From owner-freebsd-security Fri Jun 9 4:36:51 2000 Delivered-To: freebsd-security@freebsd.org Received: from Athena.za.net (athena.za.net [196.30.167.200]) by hub.freebsd.org (Postfix) with ESMTP id D153837B618 for ; Fri, 9 Jun 2000 04:36:20 -0700 (PDT) (envelope-from jus@security.za.net) Received: from localhost (jus@localhost) by Athena.za.net (8.9.3/8.9.3) with ESMTP id NAA12811; Fri, 9 Jun 2000 13:34:22 +0200 (SAST) (envelope-from jus@security.za.net) X-Authentication-Warning: Athena.za.net: jus owned process doing -bs Date: Fri, 9 Jun 2000 13:34:22 +0200 (SAST) From: Justin Stanford X-Sender: jus@Athena.za.net To: George.Giles@mcmail.vanderbilt.edu Cc: freebsd-security@freebsd.org Subject: Re: Firewall Problem In-Reply-To: <862568F9.003E54A8.00@MCSMTP.MC.VANDERBILT.EDU> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org You can kill the portmapper (port 111) in /etc/rc.conf by placing an override in there (find the override in /etc/defaults/rc.conf). Port 6000 is your X server - its best to firewall out 6000. -- Justin Stanford 082 7402741 jus@security.za.net www.security.za.net IT Security and Solutions On Fri, 9 Jun 2000 George.Giles@mcmail.vanderbilt.edu wrote: > > > I have enabled the simple firewall configuration on my kernel (FreeBSD 3.4). I > only allow ftp 21, and ssh 22 as incoming connections. I am using postfix > instead of sendmail, yet incoming mail connections occur. Why? > > I also use natd to allow my private network out. > > When I run a nmap I also see the sunrpc port 111, and X at 6000. > > Please advise. > > George > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message