Re^2: HTTP::Daemon Security Question

Just because you use localhost as the server address, dosn't mean it won't accept connections from the internet.

I think you're wrong about that. I just did a quick check and when using localhost as server address, netstat shows

[user@rack tmp]$ sudo netstat -tnlp | grep :80
tcp        0      0 127.0.0.1:80              0.0.0.0:*               
+    LISTEN      6634/perl
[download]

which means it will only accept connections coming in on the localhost IP. Packets going to port 80 from the external IP won't reach this server.

Comment on Re^2: HTTP::Daemon Security Question Download Code

Replies are listed 'Best First'.
Re^3: HTTP::Daemon Security Question by fullermd (Vicar) on Jan 06, 2009 at 19:52 UTC
which means it will only accept connections coming in on the localhost IP. Packets going to port 80 from the external IP won't reach this server. That's true as far as it goes, but it would still be a good idea to check the remote address. It's possible, depending on your system config, to get a packet coming from the outside aimed at 127.0.0.1. And of course there's no guarantee that the system you're running on hasn't been misconfigured so that 'localhost' ends up giving you an accessible IP.	[reply]
Re^4: HTTP::Daemon Security Question by bkiahg (Pilgrim) on Jan 06, 2009 at 20:01 UTC
Good point on the localhost configuration. I probably should do a check that localhost is properly configured and pointing to the right place. Thank you.	[reply]