0

I have a file transfer applet, and I am at the moment creating a logging system, so in the applet as it initialized, until it send file and finish will start printing a log file (originally it goes to java console on the client side) but now I'm modifying it so it will go to the server instead (create a file in the server and start writing on the file).

It working now, I'm using port 5000, but I need to open the firewall for port 5000 since opening port is dangerous, can I just use port 80 or 443 (HTTPS) since it open anyway for file transfer? how to do it?

example of the code at the moment is

in java applet there will be

handler = new SocketHandler("xxx.xxx.xxx.xx", 5000);
//on different area of the file there will be something like
log("starting the applet");
log("sending email");
...

while on the server I create a simple java server like this

public class ThreadedEchoServer {
    // using port 5000 
    static final int PORT = 5000;

    public static void main(String args[]) {
        ServerSocket serverSocket = null;
        Socket socket = null;

        try {
            serverSocket = new ServerSocket(PORT);
        } catch (IOException e) {
            e.printStackTrace();

        }
        while (true) {
            try {
                socket = serverSocket.accept();
            } catch (IOException e) {
                System.out.println("I/O error: " + e);
            }

            // new thread for a client
            new EchoThread(socket).start();
        }
    }
}
Harts
  • 4,023
  • 9
  • 54
  • 93
  • What is your error? Why can't you just change both instances of the number 5000 to 80 in your code? – Konstantin Tarashchanskiy May 02 '12 at 20:22
  • @KonstantinNaryshkin actually I can't just change it to port 80 or 443, when I try to run the simple java server that I create it will throw java.net.BindException: Address already in use: JVM_Bind – Harts May 02 '12 at 22:12
  • That error means that you already have a server running on that port (probably a web server). You can ask the os to tell you what it is (`netstat -nap | grep ":80"` on Linux), decide if you need to keep the server running. If you do, choose a different port. If you do not, shut down the server, do your logging, and then restart it when you are done. – Konstantin Tarashchanskiy May 04 '12 at 14:35

3 Answers3

1

You really should not think about using ports 80 and 443 - these are ports for RECEIVING connections. After a connection is picked up on one of these ports the request is actually redirected to another port for handling. Therefore, using them to write will block any incoming communications.

ControlAltDel
  • 33,923
  • 10
  • 53
  • 80
  • Several things: 1. I would assume that he would not be accepting any other connections on that port anyways. 2. If he is using TCP (most likely), when he connects the client, the connection will automatically move to some high number port and free up 80 to receive new connections. – Konstantin Tarashchanskiy May 02 '12 at 20:36
1

It working now, I'm using port 5000, but I need to open the firewall for port 5000 since opening port is dangerous, can I just use port 80 or 443 (HTTPS)? how to do it?

Opening port 5000 is no more dangerouse than opening port 80 or 443. (Changing ports is no more difficult than modifying the numbers, and have no more effect).

erikxiv
  • 3,965
  • 1
  • 23
  • 22
  • No I mean, since port 80 and 443 already open anyway.. should not I just use that port, since the file is transfer via that port.. – Harts May 02 '12 at 19:39
  • You can reuse those ports if you want if you do not have access to the firewall. If you control the firewall I would suggest using a different port to avoid conflicts (as these ports are commonly used for HTTP and HTTPS). – erikxiv May 02 '12 at 20:01
0

I would use the 5000 port and config a chrooted environment if your server is running other important applications.

You could check this thread: What's the best way to defend against a path traversal attack?

Community
  • 1
  • 1
eslio
  • 19
  • 1