Date: Fri, 6 Jan 2006 10:22:43 -0500 From: Vivek Khera <vivek@khera.org> To: James Long <stable@museum.rain.com> Cc: freebsd-stable@freebsd.org Subject: Re: rpcbind lingering on IP no longer specified on command line Message-ID: <CFE93CDE-135A-4042-8A40-EB79D10C42E5@khera.org> In-Reply-To: <20060106094024.GA43299@ns.museum.rain.com> References: <20060106040839.A38DE16A46C@hub.freebsd.org> <20060106094024.GA43299@ns.museum.rain.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jan 6, 2006, at 4:40 AM, James Long wrote: >> Yeah, I noticed that little tiny "UDP requests" note in the -h docs >> too. There's no reason to bind to all tcp addresses, and it is >> causing me heartburn for getting the server certified... > > Good grief, why not just firewall off the undesired UDP ports and call > it good? I guess we could take that band-aid approach... however, how do you know what port RPC decides to listen on other than the 111 port? It is more or less random. That makes it very difficult to firewall.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CFE93CDE-135A-4042-8A40-EB79D10C42E5>