New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Request Default Port Change for E2guardian #751
Comments
Port 8080 is standarized by IANA and yes, some malware writers know this port too. But they will find the port anyway e.g. looking at the http_proxy env var. |
Sorry I wasn't clear on why I was making the suggestion. It was not about security, but about avoiding issues with firewall rules when two completely different services are using the same port number. That's why I suggested that E2guardian use port 8081 as default, so it is easy to configure firewall rules for services like Ubiquiti wireless using port 8080. The likelihood of legitimate services using port 8081 is low, but a surprising number of enterprise products use port 8080 even though they are not a proxy server. For my Firewall and configuring Site to Site traffic, I found it easier to make E2guardian default to port 8081 to handle Internet traffic, whilst blocking two internal services we use that are using port 8080 between sites - as we don't need that traffic site to site. My concern is that port 8080 is an over used port number by far too many enterprise products. |
I can see that there may be a case for changing the default port but what to? |
I would recommend that 3128 is reserved for Squid. I don't use Squid, but a lot of people probably still use Squid as I believe this the only way to handle authentication at user level as E2guardian doesn't. So there needs to be a defined port for Squid and one for E2guardian. I use Ports 8081-8085, however, in my user case, this conflicts with nothing! Port 8080 on my networks conflicts with two separate services and quite a number of malware uses port 8080! I can't recommend a port, because while I have nothing on my systems that use ports 8081-8085, that may not be true for others, especially if they use Mcafee! Having said that, the other ports, have far fewer applications using those ports. But still quite a few services use those ports. https://www.speedguide.net/port.php?port=8080 Perhaps using speedguide website, if we can find 10 consecutive unused ports, they could become the default ports in a future release? I have no issues waiting (as I have fixed the issue myself). I am just thinking long term, that port 8080 might have been a good choice back in the day, but I think it would make sense to find some ports that no services are using for E2guardian 6.0? Ubiquiti wireless for example is very widely used and that uses port 8080 for some of it's traffic. |
Port 8080 has always traditionally been the port used for Proxy Servers. However, unfortunately many Lan systems (and backdoor trojans) use Port 8080 eg Ubiquiti Wireless. I would recommend that E2guardian uses ports 8081 upwards.
While it is easy enough to change the default port in E2guardian, I think it would be a good idea to review whether port 8080 is the most appropriate port to use by default.
The text was updated successfully, but these errors were encountered: