This is really a newbie question regarding TCP Communication.
Is TCP Communication a 2-way communication?
Let me give a scenario: One program is listening to a TCP port, say port 25. An external program connects to the first program's IP address (port 25) with a random outgoing port, say port 45000
Since the first program is just listening, does that mean that
Any replies are highly appreciated
TCP is always 2-way. There is no 'send and forget' as with UDP. The first Program would have to open a Server Socket. This means, that it listens on port 25 for a TCP SYN (A flag, that signals that a connection is being opened). If your second program connects on port 25 (from port 45000), that connection is identified by 4 values, IP of your host, Port of your host, IP of the remote host, Port of the remote host. At this moment, where the 3-Way handshake (SYN, SYN ACK, ACK) is done, the first program gets a client socket from the server socket returned, which is connected to your second program. So yes, as soon as the connection is made, it is a 2-way communication and you are vulnerable.
Firewalls mostly block incoming traffic. If your first program was behind a firewall, and had not configured the firewall correctly, the firewall would drop the SYN-Packets from the second program. No connection would be made. A firewall can also check outbound connections, if configured correctly.
As I said. As soon as you have connected to the remote program, the remote program gets a client socket, just like your local program, through which all communication is done.