On Tue, 28 Jul 2009, Iljitsch van Beijnum wrote:
On 28 jul 2009, at 18:17, Yaron Sheffer wrote:no, there is no reasonable way to establish trust between the host and the CPE router in a home environment. So the (default) protocol will likely be unauthenticated.Would it help to require a < 1024 port? On Unix-derived system you have to be root to be able to send those, so random applications wouldn't be able to do this without some serious tricking of the user.
I don't think so. Most of the Windows users using their systems as an Administrator. Administrator can do anything....
Anyway the bots are preferring some exotic port numbers or portnumber that is usually not firewalled: 80 and 443.
Best Regards, Janos Mohacsi