|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Cisco says attacks are due to operational practices
Unfortunately, ssh on linux regularly assigns ports when ssh'ing out from a box below 1024, I think this is a bug, but make writing firewall commands annoying. Bora "John M. Brown" wrote: > Umm, lets see, hosts are supposed to assign ports for sessions above 1024. > Ports below 1024 are "priv / root" ports and are assigned for specific > services. > > We filter <1023 >1023 we don't care about so much, except for a couple of > well known ones. > > On Thu, Feb 10, 2000 at 07:02:25PM -0800, Chris Cappuccio wrote: > > > > Did anyone even read the post I was responding to ?? > > > > >On Thu, 10 Feb 2000, John M. Brown wrote: > > >| We have always built martian filters on our edge routers. In addition we > > >| built specific filters for ports that are not used, or are bad on the net. > > > > "Ports that are not used" What about when the tcp stack on a particular > > machine dynamically allocates a particular port for some tcp connection and > > you are filtering that port ? etc.... > > > > > > > > On Thu, 10 Feb 2000, Paul Ferguson wrote: > > > > | I did't see anyone talking about port-level filtering. What > > | I did see, on the other hand, was someone talking about about > > | filtering Martian network traffic -- stuff which should not > > | be there in the first place. > > | > > | - paul > > | > > | > > | > > > > --- > > Gates' Law: Every 18 months, the speed of software halves. > > > >
|