sshd port number ?
john at starfire.mn.org
Mon Jan 24 14:11:16 PST 2005
On Mon, Jan 24, 2005 at 11:16:00PM +0200, Colin Alston wrote:
> Hexren wrote:
> >> How does that make sshd less secure if its on a port above
> >> 1024 ?
> >If ssh ever goes down, a user could start his own compromised
> >version of ssh and do some nasty stuff. The same user could not do
> >that if the connecting side would expect sshd to be on a privileged
> >port because the system ensures that only procs running with superuser
> >privileges can bind to a privileged port.
> And to note, ports <1024 are what we reffer to as "privileged ports", ie
> - only root, or processes running as root, can open/close/mess them.
OK, but this only applies to secury and well-managed systems.
Early versions of Windows did nothing to restrict the use of ports
below 1024, and any hacker out there with a Linux or FreeBSD box
can start any service he likes to listen on a port below 1024, or
have an application run to open a connection on a port below 1024.
I'm sure the writer was aware of this - I just want to make sure
that newcomers and lurkers don't put too much confidence in the
port number of a connection.
john at starfire.MN.ORG
More information about the freebsd-questions