The Port 6000 Mystery
6 months ago
- #web security
- #software development
- #event sourcing
- EventSourcingDB 1.0 was released after extensive testing, but a bug was reported hours later regarding the Management UI not loading on port 6000.
- The issue was traced to browsers blocking certain ports (6000-6063) by default for security reasons, a measure to prevent protocol confusion attacks.
- Port 6000 is blocked because it's the default for the X Window System (X11), which could be exploited if browsers allowed connections to it.
- The team had tested many ports but not those in the browser's 'bad ports' list, highlighting a gap in testing real-world user scenarios.
- A solution was implemented to warn users when starting the Management UI on a blocked port and documentation was updated to prevent future issues.
- The incident underscored the importance of understanding the ecosystem in which software operates, including browser security policies.
- The bug report from a real user was valuable feedback, emphasizing the importance of community input in improving software.
- EventSourcingDB reached 10,000 downloads on Docker Hub, marking a significant milestone for the project.