Gentoo Archives: gentoo-user

From: Mike Gilbert <floppym@g.o>
To: gentoo-user@l.g.o
Cc: neal.p.murphy@××××××××.edu
Subject: Re: [gentoo-user] Re: IPTables - Going Stateless
Date: Tue, 21 May 2013 22:41:20
Message-Id: CAJ0EP43Fj4a8Pk+3k+=cT6FE-nmy70R+h0q-GenwAaBN6kHz9w@mail.gmail.com
In Reply to: [gentoo-user] Re: IPTables - Going Stateless by Nick Khamis
1 On Tue, May 21, 2013 at 12:53 PM, Nick Khamis <symack@×××××.com> wrote:
2 > Neal,
3 >
4 > As for the --sport flag for OUTPUT, should it not be left arbitrary?
5 > The SSH daemon should use unprivileged ports between 1024 and 65535.
6 > The only daemon I know thus far that does not is NTP which is
7 > hardwired to 123 both ways.
8 >
9
10 Most daemons send/receive on the same port on the server. The port
11 used by the /client/ is generally random.
12
13 An exception would be an FTP daemon, which uses port 20 for active
14 mode data connections, but a random port for passive data connections.
15 FTP is weird like that.

Replies

Subject Author
Re: [gentoo-user] Re: IPTables - Going Stateless Adam Carter <adamcarter3@×××××.com>