Elias Carter <edcar...@ualberta.ca> wrote: > I have found that preserving the source port if possible works better > out of the box when hosting publicly accessable UDP applications > within a private network.
Preserving the source port also works better for attacking services... I don't see anything strange in what we did. We have always taken the approach of damaging potential attack surface by introducing random, when the deterministic situation is already unstable for regular use.
