North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Cisco says attacks are due to operational practices
On Fri, Feb 11, 2000, Bora Akyol wrote: > > Unfortunately, ssh on linux regularly assigns ports when ssh'ing out from a box > below 1024, I think this is a bug, but make writing firewall commands annoying. > > Bora Its not a bug, its a leftover from rsh days - if the connection originates from a port below 1024, you could assume *cough* that the credentials the connection supplies are authentic, since the process needs to be root to bind to ports < 1024. This isn't a "but thats flawed!" discussion seed, take that to bugtraq. There's a flag to ssh somewhere to stop it doing that. Yup, -P . Adrian
|