question about RIPE DB
Nguyen Huu Bach bachng at nttv6.jp
Mon Oct 30 12:26:42 CET 2006
Dear Katie Petrusha Thank you very much for your reply. We choose to modify the source to permit only to the localhost to access the config port. Here is the patch (in case someone has interest in this issue) --- ./src/modules/sv/server.c.old Mon Oct 30 20:18:53 2006 +++ ./src/modules/sv/server.c Mon Oct 30 20:19:41 2006 @@ -619,7 +619,9 @@ /* Currently binds to INADDR_ANY. Will need to get specific address */ /* SV_whois_sock = SK_getsock(SOCK_STREAM,whois_port,whois_addr); */ /* config interface socket */ - SV_config_sock = SK_getsock(SOCK_STREAM, config_port, 5, INADDR_ANY); + /* SV_config_sock = SK_getsock(SOCK_STREAM, config_port, 5, INADDR_ANY); */ + SV_config_sock = SK_getsock(SOCK_STREAM, config_port, 5, htonl(INADDR_LOOPBACK)); + /* nrt socket */ SV_mirror_sock = SK_getsock(SOCK_STREAM,mirror_port, 128, INADDR_ANY); Thank you very much. Nguyen, NTT Communications. Katie Petrusha wrote: > On Sun, Oct 29, 2006 at 01:35:57AM +0900, Nguyen Huu Bach wrote: > > Dear Nguyen, > > This port is used for the command-line interface to some of the whois > server's threads. You can see the threads that are currently running in > the server. You can use it for instance to block certain IP > addresses from retrieving information from your database, and to see > which queries are running at the moment and for how long and from which > IP. > > Try connecting: > telnet <your_hostname> 53002 > (hit enter to see list of commands) > > There is no password-protected mechanism, built in the server, > to access this port. > You can restrict it in your systems network settings, so that > only local connections (from localhost) are accepted to this port. > You might also be able, depending on your system, to restrict > connections with only certain usernames to this port. > This is not a feature supported by the whois server itself, you would > need to set it up in your system. > > Katie Petrusha > RIPE NCC > > >> Dear all, >> >> My name is Nguyen. I'm a newbee trying to deploy a RIPE database. >> I have a simple question and would be appriciate to hear from you. >> I've tried to search for the question but still could not find any answer. >> My questions: >> >> What is the purpose of the config port (default is 43002)? >> When I started the whois_server, it allways listens on this port. >> Is there any way to disable this or apply a authenticate mechanism on >> this port ? >> >> Thank you very much. >> > >
[ db-help Archives ]