Mailinglist Archive: opensuse-security (636 mails)

< Previous Next >
Re: AW: AW: [suse-security] dns hijack attack
  • From: Roman Drahtmueller <draht@xxxxxxx>
  • Date: Tue, 6 Feb 2001 12:20:01 +0100 (MET)
  • Message-id: <Pine.LNX.4.30.0102061217480.26556-100000@xxxxxxxxxxxx>
> > Now I just wonder why you filter these packets.
>
> Because the --sport is too low. Normally clients and servers query from
> 1024: --> 53 udp. This is 99% of all cases. for 1% I will not open the
> 1:1023 ports.

Ok, this is of course a reason. I am not aware on how other non-unix
operating systems use their ports (never used filters made for the
privileged port range), 1% is a nice figure to know, though.

> Philipp

Thanks for the information,
Roman.
--
- -
| Roman Drahtm├╝ller <draht@xxxxxxx> "Caution: Cape does not |
SuSE GmbH - Security enable user to fly."
| N├╝rnberg, Germany (Batman Costume warning label) |
- -


< Previous Next >
References