[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Suggestion for an altered portmap package

From: Troels Arvin <troels arvin dk>
To: fedora-devel-list redhat com
Subject: Re: Suggestion for an altered portmap package
Date: Thu, 12 Aug 2004 10:17:37 +0200

On Wed, 11 Aug 2004 17:21:49 -0700, David Kewley wrote:

> portmap uses tcp-wrappers, so you can use /etc/hosts.{allow,deny} to
> control which packets you process.  Yes, portmap still listens on all
> interfaces, but if I understand tcp-wrappers correctly, portmap won't be
> asked to process any disallowed packets.

Still, if there is a security bug in the code accepting UDP trafic on port
111, then I would still be at risk.

Almost all daemons in Fedora can be told not to listen on public
interfaces. Portmap is one of the few exceptions, and I'd like to correct
that.

-- 
Greetings from Troels Arvin, Copenhagen, Denmark

References:
- Suggestion for an altered portmap package
  - From: Troels Arvin
- Re: Suggestion for an altered portmap package
  - From: David Kewley

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]