[lug] Firewall / Lockdown questions

brad at bradandkim.net brad at bradandkim.net
Wed Aug 1 07:34:12 MDT 2007


>
> On Jul 31, 2007, at 8:21 PM, Brad Crotchett wrote:
>
>> On Tue, 2007-07-31 at 18:52 -0600, dio2002 at indra.com wrote:
>>
>>> Is there a way to confirm using netstat on localhost that smtp /
>>> 25 is
>>> ONLY ACCEPTING on 127.0.0.1 versus accepting on 0.0.0.0?  I'm
>>> thinking
>>> there is a way to confirm this functionality on the box without
>>> having to
>>> issue a command over the network from a separate box.  just not
>>> sure how?
>>
>> 'netstat -an' should show you what local address a service is
>> listening
>> on.
>
> Yes, but listening daemons can listen for incoming from anything and
> then reject connections from specific addresses.  That's what he was
> asking was if you could see at the OS level what the application
> layer will reject.
>
> The answer is, of course, no.  When security restrictions are handled
> at the application, all the OS knows is that the daemon is listening
> for connections on a port number.  The OS doesn't know that the
> daemon will disconnect anyone coming in from a blacklisted address.
>
> --
> Nate Duehr
> nate at natetech.com
>

Good point.  I misunderstood his question.

Thanks,

Brad Crotchett
brad at bradandkim.net
http://www.bradandkim.net




More information about the LUG mailing list