Re: iptables and NFS

To: "debian-firewall@lists.debian.org" <debian-firewall@lists.debian.org>
Subject: Re: iptables and NFS
From: Ansgar -59cobalt- Wiechers <lists@planetcobalt.net>
Date: Tue, 13 Dec 2005 02:11:11 +0100
Message-id: <[🔎] 20051213021111.B5598@planetcobalt.net>
Mail-followup-to: "debian-firewall@lists.debian.org" <debian-firewall@lists.debian.org>
In-reply-to: <[🔎] 1134428956.10544.20.camel@stewie>; from ghe@upsa.es on Tue, Dec 13, 2005 at 12:09:16AM +0100
References: <[🔎] 1134428956.10544.20.camel@stewie>

On 2005-12-13 Ghe Rivero wrote:
>   we are going to use netfilter for our main firewall at University
> and a couples of dudes come to my mind now:
> 	
>   1.- Since we have severals machines (around 50)  and all king of
> services, which is the best way to have everything more or less order?

There is no simple answer to this question, since it depends heavily on
what services you have, who you want to be able to access them, and what
your network topology looks like. I would suggest you read a good book
on firewalling concepts (e.g. [1]) before proceeding any further.

>   2.- NFS use dinamic ports on conenctions with the clients. Howis it
> supposed to be firewaled (The same can be for some Windows isssues)

NFS is not supposed to traverse any firewall, since it does not provide
any kind of security mechanism whatsoever.

[1] http://www.oreilly.com/catalog/fire2/

Regards
Ansgar Wiechers
-- 
"Another option [for defragmentation] is to back up your important files,
erase the hard disk, then reinstall Mac OS X and your backed up files."
--http://docs.info.apple.com/article.html?artnum=25668

Reply to:

Follow-Ups:
- Re: iptables and NFS
  - From: Giacomo Mulas <gmulas@ca.astro.it>

References:
- iptables and NFS
  - From: Ghe Rivero <ghe@upsa.es>

Prev by Date: Re: iptables and NFS
Next by Date: Re: iptables and NFS
Previous by thread: Re: iptables and NFS
Next by thread: Re: iptables and NFS
Index(es):
- Date
- Thread