Re: tcpwrapped rpcbind/portmap?
From: Reg Quinton (reggers@ist.uwaterloo.ca)Date: 08/21/01
- Previous message: Vladimir Ivanov: "Re: tcpwrapped rpcbind/portmap?"
- In reply to: Trevor Fiatal: "Re: tcpwrapped rpcbind/portmap?"
- Next in thread: Doug Hughes: "Re: tcpwrapped rpcbind/portmap?"
- Next in thread: Vladimir Ivanov: "Re: tcpwrapped rpcbind/portmap?"
- Reply: Doug Hughes: "Re: tcpwrapped rpcbind/portmap?"
- Reply: Trevor Fiatal: "Re: tcpwrapped rpcbind/portmap?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <02fd01c12a46$36b56760$9d6c6181@uwaterloo.ca> From: "Reg Quinton" <reggers@ist.uwaterloo.ca> To: <focus-sun@securityfocus.com> Subject: Re: tcpwrapped rpcbind/portmap? Date: Tue, 21 Aug 2001 09:35:59 -0400
> Absolutely. The lack of ACL enforcement within the stock Solaris
> rpcbind make its use problematic in a security-sensitive environment.
I'd guess you're better off to have the filtering done at a lower level
in the IP stack and not require that each service implement it's own
filtering.
Are there no tools for Solaris to do that -- filter at a lower level in
the IP stack. Would SunScreen Lite do it?
The Seattle folks offer tools for their systems, surely we have something
for Solaris.
- Previous message: Vladimir Ivanov: "Re: tcpwrapped rpcbind/portmap?"
- In reply to: Trevor Fiatal: "Re: tcpwrapped rpcbind/portmap?"
- Next in thread: Doug Hughes: "Re: tcpwrapped rpcbind/portmap?"
- Next in thread: Vladimir Ivanov: "Re: tcpwrapped rpcbind/portmap?"
- Reply: Doug Hughes: "Re: tcpwrapped rpcbind/portmap?"
- Reply: Trevor Fiatal: "Re: tcpwrapped rpcbind/portmap?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
