block the right port on the right ip - TCP-IP

This is a discussion on block the right port on the right ip - TCP-IP ; hi,i know in some countries, several people share the same ip but different ports, so i think "block ip only" is not appropriate. may we should just block the right port at the right ip.does anybody there agree with me?...

+ Reply to Thread
Results 1 to 4 of 4

Thread: block the right port on the right ip

  1. block the right port on the right ip

    hi,i know in some countries, several people share the same ip but
    different ports, so i think "block ip only" is not appropriate. may we
    should just block the right port at the right ip.does anybody there
    agree with me?


  2. Re: block the right port on the right ip

    samplestrategy@gmail.com dixit:

    > hi,i know in some countries, several people share the same ip but
    > different ports,


    In order to share the same physical IP address, you gotta have a router
    that supports NAT or some other protocol that will translate between public
    (physical) and virtual (private) IP addresses.

    So, the rule is, a host = an IP address and, yes, perhaps several ports
    for different apps.

    >so i think "block ip only" is not appropriate. may we
    > should just block the right port at the right ip.does anybody there
    > agree with me?


    This is essentially what a firewall does: block ports.

    Marcos


    >
    >





  3. Re: block the right port on the right ip

    samplestrategy@gmail.com wrote:
    > hi,i know in some countries, several people share the same ip but
    > different ports, so i think "block ip only" is not appropriate. may we
    > should just block the right port at the right ip.does anybody there
    > agree with me?


    If you're asking if it is possible to block one or more of a group of
    PCs that are sharing a single IP by blocking a particular port number,
    the answer is no. The client end of a connection uses ephemeral port
    numbers that change with every use. E.g., if a client loads a webpage
    in a browser, multiple TCP sessions are used to download the various
    elements of the webpage and every TCP session uses a different port
    number at the client end. So a client might use 20 or more unique port
    numbers to load a single webpage into a browser.

    NM


  4. Re: block the right port on the right ip

    crazy! many thanks! thanks again.


+ Reply to Thread