network-manager main inclusion report
Ondrej Sury
ondrej at sury.org
Fri Jul 1 14:25:55 CDT 2005
On Fri, 2005-07-01 at 10:55 +1000, Jeff Waugh wrote:
> The configuration used for BIND by NetworkManager is minimal and
> secure, so it's not a huge deal.
Are you sure? On clean install (output of netstat -nlp | grep named):
tcp 0 0 192.168.1.2:53 0.0.0.0:* LISTEN 8444/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 8444/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 8444/named
tcp6 0 0 ::1:953 :::* LISTEN 8444/named
udp 0 0 0.0.0.0:32777 0.0.0.0:* 8444/named
udp 0 0 0.0.0.0:32779 0.0.0.0:* 8705/named
udp 0 0 0.0.0.0:32781 0.0.0.0:* 9399/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 9399/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 8705/named
udp 0 0 192.168.1.2:53 0.0.0.0:* 8444/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 8444/named
udp6 0 0 :::32778 :::* 8444/named
udp6 0 0 :::32780 :::* 8705/named
udp6 0 0 :::32782 :::* 9399/named
If it's secure, then why the hell it does listen on all possible ports
and possible interfaces I can think of?
It should just use udp/127.0.0.1:53 and nothing more in this kind of
setup. Well, could you please at least think of Bastien's proposal to
use nscd? :-)
Ondrej.
--
Ondrej Sury <ondrej at sury.org>
More information about the ubuntu-devel
mailing list