Security Incidents mailing list archives

Re: Is it possible to derease gradually the number of Client port (add up time table) ?

From: Valdis.Kletnieks () vt edu
Date: Wed, 10 Mar 2004 23:07:38 -0500

On Wed, 10 Mar 2004 13:03:14 PST, David LeBlanc said:

This isn't quite correct. An application can make a number of outbound
connections from the same port if that app uses SO_REUSEADDR when it
creates and binds the socket.


Note that the 4-tuple (src IP/port, dest IP/port) must be unique.  As a result,
since the 2 IPs are nailed down, and the one port number is usually nailed down
as well (for instance, 25 for mail or 80 for http), that means that the other
port (usually called "ephemeral") needs to be changed.  Otherwise, you can't
open 2 connections to the destination from the same machine at once (which can
happen with many protocols).

There is no requirement that the number increment - in fact, several operating
systems provide randomization of the next ephemeral port number to use in order
to hinder attacks that require prediction of the next port number to be
allocated...

Attachment: _bin
Description:

Current thread:

RE: Is it possible to derease gradually the number of Client port (add up time table) ? David LeBlanc (Mar 10)
- RE: Is it possible to derease gradually the number of Client port (add up time table) ? Rob Shein (Mar 10)
- Re: Is it possible to derease gradually the number of Client port (add up time table) ? Valdis . Kletnieks (Mar 11)