Compare commits

...

2 Commits

Author SHA1 Message Date
3682e3706a
n: add annoying ports 2024-07-23 18:27:24 +03:00
b795df4c3a
specify python version [for pre-commit] 2024-07-23 18:09:00 +03:00
3 changed files with 43 additions and 2 deletions

View File

@ -14,8 +14,9 @@ ci:
# Consistency with other tools # Consistency with other tools
default_language_version: default_language_version:
node: lts node: "lts"
ruby: .ruby-version python: "3.12"
ruby: ".ruby-version"
repos: repos:
- repo: https://github.com/pre-commit/pre-commit-hooks - repo: https://github.com/pre-commit/pre-commit-hooks

1
.python-version Normal file
View File

@ -0,0 +1 @@
3.12.4

39
n/annoying-ports.md Normal file
View File

@ -0,0 +1,39 @@
---
title: Commonly open port ranges
excerpt:
Some applications such as MOSH or KDE Connect are just so practical, but they
open so many ports in firewall and who is to guarantee lazy sysadmin won't
abuse those for something else without even thinking about backdoors?
layout: mini
permalink: /n/annoying-ports.html
sitemap: true
lang: en
---
# {{ page.title }}
_{{ page.excerpt }}_
The following list is based on my other notes and `/usr/lib/firewalld/services/`
- mosh: UDP ports `60000-61000`
- KDE Connect: TCP & UDP ports `1714-1764`
## Services doing it right?
```xml
<?xml version="1.0" encoding="utf-8" ?>
<service>
<short>Multicast DNS (mDNS)</short>
<description>mDNS provides the ability to use DNS programming interfaces, packet formats and operating semantics in a small network without a conventional DNS server. If you plan to use Avahi, do not disable this option.</description>
<port
protocol="udp"
port="5353" />
<destination
ipv4="224.0.0.251"
ipv6="ff02::fb" />
</service>
```
Note the destinations! Maybe I should copy that for some of my services like
NTP.