> Of course, there is a possible security hole if the port is
> associated to the IP address. If user "A" gets disconnected with
> open TCP connections, these can be stolen by user "B" dialing in
> on the same port.
No, probably not since the person would have to login with the same
user id and password as the first to get the same ip and also have the same
tcp/ip applications running with the same local ports assigned. Ie. even
though the person was connected to the well-known port on the server side,
he would also have to duplicate the random user port on the client (his)
side for the packets to be routed properly. Not impossible, but unlikely.
This same potential security hole exists even if you don't assign addresses
ala Livingston. Ie. If you knew the intended target's IP address and
there was only one IP for each port, you could redial immediately and keep
redialing until you got the right port/IP.