Home page logo

nanog logo nanog mailing list archives

Re: Private port numbers?
From: "Christopher L. Morrow" <chris () UU NET>
Date: Wed, 13 Aug 2003 22:40:30 +0000 (GMT)

On Wed, 13 Aug 2003, Crist Clark wrote:

Iljitsch van Beijnum wrote:

Be damned if you filter, be damned if you don't. Nice choice.

I think it's time that we set aside a range of port numbers for private
use. That makes all those services that have no business escaping out
in the open extremely easy to filter, while at the same time not
impacting any legitimate users.

Cool. So if you use private ports, you'll be totally protected from the
Internet nasties (and the Internet protected from your broken or malicious
traffic) in the same way RFC1918 addressing does the exact same thing now
at the network layer.

what about ports that start as 'private' and are eventually ubiquitously
used on a public network? (Sean Donelan noted that 137->139 were
originally intended to be used in private networks... and they became
'public' over time)

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]