On Monday 15 September 2003 9:20 pm, Hubert Chan wrote: > > "Listen 127.0.0.1:631" will make it listen only on the loopback > interface, so it won't be accessible from the outside. So a portscan > From the outside (w/o Shorewall), will not detect the open port. >
So I *was* missing something. How silly of me to even begin to think otherwise. My thanks to you, and to Vineet Kumar who also put me right. > [...] > > Geoff> <Location/> > Geoff> Order Deny, Allow > Geoff> Deny from all > Geoff> Allow from 127.0.0.1 > Geoff> </Location> > > Geoff> Now, this is what is already set up, but netstat still shows > Geoff> cupsd as LISTENING. > > Yup. The "Allow from ..."/"Deny from ..." only limits accesses after > they try to connect, and is just another layer of security. > > BTW, remember that a portscan from your own host is not very useful. > Portscan yourself from another host. All of which is very helful and informative. I now feel much more secure. Thanks again. Geoff -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
