Date: Sun, 21 Feb 1999 00:56:15 -0800 From: "Jan B. Koum " <jkb@best.com> To: sthaug@nethelp.no Cc: grog@lemis.com, hackers@FreeBSD.ORG, FreeBSD-isp@FreeBSD.ORG Subject: Re: New breakin technique? Message-ID: <19990221005615.A559@best.com> In-Reply-To: <21255.919585588@verdi.nethelp.no>; from sthaug@nethelp.no on Sun, Feb 21, 1999 at 09:26:28AM %2B0100 References: <19990220221453.B15747@best.com> <21255.919585588@verdi.nethelp.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Feb 21, 1999 at 09:26:28AM +0100, sthaug@nethelp.no wrote: > > This should go to -security@ but anyway - they think that > > freebie is a solaris box. There is remote exploit for rpc.statd > > for solaris. See: > > http://www.geek-girl.com/bugtraq/1997_4/0378.html > > But please don't run rpc.statd if you don't need it in any > > case? Thanks, :) > > So why are rpc.statd and portmap started by default in FreeBSD? AFAIK only portmap is started. Not rpc.statd - but I do agree with you that portmap should not be started by default. Jordan - your call? > > (I've been turning them off since I started using FreeBSD. Now, with the > /etc/defaults/rc.conf mechanism, it's real easy to keep my local mods :-) > Same here... I kill portmap, inetd and start syslogd with -s among other things. -- Yan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990221005615.A559>