[Xorp-users] open ports
Emmanuel Dreyfus
manu@netbsd.org
Tue, 10 Aug 2004 14:25:42 +0000
Hi
I installed xorp-1.0 as an IPv4 PIM-SM router on NetBSD. It works fine,
apart from the bug #99 (if build with IPv6 enabled, it won't work on
an IPv6-unaware kernel, ignoring the configuration directivea that disable
IPv6s).
Now I have one last concern: it opens a lot of TCP ports:
$ netstat -na|grep LISTEN
tcp 0 0 193.54.89.1.64040 *.* LISTEN
tcp 0 0 193.54.89.1.64046 *.* LISTEN
tcp 0 0 193.54.89.1.64052 *.* LISTEN
tcp 0 0 193.54.89.1.64054 *.* LISTEN
tcp 0 0 193.54.89.1.64060 *.* LISTEN
tcp 0 0 193.54.89.1.64062 *.* LISTEN
tcp 0 0 193.54.89.1.64066 *.* LISTEN
tcp 0 0 *.12000 *.* LISTEN
tcp 0 0 193.54.89.1.64071 *.* LISTEN
tcp 0 0 193.54.89.1.64073 *.* LISTEN
tcp 0 0 193.54.89.1.64076 *.* LISTEN
tcp 0 0 193.54.89.1.64077 *.* LISTEN
tcp 0 0 193.54.89.1.64079 *.* LISTEN
tcp 0 0 127.0.0.1.19999 *.* LISTEN
I'm a bit paranoid on the security front, and I'm absolutely sure I
want no remote control of xorp. How do I close these ports? Or at least,
how do I bind them only to 127.0.0.1?
--
Emmanuel Dreyfus
manu@netbsd.org