[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ipchains firewall rules

On 20/1/2000 dyer wrote:

Are the deny's perhaps UDP packets?

no, they are tcp, I have not yet tried to do anything about udp packets.

looking closer at the way portmapper seems to do things, it appears to me that any rpc service that is registered is given a random port, not necessarly privileged. that would make firewalling off statd lockd et al very difficult.

is there any way to mount an nfs share without opening up all these holes? how much of a risk do they pose? (given they run as root, im less then thrilled with them being open)


Reply to: