RH Taroon Beta Open Ports
rhldevel at assursys.co.uk
rhldevel at assursys.co.uk
Mon Aug 25 15:50:27 UTC 2003
On Mon, 25 Aug 2003, Chris Ricker wrote:
> On Mon, 25 Aug 2003 rhldevel at assursys.co.uk wrote:
>
> > There's always a trade-off between security and ease-of-use. What proportion
> > of the installed base of Linux clients use RPC-based protocols? Not many I'd
> > wager, suggesting that the trade-off can be biased towards security, with
> > little-to-no impact on the majority of users.
>
> Most Linux client systems, in my experience, are NFS clients and therefore
> need portmap, statd, and lockd out-of-the-box.
For libraries, labs, schools and universities, that wouldn't surprise me.
Such organisations generally have good-to-excellent security awareness.
But for small-to-medium businesses (who have the least security awareness
and infrastructure) and home users (similarly), I'd categorically disagree.
If any file/print sharing is happening in these environments, it's usually
SMB based. Samba doesn't get enabled by default, so why the exception for
portmap and rpc.statd?
> later,
> chris
Best Regards,
Alex.
More information about the fedora-devel-list
mailing list