port blocking

To: debian-isp@lists.debian.org
Subject: port blocking
From: tech@bishop.dhs.org
Date: Sat, 5 Apr 2003 14:36:13 -0700
Message-id: <[🔎] 20030405213613.GA7705@bishop.dhs.org>

I'm trying to lock down my server, which, for historical reasons *has*
to run the various nis services.  No problem, I'll just block the ports
that ypfrx, yppasswdd, ypbind, etc bind to.  However, it seems that they
choose a different port each time.  As I don't want to switch to the
'block everything, only open needed' methodology (too much overhead to
keep all my clients working), how do I force the various nis services to
use only certain specified ports?  Looking at the man page, some of them
take a -p switch, but putting that into the /etc/init.d/nis file in the
--exec line 1) doesn't seem to work and 2) would be overwritten by the
next upgrade (iirc, the init scripts are not marked as config files).
Any ideas?

Thanks!

D.A.Bishop

Reply to:

Follow-Ups:
- Re: port blocking
  - From: Keegan Quinn <kquinn@respond2.com>

Prev by Date: Re: which dns server to use ?
Next by Date: How to handle mail for multiple (10-15) domains w/o localpart conflicts?
Previous by thread: Re: which dns server to use ?
Next by thread: Re: port blocking
Index(es):
- Date
- Thread