From owner-freebsd-questions Tue Nov 2 7:58:25 1999 Delivered-To: freebsd-questions@freebsd.org Received: from copland.udel.edu (copland.udel.edu [128.175.13.92]) by hub.freebsd.org (Postfix) with ESMTP id A392115053 for ; Tue, 2 Nov 1999 07:58:18 -0800 (PST) (envelope-from papalia@UDel.Edu) Received: from morgaine (host75-157.student.udel.edu [128.175.75.157]) by copland.udel.edu (8.9.3/8.9.3) with SMTP id KAA22303 for ; Tue, 2 Nov 1999 10:58:17 -0500 (EST) Message-Id: <4.1.19991102104950.009b5b90@mail.udel.edu> X-Sender: papalia@mail.udel.edu X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Tue, 02 Nov 1999 10:58:13 -0500 To: freebsd-questions@freebsd.org From: John Subject: tcpd: unknown@ip Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi again all... In the past couple of days, root has been receiving emails like the following: Subject: tcpd: unknown@195.212.231.210[195.212.231.210] tried to use portmap (denied) [195.212.231.210] An nslookup on that IP gives me a box which I've never heard of, and that I'm 99% sure any of my users don't have access to. I've actually gotten four such emails, all from different IP's. I'm just not sure how to interpret that message, and how much I'm supposed to worry about it? Is simply having the following in the /etc/hosts.allow enough to keep everyone else outside of my two boxes out of my portmapper? # Portmapper is used for all RPC services; protect your NFS! # (IP addresses rather than hostnames *MUST* be used here) portmap : 127.0.0.1 localhost : allow portmap : 10.0.0.2 : allow Where 10.0.0.2 is my only other box on my internal subnet. Mind you... I'm also still learning exactly what the portmapper does, so please be patient with :) Thanks again all!!! --John Papalia To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message