CaffeineAddict
Well-Known Member
I'm not sure if you understood the article.The firewall will block access to 127.0.0.0:80/8 and any other ports used by the web server. The web server is only available at the correct address.
Basically a web server to which you connect is able to connect to which ever port a local service is listening on localhost.
This can be any port and is defined by local service, when you run
ss -tunlp
you'll see which ports are open.hardcoding ports in firewall isn't an option because you might install some software X that will open up Y ports at some point, or system upgrade might introduce new services to open up ports all of which any web site that we visit can use to attack if the service vulnerable, and firewall won't handle that unless port scanning rules are in place.
Reason port scanning rules are important is because web site cannot know which services are running locally so they need to run port scan locally.
The only other way around (without port scan) is to probe known ports, that is probe services which are known to be running on variety of distros by default.
In other words our desktop PC's are now no longer safe desktops hiding behind a hardware firewall that blocks everything, but they now act like vulnerable servers.
Sadly every desktop PC runs some local services, so this exploit is pretty serious IMO, especially since it existed since always.