Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 21 Feb 1999 00:56:15 -0800
From:      "Jan B. Koum " <jkb@best.com>
To:        sthaug@nethelp.no
Cc:        grog@lemis.com, hackers@FreeBSD.ORG, FreeBSD-isp@FreeBSD.ORG
Subject:   Re: New breakin technique?
Message-ID:  <19990221005615.A559@best.com>
In-Reply-To: <21255.919585588@verdi.nethelp.no>; from sthaug@nethelp.no on Sun, Feb 21, 1999 at 09:26:28AM %2B0100
References:  <19990220221453.B15747@best.com> <21255.919585588@verdi.nethelp.no>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Feb 21, 1999 at 09:26:28AM +0100, sthaug@nethelp.no wrote:
> > 	This should go to -security@ but anyway - they think that
> > 	freebie is a solaris box. There is remote exploit for rpc.statd
> > 	for solaris. See:
> > 	http://www.geek-girl.com/bugtraq/1997_4/0378.html
> > 	But please don't run rpc.statd if you don't need it in any
> > 	case? Thanks, :)
> 
> So why are rpc.statd and portmap started by default in FreeBSD?

	AFAIK only portmap is started. Not rpc.statd - but I do
	agree with you that portmap should not be started by
	default. Jordan - your call?

> 
> (I've been turning them off since I started using FreeBSD. Now, with the
> /etc/defaults/rc.conf mechanism, it's real easy to keep my local mods :-)
> 

	Same here... I kill portmap, inetd and start syslogd with -s
	among other things.

-- Yan


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990221005615.A559>