Can a TCP connection be made without an open port?

A company may claim it has an "application" that allows computers to communicate without opening any ports, but network security expert Mike Chapple reveals whether you should believe the hype or not. Read more in this Q&A.

I've read that there is an "application" that allows computers to communicate without exposing or opening ports to the Internet. Is this possible, and if so, will it create a safer Internet environment?
You didn't provide the name of the product, so I can't evaluate this specific application. What you're describing, however, isn't possible. I suspect that the manufacturer is playing some word games to hype their product. Let's explore why.

Two computers communicate over the Internet by using their IP addresses and a combination of ports. The client computer (the one requesting the connection) contacts the server on a known destination port and provides the server with its own IP address and a source port that the server may use for reply traffic. All communication then takes place using those source/destination port and address combinations.

In order for the computers to communicate successfully, the server must have at least one port open to receive inbound requests. The client must then open the source port for replies from that particular system. That's simply the only way that a TCP connection can take place (UDP traffic is slightly different, but follows the same basic idea).

I suspect what the product you describe actually does is swap the client and server roles from their traditional sense. The server and client may both establish a connection to an intermediary server that routes traffic between the two. However, there's simply no way that this can be accomplished without some kind of device listening for traffic on a known port.

More information:

  • See how open ports can increase LAN exposure.
  • Learn how a desktop firewall policy should manage open ports.
  • Dig Deeper on Network security

    Enterprise Desktop
    Cloud Computing