On 2006.07.10 16:07:06 +0200, Iang wrote: > Brian Candler wrote: > > >Note that only root can bind to reserved ports. > > ... > > >This mechanism is only valid for trusted hosts, of course. If you allow a > >random person to put their own PC on the network, they can of course send > >packets from privileged ports (either by installing Unix with their own > >root > >password, or by installing DOS and sending packets which come from > >privileged ports) > > I gather that it is now possible to disable the > privileged ports thing on FreeBSD at least. > > (Thank heavens, I say :)
Actually it is, but it would obviously be a stupid idea to do so any place where privileged ports are required... [EMAIL PROTECTED]:~] sysctl net.inet.ip.portrange.reservedhigh net.inet.ip.portrange.reservedlow net.inet.ip.portrange.reservedhigh: 1023 net.inet.ip.portrange.reservedlow: 0 -- Simon L. Nielsen
pgphVtBZOxgO0.pgp
Description: PGP signature
