Home page logo

basics logo Security Basics mailing list archives

RE: Open All Outbound Ports?
From: "G. Class" <method13 () u washington edu>
Date: Mon, 18 Nov 2002 11:30:30 -0800 (PST)

I never agreed with it, but one
of their reasons to open this was passive FTP.  Their reason was a lot of
the sites that were visited used Passive FTP, that randomly uses any port
above port 1024.

Why not just restrict the ip ranges to a few hundred (thousand) ports?
This is explained in the active vs passive ftp site,
http://slacksite.com/other/ftp.html under the topic ftp appendix.

Gregory Class
Univ. of Washington

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]