[30375] in Kerberos
Re: ip addresses
daemon@ATHENA.MIT.EDU (Luke Scharf)
Mon Oct 20 14:33:02 2008
Message-ID: <48FCCE61.2060501@clusterbee.net>
Date: Mon, 20 Oct 2008 13:30:57 -0500
From: Luke Scharf <luke.scharf@clusterbee.net>
MIME-Version: 1.0
To: Ken Raeburn <raeburn@MIT.EDU>
In-Reply-To: <E638039E-0522-4DC7-B809-47C08CDD485C@mit.edu>
Cc: josh@acm-csuf.org, kerberos@MIT.EDU
Content-Type: multipart/mixed; boundary="===============0910024539=="
Errors-To: kerberos-bounces@MIT.EDU
This is a cryptographically signed message in MIME format.
--===============0910024539==
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature";
micalg=sha1; boundary="------------ms000906020705010600000402"
This is a cryptographically signed message in MIME format.
--------------ms000906020705010600000402
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Ken Raeburn wrote:
> On Oct 19, 2008, at 11:45, josh@acm-csuf.org wrote:
>
>> Is there a way on UNIX kerberos to only have the thing listen on one
>> interface or IP address. intead of listening on all ips with port 88.
>>
>
> Not in MIT's current implementation, no.
>
Josh,
You could use iptables (or some other host-based firewall) to drop
packets to port 88 on particular interfaces.
-Luke
--------------ms000906020705010600000402
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJVTCC
AwUwggJuoAMCAQICEGQlBkAPThJdAEyXXEzmQ+swDQYJKoZIhvcNAQEFBQAwYjELMAkGA1UE
BhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMT
I1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA4MDgyNjIwMzA0MFoX
DTA5MDgyNjIwMzA0MFowYzEPMA0GA1UEBBMGU2NoYXJmMQ4wDAYDVQQqEwVMdWNhczEVMBMG
A1UEAxMMTHVjYXMgU2NoYXJmMSkwJwYJKoZIhvcNAQkBFhpsdWtlLnNjaGFyZkBjbHVzdGVy
YmVlLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALWzRXnJI5dCLNJibPdV
4aUI4qsumDOdaa0N10sU0zGdkj8g1UzWxtM4YHAC4pIT/TANqHRHoIvqt1gaPlYpT8usAN8w
KsLakqnC1S0WnmecJwUZFYSt6L+CpApAFZyOcCpRpHZ2nWhps1jeHSuq/3t76GZgCnx2SqTh
nG0YGPQgCv8d6M4F/mTaNpZwYXQWRhfnTkYOPu+9IWG6l28G4bfmW23+AkRknwOH72zro68v
7bQ8+m59OW8Hn2NYD4beeOmcO8PBXi2/EOJZ8Uy3IjLp2tUuUKDPpVkShIiBN+cyT1bUUakY
xirhPC6NuDIFGH0QZLDbrzwki1ejM7xWYRcCAwEAAaM3MDUwJQYDVR0RBB4wHIEabHVrZS5z
Y2hhcmZAY2x1c3RlcmJlZS5uZXQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOBgQA1
+1WUTHsjn9aHhr3SurQRJ37ADfTu4tuMj2jh1Ha4OpjGJ0vkCwRul2E+t6KmwtuwPIo1pIlv
lLnil2WLaIaHY5D1C8hgKjLCWhqXp7bk4zkDXbAFhJsF9TKj7O4dQm2rzpKtYQu9ewhlJJ+C
1N0737IgNDKnhi1Vs/aSzEO/WzCCAwUwggJuoAMCAQICEGQlBkAPThJdAEyXXEzmQ+swDQYJ
KoZIhvcNAQEFBQAwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5n
IChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5n
IENBMB4XDTA4MDgyNjIwMzA0MFoXDTA5MDgyNjIwMzA0MFowYzEPMA0GA1UEBBMGU2NoYXJm
MQ4wDAYDVQQqEwVMdWNhczEVMBMGA1UEAxMMTHVjYXMgU2NoYXJmMSkwJwYJKoZIhvcNAQkB
FhpsdWtlLnNjaGFyZkBjbHVzdGVyYmVlLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBALWzRXnJI5dCLNJibPdV4aUI4qsumDOdaa0N10sU0zGdkj8g1UzWxtM4YHAC4pIT
/TANqHRHoIvqt1gaPlYpT8usAN8wKsLakqnC1S0WnmecJwUZFYSt6L+CpApAFZyOcCpRpHZ2
nWhps1jeHSuq/3t76GZgCnx2SqThnG0YGPQgCv8d6M4F/mTaNpZwYXQWRhfnTkYOPu+9IWG6
l28G4bfmW23+AkRknwOH72zro68v7bQ8+m59OW8Hn2NYD4beeOmcO8PBXi2/EOJZ8Uy3IjLp
2tUuUKDPpVkShIiBN+cyT1bUUakYxirhPC6NuDIFGH0QZLDbrzwki1ejM7xWYRcCAwEAAaM3
MDUwJQYDVR0RBB4wHIEabHVrZS5zY2hhcmZAY2x1c3RlcmJlZS5uZXQwDAYDVR0TAQH/BAIw
ADANBgkqhkiG9w0BAQUFAAOBgQA1+1WUTHsjn9aHhr3SurQRJ37ADfTu4tuMj2jh1Ha4OpjG
J0vkCwRul2E+t6KmwtuwPIo1pIlvlLnil2WLaIaHY5D1C8hgKjLCWhqXp7bk4zkDXbAFhJsF
9TKj7O4dQm2rzpKtYQu9ewhlJJ+C1N0737IgNDKnhi1Vs/aSzEO/WzCCAz8wggKooAMCAQIC
AQ0wDQYJKoZIhvcNAQEFBQAwgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENh
cGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAm
BgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0
ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1h
aWxAdGhhd3RlLmNvbTAeFw0wMzA3MTcwMDAwMDBaFw0xMzA3MTYyMzU5NTlaMGIxCzAJBgNV
BAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQD
EyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQTCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEAxKY8VXNV+065yplaHmjAdQRwnd/p/6Me7L3N9VvyGna9fww6YfK/Uc4B
1OVQCjDXAmNaLIkVcI7dyfArhVqqP3FWy688Cwfn8R+RNiQqE88r1fOCdz0Dviv+uxg+B79A
gAJk16emu59l0cUqVIUPSAR/p7bRPGEEQB5kGXJgt/sCAwEAAaOBlDCBkTASBgNVHRMBAf8E
CDAGAQH/AgEAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3
dGVQZXJzb25hbEZyZWVtYWlsQ0EuY3JsMAsGA1UdDwQEAwIBBjApBgNVHREEIjAgpB4wHDEa
MBgGA1UEAxMRUHJpdmF0ZUxhYmVsMi0xMzgwDQYJKoZIhvcNAQEFBQADgYEASIzRUIPqCy7M
DaNmrGcPf6+svsIXoUOWlJ1/TCG4+DYfqi2fNi/A9BxQIJNwPP2t4WFiw9k6GX6EsZkbAMUa
C4J0niVQlGLH2ydxVyWN3amcOY6MIE9lX5Xa9/eH1sYITq726jTlEBpbNU1341YheILcIRk1
3iSx0x1G/11fZU8xggNkMIIDYAIBATB2MGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3
dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJl
ZW1haWwgSXNzdWluZyBDQQIQZCUGQA9OEl0ATJdcTOZD6zAJBgUrDgMCGgUAoIIBwzAYBgkq
hkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wODEwMjAxODMwNTdaMCMG
CSqGSIb3DQEJBDEWBBQLNrWPwTDRWnFpCZrA+uqS6eq73TBSBgkqhkiG9w0BCQ8xRTBDMAoG
CCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggq
hkiG9w0DAgIBKDCBhQYJKwYBBAGCNxAEMXgwdjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMc
VGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFs
IEZyZWVtYWlsIElzc3VpbmcgQ0ECEGQlBkAPThJdAEyXXEzmQ+swgYcGCyqGSIb3DQEJEAIL
MXigdjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg
THRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECEGQl
BkAPThJdAEyXXEzmQ+swDQYJKoZIhvcNAQEBBQAEggEAQBJX2r3xWLtO9TqIl2ZmAoFHWTvx
+JUEO0FCUydvqBV6NwnvvSPSQ91ad7jjXErghMn3D8+dDYjm+LE0SH7MKJScf7Vg8Vfkwtmp
4tdkkdAVvPEPBdYNxH+TKUXaMLASYEHBbdyb1+IRxTcNqX0SVDPGKy6OaXYzX8sUrOlP5lNl
Tkara3TDHoeED9F5kX5WKBubWVdt7O94SXln9BQ3hGkrt/kDFR1uHR4TFUbuGr3P0D3eKVdh
3GE7zSNkcp/z3cXfTjlmto+Tjf/FhMbrfp0QaF92Pr39GRIjwbGLkM4noxIdPO/c9TSZS2+K
XTSRYk4Z09jgZbw4ru9fzMaslQAAAAAAAA==
--------------ms000906020705010600000402--
--===============0910024539==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
--===============0910024539==--
