Date: Mon, 18 Jun 2001 08:30:57 -0600 From: Randy Smith <randys@amigo.net> To: freebsd-isp@freebsd.org Cc: freebsd-security@freebsd.org Subject: Require IPsec for NFS Message-ID: <3B2E10A1.5000302@amigo.net>
next in thread | raw e-mail | index | archive | help
Hi all, I have a server that I want to mirror. I'm using NFS to connect the primary server to the mirror. The mirror is the NFS server and the primary server is the only IP address allowd to connect to portmap in /etc/hosts.allow. In order to prevent IP spoof attacts against NFS, I have IPsec setup between the hosts to authenticate the packets. That seems to prevent IP spoofing. I want to know if it is possible to require all NFS connections to use IPsec or will this setup a reasonable way to protect NFS? -- Randy Smith Amigo.Net Systems Administrator 1-719-589-6100 x 4185 http://www.amigo.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B2E10A1.5000302>