OpenVPN ports 1025-65535

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

RSengine

Occasional Visitor
My ASUS router's OpenVPN configuration page says "Due to security concerns, we suggest using a port from 1025 to 65535". I've been setting my port as 443 to mask my VPN packets as HTTPS traffic when travelling. I couldn't find anything about VPN security on Google with regard to ports 1025 to 65535. Am I sacrificing some security as a result of setting my port as 443?
 

ColinTaylor

Part of the Furniture
Where are you seeing that message? I can't see it myself. What router model do you have?

On a normal Linux system ports <1024 are "system ports" that can only be bound to by root and therefore has security implications. That's rather academic on an Asus router IMHO as just about everything runs as root.
 

RSengine

Occasional Visitor
Where are you seeing that message? I can't see it myself. What router model do you have?
It seems that message appears when AiCloud 2.0's Web access port is set as 443 in http://router.asus.com/cloud_settings.asp (even if AiCloud 2.0 is disabled, like it is in my router). Changing that to something else made the message disappear.

On a normal Linux system ports <1024 are "system ports" that can only be bound to by root and therefore has security implications. That's rather academic on an Asus router IMHO as just about everything runs as root.
Could a client connected via VPN somehow run commands as root on my router without knowing the admin login then?
 

ColinTaylor

Part of the Furniture
Could a client connected via VPN somehow run commands as root on my router without knowing the admin login then?
No, although I'm not saying it's impossible because all software has the potential to contain bugs. But OpenVPN is very secure and reliable making that extremely unlikely.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top