On Thu, 2020-02-20 at 21:34 -0800, Samuel Sieb wrote:
Any critical system daemons are 1024 and below. The reason the high
ports are left open is for user applications to be able to
communicate without users having to figure out the firewall.
Beyond the usual (HTTP, mail, DNS servers, etc), what is the average
non-admin user going to set up that listens as a server? Admin-users
setting up those traditional services ought to know how to manage
firewalls, or they ought not to mess around with those services.
Thanks to the forever moving target closed-source things like ICQ, MSN,
Yahoo messenger (some of which have gone by the way of the dodo), there
isn't much in the way of Linux-based clients for those kind of things
that need to have listening ports.
I can only think of something like bitorrent, which doesn't seem to
need you to poke holes in your firewall.
--
uname -rsvp
Linux 3.10.0-1062.12.1.el7.x86_64 #1 SMP Tue Feb 4 23:02:59 UTC 2020 x86_64
Boilerplate: All unexpected mail to my mailbox is automatically deleted.
I will only get to see the messages that are posted to the mailing list.