UNIX-based systems, including Linux, reserve network ports numbered 1023 and below for root-owned processes only. User processes must use ports with higher numbers. So, if the source port from a remote host has a source port of 536, it must have originated with a process that was at one time root. This is a UNIX standard, not an Internet one.
What problems can this scheme cause in a heterogeneous network?
|
ECS 135, Computer Security Version of April 12, 2021 at 11:58PM
|
You can also obtain a PDF version of this. |