Right now we forcefully terminate any process that has a port open that we'd like to grab for local device tunnelling. For older systems this is the old method to free up a port, but newer kernel supports just killing the socket. E.g. this command will kill anything listening on port 6023:
$ sudo ss -K -a sport = :6023
This method could severely reduce the impact of ThinLinc stealing back ports.
RHEL 7's ss doesn't seem to have this, at least not right now. So it's very new systems that would be required.