{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 干净又极端 的问题《Multiple processes listening on the same port?》','https://www.manongdao.com/q-149936.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am trying to understand how can it be possible to start multiple processes listening on the same TCP {IP, Port} pair on Windows XP.
For example, I can start two ncat.exe programs listening on port 371. The second one is started without any problem and receives incoming connections while the first one does not. Once the process lastly started is terminated, the first one receives them.
netstat -a -n | find "LISTENING"
TCP 0.0.0.0:371 0.0.0.0:0 LISTENING
TCP 0.0.0.0:371 0.0.0.0:0 LISTENING
Assuming this a Windows (XP) behaviour, how can it be a safe & secure behaviour? It means one can "overload" any already listening port instead of getting the usual "address already in use" error message, and simply bypass firewalls with rules just saying "any incoming TCP connections on port 371 are allowed".
SO_REUSEADDR socket option is interpreted differently in windows i.e. in Linux it would allow you to reuse the same socket unless all of the five tuple (src/dst port/ip and protocol are exactly same).
However, windows actually allow you to steal the socket. I would quote a much better written answer here elaborating both.