On Thu, Oct 19, 2000 at 11:07:16PM +0200, Srebrenko Sehic wrote: :) Hello :) :) Is is possible to prevent ordinary users from opening unprivliged ports :) (>1024 tcp/udp)? If yes, how? :) :) I've tried virtually every possible way to do this, but with no luck. :) :) I have a single NIC on my Linux box. :) :) Can somebody shed som light on this issue? :) :) Thanks :) -- haver
hi reading replies to this question, here's another way. I suggest something like /sbin/ipchains ... -p tcp -y -d your.box 1024: -j DENY this actually don't stop opening of high ports but stops (really?) from getting connections to these ports. (stop SYN packet) big trouble is UDP : actualy cannot stop all traffic to ports above 1023 but I do hope that UDP's from bellow 1023 to above 1023 are OK. right ? <brainstorming> what about daemon, catches open ports from `netstat -anp -A inet` killing all not permitted. </brainstorming> bye. (helps a little?) t!kotek -- <tiko> [EMAIL PROTECTED] work=UVT_TU_Kosice home=undef </tiko> M$ Antivirus Warning : This will install Linux on your system [Y/n]
