Re: Can a daemon listen only on some interfaces?

To: debian-security@lists.debian.org
Subject: Re: Can a daemon listen only on some interfaces?
From: Guido Hennecke <g.hennecke@t-online.de>
Date: Sun, 9 Dec 2001 14:07:30 +0100
Message-id: <[🔎] E16D3g2-0005aI-00@debian.dyndns.org>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 00a901c18043$a86db210$aba8a8c0@parrotchat.net>
References: <[🔎] 20011208132516.A13626@marmite.its.uct.ac.za> <[🔎] E16Cmr9-0006XH-00@debian.dyndns.org> <[🔎] 00a901c18043$a86db210$aba8a8c0@parrotchat.net>

At 08.12.2001, Mark Lanett wrote:
> Postfix is configurable as to which interfaces it listens to. So are samba,
> courier-imap, apache. The only problem is that each one has its own
> completely different kind of configuration file.

Sorry, but AFAIK that is not true!

You can configure on which ip address to listen and this ip address is
bound to an interface. On linux all local ip addresses are reachable
over all local network interfaces - thats the problem. If an attacker is
able to route packets to an internal ip address over your externel
interface, he can reach an internel bound service.

Regards, Guido

Reply to:

References:
- Re: Can a daemon listen only on some interfaces?
  - From: Michael Wood <mwood@its.uct.ac.za>
- Re: Can a daemon listen only on some interfaces?
  - From: Guido Hennecke <g.hennecke@t-online.de>
- Re: Can a daemon listen only on some interfaces?
  - From: "Mark Lanett" <mlanett@parrotchat.net>

Prev by Date: Re: Can a daemon listen only on some interfaces?
Next by Date: Re: Fw: Can a daemon listen only on some interfaces?
Previous by thread: Re: Can a daemon listen only on some interfaces?
Next by thread: Re: Can a daemon listen only on some interfaces?
Index(es):
- Date
- Thread