Summary: netbase: portmap and spoofprotect() Q's
- To: "Firewallers" <email@example.com>
- Subject: Summary: netbase: portmap and spoofprotect() Q's
- From: "Paul Tod Rieger" <firstname.lastname@example.org>
- Date: Fri, 26 May 2000 03:06:22 -0400
- Message-id: <email@example.com>
>While commenting out the portmap references in
>/etc/init.d/netbase (Slink)to close the SunRPC port,
>I noticed that the spoofprotect() rules to "deny incoming
>packets pretending to be from our own system" were
>1) why is this? [...]
Marcus <firstname.lastname@example.org> replied, "They are commented out because they
aren't needed. If you got a recent kernel, spoof-preventing is done in it.
Thus ipchains and ipfwadm are commented out."
>2) do any services other than RPC [services] need portmap?
Seth Vidal <email@example.com> and Michael Wood <firstname.lastname@example.org>
pretty much confirmed what I've learned: when I kill portmap, and nothing
breaks, then I did OK. :-)
Thanks to all for the replies!