Re: ipchains firewall rules
On 20/1/2000 dyer wrote:
Are the deny's perhaps UDP packets?
no, they are tcp, I have not yet tried to do anything about udp packets.
looking closer at the way portmapper seems to do things, it appears
to me that any rpc service that is registered is given a random port,
not necessarly privileged. that would make firewalling off statd
lockd et al very difficult.
is there any way to mount an nfs share without opening up all these
holes? how much of a risk do they pose? (given they run as root, im
less then thrilled with them being open)