ubuntu-devel Digest, Vol 23, Issue 16
Nathan Sutton
nathan.sutton at gmail.com
Tue Jul 4 22:48:31 BST 2006
> On 7/4/06, Scott James Remnant <scott at ubuntu.com> wrote:
> > > There should be no exception: there should be no open ports by default.
> > >
> > This isn't actually entirely true; we currently have two open ports by
> > default:
> >
> > If you're on a network with DHCP, the DHCP client listens on UDP port 68
> > to receive responses from the DHCP server.
> >
> > And every time you make a DNS query, a UDP port is opened to receive the
> > response from the DNS server.
>
> Both of these are examples of getting replies to queries sent out by the
> system, so they don't count, really.
> - Dan
Ahh, but UDP doesn't maintain state, except at higher levels in the
OSI model. This can be exploited for ARP poisoning attacks and DoS,
so these examples do count.
Nate
More information about the ubuntu-devel
mailing list