Hi Jose :
Thanx for the immed reply.
I was talking abt sshd listening on the server rather that the client viz
inbound trafics.
My lsof O/p looks like this on the server:
sshd1 938 root 4u inet 0x30004dceb88 0t0 TCP *:sshd (LISTEN)
sshd1 10774 root 9u inet 0x30014010468 0t0 TCP *:6010 (LISTEN)
If I connect again, I can see sshd1 listening on port no. 6011 as well ( and
6011 is the max. it keeps as the upper limit )
sshd1 27292 root 9u inet 0x300440c2628 0t0 TCP *:6011 (LISTEN)
tia,
Tux
===.
On Wed, 14 Mar 2001, Jose Nazario wrote:
> On Wed, 14 Mar 2001, Satish Ramaswamy wrote:
>
> > sshd, listens on port no. 22 and when somebody connects using ssh,
> > sshd forks and establishes a connection at the highest_available_port.
>
> no, the client is still connected at 22/TCP. just like SMTP, Telnet, HTTP,
> etc ...
>
> the client's OUTBOUND port is set, by default, to be below 1024, but this
> can be turned off in the config using UsePrivilidgedPort (and a non-suid
> root client ssh).
>
> as such firewalling is easy.
>
> ____________________________
> jose nazario [EMAIL PROTECTED]
> PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
> PGP key ID 0xFD37F4E5 (pgp.mit.edu)
--
/___^__\
___====-_ ^ _-====___
_--~~~#####// \\#####~~~--_
-~##########// ( ) \\##########~-_
-############// |\^^/| \\############-
_~############// (O||O) \\############~_
~#############(( \\// ))#############~
-###############\\ (**) //###############-
-#################\\ / `' \ //#################-
-###################\\/ () \//###################-
_#/|##########/\######( (()) )######/\##########|\#_
|/ |#/\#/\#/\/ \#/\##| \()/ |##/\#/ \/\#/\#/\#| \|
` |/ vVVv ` vVv )|| |()| ||( V ' V /\ \| '
` ` ` / | |()| | \
( | |()| | )\ #####
___\ |__|()|__| /__\______/|/#\ \
(vvv) (vvvv)(vvvv)(vvv)#######/ \ \
\ \
VVV
v
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
