Re: listening ports

From: Wolfgang Sourdeau <wolfgang ultim net>
To: nrvale0 pop uky edu
cc: gnome-devel-list gnome org, recipient list not shown: ;
Subject: Re: listening ports
Date: Wed, 2 Feb 2000 01:33:27 -0500 (EST)

On Tue, 1 Feb 2000 nrvale0@pop.uky.edu wrote:

> 
> >I would guess that these open ports have something to do with orbit. This 
> >uses tcpwrappers, so mess with /etc/hosts.allow and /etc/hosts.deny if you 
> >are afraid. 
> 
>   Hmm, but the 2100 ports are ephemeral(sp) and there is no guarantee
> that the GNOME applications will be listening on the same ports 
> the next time I login. So you can't add hosts.deny rules based on 
> a port number and I'm not sure how you would do so by name.
> 
> /etc/hosts.allow
> gnome-name-server:127.0.0.1
> 
> /etc/hosts.deny
> gnome-name-server:ALL
> 
>   That may work for gnome-name-server if you added the necessary
> entry in /etc/services(or maybe not) but then you would have to 
> add something for every panel app, correct?
> 

Even if it wasn't, it is still a security problem as other users using
the same UNIX box Gnome is running on could probably still affect
applications one is running.

Maybe running an ident request would solve the problem ?


Wolfgang
-- 
Les nombres imitent l'espace, qui est de nature si différente.
Pascal, Pensées

Follow-Ups:
- Re: listening ports
  - From: Geoff Reedy

References:
- listening ports
  - From: nrvale0

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]