Jump to content
Not connected, Your IP: 3.235.66.217
Cordonbleu

Portforwarding security

Recommended Posts

hey

if i open a port on airvpn and run a application behind it this still secure cause airvpn needs to know which user reserved which port :-)

Share this post


Link to post

Hello !

 

This has been answered a number of times. Please either use the search function on the forum or use a search engine . Alternatively, I've got links in my guide to all sorts of security and privacy related topics, at the bottom. I can tell you however, that Air, as a baseline, makes things secure by default. As per their posts in places like the FAQ/How-To sections, certain practices should be avoided. But they wouldn't offer port-forwarding if they didn't think they could make it secure. It's much the same as how they don't use usernames and passwords, but instead rely on certificates, for when you use their software on your desktop for instance.


Moderators do not speak on behalf of AirVPN. Only the Official Staff account does. Please also do not run Tor Exit Servers behind AirVPN, thank you.
Did you make a guide or how-to for something? Then contact me to get it listed in my new user guide's Guides Section, so that the community can find it more easily.


Tired of Windows? Why Linux Is Better.

Share this post


Link to post

hey

if i open a port on airvpn and run a application behind it this still secure cause airvpn needs to know which user reserved which port :-)

 

You open a port. [AirVPN server IP] is now reachable through it. Since nothing listens on this port, a connection to the socket (IP:port combination) would time out. Now, let's say, you connect to AirVPN.

In the next step, this port is forwarded to the specified local port. Now, your internal IP address is reachable using this port. If there is nothing listening on the internal socket, a request would again time out.

If you launch some software and configure it to listen to the local port, then it will work. I'm not sure what your definition of "still secure" is, you just open an opportunity to reach your connected computer, and if it runs old software full of vulnerabilities answering requests, well, AirVPN is not securing anything for you.

 

I've been thinking about the last part of your sentence. Technically, the system does not need to know who reserved a given port. What it needs to know is the internal IP to forward requests to, and this one is tied to the connecting client with its certificate. You connect and the system internally updates the information on ports and adds the internal IP information. Something like this.

Therefore, you can't know which user forwarded port 8000 for example. You don't even see internal IPs, so there's no direct way of finding out if it was your account or maybe mine which forwarded this port.


Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

Hi,

 

I have a small question. Air allows each user to reserve 20 ports for port forwarding on Air's network out of total 63487 ports (2048-65534). These 20 reserved ports are available on all Air servers. So, how does it work? I mean 63487 ports with 20 ports per user allows for maximum of 3175 users. How all the users' requests are taken care of?

 

Just want to know for my information

Share this post


Link to post

Hi,

 

I have a small question. Air allows each user to reserve 20 ports for port forwarding on Air's network out of total 63487 ports (2048-65534). These 20 reserved ports are available on all Air servers. So, how does it work? I mean 63487 ports with 20 ports per user allows for maximum of 3175 users. How all the users' requests are taken care of?

 

Just want to know for my information

 

I suppose because a lot of the users don't reserve any ports.

Share this post


Link to post

I suppose because a lot of the users don't reserve any ports.

 

Or just one or two. I only forwarded one, for example, so you can add my 19 other ports to the pool. Also, I believe, ports are being routinely freed when a user's subscription expired. But this one needs confirmation.


Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

 

Can anybody help us with this mystery

 

Giganerd is correct, until now many ports are still unclaimed.

You can still get 20 sequential ports - you can check the port matrix page for that.

 

Hi zhang888,

 

Thanks for the reply.

I already have mine. I was just wondering how all the users ports requirement need is taken care of.

Now, it is clear. It is sort of first come first serve basis.

Share this post


Link to post

hey

if i open a port on airvpn and run a application behind it this still secure cause airvpn needs to know which user reserved which port :-)

Nope not really secure. I asked the support about this and they told me that they know who is using which port. They don't log any history but when connected to a server they can link the port to your account. So better don't do anything nasty while using a forwarded port. 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...