From owner-freebsd-stable  Fri Aug  3  6:52:19 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from femail5.sdc1.sfba.home.com (femail5.sdc1.sfba.home.com [24.0.95.85])
	by hub.freebsd.org (Postfix) with ESMTP id 6186E37B405
	for <freebsd-stable@FreeBSD.ORG>; Fri,  3 Aug 2001 06:52:16 -0700 (PDT)
	(envelope-from tsikora@home.com)
Received: from home.com ([24.2.168.159]) by femail5.sdc1.sfba.home.com
          (InterMail vM.4.01.03.20 201-229-121-120-20010223) with ESMTP
          id <20010803135216.PWOR24816.femail5.sdc1.sfba.home.com@home.com>
          for <freebsd-stable@FreeBSD.ORG>; Fri, 3 Aug 2001 06:52:16 -0700
Message-ID: <3B6AAB5E.D42A8B28@home.com>
Date: Fri, 03 Aug 2001 09:47:10 -0400
From: Ted Sikora <tsikora@home.com>
X-Mailer: Mozilla 4.78 [en] (X11; U; Linux 2.4.5 i686)
X-Accept-Language: en-US, en
MIME-Version: 1.0
To: "freebsd-stable@FreeBSD.ORG" <freebsd-stable@FreeBSD.ORG>
Subject: Re: Bridge?
References: <3B69300A.3EC4C67E@home.com> <20010803113511.A49580@diabolic-cow.chatgris.net>
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

Rémi Guyomarch wrote:
> 
> On Thu, Aug 02, 2001 at 06:48:42AM -0400, Ted Sikora wrote:
> > I have stable on both cable and dsl. The following message (rpc.statd:
> > invalid hostname to sm_stat: ^X÷ÿ¿^X÷ÿ¿^)
> > has been a mainstay in stable for some time. I have 2 nic cards in the
> > machines. Do I need the 'options BRIDGE' in the kernel? I just set up a
> > firewall and that did not eliminate the messages.
> 
> Someone is trying the Linux rpc.statd remote root exploit on your
> machine. AFAIK it's harmless on your FreeBSD box.
How can I protect my Linux machines? The messages have appeared there
occasionally too.

> 
> If you have implemented a firewall, be sure to use the "default-deny"
> method (ie deny everything and only let pass the things you actually
> use). I bet you don't want to provide NFS services to everyone on the
> earth...
> 
That's what I did.
 /kernel: IP packet filtering initialized, divert enabled, rule-based
forwarding disabled, default to deny, logging limited to 100
packets/entry by default

--
Ted Sikora
tsikora@ntplx.net

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message