tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Miehs <and...@2sheds.de>
Subject Re: Restricting access to localhost for an HTTP connector - Email has different SMTP TO: and MIME TO: fields in the email addresses
Date Mon, 12 Jun 2006 13:49:09 GMT
The configuration in the connector is so that java know on which  
interface to 'BIND' to on the machine.

Do a
	netstat -anp |grep LISTEN

on your machine. This shows which interface which processes are bound  
to.

The only process (generally speaking) that can connect to 127.0.0.1  
is one that is running on the
machine itself.

/etc/hosts just stores a list of aliases for mapping names to  
addresses - this does not suddenly
allow me to connect to anything but just entering the correct details.

If your process is NOT listening to 192.168.0.2 - no-one can connect  
to it...

Andrew






On 12/06/2006, at 3:32 PM, Mark Claassen wrote:

> We do have something similar to your first example.
>
>> 127.0.0.1	localhost
>> 192.168.0.2	testmachine.domain.com	testmachine
>
> So we can probably move testmachine like you did.  But does this  
> mean that
> accesses by "testmachine.domain.com" will not comply?
>
> I was just hoping that the restriction would be based on some  
> intrinsic
> information and not just on the name that was used.
>
> Providing I don't let anyone hack into my /etc/hosts file, can this be
> spoofed?


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message