[lug] Firewall / Lockdown questions
Nate Duehr
nate at natetech.com
Wed Aug 1 00:46:45 MDT 2007
On Jul 31, 2007, at 8:21 PM, Brad Crotchett wrote:
> On Tue, 2007-07-31 at 18:52 -0600, dio2002 at indra.com wrote:
>
>> Is there a way to confirm using netstat on localhost that smtp /
>> 25 is
>> ONLY ACCEPTING on 127.0.0.1 versus accepting on 0.0.0.0? I'm
>> thinking
>> there is a way to confirm this functionality on the box without
>> having to
>> issue a command over the network from a separate box. just not
>> sure how?
>
> 'netstat -an' should show you what local address a service is
> listening
> on.
Yes, but listening daemons can listen for incoming from anything and
then reject connections from specific addresses. That's what he was
asking was if you could see at the OS level what the application
layer will reject.
The answer is, of course, no. When security restrictions are handled
at the application, all the OS knows is that the daemon is listening
for connections on a port number. The OS doesn't know that the
daemon will disconnect anyone coming in from a blacklisted address.
--
Nate Duehr
nate at natetech.com
More information about the LUG
mailing list