Security Incidents mailing list archives
Re: Is it possible to derease gradually the number of Client port (add up time table) ?
From: Valdis.Kletnieks () vt edu
Date: Wed, 10 Mar 2004 23:07:38 -0500
On Wed, 10 Mar 2004 13:03:14 PST, David LeBlanc said:
This isn't quite correct. An application can make a number of outbound connections from the same port if that app uses SO_REUSEADDR when it creates and binds the socket.
Note that the 4-tuple (src IP/port, dest IP/port) must be unique. As a result, since the 2 IPs are nailed down, and the one port number is usually nailed down as well (for instance, 25 for mail or 80 for http), that means that the other port (usually called "ephemeral") needs to be changed. Otherwise, you can't open 2 connections to the destination from the same machine at once (which can happen with many protocols). There is no requirement that the number increment - in fact, several operating systems provide randomization of the next ephemeral port number to use in order to hinder attacks that require prediction of the next port number to be allocated...
Attachment:
_bin
Description:
Current thread:
- RE: Is it possible to derease gradually the number of Client port (add up time table) ? David LeBlanc (Mar 10)
- RE: Is it possible to derease gradually the number of Client port (add up time table) ? Rob Shein (Mar 10)
- Re: Is it possible to derease gradually the number of Client port (add up time table) ? Valdis . Kletnieks (Mar 11)