Date: Fri, 6 Oct 1995 19:28:25 -0700 From: "Russell L. Carter" <rcarter@geli.com> To: chuckr@eng.umd.edu, terry@lambert.org Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: Fiskars UPS support... Message-ID: <199510070228.TAA27362@geli.clusternet>
next in thread | raw e-mail | index | archive | help
|> I don't find 'privileged ports' in my trusty O'Reillly TCP/IP book, could |> you give me a reference? I just don't see, right now, what would stop |> someone with a packet sniffer, finding how I communicate, then spoofing |> the remote. I know how to set up connections, I'm wondering about |> security, and how much is enough, when I'm talking about something that |> can shut down the machine. | |man rresvport | |A port in the range 1-1023 can only be allocated by root. That is, |those ports can only be answered by a Trojan Horse if your monitoring |system has been fully compromised. | |The spoofing is prevented because the systems that can be spoofed make |the connection to the monitoring system. That means someone can not |pretend to be the monitoring system and sending a failure warning and |cause a shutdown because connections are not made in that direction. | |The worst that someone can do is register with the monitoring system |and get powerfail notifications, and then only if you don't put |restrictions on who is allowed to connect to the monitoring system |in the first place (ie: it should be inside your firewall in any case). | | | Terry Lambert | terry@lambert.org You might also have a look at Stevens' `Unix Network Programming' Chapter 6, section 8. "Reserved Ports". Besides the SMM, this book and the TCP/IP Illustrated books should be required for FreeBSD hackers, dontchathink? Maybe WC could go into the bookseller business, or fix up promotional deals with Computer Literacy. Russell
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199510070228.TAA27362>