[lug] Firewall / Lockdown questions
dio2002 at indra.com
dio2002 at indra.com
Tue Jul 31 21:14:11 MDT 2007
> On Tue, 2007-07-31 at 18:52 -0600, dio2002 at indra.com wrote:
>
>> Is there a way to confirm using netstat on localhost that smtp / 25 is
>> ONLY ACCEPTING on 127.0.0.1 versus accepting on 0.0.0.0? I'm thinking
>> there is a way to confirm this functionality on the box without having
>> to
>> issue a command over the network from a separate box. just not sure
>> how?
>
> 'netstat -an' should show you what local address a service is listening
> on.
i thought that was the case. I got confused with the Foreign Address when
i saw 0.0.0.0:* thinking that meant LISTENING on any port.
Proto Recv-Q Send-Q Local Address Foreign Address
State
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
Just to confirm, the Local Address is the port any service is LISTENING
ON. It should never change for a given service once established. Foreign
Address has nothing to do with what interface a port LISTENS on. It will
always be 0.0.0.0:* when the port is LISTENING (waiting for a client) even
on a service which always listens on localhost interface. The minute a
client connects, that value of Foreign Address will be set. That could be
127.0.0.1 or it could be any ip on the interent.
sound good?
thanks
More information about the LUG
mailing list