From owner-freebsd-questions@FreeBSD.ORG  Mon Jan 24 22:11:16 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2FC0016A4CE
	for <freebsd-questions@freebsd.org>;
	Mon, 24 Jan 2005 22:11:16 +0000 (GMT)
Received: from dexter.starfire.mn.org (starfire.skypoint.net [66.93.17.236])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8BCFB43D5A
	for <freebsd-questions@freebsd.org>;
	Mon, 24 Jan 2005 22:11:15 +0000 (GMT)
	(envelope-from john@dexter.starfire.mn.org)
Received: (from john@localhost)
	by dexter.starfire.mn.org (8.11.3/8.11.3) id j0OMAtp06346;
	Mon, 24 Jan 2005 16:10:55 -0600 (CST)
	(envelope-from john)
Date: Mon, 24 Jan 2005 16:10:55 -0600
From: John <john@starfire.mn.org>
To: Colin Alston <karnaugh@karnaugh.za.net>
Message-ID: <20050124161055.B6072@starfire.mn.org>
References: <20050124210109.GA14171@SDF.LONESTAR.ORG>
	<12318458361.20050124221023@hexren.net> <41F56590.1070303@karnaugh.za.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <41F56590.1070303@karnaugh.za.net>;
	from karnaugh@karnaugh.za.net on Mon, Jan 24, 2005 at 11:16:00PM +0200
cc: Kosta Kilim <kopno@sdf.lonestar.org>
cc: freebsd-questions@freebsd.org
cc: Hexren <me@hexren.net>
Subject: Re: sshd port number ?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Jan 2005 22:11:16 -0000

On Mon, Jan 24, 2005 at 11:16:00PM +0200, Colin Alston wrote:
> Hexren wrote:
> 
> >> How does that make sshd less secure if its on a port above                                
> >> 1024 ?  
> >If ssh ever goes down, a user could start his own compromised
> >version of ssh and do some nasty stuff. The same user could not do
> >that if the connecting side would expect sshd to be on a privileged
> >port because the system ensures that only procs running with superuser
> >privileges can bind to a privileged port.
> >  
> >
> And to note, ports <1024 are what we reffer to as "privileged ports", ie 
> - only root, or processes running as root, can open/close/mess them.

OK, but this only applies to secury and well-managed systems.
Early versions of Windows did nothing to restrict the use of ports
below 1024, and any hacker out there with a Linux or FreeBSD box
can start any service he likes to listen on a port below 1024, or
have an application run to open a connection on a port below 1024.

I'm sure the writer was aware of this - I just want to make sure
that newcomers and lurkers don't put too much confidence in the
port number of a connection.
-- 

John Lind
john@starfire.MN.ORG