what-is-510-port-service-2439/)

minor 05-11-2001 12:09 AM
Me again, what is port 510 service? I check my Linux box, using the command "netstat --inet -avp" and display 510 port is listen. What is the function most likely on this port?

billsabub 05-11-2001 03:28 PM
Interesting question that's got me running off on a tangent with my own computer!

But here's what http://www.isi.edu/in-notes/iana/ass.../port-numbers~
says about port 510:

fcp 510/tcp FirstClass Protocol
fcp 510/udp FirstClass Protocol

A quick search on google found a few links (2800+), with this info on FCP at http://www.embanet.com/support/suppo...g_firewall.htm

"Unlike most email software, FirstClass includes a complete networking protocol called FirstClass Protocol, or FCP. FCP is a complete networking solution on it's own, and requires no additional software in order to connect over modems, AppleTalk or Novell. FirstClass does not use the file system or file system calls, the only information that travels over the network is contained within FC's packets.

FCP is a closed protocol at this time. This means that in addition to having to 'sniff' the network for data contained within the packets, potential hackers will also have to decode the protocol itself. This is a different case from most email packages, in which the file server's packet format is publicly available in books from the networking vendor. Although this is not a strong form of protection, it's more work for the potential hacker.

FCP was originally written to allow error corrected links from end to end over modems, as well as provide a 'stream interface' on top of AppleTalk. This has proven to be a rather good decision in hindsight, because the streams interface for AppleTalk (ADSP) was not installed on all Macs at that time, and the streams interface under Novell (SPX) is quite poor even today. It should be pointed out that FCP does use the Internet's native streams protocol, TCP, rather than it's own when run over IP connections.

Version 2.5 of FirstClass introduced FCP-II, which included more protocols, higher speeds, and packet encryption. With packet encryption turned on, all of the data sent to and from the server to that client is completely secure. Users with packet sniffers will be unable to extract data from the stream, even if they knew the format of the FCP packets.

FirstClass uses a fast stream-level cipher on the packets as they are transmitted. To ensure that each stream is uniquely encrypted, a random challenge-response is performed at link negotiation time. Due to real-time computational limitations on a high speed stream the cipher is not as cryptographically strong as something like RSA, but is still very difficult to break.

As an example, if you examine a login packet you will see that even with identical data (userid/password etc.) each login packet from the same client contains completely different data each time it is sent.

For these reasons, FirstClass is basically 'unhackable' at the network level. This is a far cry from the more typical email system which is based on publicly available non-encrypted network traffic. So if anyone tells you that email systems are inherently insecure because they run over a network and are thus 'sniffable', simply point to FirstClass and reply "No, they aren't"."


All times are GMT -5. The time now is 06:57 PM.