North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Cisco says attacks are due to operational practices

  • From: adrian
  • Date: Fri Feb 11 14:22:24 2000

On Fri, Feb 11, 2000, Bora Akyol wrote:
> 
> Unfortunately, ssh on linux regularly assigns ports when ssh'ing out from a box
> below 1024, I think this is a bug, but make writing firewall commands annoying.
> 
> Bora

Its not a bug, its a leftover from rsh days - if the connection originates
from a port below 1024, you could assume *cough* that the credentials the
connection supplies are authentic, since the process needs to be root to
bind to ports < 1024.

This isn't a "but thats flawed!" discussion seed, take that to bugtraq.

There's a flag to ssh somewhere to stop it doing that. Yup, -P .




Adrian