[rabbitmq-discuss] extra listening ports

Robert Raschke rtrlists at googlemail.com
Fri May 7 10:00:18 BST 2010


On Fri, May 7, 2010 at 2:20 AM, Nemanja Stefanovic <nemik at nemik.net> wrote:

> http://www.ejabberd.im/epmd
>
> Not sure about 3485. You should secure things though by blocking those at a
> firewall level using something like iptables.
>
>
> On Thu, May 6, 2010 at 4:58 PM, Nathaniel Haggard <natester at gmail.com>wrote:
>
>> tcp        0      0 0.0.0.0:3485            0.0.0.0:*
>> LISTEN      15765/beam
>> tcp        0      0 0.0.0.0:4369            0.0.0.0:*
>> LISTEN      3728/epmd
>>
>> I found these ports also bound to the public interface when I startup
>> rabbitmq-multi.  What are those ports used for and do they have to be
>> bound to the public interface?
>>
>> I'd like to keep this as secure as possible.
>>
>> -Nate
>>
>>
When Erlang Nodes start up they talk to EPMD to negotiate which port they
should use to communicate with other Erlang Nodes. My guess is that's what
3484 is. If you stop everything and restart it's probably going to get a
different port.

Plain Erlang is meant to run in a protected environment. If you are
concerned about connectivity to these ports, then there are ways of
restricting/protecting the Erlang Node comms ports (see the kernel
inet_dist_ sys.config entries http://www.erlang.org/doc/man/kernel_app.html,
and SSL for Erlang distribution
http://www.erlang.org/doc/apps/ssl/ssl_distribution.html).

Robby
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20100507/36b8b716/attachment.htm 


More information about the rabbitmq-discuss mailing list