On 2014/07/16 11:02, Craig R. Skinner wrote:
> On 2014-07-15 Tue 16:04 PM |, Theo de Raadt wrote:
> > >On Tue, Jul 15, 2014 at 12:22:37PM +0100, Craig R. Skinner wrote:
> > >> 
> > >> Suggestion of add NSD, Unbound & BIND control ports to /etc/services:
> > >
> > >Makes sense to me. Anyone want to OK this?
> > >
> > >> Index: etc/services
> > >> ===================================================================
> > >> RCS file: /cvs/src/etc/services,v
> > >> retrieving revision 1.87
> > >> diff -u -p -r1.87 services
> > >> --- etc/services 12 Jul 2014 14:51:07 -0000      1.87
> > >> +++ etc/services 15 Jul 2014 11:17:31 -0000
> > >> @@ -181,6 +181,8 @@ kerberos-adm 749/tcp                         # 
> > >> Kerberos 5 kad
> > >>  kerberos-adm    749/udp                         # Kerberos 5 kadmin
> > >>  rsync           873/tcp                         # rsync server
> > >>  cddb            888/tcp         cddbp           # Audio CD Database
> > >> +named-rndc      953/tcp                         # Domain Name System 
> > >> (DNS) BIND RNDC Service
> > >> +named-rndc      953/udp                         # Domain Name System 
> > >> (DNS) BIND RNDC Service
> > >>  imaps           993/tcp                         # imap4 protocol over 
> > >> TLS/SSL
> > >>  imaps           993/udp                         # imap4 protocol over 
> > >> TLS/SSL
> > >>  pop3s           995/tcp         spop3           # pop3 protocol over 
> > >> TLS/SSL
> > 
> > That means two more reserved ports are taken out of the bucket.
> > 
> 
> Strip out the Kerberos stuff?????:

Not sure (Antoine would know better), but this may be needed for Kerberos in 
ports.

> 
> $ fgrep -i Kerberos  etc/services
> kerberos      88/udp          kerberos-sec    # Kerberos 5 UDP
> kerberos      88/tcp          kerberos-sec    # Kerberos 5 TCP
> kpasswd               464/tcp                         # Kerberos 5 password 
> changing
> kpasswd               464/udp                         # Kerberos 5 password 
> changing
> klogin                543/tcp                         # Kerberos 
> authenticated rlogin
> kshell                544/tcp         krcmd           # Kerberos remote shell
> ekshell               545/tcp                         # Kerberos encrypted 
> shell
> kerberos-adm  749/tcp                         # Kerberos 5 kadmin
> kerberos-adm  749/udp                         # Kerberos 5 kadmin
> kpop          1109/tcp                        # Pop with Kerberos
> eklogin               2105/tcp                        # Kerberos encrypted 
> rlogin
> rkinit                2108/tcp                        # Kerberos remote kinit
> kx            2111/tcp                        # X over kerberos
> kip           2112/tcp                        # IP over kerberos
> iprop         2121/tcp                        # Kerberos incremental 
> propagation
> krb524                4444/tcp                        # Kerberos 5->4
> krb524                4444/udp                        # Kerberos 5->4
> afs3-kaserver 7004/tcp                        # AFS kerberos authentication 
> server
> afs3-kaserver 7004/udp                        # AFS kerberos authentication 
> server
> kerberos-iv   750/udp         kdc             # Kerberos authentication--udp
> kerberos-iv   750/tcp         kdc             # Kerberos authentication--tcp
> kerberos_master       751/udp                         # Kerberos 4 kadmin
> kerberos_master       751/tcp                         # Kerberos 4 kadmin
> krb_prop      754/tcp         hprop           # Kerberos slave propagation
> krbupdate     760/tcp         kreg            # BSD Kerberos registration
> 

Reply via email to