The defaults for Zimbra seem to be to listen everywhere all the time. ----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP ----- Original Message ----- From: "Randy Bush" <randy@psg.com> To: "Christopher Morrow" <morrowc.lists@gmail.com> Cc: "North American Network Operators' Group" <nanog@nanog.org> Sent: Thursday, March 1, 2018 4:38:05 PM Subject: Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks
this is sort of why openbsd listens only on by default, right? it's the only sane choice for 'fresh out of the box' network daemons: "Yes, it's running, yes I can healthcheck it locally to prove it's running"
amidst all the hysterical pontification, i am having trouble finding any release which has, by default, a port 11211 listener on any interface. randy