Generally speaking, do not shut down any ports above 1023.
The exception to this rule is ports with known security risks, etc (IE
NetBus, Trin00, etc)
> -----Original Message-----
> From: Chris Harvey [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, October 12, 2000 2:03 PM
> To: [EMAIL PROTECTED]
> Subject: Port education required
>
> Folks,
> I'm trying to close down some of the ports on my machine that are in the
> 1024 to 65535 range, and ideally I'd like to close them all down unless
> there is an application that I know is listening on that given port.
>
> What I see happening though is kind of interesting. If I make a DNS call
> or
> SMTP, or basically anything including HTTP. The initial call goes out of
> the
> registered port, 53, 25 and 80 respectively. However the response may come
> back in on a completely different port, usually in the range of 1037 to
> about 28xx. Is this standard TCP/IP behaviour?
>
> I'm assuming my machine is making a call into another machine on the
> registered port for the service, but also passing an alternative port
> number
> that a response should be sent back on.
>
> Therefore do I have to leave a range of ports open so that these
> conversations can happen between applications without opening up the whole
> range? Is the range defined anywhere, can I define it? Anyone know of any
> sources I can read up on this?
>
> BTW: I don't have portmapper running on the machine as I heard that was
> for
> NFS. Is that right?
>
> Chris
>
>
>
>
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
