[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: suspicious netstat ouput



On Sat, Apr 21, 2001 at 02:12:46AM -0500, Adam Keys wrote:
> On 20 Apr 2001 18:26:00 -0400, Jonathan Freiermuth wrote:
> 
> > tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      0          1542       487/sendmail: accep 
> > udp        0      0 0.0.0.0:1112            0.0.0.0:*                           0          127022     16024/send-mail
> 
> I know little about sendmail, but if I was allowed to guess, I would say
> it's just an ephermal connection between
> sendmail and a client.  Following that, I would wonder why you are
> running sendmail on a firewall? :)
> 
Sendmail. Yeah, I know. I wanted to receive normal system mail from the firewall. I had root aliased to myself at my workstation. But on the external interface, port 25 is not open. The iptables rules accept connections from a relaying mail server on port 2525 on the external interface, and forward them to my mail server using the NAT tables.

I figure if no one can hit from the outside world, it would be secure enough to run.

Just to be paranoid, I figure I'll reinstall it, with Debian, and turn off both sendmail and sshd. I have it connected to my workstation via serial console, so I don't need sshd anymore. Then there should be no network stuff other than the dhcp client, which I need for access to roadrunner.

> 
> -- 
> ,-----------------------------------------------------------------------------.
> >                 Adam Keys                |                                  <
> >            akeys@mail.smu.edu            |       Adam Keys Development      <
> >               ICQ# 11772935              |             Ubercoder            <
> >       http://mk.hotweird.com/~adam       |                                  <
> ,-----------------------------------------------------------------------------.
> I wonder if I'm insecure, secure, secure about my insecurity, or secure about
> covering up my insecurity.
> `-----------------------------------------------------------------------------'
> 
> 
> --  
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 
> 

-- 
Jonathan Freiermuth
jon@gnatfart.com

Attachment: pgpTnSQkcw9iJ.pgp
Description: PGP signature


Reply to: