Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Rohkem teavet

Slow Launch

  • 10 vastust
  • 1 on selline probleem
  • 1 view
  • Viimati vastas dmelliott

more options

I have the TCP Pirate Ports, including the 49###'s, blocked in my firewall. This causes a VERY slow FF launch, but does not seem to have any affect on the actual operation. Is there any way to opt out of these unnecessary TCP requests?

I have the TCP Pirate Ports, including the 49###'s, blocked in my firewall. This causes a VERY slow FF launch, but does not seem to have any affect on the actual operation. Is there any way to opt out of these unnecessary TCP requests?

Valitud lahendus

I'm not sure of the "TCP Pirate Ports". I think a default installation of Firefox wouldn't be using ports in that range.

Loe vastust kontekstis 👍 0

All Replies (10)

more options

Hi,

Please check if this happens in Safe Mode.

more options

Thanks for your reply, but this made no difference.

The ports addressed come in pairs, usually in the 49###'s, indicating two way traffic. Automatic updating is turned off and this happens before any service is requested, so this use of unassigned ports does not look good. It would be better to put this kind of traffic on a secure footing, i.e. 443. Such would also facilitate use of the usual ranges for a secure port blocking setup.

more options

Valitud lahendus

I'm not sure of the "TCP Pirate Ports". I think a default installation of Firefox wouldn't be using ports in that range.

more options

The way to find out is to block them in your firewall and watch the result. I was a bit surprised at the unregistered port usage too. This is most commonly used for P2P music\movie swapping, not in respectable applications.

Muudetud dmelliott poolt

more options

I think a default installation of Firefox downloaded from Mozilla wouldn't be using the ports in that range.

more options

As previously stated, this is not an "I think" item. It is verifiable either by simply looking in your firewall traffic log or by blocking the unlisted ports in your firewall (often under 'advanced rules'), and watching what happens.

My copy, and all copies I have ever had, have come from the source.

Also, both my virus scanners are perfectly happy with my system (Malwarebytes can be run in passive mode with other antimalware applications).

Please do one of the above.

Muudetud dmelliott poolt

more options

Okay, I can confirm that Firefox without a proxy isn't using ports above 500o and that too are loopback connections in the unregistered ports range.

more options

I don't understand your reply. There was no mention of ports over 5000 or use of proxy.

"and that too are" is a bit confusing. I don't understand the intent.

The problem remains: why are ports that would be blocked in a secure setup being used? Why is there a loopback at all?

Security considerations have all but eliminated the use of looping back since it invokes the host file. This is where permanent redirects are stored and as such it is a maleware playground.

Disregarding the security issues, why is it there in the first place? Why would a programmer ever want to use it? Everyone else gets along fine without it.

I should say that my system is W7-64 Ultimate.

more options

There was a detailed explanation regarding the connections, but I think I lost the exact bookmarks. You can try here. Please also see this.

more options

The first link goes to the MDN front page which is not much help. The second simply goes to a statement of the fact that unassigned ports are used to access the host file along with several statements of why this is not a good idea, as was stated in the first place.

Since the use of ports with no assigned protocols is insecure, since, as Wikipedia describes it, "the hosts file represents an attack vector for malicious software", and since there is no need for it (as a comment in the second link point out, no other browser does this), there seems to be a problem here.

This conversation has now gone full circle rather than resolving an issue. Thus, I am terminating my participation.

Muudetud dmelliott poolt