On Wednesday, 01/14/2009 at 07:58 EST, Rob van der Heij <rvdh...@gmail.com> wrote: > On Wed, Jan 14, 2009 at 7:15 AM, Scott Rohling <scott.rohl...@gmail.com> wrote: > > > I don't get it - why do you find it an annoyance that IBM recommends using a > > low port? I mean - I understand not having to alter TCPIP by using a port > >> 1024 -- but do you think it's a bad idea to have TCPIP reserve the port > > for PERFKIT? > > I'm sure the annoyance is in the default "protectlowports" which was > carried over from the *nix world. Analogies are not always easy. The > idea there is that sessions originating from a <1024 port can be > trusted because the process runs with root privileges. But with IP > connected workstations, this has become a pretty useless qualification > because any Windows user is sort-of root on his system.
Perhaps for connecting to workstations and PCs that's true, but when you are connecting to a VM system you can be assured that the low port is Official. Ports > 1023 can be Official or Rogue, something indeterminate as an end user. Of course, whatever port you put PerfKit on should be reserved for it in PROFILE TCPIP. Alan Altmark z/VM Development IBM Endicott
