Date: Sat, 9 Oct 2004 22:00:55 -0700 From: Randy Bush <randy@psg.com> To: Joe Marcus Clarke <marcus@marcuscom.com> Cc: freebsd-gnome@freebsd.org Subject: Re: Gnome2 hangs on startup Message-ID: <16744.49671.348105.73667@ran.psg.com> References: <4166D58D.6020305@ev.net> <200410091555.07963.josemi@freebsd.jazztel.es> <16743.61876.660465.143923@ran.psg.com> <200410091630.03594.josemi@freebsd.jazztel.es> <16743.63091.411390.257816@ran.psg.com> <4168269A.2070900@marcuscom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> If you firewall off TCP and UDP 111, and only allow local hosts to
> connect (maybe _just_ localhost) you should never have a problem with
> it.
well, as a security friend sez
One more thing: if you're running rpcbind, you're presumably
running some other service that talks to it. You need to block
its port(s), too.
so, what else needs blocking?
and, btw, you can't just block 111 from non-127/8. you could get
an attack toward your 127/8. you need to block 127/8 after
allowing lo0.
and that's why i hate this stuff.
randy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?16744.49671.348105.73667>