On Wed, 13 Aug 2003, Crist Clark wrote:
Iljitsch van Beijnum wrote:
Be damned if you filter, be damned if you don't. Nice choice.
I think it's time that we set aside a range of port numbers for private use. That makes all those services that have no business escaping out in the open extremely easy to filter, while at the same time not impacting any legitimate users.
Cool. So if you use private ports, you'll be totally protected from the Internet nasties (and the Internet protected from your broken or malicious traffic) in the same way RFC1918 addressing does the exact same thing now at the network layer.
what about ports that start as 'private' and are eventually ubiquitously used on a public network? (Sean Donelan noted that 137->139 were originally intended to be used in private networks... and they became 'public' over time)