Summary: netbase: portmap and spoofprotect() Q's
>While commenting out the portmap references in
>/etc/init.d/netbase (Slink)to close the SunRPC port,
>I noticed that the spoofprotect() rules to "deny incoming
>packets pretending to be from our own system" were
>1) why is this? [...]
Marcus <firstname.lastname@example.org> replied, "They are commented out because they
aren't needed. If you got a recent kernel, spoof-preventing is done in it.
Thus ipchains and ipfwadm are commented out."
>2) do any services other than RPC [services] need portmap?
Seth Vidal <email@example.com> and Michael Wood <firstname.lastname@example.org>
pretty much confirmed what I've learned: when I kill portmap, and nothing
breaks, then I did OK. :-)
Thanks to all for the replies!