|
Click to See Complete Forum and Search --> : netstat addresses GorGor 12-15-2002, 11:27 AM Hullo I use Mdk9 , kde loaded using IceWM Can I assume that if netstat reports a local address and that the same program/file/process has * (asterisk) for the external addresses THAT the process can access all external addresses? bastard23 12-16-2002, 01:11 AM GorGor, I'm not sure what you mean, "netstat -lp" (which is what I'm assuming your running) is reporting what ports have servers listening to it. Are you asking if any other machines can use those servers? Basically, yes, but there may be a firewall stopping it before it gets to the server. netstat doesn't report on that. Hope that helps, chris GorGor 12-16-2002, 10:49 AM Chris Your kind reply means I have to give more info. Yes I am running firewall called guarddog. Doing a su and running netstat -leet gave me the following: Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address tcp.............0............0............ *:x11 Foreign Address State User Inode .................*:* ........LISTEN.....root.....3007 What I am interested in is the foreign address asterisk asterisk any clues would be appreciated, but I gather the firewall may also be an issue. bastard23 12-16-2002, 02:08 PM GorGor, I don't believe that the foreign address means anything for a listening TCP socket. Perhaps is does for other protocols (i.e. not TCP/IP). It basically is a place holder for when a TCP socket becomes established. Try a 'netstat -a' to see all the sockets, and probably why it is used when formatting the output that way. As to you specific example, your X server is listening for tcp connections, which would allow you to run programs on a remote machine and display them locally. Your firewall probably is blocking this, but you should check for port 6000 through 6007 (according to my /etc/services). The commands to control who has access to X are xhost (host based authentication) and xauth. Neither are extremely trusted. Locally to my network I use xhost, and across the internet, I use SSH X11 forwarding. If you only use SSH X11 forwarding or don't ever run remote X programs, add the argument "-nolisten tcp" to your X server command line. Hope that helps, chris GorGor 12-17-2002, 05:25 AM Chris I have run some firewall tests at www.auditmypc.com & www.pcflank.com and they are not detecting any open ports, for others reading this you can also specify a range so I won't pursue this any further. Thanks again justlinux.com
Copyright Internet.com Inc. All Rights Reserved. |
|