[lug] Netstat (newbie)
Michael Deck
deckm at cleansoft.com
Tue Aug 1 19:44:12 MDT 2000
At 05:55 PM 8/1/00 -0700, Jeffrey B. Siegal wrote:
>Michael Deck wrote:
> > Every once in a while, following these flame-wars teaches me something. I went right in and did a netstat -an and there is a listener whose IP address I don't recognize. What does this mean? There are several relevant entries:
>
>I'm not sure about the IP addresses, but from the ports I'm almost
>certain you are running a samba server.
It is a file server located behind a firewall. I was interested in whether anyone might be poking through my firewall.
>Whether or not this is what you
>want is up to you. (Of course, if we're talking about a firewall, you
>almost certainly *don't* want it.)
Why is that? Apart from the general guidance that you don't want anything running on the firewall machine besides the firewall. I make some of the drives on my firewalling box available via Samba to other machines on my internal net so that I can e.g. update web pages etc. Is your advice entirely the result of a belief that "anything can have security holes, the more stuff you have running the more security holes" or do you have specific knowledge of Samba problems?
-Mike
Michael Deck
Cleanroom Software Engineering, Inc.
More information about the LUG
mailing list