Sockets Connection without Listen()
Today, invited by an apparently impossible condition that showed up on OneRiot‘s servers I pushed my good friend Alessandro to prove me wrong. And as usual, in about 15 minutes, he did.
The odd condition was the following: server A was listening on a port and server B was connected to it. We turned off server A and after a few minutes server B was connected to itself on that port, although it was not listening on it.
Further investigation on the RFC 793 (page 23), and 20 lines of C code written by Alessandro, showed that is intentionally possible to connect two sockets together without calling listen() on any of the two. It is called “Simultaneous Connection Synchronization”.
On our server pure chance is what generated the condition. Server B kept trying to connect to server A cycling through the ephemeral ports allowed by the OS until accidentally the source port was the same as the destination port.
From now on our ephemeral ports range will be outside of our server ports range. I strongly recommend you to do the same especially if you run multiple services on the same box.
If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
