Summary: netbase: portmap and spoofprotect() Q's

To: "Firewallers" <debian-firewall@lists.debian.org>
Subject: Summary: netbase: portmap and spoofprotect() Q's
From: "Paul Tod Rieger" <prie@abl.com>
Date: Fri, 26 May 2000 03:06:22 -0400
Message-id: <[🔎] 013101bfc6e0$e630e040$0404a8c0@electra.abl.com>

I wrote:

>While commenting out the portmap references in
>/etc/init.d/netbase (Slink)to close the SunRPC port,
>I noticed that the spoofprotect() rules to "deny incoming
>packets pretending to be from our own system" were
>commented out.
>
>1) why is this? [...]

Marcus <talos@algonet.se> replied, "They are commented out because they
aren't needed.  If you got a recent kernel, spoof-preventing is done in it.
Thus ipchains and ipfwadm are commented out."

>2) do any services other than RPC [services] need portmap?

Seth Vidal <skvidal@phy.duke.edu> and Michael Wood <wood@kingsley.co.za>
pretty much confirmed what I've learned:  when I kill portmap, and nothing
breaks, then I did OK.  :-)

Thanks to all for the replies!

Tod
abl.com

Reply to:

Prev by Date: Re: Howto find out why a connection is opened....
Next by Date: Re: Howto find out why a connection is opened....
Previous by thread: Re: Howto find out why a connection is opened....
Next by thread: Basic info on ports/services
Index(es):
- Date
- Thread