On Tue, May 21, 2013 at 12:53 PM, Nick Khamis <sym...@gmail.com> wrote: > Neal, > > As for the --sport flag for OUTPUT, should it not be left arbitrary? > The SSH daemon should use unprivileged ports between 1024 and 65535. > The only daemon I know thus far that does not is NTP which is > hardwired to 123 both ways. >
Most daemons send/receive on the same port on the server. The port used by the /client/ is generally random. An exception would be an FTP daemon, which uses port 20 for active mode data connections, but a random port for passive data connections. FTP is weird like that.
