Tugger the SLUGger!SLUG Mailing List Archives

Re: [SLUG] Security Breach

Adrian Chiang wrote:
> Robert Graham's website has some info on port 1024:
> http://www.robertgraham.com/pubs/firewall-seen.html
> quoted below -
> "1024 ----- Many people ask the question what this port is used for. The
> answer is that this is the first port number in the dynamic range of ports.
> Many applications don't care what port they use for a network connection, so
> they ask the operating system to assign the "next freely available port". In
> point of fact, they as for port 0, but are assigned one starting with port
> 1024. This means the first application on your system that requests a
> dynamic port will be assigned port 1024. You can test this fact by booting
> your computer, then in one window open a Telnet session, and in another
> window run "netstat -a". You will see that the Telnet application has been
> assigned port 1024 for its end of the connection. As more applications
> request more and more dynamic ports, the operating system will assign
> increasingly higher port numbers. Again, you can watch this effect with
> 'netstat' as your browse the Internet with your web browser, as each
> web-page requires a new connection. "
> not sure about 587...
587 is submission and is used by sendmail
I will assume you are using RedHat 7.0 as 
this is on by default, edit /etc/sendmail.cf
to turn it off if you wisyh
"kevin@xxxxxxxxxxx kevin"@oceania.net
"Democracy is two wolves and a lamb voting on what to have for lunch. 
Liberty is a well-armed lamb contesting the vote."
~Benjamin Franklin, 1759