[60539] in North American Network Operators' Group
Re: Private port numbers?
daemon@ATHENA.MIT.EDU (Christopher L. Morrow)
Wed Aug 13 18:41:21 2003
Date: Wed, 13 Aug 2003 22:40:30 +0000 (GMT)
From: "Christopher L. Morrow" <chris@UU.NET>
To: Crist Clark <crist.clark@globalstar.com>
Cc: nanog@merit.edu
In-Reply-To: <3F3A93AE.15FB17EE@globalstar.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 13 Aug 2003, Crist Clark wrote:
>
> Iljitsch van Beijnum wrote:
> >
> > Be damned if you filter, be damned if you don't. Nice choice.
> >
> > I think it's time that we set aside a range of port numbers for private
> > use. That makes all those services that have no business escaping out
> > in the open extremely easy to filter, while at the same time not
> > impacting any legitimate users.
>
> Cool. So if you use private ports, you'll be totally protected from the
> Internet nasties (and the Internet protected from your broken or malicious
> traffic) in the same way RFC1918 addressing does the exact same thing now
> at the network layer.
what about ports that start as 'private' and are eventually ubiquitously
used on a public network? (Sean Donelan noted that 137->139 were
originally intended to be used in private networks... and they became
'public' over time)
