>On Saturday 27 March 2004 15:20, James Craig Burley wrote:
>> >On 25 Mar 2004, James Craig Burley wrote:
>> >> Basically true, but that's only one aspect of tarpitting. Since the
>> >> spammer has to keep open an available port, that's one less port he
>> >> can use from any given IP address (using vanilla port management) to
>> >> blast out his spam.
>> >
>> >No. That's one less port he can use to connect to you (on any given
>> >destination port). He can still use the same source port to connect to
>> >others. TCP connections are four-tuples.
>>
>> Should I not trust O'Reilly's "TCP/IP Network Administration", by
>> Craig Hunt, Second Edition, page 46, where it says, among other things
>> consistent with this,
>>
>> It is the pair of port numbers, source and destination, that
>> uniquely identifies each network connection.
>>
>> or do you think it is just simplifying things for the benefit of its
>> audience?
>
>I think there is an implicit 'between two given hosts' at the end of the
>O'Reilly sentance.
Not necessarily. Have you read the entire context, including the
description of how an application obtains a dynamic port number?
Certainly there is an implicit "from the point of view of the
connecting host", since the text is describing things from that host's
point of view.
But the context includes this statement, earlier on:
The system ensures that it does not assign the same [dynamically
allocated] port number to two processes, and that the numbers
assigned are above the range of standard port numbers.
Subsequently:
If a telnet user is assigned port number 23 for both the source and
destination ports, what port numbers are assigned to the second
concurrent telnet user?
Strictly speaking, these tidbits are not *necessarily* true, because:
1. As long as each outgoing connection is to a different IP
address, the same dynamic port can be assigned to multiple
processes or users.
2. There's no particular importance to the process boundary when it
comes to access to external media (the network) supporting an
arbitrary number of asynchronous connections.
So not only can multiple processes use the same dynamic port,
which is disambiguated by the destination IP address, but in
fact, if they can't, then it's likely that neither can a
*single* process use the same dynamic port to connect to
multiple IP addresses at the same time.
3. Dynamic ports can also be disambiguated by *source* IP address.
So, again, the question is, what does "vanilla port management" say
about the text -- that it's flat-out wrong, or that the text is
correctly describing how vanilla port management actually works?
--
James Craig Burley
Software Craftsperson
<http://www.jcb-sc.com>
