Re: Ports are insecure?

From: Mark Murray (mark@grondar.za)
Date: 08/27/02

• Next message: Mark Murray: "Re: List administrivia, was: Re: I Finally got It 2096"
• Previous message: Mark Murray: "Re: Administrivia: Discussion - Making this list subscriber-only"
• In reply to: David Olbersen: "Ports are insecure?"
• Next in thread: Erick Mechler: "Re: Ports are insecure?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: David Olbersen <dave@slickness.org>
Date: Tue, 27 Aug 2002 20:21:54 +0100
From: Mark Murray <mark@grondar.za>

> How exactly does that work? Is this based in the idea that nearly
> anybody can contribute a port, but the core system is reviewed by a
> team?

I'm not sure where you read this, but as a general security principle,
this is true. The more you run, the more there is to go wrong and the
more there is to exploit.

In practical terms, regular audits of your machine (look at the output
of "netstat -an", "sockstat" and so on) and try to understand your own
environment.

Understand that the prime question is not "Am I being paranoid?", But
"Am I being paranoid _Enough_?"

> And, if I'm to believe this and limit my use of ports, doesn't that mean
> I'll be doing a lot of build-worlding to update specific applications?

There is no silver bullet, there is no algorithm. Swallow a paranoia-pill
and start hunting.

What you do on your own nets is your business - take charge.

M

(Any volunteers to maintain a FAQ? This is a doozy.)

-- 
o       Mark Murray
\_
O.\_    Warning: this .sig is umop ap!sdn
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: Mark Murray: "Re: List administrivia, was: Re: I Finally got It 2096"
• Previous message: Mark Murray: "Re: Administrivia: Discussion - Making this list subscriber-only"
• In reply to: David Olbersen: "Ports are insecure?"
• Next in thread: Erick Mechler: "Re: Ports are insecure?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Extended question: SSH safety ... On Sunday 14 November 2004 12:15 pm, Leonard Isham wrote: ... >> Depends on how paranoid you are. ... Every open port creates some risk. ... >> Generally speaking ssh is fairly secure but there have been exploits ... (Fedora) Re: How do I secure "remote desktop"? ... forward on my router so he can do a "remote desktop" connection ... The verndor's IP floats. ... No problem with the port forward. ... Somewhat paranoid - but - you could setup a VPN tunnel. ... (microsoft.public.windowsxp.security_admin) What to look for ? ... got an external router which only maps ... port 20,21,22,80 to my machine and all is ok:) ... But, being prudent (or paranoid:)), what are the standard tools I can ... (comp.os.linux.security) Squid Box ... Anyone got any idea why a squid box would be accepting connections ... (TCP) ... on port 63 if it was not configured to do that????? ... Paranoid in Virginia ... (comp.os.linux.security) Should I have a GCC3 port with 5.1? ... Portversion tells me that I have gcc-3.3.3_20040126 installed as a port. ... I thought that 5.1 had a version of gcc3 as part of its core system, ... (comp.unix.bsd.freebsd.misc)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint