例如,我可以启动两个在端口371上侦听的ncat.exe程序.第二个启动没有任何问题并接收传入连接而第一个没有.一旦最后开始的过程终止,第一个接收它们.
netstat -a -n | find "LISTENING" TCP 0.0.0.0:371 0.0.0.0:0 LISTENING TCP 0.0.0.0:371 0.0.0.0:0 LISTENING
假设这是一个Windows(XP)行为,它怎么能是一个安全的&安全行为?这意味着可以“重载”任何已经侦听的端口,而不是获取通常的“已使用的地址”错误消息,并简单地绕过防火墙,其规则只是说“允许端口371上的任何传入TCP连接”.
但是,Windows实际上允许您窃取套接字.我会引用一个更好的written answer来详细阐述两者.
Windows only knows the SO_REUSEADDR option,there is no SO_REUSEPORT. Setting SO_REUSEADDR on a socket in Windows behaves like setting SO_REUSEPORT and SO_REUSEADDR on a socket in BSD,with one exception: A socket with SO_REUSEADDR can always bind to exactly the same source address and port as an already bound socket,even if the other socket did not have this option set when it was bound. This behavior is somewhat dangerous because it allows an* application “to steal” the connected port of another application. Needless to say,this can have major security implications.
