[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] [Raq3i] securely using rpc.statd and otherrpcservices
- Subject: Re: [cobalt-security] [Raq3i] securely using rpc.statd and otherrpcservices
- From: Theodore Jones <theoj@xxxxxxxxxxxxx>
- Date: Sat, 04 Nov 2000 16:03:37 -0800
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Gossi,
Nice, you >are< a slick puppy!... That's a cool idea with the crontab flush.
~ T
Gossi The Dog wrote:
> On Sat, 4 Nov 2000, Theodore Jones wrote:
>
> > Gossi,
> >
> > Very cool suggestions. ipchains is not too difficult or dissruptive to a
> > RaQ3i's customized setup? Do you have to recompile the kernal or anything?
>
> Theo,
>
> No need to recompile the kernel or mess around with anything. Its a case
> of grabbing the source, doing ./configure; make; make install (it just
> places a single binary in /sbin). I'm thinking of making a few .pkg files
> for things like ipchains, as I'm sure people might like them.
>
> The only thing to be careful of are ipchain rules - for example, I
> recently messed up a rule on owned.lab6.com, and firewalled the whole
> internet out. I had to wait over the weekend for somebody at the isp to
> reboot the box :(
>
> Nowadays I just have a crontab job to flush the rules out while I'm
> testing stuff, so if I do make a similar mistake, I just have to wait for
> the crontab job to kick in..
>
> Gos.