Date: Thu, 20 Jan 2000 10:06:51 -0800 From: Andre Gironda <andre@sun4c.net> To: matt <matt@ARPA.MAIL.NET> Cc: FreeBSD-SECURITY <security@FreeBSD.ORG> Subject: Re: legit udp ports for traceroute Message-ID: <20000120100650.A27441@toaster.sun4c.net> In-Reply-To: <Pine.BSF.4.21.0001201242380.2995-100000@w01.arpa-canada.net>; from matt on Thu, Jan 20, 2000 at 12:43:36PM -0500 References: <Pine.BSF.4.21.0001201242380.2995-100000@w01.arpa-canada.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Matt, I'm pretty sure it's >30000. only open up icmp type codes 0 and 11 (i think traceroute needs those as well), and those really high udp ports. actually i think traceroute is ports 33434 >< 33465, but there are a few different traceroute programs/versions out there, you might want to check the source and see what they all use. dre On Thu, Jan 20, 2000 at 12:43:36PM -0500, matt wrote: > > Sorry if this is off-topic, but I'm wondering what range of udp ports is > used by legitimate traceroutes? I generally deny udp, but would like to > open up enough so that traceroutes could go through to a certain machine. > > thanks, > > -Matt > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- This program has been brought to you by the language C and the number F. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000120100650.A27441>