Re: Restricting listening address ?

[Austin Gonyou]

If you're running the KDC from inetd, you could use hosts.allow/deny. 


On Mon, 2002-06-03 at 03:31, Harry Rüter wrote:
> Hi,
> 
> i wannt to know, if it's possible to restrict the
> ip-adresses krb5kdc is
> listening on.
> 
> I don't want him listen on my dialup connection,
> so i want to restrict the deamon just to listen on the
> internal net.
> Those adresses begin with 192.168.1.xxx
> 
> As you can see here it's listening on ip-adress it can find
> on the
> server :
> 
> ---- snipp ---
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 12: 213.6.54.135 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 13: 192.168.0.10 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 13: 192.168.0.10 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 14: 192.168.0.10 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 14: 192.168.0.10 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 15: 192.168.0.12 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 15: 192.168.0.12 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 16: 192.168.0.12 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 16: 192.168.0.12 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 17: 192.168.1.3 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 17: 192.168.1.3 port 750
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 18: 192.168.1.3 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 18: 192.168.1.3 port 88
> Jun 03 09:53:56 486dx66 krb5kdc[1794](info): listening on fd
> 19: 192.168.1.104 port 75
> ---- snipp ---
> 
> thanks Harry
> ________________________________________________
> Kerberos mailing list           [EMAIL PROTECTED]
> http://mailman.mit.edu/mailman/listinfo/kerberos
-- 
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-698-7250
email: [EMAIL PROTECTED]

"One ought never to turn one's back on a threatened danger and 
try to run away from it. If you do that, you will double the danger. 
But if you meet it promptly and without flinching, you will 
reduce the danger by half."
Sir Winston Churchill

signature.asc
Description: This is a digitally signed message part