Re: {bb} making sure http NOT running

[Philip Clark <bblist@cannae.uklinux.net>]

On Tue, 2006-03-28 at 16:46, Ryan Novosielski wrote:
> So does Big Brother. However, I'm not clear how it works for http, as
> generally you enter a URL for http. I would say that !http should be the
> correct syntax. Did you restart BB after that? Might have something to
> do with it.
> 
> Anyone know if this is supposed to work?

No, the standard "http" test is not like the simpler network tests
and cannot be negated. If, however, port 80 is also listed as "www"
in /etc/services (on the BBNET machine), you could add "www" to
BBNETSVCS in etc/bbdef-server.sh and then use "!www" as a directive
in bb-hosts. Also, if you don't want to modify /etc/services, you
can still modify BBNETSVCS and use "!www:80" as the directive.

Another thing to consider would be an external script using "nmap".
This would be especially useful for sensitive hosts where you want
to ensure that only specified ports are being used.

Cheers, Phil.



-- 
Man, n.: An animal so lost in rapturous contemplation of what he
thinks he is as to overlook what he indubitably ought to be. His
chief occupation is extermination of other animals and his own
species, which, however, multiplies with such insistent rapidity
as to infest the whole habitable earth and Canada.
(Ambrose Bierce, "The Devil's Dictionary")

--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=-=
To unsubscribe from this list, or to subscribe to the bb-digest list
send e-mail to mailto:majordomo@bb4.com with unsubscribe bb -and/or-
subscribe bb-digest in the BODY of the message.