Private port numbers?

• Previous message (by thread): Death of IPv6 Site-Local (was Re: Private port numbers?)
• Next message (by thread): ftp.gnu.org compromised
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 13 Aug 2003, Crist Clark wrote:

> 
> Iljitsch van Beijnum wrote:
> > 
> > Be damned if you filter, be damned if you don't. Nice choice.
> > 
> > I think it's time that we set aside a range of port numbers for private
> > use. That makes all those services that have no business escaping out
> > in the open extremely easy to filter, while at the same time not
> > impacting any legitimate users.
> 
> Cool. So if you use private ports, you'll be totally protected from the
> Internet nasties (and the Internet protected from your broken or malicious
> traffic) in the same way RFC1918 addressing does the exact same thing now
> at the network layer.

Erm? Unless your nasty uses TCP (requiring two-way) you still get the same 
potential to spread worms etc as you do on 1918 currently

> I'm sure everyone will filter private ports just as effectively as RFC1918
> and martian addresses are filtered at borders now.

Whoa people filter these things, news to me!

Steve

> 
> Can't wait to read the draft and RFC. Rock on.
> 

• Previous message (by thread): Death of IPv6 Site-Local (was Re: Private port numbers?)
• Next message (by thread): ftp.gnu.org compromised
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]