Re: port scare

[Roberto Diaz <rdiazmartin@vivaldi.ddts.net>]

> Interesting ports on localhost (127.0.0.1):
> Port    State       Protocol  Service
> 22      open        tcp        ssh             
> 111     open        tcp        sunrpc          
> 
> I K'd out S10portmap in the /etc/rc0.d/ directory, but port 111 is still
> open. I can remove portmap from /etc/init.d/, but how big a concern is
> this port? I've got hosts.deny set to repel anything not using ssh. 

Well is a corcern since bugs can be possible.. and you need the portmap in
order to run things like postgresql.. but it is wrapped as you very well
point out.. so.. for me is not something really dangerous.. well it could
be if someone really would wanted to break your security seriously for
some reason..

> And is it all right to keep 22 open like that? Apologies for the
> rushed questions, I just want a box secure enough to allow me to
> continue to experiment without worry. I can look into better
> solutions later, like ipchains/firewalls.

If you need to access your machine from several sites and you previously
dont know from where.. you have to have open ssh at minimum.. what other
choices?  

Regards

Roberto

------------------------------------------------------------------------
Roberto Diaz <rdiazmartin@vivaldi.dtts.net>
http://vivaldi.dtts.net 
Powered by ddt dynamic DNS
Powered by GNU running on a Linux kernel.
Powered by Debian (The real wonder)

Concerto Grosso Op. 3/8 A minor
Antonio Vivaldi (so... do you need beautiful words?)
------------------------------------------------------------------------