Ephemeral port range (patch)
silby at silby.com
Sat Mar 1 20:27:48 UTC 2008
On Sat, 1 Mar 2008, Fernando Gont wrote:
> This patch changes the default ephemeral port range from 49152-65535 to
> 1024-65535. This makes it harder for an attacker to guess the ephemeral ports
> (as the port number space is larger). Also, it makes the chances of port
> number collisions smaller.
There are a number of commonly used ports above 1000, such as nfs and x11.
I think OpenBSD uses 10000-65535, maybe that's a safer choice to go with.
More information about the freebsd-net