Mike Silbersack wrote:
On Sat, 1 Mar 2008, Fernando Gont wrote:
Folks,
This patch changes the default ephemeral port range from 49152-65535
to 1024-65535. This makes it harder for an attacker to guess the
ephemeral ports (as the port number space is larger). Also, it makes
the chances of port number collisions smaller.
(http://www.ietf.org/internet-drafts/draft-ietf-tsvwg-port-randomization-01.txt)
There are a number of commonly used ports above 1000, such as nfs and
x11. I think OpenBSD uses 10000-65535, maybe that's a safer choice to go
with.
Agreed about 10000-65535.
--
Andre
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
