Re: Is it possible to derease gradually the number of Client port (add up time table) ?

[Ben Timby <asp () webexc com>]

The incrementing of port numbers is done by the host OS IP stack. This 
is done when a client connection is opened without providing a local 
port number. The next available port number is used. I would imagine the 
IP stack could just as easily decrement the port number to find the next 
unused port, although I don't know of any stacks that do this. However, 
TCP client software can of course request a local port number to connect 
FROM (ala hping, netcat, etc), so a scanner or other program could do 
the same.

I would imagine that incrementing port numbers is an artifact of 
reference IP stack implementation. Someone, please let me know if my 
assumptions are incorrect!

Todd Jang wrote:

> I add up time table below logs which are blocked.
> I dimly remember. someone said the reason decreased port number may be a specific of O.S
> or application's logic operated in client.
> Is there any reason Why The port number always has to increase ? 


---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial at 
http://www.securityfocus.com/sponsor/Astaro_incidents_040301
----------------------------------------------------------------------------