[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Mldonkey-users] [Patch] Make HTTP-Realm configurable
From: |
Martin |
Subject: |
Re: [Mldonkey-users] [Patch] Make HTTP-Realm configurable |
Date: |
Tue, 17 Dec 2002 15:41:59 +0100 |
Sergio Bayarri Gausi wrote...
> > * Make the HTTP-Realm (shown when connecting to the web-interface)
> > configurable in downloads.ini. Maybe im the only one so paranoid, but
> > having my machine running 24/7 i dont want anybody scanning my
> > interface-port to know im running mldonkey.
> For security's sake, firewall your machine (iptables?) or adjust the
iptables running here for years....
> "allowed_ips" option in downloads.ini. It's quite easy to figure you're
> running mldonkey otherwise: If port 4000 is open to everybody (as your
> setup suggests) it will show a big:
> "Welcome on mldonkey command-line"
Where do you get this idea from??? Im not that crazy...and i didnt say
anything about the telnet port...!
> And even if you firewall your box, a simple scan is enough to know if
> you're running mldonkey:
> if (port 4080 open or firewalled) AND (port 4000 open or firewalled) AND
> (port 4001 open or firewalled) then you're definitely running mldonkey.
Surely not using any gui and if so i would absolutely *not* open its
port in the firewall! AND you can configure all ports...(no standard
ports in use here - never were!) so even if you see these ports open
you cant tell....
> I think that it's worse to have port 4000 open to everyone than to simply
> show we're running mldonkey in the HTTP-Realm.
ACK! (i dont have it open)
The only think i opened is the web-interface (on a changed port). So
if anybody connects to that port i dont want him to know im running
mldonkey (as will shown in http-realm otherwise - thats whats my patch
is for!)
--
Before replying see www.reedmedia.net/misc/mail/using-mailing-list.html
Linux: Because rebooting is for adding new hardware.