[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Still Unable to turn off NFS
- Subject: Re: [cobalt-security] Still Unable to turn off NFS
- From: Mike Vanecek <nospam99@xxxxxxxxxxxx>
- Date: Sun, 12 Nov 2000 18:45:30 -0600
- Organization: anonymous
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Sun, 12 Nov 2000 16:03:19 -0800 (PST), Rod <rodd_todd_1999@xxxxxxxxx>
wrote:
:>Hi, thanks for helping last time about turning off
:>Finger, though when we tried to disable NFS on our
:>Qube2, it won't stop. Quoting O'reilly: "One of the
:>most important features that was missing was secuirty:
:>Sun's RPC and NFS had virtually none...".
:>We did chkconfig --list and received one of the lines
:>like this:
:>nsf 0:off 1:off 2:off 3:on 4:off 5:on 6:off
:>So we did a /sbin/chkconfig --del nfs and now have:
:>nsf 0:off 1:off 2:off 3:off 4:off 5:off 6:off
:>Though when we do this :
:>ps aux | grep nfs
:>We still receive this:
:>root 6 0.0 0.0 0 0 ? SW Nov 10 0:00 (nfsiod)
:>root 7 0.0 0.0 0 0 ? SW Nov 10 0:00 (nfsiod)
:>root 8 0.0 0.0 0 0 ? SW Nov 10 0:00 (nfsiod)
:>root 9 0.0 0.0 0 0 ? SW Nov 10 0:00 (nfsiod)
:>root 4136 0.0 0.1 1384 400 ? p0 SW Nov 10 0:00
:>grep nfs
:>In /etc/inetd.conf there are not nfs entries; the only
:>place on the box for nfsd that we found is :
:>/usr/sbin/rpc.nfsd
:>So I imagine that there is still a nfs i/o daemon that
:>is running via a module or by the kernel at boot-up?
:>We only connect to one other comp locally via Samba,
:>do FTP, IMAP, SSH, & DNS so is it safe to think we can
:>disable nfs somehow without disturbing our other
:>services?
Use the FW filters to turn off that port? If the packets cannot get to the
port, the service will not be doing anything.