Date: Tue, 2 May 1995 06:10:27 -0700 (PDT) From: nlawson@statler.csc.calpoly.edu (Nathan Lawson) To: bmk@dtr.com (Brant Katkansky) Cc: security@FreeBSD.org Subject: Re: Security options for NFS? Message-ID: <9505021310.AA02722@statler.CalPoly.Edu> In-Reply-To: <199505021046.DAA00960@dtr.com> from "Brant Katkansky" at May 2, 95 03:46:49 am
next in thread | previous in thread | raw e-mail | index | archive | help
> I'm looking to secure NFS and other services not covered by tcpd - > what's the conventional wisdom for FreeBSD 2.0? Good question. I recommend compiling with the "IPFIREWALL" and "IPFIREWALL_VERBOSE" options. Then you can deny packets to those services with the ipfw(8) utility. Also, if you don't have the full ability to firewall, then you can use the SecureLib library. It compiles with very minor tweaking. I am considering sending it in to the ports people or whoever if anyone wants it. For NFS, block tcp and udp ports 111, and udp port 2049. Good luck, -- Nathan Lawson \ Never let your schooling interfere with your education. CSL 490/News Admin \ (805)756-7180 @Work \ "The steady state of disks is full." -- Ken Thompson ---------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9505021310.AA02722>