Hi!
It's hardcoded into KMRCL to listen on 0.0.0.0. ==> It's possible to reach your lisp server directly from outside your server.
Don't forget to close your ports!
If you're using Linux, outside interface is eth0 and *apache-port* is 3000 (default), then use the following line:
iptables -A INPUT -i eth0 -p tcp --dport 3000 -j REJECT
Regards, Stefan
Good point. I also noticed that when I first started experimenting with mod_lisp; however, I take the opposite approach to security and deny everything by default and only explicitly permit when necessary. Nonetheless, you bring up a good point, thank you for highlighting it.
On Tue, Jul 20, 2004 at 03:30:37PM +0200, Stefan Scholl wrote:
Hi!
It's hardcoded into KMRCL to listen on 0.0.0.0. ==> It's possible to reach your lisp server directly from outside your server.
Don't forget to close your ports!
If you're using Linux, outside interface is eth0 and *apache-port* is 3000 (default), then use the following line:
iptables -A INPUT -i eth0 -p tcp --dport 3000 -j REJECT
Regards, Stefan
tbnl-devel site list tbnl-devel@common-lisp.net http://common-lisp.net/mailman/listinfo/tbnl-devel