[PLUG] Unprivileged ports to unprivileged ports...
Chuck Hast
wchast at gmail.com
Sat Apr 22 02:03:21 UTC 2017
I have always liked "drop".
On Fri, Apr 21, 2017 at 6:05 PM, Cryptomonkeys.org <louisk at cryptomonkeys.org
> wrote:
> Typically, connections come from unprivileged ports. The destination is a
> mixed bag. Some services run on privileged ports, some done. Web and mail
> are examples of things that run on privileged ports. Databases (mysql 3306,
> postgresql 5432) are examples of things that don’t run on privileged ports.
>
> Best practice is to either block or drop connections to ports where you
> aren’t running services. The choice is yours. The difference is that block
> sends a communication back to the sender letting them know communication is
> prohibited, drop does not do this.
>
>
> > On Apr 21, 2017, at 7:02 PM, Michael Christopher Robinson <
> michael at robinson-west.com> wrote:
> >
> > I'm getting a lot of probes from unprivileged TCP ports to unprivileged
> > TCP ports on my Internet connected server. No connections, but I'm
> > wondering if I should just reject these? Same for UDP. What protocols
> > might I use that would require connection in the unprivileged port
> > range for both client and server? I'm not running ftp on this server.
> > _______________________________________________
> > PLUG mailing list
> > PLUG at lists.pdxlinux.org
> > http://lists.pdxlinux.org/mailman/listinfo/plug
> >
> >
>
> --
> Louis Kowolowski louisk at cryptomonkeys.org
> Cryptomonkeys:
> http://www.cryptomonkeys.com/
>
> Making life more interesting for people since 1977
>
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>
--
Chuck Hast -- KP4DJT --
Glass, five thousand years of history and getting better.
The only container material that the USDA gives blanket approval on.
More information about the PLUG
mailing list