Re: NFS, password transparency, and security
On Tue, Apr 09, 2002 at 04:02:34PM -0500, Rob VanFleet wrote:
> On Tue, Apr 09, 2002 at 07:23:28AM -0700, Luca Filipozzi wrote:
> >
> > You run those service locally on each machine only. You don't make them
> > available to other hosts.
>
> Sorry if I'm being completely dense here, but aren't the ports still
> open, even if they are only serving localhost?
The point is that it's made accessible only from localhost. Whether this is
by using a firewall to block connections from anyone else, using tcpwrappers
or that it only binds to the lo interface.
If someone has an exploit, rather than being able to exploit it remotely,
they have to be running the exploit from the local machine.
Gareth
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to:
- References:
- NFS, password transparency, and security
- From: Rob VanFleet <rvf@linux.wku.edu>
- Re: NFS, password transparency, and security
- From: Alan Shutko <ats@acm.org>
- Re: NFS, password transparency, and security
- From: Wichert Akkerman <wichert@wiggy.net>
- Re: NFS, password transparency, and security
- From: Rob VanFleet <rvf@linux.wku.edu>
- Re: NFS, password transparency, and security
- From: Luca Filipozzi <lfilipoz@debian.org>
- Re: NFS, password transparency, and security
- From: Rob VanFleet <rvf@linux.wku.edu>