sshd port number ?

John john at starfire.mn.org
Mon Jan 24 14:11:16 PST 2005


On Mon, Jan 24, 2005 at 11:16:00PM +0200, Colin Alston wrote:
> Hexren wrote:
> 
> >> How does that make sshd less secure if its on a port above                                
> >> 1024 ?  
> >If ssh ever goes down, a user could start his own compromised
> >version of ssh and do some nasty stuff. The same user could not do
> >that if the connecting side would expect sshd to be on a privileged
> >port because the system ensures that only procs running with superuser
> >privileges can bind to a privileged port.
> >  
> >
> And to note, ports <1024 are what we reffer to as "privileged ports", ie 
> - only root, or processes running as root, can open/close/mess them.

OK, but this only applies to secury and well-managed systems.
Early versions of Windows did nothing to restrict the use of ports
below 1024, and any hacker out there with a Linux or FreeBSD box
can start any service he likes to listen on a port below 1024, or
have an application run to open a connection on a port below 1024.

I'm sure the writer was aware of this - I just want to make sure
that newcomers and lurkers don't put too much confidence in the
port number of a connection.
-- 

John Lind
john at starfire.MN.ORG


More information about the freebsd-questions mailing list