Date: Mon, 24 Jan 2005 16:10:55 -0600 From: John <john@starfire.mn.org> To: Colin Alston <karnaugh@karnaugh.za.net> Cc: Hexren <me@hexren.net> Subject: Re: sshd port number ? Message-ID: <20050124161055.B6072@starfire.mn.org> In-Reply-To: <41F56590.1070303@karnaugh.za.net>; from karnaugh@karnaugh.za.net on Mon, Jan 24, 2005 at 11:16:00PM %2B0200 References: <20050124210109.GA14171@SDF.LONESTAR.ORG> <12318458361.20050124221023@hexren.net> <41F56590.1070303@karnaugh.za.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 24, 2005 at 11:16:00PM +0200, Colin Alston wrote: > Hexren wrote: > > >> How does that make sshd less secure if its on a port above > >> 1024 ? > >If ssh ever goes down, a user could start his own compromised > >version of ssh and do some nasty stuff. The same user could not do > >that if the connecting side would expect sshd to be on a privileged > >port because the system ensures that only procs running with superuser > >privileges can bind to a privileged port. > > > > > And to note, ports <1024 are what we reffer to as "privileged ports", ie > - only root, or processes running as root, can open/close/mess them. OK, but this only applies to secury and well-managed systems. Early versions of Windows did nothing to restrict the use of ports below 1024, and any hacker out there with a Linux or FreeBSD box can start any service he likes to listen on a port below 1024, or have an application run to open a connection on a port below 1024. I'm sure the writer was aware of this - I just want to make sure that newcomers and lurkers don't put too much confidence in the port number of a connection. -- John Lind john@starfire.MN.ORG
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050124161055.B6072>