The UNIX system reserves network ports numbered 1023 and below for root -owned processes only. User processes must use ports with higher numbers. So, if the source port from a remote host has a source port of 536, it must have originated with a process that was at one time root . This is a UNIX standard, not an Internet one.
What problems can this scheme cause in a heterogeneous network?
ECS 153, Introduction to Computer Security Winter Quarter 2002 Email: cs153@cs.ucdavis.edu |