Date: Thu, 8 Mar 2001 16:51:29 -0500 From: Nathan Dorfman <nathan@rtfm.net> To: cjclark@alum.mit.edu Cc: Mike Silbersack <silby@silby.com>, "Giovanni P. Tirloni" <tirloni@techie.com>, freebsd-security@FreeBSD.ORG Subject: Re: 31337 Message-ID: <20010308165129.A4252@rtfm.net> In-Reply-To: <20010306001859.B1367@cjc-desktop.users.reflexcom.com>; from Crist J. Clark on Tue, Mar 06, 2001 at 12:18:59AM -0800 References: <Pine.BSF.4.33.0103052148300.15314-100000@mink.ath.cx> <Pine.BSF.4.31.0103051919430.9821-100000@achilles.silby.com> <20010306001859.B1367@cjc-desktop.users.reflexcom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> It is _rarely_ going to be opening TCP sockets and when it does, it > will be the one initiating them so they will not appear open to a > connect() scan. The odds of it happening with two unrelated connections are probably one in a gazillion, but you can apparently connect to the ephemeral port assigned to a connect() caller: nathan@matrix:~% telnet localhost 1265 Trying 127.0.0.1... Connected to localhost.binary.net. Escape character is '^]'. ^] telnet> ^Z Suspended nathan@matrix:~% sockstat | grep 1265 nathan telnet 7273 3 tcp 127.0.0.1.1265 127.0.0.1.1265 nathan@matrix:~% > -- > Crist J. Clark cjclark@alum.mit.edu -- Nathan Dorfman <nathan@rtfm.net> [http://www.rtfm.net] "The light at the end of the tunnel is the headlight of an approaching train." --/usr/games/fortune To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010308165129.A4252>