> >Your average BSD rlogind will check the port the connection comes from, so >I assume they all do when they come from your trusty vendor, to make sure >it is within the range 512 to 1024, or more precisely, the upper half of >whatever it believes is the range for priviledged ports to be (there's a >kernel variable on Solaris2 for this...I'm curious about what happens when >this becomes 0 :-) > >So straight away, this puts 194 out of the market. > >What if it were 594 ? > And then there's the case of tcp/ip implementations that come with no such meaning. i.e I can bind any port I want on those. IBM's tcp/ip for VM does this, most pc's do this, etc. The problem with VM's is that unlike the pc generally, it comes with a complete bsdish networking library. So, it's relatively easy to spoof sockets from these then. i.e don't put mainframe's in your .rhosts :-) (I have seen people do this). James