Following is a detailed explanation of the use of TCP Port 33333 by PGP Desktop.
PGPTray.exe attempts to access a range of ports from 33333 to 33433.
This port is used for the proxying feature of PGP Desktop. It basically serves as the means of communication from applications to the core crypto services.
PGPTray.exe first attempts to create a listening socket at 33333 and if it fails, it keeps trying next higher ports until 33433.
PGP Desktop/PGP Tray listens on this port.
The port number used is stored in the registry at HKEY_CURRENT_USER\\SOFTWARE\\PGP Corporation\\Universal\\ListenPort.
This socket is created right after the debug log message >> "PGPocInitThreads” is seen in the PGPlog.txt file.
After the socket is created, the next log message that would be seen is “worker threads started” (which means that all the threads are created) and the last log message from this piece of code is “<< PGPocInitThreads”.
That is the initialization during PGPTray/Desktop startup. Now for how that socket is used ....
One part of the code base where this port is used the LSP (PGPlsp.dll), the PGP Layered Service Provider i.e. Network Provider, which is where the PGP proxy hooks into the WinSock stack to communicate (“proxy”) data to PGP Desktop.
The use of this socket (as a client) is in a shared library on Windows only. So, there might be other DLLs or apps (Satellite) that use this socket. It’s basically used for Inter Process Communication.
a. Initialize socket (send OIPCINIT message, receive OPICINITRESP, etc.)
b. Send OIPCCONNECT
The client attempts connections to this port (sleep 1 second between attempts)_ until the connection succeeds.
Following are some uses of this socket:
b. Outlook Plugin
d. Notes client
e. WDEWG (whole disk controller)
f. Some use on OSX.