[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Re: Still Unable to turn off NFS
- Subject: Re: [cobalt-security] Re: Still Unable to turn off NFS
- From: Mike Vanecek <nospam99@xxxxxxxxxxxx>
- Date: Sat, 18 Nov 2000 22:16:04 -0600
- Organization: anonymous
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Mon, 13 Nov 2000 10:35:43 -0800 (PST), Rod <rodd_todd_1999@xxxxxxxxx>
wrote:
:>>Use the FW filters to turn off that port? If the
:>>>>>>>>packets cannot get to the port, the service
:>will not be doing anything.
:>NFS is a connectionless and stateless protocol
:>according to O'reilly, and NFS servers normally don't
:>use predictable port numbers.
:>When we do:
:>/usr/sbin/rpc.nfsd --version or
:>/usr/sbin/showmount --version
:>we get:
:>Universal NFS Server 2.2beta37
Same here.
:>When we do a /etc/rc.d/init.d/nfs status we get:
:>rpc.mountd is stopped
:>rpc.nfsd is stopped
Same here. If rpc.nfsd is stopped, then no nfs deamon is available to handle a
nfs request. I.e., the service is stopped. If you do a rpcinfo -p, you will
probably be told the connection is refused (since portmap is not running). NFS
is not running. I do not see it listening (netstat -a) on any ports either.
Maybe the nfsoid processes are need to capture any outgoing nfs requests that
might be made by a user?
:>By issuing the command it looks like it just stopped,
:>just like when you stop ssh and such.
Mine too,
[snip]
:>So I am not sure when NFS is started and how to stop
:>it since it still shows up doing ps aux | grep nfs.
:>Anyone have a firewall fix or remove NFS on their
:>servers?
At boot time. I would be interested in you find any more info on nfsoid.