What is HIPPA?

[James Moe]

Hello,
I was searching </etc/services> for the port number for IPP (which is
631). One of the results was port 2988: "HIPPA Reporting Protocol."
I can find no information whatsoever for "HIPPA Reporting Protocol"
other than its port number is assigned to 2988. I cannot tell if HIPPA
is correct (likely), or a misspelling of HIPAA, a common mistake. A web
search of either phrase has yielded nothing descriptive.

Does anyone know what it is?

--
James Moe
jmm-list at sohnen-moe dot com

[The Natural Philosopher]

LMGTFY

http://www.corrupteddatarecovery.com/Port/2988tcp-Port-Type-hippad-hippad.asp


--
Ineptocracy

(in-ep-toc’-ra-cy) – a system of government where the least capable to
lead are elected by the least capable of producing, and where the
members of society least likely to sustain themselves or succeed, are
rewarded with goods and services paid for by the confiscated wealth of a
diminishing number of producers.

[J G Miller]

On Sunday, February 10th, 2013, at 16:30:11h -0700, James Moe observed:

> I was searching </etc/services> for the port number for IPP (which is
> 631). One of the results was port 2988: "HIPPA Reporting Protocol."
> I can find no information whatsoever for "HIPPA Reporting Protocol"
> other than its port number is assigned to 2988. I cannot tell if HIPPA
> is correct (likely), or a misspelling of HIPAA, a common mistake. A web
> search of either phrase has yielded nothing descriptive.

Please see

<http://westreferenceattorneys.COM/2012/04/h-i-p-a-a-not-h-i-p-p-a/>


I do not know where you are getting the information that
port 2988 is for HIPAA because /etc/services says

afbackup 2988/tcp #| Afbackup system
afbackup 2988/udp #|


The article at

<http://docs.oracle.com/cd/E19398-01/820-1277/agcar/index.html>

explains all about the protocol.


QUOTE

About the HIPAA Protocol

The acronym HIPAA stands for the Health Insurance Portability and
Accountability Act (of 1996). This law is designed to protect health
care patients and ensure the fast, easy exchange of patient-related data.

Among other things, the act makes specifications affecting standards
of treatment and privacy rights.

The act provides a number of standardized transactions that can be used for
such things as a health-care eligibility inquiry or a health care claim.
The HIPAA protocol realizes these legal mandates in the form of a standardized,
universal data-messaging format and structure.

UNQUOTE

Read the rest of the article to learn about the structure of the HIPPA
header and envelope and how HIPPA messaging works.

[J G Miller]

On Sunday, February 10th, 2013, at 23:59:52h +0000, J G Miller wrote:

> I do not know where you are getting the information that
> port 2988 is for HIPAA because /etc/services says
>
> afbackup 2988/tcp #| Afbackup system
> afbackup 2988/udp #|

A bit more web searching has found at

<http://www.bekkoame.ne.JP/~s_ita/port/port2900-2999.html>

and

<http://sligo.desy.DE:2880/pnfs/desy.de/data/dteam/fbxtest.txt>

afbackup 2988/tcp hippad # Afbackup system
afbackup 2988/udp hippad # Afbackup system


So a search on "hippad protocol" brings up

<http://www.corrupteddatarecovery.COM/Port/2988udp-Port-Type-hippad-hippad.asp>

QUOTE

Port Number: 2988/udp (Windows 7/Windows Vista/ Windows XP/Windows Server family)
HIPPA Reporting Protocol
Protocol Used : hippad
Service Type : hippad
Known Port 2988/udp exploits: Yes
Known Port 2988/udp Security Risks: Yes

UNQUOTE

So hippad must be a protocol used in the afbackup system

<http://sourceforge.NET/projects/afbackup/>

to communicate between the clients and backup server.

[James Moe]

On 02/10/2013 04:36 PM, The Natural Philosopher wrote:
>>
> LMGTFY
>
> http://www.corrupteddatarecovery.com/Port/2988tcp-Port-Type-hippad-hippad.asp
>
Ha, ha. Did you read the page? It says port 2988 is the "HIPPA
Reporting Protocol." That is it. There is nothing descriptive about the
protocol at all. Zilch. Zero. Zip. Nix. Nada. Nothing.

[James Moe]

On 02/10/2013 04:59 PM, J G Miller wrote:
>
> I do not know where you are getting the information that
> port 2988 is for HIPAA because /etc/services says
>
> afbackup 2988/tcp #| Afbackup system
> afbackup 2988/udp #|
>
>

Not HIPAA! HIPPA.

I do not know where you are getting the information that port 2988 is

for afbackup.

$ grep 2988 /etc/services
hippad 2988/tcp # HIPPA Reporting Protocol
hippad 2988/udp # HIPPA Reporting Protocol

opensuse v12.2
linux 3.4.28-2.20-desktop x86_64

[James Moe]

On 02/10/2013 05:21 PM, J G Miller wrote:
>
> So a search on "hippad protocol" brings up
> <http://www.corrupteddatarecovery.COM/Port/2988udp-Port-Type-hippad-hippad.asp>
>

Yes. It seems everyone can Google that page; even I managed to find
it. It has a singular lack of informative content regarding the purpose
of the protocol assigned to the port.

>
> So hippad must be a protocol used in the afbackup system
>

I ask: Does anyone know what the "HIPPA Reporting Protocol" is?

[Richard Kettlewell]

J G Miller <mil...@yoyo.ORG> writes:
> So hippad must be a protocol used in the afbackup system
>
> <http://sourceforge.NET/projects/afbackup/>
>
> to communicate between the clients and backup server.

That's not a very safe conclusion, since afbackup doesn’t actually
mention HIPPA in its source or documentation.

The IETF registration for the port number only refers to “hippad”;
afbackup is squatting on that number.

hippad 2988/tcp HIPPA Reporting Protocol
hippad 2988/udp HIPPA Reporting Protocol
# William Randolph Royere III
# <william&royere.net>

You can do your own research on other appearances of that identity...

--
http://www.greenend.org.uk/rjk/

[The Natural Philosopher]

On 11/02/13 06:51, James Moe wrote:
> On 02/10/2013 04:36 PM, The Natural Philosopher wrote:
>>>
>> LMGTFY
>>
>> http://www.corrupteddatarecovery.com/Port/2988tcp-Port-Type-hippad-hippad.asp
>>
> Ha, ha. Did you read the page? It says port 2988 is the "HIPPA
> Reporting Protocol." That is it. There is nothing descriptive about the
> protocol at all. Zilch. Zero. Zip. Nix. Nada. Nothing.
>

Er..you asked WHAT IS hippa? not for a completee spec.

Its a backup and remote reporting protocol. There. Question is answered.

ALSO you said 'I camnt find any reference to it on the net' That was the
first of about 400 I found. You can find the rest if YOU are so concerned.

I am not.

[Jean-David Beyer]

I do not know that looking at one's /etc/services file is much help.
Some seem to say one thing, some another. Mine is like this:

afbackup 2988/tcp hippad # Afbackup system
afbackup 2988/udp hippad # Afbackup system

$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.3 (Santiago)

$ uname -r
2.6.32-279.22.1.el6.x86_64

[Moe Trin]

On Sun, 10 Feb 2013, in the Usenet newsgroup comp.os.linux.misc, in article
<XdydncS9HI9kCIXM...@giganews.com>, James Moe wrote:

> J G Miller wrote:

>> I do not know where you are getting the information that
>> port 2988 is for HIPAA because /etc/services says

>> afbackup 2988/tcp #| Afbackup system
>> afbackup 2988/udp #|

So file a bug report with whoever supplied that file.

>I do not know where you are getting the information that port 2988 is
>for afbackup.

An incomplete and possibly b0rken /etc/services file - just like you.

ftp://www.ietf.org/iana/service-names-port-numbers/
-------------------
Service names are assigned on a first-come, first-served process, as
documented in [RFC6335].

*********************************************************************
*PLEASE NOTE THE FOLLOWING: *
* *
*ASSIGNMENT OF A PORT NUMBER DOES NOT IN ANY WAY IMPLY AN *
*ENDORSEMENT OF AN APPLICATION OR PRODUCT, AND THE FACT THAT NETWORK*
*TRAFFIC IS FLOWING TO OR FROM A REGISTERED PORT DOES NOT MEAN THAT *
*IT IS "GOOD" TRAFFIC, NOR THAT IT NECESSARILY CORRESPONDS TO THE *
*ASSIGNED SERVICE. FIREWALL AND SYSTEM ADMINISTRATORS SHOULD *
*CHOOSE HOW TO CONFIGURE THEIR SYSTEMS BASED ON THEIR KNOWLEDGE OF *
*THE TRAFFIC IN QUESTION, NOT WHETHER THERE IS A PORT NUMBER *
*REGISTERED OR NOT. *
**********************************************************************
------------------

Please READ AND UNDERSTAND THE ABOVE NOTE. /etc/services is not,
AND NEVER HAS BEEN authoritative.

------------------
hippad 2988 tcp HIPPA Reporting Protocol
[William_Randolph_Roy] [William_Randolph_Roy]
hippad 2988 udp HIPPA Reporting Protocol
[William_Randolph_Roy] [William_Randolph_Roy]

personnel 3109 tcp Personnel protocol
[William_Randolph_Roy] [William_Randolph_Roy]
personnel 3109 udp Personnel protocol
[William_Randolph_Roy]

edix 3123 tcp EDI Translation Protocol
[William_Randolph_Roy] [William_Randolph_Roy]
edix 3123 udp EDI Translation Protocol
[William_Randolph_Roy]


[William_Randolph_Roy] mailto:william&royere.net
------------------

If you are so insistent in using /etc/services to identify a service,
the ietf.org file does contain a mail contact. You might get sales
literature, or you might get ignored.

Old guy

[James Moe]

On 02/11/2013 05:39 AM, The Natural Philosopher wrote:
>>
> Er..you asked WHAT IS hippa? not for a completee spec.
>

Yes, I did. I did not expect a complete spec, just a hand-waving
overall description.
My web searches (I really did search before posting) found nothing
except that the protocol (whatever it does, I wish to know) uses port
2988. Just as you discovered.

> Its a backup and remote reporting protocol. There. Question is answered.
>

No, it does not. The title implies a reporting function for HIPPA
(whatever that is), not a backup. The backup bit came from someone's
defective <services> file.

> ALSO you said 'I camnt find any reference to it on the net' That was the
> first of about 400 I found.
>

Yes. And they all say "HIPPA Reporting Protocol" uses port 2988;
that's all. So I was curious at the remarkable lack of information. I
had thought the breadth of knowledge and experience represented by this
list might know what search engines cannot provide.

[James Moe]

On 02/11/2013 08:17 AM, Moe Trin wrote:
> hippad 2988 tcp HIPPA Reporting Protocol
> [William_Randolph_Roy] [William_Randolph_Roy]

> [William_Randolph_Roy] mailto:william&royere.net
> ------------------
>
> If you are so insistent in using /etc/services to identify a service,
>

No, I am not. Where did you get that? I simply found it in the
<services> file and am curious what it is.

> the ietf.org file does contain a mail contact.
>

Except that the domain <william&royere.net> does not exist.
A web search of "William_Randolph_Roy" or "William Randolph Roy"
yields nothing.

[David W. Hodgins]

On Mon, 11 Feb 2013 17:00:55 -0500, James Moe <jimoe...@sohnen-moe.com> wrote:

> Yes. And they all say "HIPPA Reporting Protocol" uses port 2988;
> that's all. So I was curious at the remarkable lack of information. I
> had thought the breadth of knowledge and experience represented by this
> list might know what search engines cannot provide.

Running a search on "hippa reporting protocol" leads me to the impression
that it's used for U.S. health care exchange of info between doctors,
hospitals, and medicare. See
http://www.hhs.gov/ocr/privacy/hipaa/understanding/index.html

Regards, Dave Hodgins

--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)

[J G Miller]

On Monday, February 11th, 2013 at 15:00:55h -0700, James Moe wrote:

> The title implies a reporting function for HIPPA (whatever that is),
> not a backup. The backup bit came from someone's defective <services> file.

The services file is not defective. afbackup does use 2988,
so please do not leap to conclusions.

What Moe Trin (The Old Guy) pointed out was that the services
file is not authoritative, but one needs to go to the official
site to get the authoritative list of what should be on which
port.

> And they all say "HIPPA Reporting Protocol" uses port 2988;

Since Richard Kettlewell has done a search of the afbackup source
and finds no mention of hippad, one possibility is that the
hipad is piggybacking on this port and that HIPPA is indeed a
typographical error (perhaps derived from HIP PAD and dropping
the D for dameon) and the service is associated with HIPA for
which I provided a link to the Oracle site describing HIPA messages.4

The only way to get a definitive answer to this question is to find
who wrote the original services file with hippad on 2998 and
on what information they based that construction.

Remember the truth is out there, but the probability of finding
it on Usenet nowadays is quite low.

[Moe Trin]

On Mon, 11 Feb 2013, in the Usenet newsgroup comp.os.linux.misc, in article
<cfCdnVcynLgN9oTM...@giganews.com>, James Moe wrote:

>Moe Trin wrote:

ftp://www.ietf.org/iana/service-names-port-numbers/

>> hippad 2988 tcp HIPPA Reporting Protocol
>> [William_Randolph_Roy] [William_Randolph_Roy]
>> [William_Randolph_Roy] mailto:william&royere.net

>> If you are so insistent in using /etc/services to identify a service,

> No, I am not. Where did you get that?

The URL above is the FTP access. If you want web access, use
<http://www.ietf.org/assignments/service-names-port-numbers/
service-names-port-numbers.txt> (watch the line wrap - that all one
line with no spaces), and hope your browser renders the XML properly.

>I simply found it in the <services> file and am curious what it is.

Grab a copy of RFC6335 and RFC2780 from your favorite search engine

2780 IANA Allocation Guidelines For Values In the Internet Protocol
and Related Headers. S. Bradner, V. Paxson. March 2000. (Format:
TXT=18954 bytes) (Updated by RFC4443, RFC5237, RFC5771, RFC6335)
(Also BCP0037) (Status: BEST CURRENT PRACTICE)

6335 Internet Assigned Numbers Authority (IANA) Procedures for the
Management of the Service Name and Transport Protocol Port
Number Registry. M. Cotton, L. Eggert, J. Touch, M. Westerlund,
S. Cheshire. August 2011. (Format: TXT=79088 bytes) (Updates
RFC2780, RFC2782, RFC3828, RFC4340, RFC4960, RFC5595) (Also
BCP0165) (Status: BEST CURRENT PRACTICE)

or you can get it from

http://www.ietf.org/rfc/rfc0000.txt
http://www.faqs.org/rfcs/rfc0000.html
http://www.rfc-editor.org/rfc/rfc0000.txt
http://www.ccd.bnl.gov/network/general/rfc0000.html
http://www.cis.ohio-state.edu/htbin/rfc/rfc0000.html

replace the four zeros with the four digit RFC number.

>> the ietf.org file does contain a mail contact.

> Except that the domain <william&royere.net> does not exist.

Ah, foiled by the RFC-editor (trying to foil mail-name harvesters,
it would be obvious if you looked at the ietf page above) - the "&"
symbol gets replaced by an "@" and you've got it. Unfortunately, if
you look up the domain, it seems to be parked (inactive). Worse,
whois says the nameservers are ns1 and ns2.parkednameserver.com -
which also doesn't resolve. In other words, you can't get there
from here. The domain registration expires this August 1.

>A web search of "William_Randolph_Roy" or "William Randolph Roy"
>yields nothing.

Try "William Randolph Royere III" - you're being bit by the XML
crap on that URL listed above.

Old guy

[James Moe]

On 02/11/2013 05:56 PM, Moe Trin wrote:
>> A web search of "William_Randolph_Roy" or "William Randolph Roy"
>> >yields nothing.

> Try "William Randolph Royere III" ...
>
Okay. Thanks.

[James Moe]

On 02/11/2013 04:39 PM, David W. Hodgins wrote:
>
> Running a search on "hippa reporting protocol" leads me to the impression
> that it's used for U.S. health care exchange of info between doctors,
> hospitals, and medicare.
>

You are running afoul of search engines' eagerness to correct your
"obvious" misspelling of HIPAA with HIPPA.
Google is the only search engine that will actually *not* do so if you
put tHIPPA in double quotes. Bing, Yahoo, AltaVista, Dogpile all
"correct" it for you regardless of quoting.
I am truly curious about HIPPA, not HIPAA.

[Moe Trin]

On Tue, 12 Feb 2013, in the Usenet newsgroup comp.os.linux.misc, in article
<kfc2st$2sb$1...@dont-email.me>, J G Miller wrote:

>What Moe Trin (The Old Guy) pointed out was that the services
>file is not authoritative, but one needs to go to the official
>site to get the authoritative list of what should be on which
>port.

And even that has to be taken with a large amount of salt. The
"service-names-port-numbers" data is more useful of "if you want
to connect to service $FOO, what port number should it be found".
But there is absolutely no requirement that service $FOO can only
be on port $BAR, and what is actually on port $BAR may be ANYTHING.
Long ago in a galaxy far away, we used to park a telnet server on
port 101/tcp. Those in the know knew this, and could connect. The
rest of the world didn't know this, and tried mightily to connect on
port 23 only to receive an ICMP Type 3 Code 3 (Port unreachable).

Well-known and registered ports are so that you know where to look.
The list serves NO other purpose.

The /etc/services file exists as a convenience - so that (for example)
"/bin/netstat -n" can translate a port number into a likely service
name or firewall rules can use service names rather than port numbers.

>The only way to get a definitive answer to this question is to find
>who wrote the original services file with hippad on 2998 and
>on what information they based that construction.

That would be the ietf.org file - and the port was registered by an
individual who was following RFC2780 - see the index listing I
included in my second response to James Moe.

Old guy

[Keith Keller]

On 2013-02-12, James Moe <jimoe...@sohnen-moe.com> wrote:
>>
> You are running afoul of search engines' eagerness to correct your
> "obvious" misspelling of HIPAA with HIPPA.

Duck Duck Go won't autocorrect, though many of its results return
information about HIPAA.

With so little information about HIPPA out there, is it possible that
it's Yet Another Typo for HIPAA?

--keith

--
kkeller...@wombat.san-francisco.ca.us
(try just my userid to email me)
AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt
see X- headers for PGP signature information

[J G Miller]

On Tuesday, February 12th, 2013, at 00:56:39h +0000,
Moe Trin suggested:

> Try "William Randolph Royere III"

Is that the same William Randolph Royere III who
spent 34 months in prison for "hacking ATM machines and
taking buckets of $20 bills that didn't belong to him"
and subsequently getting well paid as a computer security
consultant?

<http://blogs.knoxnews.COM/harris/2010/04/palin-e-mail-hacker-vs-past-computer-crimes.html>

[Bruce Sinclair]

The duck doesn't correct either (though it did offer a few alternates as
well. :) )

https://duckduckgo.com/

[James Moe]

On 02/11/2013 07:21 PM, Keith Keller wrote:
>
> With so little information about HIPPA out there, is it possible that
> it's Yet Another Typo for HIPAA?
>

No.

[The Natural Philosopher]

On 12/02/13 07:35, James Moe wrote:
> On 02/11/2013 07:21 PM, Keith Keller wrote:
>>
>> With so little information about HIPPA out there, is it possible that
>> it's Yet Another Typo for HIPAA?
>>
> No.
>

Indeed. being idly bored, I looked through all the googly stuff and it
looks very much as if someone somewhere concocted a protocol, registered
it and nothing ever came of it.

Probably because everyone else used snmp or something.

Or Royere went to jail

"Royere, the man with the Faulkner-esque name and a like manner, spent
34 months in prison. His crime did not garner the public imagination as
did Mitnick's exploits. Royere's crime was much more mundane: hacking
ATM machines and taking buckets of $20 bills that didn't belong to him.

I interviewed Royere and Mitnick after they paid their debts to society
and had launched successful careers as computer security consultants and
authors. I haven't talked to either of them in years, but I suspect they
are doing well."

[Aragorn]

On Tuesday 12 February 2013 00:39, David W. Hodgins conveyed the
following to comp.os.linux.misc...

> On Mon, 11 Feb 2013 17:00:55 -0500, James Moe
> <jimoe...@sohnen-moe.com> wrote:
>
>> Yes. And they all say "HIPPA Reporting Protocol" uses port 2988;
>> that's all. So I was curious at the remarkable lack of information. I
>> had thought the breadth of knowledge and experience represented by
>> this list might know what search engines cannot provide.
>
> Running a search on "hippa reporting protocol" leads me to the
> impression that it's used for U.S. health care exchange of info
> between doctors, hospitals, and medicare. See
> http://www.hhs.gov/ocr/privacy/hipaa/understanding/index.html

Having seen and read this thread, the above was also the only
information I could find on HIPPA on both Google and Wikipedia. You
type in "HIPPA" and it redirects you to "HIPAA".

Google is not our friend. :p

--
= Aragorn =
(registered GNU/Linux user #223157)