[Gllug] sorts of ports
Bruce Richardson
itbruce at uklinux.net
Tue Sep 4 12:24:13 UTC 2001
>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<
On 9/4/01, 1:06:56 PM, David Damerell <damerell at chiark.greenend.org.uk>
wrote regarding RE: [Gllug] sorts of ports:
> On Tuesday, 4 Sep 2001, Bruce at mailer.cafod, Richardson at mailer.cafod
wrote:
> >The system of known ports, where standard services use specific ports,
is
> >a hack from the early days of the net. Many alternatives have been
> >suggested, often involving extensions to DNS (your cue, Alex). Inertia
> >has kept the status quo. Any solution will have to be robust and
> >backwards-compatible.
> What about the portmapper? (And any Sun admin can tell you what a
> horror that is.)
Different thing entirely. The portmapper assigns ports dynamically,
we're talking about labelling static ports. It's perfectly possible to
design a system which simply advertises the ports without permitting any
rpc calls. The fact that the portmapper is badly implemented says
nothing about the viability of, for example, a DNS solution.
> >Building firewalls could be much easier under such a solution, for one
> >thing.
> I doubt it; a machine can still offer something and claim it's
> something else.
True, but then that can happen under the current scheme. As things
stand, there is no way to evaluate services running on non-standard
ports. The suggested solutions at least offer you a context. You then
have to decide how much you trust it.
--
Bruce
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list