[Dshield] Closing ports

John Sage jsage at finchhaven.com
Thu Sep 11 02:57:08 GMT 2003


On Wed, Sep 10, 2003 at 05:23:08PM -0400, Alan Frayer wrote:
> I understand that some processes, such as http, not only require their
> own port (80 in this case), but ports in a range over 1023 for, shall we
> say, housekeeping?

Realize that you only need to open port 80 if **you** are hosting a
web server.

If you are only surfing **other** web sites, you need ports > 1024
open somehow to accept replies from those web sites, yes.

But again, only if you are running a web server do you open TCP:80
for http yourself.

This is a common misunderstanding.

- John
"Warning: time of day goes back, taking countermeasures."

John Sage
InfoSec Groupie

ABCD, EFGH, IJKL, EmEnOh, Plus+, Minus-
Vashon Island, (the other) WA

More information about the list mailing list