[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Listening on specific interfaces
From: |
Mark . Burgess |
Subject: |
Re: Listening on specific interfaces |
Date: |
Wed, 27 Aug 2003 19:07:25 +0200 (MEST) |
> If a service does not listen only on a specific ip, one should use
> packet filter software to prevent access to it from anything but the
> correct servers coming from the correct lans connected to the correct
> physical interfaces.
>
> This is paranoid, and it is good :)
>
> As an example, recently Postfix, and OpenSSH springs to mind as 'good'
I cannot disagree with this principle --
and now that my error in interpreting the bind address has been
corrected, I can see a reason for the inquiry.
I apologize to anyone who feels that I have been arrogant or
unreasonable. It is just my instinct to demand reason. As long as
it makes sense, I'm on board.
What a day.
M
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Work: +47 22453272 Email: Mark.Burgess@iu.hio.no
Fax : +47 22453205 WWW : http://www.iu.hio.no/~mark
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Re: Listening on specific interfaces, (continued)
RE: Listening on specific interfaces, Ferguson, Steve, 2003/08/25
RE: Listening on specific interfaces, Ferguson, Steve, 2003/08/27
RE: Listening on specific interfaces, Wheeler, John, 2003/08/27