Date: Thu, 13 Jan 2000 13:07:54 +0100 From: Brad Knowles <blk@skynet.be> To: Gawel <gawel@sim.com.pl>, "freebsd-stable@FreeBSD.ORG" <freebsd-stable@FreeBSD.ORG> Subject: Re: portmap Message-ID: <v0422080bb4a3701b5982@[195.238.1.121]> In-Reply-To: <387DB3BB.8D85E624@sim.com.pl> References: <387DB3BB.8D85E624@sim.com.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
At 12:15 PM +0100 2000/1/13, Gawel wrote: > I 've got it several times: > portmap[16116]: connect from 195.31.252.2 to dump(): request from > unauthorized host. > It is harmless but annoying. > Is there any way to prevent portman listening requests on a NIC, ip, > etc. besides using hosts.allow? My understanding is that portmap uses UDP, which TCP-Wrappers doesn't protect. You can get an improved version of portmap that makes explicit use of wraplib (I'd suggest starting with Wietse Venema's version). I'd go to <ftp://ftp.porcupine.org/>; and start from there. Or you can make use of kernel-level firewalling to prevent anyone from successfully getting packets through to a particular port on your machine, unless you want to let them through. Look at "man ipfw" for starters. -- These are my opinions -- not to be taken as official Skynet policy ____________________________________________________________________ |o| Brad Knowles, <blk@skynet.be> Belgacom Skynet NV/SA |o| |o| Systems Architect, News & FTP Admin Rue Col. Bourg, 124 |o| |o| Phone/Fax: +32-2-706.11.11/12.49 B-1140 Brussels |o| |o| http://www.skynet.be Belgium |o| \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/ Unix is like a wigwam -- no Gates, no Windows, and an Apache inside. Unix is very user-friendly. It's just picky who its friends are. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v0422080bb4a3701b5982>