|
Security Incidents
mailing list archives
Re: Is it possible to derease gradually the number of Client port (add up time table) ?
From: Ben Timby <asp () webexc com>
Date: Wed, 10 Mar 2004 15:33:57 -0500
The incrementing of port numbers is done by the host OS IP stack. This
is done when a client connection is opened without providing a local
port number. The next available port number is used. I would imagine the
IP stack could just as easily decrement the port number to find the next
unused port, although I don't know of any stacks that do this. However,
TCP client software can of course request a local port number to connect
FROM (ala hping, netcat, etc), so a scanner or other program could do
the same.
I would imagine that incrementing port numbers is an artifact of
reference IP stack implementation. Someone, please let me know if my
assumptions are incorrect!
Todd Jang wrote:
I add up time table below logs which are blocked.
I dimly remember. someone said the reason decreased port number may be a specific of O.S
or application's logic operated in client.
Is there any reason Why The port number always has to increase ?
---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security
Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.
Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_incidents_040301
----------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- RE: Is it possible to derease gradually the number of Client port ?, (continued)
|
Intro
