[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] [Raq3i] securely using rpc.statd and otherrpc services

Subject: Re: [cobalt-security] [Raq3i] securely using rpc.statd and otherrpc services
From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
Date: Sat, 4 Nov 2000 22:49:15 +0000 (GMT)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Sat, 4 Nov 2000, Theodore Jones wrote:

> Gossi,
>
> Very cool suggestions.  ipchains is not too difficult or dissruptive to a
> RaQ3i's customized setup?  Do you have to recompile the kernal or anything?

Theo,

No need to recompile the kernel or mess around with anything.  Its a case
of grabbing the source, doing ./configure; make; make install (it just
places a single binary in /sbin).  I'm thinking of making a few .pkg files
for things like ipchains, as I'm sure people might like them.

The only thing to be careful of are ipchain rules - for example, I
recently messed up a rule on owned.lab6.com, and firewalled the whole
internet out.  I had to wait over the weekend for somebody at the isp to
reboot the box :(

Nowadays I just have a crontab job to flush the rules out while I'm
testing stuff, so if I do make a similar mistake, I just have to wait for
the crontab job to kick in..

Gos.

Follow-Ups:
- Re: [cobalt-security] [Raq3i] securely using rpc.statd and otherrpcservices
  - From: Theodore Jones

References:
- Re: [cobalt-security] [Raq3i] securely using rpc.statd and otherrpc services
  - From: Theodore Jones

Prev by Date: Re: [cobalt-security] Re: interesting hack symptoms
Next by Date: Re: [cobalt-security] [Raq3i] securely using rpc.statd and otherrpc services
Previous by thread: Re: [cobalt-security] [Raq3i] securely using rpc.statd and otherrpc services
Next by thread: Re: [cobalt-security] [Raq3i] securely using rpc.statd and otherrpcservices

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index