[lug] Firewall / Lockdown questions
brad at bradandkim.net
brad at bradandkim.net
Wed Aug 1 07:34:12 MDT 2007
>
> On Jul 31, 2007, at 8:21 PM, Brad Crotchett wrote:
>
>> On Tue, 2007-07-31 at 18:52 -0600, dio2002 at indra.com wrote:
>>
>>> Is there a way to confirm using netstat on localhost that smtp /
>>> 25 is
>>> ONLY ACCEPTING on 127.0.0.1 versus accepting on 0.0.0.0? I'm
>>> thinking
>>> there is a way to confirm this functionality on the box without
>>> having to
>>> issue a command over the network from a separate box. just not
>>> sure how?
>>
>> 'netstat -an' should show you what local address a service is
>> listening
>> on.
>
> Yes, but listening daemons can listen for incoming from anything and
> then reject connections from specific addresses. That's what he was
> asking was if you could see at the OS level what the application
> layer will reject.
>
> The answer is, of course, no. When security restrictions are handled
> at the application, all the OS knows is that the daemon is listening
> for connections on a port number. The OS doesn't know that the
> daemon will disconnect anyone coming in from a blacklisted address.
>
> --
> Nate Duehr
> nate at natetech.com
>
Good point. I misunderstood his question.
Thanks,
Brad Crotchett
brad at bradandkim.net
http://www.bradandkim.net
More information about the LUG
mailing list