Slow Launch
I have the TCP Pirate Ports, including the 49###'s, blocked in my firewall. This causes a VERY slow FF launch, but does not seem to have any affect on the actual operation. Is there any way to opt out of these unnecessary TCP requests?
الحل المُختار
I'm not sure of the "TCP Pirate Ports". I think a default installation of Firefox wouldn't be using ports in that range.
Read this answer in context 👍 0All Replies (10)
Hi,
Please check if this happens in Safe Mode.
Thanks for your reply, but this made no difference.
The ports addressed come in pairs, usually in the 49###'s, indicating two way traffic. Automatic updating is turned off and this happens before any service is requested, so this use of unassigned ports does not look good. It would be better to put this kind of traffic on a secure footing, i.e. 443. Such would also facilitate use of the usual ranges for a secure port blocking setup.
الحل المُختار
I'm not sure of the "TCP Pirate Ports". I think a default installation of Firefox wouldn't be using ports in that range.
The way to find out is to block them in your firewall and watch the result. I was a bit surprised at the unregistered port usage too. This is most commonly used for P2P music\movie swapping, not in respectable applications.
Modified
I think a default installation of Firefox downloaded from Mozilla wouldn't be using the ports in that range.
As previously stated, this is not an "I think" item. It is verifiable either by simply looking in your firewall traffic log or by blocking the unlisted ports in your firewall (often under 'advanced rules'), and watching what happens.
My copy, and all copies I have ever had, have come from the source.
Also, both my virus scanners are perfectly happy with my system (Malwarebytes can be run in passive mode with other antimalware applications).
Please do one of the above.
Modified
Okay, I can confirm that Firefox without a proxy isn't using ports above 500o and that too are loopback connections in the unregistered ports range.
I don't understand your reply. There was no mention of ports over 5000 or use of proxy.
"and that too are" is a bit confusing. I don't understand the intent.
The problem remains: why are ports that would be blocked in a secure setup being used? Why is there a loopback at all?
Security considerations have all but eliminated the use of looping back since it invokes the host file. This is where permanent redirects are stored and as such it is a maleware playground.
Disregarding the security issues, why is it there in the first place? Why would a programmer ever want to use it? Everyone else gets along fine without it.
I should say that my system is W7-64 Ultimate.
The first link goes to the MDN front page which is not much help. The second simply goes to a statement of the fact that unassigned ports are used to access the host file along with several statements of why this is not a good idea, as was stated in the first place.
Since the use of ports with no assigned protocols is insecure, since, as Wikipedia describes it, "the hosts file represents an attack vector for malicious software", and since there is no need for it (as a comment in the second link point out, no other browser does this), there seems to be a problem here.
This conversation has now gone full circle rather than resolving an issue. Thus, I am terminating my participation.
Modified