[Gllug] sorts of ports

Bruce Richardson itbruce at uklinux.net
Tue Sep 4 12:24:13 UTC 2001



>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<

On 9/4/01, 1:06:56 PM, David Damerell <damerell at chiark.greenend.org.uk> 
wrote regarding RE: [Gllug] sorts of ports:


> On Tuesday, 4 Sep 2001, Bruce at mailer.cafod, Richardson at mailer.cafod 
wrote:
> >The system of known ports, where standard services use specific ports, 
is
> >a hack from the early days of the net.  Many alternatives have been
> >suggested, often involving extensions to DNS (your cue, Alex).  Inertia
> >has kept the status quo.  Any solution will have to be robust and
> >backwards-compatible.

> What about the portmapper? (And any Sun admin can tell you what a
> horror that is.)

Different thing entirely.  The portmapper assigns ports dynamically, 
we're talking about labelling static ports.  It's perfectly possible to 
design a system which simply advertises the ports without permitting any 
rpc calls.  The fact that the portmapper is badly implemented says 
nothing about the viability of, for example, a DNS solution.

> >Building firewalls could be much easier under such a solution, for one
> >thing.

> I doubt it; a machine can still offer something and claim it's
> something else.

True, but then that can happen under the current scheme.  As things 
stand, there is no way to evaluate services running on non-standard 
ports.  The suggested solutions at least offer you a context.  You then 
have to decide how much you trust it.

-- 

Bruce

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list