Post Reply 
Port 0
Mar. 16, 2020, 07:33 PM
Post: #1
Port 0
Hi folks, there's been a few occasions when I try to load a website (Twitter + Drudge Report are two examples) where the site tries to load, but stalls out. At the same time my firewall alerts me that Proxomitron is trying to connect out on port 0. I deny the request and ultimately a blank page loads with the message "The Proxomitron couldn't find the site named." My Firewall log is below and I'm just wondering if it is normal behaviour. Thank you for your advice.

Proxomitron' from your computer wants to connect to 127.0.0.1, port 0
Add Thank You Quote this message in a reply
Mar. 17, 2020, 03:18 AM
Post: #2
RE: Port 0
I don't frequent those sites. But I haven't seen a stall at either, tonight.

Which Firewall are you using?

(Mar. 16, 2020 07:33 PM)Anno Domini Wrote:  Proxomitron' from your computer wants to connect to 127.0.0.1, port 0

Strange...
Have you set Proxomitron's HTTPS port to 0 as you mentioned in https://www.prxbx.com/forums/showthread.php?tid=2376&pid=19854#pid19854
Add Thank You Quote this message in a reply
Mar. 17, 2020, 04:08 PM (This post was last modified: Mar. 17, 2020 04:09 PM by Anno Domini.)
Post: #3
RE: Port 0
Hi JJoe, I'm using Kerio 2.1.5 and I can recreate Proxomitron trying to connect out on port 0 if I disconnect my Internet connection. For example, if I pull the chord from my router and disconnect from the Internet and then try to go to a website (I tried multiple sites), I get a popup from Kerio saying that "Proxomitron' from your computer wants to connect to 127.0.0.1, port 0." If I connect my router again and go back online, the popup goes away and I can visit those same sites, but there's been a few times when even if I am online I get a popup of Proxomitron trying to connect out on port 0 and when I deny it the website will not load. I checked the HTTPS port number within the Proxomitron config button menu and it is at 8443, and not 0.
Add Thank You Quote this message in a reply
Mar. 18, 2020, 02:31 AM
Post: #4
RE: Port 0
(Mar. 17, 2020 04:08 PM)Anno Domini Wrote:  Hi JJoe, I'm using Kerio 2.1.5

There's a(nother) blast from the past. Sidki and other Proxomitron users were using Kerio 2.1.5. So, it must have worked well enough for them.

If I remember correctly tho, some reported the combination of Kerio, a local proxy and|or antivirus could be flaky. Also, the use of a local proxy could create a hole that was closed by adding rules to Kerio.

I never used Kerio so I can't help much.
First, I'd see if disabling any antivirus helped.
Then, double check local proxy configuration in Kerio.
Then Google...
Add Thank You Quote this message in a reply
Mar. 18, 2020, 04:09 PM (This post was last modified: Mar. 19, 2020 05:23 PM by Anno Domini.)
Post: #5
RE: Port 0
Haha I love Kerio 2.1.5 and appreciate you remembering the good times, JJoe. :-) I still use it because of its great outbound control and configurability and because I still have WinXP and Win7. I have searched and searched for another firewall that could alert me like Kerio does when something wants out and the only one I could find close to it is the Comodo 5 series and the versions before. Comodo 5 works on Win7, Kerio 2.1.5 does not. There's also a way to decrease the installation size of Comodo by just installing the firewall and defense+, but we're getting sidetracked.

I took your advice and examined my rules in Kerio 2.1.5 and I don't know if I can explain this because I don't understand it, but I noticed my loopback rule for Proxomitron was UDP outbound only and my alert for Proxomitron trying to connect out on port 0 was for TCP. See attached photos. I blurred some parts for security. My rules are from a ruleset called "BZ Kerio 2x Default Replacement - Advanced - Final." (see attached photo). Note that BZ has a standard and advanced Kerio ruleset. The photo I attached is BZ's advanced rules and the one I use. I don't understand how the proxy loopback works, but after you suggested I double check the local proxy configuration in Kerio, I noticed my loopback rule was UDP out only. So I changed it to UDP + TCP out (see attached photo) like BZ's advanced software proxy loopback rule. Now the alerts from Proxomitron trying to connect out on port 0 with TCP are gone. My firewall now says, "TCP Connection to (null) [127.0.0.1:0] was permitted by rule 'Loopback for Proxy (out)." I don't understand it JJoe, but thank you for leading me to the source. You are a genius, but is this safe. Do you think I opened up a new security hole ?

BZ Kerio 2x Default Replacement Update
https://www.dslreports.com/forum/r802370...ent-Update


Attached File(s)
.jpg  UDP outbound only - Kerio 2.1.5 proxomitron loopback rule .jpg (Size: 70.79 KB / Downloads: 32)
.gif  BZ Kerio 2x Default Replacement - Advanced - Final .gif (Size: 28.28 KB / Downloads: 27)
.jpg  UDP + TCP outbound only - Kerio 2.1.5 proxomitron loopback rule .jpg (Size: 76.12 KB / Downloads: 30)
.jpg  Proxomitron trying to connect out on port 0 with TCP .jpg (Size: 61.09 KB / Downloads: 28)
Add Thank You Quote this message in a reply
Mar. 19, 2020, 02:08 AM
Post: #6
RE: Port 0
(Mar. 18, 2020 04:09 PM)Anno Domini Wrote:  ... is this safe. Do you think I opened up a new security hole ?

The 'Loopback for Proxy' rule addressed one of the problems.
More rules were added to permit or restrict access to the Proxomitron so malicious programs couldn't use it to tunnel through the firewall...

I think the security concerns that I remember were addressed by the rule set discussed at https://www.dslreports.com/forum/r6642367-Kerio-Generic-Rule-Set-for-Kerio-Proxy-and-no-Proxy.
Add Thank You Quote this message in a reply
Mar. 19, 2020, 03:36 PM
Post: #7
RE: Port 0
Thank you, JJoe. Apparently I had my loopback rule for a proxy setup properly in Kerio, but I had it setup for UDP out only. Proxomitron is trying to connect out through port 0 with TCP. That's why an alert from Kerio said, "Proxomitron' from your computer wants to connect to 127.0.0.1, port 0." So I changed my firewall rule to both UDP + TCP out like in the photo I attached to this post and I no longer get the alert. After changing the rule, my firewall now tells me that, "TCP Connection to (null) [127.0.0.1:0] was permitted by rule 'Loopback for Proxy (out)." As mentioned, I don't understand how the loopback rule works and as far as I can tell, Proxomitron is not trying to connect out to an IP address. I'll close out by noting that prior to me switching over to filtering SSL through Proxomitron, Proxomitron never requested outbound access to port 0, but that is a little off my radar. I just look for honest people and appreciate any advice they have on how to navigate in a world where privacy is becoming more and more of a concern. Thank you for helping me resolve this, JJoe. You are the best.


Attached File(s)
.jpg  Proxy loopback rule .jpg (Size: 4.61 KB / Downloads: 29)
Add Thank You Quote this message in a reply
Mar. 20, 2020, 03:12 AM
Post: #8
RE: Port 0
(Mar. 19, 2020 03:36 PM)Anno Domini Wrote:  as far as I can tell, Proxomitron is not trying to connect out to an IP address.

I think the Proxomitron is requesting the ability to use a local port. Kerio sees the request before the port number is assigned and reports "127.0.0.1, port 0".
This should be ok.

(Mar. 19, 2020 03:36 PM)Anno Domini Wrote:  I'll close out by noting that prior to me switching over to filtering SSL through Proxomitron, Proxomitron never requested outbound access to port 0,

This could be related to Reborn's local https server but I can't say for sure.
You may want to add the https server's port number, 8443, to Kerio.

(Mar. 19, 2020 03:36 PM)Anno Domini Wrote:  I don't understand how the loopback rule works

I don't know enough about Kerio to be specific but your solution makes sense.

Thanks for the post
Add Thank You Quote this message in a reply
Mar. 20, 2020, 02:13 PM (This post was last modified: Mar. 21, 2020 03:02 AM by Anno Domini.)
Post: #9
RE: Port 0
Quick note to say that I already had the https port number, 8443, added to Kerio as a rule (see attached photo) and with that in place I still get the request from Proxomitron to connect out through port 0 with TCP, but the request is rare and it can be triggered by disconnecting from the Internet and trying to go to a website offline -- if anyone wants to test it for themselves. I am not that concerned though because I don't see Proxomitron trying to connect out to an IP address and my loopback rule in post # 7 seems to have resolved the issue, although I don't fully understand it. Just noting this for the record. :-)


Attached File(s)
.jpg  Add the https server's port number, 8443, to Kerio .jpg (Size: 69.22 KB / Downloads: 30)
Add Thank You Quote this message in a reply
Mar. 21, 2020, 11:52 PM
Post: #10
RE: Port 0
If the HTTPS port is set to 0, it will not even try to start the HTTPS listener, so that's not it.

Do you have some other blocking software that may be redirecting requests to localhost? The Proxomitron won't connect to 127.0.0.1 unless something told it to. If you could have the log window open and show what it says when your firewall shows that warning, that might help troubleshoot where this is coming from.

In any case a connection to port 0 is unlikely to work, as it is nearly impossible to get something to listen on that port.
Add Thank You Quote this message in a reply
Mar. 22, 2020, 02:12 AM (This post was last modified: Mar. 22, 2020 11:25 AM by Anno Domini.)
Post: #11
RE: Port 0
Hi Amy, I don't have any other blocking software that I am aware of. As mentioned, before installing the SSL certificate for Proxomitron I never had Proxomitron requesting out on port 0. Here is my log window. Note: I use an older version of Firefox (version 43) because it displays youtube videos better. Note 2: I can always trigger Proxomitron to try and connect out through port 0 with TCP by unplugging my router. The first two photos I attached (Log window 1 + Log window 2) are with no Internet access. I try to connect to Google. I get a firewall alert from Kerio. Log window 3 + 4 are when I plugged my router back in and had Internet access. I am able to connect to Google and Proxomitron did not request access to port 0. I get no firewall alert from Kerio. I tried to keep the results in all 4 log window photos in sequence following each other after I did the above. Not sure if anything in the logs catches your attention.


Attached File(s)
.jpg  Log window 1 (Disconnected from Internet and trying to connect to Google) .jpg (Size: 343.29 KB / Downloads: 29)
.jpg  Log window 2 (Disconnected from Internet and trying to connect to Google) .jpg (Size: 287.33 KB / Downloads: 29)
.jpg  Log window 3 (Connected to Internet. Firewall alert goes away) .jpg (Size: 388.96 KB / Downloads: 30)
.jpg  Log window 4 (Connected to Internet. Firewall alert goes away) .jpg (Size: 400.28 KB / Downloads: 26)
Add Thank You Quote this message in a reply
Mar. 22, 2020, 11:51 AM
Post: #12
RE: Port 0
Kerio 2.1.5 has issues with network-mask rules. See this old thread at Wilders, last 2 pages.
https://www.wilderssecurity.com/threads/...-3.182158/
Add Thank You Quote this message in a reply
Mar. 22, 2020, 10:55 PM (This post was last modified: Mar. 22, 2020 10:57 PM by Anno Domini.)
Post: #13
RE: Port 0
Hi, herbalist. I checked the link and I think my Kerio rules are okay. How can the network-mask rules trigger Proxomitron to request outbound access on port 0 -- when I am not even connected to the Internet ? See my post 11. Thank you for any insight.
Add Thank You Quote this message in a reply
May. 31, 2020, 02:51 PM (This post was last modified: May. 31, 2020 02:56 PM by Anno Domini.)
Post: #14
RE: Port 0
Hey folks, quick update. Visiting a website with an older version of Comodo firewall (used for outbound requests control) I had a certificate popup from Proxomitron, and then a firewall alert with Proxomitron requesting outbound access on port 0. See attached photo. I'm not currently trying to figure out why this is happening, as I have some other things I'm dealing with at the moment and I can allow or disallow these. I don't know if it's a firewall loopback configuration issue or what, but just wanted to give you an update that the certificate popup came first and it may have triggered Proxomitron's request out on port 0. Have a great day and thank you for keep Proxo alive. I love this program...........


Attached File(s)
.jpg  Alerts trying when visiting a website .jpg (Size: 173.45 KB / Downloads: 30)
Add Thank You Quote this message in a reply
Jun. 03, 2020, 12:41 AM
Post: #15
RE: Port 0
Thanks for the additional information. I have a suspicion I know what's happening now, it's related to the internal error page that gets shown when a connection error occurs. I'll try to track it down over the next few days...
Add Thank You Quote this message in a reply
Post Reply 


Forum Jump: