nanog mailing list archives
Re: Cisco says attacks are due to operational practices
From: Bora Akyol <akyol () pluris com>
Date: Fri, 11 Feb 2000 10:58:08 -0800
Unfortunately, ssh on linux regularly assigns ports when ssh'ing out from a box below 1024, I think this is a bug, but make writing firewall commands annoying. Bora "John M. Brown" wrote:
Umm, lets see, hosts are supposed to assign ports for sessions above 1024. Ports below 1024 are "priv / root" ports and are assigned for specific services. We filter <1023 >1023 we don't care about so much, except for a couple of well known ones. On Thu, Feb 10, 2000 at 07:02:25PM -0800, Chris Cappuccio wrote:Did anyone even read the post I was responding to ??On Thu, 10 Feb 2000, John M. Brown wrote: | We have always built martian filters on our edge routers. In addition we | built specific filters for ports that are not used, or are bad on the net."Ports that are not used" What about when the tcp stack on a particular machine dynamically allocates a particular port for some tcp connection and you are filtering that port ? etc.... On Thu, 10 Feb 2000, Paul Ferguson wrote: | I did't see anyone talking about port-level filtering. What | I did see, on the other hand, was someone talking about about | filtering Martian network traffic -- stuff which should not | be there in the first place. | | - paul | | | --- Gates' Law: Every 18 months, the speed of software halves.
Current thread:
- Re: Cisco says attacks are due to operational practices, (continued)
- Re: Cisco says attacks are due to operational practices John M. Brown (Feb 10)
- Re: Cisco says attacks are due to operational practices Chris Cappuccio (Feb 10)
- Re: Cisco says attacks are due to operational practices John M. Brown (Feb 10)
- Re: Cisco says attacks are due to operational practices Majdi S. Abbas (Feb 10)
- Re: Cisco says attacks are due to operational practices Jared Mauch (Feb 10)
- Re: Cisco says attacks are due to operational practices Paul Ferguson (Feb 10)
- Re: Cisco says attacks are due to operational practices Chris Cappuccio (Feb 10)
- Re: Cisco says attacks are due to operational practices Paul Ferguson (Feb 10)
- Re: Cisco says attacks are due to operational practices Chris Cappuccio (Feb 10)
- Re: Cisco says attacks are due to operational practices John M. Brown (Feb 10)
- Re: Cisco says attacks are due to operational practices Bora Akyol (Feb 11)
- Re: Cisco says attacks are due to operational practices adrian (Feb 11)
- Re: Cisco says attacks are due to operational practices Adam McKenna (Feb 11)
- Re: Cisco says attacks are due to operational practices Stephen Sprunk (Feb 11)
- Re: Cisco says attacks are due to operational practices John M. Brown (Feb 10)
- Re: Cisco says attacks are due to operational practices Paul Ferguson (Feb 11)
- Re: Cisco says attacks are due to operational practices Vijay Gill (Feb 10)
- Re: Cisco says attacks are due to operational practices John M. Brown (Feb 10)
- Re: Cisco says attacks are due to operational practices Wayne Bouchard (Feb 10)
- Re: Cisco says attacks are due to operational practices Richard Steenbergen (Feb 10)
- Re: Cisco says attacks are due to operational practices Marc Slemko (Feb 10)