El 10/8/25 a las 23:39, Grant Edwards escribió:
Any user with access to python or any socket interface in any programming language can put things to listen in ports above 1024 as are unprivilege ports.On 2025-08-10, Javier Martinez <[email protected]> wrote:PD: nc -l myip myultracriticalport breaks your countermeasure of using proc to avoid port use (ip_local_reserved_ports)You can not run "nc -l myip myultracriticalport" on the system in question.is part of the solution, not the solution itself. You need iptables in all cases.No, I do not. -- Grant
The only solution is to use iptables to restrict it and killing the process that tried to use it triggered by iptables log.
OpenPGP_0x57E64E0B7FC3BEDF.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
