Date: Thu, 8 Mar 2001 10:35:00 -0800 From: Brooks Davis <brooks@one-eyed-alien.net> To: "oldfart@gtonet" <oldfart@gtonet.net> Cc: security@FreeBSD.ORG Subject: Re: strange messages Message-ID: <20010308103500.C13090@Odin.AC.HMC.Edu> In-Reply-To: <BIEHKEFNHFMMJEKCDMLNAEBHCGAA.oldfart@gtonet.net>; from oldfart@gtonet.net on Thu, Mar 08, 2001 at 10:28:07AM -0800 References: <20010308100755.A13090@Odin.AC.HMC.Edu> <BIEHKEFNHFMMJEKCDMLNAEBHCGAA.oldfart@gtonet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--wxDdMuZNg1r63Hyj Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Mar 08, 2001 at 10:28:07AM -0800, oldfart@gtonet wrote: > Yeah, luckily, I run FreeBSD so I don't have to reboot much and most > exploits are for Linux. }:-)> It's not bad(TM) to block all ports that you > don't need open, anyway, and since I only NFS to my local LAN blocking it > sounded right. I mainly wanted to see if that would stop the error messag= es > in question. A more permanent solution can be implemented at a later date. > Can those RPC services be FORCED to run on a certain port or is that just > superfluous because portmapper is blocked? It would make > filtering/logging/reporting/busting easier. A close firewall configuration could work if implemented correctly, but the ports RPC services bind to are the same ones your outbound TCP connections are bound to so you'll need stateful firewalling to make it work. You can force NFS to use only it's reserved port (see /etc/defaults/rc.conf), but generally you can't dictate where RPC services bind. You're best bet is to disable rpc.statd unless you are actually using it. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --wxDdMuZNg1r63Hyj Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6p9DTXY6L6fI4GtQRAsx2AJ4q/kMmZng2+3Or3y7ZELEdGsUmJACeMgk8 G9iwbpAK58ece2ELUId5UxU= =sL/7 -----END PGP SIGNATURE----- --wxDdMuZNg1r63Hyj-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010308103500.C13090>