Re: Ports 0-1023?

From: Mark Ruth (Mark.Ruthat_private)
Date: Thu Jul 04 2002 - 00:32:02 PDT

Next message: Nate Amsden: "Re: Ports 0-1023?"

Previous message: Martin Mačok: "Re: Ports 0-1023?"
Maybe in reply to: Blue Boar: "Ports 0-1023?"
Next in thread: Bruno Morisson: "Re: Ports 0-1023?"
Next in thread: Michal Zalewski: "Re: Ports 0-1023?"
Next in thread: gminick: "Re: Ports 0-1023?"
Next in thread: Nate Amsden: "Re: Ports 0-1023?"
Reply: Bruno Morisson: "Re: Ports 0-1023?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

did you ever think about the consequences if someone is able to setup a fake
sshd or
telnet daemon? Do i hear "sniffing" from uid(nobody) gained trough new
apache vuln?!
(just for example, of course). 

Attackers would find a way to kill a process local/remote and setup their
own
progs. No need to change the tradition.

>
> Is there any point in needing to be root in order to allocate the low
> ports
> on unix-like systems, anymore?  Could we get away from having to have some
> daemons even have a root stub in order to listen on a low port?  What
> would
> break, and what new holes would be created?  Could some sort of port ACL
> simply be used that says a particular UID can allocate a particular range
> of ports?
> 
> Discuss.
> 
> 							BB

-- 
Mark Ruth
Unix Systems Administrator
New York, ksh-2at_private

GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net

Next message: Nate Amsden: "Re: Ports 0-1023?"
Previous message: Martin Mačok: "Re: Ports 0-1023?"
Maybe in reply to: Blue Boar: "Ports 0-1023?"
Next in thread: Bruno Morisson: "Re: Ports 0-1023?"
Next in thread: Michal Zalewski: "Re: Ports 0-1023?"
Next in thread: gminick: "Re: Ports 0-1023?"
Next in thread: Nate Amsden: "Re: Ports 0-1023?"
Reply: Bruno Morisson: "Re: Ports 0-1023?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jul 04 2002 - 10:35:14 PDT