Apologies if this is a dumb question, I've limited network knowledge.
If I sent a string to port 80 on UDP, would the server / receiving IP log it? I'm pretty sure it wouldn't in access logs, but what about firewall logs?
This is far too general question, thus I'll give a general answer.
In general that would be up to the particular server in use. That is your UDP "Listener" might or might not log incoming traffic as per configuration/settings.
Same applies for your firewall.
It really depends on what kind of organization you're trying to portscan for your "art project". If you're targeting a government entity, or Fortune 500 (in which case assume you're going to be prosecuted theft of resources in a court with no understanding of technology) you should assume there will be an intrusion detection system sniffing the network and logging all traffic out of the ordinary.
However if you set up a Windows desktop out of the box, it's not going to log UDP access to closed ports.
Related
this is my first question ever here so sorry if it's not in the right category or not perfectly explained. I'll do my best to be descriptive and precise.
Basically, I've done some port-forwarding for games as well as for server-client testing purposes for development. In the past, it's always worked perfectly fine. However, recently, I realized some things stopped working for no apparent reason.
After quite a while of testing, I noticed it was an issue with UDP. Things that require only TCP ports to be forwarded work just fine, however things that need UDP ports forwarded do not. I confirmed this by testing exactly the same application (a simple server-client app made in Godot just to test this) with both TCP and UDP. It connects fine through TCP, but not UDP.
This has never happened to me in the past. Any ideas on what the issue might be? I've Googled for hours and the only things I could find is that A. UDP troubleshooting is apparently incredibly difficult (especially on Windows) and B. Some people vaguely mention the possibility of it being a problem with my ISP filtering UDP stuff.
I've already made sure to check it's not a firewall issue, either. Not sure what else I could try. Am I just missing something really obvious here? Thanks greatly in advance for any possible ideas or suggestions.
You might not get UDP responses because server might be using that specific ports for TCP.
Different UDP scanners using different techniques may come to different results.
There is a possibility of ISP filtering UDP port only if there is hidden NAT -Meaning you will be assigned a public IP, but still would be reaching internet on a different IP (NAT'CEPTION), check for what is my ip to confirm this.
You can take a wireshark packet capture on an upstream device (Firewall or modem if possible)
We have installed a COURN server referring to the https://docs.bigbluebutton.org/2.2/setup-turn-server.html#Configure_TURN_. But even with this, we are not able to access the BBB service within the University LAN protected with a restrictive firewall.
Please find the following diagram to illustrate the environment. Looking for your suggestions to solve this issue. We are banging our heads against this wall for some time now.
From your university network, can you open https://test.bigbluebutton.org/ in a Google Chrome browser, and check whether you can access audio/video without any 1007/1020 errors?
If yes, then check your Turn server config again and ensure your BBB server can use it.
Otherwise, check whether your university firewall allows connections on TCP ports 80 and 443 and UDP ports 16384 - 32768.
I have a webcam chat room application (so it's many-to-many video sharing) using WebRTC and a mediasoup server.
I am having problems with SOME of my users not being able to get an incoming video feeds to work. It's a difficult problem because I can't reproduce it at all, and I can't easily "remote-debug" the problem since most of my users are very non-technical. So far the only thing I can tell for certain is that it seems to be network-related, not browser-related, as I have had bug reports from people using Firefox, Chrome, Safari, and Edge. I'm running my server (mediasoup v2) on port 443 with no firewall on the server box, so that should make the door as wide as possible. I just don't know what the exact problem is yet so I'm feeling around in the dark.
So, I'm trying solutions. I don't think(?) I have a TURN server set up but from what I have read, it seems like adding one certainly can't hurt, and could help with my situation.
I don't fully understand the entire WebRTC protocol or RFC 7118 (this stuff is really complicated!) or exactly what/where/how a TURN server fits into the bigger picture. It would help, right? A lot of Googling has led to no clear answers. Would love some help! Thank you!
WebRTC tries everything it can do to make a p2p connection, but there are times that it will fail. The turn server acts as a last resort so that the peers can both connect through the turn server. Obviously this is not a p2p connection, so there will be extra latency, and you will have to make sure that your turn server has enough bandwidth to cover all of the connections you expect.
TL;DR, If you need 100% connection rates, you should have a turn server.
I believe AWS has a ready made instance you can spin up, or if you could use this open source coturn server https://github.com/coturn/coturn
On a debugging note... Check your ice candidates type. You should see host and srflx if you only have a STUN server, but if you have a TURN server you will also see relay. You can replicate this issue by discarding the ice candidates that have host and srflx types.
I'm running my server (mediasoup v2) on port 443 with no firewall on the server box, so that should make the door as wide as possible
That is websocket. The media traffic runs over UDP typically and mediasoup uses random ports. A TURN server which is configured on udp port 443 may help in some cases.
The other problem is UDP being blocked which is easy to reproduce with a local firewall.. Mediasoup supports something called ice-tcp which will allow media to run over a TCP connection. You should check if your mediasoup installation uses ice-tcp. If it does not, a TURN server with TURN/TCP will help.
I'm developing a filetransfer app in VB.Net
The sizes of the files vary, but can get up to 10+ GB.
I already create a chat app as a test.
On the clientside I run this code to connect to the server.
Dim clientSocket As New System.Net.Sockets.TcpClient()
Dim serverStream As NetworkStream
clientSocket.Connect("127.0.0.1", 80)
Can I also use this to transfer files?
I want the app to work through a firewall and stuff.
So I think I need the outgoing data on the client to go through port 80. On the server I want to be able to receive the data on another port (E.g. 8888). Is this possible?
And final question is. What protocol should I use for this purpose TCP or UDP.
Sorry for the three-in-one question :)
Thanks for helping me out.
Transfer Files: Yes you can very well use a reliable network stream to transfer files. Well at least the data of those files. You have to do the file system management (creating the destination file in the right folder, etc.) yourself.
TCP/UDP: As you need reliability and flow control to transfer big chunks of data over the internet, you might want to go for TCP. Also the other features of TCP like in-order delivery and error detection won't hurt. You would probably end up implementing all those yourself if using UDP, wasting a lot of your time.
Firewall: There shouldn't be a problem with firewalls on the client side of your application, unless they are really very strict and only allow outgoing HTTP connections. But the server port has to be accessible from the internet, that is you want your server side network configured such that incoming connection requests to your public IP and your chosen port are forwarded to the chosen port on your server. Look up "port forwarding" or "port NAT" for more information. Bypassing firewalls and NATs on both sides is really much more difficult if not impossible. Don't try.
In order to transfer extremely large files like you have, you are going to need to break them up into small chunks. This will help you set up an application that can resume after a network error. It is for this reason, as well as many others, that you also want to choose TCP for your transport protocol. UDP might be faster than TCP, but it doesn't have the error detection and correction you are going to need in order to have a safe transfer of data.
Here is a C# article on how to transfer large files from both the client and server perspective. If this is what you are looking for, you will just need to translate the code to VB.NET (which a translator can do automatically for your).
http://codetechnic.blogspot.com/2009/02/sending-large-files-over-tcpip.html
Basically, the code converts the file over to a byte array and then sends it across the network/Internet. Since you can choose the port you use, you won't have an issue with firewalls when you host this. On the client end, when the client initializes the connection, it will be an outbound initialization so it will go out of the network without any issue.
I assume you are on Windows, so just use BITS
There is a nice .net wrapper available sharpbits
Is it possible to use WCF discovery to access services that reside outside your local network ?
The short answer is no.
Discovery uses a UDP broadcast packet. You can discover anything that your UDP broadcast packet is allowed to reach. There is the catch, most routers, firewalls, and commercial switches block udp broadcast packets. You may be able to change the settings on your router where you connect to the next larger network (or internet), and you 'might' extend your discovery slightly. Again though, the very next switch or router you hit will most likely be set to block udp.
In this situation, most people design a "report in" server. This is one static place to which all other hosts and clients and pre-programmed to "report in" on startup. This one server keeps a table of where all hosts and clients are, and if one client wants to find a certain host, it asks this main server for the uri of the host its looking for.
EDIT:
Robin mentioned increasing the TTL (Time To Live) from the default of 1 to a higher number. Maybe this will help someone.
https://serverfault.com/a/619825/146341