Mailinglist Archive: opensuse-security (555 mails)

< Previous Next >
Re: [suse-security] Message Log Question
  • From: "Martin Brecher" <m.brecher@xxxxxxx>
  • Date: Wed, 09 May 2001 16:06:50 +0200
  • Message-id: <14xUao-0y2i6iC@xxxxxxxxxxxxxxxxxxxxxxx>
>So, in my firewall script I have no possibility to decide if an incoming packet to a port
>in this range is to be allowed or not. If I have seperate port ranges for local and
>masqueraded connection, this decision can be based on the port range. OTOH, I don't
>know if a program cannot be told to use a port outside the local portrange. I suppose
>it can, in which case this discussion would be somewhat useless.

When using ssh as root it used <1024 when I tried.
That's quite nice because so root connection attempts from the firewall
are denied automatically by my chains.

- Martin
---
The Internet was invented as a highly dependable, high-speed, distributed, secure, and powerful network so that
in the event of a nuclear crisis, military officials would always have access to pornography.



< Previous Next >
References