[FreeNX-kNX] Listening port
Iassen Hristov
ih.ng at databrokers.net
Sun Feb 17 23:28:55 UTC 2008
I have a security related question/concern
When a session is established by a client, on the server side nxagent is
launched and it opens a listening TCP socket for each session
$ sudo netstat -natp | grep nxagent
tcp 0 0 0.0.0.0:7000 0.0.0.0:* LISTEN
19741/nxagent
tcp 0 0 0.0.0.0:7001 0.0.0.0:* LISTEN
23881/nxagent
tcp 0 0 127.0.0.1:5001 127.0.0.1:52562
ESTABLISHED23881/nxagent
tcp 0 0 127.0.0.1:5000 127.0.0.1:54723
ESTABLISHED19741/nxagent
These sockets (in this case 7000 and 7001) are bound to 0.0.0.0, thus I can
open a connection to them from a different machine on the same LAN.
The socket exists for the duration of the session (while nxagent is running)
What is the purpose of this socket? Since all communication with the client
is going trough SSH, why isn't this socket bound to 127.0.0.1, so it is not
accessible from outside?
--
Iassen Hristov
More information about the FreeNX-kNX
mailing list