From owner-freebsd-questions@FreeBSD.ORG  Mon Jan 24 21:15:54 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2763616A4CE
	for <freebsd-questions@freebsd.org>;
	Mon, 24 Jan 2005 21:15:54 +0000 (GMT)
Received: from fedex.is.co.za (fedex.is.co.za [196.4.160.243])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7F30C43D3F
	for <freebsd-questions@freebsd.org>;
	Mon, 24 Jan 2005 21:15:53 +0000 (GMT)
	(envelope-from karnaugh@karnaugh.za.net)
Received: from [127.0.0.1] (c3-dbn-16.dial-up.net [196.39.44.16])
	by fedex.is.co.za (Postfix) with ESMTP
	id BA47EC6F2C; Mon, 24 Jan 2005 23:15:07 +0200 (SAST)
Message-ID: <41F56590.1070303@karnaugh.za.net>
Date: Mon, 24 Jan 2005 23:16:00 +0200
From: Colin Alston <karnaugh@karnaugh.za.net>
User-Agent: Mozilla Thunderbird 0.9 (Windows/20041103)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Hexren <me@hexren.net>
References: <20050124210109.GA14171@SDF.LONESTAR.ORG>
	<12318458361.20050124221023@hexren.net>
In-Reply-To: <12318458361.20050124221023@hexren.net>
Content-Type: multipart/mixed;
 boundary="------------020304070008000700090406"
X-Antivirus: avast! (VPS 0503-2, 01/21/2005), Outbound message
X-Antivirus-Status: Clean
X-Content-Filtered-By: Mailman/MimeDel 2.1.1
cc: Kosta Kilim <kopno@sdf.lonestar.org>
cc: freebsd-questions@freebsd.org
Subject: Re: sshd port number ?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Jan 2005 21:15:54 -0000

This is a multi-part message in MIME format.
--------------020304070008000700090406
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Hexren wrote:

>> How does that make sshd less secure if its on a port above                                
>> 1024 ?  
>If ssh ever goes down, a user could start his own compromised
>version of ssh and do some nasty stuff. The same user could not do
>that if the connecting side would expect sshd to be on a privileged
>port because the system ensures that only procs running with superuser
>privileges can bind to a privileged port.
>  
>
And to note, ports <1024 are what we reffer to as "privileged ports", ie 
- only root, or processes running as root, can open/close/mess them.

-- 
Colin Alston <karnaugh@karnaugh.za.net>

About the use of language: 
  "It is impossible to sharpen a pencil with a blunt axe.  It is 
  equally vain to try to do it with ten blunt axes instead."
   -- E.W.Dijkstra, 18th June 1975. (Perl did not exist at the time.)


--------------020304070008000700090406--