Unprivileged Ports

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: CraigWhiteCraigWhite@AzApple.com
Date:  
Subject: Unprivileged Ports
Besides the xfs - has anyone ever experienced attacks at the higher numbered
ports?

The reason that I am asking is if block the ports 1024:65536 using ipchains

something like...
ipchains -A input -j ACCEPT ! -y -p tcp -s 0/0 -d $extIP 1024:65536

which only allows return packets in the high ranges and then people using
Netscape for a PASV ftp connection are rejected by a rule further down that
specific rejects that which is not specifically allowed.

Can I force them to use a specific port via html?

i.e. <a href="ftp.somewhere.com:10000></a> ?

Is there a decent or better way to handle this?

Craig

----:----|----:----|----:----|----:----|----:----|----:----|
- Craig White - PO Box 8634 - Scottsdale, Arizona - 85252
- e-mail address ................ -
- world wide web address ........ - http://www.AzApple.com
- e-mail my pager address ....... -
- cellular phone ................ - (602) 377-9752
- voice/facsimile ............... - (480) 945-8445
----:----|----:----|----:----|----:----|----:----|----:----|