I think the name of the law is Murphy's law. ;0) Danil Sholokhov -----Original Message----- From: listadmin@linuxsecurity.com [mailto:listadmin@linuxsecurity.com]On Behalf Of Dennis Stout Sent: Sunday, March 03, 2002 3:23 PM To: security-discuss@linuxsecurity.com Subject: Re: new to list, wuestion about firewalling ports over 1024 Nevermind, I found a doc.... What law is that? The one where you bang your head around on something, ask for help, then suddenly don't need it anymore? Hrm. I'll nickname it Stout's Law until someone tells me otherwise :) So I cna open ranges but MSN is still broken. Oh well =P Proberbly a module out there for it... Dennis Stout ----- Original Message ----- From: "Troy Billington" <doshelp@doshelp.com> To: <security-discuss@linuxsecurity.com> Sent: Sunday, March 03, 2002 6:30 AM Subject: RE: new to list, wuestion about firewalling ports over 1024 You may need a very limited number of "dynamic ports", generally speaking it would be something like 1024-5000 not all the way to 65535 that's leaving way too much room for trojans/backdoors to operate freely. If I were you, id spend time examining your services for their port requirements and allocate only those range of ports. -----Original Message----- From: listadmin@linuxsecurity.com [mailto:listadmin@linuxsecurity.com]On Behalf Of Martin Kacerovsky Sent: Sunday, March 03, 2002 9:53 AM To: security-discuss@linuxsecurity.com Subject: new to list, wuestion about firewalling ports over 1024 And here's my question (if somebody can explain me), how is it with ports over 1024? I've read it's secure to leave them open, but I thing it will be more secure to close them :) So is it possible to choose exactly these ports I really need? For example I am running sshd, ftpd, netbios-* and talkd and with iptables I accept everything on ports over 1024 and below 1024 I refuse everything with exceptions on ports 21,22,... TIA -- Regards Martin Kacerovsky, student of the Faculty of Mathematics and Physics at the Charles University in Prague, in the Czech Republic, in Europe, on Earth, in the Universe where Linux operating system rules... ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
