Mailinglist Archive: opensuse-security (343 mails)

< Previous Next >
RE: [suse-security] scans to port 111
  • From: <dog@xxxxxxxxx>
  • Date: Thu, 12 Jul 2001 22:53:53 -0500 (CDT)
  • Message-id: <Pine.LNX.4.31.0107122252280.7984-100000@xxxxxxxxxxxxx>
I would not worry about running nfs on a local lan, provided all nfs and
rpc related ports are blocked on the firewall (and dont make your
firewall and nfs server - I know people that have).

On Fri, 13 Jul 2001, Volker Kuhlmann wrote:

>> There are numerous vulnerabilities in rpc services and demons, such as
>> snmpXmid, rpc.statd and wu-ftpd, buffer overflows in various services, and so
>> on. Look at Cert's collection of the current cracker/kiddie activity on
>> http://www.cert.org/current/current_activity.html#scans . And keep your system
>> free of rpc.
>
>Let's say I have a home network of 3 computers, which share disks with
>NFS. What's the risk if all NFS-related ports are blocked on the firewall
>to the outside?
>
>There doesn't seem to be much of an alternative to NFS, or is it
>unreasonable to assume the internal net is trustworthy?
>
>Volker
>
>--
>To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
>For additional commands, e-mail: suse-security-help@xxxxxxxx
>

Chad Whitten
Network/Systems Administrator
Nexband Communications
chadwick@xxxxxxxxxxx


< Previous Next >
References