Why all the open ports?

From: Eric Kidd <eric kidd pobox com>
To: gnome-components-list gnome org
Subject: Why all the open ports?
Date: Sun, 9 Jul 2000 13:48:09 -0400

I'm trying to secure some Gnome workstations, but 'netstat -tlp' shows the
following programs have open server ports on every network interface:

  screenshooter 
  odometer_applet
  mini_commander 
  cpumemusage_applet
  pilot_applet   
  deskguide_applet
  gpilotd (zombie?)
  gmc            
  panel          
  gnome-name-server
  magicdev       

I assume that this has something to do with how ORBit implements IIOP. But
why can't these applications:

  1) Listen only on the loopback interface?
  2) Use Unix sockets?
  3) Use predicable port numbers, so I can firewall them?

I'm kinda hoping that the code listening on those ports has been thoroughly
and carefully audited. Open ports make me nervous. :-(

Cheers,
Eric

Follow-Ups:
- Re: Why all the open ports?
  - From: Derek Simkowiak

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]