Date: Tue, 22 May 2007 11:13:20 +0200 From: Ian FREISLICH <ianf@clue.co.za> To: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> Cc: freebsd-current@freebsd.org, Jack Vogel <jfvogel@gmail.com> Subject: Re: em0 hijacking traffic to port 623 Message-ID: <E1HqQQi-0000yl-ML@clue.co.za> In-Reply-To: Message from =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> of "Tue, 22 May 2007 10:37:09 %2B0200." <86zm3xmeyy.fsf@dwp.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
=?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= wrote: > Ian FREISLICH <ianf@clue.co.za> writes: > > No, it's a March 6 current. How safe is it to just update the > > sys/dev/em directory and recompile? Quite a lot has changed in > > CURRENT since then and I don't want to update everything on these > > servers just yet. > > Quick workaround: configure inetd to listen to port 623 so rpcbind > won't assign these ports to the NFS server. Something like this: > > asf-rmcp dgram udp nowait root /bin/false false > asf-rmcp stream tcp nowait root /bin/false false This won't help me. These hosts are routers for several large datacenters. They're blackholing all traffic with a destination port of 623 and probably 664 in hardware. I wouldn't mind so much if it just did it for it's own IP. Ian -- Ian Freislich
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1HqQQi-0000yl-ML>