NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > FreeBSD Security> 2000-10

Subject: Re: sockstat (was Re: cvs commit: src/etc inetd.conf)
From: Peter Pentchev (roamorbitel.bg)
Date: Fri Oct 06 2000 - 09:00:34 CDT

Next message: Roman Shterenzon: "Re: Stable branch"
Previous message: Jacques A. Vidrine: "Re: Stable branch"
In reply to: Drew Derbyshire: "sockstat (was Re: cvs commit: src/etc inetd.conf)"
Next in thread: Crist J . Clark: "Re: sockstat (was Re: cvs commit: src/etc inetd.conf)"
Next in thread: Dima Dorfman: "Re: cvs commit: src/etc inetd.conf"
Next in thread: Dag-Erling Smorgrav: "Re: cvs commit: src/etc inetd.conf"
Reply: Peter Pentchev: "Re: sockstat (was Re: cvs commit: src/etc inetd.conf)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Oct 06, 2000 at 09:30:43AM -0400, Drew Derbyshire wrote:
> > And to paraphrase an earlier comment by DES,
> > "Funny way to say sockstat | fgrep '*.*'" :)
>
> Urp!
>
> sockstat seems to truncate port numbers on the FOREIGN ADDRESS under 4.1
> release ...

Almost true - sockstat trims *both* local and foreign addresses to 20 chars
each. However, in the case discussed, the issue was listening ports, which
are in most cases bound to '*.portno' locally and always show '*.*' as
foreign address.

[3 minutes of source browsing]
Uhm.. correction :) sockstat trims local and foreign addresses to 20 chars
each, but netstat (which sockstat invokes), when invoked with -Aan (which
is how sockstat invokes it), trims local and foreign addresses to 18 chars
each to fit all the info on one line :( So the problem is with netstat,
or rather with sockstat's usage of -A to get the socket control block
address, to link it with fstat's output later.

G'luck,
Peter

-- .siht ekil ti gnidaer eb d'uoy ,werbeH ni erew ecnetnes siht fI

To Unsubscribe: send mail to majordomoFreeBSD.org with "unsubscribe freebsd-security" in the body of the message

Next message: Roman Shterenzon: "Re: Stable branch"
Previous message: Jacques A. Vidrine: "Re: Stable branch"
In reply to: Drew Derbyshire: "sockstat (was Re: cvs commit: src/etc inetd.conf)"
Next in thread: Crist J . Clark: "Re: sockstat (was Re: cvs commit: src/etc inetd.conf)"
Next in thread: Dima Dorfman: "Re: cvs commit: src/etc inetd.conf"
Next in thread: Dag-Erling Smorgrav: "Re: cvs commit: src/etc inetd.conf"
Reply: Peter Pentchev: "Re: sockstat (was Re: cvs commit: src/etc inetd.conf)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]