|
Port NNNN not secure (revisited)
2006-07-13 20:37:48
After some helpful email from Frank Smith off-list I have decided to try
a different approach to
slve my problem:
Here is an excerpt from my tape-server /etc/services file.
amanda 20080/udp #Dump server control
amandaidx 20082/tcp #Amanda indexing
amidxtape 20083/tcp #Amanda tape indexing
Note that I am not using the standard ports for amanda et al.
A tcpdump from the client end of the communication between host
'familyserv' and host 'famrad' went as follows:
<snip>
14:57:55.661773 IP familyserv.familyradio.org.ssh >
famrad.familyradio.org.44233: P 1048606257:1048606385(128) ack
4160186819 win 33304 <nop,nop,timestamp 449488411 123825292>
14:57:55.665181 IP famrad.familyradio.org.44233 >
familyserv.familyradio.org.ssh: . ack 128 win 33240 <nop,nop,timestamp
123825301 449488402>
14:58:06.382636 IP famrad.familyradio.org.34932 >
familyserv.familyradio.org.amanda: UDP, length: 119
14:58:06.423680 IP familyserv.familyradio.org.amanda >
famrad.familyradio.org.34932: UDP, length: 50
14:58:06.424676 IP familyserv.familyradio.org.amanda >
famrad.familyradio.org.34932: UDP, length: 109
14:58:06.428009 IP famrad.familyradio.org.34932 >
familyserv.familyradio.org.amanda: UDP, length: 50
Since both ends are supposedy configured for tcpportrange=512.1023 and
udpportrange=50000,50100
why do I have ports like 34932 tring to be used in the master-slave
commuinications? That port is
not open on my firewall.
I will appreciate any clues you may give me on this problem. (I don't
have any.)
Mike Allen
|
|
|
