> > My companies provider tells me they close the loopback device of their > > servers with an IPchain because this would be more secure. I have always > > thought closing the loopback device is a configuration error, and I can't see > > what is safe about it. Anybody care to comment? > > You mean 127.0.0.1 (or ::1)? The protocol states that the loopback address > points to the localhost. You can't exactly address loopback and cause too > much damage since it's not a remote (or public) address. > > The point of loopback is to be able to do stuff locally without having to > worry about external details.. I think. I never really did much reading > into the technicalities of loopback, but all I know is that the protocol > has it reserved for local-only stuff. > > What is safe about it? Good question. In my mind, prolly nothing.. like > sounds irrellevant.. but maybe they know something that we don't :) > > Any others out there want to add anything to this (or maybe point out > something I overlooked)? maybe they are thinking that they won't be doing anything locally on the servers that's why they closed the loopback, since some hackers may find a way to fool the server that their connection is coming from the loopback address of 127.0.0.1. am really not sure about this, but i guess that's the logic:). _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
