Commonly open port ranges

Some applications such as MOSH or KDE Connect are just so practical, but they open so many ports in firewall and who is to guarantee lazy sysadmin won’t abuse those for something else without even thinking about backdoors?

The following list is based on my other notes and /usr/lib/firewalld/services/

mosh: UDP ports 60000-61000
KDE Connect: TCP & UDP ports 1714-1764

Services doing it right?

<?xml version="1.0" encoding="utf-8" ?>
<service>
  <short>Multicast DNS (mDNS)</short>
  <description>mDNS provides the ability to use DNS programming interfaces, packet formats and operating semantics in a small network without a conventional DNS server. If you plan to use Avahi, do not disable this option.</description>
  <port
    protocol="udp"
    port="5353" />
  <destination
    ipv4="224.0.0.251"
    ipv6="ff02::fb" />
</service>

Note the destinations! Maybe I should copy that for some of my services like NTP.

Return to note index?

Dear reader, you may be missing a content blocker! 🙀 Please consider installing one to protect yourself, and your close ones, from manipulation and targeted malvertising!
Privacy Badger will take care of third-party tracking the best, but hiding this message takes a more targeted filter such as uBlock Origin (for Firefox) or uBlock Origin Lite (for everything else).
Additionally considering adblocking DNS services such as DNS4EU Protective Resolution With Ad blocking or public AdGuard DNS may be a good idea to clean up your modern internet.
Learn more about targeted advertising!
PS. I am not sorry if this cosmetic filtering targeting script doesn't detect your protection, because this message brings me too many amused messages and smiles for that (and thus this message is here to stay) 🐾