Firewall configuration for gnomemeeting
Joel Jaeggli
joelja at darkwing.uoregon.edu
Thu Jul 8 21:16:24 UTC 2004
On 8 Jul 2004, Colin Paul Adams wrote:
> >>>>> "Rodolfo" == Rodolfo J Paiz <rpaiz at simpaticus.com> writes:
>
> Rodolfo> At 12:41 PM 7/8/2004, Colin Paul Adams wrote:
> >> You ARE joking aren't you? That's 60,000 ports! It would take
> >> me a year to type all that lot in! Isn't there a way to limit
> >> which ports it uses?
>
> Rodolfo> Hopefully you're aware that you can type 5000:65000 in
> Rodolfo> the iptables rule and it will treat it as a range. If
> Rodolfo> not, consider it good news... you just changed a year
> Rodolfo> into 3.7 seconds.
>
> Thanks - but that still looks to be a huge security hole - according
> to lsof, it's only listening on one or two ports.
port numbers above 5000 are traditionally dynamically assigned. the
applicaion is only listening on a few well defined ports for (h.323) call
setup. When you make or recive a call aditional ports will be dynically
assigned depending on the resources the session needs.
>
--
--------------------------------------------------------------------------
Joel Jaeggli Unix Consulting joelja at darkwing.uoregon.edu
GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
More information about the fedora-list
mailing list