On Friday 20 June 2003 11:29 am, Praise wrote:
Alle 02:48, venerdì 20 giugno 2003, Tom Emerson ha scritto:
... [and in some truly rare occurances, it might affect the occaisional connection you make to the outside world, but that would only occur twice in 65,530-ish connections or so...]
You are never using port under 1024 to connect to the outside world, acting as a normal user. port below 1024 require root permission to be used.
I know that is true when listening for traffic [i.e., the "server" side of the equation] but I thought the "client" side was assigned a [theoretically] random port, and I couldn't remember if the pool of "random port numbers" included ports below 1024. [and by the same token, I don't recall whether or not the SOURCE port is subject to the must-be-root limitation for ports below 1024 or not] I *do* know people have tried this to spoof firewalls into allowing a connection from the outside by "posing as" a webserver [in other words, the firewall allows connections to port 80 "on the outside", so the perp sets his program to force the "client" side connection to be on port 80 and tries to open a connection on the "inside" to a protected port number. If the firewall isn't stateful, it might allow the connection to occur because as far as the firewall is concerned, this would appear to be "in response to..." an actual web request.] -- Yet another Blog: http://osnut.homelinux.net