Re: Always allow loopbacks ?

From: EA (ea@someisp.invalid)
Date: 01/21/02 

From: EA <ea@someisp.invalid>
Date: Mon, 21 Jan 2002 04:27:02 GMT

?????? I'm not sure if you are responding to my post (which you
snipped) or to the original question that started the thread (which you
quoted) but the rules I suggested would allow programs like Frontpage
to use localhost while they would block any non-legitimate connections.
However, after rereading my own post I realized that I did not explain
the rules clearly. They should be like this:

1. Rules that give permission to legitimate programs to use the local
server/proxy (localhost, specifying the port of the server).
2. A rule that blocks all programs from connecting to the specific
port of the local proxy (localhost, server port).
3. Loopback rule (specifying the specific port--usually one of the
ports is always the same).

Since rules are read from the top, legitimate requests would match one
of the rules under #1 whereas all others would be blocked by #2.
The original poster never asked about networks, routers, etc. He
has a home computer and he just wanted to know whether it is safe to
allow all connections to localhost. If he is running a local proxy, it
is not safe unless he can be 100% sure that his system will never run a
malicious program.

E,

"Dennis Heidner" <dennis@heidners-no-spam.net> typed in
news:01c1a208$ebe78020$031e82c0@bigbird:

> The loop back address can also be used by client/server programs
> running on the same machine. I.E. apps that access /localhost/
> like Frontpage, etc.
>
> EA <ea@someisp.invalid> wrote in article
><Xns919C852835BC5eid99@207.106.92.226>...
>> Karl Forsberg <YCZBHGMVZXFB@spammotel.com> typed in
>> news:MPG.16b3cf6463f9a5139896e1@news1.telia.com:
>>
>> > On a home computer running Windows, is there in any danger in
>> > having a rule allowing all loopback connections or is it better
>> > to be selective?
>>
>>
>

Relevant Pages

  • Re: C# Reflection - Nasty bug??
    ... still get the prompt although I cannot connect to the server with my client. ... > Can you telnet into localhost to the port your server is running and get ... >> "is it possible for you to indicate that all connections in your program ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Q: high-port tcp connections from localhost to localhost in HP-UX 11.31
    ... Rick Jones writes: ... localhost to localhost using high port numbers. ... connections are in state TIME_WAIT. ... I also found a server listening on UDP localhost port ...
    (comp.sys.hp.hpux)
  • Re: Tomcat connecting to MySQL - Ubuntu 8.10 Server
    ... attempts to telnet to localhost on port 3306. ... close the port immediately if you don't send a proper packet. ... case it did _open_ the port, so it's there and accepting connections. ...
    (Ubuntu)
  • Re: Can sendmail listen for SMTP on two prots at once?
    ... Just use a little netcat trick for that. ... This will accept connections to x11's port - 6000 and ... forward them to port 25 on localhost. ... will see the connection as coming from localhost. ...
    (freebsd-isp)
  • Re: Need help with bandwidth management . . .
    ... also be a good time to separate the wired from the wireless parts of ... wired connections. ... QoS lan port settings, and I cannot get anything consistent. ... switch ports and limit the bandwidth per port (the settings are ...
    (alt.internet.wireless)
Loading