At 12:18 PM 5/22/96 +0200, Eric .
Berenguier @
sycomore .
fr (Eric Berenguier) wrote:
>
>Can i be sure source port is > 1023 ?
>The RFC doesn't tell anything about this,
>i'm not sure sendmail doesn't use a port <= 1023 because it's
>run as root.
There is a switch in sendmail that will use a source port below 1023, but I
have found it's use uncommon (someone please correct me if I am wrong). I
had alot of conversation with a particular sys-admin WRT this issue. His
claim was that it was more "secure" because the source port was <1024 and
only root can use these ports. I beg to differ, but that is another issue
altogether.
On p.344 of _Building Internet Firewalls_, Chapman and Zwicky note that the
source port for an inbound SMTP connection should be >1023. I concur,
although I have not been able to dig up documentation on the TCP protocol
that says that source ports should be >1023 even though it seems to be the
general practice.
Could someone point out where this would be documented other than in the
noted text above? I'm sure it's in one of the Comer books or possibly one
of Stevens, but I just have not had the time to dig back through them.
Best Regards,
---
Joseph L. (Joe) Moll mailto:jmoll @
acquion .
com
Network and Communications Engineering
http://www.acquion.com phone:864-281-4108 fax:864-281-4576
ACQUION, Inc. Greenville, SC USA -- Specialists in Electronic Commerce
disclaimer: This email is not to be considered official correspondence
---
|
|
