使用第三方为本地主机子域提供服务是否存在安全风险?
我一直在子域上关注 Ryan Bates Railscast http://railscasts.com/episodes /221-subdomains-in-rails-3 并使用 lvh.me 为 localhost 子域提供服务,如 Railscast 中详述。
今天我发布了 'lsof | grep IPv4' 查看我正在运行的进程,我注意到以下条目:
... Finder 121 nellboy 8u IPv4 0x7cade64 0t0 TCP lvh.me:58803->lvh.me:26164 (ESTABLISHED) ... Dropbox 131 nellboy 24u IPv4 0x7cb866c 0t0 TCP lvh.me:26164->lvh.me:58803 (ESTABLISHED) ... GoogleTal 26427 nellboy 27u IPv4 0xbc3666c 0t0 TCP lvh.me:64279 (LISTEN) GoogleTal 26427 nellboy 30u IPv4 0x9152270 0t0 TCP lvh.me:64279->lvh.me:64280 (ESTABLISHED) ruby 54081 nellboy 4u IPv4 0xbc36a68 0t0 TCP lvh.me:sunwebadmins (LISTEN) ... Google 57647 nellboy 24u IPv4 0x7539a68 0t0 TCP lvh.me:64280->lvh.me:64279 (ESTABLISHED)
我想知道为什么 lvh.me 与我的保管箱、我的谷歌帐户等一起列出。这是安全风险吗?我应该担心吗?
预先感谢
保罗
I've been following Ryan Bates Railscast on Subdomains http://railscasts.com/episodes/221-subdomains-in-rails-3 and using lvh.me to serve localhost subdomains as detailed in the railscast.
Today I issued 'lsof | grep IPv4' to see my running processes, and I noticed the following entries:
... Finder 121 nellboy 8u IPv4 0x7cade64 0t0 TCP lvh.me:58803->lvh.me:26164 (ESTABLISHED) ... Dropbox 131 nellboy 24u IPv4 0x7cb866c 0t0 TCP lvh.me:26164->lvh.me:58803 (ESTABLISHED) ... GoogleTal 26427 nellboy 27u IPv4 0xbc3666c 0t0 TCP lvh.me:64279 (LISTEN) GoogleTal 26427 nellboy 30u IPv4 0x9152270 0t0 TCP lvh.me:64279->lvh.me:64280 (ESTABLISHED) ruby 54081 nellboy 4u IPv4 0xbc36a68 0t0 TCP lvh.me:sunwebadmins (LISTEN) ... Google 57647 nellboy 24u IPv4 0x7539a68 0t0 TCP lvh.me:64280->lvh.me:64279 (ESTABLISHED)
I'm wondering why lvh.me is listed with my dropbox, my google account etc.etc. Is this a security risk?, should I be worried?
Thanks in advance
Paul
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
添加了如下条目:
我假设在该视频中的某个时刻,您在
/etc/hosts文件中这只是为您的本地系统添加一个新名称。
使用 lsof -n | 再次检查输出grep IPv4 或
netstat -anp,您可能会看到所有这些lvh.me:26146变成127.0.0.1:26146代码>.如果我的假设是正确的,那么您粘贴的所有连接实际上都不会离开您的本地计算机。两个侦听套接字无法接受除了在本地计算机上发起的连接之外的连接。
I assume at some point in that video, you add an entry like:
to your
/etc/hostsfile.This just adds a new name for your local system.
Check your output again with
lsof -n | grep IPv4ornetstat -anp, and you will probably see that all thoselvh.me:26146turn into127.0.0.1:26146.If my assumption is correct, none of the connections you pasted actually leave your local machine. The two listening sockets cannot accept connections except ones initiated on your local machine.