Restricting listening address ?
Austin Gonyou
austin at coremetrics.com
Mon Jun 3 12:44:06 EDT 2002
If you're running the KDC from inetd, you could use hosts.allow/deny.
On Mon, 2002-06-03 at 03:31, Harry Rüter wrote:
> Hi,
>
> i wannt to know, if it's possible to restrict the
> ip-adresses krb5kdc is
> listening on.
>
> I don't want him listen on my dialup connection,
> so i want to restrict the deamon just to listen on the
> internal net.
> Those adresses begin with 192.168.1.xxx
>
> As you can see here it's listening on ip-adress it can find
> on the
> server :
>
> ---- snipp ---
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 12: 213.6.54.135 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 13: 192.168.0.10 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 13: 192.168.0.10 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 14: 192.168.0.10 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 14: 192.168.0.10 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 15: 192.168.0.12 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 15: 192.168.0.12 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 16: 192.168.0.12 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 16: 192.168.0.12 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 17: 192.168.1.3 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 17: 192.168.1.3 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 18: 192.168.1.3 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 18: 192.168.1.3 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 19: 192.168.1.104 port 75
> ---- snipp ---
>
> thanks Harry
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> http://mailman.mit.edu/mailman/listinfo/kerberos
--
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-698-7250
email: austin at coremetrics.com
"One ought never to turn one's back on a threatened danger and
try to run away from it. If you do that, you will double the danger.
But if you meet it promptly and without flinching, you will
reduce the danger by half."
Sir Winston Churchill
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20020603/83f38380/attachment.bin
More information about the Kerberos
mailing list