[Courses] [Security] netstat disection

[Hamster]

Hello fellow security debutants :))

I have a couple of questions about the netstat (nearly wrote netscape then) output thats being discussed.

> > tcp        0      0 *:http                  *:* LISTEN      1052/httpd          

Why is httpd listening on port 1052? I thought httpd was on port 80?
Or is it a case of this particular user set the daemon up to not listen on 80 but rather on 1052? In that case, how do requesting browsers know to go to port 1052?

> (Note that if you only want to send mail from your box, and don't need to recieve mail directly to it, you can set sendmail to only listen locally.)

Cool. How ? ;-) Or is that one of those nasty sendmail.cf questions?

AND... This next question comes down to understanding mail a bit better as well.
I am using a mail client call Sylpheed. Does it (or KMail, or mail clients in general) use sendmail to send mail? Or is the sending process built into the mail client?
I keep sendmail on my system because I understand (and correct me if I am wrong) but daemons like cron and syslog use sendmail to forward messages to the root mailbox. 
Am I right in assuming that if this is the only use for sendmail, then you really only need it to be listening locally??

And as a funny aside, the game Doom in network mode also uses port 666 :)

And thanks Raven!

Hamster (uh oh... hope I dont get eaten ;-)