On Fri, Dec 12, 2003 at 06:17:46PM -0700, Brett Glass wrote: > > In practice, I think we need to come up with something better than the > notions of "well-known" and "privileged" ports. Something that, unlike > portmap, is easy for firewalls to work with.
It's not so easy, because malware is not likely to be so polite as to keep to fixed source ports. In fact, your real problem is with lazy firewalls that can't tell UDP responses from requests. A stateless firewall is an ACL, not a firewall. That works not so badly for TCP but is simply inadequate for UDP. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
