Re: Disabling rpcbind/portmapper

From: Gregory Hicks (ghicks_at_cadence.com)
Date: 11/05/03

  • Next message: Reg Quinton: "Re: Disabling rpcbind/portmapper"
    Date: Wed, 5 Nov 2003 10:28:42 -0800 (PST)
    To: focus-sun@securityfocus.com, vasco@all-2-it.com
    
    

    > Date: Wed, 05 Nov 2003 13:14:27 +0000
    > From: António Vasconcelos <vasco@all-2-it.com>
    >
    > Casper Dik wrote:
    >
    > > The risk of rpcbind is fairly minimal; though I supposed we should
    > >
    > >put in some work to make it e.g., "localhost only".
    > >
    >
    > I didn't know that such thing could be done, at least in Sol 8 or 9.
    > Is there any way to restrict any server only to one interface ? Maybe
    > with some kind of iptables or such ????
    >

    The only way *I've* seen this done is with a firewall blocking all
    machines except the one you WANT the traffic to go to...

    Regards,
    Gregory Hicks

    -------------------------------------------------------------------

    "The trouble with doing anything right the first time is that nobody
    appreciates how difficult it was."

    When a team of dedicated individuals makes a commitment to act as
    one... the sky's the limit.

    Just because "We've always done it that way" is not necessarily a good
    reason to continue to do so... Grace Hopper, Rear Admiral, United
    States Navy


  • Next message: Reg Quinton: "Re: Disabling rpcbind/portmapper"